| View previous topic :: View next topic |
| Author |
Message |
Zucca
Moderator
Joined: 14 Jun 2007
Posts: 3411
Location: Rasi, Finland
|
 Posted: Sat Mar 02, 2024 5:46 pm Post subject: |
 |
|
To me it seems you have following choices: | Gentoopc wrote: | | read books and find answers in them |
| logrusx wrote: | | Nobody is obligated to do anything for you. Help yourself by reading the LKMPG. |
create a kernel patch which allows you to run the kernel function of choice from user-spacefork the whole kernel for your needs
Since Linux, the kernel, isn't really about the choice. You need to play by the rules of the kernel if you choose to use it (unless you, personally, modify it).
_________________
..: Zucca :..
Gentoo IRC channels reside on Libera.Chat.
--
| Quote: | | I am NaN! I am a man! |
|
|
| Back to top |
|
 |
pjp
Administrator
Joined: 16 Apr 2002
Posts: 20112
|
| Posted: Sat Mar 02, 2024 7:37 pm Post subject: |
|
|
| Gentoopc wrote: | | what is dangerous if I call a function written with my own hands from the kernel module using a system call? if I wanted to do this from the kernel, then I would have to rebuild it. but what's dangerous if I do it from the module? That the world will collapse? a core that is like Swiss cheese with tons of vulnerabilities, no one will ever be able to make it worse. that there are false words, that everyone can do something different in Linux. as soon as you try to do it, they don't let you. |
If Malicious Actor can arbitrarily call something from my kernel, that is dangerous. At least that's how I interpret the concern, and I may be wrong. I don't know what the kernel designers had in mind.
| Gentoopc wrote: | if the developers wanted to do good to Linux users, they would have done so.
that would solve all the problems forever. everyone would decide for themselves what they need. and it would simplify the development
| Code: |
Enable loadable module support
[*] allow functions to be run from user space in the kernel module
|
|
It may be that it isn't in the kernel because no one has written the code an proposed its adoption.
_________________
Quis separabit? Quo animo? |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 21908
|
| Posted: Sat Mar 02, 2024 8:09 pm Post subject: |
|
|
| Over the years, there have been vulnerabilities where the kernel performs a call-by-pointer to a pointer that should have pointed to a trusted kernel function, but due to a bug, pointed to a userspace address chosen by an unprivileged user. In the early days, the CPU would allow that, and then execute code chosen by the unprivileged user with the full privileges of being in kernel context. The kernel developers grew tired of such bugs being (correctly) classified as arbitrary code execution, and instituted safeguards to stop it. Now, when the kernel calls a pointer that should point to a trusted kernel function, but instead points to userspace, the CPU raises an exception and does not execute any of the code retrieved from the userspace memory. There are additional ongoing efforts to further harden call-by-pointer to limit an attacker's ability to transfer control to an unexpected kernel mode address. |
|
| Back to top |
|
|
Gentoopc
Apprentice
Joined: 25 Dec 2017
Posts: 296
|
| Posted: Sat Mar 02, 2024 8:17 pm Post subject: |
|
|
the Linux kernel manages everything. I have a custom function. I ask the Linux kernel to call this function in user space via an interrupt, it will do the job there. What's dangerous about that? why do I need a Linux kernel that I can't interact with? Do you understand who you have become and what you are talking about? earlier you stated that the Linux distribution is aimed at those people who want to do everything themselves. Your words are at odds with the case. today everything is closed, they even want to take away root rights. linux will soon become a subordinate system. there will be more freedom in Windows. Is that what you're aiming for? I want to understand who is here. |
|
| Back to top |
|
|
Gentoopc
Apprentice
Joined: 25 Dec 2017
Posts: 296
|
| Posted: Sat Mar 02, 2024 8:26 pm Post subject: |
|
|
this is complete nonsense to take away more power from the user. all backdoors are in the core. the right people know about them. a hacker doesn't need user space. You're afraid of the wrong thing. I don't recognize the forum. It's kind of a community of the scared. Soon, the entire Linux community will gather here just to share fears, not to move forward. |
|
| Back to top |
|
|
sMueggli
Guru
Joined: 03 Sep 2022
Posts: 380
|
| Posted: Sun Mar 03, 2024 9:42 am Post subject: |
|
|
| Gentoopc wrote: |
this is complete nonsense to take away more power from the user. all backdoors are in the core. the right people know about them. a hacker doesn't need user space. You're afraid of the wrong thing. I don't recognize the forum. It's kind of a community of the scared. Soon, the entire Linux community will gather here just to share fears, not to move forward. |
Do what you want. You do not have any basic knowledge about security and attack vectors (privilege escalation, running arbitrary code in kernel context). And you are also missing knowledge about system programming.
As long as you refuse to learn basic concepts and insist on the position, that you are right and all others are wrong, noone can help you.
So the best way is that you "move forward". And maybe in the future you recognise your misunderstandings and learn from your errors. Or not. |
|
| Back to top |
|
|
Gentoopc
Apprentice
Joined: 25 Dec 2017
Posts: 296
|
| Posted: Sun Mar 03, 2024 11:08 am Post subject: |
|
|
Well, many of you have the knowledge you're talking about. Then why hasn't anything useful been done in so many years? the core is being improved only in the direction of collecting more data and making this fact less noticeable. the kernel loses its internal logic due to the large number of strings associated with pseudo-security, the Linux kernel loses its consistency. this is a set of strings of code that has a weak internal connection. I am not an expert and I do not apply for this position. I am a simple user, and from my position I see all the problems that I have to talk about. as a result of discussing the topic, you don't do anything useful, and when people come to you with complaints, you plug your ears. and are you talking about some kind of development path with this approach? only degradation is possible here, which you have been walking side by side with for so many years. your advice is for users to improve the linux kernel code themselves but at the same time you understand that they will not be able to do this, because the kernel developers put a lot of effort into preventing a simple user from making changes to the kernel under the guise of security. That's your point. |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54450
Location: 56N 3W
|
| Posted: Sun Mar 03, 2024 12:36 pm Post subject: |
|
|
Gentoopc,
As you don't want to listen because you already know better that those who try to help you there is no point in any further replies to this topic.
Personal attacks at your would be helpers don't endear you to helpers either. Keep in mind that your reputation will follow you into future topics you may post.
You may want to reread Guidelines (READ BEFORE POSTING) especially points 10 and 13.
Topic locked.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
|
Kernel & Hardware
