Atul's blogs

The Linux kernel is the core component of the Linux operating system, responsible for managing system resources and providing a secure environment for applications to run. As the heart of the operating system, it is crucial to ensure the security of the Linux kernel to protect against potential vulnerabilities and attacks. In this blog post, we will explore some of the key security features and mechanisms implemented in the Linux kernel. 1. Secure Boot Secure Boot is a feature that ensures only trusted software is loaded during the boot process. It uses cryptographic signatures to verify the integrity of the bootloader and kernel, preventing the execution of malicious code. The Linux kernel supports Secure Boot through technologies like UEFI (Unified Extensible Firmware Interface) and TPM (Trusted Platform Module), providing a secure foundation for the entire system. 2. Address Space Layout Randomization (ASLR) ASLR is a technique that randomizes the memory layout of processes, making ...

  In this short post we will explore a Linux system call facilitating secure computing. In earlier parts of this series we saw how LSMs protect the kernel. However, LSMs occupy a much deeper position in the call hierarchy and do not offer protection at process level. Additional mechanism is required to provide protection at process level. Need for a system call In Linux, applications programs use a number of system calls, in fact a large number of system calls are available to applications programmer. These processes using system calls expose a large area of the kernel to malicious attacks. Linux offers a mechanism to limit this capability using seccomp system call, thereby reducing the attack surface. seccomp is enabled using prctl() system call with appropriate operation mode. seccomp Modes The seccomp system call works in two modes - strict mode (SECCOMP_SET_MODE_STRICT) and filter mode (SECCOMP_SET_MODE_FILTER). When seccomp is set to first mode, i.e. strict mode , process has ...