DMA Safety in Buffers for Linux Kernel Device Drivers - Wolfram Sang, Renesas / Consultant This talk is about findings which originated from an issue in the I2C subsystem but then became more widespread. The question was if externally allocated message buffers for the I2C subsystem need to be DMA safe. That gained importance and needed a proper solution. While working on this, buffer handling in other subsystems was evaluated regarding DMA safety. It turned out that some, including I2C, work rather by coincidence or, at least, on assumptions which are likely to be true, but not always. And those assumptions might even be less likely true in the future, given some structural changes kernel hardening brings. Learn that a check if buffers are DMA capable is surprisingly not an easy task. And find out which solutions exist as of today. With safety being an increasing interest for embedded, more eyes are needed for this problem. About Wolfram Sang Wolfram Sang has been working as a Linux kernel developer for embedded systems since 2008. He maintains the I2C subsystem and works as a consultant, mainly for the Renesas Upstream Kernel Team. Programming since his childhood, he still hacks his machines from the 80s, especially the C64. When not using computers, he is interested in ecological topics, likes cooking and tries to keep his Japanese alive. He has spoken at various conferences like ELCE, ELC, OpenSourceSummit, LinuxCon, LinuxTag, and FOSDEM multiple times mostly about kernel topics.
Views: 515 The Linux Foundation
Presentation by Warren Turkal The Silicon Valley Linux Users Group hosts weekly sessions to walk through the code for the Linux Kernel, allowing newer users and developers to better understanding the operating system.
Views: 121969 Google
Clip 2/5 Speaker: Jon Oberheide, University of Michigan As userspace applications and services become increasingly hardened against traditional memory corruption exploits, operating system kernels have become a source for abundant exploitation opportunities. In particular, the Linux kernel has recently suffered a bout of severe and high-profile vulnerabilities and drawn ire from the security community for it's mishandling of bugs with known security impact, resulting in a Pwnie award for "Lamest Vendor Response". Given the importance the Linux operating system plays in many enterprise environments, it is necessary to understand the strengths and weaknesses of its kernel's security. In this presentation, we'll explore these strengths and weaknesses by diving deep into the exploitation of vulnerabilities in the Linux kernel. Using real-world vulnerabilities and exploits, we'll detail the traditional classes of kernel vulnerabilities such as control flow hijacking (via stack smashing and SLAB/SLUB/SLOB allocator corruption), invalid userland memory accesses (including NULL pointer dereferences), and information leakage. In addition to traditional bug classes, we'll cover the semantic vulnerabilities inherent in complex operating systems that require deep knowledge of kernel internals to identify and exploit subtle conditions (e.g. desynchronization in the VM subsystem), some of which have previously thought to be unexploitable. We'll also explore the attack surface of the Linux kernel and enumerate the most common vulnerability entry points using historical data. Lastly, we'll release several tools assisting vulndev/auditing and discuss the effectiveness of deployed countermeasures and best current practices for securing the Linux kernel. For more information and presentation slides click here: http://bit.ly/8XJ1tm
Views: 435 Christiaan008
Andrew Tridgell http://lca2015.linux.org.au/schedule/30229/view_talk The port of ArduPIlot to Linux is now flying, bringing us one step closer to Linux dominating the world of small UAVs. Last year I presented a plan to port ArduPilot to the BeagleBoneBlack board by building a new "PXF" cape that gives the BBB a wide range of high quality sensors. That cape has now been built, and an ArduPilot port has been done. Linux on the BBB can now fly/drive a wide range of vehicles. In this talk I will describe the architecture of the BBB port of ArduPilot, including how the PRU co-processors are used, how we interface to SPI and I2C devices and the development tools we have developed to make life a bit easier for those wanting to work on Linux based autopilots. I will also give an update on the CanberraUAV 2014 Outback Challenge entry, and on some other current efforts to bring autopilots to more Linux based boards.
Views: 11677 Linux.conf.au 2015 -- Auckland, New Zealand
I had problems with grub when installing Arch linux this is my solution for the infamos error: no such device: ad4103fa Arch Linux is an independently developed, i686- and x86_64-optimised Linux distribution targeted at competent Linux users. It uses 'pacman', its home-grown package manager, to provide updates to the latest software applications with full dependency tracking. Operating on a rolling release system, Arch can be installed from a CD image or via an FTP server. The default install provides a solid base that enables users to create a custom installation. In addition, the Arch Build System (ABS) provides a way to easily build new packages, modify the configuration of stock packages, and share these packages with other users via the Arch Linux user repository. PLEASE SUBSCRIBE AND FOLLOW ME ON TWITTER!! https://twitter.com/ribalinux Blogger http://ribalinux.blogspot.pt/ Facebook https://www.facebook.com/theribalinux Google+ https://plus.google.com/u/0/110348492032614636584/posts Despora https://despora.de/u/ribaudequin Arch linux linux virtualbox how to install Tutorial Grub Grub2 ad4103fa error no such device
Views: 40250 Riba Linux
This demonstration illustrates that with Embedded Bit's boot time reduction techniques it's possible to dramatically reduce the cold boot time of an embedded Linux device. Here we've demonstrated how machine vision processing can be achieved in less than a second from a cold boot. The demo uses a camera to count the number of yellow balls present and displays the count on an 7-segment display and HDMI display. It takes just 0.8 seconds from the first instructions being executed in the boot loader to having processed the first frame and displayed the first ball count. The application is started within 0.5 seconds of reset. The demonstration illustrates a boot time reduction of 95% from the original boot time of 15 seconds. The video may give the impression that the boot time is longer than expected, this is because the hardware is hard-wired such that before executing software instructions from the MMC card -- it will attempt to boot from the serial port and USB. These attempts increase the overall boot time. The demo runs on a Gumstix Waysmall Silverlode computer. This consists of an Overo EarthSTORM Computer-On-Module (COM) and Tobi expansion board. This provides a single core ARM Cortex-A9 implemented inside a TI Sitara AM3703 running at up to 1Gz. It has 512 MB of RAM and NAND and has a range of peripherals including MMC/SD, HDMI, USB and Audio. The big red button is a push-to-break switch which interrupts the power supply to the Silverlode -- providing a convenient means to reset the board and see the cold boot time of the device. The processor boots directly from the microSD card and all components are stored there. The application is based on OpenCV. Find out more on our web site http://www.embedded-bits.co.uk/1-second-boot-machine-vision/
Views: 2719 Witekio Int
What is SCSI RDMA PROTOCOL? What does SCSI RDMA PROTOCOL mean? SCSI RDMA PROTOCOL meaning - SCSI RDMA PROTOCOL definition - SCSI RDMA PROTOCOL explanation. Source: Wikipedia.org article, adapted under https://creativecommons.org/licenses/by-sa/3.0/ license. SUBSCRIBE to our Google Earth flights channel - https://www.youtube.com/channel/UC6UuCPh7GrXznZi0Hz2YQnQ In computing the SCSI RDMA Protocol (SRP) is a protocol that allows one computer to access SCSI devices attached to another computer via remote direct memory access (RDMA). The SRP protocol is also known as the SCSI Remote Protocol. The use of RDMA makes higher throughput and lower latency possible than what is possible through e.g. the TCP/IP communication protocol. RDMA is only possible with network adapters that support RDMA in hardware. Examples of such network adapters are InfiniBand HCAs and 10 GbE network adapters with iWARP support. While the SRP protocol has been designed to use RDMA networks efficiently, it is also possible to implement the SRP protocol over networks that do not support RDMA. SRP was published as an ANSI standard (ANSI INCITS 365-2002) in 2002 and renewed in 2007. As with the ISCSI Extensions for RDMA (iSER) communication protocol, there is the notion of a target (a system that stores the data) and an initiator (a client accessing the target) with the target performing the actual data movement. In other words, when a user writes to a target, the target actually executes a read from the initiator and when a user issues a read, the target executes a write to the initiator. While the SRP protocol is easier to implement than the iSER protocol, iSER offers more management functionality, e.g. the target discovery infrastructure enabled by the iSCSI protocol. In order to use the SRP protocol, an SRP initiator implementation, an SRP target implementation and networking hardware supported by the initiator and target are needed. The following software SRP initiator implementations exist: Linux SRP initiator, available since November 2005 (kernel version 2.6.15). Windows SRP initiator, available through the winOFED InfiniBand stack. VMWare SRP initiator, available since January 2008 through Mellanox' OFED Drivers for VMware Infrastructure 3 and vSphere 4. Solaris 10 SRP initiator, available through Sun's download page. Solaris 11 and OpenSolaris SRP initiator, integrated as a component of project COMSTAR. The IBM POWER virtual SCSI client driver for Linux (ibmvscsi), available since January 2008 (kernel version 2.6.24). Virtual SCSI allows client logical partitions to access I/O devices (disk, CD, and tape) that are owned by another logical partition. The following SRP target implementations exist: The SCST SRP target implementation. This is a mature SRP target implementation available since 2008 via both SCST and OFED. Linux LIO SRP target, available since January 2012 (kernel version 3.3), based on the SCST SRP target. The IBM POWER virtual SCSI target driver (ibmvstgt), available since January 2008 (kernel version 2.6.24). DataDirect Network's (DDN) disk subsystems such as the S2A9900 and SFA10000, which use the SRP target implementation in the disk subsystem's controllers to present LUNs to servers (the servers act as SRP initiators). IBM's FlashSystem. The Solaris COMSTAR target, available since early 2009 in OpenSolaris and Solaris 11. Bandwidth and latency of storage targets supporting the SRP or the iSER protocol should be similar. On Linux, there are two SRP and two iSER storage target implementations available that run inside the kernel (SCST and LIO) and an iSER storage target implementation that runs in user space (STGT). Measurements have shown that the SCST SRP target has a lower latency and a higher bandwidth than the STGT iSER target. This is probably because the RDMA communication overhead is lower for a component implemented in the Linux kernel than for a user space Linux process, and not because of protocol differences.
Views: 195 The Audiopedia
Speaker: Paul Kehrer Shipping Python libraries is easy! ...until you want to use a C library. How do you easily and reliably deliver software to users when they may not have the libraries you depend on, or even a compiler? How do you handle the significant differences between linux, OS X, Windows, FreeBSD, and other platforms Python runs on? Slides can be found at: https://speakerdeck.com/pycon2016 and https://github.com/PyCon/2016-slides
Views: 1636 PyCon 2016
Security+ Training Course Index: http://professormesser.link/sy0501 Professor Messer’s Course Notes: http://professormesser.link/501cn Frequently Asked Questions: http://professormesser.link/faq - - - - - Maintaining the security of our operating systems is an ongoing necessity. In this video, you’ll learn about patch management, least functionality, application management, and other OS security requirements. - - - - - Subscribe to get the latest videos: http://professormesser.link/yt Calendar of live events: http://www.professormesser.com/calendar/ FOLLOW PROFESSOR MESSER: Professor Messer official website: http://www.professormesser.com/ Twitter: http://www.professormesser.com/twitter Facebook: http://www.professormesser.com/facebook Instagram: http://www.professormesser.com/instagram Google +: http://www.professormesser.com/googleplus
Views: 27875 Professor Messer
In computing, Internet Key Exchange (IKE or IKEv2) is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP. IKE uses X.509 certificates for authentication - either pre-shared or distributed using DNS (preferably with DNSSEC) and a Diffie–Hellman key exchange - to set up a shared session secret from which cryptographic keys are derived. In addition, a security policy for every peer which will connect must be manually maintained. This video is targeted to blind users. Attribution: Article text available under CC-BY-SA Creative Commons image source in video
Views: 7531 Audiopedia
Deep Dive into Docker Containers for Rails Developers by Christopher Rigor This is a sponsored talk by Engine Yard. Containers have gained popularity the past few years but they have been around much longer than that. In this talk, we'll dive into the internals of a container. If you have used or heard about Docker containers but are unsure how they work, this talk is for you. You’ll also learn how to run Rails in production-ready container environments like Kubernetes.
Views: 935 Confreaks
This video covers how to debug the following python error: ImportError: DLL load failed: %1 is not a valid Win32 application http://www.lfd.uci.edu/~gohlke/pythonlibs/
Views: 68274 sentdex
This is an audio version of the Wikipedia Article: https://en.wikipedia.org/wiki/Comparison_of_BSD_operating_systems 00:02:14 1 Aims and philosophies 00:02:24 1.1 DragonFly BSD 00:03:35 1.2 FreeBSD 00:06:35 1.3 NetBSD 00:07:48 1.4 OpenBSD 00:11:44 2 Popularity 00:14:43 3 Names, logos, slogans 00:19:01 4 General information 00:19:10 5 See also 00:19:33 6 Notes and references 00:19:43 6.1 Other sources Listening is a more natural way of learning, when compared to reading. Written language only began at around 3200 BC, but spoken language has existed long ago. Learning by listening is a great way to: - increases imagination and understanding - improves your listening skills - improves your own spoken accent - learn while on the move - reduce eye strain Now learn the vast amount of general knowledge available on Wikipedia through audio (audio article). You could even learn subconsciously by playing the audio while you are sleeping! If you are planning to listen a lot, you could try using a bone conduction headphone, or a standard speaker instead of an earphone. Listen on Google Assistant through Extra Audio: https://assistant.google.com/services/invoke/uid/0000001a130b3f91 Other Wikipedia audio articles at: https://www.youtube.com/results?search_query=wikipedia+tts Upload your own Wikipedia articles through: https://github.com/nodef/wikipedia-tts Speaking Rate: 0.8571708168940642 Voice name: en-US-Wavenet-D "I cannot teach anybody anything, I can only make them think." - Socrates SUMMARY ======= There are a number of Unix-like operating systems based on or descended from the Berkeley Software Distribution (BSD) series of Unix variant options. The three most notable descendants in current use are FreeBSD, OpenBSD, and NetBSD, which are all derived from 386BSD and 4.4BSD-Lite, by various routes. Both NetBSD and FreeBSD started life in 1993, initially derived from 386BSD, but in 1994 migrating to a 4.4BSD-Lite code base. OpenBSD was forked from NetBSD in 1995. Other notable derivatives include DragonFly BSD, which was forked from FreeBSD 4.8, and Apple Inc.'s iOS and macOS, with its Darwin base including a large amount of code derived from FreeBSD. Most of the current BSD operating systems are open source and available for download, free of charge, under the BSD License, the most notable exceptions being macOS and iOS. They also generally use a monolithic kernel architecture, apart from macOS, iOS, and DragonFly BSD which feature hybrid kernels. The various open source BSD projects generally develop the kernel and userland programs and libraries together, the source code being managed using a single central source repository. In the past, BSD was also used as a basis for several proprietary versions of UNIX, such as Sun's SunOS, Sequent's Dynix, NeXT's NeXTSTEP, DEC's Ultrix and OSF/1 AXP (which became the now discontinued Tru64 UNIX). Parts of NeXT's software became the foundation for macOS which, together with iOS, is among the most commercially successful BSD variants in the general market.
Views: 13 wikipedia tts
Repositorios de Kali Linux: https://docs.kali.org/general-use/kali-linux-sources-list-repositories
Views: 8992 Víctor García
This is an audio version of the Wikipedia Article: https://en.wikipedia.org/wiki/Trusted_Computing 00:02:24 1 Key concepts 00:03:08 1.1 Endorsement key 00:04:41 1.2 Memory curtaining 00:05:18 1.3 Sealed storage 00:07:01 1.4 Remote attestation 00:09:25 1.5 Trusted third party 00:16:54 2 Known applications 00:17:19 3 Possible applications 00:17:30 3.1 Digital rights management 00:19:23 3.2 Preventing cheating in online games 00:19:59 3.3 Verification of remote computation for grid computing 00:20:42 4 Criticism 00:25:58 4.1 Digital rights management 00:27:19 4.2 Users unable to modify software 00:28:35 4.3 Users unable to exercise legal rights 00:29:33 4.4 Users vulnerable to vendor withdrawal of service 00:30:43 4.5 Users unable to override 00:32:41 4.6 Loss of anonymity 00:37:30 4.7 TCG specification interoperability problems 00:38:28 4.8 Shutting out of competing products 00:39:54 4.9 Trust 00:42:01 5 Hardware and software support Listening is a more natural way of learning, when compared to reading. Written language only began at around 3200 BC, but spoken language has existed long ago. Learning by listening is a great way to: - increases imagination and understanding - improves your listening skills - improves your own spoken accent - learn while on the move - reduce eye strain Now learn the vast amount of general knowledge available on Wikipedia through audio (audio article). You could even learn subconsciously by playing the audio while you are sleeping! If you are planning to listen a lot, you could try using a bone conduction headphone, or a standard speaker instead of an earphone. Listen on Google Assistant through Extra Audio: https://assistant.google.com/services/invoke/uid/0000001a130b3f91 Other Wikipedia audio articles at: https://www.youtube.com/results?search_query=wikipedia+tts Upload your own Wikipedia articles through: https://github.com/nodef/wikipedia-tts Speaking Rate: 0.7684059199677259 Voice name: en-GB-Wavenet-C "I cannot teach anybody anything, I can only make them think." - Socrates SUMMARY ======= Trusted Computing (TC) is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems and has a specialized meaning. With Trusted Computing, the computer will consistently behave in expected ways, and those behaviors will be enforced by computer hardware and software. Enforcing this behavior is achieved by loading the hardware with a unique encryption key inaccessible to the rest of the system. TC is controversial as the hardware is not only secured for its owner, but also secured against its owner. Such controversy has led opponents of trusted computing, such as free software activist Richard Stallman, to refer to it instead as treacherous computing, even to the point where some scholarly articles have begun to place scare quotes around "trusted computing".Trusted Computing proponents such as International Data Corporation, the Enterprise Strategy Group and Endpoint Technologies Associates claim the technology will make computers safer, less prone to viruses and malware, and thus more reliable from an end-user perspective. They also claim that Trusted Computing will allow computers and servers to offer improved computer security over that which is currently available. Opponents often claim this technology will be used primarily to enforce digital rights management policies and not to increase computer security.Chip manufacturers Intel and AMD, hardware manufacturers such as HP and Dell, and operating system providers such as Microsoft include Trusted Computing in their products if enabled. The U.S. Army requires that every new PC it purchases comes with a Trusted Platform Module (TPM). As of July 3, 2007, so does virtually the entire United States Department of Defense.
Views: 1 wikipedia tts