Construction d'un kernel minimal par essais, erreurs, correction ... tests sous QEMU puis un laptop Framework en UEFI
On peut appliquer le patch pour jouer avec la config, ou bien passer directement les flags au compilateur via des variables d'environnement. Par exemple pour un AMD 5600X family 19 Zen 3
export KCFLAGS=' -march=znver3 -mtune=znver3'
export KCPPFLAGS=' -march=znver3 -mtune=znver3'
make ... [-n] ...L'option "-n" pour voir les commandes sans les exécuter et vérifier la présence des bons flags
The Linux kernel always had kernel tracing capabilities such as kprobes (2.6.9), ftrace (2.6.27 and later), perf (2.6.31), or uprobes (3.5), but with BPF it’s finally possible to run kernel-level programs on events and consequently modify the state of the system, without needing to write a kernel module.
A little bit about a linux kernel. Contribute to 0xAX/linux-insides development by creating an account on GitHub.
Writing a pseudo-device driver on Linux
Blog vaut le détour
Guest Post: Learn how to use Linux command line to investigate suspicious processes trying to masquerade as kernel threads.
et aussi dans un chroot http://forums.debian.net/viewtopic.php?t=52283
mount /dev/sdb1 /media/disk
mount -o bind /sys /media/disk/sys
mount -t proc /proc /media/disk/proc
mount -o bind /dev /media/disk/dev
chroot /media/diskrun the command, exit chroot, umount all stuff and reboot.
CVE-2016-0728 is caused by a reference leak in the keyrings facility.
https://gist.github.com/PerceptionPointTeam/18b1e86d1c0f8531ff8f
https://gist.github.com/matlink/e92b4cd522df178bf23f#file-cve_2016_0728-c-L103