Kernel Direct Memory Access (DMA) Protection is a Windows security feature that protects against external peripherals from gaining unauthorized access to memory. PCIe hot plug devices attach classes of external peripherals, including graphics cards, to their devices with the plug-and-play ease of USB. These devices are DMA-capable, and can access system memory and perform read and write operations without the need for the system processor’s involvement. This makes them susceptible to drive-by DMA attacks.
pre-boot DMA Protection enables equivalent DMA protection at the system BIOS level.
When DMA Protection is enabled
1. No devices can do DMA to the DMA protected device between BIOS POST complete and OS driver load.
2. During BIOS POST also the EFI device driver will make sure the device will work on a DMA remapped region.
3. Some OS will make sure the driver is loaded only when the system is unlocked.Drive-by DMA attacks are attacks that occur while the owner of the system isn’t present and usually take just a few minutes, with simple-to-moderate attacking tools (affordable, off-the-shelf hardware and software), that don’t require the disassembly of the device. In supply chain the attacker can install a temporary off-the-shelf hardware and exploit the system BIOS.
Tag: kernel
Nice matrix on Oracle Linux and UEK version support. Also a nice article who follows Oracle Linux versions and its support details.
Source: Oracle Linux and Unbreakable Enterprise Kernel (UEK) Releases
Nice tutorial on Linux kernel.
vm.min_free_kbytes setting allows kernel to compute a minimum value in the low memmory zone and reserve it for its own use.
To read the current value
[Fri Mar 24 15:18:05 root@system:~]$sysctl vm.min_free_kbytes
vm.min_free_kbytes = 1888
To set new value of 4MB. Based on your system requirement configure the value. Ideally 1.8% is good enough.
echo 4096 > /proc/sys/vm/min_free_kbytes
To configure permenantly on every reboot add the below entry to /etc/sysctl.conf
vm.min_free_kbytes=4096
RUST is a comparatively new programming language which emphasizes on security. Especially on memory related security like buffer overflow. Linux kernel is adopting drivers compiled with RUST in Linux kernel. Certainly we can see some RUST adoption in Linux kernel and other programming areas.
Linux 5.14 updates
removed the old IDE support.
Support for Rust programming language
mainline support for Raspbery pi 400
NVMeTCP optimizations.
Source: Linux kernel sheds legacy IDE support, but driver-dominated 5.14 rc1 still grows • The Register
With the DeviceTree addition for the Raspberry Pi 400. No kernel driver changes were needed since it’s basically very close to the Raspberry Pi 4 but the updated DTS configuration is needed for the 1.8GHz clock rate, a different WiFi chip, power off handling via GPIO, and no ACT LED on the 400 model.
Source: Linux 5.14 Mainline Should Work With The Raspberry Pi 400 – Phoronix