On Sat, Jun 07, 2003 at 05:41:22PM -0300, Carlos Eduardo Pedroza Santiviago wrote:
> I'm new to kernel hacking, and i'd like to know from you how much time i'd take
> to learn kernel programming, so i'd be able to code a non-exec stack patch.
They tend to rely on knowledge of the architecture under discussion more
than kernel programming issues. For example, under x86, they require
knowledge of the x86 segment architecture. Under x86-64, I think the
work is done, as it directly supports non-exec pages in paged mode. For
other architectures, you'll have to figure out something, then do it. :)
> Yes, i know there are some work done (Solar's one, and exec-shield),
> but i'll talk about "stack-based buffer overflows" on my graduate
> project, and i was thinking if i'd be capable to do such thing.
Non-exec stack is just a small deterrent. Most attacks that inject
executable code to the stack can be re-written to "jump-to-libc" attacks,
where they execute code already mapped in the process's address space
for their attack, typically something like system("foo") or popen("foo").
Non-exec stack is nice because it can be had at almost no cost of
implementation and the gains -do- disable a certain amount of preexist
attack code.
But it is certainly no panacea.
As for your exact question, "how long to learn kernel programming",
the real answer is "as long as you wish". :) You can get reading-level
fluent in a short time. You can write your own atrocious modules in an
afternoon or two. And you can spend years trying to understand it all at
a level as deep as Al Viro, Alan Cox, or other luminaries. :)
--
"There's an old saying in Tennessee, i know it's in Texas, probably in
Tennessee, that says, 'Fool me once... shame on ... shame on .. you; but
fool--you can't get fooled again.'" -- Commander in Chief of the US Military
Attachment:
pgp00431.pgp
Description: PGP signature
