On Sat, Jun 07, 2003 at 05:41:22PM -0300, Carlos Eduardo Pedroza Santiviago wrote: > I'm new to kernel hacking, and i'd like to know from you how much time i'd take > to learn kernel programming, so i'd be able to code a non-exec stack patch. They tend to rely on knowledge of the architecture under discussion more than kernel programming issues. For example, under x86, they require knowledge of the x86 segment architecture. Under x86-64, I think the work is done, as it directly supports non-exec pages in paged mode. For other architectures, you'll have to figure out something, then do it. :) > Yes, i know there are some work done (Solar's one, and exec-shield), > but i'll talk about "stack-based buffer overflows" on my graduate > project, and i was thinking if i'd be capable to do such thing. Non-exec stack is just a small deterrent. Most attacks that inject executable code to the stack can be re-written to "jump-to-libc" attacks, where they execute code already mapped in the process's address space for their attack, typically something like system("foo") or popen("foo"). Non-exec stack is nice because it can be had at almost no cost of implementation and the gains -do- disable a certain amount of preexist attack code. But it is certainly no panacea. As for your exact question, "how long to learn kernel programming", the real answer is "as long as you wish". :) You can get reading-level fluent in a short time. You can write your own atrocious modules in an afternoon or two. And you can spend years trying to understand it all at a level as deep as Al Viro, Alan Cox, or other luminaries. :) -- "There's an old saying in Tennessee, i know it's in Texas, probably in Tennessee, that says, 'Fool me once... shame on ... shame on .. you; but fool--you can't get fooled again.'" -- Commander in Chief of the US Military
Attachment:
pgp00431.pgp
Description: PGP signature