LWN Articles on Linux (Outside Paywall Today)
-
Safer flexible arrays for the kernel [LWN.net]
At the 2022 Linux Security Summit Europe (LSS EU), Gustavo A. R. Silva reported in on work he has been doing on "flexible" arrays in the kernel. While these arrays provide some ... flexibility ... they are also a source of bugs, which can often result in security vulnerabilities. He has been working on ways to make the use of flexible arrays safer in the kernel.
Silva has a background in embedded systems, working with both realtime operating systems (RTOS) and embedded Linux. For the last six years, he has has been working as an upstream kernel engineer. He collaborates with the Kernel Self Protection Project (KSPP) and the Linux kernel division of the Google open-source security team.
-
BPF as a safer kernel programming environment [LWN.net]
For better or worse, C is the lingua franca in the world of kernel engineering. The core logic of the Linux kernel is written entirely in C (with a bit of assembly), as are its drivers and modules. While C is rightfully celebrated for its powerful yet simple semantics, it is an older language that lacks many of the features present in modern languages such as Rust. The BPF subsystem, on the other hand, provides a programming environment that allows engineers to write programs that can run safely in kernel space. At the 2022 Linux Plumbers Conference in Dublin, Ireland, Alexei Starovoitov presented an overview of how BPF has evolved over the years to provide a new model for kernel programming.
-
BPF for HID drivers [LWN.net]
The Human Interface Device (HID) standard dates back to the Windows 95 era. It describes how devices like mice and keyboards present themselves to the host computer, and has created a world where a single driver can handle a wide variety of devices from multiple manufacturers. Or it would have, if there weren't actual device manufacturers involved. In the real world, devices stretch and break the standard, each in its own special way. At the 2022 Linux Plumbers Conference, Benjamin Tissoires described how BPF can be used to simplify the task of supporting HID devices. Most devices, he began, will work just fine with the kernel's generic HID drivers. That still leaves quite a few that present problems — behavioral quirks that require a special driver to address. Most of the time, that driver need only make a few tweaks to the "report descriptor" provided by the device. This descriptor, the format of which was defined in 2001, describes the exact protocol a device speaks and which capabilities it offers. The kernel contains a long list of tiny drivers that do little beyond tweaking a device's report descriptor to make it adhere to the standard; see drivers/hid/hid-sigmamicro.c for an example. Others, only slightly more complex, will modify input events upon receipt from the device; drivers/hid/hid-ezkey.c shows that type of manipulation.