Monthly Archives: October 2014

Developing and understanding your first Linux kernel module

first

Lets start by writing a very basic kernel module:

1. write a module which prints some strings in console (/var/log/messages)
2. Makefile which compile this module
3. load the module and see the messages
4. unload the module.

#include <linux/module.h>

/* Just a simple to understand modules and makefile */

int __init mymodule_init (void)
{
printk(KERN_INFO "Module Loaded..\n");
return 0;
}

void __exit mymodule_exit(void)
{
printk(KERN_INFO "Module Exited\n");

}

module_init(mymodule_init);
module_exit(mymodule_exit);

MODULE_AUTHOR("Soorej P");
MODULE_DESCRIPTION("Sample Module");
MODULE_LICENSE("GPLv3");

Read more

Interesting Usages in Kernel Code

Interesting usages in kernel code

 

1. #define re-usable struct, function combination using  ##<identifier>##

A set of steps can be common for different entities. Example, when a file_operation structure and related (like open, release, etc) calls, repeatedly used in multiple places in the code, we can define a macro with all the common statements with a unique ##<identifier>## as a distinguishing factor. This will help to have a clean code.

#include <linux/module.h>

#define MOD_GENERIC_FUNCTION(gen_var) \
struct generic_##gen_var##_mod { \
 int k; \
}; \
void init_##gen_var##_mod(void)\
{ \
 struct generic_##gen_var##_mod gv; \
 gv.k = 10;\
 printk ( "%d\n",gv.k);\
}

MOD_GENERIC_FUNCTION(fun1);


int test_init(void)
{
 init_fun1_mod();
 printk(KERN_INFO "Welcome!\n");
 return 0;
}

void test_exit(void)
{
 printk(KERN_INFO "bye!\n");
}

module_init(test_init);
module_exit(test_exit);

MODULE_DESCRIPTION("Test Module");
MODULE_LICENSE("GPL v2");
MODULE_AUTHOR("Soorej");

Read more

What is Shellshock vulnerability

In This Article

  • This article is about what is the security vulnerability known as shellshock.
  • How an exploit can happen

What is ShellShock vulnerability

ShellShock is a the vulnerability in bash, a most commonly used shell (command line interpreter) programmer in Linux. An exploit of this vulnerability is possible by arbitrary code execution (ACE). Any service in a target system which is pass the arguments from client machine to a bash to process (ex; bash cgi script) could be vulnerable.

A sample exploit

Lets see a sample case of ShellShock exploit

on machine A with bash (currently my bash version is 4.2.39(1) ) and apache server installed (and running)

create file: /var/www/cgi-bin/test.cgi with following content

Read more

Linux Kernel Compilation (Kernel version 3.x)

The first step! If you want to learn Linux kernel programming, don’t just read on all those nice books. You have to start doing also. Lets see how to get your own working kernel on that machine. Caution: use this article in your own risk, and take backup of all critical data before you start. I will not covering all the possible steps in compiling the kernel, just demonstrating the minimal steps required to get the kernel fast.

My setup : Dell Inspiron 3521 with FC 18  i686 (Fedora) operating system. Kernel version used for this article linux-3.16.1

You can use dmidecode or /sys/class/dmi/id/product_name to get the system name

[root@localhost ~]# dmidecode |grep Product
Product Name: Inspiron 3521
[root@localhost ~]# cat /sys/class/dmi/id/product_name
Inspiron 3521

Download Linux Kernel

First, get the complete mighty Linux kernel source in your system. go to kernel.org and download the latest stable kernel version (I am using linux-3.16.1 for this article)
Read more