SlideShare a Scribd company logo

FreeBSD and Drivers

Kernel TLV
Kernel TLV

Have you ever heard of FreeBSD? Probably. Have you ever interacted with its kernel? Probably not. In this talk, Gili Yankovitch (nyxsecuritysolutions.com) will talk about the FreeBSD operating system, its network stack and how to write network drivers for it. The talk will cover the following topics: * Kernel/User interation in FreeBSD * The FreeBSD Network Stack * Network Buffers API * L2 and L3 Hooking

Software
1 of 34
Download to read offline
FreeBSD and Drivers Gili Yankovitch, Nyx Software Security Solutions
Key Points ● What is FreeBSD? ● FreeBSD Drivers: How to create, compile and run a driver. ● Char devices ● Network Hooking ○ L3 ○ L2 ● Interaction with the network stack
What is FreeBSD? ● “FreeBSD is a free UNIX-like operating system descended from Research Unix via the Berkeley Software Distribution (BSD).” - Wikipedia ● The BSD Project was founded in 1976 by Bill Joy. ● Contained code written by AT&T (Who later sued people related to BSD) ● In 1993 the first FreeBSD distribution was released. ○ Two years AFTER the Linux Kernel was founded.
What is FreeBSD? ● https://www.freebsd.org/ ● Unlike Linux, it comes with a lot of user mode tools ● Doesn’t come in many flavours (distributions) ● Supported architectures: amd64, i386, ia64, powerpc, powerpc64, sparc64, mips, armv6, aarch64. ● Unfortunately, lacks a lot of features implemented in Linux. ○ Namespaces, Good L2 hooking (yay -_-) and more… ● It is very unfortunate but there is very little documentation on FreeBSD on the internet. :( ○ This means that if you are stuck, you need to deal with it on your own. ■ True story.
How to get FreeBSD ● Download ○ https://www.freebsd.org/where.html ● Git: ○ https://github.com/freebsd ■ Yes they use GitHub. ● On a FreeBSD system, the sources are usually at: ○ /usr/src/sys/
Folder Structure ● In contrast to Linux, FreeBSD has a lot of folders in its root directory. ○ kern/ - Core kernel implementation. ○ libkern/ - Core kernel libraries (printf, uprintf, strcpy etc…). ○ fs/ - File systems implementation. ○ net/ netinet/ - Core net and Inet implementation. ○ sys/ - Include directory. Contains a lot of *.h files. ○ amd64/ arm/ mips/ … - Architecture specific sources. ○ modules/ dev/ - Drivers. ○ ...
First And Foremost - Prints! ● There are two types of prints from the kernel: ○ printf ○ uprintf ● Both appear in dmesg ● uprintf prints to your current console ● printf prints to tty0
Char Devices
Compiling Our First Driver static int nethook_loader (struct module *m, int what, void *arg) { int err = 0; switch (what) { case MOD_LOAD : /* kldload */ uprintf ("Nethook KLD loaded. n"); break; case MOD_UNLOAD : uprintf ("Nethook KLD unloaded. n"); break; } return err; } static moduledata_t nethook_mod = { "nethook", nethook_loader , NULL }; DECLARE_MODULE (nethook, nethook_mod , SI_SUB_KLD , SI_ORDER_ANY ); nethook.c Don’t return anything different than 0! Different value will prevent you from unloading the module!!
Compiling Our First Driver ● Yep. That simple. SRCS=nethook.c KMOD=nethook .include <bsd.kmod.mk> Makefile
Running the Driver ● Just like Linux, we need to inject it to the Kernel: $ kldload ./nethook.ko $ kldunload ./nethook.ko $ kldstat ● Removing from Kernel: ● Modules list:
Creating A Char Device ● This actually has a very good tutorial: ○ https://www.freebsd.org/doc/en/books/arch-handbook/driverbasics-char.html ● But here’s the snippets anyhow: ○ Create a struct with function pointers to read, write, open, close. ■ ioctl seems to fail with this method... /* Character device entry points */ static struct cdevsw echo_cdevsw = { .d_version = D_VERSION , .d_open = echo_open , .d_close = echo_close , .d_read = echo_read , .d_write = echo_write , .d_name = "echo", }; ● Just like Linux...
Creating A Char Device ● Then all you need to do is register: static struct cdev *echo_dev ; static int nethook_loader (struct module *m, int what, void *arg) { ... error = make_dev_p (MAKEDEV_CHECKNAME | MAKEDEV_WAITOK , &echo_dev , &echo_cdevsw , 0, UID_ROOT , GID_WHEEL , 0600, "echo"); … } Char Device Kernel Object Pointer to File Operations Owner UID of File System Node Owner GID of File System Node File System Node Permissions Name of File System Node
Creating A Char Device ● Read operation ● Note the struct uio: ○ uio_resid - Space left in buffer sent from user mode (read length usually) ○ uio_offset - Current write offset ● uio knows whether it’s a read or a write depending on current action. ○ Here uiomove() writes from kernel buffer to user mode buffer. static int echo_read (struct cdev *dev __unused , struct uio *uio, int ioflag __unused ) { size_t amt; int error; amt = MIN(uio->uio_resid , uio->uio_offset >= echomsg ->len + 1 ? 0 : echomsg ->len + 1 - uio->uio_offset ); if ((error = uiomove (echomsg->msg, amt, uio)) != 0) uprintf("uiomove failed! n"); return (error); }
Creating A Char Device ● Corresponding write(). static int echo_write (struct cdev *dev __unused , struct uio *uio, int ioflag __unused ) { size_t amt; int error; if (uio->uio_offset != 0 && (uio->uio_offset != echomsg ->len)) return (EINVAL); /* Copy the string in from user memory to kernel memory */ amt = MIN(uio->uio_resid , (BUFFERSIZE - echomsg ->len)); error = uiomove (echomsg->msg + uio->uio_offset , amt, uio); if (error != 0) uprintf("Write failed: bad address! n"); return (error); }
Networking ● DISCLAIMER: ○ Before you begin to build your own network driver, be absolutely sure you understand the below. ● OK lets continue...
Network Stack
Networking ● Just like Linux has its skb structure, FreeBSD has a basic buffer system ● It’s called: mbuf ● mbufs are buffer chains of size 256 ○ Larger buffers are possible in an mbuf cluster but unfortunately usually it’s not the case. ● When you get a packet larger than 256 bytes, you get an mbuf chain ● Mellanox created a module called OFED to help port drivers from Linux to Freebsd. ○ It’s a great place to start learning about networking in FreeBSD. ○ Unfortunately it lacks a HELL LOT of functionality sometimes needed.
Meet struct mbuf ● Yeah I know it’s weird and complicated. ○ Our interest is in m_hdr and in m_dat.M_databuf (Which means a normal packet) struct mbuf { struct m_hdr m_hdr ; union { struct { struct pkthdr MH_pkthdr ; /* M_PKTHDR set */ union { struct m_ext MH_ext ; /* M_EXT set */ char MH_databuf [MHLEN]; } MH_dat; } MH; char M_databuf [MLEN]; /* !M_PKTHDR, !M_EXT */ } M_dat; }; /sys/mbuf.h
Meet struct m_hdr ● mh_next - Already mentioned this is an mbuf chain ● mh_nextpkt - mbufs provide us with a linked-list of packets storage place. ● mh_data - Pointer to beginning of data within the data buffer ● mh_len - Length of data in this mbuf struct m_hdr { struct mbuf *mh_next; /* next buffer in chain */ struct mbuf *mh_nextpkt ; /* next chain in queue/record */ caddr_t mh_data ; /* location of data */ int32_t mh_len ; /* amount of data in this mbuf */ uint32_t mh_type :8, /* type of data in this mbuf */ mh_flags :24; /* flags; see below */ #if !defined(__LP64__ ) uint32_t mh_pad ; /* pad for 64bit alignment */ #endif }; /sys/mbuf.h
nbuf Structure mbuf mh_data mbuf aaaaa mh_next mh_len mbuf aaaaa mbuf aaaaa mh_nextpkt
Whatever you do, do NOT access these directly! ● Seriously. For everything you need there’s a function. ● When in doubt, see man mbuf (9). ● mbuf function names are non indicative, so I’ll explain a few here:
Allocating and freeing buffers ● m_get(int how, int type) - Allocates a new mbuf and sets its type. ● m_free(struct mbuf *m) - Frees a single mbuf. ● m_freem(struct mbuf *m) - Frees an entire mbuf chain. ● m_dup(struct mbuf *m, int how) - Duplicates an entire mbuf. ● m_copym(struct mbuf *mbuf, int offset, int len, int how) - Copy only a portion of the mbuf to a new mbuf chain. ● m_copydata(const struct mbuf *mbuf, int offset, int len, caddr_t buf) - Copy the mbuf data to a different buffer. ● m_length(struct mbuf *m, struct mbuf ** last) - Returns the entire mbuf chain length (in bytes).
Shorten or Lengthen the Buffer ● m_adj(struct mbuf *m, int len) - Shorten the buffer from the beginning. mbuf aaaaa mbuf mh_data mh_next mbuf mh_len mh_lenmh_len mbuf mh_data void shorten_my_mbuf (struct mbuf *m) { m_adj (m); } m is stillpointing to the firstm buf!!
Shorten or Lengthen the Buffer ● m_prepend(struct mbuf *m, int len, int how) - Prepend len bytes in te beginning. mbuf aaaaa mbuf mh_data mh_next mh_len mh_len mbuf aaaaa mh_next mh_data mh_data mh_len mh_len mbuf
Accessing data ● Because mbufs are divided to 256-bytes parts, header might fall between two mbufs. ● Accessing the header linearly might cause an unexpected behaviour. mbuf aaaaa mbufhea der Write.. OVERFLOW... ● NEVER access directly, or before using this: ● m_pulldown(struct mbuf *mbuf, int offset, int len, int *offsetp) mbuf aaaaa mbufhea dermbuf a mbufheader Might allocate a new mbuf
Interfaces ● Interfaces in FreeBSD are represented by struct ifnet struct ifnet { struct vnet *if_vnet; /* pointer to network stack instance */ TAILQ_ENTRY (ifnet) if_link ; /* all struct ifnets are chained */ ... char if_xname [IFNAMSIZ ]; /* external name (name + unit) */ ... struct ifaddrhead if_addrhead ; /* linked list of addresses per if */ ... u_short if_index ; /* numeric abbreviation for this if */ int (*if_output ) /* output routine (enqueue) */ (struct ifnet *, struct mbuf *, const struct sockaddr *, struct route *); void (*if_input ) /* input routine (from h/w driver) */ (struct ifnet *, struct mbuf *); … void (*if_transmit ) /* initiate output routine */ (struct ifnet *, struct mbuf *); u_int if_fib ; /* interface FIB */ ... }; /net/if_var.h
L3 Hooking ● Just like Linux has netfilter, FreeBSD has a framework called pfil ● It enables to create a list of filters for both IN and OUT packets. ● Unlike Linux, pfil allows hooking in only one place for incoming and outgoing packets.
L3 Hooking ● Hooking is easy. Use: struct pfil_head *pfh_inet ; /* Initializing L3 Hooking */ if (!(pfh_inet = pfil_head_get (PFIL_TYPE_AF , AF_INET ))) { uprintf ("Failed getting packet filter head n"); return ESRCH; } pfil_add_hook(in_filter, NULL, PFIL_IN | PFIL_WAITOK, pfh_inet); static int in_filter(void *arg, struct mbuf **m, struct ifnet *ifp, int dir, struct inpcb *inp) ● Then, register the callback: ● Hook signature:
The L2-L3 Input Stack Driver ifp->if_input() ether_input_internal BPF LAGG ng_ether Bridging Hooks ether_demuxVLAN Handlingvlan_input_p() IP: ip_input() IPv6 ARP: arpintr() ATALK AARP pfil_run_hooks() PFil
The L2-L3 Input Stack Driver ip_output pfil_run_hooks() if_output() ether_output Bridge ng_ether PFil Hooks ifp->if_transmit()
L2 Hooking ● Apparently, it’s not as trivial hooking to the network stack in L2 ● For example, in order to make Libpcap work, NIC drivers need to explicitly call Libpcap kernel hooks to redirect L2 flow to it. ● Suggested implementation in user mode: ○ BPF - Explained in previous lectures ○ Libpcap - Explained above ○ Nethook - Memory-mapping based network handling. Exists in both Linux, Windows and FreeBSD. ● Despite what is said above, you can use netgraph to attach to ng_ether. ○ There is a way to use it more easily. Source code will be uploaded later.
● DDB is the static kernel debugger. You can read about it here: ○ https://www.freebsd.org/cgi/man.cgi?ddb(4) ● Compile kernel with: ○ Options DDB ● Compiling the kernel: ○ Configs are in: ■ amd64/conf/GENERIC ■ Always copy GENERIC to a new file and edit it. Other useful tips $ cd /usr/src/ $ make buildkernel KERNCONF=GENERIC.MYCONF && make installkernel KERNCONF=GENERIC.MYCONF && shutdown -r now ● If kernel hangs, useful VirtualBox command (Opens DDB): $ VBoxManage debugvm <VM Name> injectnmi
Questions? :)

Recommended

Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network Stack
Adrien Mahieux
 
VLANs in the Linux Kernel
VLANs in the Linux KernelVLANs in the Linux Kernel
VLANs in the Linux Kernel
Kernel TLV
 
The TCP/IP stack in the FreeBSD kernel COSCUP 2014
The TCP/IP stack in the FreeBSD kernel COSCUP 2014The TCP/IP stack in the FreeBSD kernel COSCUP 2014
The TCP/IP stack in the FreeBSD kernel COSCUP 2014Kevin Lo
 
Linux Internals - Kernel/Core
Linux Internals - Kernel/CoreLinux Internals - Kernel/Core
Linux Internals - Kernel/Core
Shay Cohen
 
Linux Kernel Image
Linux Kernel ImageLinux Kernel Image
Linux Kernel Image艾鍗科技
 
Time Sensitive Networking in the Linux Kernel
Time Sensitive Networking in the Linux KernelTime Sensitive Networking in the Linux Kernel
Time Sensitive Networking in the Linux Kernel
henrikau
 
The TCP/IP Stack in the Linux Kernel
The TCP/IP Stack in the Linux KernelThe TCP/IP Stack in the Linux Kernel
The TCP/IP Stack in the Linux Kernel
Divye Kapoor
 
Kernel Recipes 2019 - XDP closer integration with network stack
Kernel Recipes 2019 - XDP closer integration with network stackKernel Recipes 2019 - XDP closer integration with network stack
Kernel Recipes 2019 - XDP closer integration with network stack
Anne Nicolas
 

Recommended

Linux Network Stack
Linux Network StackLinux Network Stack
Linux Network Stack
Adrien Mahieux
 
VLANs in the Linux Kernel
VLANs in the Linux KernelVLANs in the Linux Kernel
VLANs in the Linux Kernel
Kernel TLV
 
The TCP/IP stack in the FreeBSD kernel COSCUP 2014
The TCP/IP stack in the FreeBSD kernel COSCUP 2014The TCP/IP stack in the FreeBSD kernel COSCUP 2014
The TCP/IP stack in the FreeBSD kernel COSCUP 2014Kevin Lo
 
Linux Internals - Kernel/Core
Linux Internals - Kernel/CoreLinux Internals - Kernel/Core
Linux Internals - Kernel/Core
Shay Cohen
 
Linux Kernel Image
Linux Kernel ImageLinux Kernel Image
Linux Kernel Image艾鍗科技
 
Time Sensitive Networking in the Linux Kernel
Time Sensitive Networking in the Linux KernelTime Sensitive Networking in the Linux Kernel
Time Sensitive Networking in the Linux Kernel
henrikau
 
The TCP/IP Stack in the Linux Kernel
The TCP/IP Stack in the Linux KernelThe TCP/IP Stack in the Linux Kernel
The TCP/IP Stack in the Linux Kernel
Divye Kapoor
 
Kernel Recipes 2019 - XDP closer integration with network stack
Kernel Recipes 2019 - XDP closer integration with network stackKernel Recipes 2019 - XDP closer integration with network stack
Kernel Recipes 2019 - XDP closer integration with network stack
Anne Nicolas
 
Basic Linux Internals
Basic Linux InternalsBasic Linux Internals
Basic Linux Internalsmukul bhardwaj
 
Jagan Teki - U-boot from scratch
Jagan Teki - U-boot from scratchJagan Teki - U-boot from scratch
Jagan Teki - U-boot from scratch
linuxlab_conf
 
Reconnaissance of Virtio: What’s new and how it’s all connected?
Reconnaissance of Virtio: What’s new and how it’s all connected?Reconnaissance of Virtio: What’s new and how it’s all connected?
Reconnaissance of Virtio: What’s new and how it’s all connected?
Samsung Open Source Group
 
Analysis of Open-Source Drivers for IEEE 802.11 WLANs
Analysis of Open-Source Drivers for IEEE 802.11 WLANsAnalysis of Open-Source Drivers for IEEE 802.11 WLANs
Analysis of Open-Source Drivers for IEEE 802.11 WLANsDanh Nguyen
 
Fun with Network Interfaces
Fun with Network InterfacesFun with Network Interfaces
Fun with Network Interfaces
Kernel TLV
 
The linux networking architecture
The linux networking architectureThe linux networking architecture
The linux networking architecturehugo lu
 
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi SubsystemTutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
Dheryta Jaisinghani
 
Linux dma engine
Linux dma engineLinux dma engine
Linux dma engine
pradeep_tewani
 
Linux Kernel MMC Storage driver Overview
Linux Kernel MMC Storage driver OverviewLinux Kernel MMC Storage driver Overview
Linux Kernel MMC Storage driver Overview
RajKumar Rampelli
 
Embedded linux network device driver development
Embedded linux network device driver developmentEmbedded linux network device driver development
Embedded linux network device driver development
Amr Ali (ISTQB CTAL Full, CSM, ITIL Foundation)
 
Linux device drivers
Linux device drivers Linux device drivers
Linux device drivers
Emertxe Information Technologies Pvt Ltd
 
Part 01 Linux Kernel Compilation (Ubuntu)
Part 01 Linux Kernel Compilation (Ubuntu)Part 01 Linux Kernel Compilation (Ubuntu)
Part 01 Linux Kernel Compilation (Ubuntu)
Tushar B Kute
 
Linux Internals - Part I
Linux Internals - Part ILinux Internals - Part I
Linux Internals - Part I
Emertxe Information Technologies Pvt Ltd
 
Dpdk applications
Dpdk applicationsDpdk applications
Dpdk applications
Vipin Varghese
 
Linux Initialization Process (2)
Linux Initialization Process (2)Linux Initialization Process (2)
Linux Initialization Process (2)
shimosawa
 
Linux Kernel - Virtual File System
Linux Kernel - Virtual File SystemLinux Kernel - Virtual File System
Linux Kernel - Virtual File System
Adrian Huang
 
Understanding iptables
Understanding iptablesUnderstanding iptables
Understanding iptables
Denys Haryachyy
 
DPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet ProcessingDPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet Processing
Michelle Holley
 
Slab Allocator in Linux Kernel
Slab Allocator in Linux KernelSlab Allocator in Linux Kernel
Slab Allocator in Linux Kernel
Adrian Huang
 
ACPI Debugging from Linux Kernel
ACPI Debugging from Linux KernelACPI Debugging from Linux Kernel
ACPI Debugging from Linux Kernel
SUSE Labs Taipei
 
Introduction to DPDK
Introduction to DPDKIntroduction to DPDK
Introduction to DPDK
Kernel TLV
 
Modern Linux Tracing Landscape
Modern Linux Tracing LandscapeModern Linux Tracing Landscape
Modern Linux Tracing Landscape
Kernel TLV
 

More Related Content

What's hot

Jagan Teki - U-boot from scratch
Jagan Teki - U-boot from scratchJagan Teki - U-boot from scratch
Jagan Teki - U-boot from scratch
linuxlab_conf
 
Reconnaissance of Virtio: What’s new and how it’s all connected?
Reconnaissance of Virtio: What’s new and how it’s all connected?Reconnaissance of Virtio: What’s new and how it’s all connected?
Reconnaissance of Virtio: What’s new and how it’s all connected?
Samsung Open Source Group
 
Analysis of Open-Source Drivers for IEEE 802.11 WLANs
Analysis of Open-Source Drivers for IEEE 802.11 WLANsAnalysis of Open-Source Drivers for IEEE 802.11 WLANs
Analysis of Open-Source Drivers for IEEE 802.11 WLANsDanh Nguyen
 
Fun with Network Interfaces
Fun with Network InterfacesFun with Network Interfaces
Fun with Network Interfaces
Kernel TLV
 
The linux networking architecture
The linux networking architectureThe linux networking architecture
The linux networking architecturehugo lu
 
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi SubsystemTutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
Dheryta Jaisinghani
 
Linux dma engine
Linux dma engineLinux dma engine
Linux dma engine
pradeep_tewani
 
Linux Kernel MMC Storage driver Overview
Linux Kernel MMC Storage driver OverviewLinux Kernel MMC Storage driver Overview
Linux Kernel MMC Storage driver Overview
RajKumar Rampelli
 
Embedded linux network device driver development
Embedded linux network device driver developmentEmbedded linux network device driver development
Embedded linux network device driver development
Amr Ali (ISTQB CTAL Full, CSM, ITIL Foundation)
 
Linux device drivers
Linux device drivers Linux device drivers
Linux device drivers
Emertxe Information Technologies Pvt Ltd
 
Part 01 Linux Kernel Compilation (Ubuntu)
Part 01 Linux Kernel Compilation (Ubuntu)Part 01 Linux Kernel Compilation (Ubuntu)
Part 01 Linux Kernel Compilation (Ubuntu)
Tushar B Kute
 
Linux Internals - Part I
Linux Internals - Part ILinux Internals - Part I
Linux Internals - Part I
Emertxe Information Technologies Pvt Ltd
 
Dpdk applications
Dpdk applicationsDpdk applications
Dpdk applications
Vipin Varghese
 
Linux Initialization Process (2)
Linux Initialization Process (2)Linux Initialization Process (2)
Linux Initialization Process (2)
shimosawa
 
Linux Kernel - Virtual File System
Linux Kernel - Virtual File SystemLinux Kernel - Virtual File System
Linux Kernel - Virtual File System
Adrian Huang
 
Understanding iptables
Understanding iptablesUnderstanding iptables
Understanding iptables
Denys Haryachyy
 
DPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet ProcessingDPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet Processing
Michelle Holley
 
Slab Allocator in Linux Kernel
Slab Allocator in Linux KernelSlab Allocator in Linux Kernel
Slab Allocator in Linux Kernel
Adrian Huang
 
ACPI Debugging from Linux Kernel
ACPI Debugging from Linux KernelACPI Debugging from Linux Kernel
ACPI Debugging from Linux Kernel
SUSE Labs Taipei
 

What's hot (20)

Basic Linux Internals
Basic Linux InternalsBasic Linux Internals
Basic Linux Internals
 
Jagan Teki - U-boot from scratch
Jagan Teki - U-boot from scratchJagan Teki - U-boot from scratch
Jagan Teki - U-boot from scratch
 
Reconnaissance of Virtio: What’s new and how it’s all connected?
Reconnaissance of Virtio: What’s new and how it’s all connected?Reconnaissance of Virtio: What’s new and how it’s all connected?
Reconnaissance of Virtio: What’s new and how it’s all connected?
 
Analysis of Open-Source Drivers for IEEE 802.11 WLANs
Analysis of Open-Source Drivers for IEEE 802.11 WLANsAnalysis of Open-Source Drivers for IEEE 802.11 WLANs
Analysis of Open-Source Drivers for IEEE 802.11 WLANs
 
Fun with Network Interfaces
Fun with Network InterfacesFun with Network Interfaces
Fun with Network Interfaces
 
The linux networking architecture
The linux networking architectureThe linux networking architecture
The linux networking architecture
 
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi SubsystemTutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
Tutorial WiFi driver code - Opening Nuts and Bolts of Linux WiFi Subsystem
 
Linux dma engine
Linux dma engineLinux dma engine
Linux dma engine
 
Linux Kernel MMC Storage driver Overview
Linux Kernel MMC Storage driver OverviewLinux Kernel MMC Storage driver Overview
Linux Kernel MMC Storage driver Overview
 
Embedded linux network device driver development
Embedded linux network device driver developmentEmbedded linux network device driver development
Embedded linux network device driver development
 
Linux device drivers
Linux device drivers Linux device drivers
Linux device drivers
 
Part 01 Linux Kernel Compilation (Ubuntu)
Part 01 Linux Kernel Compilation (Ubuntu)Part 01 Linux Kernel Compilation (Ubuntu)
Part 01 Linux Kernel Compilation (Ubuntu)
 
Linux Internals - Part I
Linux Internals - Part ILinux Internals - Part I
Linux Internals - Part I
 
Dpdk applications
Dpdk applicationsDpdk applications
Dpdk applications
 
Linux Initialization Process (2)
Linux Initialization Process (2)Linux Initialization Process (2)
Linux Initialization Process (2)
 
Linux Kernel - Virtual File System
Linux Kernel - Virtual File SystemLinux Kernel - Virtual File System
Linux Kernel - Virtual File System
 
Understanding iptables
Understanding iptablesUnderstanding iptables
Understanding iptables
 
DPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet ProcessingDPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet Processing
 
Slab Allocator in Linux Kernel
Slab Allocator in Linux KernelSlab Allocator in Linux Kernel
Slab Allocator in Linux Kernel
 
ACPI Debugging from Linux Kernel
ACPI Debugging from Linux KernelACPI Debugging from Linux Kernel
ACPI Debugging from Linux Kernel
 

Viewers also liked

Introduction to DPDK
Introduction to DPDKIntroduction to DPDK
Introduction to DPDK
Kernel TLV
 
Modern Linux Tracing Landscape
Modern Linux Tracing LandscapeModern Linux Tracing Landscape
Modern Linux Tracing Landscape
Kernel TLV
 
Linux Kernel Cryptographic API and Use Cases
Linux Kernel Cryptographic API and Use CasesLinux Kernel Cryptographic API and Use Cases
Linux Kernel Cryptographic API and Use Cases
Kernel TLV
 
Userfaultfd and Post-Copy Migration
Userfaultfd and Post-Copy MigrationUserfaultfd and Post-Copy Migration
Userfaultfd and Post-Copy Migration
Kernel TLV
 
WiFi and the Beast
WiFi and the BeastWiFi and the Beast
WiFi and the Beast
Kernel TLV
 
grsecurity and PaX
grsecurity and PaXgrsecurity and PaX
grsecurity and PaX
Kernel TLV
 
Windows Internals for Linux Kernel Developers
Windows Internals for Linux Kernel DevelopersWindows Internals for Linux Kernel Developers
Windows Internals for Linux Kernel Developers
Kernel TLV
 
Linux Locking Mechanisms
Linux Locking MechanismsLinux Locking Mechanisms
Linux Locking Mechanisms
Kernel TLV
 
Specializing the Data Path - Hooking into the Linux Network Stack
Specializing the Data Path - Hooking into the Linux Network StackSpecializing the Data Path - Hooking into the Linux Network Stack
Specializing the Data Path - Hooking into the Linux Network Stack
Kernel TLV
 
Hardware Probing in the Linux Kernel
Hardware Probing in the Linux KernelHardware Probing in the Linux Kernel
Hardware Probing in the Linux Kernel
Kernel TLV
 
High Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux KernelHigh Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux Kernel
Kernel TLV
 
Linux Interrupts
Linux InterruptsLinux Interrupts
Linux Interrupts
Kernel TLV
 
FD.IO Vector Packet Processing
FD.IO Vector Packet ProcessingFD.IO Vector Packet Processing
FD.IO Vector Packet Processing
Kernel TLV
 
Switchdev - No More SDK
Switchdev - No More SDKSwitchdev - No More SDK
Switchdev - No More SDK
Kernel TLV
 
Linux Kernel Init Process
Linux Kernel Init ProcessLinux Kernel Init Process
Linux Kernel Init Process
Kernel TLV
 
Berkeley Packet Filters
Berkeley Packet FiltersBerkeley Packet Filters
Berkeley Packet Filters
Kernel TLV
 
Linux Security Overview
Linux Security OverviewLinux Security Overview
Linux Security Overview
Kernel TLV
 
Denial of Service Mitigation Tactics in FreeBSD
Denial of Service Mitigation Tactics in FreeBSDDenial of Service Mitigation Tactics in FreeBSD
Denial of Service Mitigation Tactics in FreeBSD
Steven Kreuzer
 
Rewriting the Rules for DDoS Protection in 2015
Rewriting the Rules for DDoS Protection in 2015Rewriting the Rules for DDoS Protection in 2015
Rewriting the Rules for DDoS Protection in 2015
Stephanie Weagle
 
Introduction to RCU
Introduction to RCUIntroduction to RCU
Introduction to RCU
Kernel TLV
 

Viewers also liked (20)

Introduction to DPDK
Introduction to DPDKIntroduction to DPDK
Introduction to DPDK
 
Modern Linux Tracing Landscape
Modern Linux Tracing LandscapeModern Linux Tracing Landscape
Modern Linux Tracing Landscape
 
Linux Kernel Cryptographic API and Use Cases
Linux Kernel Cryptographic API and Use CasesLinux Kernel Cryptographic API and Use Cases
Linux Kernel Cryptographic API and Use Cases
 
Userfaultfd and Post-Copy Migration
Userfaultfd and Post-Copy MigrationUserfaultfd and Post-Copy Migration
Userfaultfd and Post-Copy Migration
 
WiFi and the Beast
WiFi and the BeastWiFi and the Beast
WiFi and the Beast
 
grsecurity and PaX
grsecurity and PaXgrsecurity and PaX
grsecurity and PaX
 
Windows Internals for Linux Kernel Developers
Windows Internals for Linux Kernel DevelopersWindows Internals for Linux Kernel Developers
Windows Internals for Linux Kernel Developers
 
Linux Locking Mechanisms
Linux Locking MechanismsLinux Locking Mechanisms
Linux Locking Mechanisms
 
Specializing the Data Path - Hooking into the Linux Network Stack
Specializing the Data Path - Hooking into the Linux Network StackSpecializing the Data Path - Hooking into the Linux Network Stack
Specializing the Data Path - Hooking into the Linux Network Stack
 
Hardware Probing in the Linux Kernel
Hardware Probing in the Linux KernelHardware Probing in the Linux Kernel
Hardware Probing in the Linux Kernel
 
High Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux KernelHigh Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux Kernel
 
Linux Interrupts
Linux InterruptsLinux Interrupts
Linux Interrupts
 
FD.IO Vector Packet Processing
FD.IO Vector Packet ProcessingFD.IO Vector Packet Processing
FD.IO Vector Packet Processing
 
Switchdev - No More SDK
Switchdev - No More SDKSwitchdev - No More SDK
Switchdev - No More SDK
 
Linux Kernel Init Process
Linux Kernel Init ProcessLinux Kernel Init Process
Linux Kernel Init Process
 
Berkeley Packet Filters
Berkeley Packet FiltersBerkeley Packet Filters
Berkeley Packet Filters
 
Linux Security Overview
Linux Security OverviewLinux Security Overview
Linux Security Overview
 
Denial of Service Mitigation Tactics in FreeBSD
Denial of Service Mitigation Tactics in FreeBSDDenial of Service Mitigation Tactics in FreeBSD
Denial of Service Mitigation Tactics in FreeBSD
 
Rewriting the Rules for DDoS Protection in 2015
Rewriting the Rules for DDoS Protection in 2015Rewriting the Rules for DDoS Protection in 2015
Rewriting the Rules for DDoS Protection in 2015
 
Introduction to RCU
Introduction to RCUIntroduction to RCU
Introduction to RCU
 

Similar to FreeBSD and Drivers

Linuxdd[1]
Linuxdd[1]Linuxdd[1]
Linuxdd[1]mcganesh
 
Linux Kernel Debugging
Linux Kernel DebuggingLinux Kernel Debugging
Linux Kernel Debugging
GlobalLogic Ukraine
 
Fun with FUSE
Fun with FUSEFun with FUSE
Fun with FUSE
Kernel TLV
 
Linux kernel tracing superpowers in the cloud
Linux kernel tracing superpowers in the cloudLinux kernel tracing superpowers in the cloud
Linux kernel tracing superpowers in the cloud
Andrea Righi
 
Char Drivers And Debugging Techniques
Char Drivers And Debugging TechniquesChar Drivers And Debugging Techniques
Char Drivers And Debugging Techniques
YourHelper1
 
Linux kernel modules
Linux kernel modulesLinux kernel modules
Linux kernel modules
Eddy Reyes
 
Kernel Recipes 2014 - What I’m forgetting when designing a new userspace inte...
Kernel Recipes 2014 - What I’m forgetting when designing a new userspace inte...Kernel Recipes 2014 - What I’m forgetting when designing a new userspace inte...
Kernel Recipes 2014 - What I’m forgetting when designing a new userspace inte...
Anne Nicolas
 
Grub and dracut ii
Grub and dracut iiGrub and dracut ii
Grub and dracut ii
plarsen67
 
A million ways to provision embedded linux devices
A million ways to provision embedded linux devicesA million ways to provision embedded linux devices
A million ways to provision embedded linux devices
Mender.io
 
Linux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compactLinux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compact
Alessandro Selli
 
U-Boot presentation 2013
U-Boot presentation 2013U-Boot presentation 2013
U-Boot presentation 2013
Wave Digitech
 
Auditing the Opensource Kernels
Auditing the Opensource KernelsAuditing the Opensource Kernels
Auditing the Opensource KernelsSilvio Cesare
 
Description of GRUB 2
Description of GRUB 2Description of GRUB 2
Description of GRUB 2
iamumr
 
Linux kernel modules
Linux kernel modulesLinux kernel modules
Linux kernel modules
Dheryta Jaisinghani
 
Exploitation of counter overflows in the Linux kernel
Exploitation of counter overflows in the Linux kernelExploitation of counter overflows in the Linux kernel
Exploitation of counter overflows in the Linux kernel
Vitaly Nikolenko
 
Linux kernel driver tutorial vorlesung
Linux kernel driver tutorial vorlesungLinux kernel driver tutorial vorlesung
Linux kernel driver tutorial vorlesungdns -
 
Kernel entrance to-geek-
Kernel entrance to-geek-Kernel entrance to-geek-
Kernel entrance to-geek-
mao999
 

Similar to FreeBSD and Drivers (20)

Driver_linux
Driver_linuxDriver_linux
Driver_linux
 
Linuxdd[1]
Linuxdd[1]Linuxdd[1]
Linuxdd[1]
 
Linux Kernel Debugging
Linux Kernel DebuggingLinux Kernel Debugging
Linux Kernel Debugging
 
Fun with FUSE
Fun with FUSEFun with FUSE
Fun with FUSE
 
Linux
LinuxLinux
Linux
 
Linux kernel tracing superpowers in the cloud
Linux kernel tracing superpowers in the cloudLinux kernel tracing superpowers in the cloud
Linux kernel tracing superpowers in the cloud
 
Char Drivers And Debugging Techniques
Char Drivers And Debugging TechniquesChar Drivers And Debugging Techniques
Char Drivers And Debugging Techniques
 
Linux kernel modules
Linux kernel modulesLinux kernel modules
Linux kernel modules
 
Kernel Recipes 2014 - What I’m forgetting when designing a new userspace inte...
Kernel Recipes 2014 - What I’m forgetting when designing a new userspace inte...Kernel Recipes 2014 - What I’m forgetting when designing a new userspace inte...
Kernel Recipes 2014 - What I’m forgetting when designing a new userspace inte...
 
Grub and dracut ii
Grub and dracut iiGrub and dracut ii
Grub and dracut ii
 
A million ways to provision embedded linux devices
A million ways to provision embedded linux devicesA million ways to provision embedded linux devices
A million ways to provision embedded linux devices
 
Linux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compactLinux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compact
 
U-Boot presentation 2013
U-Boot presentation 2013U-Boot presentation 2013
U-Boot presentation 2013
 
Auditing the Opensource Kernels
Auditing the Opensource KernelsAuditing the Opensource Kernels
Auditing the Opensource Kernels
 
Description of GRUB 2
Description of GRUB 2Description of GRUB 2
Description of GRUB 2
 
Linux kernel modules
Linux kernel modulesLinux kernel modules
Linux kernel modules
 
Writing MySQL UDFs
Writing MySQL UDFsWriting MySQL UDFs
Writing MySQL UDFs
 
Exploitation of counter overflows in the Linux kernel
Exploitation of counter overflows in the Linux kernelExploitation of counter overflows in the Linux kernel
Exploitation of counter overflows in the Linux kernel
 
Linux kernel driver tutorial vorlesung
Linux kernel driver tutorial vorlesungLinux kernel driver tutorial vorlesung
Linux kernel driver tutorial vorlesung
 
Kernel entrance to-geek-
Kernel entrance to-geek-Kernel entrance to-geek-
Kernel entrance to-geek-
 

More from Kernel TLV

DPDK In Depth
DPDK In DepthDPDK In Depth
DPDK In Depth
Kernel TLV
 
Building Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCCBuilding Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCC
Kernel TLV
 
SGX Trusted Execution Environment
SGX Trusted Execution EnvironmentSGX Trusted Execution Environment
SGX Trusted Execution Environment
Kernel TLV
 
Kernel Proc Connector and Containers
Kernel Proc Connector and ContainersKernel Proc Connector and Containers
Kernel Proc Connector and Containers
Kernel TLV
 
Bypassing ASLR Exploiting CVE 2015-7545
Bypassing ASLR Exploiting CVE 2015-7545Bypassing ASLR Exploiting CVE 2015-7545
Bypassing ASLR Exploiting CVE 2015-7545
Kernel TLV
 
Present Absence of Linux Filesystem Security
Present Absence of Linux Filesystem SecurityPresent Absence of Linux Filesystem Security
Present Absence of Linux Filesystem Security
Kernel TLV
 
OpenWrt From Top to Bottom
OpenWrt From Top to BottomOpenWrt From Top to Bottom
OpenWrt From Top to Bottom
Kernel TLV
 
Make Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance ToolsMake Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance Tools
Kernel TLV
 
Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...
Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...
Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...
Kernel TLV
 
File Systems: Why, How and Where
File Systems: Why, How and WhereFile Systems: Why, How and Where
File Systems: Why, How and Where
Kernel TLV
 
netfilter and iptables
netfilter and iptablesnetfilter and iptables
netfilter and iptables
Kernel TLV
 
KernelTLV Speaker Guidelines
KernelTLV Speaker GuidelinesKernelTLV Speaker Guidelines
KernelTLV Speaker Guidelines
Kernel TLV
 
Userfaultfd: Current Features, Limitations and Future Development
Userfaultfd: Current Features, Limitations and Future DevelopmentUserfaultfd: Current Features, Limitations and Future Development
Userfaultfd: Current Features, Limitations and Future Development
Kernel TLV
 
The Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageThe Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast Storage
Kernel TLV
 
DMA Survival Guide
DMA Survival GuideDMA Survival Guide
DMA Survival Guide
Kernel TLV
 

More from Kernel TLV (15)

DPDK In Depth
DPDK In DepthDPDK In Depth
DPDK In Depth
 
Building Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCCBuilding Network Functions with eBPF & BCC
Building Network Functions with eBPF & BCC
 
SGX Trusted Execution Environment
SGX Trusted Execution EnvironmentSGX Trusted Execution Environment
SGX Trusted Execution Environment
 
Kernel Proc Connector and Containers
Kernel Proc Connector and ContainersKernel Proc Connector and Containers
Kernel Proc Connector and Containers
 
Bypassing ASLR Exploiting CVE 2015-7545
Bypassing ASLR Exploiting CVE 2015-7545Bypassing ASLR Exploiting CVE 2015-7545
Bypassing ASLR Exploiting CVE 2015-7545
 
Present Absence of Linux Filesystem Security
Present Absence of Linux Filesystem SecurityPresent Absence of Linux Filesystem Security
Present Absence of Linux Filesystem Security
 
OpenWrt From Top to Bottom
OpenWrt From Top to BottomOpenWrt From Top to Bottom
OpenWrt From Top to Bottom
 
Make Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance ToolsMake Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance Tools
 
Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...
Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...
Emerging Persistent Memory Hardware and ZUFS - PM-based File Systems in User ...
 
File Systems: Why, How and Where
File Systems: Why, How and WhereFile Systems: Why, How and Where
File Systems: Why, How and Where
 
netfilter and iptables
netfilter and iptablesnetfilter and iptables
netfilter and iptables
 
KernelTLV Speaker Guidelines
KernelTLV Speaker GuidelinesKernelTLV Speaker Guidelines
KernelTLV Speaker Guidelines
 
Userfaultfd: Current Features, Limitations and Future Development
Userfaultfd: Current Features, Limitations and Future DevelopmentUserfaultfd: Current Features, Limitations and Future Development
Userfaultfd: Current Features, Limitations and Future Development
 
The Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageThe Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast Storage
 
DMA Survival Guide
DMA Survival GuideDMA Survival Guide
DMA Survival Guide
 

Recently uploaded

Into the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdfInto the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdf
Ortus Solutions, Corp
 
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
informapgpstrackings
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
wottaspaceseo
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Globus
 
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?
XfilesPro
 
How to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good PracticesHow to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good Practices
Globus
 
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Shahin Sheidaei
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
Georgi Kodinov
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
Globus
 
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.ILBeyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Natan Silnitsky
 
A Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdfA Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdf
kalichargn70th171
 
GlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote sessionGlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote session
Globus
 
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
Tier1 app
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus
 
Designing for Privacy in Amazon Web Services
Designing for Privacy in Amazon Web ServicesDesigning for Privacy in Amazon Web Services
Designing for Privacy in Amazon Web Services
KrzysztofKkol1
 
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Anthony Dahanne
 
Explore Modern SharePoint Templates for 2024
Explore Modern SharePoint Templates for 2024Explore Modern SharePoint Templates for 2024
Explore Modern SharePoint Templates for 2024
Sharepoint Designs
 

Recently uploaded (20)

Into the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdfInto the Box 2024 - Keynote Day 2 Slides.pdf
Into the Box 2024 - Keynote Day 2 Slides.pdf
 
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
How Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptxHow Recreation Management Software Can Streamline Your Operations.pptx
How Recreation Management Software Can Streamline Your Operations.pptx
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
 
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?
 
How to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good PracticesHow to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good Practices
 
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
 
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.ILBeyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
 
A Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdfA Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdf
 
GlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote sessionGlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote session
 
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
 
Designing for Privacy in Amazon Web Services
Designing for Privacy in Amazon Web ServicesDesigning for Privacy in Amazon Web Services
Designing for Privacy in Amazon Web Services
 
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
 
Explore Modern SharePoint Templates for 2024
Explore Modern SharePoint Templates for 2024Explore Modern SharePoint Templates for 2024
Explore Modern SharePoint Templates for 2024
 

FreeBSD and Drivers

  • 1. FreeBSD and Drivers Gili Yankovitch, Nyx Software Security Solutions
  • 2. Key Points ● What is FreeBSD? ● FreeBSD Drivers: How to create, compile and run a driver. ● Char devices ● Network Hooking ○ L3 ○ L2 ● Interaction with the network stack
  • 3. What is FreeBSD? ● “FreeBSD is a free UNIX-like operating system descended from Research Unix via the Berkeley Software Distribution (BSD).” - Wikipedia ● The BSD Project was founded in 1976 by Bill Joy. ● Contained code written by AT&T (Who later sued people related to BSD) ● In 1993 the first FreeBSD distribution was released. ○ Two years AFTER the Linux Kernel was founded.
  • 4. What is FreeBSD? ● https://www.freebsd.org/ ● Unlike Linux, it comes with a lot of user mode tools ● Doesn’t come in many flavours (distributions) ● Supported architectures: amd64, i386, ia64, powerpc, powerpc64, sparc64, mips, armv6, aarch64. ● Unfortunately, lacks a lot of features implemented in Linux. ○ Namespaces, Good L2 hooking (yay -_-) and more… ● It is very unfortunate but there is very little documentation on FreeBSD on the internet. :( ○ This means that if you are stuck, you need to deal with it on your own. ■ True story.
  • 5. How to get FreeBSD ● Download ○ https://www.freebsd.org/where.html ● Git: ○ https://github.com/freebsd ■ Yes they use GitHub. ● On a FreeBSD system, the sources are usually at: ○ /usr/src/sys/
  • 6. Folder Structure ● In contrast to Linux, FreeBSD has a lot of folders in its root directory. ○ kern/ - Core kernel implementation. ○ libkern/ - Core kernel libraries (printf, uprintf, strcpy etc…). ○ fs/ - File systems implementation. ○ net/ netinet/ - Core net and Inet implementation. ○ sys/ - Include directory. Contains a lot of *.h files. ○ amd64/ arm/ mips/ … - Architecture specific sources. ○ modules/ dev/ - Drivers. ○ ...
  • 7. First And Foremost - Prints! ● There are two types of prints from the kernel: ○ printf ○ uprintf ● Both appear in dmesg ● uprintf prints to your current console ● printf prints to tty0
  • 9. Compiling Our First Driver static int nethook_loader (struct module *m, int what, void *arg) { int err = 0; switch (what) { case MOD_LOAD : /* kldload */ uprintf ("Nethook KLD loaded. n"); break; case MOD_UNLOAD : uprintf ("Nethook KLD unloaded. n"); break; } return err; } static moduledata_t nethook_mod = { "nethook", nethook_loader , NULL }; DECLARE_MODULE (nethook, nethook_mod , SI_SUB_KLD , SI_ORDER_ANY ); nethook.c Don’t return anything different than 0! Different value will prevent you from unloading the module!!
  • 10. Compiling Our First Driver ● Yep. That simple. SRCS=nethook.c KMOD=nethook .include <bsd.kmod.mk> Makefile
  • 11. Running the Driver ● Just like Linux, we need to inject it to the Kernel: $ kldload ./nethook.ko $ kldunload ./nethook.ko $ kldstat ● Removing from Kernel: ● Modules list:
  • 12. Creating A Char Device ● This actually has a very good tutorial: ○ https://www.freebsd.org/doc/en/books/arch-handbook/driverbasics-char.html ● But here’s the snippets anyhow: ○ Create a struct with function pointers to read, write, open, close. ■ ioctl seems to fail with this method... /* Character device entry points */ static struct cdevsw echo_cdevsw = { .d_version = D_VERSION , .d_open = echo_open , .d_close = echo_close , .d_read = echo_read , .d_write = echo_write , .d_name = "echo", }; ● Just like Linux...
  • 13. Creating A Char Device ● Then all you need to do is register: static struct cdev *echo_dev ; static int nethook_loader (struct module *m, int what, void *arg) { ... error = make_dev_p (MAKEDEV_CHECKNAME | MAKEDEV_WAITOK , &echo_dev , &echo_cdevsw , 0, UID_ROOT , GID_WHEEL , 0600, "echo"); … } Char Device Kernel Object Pointer to File Operations Owner UID of File System Node Owner GID of File System Node File System Node Permissions Name of File System Node
  • 14. Creating A Char Device ● Read operation ● Note the struct uio: ○ uio_resid - Space left in buffer sent from user mode (read length usually) ○ uio_offset - Current write offset ● uio knows whether it’s a read or a write depending on current action. ○ Here uiomove() writes from kernel buffer to user mode buffer. static int echo_read (struct cdev *dev __unused , struct uio *uio, int ioflag __unused ) { size_t amt; int error; amt = MIN(uio->uio_resid , uio->uio_offset >= echomsg ->len + 1 ? 0 : echomsg ->len + 1 - uio->uio_offset ); if ((error = uiomove (echomsg->msg, amt, uio)) != 0) uprintf("uiomove failed! n"); return (error); }
  • 15. Creating A Char Device ● Corresponding write(). static int echo_write (struct cdev *dev __unused , struct uio *uio, int ioflag __unused ) { size_t amt; int error; if (uio->uio_offset != 0 && (uio->uio_offset != echomsg ->len)) return (EINVAL); /* Copy the string in from user memory to kernel memory */ amt = MIN(uio->uio_resid , (BUFFERSIZE - echomsg ->len)); error = uiomove (echomsg->msg + uio->uio_offset , amt, uio); if (error != 0) uprintf("Write failed: bad address! n"); return (error); }
  • 16. Networking ● DISCLAIMER: ○ Before you begin to build your own network driver, be absolutely sure you understand the below. ● OK lets continue...
  • 18. Networking ● Just like Linux has its skb structure, FreeBSD has a basic buffer system ● It’s called: mbuf ● mbufs are buffer chains of size 256 ○ Larger buffers are possible in an mbuf cluster but unfortunately usually it’s not the case. ● When you get a packet larger than 256 bytes, you get an mbuf chain ● Mellanox created a module called OFED to help port drivers from Linux to Freebsd. ○ It’s a great place to start learning about networking in FreeBSD. ○ Unfortunately it lacks a HELL LOT of functionality sometimes needed.
  • 19. Meet struct mbuf ● Yeah I know it’s weird and complicated. ○ Our interest is in m_hdr and in m_dat.M_databuf (Which means a normal packet) struct mbuf { struct m_hdr m_hdr ; union { struct { struct pkthdr MH_pkthdr ; /* M_PKTHDR set */ union { struct m_ext MH_ext ; /* M_EXT set */ char MH_databuf [MHLEN]; } MH_dat; } MH; char M_databuf [MLEN]; /* !M_PKTHDR, !M_EXT */ } M_dat; }; /sys/mbuf.h
  • 20. Meet struct m_hdr ● mh_next - Already mentioned this is an mbuf chain ● mh_nextpkt - mbufs provide us with a linked-list of packets storage place. ● mh_data - Pointer to beginning of data within the data buffer ● mh_len - Length of data in this mbuf struct m_hdr { struct mbuf *mh_next; /* next buffer in chain */ struct mbuf *mh_nextpkt ; /* next chain in queue/record */ caddr_t mh_data ; /* location of data */ int32_t mh_len ; /* amount of data in this mbuf */ uint32_t mh_type :8, /* type of data in this mbuf */ mh_flags :24; /* flags; see below */ #if !defined(__LP64__ ) uint32_t mh_pad ; /* pad for 64bit alignment */ #endif }; /sys/mbuf.h
  • 22. Whatever you do, do NOT access these directly! ● Seriously. For everything you need there’s a function. ● When in doubt, see man mbuf (9). ● mbuf function names are non indicative, so I’ll explain a few here:
  • 23. Allocating and freeing buffers ● m_get(int how, int type) - Allocates a new mbuf and sets its type. ● m_free(struct mbuf *m) - Frees a single mbuf. ● m_freem(struct mbuf *m) - Frees an entire mbuf chain. ● m_dup(struct mbuf *m, int how) - Duplicates an entire mbuf. ● m_copym(struct mbuf *mbuf, int offset, int len, int how) - Copy only a portion of the mbuf to a new mbuf chain. ● m_copydata(const struct mbuf *mbuf, int offset, int len, caddr_t buf) - Copy the mbuf data to a different buffer. ● m_length(struct mbuf *m, struct mbuf ** last) - Returns the entire mbuf chain length (in bytes).
  • 24. Shorten or Lengthen the Buffer ● m_adj(struct mbuf *m, int len) - Shorten the buffer from the beginning. mbuf aaaaa mbuf mh_data mh_next mbuf mh_len mh_lenmh_len mbuf mh_data void shorten_my_mbuf (struct mbuf *m) { m_adj (m); } m is stillpointing to the firstm buf!!
  • 25. Shorten or Lengthen the Buffer ● m_prepend(struct mbuf *m, int len, int how) - Prepend len bytes in te beginning. mbuf aaaaa mbuf mh_data mh_next mh_len mh_len mbuf aaaaa mh_next mh_data mh_data mh_len mh_len mbuf
  • 26. Accessing data ● Because mbufs are divided to 256-bytes parts, header might fall between two mbufs. ● Accessing the header linearly might cause an unexpected behaviour. mbuf aaaaa mbufhea der Write.. OVERFLOW... ● NEVER access directly, or before using this: ● m_pulldown(struct mbuf *mbuf, int offset, int len, int *offsetp) mbuf aaaaa mbufhea dermbuf a mbufheader Might allocate a new mbuf
  • 27. Interfaces ● Interfaces in FreeBSD are represented by struct ifnet struct ifnet { struct vnet *if_vnet; /* pointer to network stack instance */ TAILQ_ENTRY (ifnet) if_link ; /* all struct ifnets are chained */ ... char if_xname [IFNAMSIZ ]; /* external name (name + unit) */ ... struct ifaddrhead if_addrhead ; /* linked list of addresses per if */ ... u_short if_index ; /* numeric abbreviation for this if */ int (*if_output ) /* output routine (enqueue) */ (struct ifnet *, struct mbuf *, const struct sockaddr *, struct route *); void (*if_input ) /* input routine (from h/w driver) */ (struct ifnet *, struct mbuf *); … void (*if_transmit ) /* initiate output routine */ (struct ifnet *, struct mbuf *); u_int if_fib ; /* interface FIB */ ... }; /net/if_var.h
  • 28. L3 Hooking ● Just like Linux has netfilter, FreeBSD has a framework called pfil ● It enables to create a list of filters for both IN and OUT packets. ● Unlike Linux, pfil allows hooking in only one place for incoming and outgoing packets.
  • 29. L3 Hooking ● Hooking is easy. Use: struct pfil_head *pfh_inet ; /* Initializing L3 Hooking */ if (!(pfh_inet = pfil_head_get (PFIL_TYPE_AF , AF_INET ))) { uprintf ("Failed getting packet filter head n"); return ESRCH; } pfil_add_hook(in_filter, NULL, PFIL_IN | PFIL_WAITOK, pfh_inet); static int in_filter(void *arg, struct mbuf **m, struct ifnet *ifp, int dir, struct inpcb *inp) ● Then, register the callback: ● Hook signature:
  • 30. The L2-L3 Input Stack Driver ifp->if_input() ether_input_internal BPF LAGG ng_ether Bridging Hooks ether_demuxVLAN Handlingvlan_input_p() IP: ip_input() IPv6 ARP: arpintr() ATALK AARP pfil_run_hooks() PFil
  • 31. The L2-L3 Input Stack Driver ip_output pfil_run_hooks() if_output() ether_output Bridge ng_ether PFil Hooks ifp->if_transmit()
  • 32. L2 Hooking ● Apparently, it’s not as trivial hooking to the network stack in L2 ● For example, in order to make Libpcap work, NIC drivers need to explicitly call Libpcap kernel hooks to redirect L2 flow to it. ● Suggested implementation in user mode: ○ BPF - Explained in previous lectures ○ Libpcap - Explained above ○ Nethook - Memory-mapping based network handling. Exists in both Linux, Windows and FreeBSD. ● Despite what is said above, you can use netgraph to attach to ng_ether. ○ There is a way to use it more easily. Source code will be uploaded later.
  • 33. ● DDB is the static kernel debugger. You can read about it here: ○ https://www.freebsd.org/cgi/man.cgi?ddb(4) ● Compile kernel with: ○ Options DDB ● Compiling the kernel: ○ Configs are in: ■ amd64/conf/GENERIC ■ Always copy GENERIC to a new file and edit it. Other useful tips $ cd /usr/src/ $ make buildkernel KERNCONF=GENERIC.MYCONF && make installkernel KERNCONF=GENERIC.MYCONF && shutdown -r now ● If kernel hangs, useful VirtualBox command (Opens DDB): $ VBoxManage debugvm <VM Name> injectnmi