Muli Ben-Yehuda's journal

Current reading: Linux 2.6.x vsyscalls may be used as powerful attack vectors. The basic premise of this paper is that since each process has the vsyscall code mapped into its address space, and the vsyscall code is almost never changed, if you can figure a way to jmp to it from your shell code you can use various instructions there (or data bytes masquerading as instructions) to aid your shell code. Makes sense, and the usual solutions apply – for example, randomization of the vsyscall page.

Exterminate All Operating System Abstractions, by Dawson R. Engler et al. The authors describe it as “This is a flamy paper describing the philosophical underpinnings of the exokernel approach”.

It went fairly well. Wasn’t as technical as I wanted, but the audience survived. I’d say we had about the normal number of glazed-over looks, whereas I was shooting for total technical incomprehensibility.

Slides are available in the usual places, although IMHO you’re better off reading the originals.

Been buried in Xen all day working on the slides (they’ll be posted after the talk, after I’ve had a chance to correct all of the embarrassing mistakes). Surfacing now for a quick phone conference, and then I’m off to Haifux.

I’m writing the slides for the Xen talk I’ll be giving tomorrow at Haifux. For some reason, my heart is not in it. I noticed this when I realized that I’m constantly polling for interrupts – checking IRC, email, instant messages – anything to avoid writing these slides – including posting to livejournal 😉

I think I’ll take a break and write some code.

I woke up at 6 AM this morning for some unfathomable reason. Ate breakfast, read email (many thanks to everyone who sent their congratulations), and did a little morning workout in front of the n’th movie on “Muli’s motivational film shelf” – Commando, starring the one and only Arnold Schwarzenegger. The acting is laughable, but the muscles are to die for…

• We are hunting for a new place to call home for the next few
  years. Saw several, ruled out many more. Almost closed on one, but
  the realtor turned out to be a lying SOB. Interested in another one,
  provided the price comes down substantially. We’re not in a hurry,
  so we’re biding out time and waiting.

• New semester at school, not too busy so far. One math class, one
  CS class and one operating systems seminar. The math class is not
  too difficult, but definitely time consuming. The CS class –
  Networks A – is pretty simple stuff, and the OS seminar can rule my
  world, if I’ll just find time to work on it. Details to come as soon
  as I have it working – FSMinimalVO working. For those who have long
  memories, it has to do with my favorite Lisp
  OS and a certain virtualization environment.

• Work is great. We submitted a paper to SOSP 2005(!) on one of
  the projects I worked on last year, although we don’t think we have
  much of a chance (don’t tell the program committee). This is the
  first formal paper I’ve ever written, and the experience has been
  eye opening. Right now I’m working on an interesting OS related
  research project with an outstanding team. Too bad we’re still in
  stealth mode and I can’t say anything about it 🙂

• I’m still hacking on Xen, for work, school and fun. Details will
  be forthcoming, as will code.

My sweetie is calling – to be continued!

ladypine and me are engaged to be married. I proposed to
her a couple of weeks ago on Saturday morning while on a trip in the
Carmel mountains. Words cannot describe how happy I am to have found
her, a soul mate to share the rest of my life with.

(sorry for the sensationalist title, but I’m enjoying myself)

Read No More Free BitKeeper and BitMover announces accelerated commercial development strategy and migration plan for Open Source users and rejoice – no more BitKeeper used for the kernel’s development (and hopefully not for Xen’s, too). I don’t care how much better bk is than the other tools – using it makes me feel dirty! My only regret is that I haven’t found the time to contribute to an open source alternative.

The documentation might suck, but it sure is colorful.

“… Such an act is illegal and is guaranteed to put a banana in your tailpipe.”

(Documentation/DMA-mapping.txt, when referring to mixing the streaming and DAC DMA mapping interfaces)