Linux Hacks

528 Articles

A Potential Exploit With The Ext Filesystem

December 10, 2024 by 58 Comments

The extended filesystem, otherwise known as ext, has been a fundamental part of Linux since before the 1.0 release in 1994. Currently the filesystem is on its fourth major revision, in use since its release in 2008 thanks to its stability, reliability, and backwards compatibility with the other ext filesystem versions. But with that much history there are bound to be a few issues cropping up here and there. [Will] recently found an exploit with this filesystem that can cause a Linux kernel to immediately panic when a manipulated USB drive is inserted into a computer.

[Will] discovered this quirk when investigating the intricacies of the filesystem for problems and other vulnerabilities. A tool called tune2fs, used for administering and modifying ext filesystems, includes the ability to pass certain commands to the Linux kernel when certain situations arise with the filesystem itself, including that the kernel should panic. One situation is that the ext filesystem itself becomes corrupted, which can then cause the kernel panic. Armed with this knowledge, a USB drive can be purposefully given a corrupted ext filesystem which, when plugged into a Linux machine, can cause the computer to shut down.

The post linked above goes into some discussion about how this exploit could be used maliciously to gain access to a Linux system, including rebooting computers where no access to a power button is otherwise enabled or making other changes to the system before needing a reboot to apply the changes. In general, though, it’s good to assume an attacker could take any route to gain access to a machine. This exploit from a few years ago, for example, allowed another Linux tool to be used to gain root access.

Thanks to [Timothy] for the tip!

Alternatives Don’t Need To Be Bashed

November 26, 2024 by 20 Comments

By default, bash is the most popular command language simply because it’s included in most *nix operating systems. Additionally, people don’t tend to spend a lot of time thinking about whatever their computer uses for scripting as they might for other pieces of software like a word processor or browser. If you are so inclined to take a closer look at this tool that’s often taken for granted, there are a number of alternatives to bash and [monzool] wanted to investigate them closely.

Unlike other similar documentation that [monzool] has come across where the writers didn’t actually use the scripting languages being investigated, [monzool] is planning to use each of these and accomplish specific objectives. This will allow them to get a feel for the languages and whether or not they are acceptable alternatives for bash. Moving through directories, passing commands back and forth, manipulating strings, searching for files, and manipulating the terminal display settings are all included in this task list. A few languages are tossed out before initial testing even begins for not meeting certain specific requirements. One example is not being particularly useful in [monzool]’s preferred embedded environments, but even so there are enough bash alternatives to test out ten separate languages.

Unfortunately, at the end of the day none of the ten selected would make a true replacement for bash, at least for [monzool]’s use case, but there were a few standouts nonetheless. Nutshell was interesting for being a more modern, advanced system and [monzool] found Janet to be a fun and interesting project but had limitations with cross-compiling. All in all though this seemed to be an enjoyable experience that we’d recommend if you actually want to get into the weeds on what scripting languages are actually capable of. Another interesting one we featured a while back attempts to perform as a shell and a programming language simultaneously.

Linux Fu: Audio Network Pipes

November 26, 2024 by 18 Comments

Life was simpler when everything your computer did was text-based. It is easy enough to shove data into one end of a pipe and take it out of the other. Sure, if the pipe extends across the network, you might have to call it a socket and take some special care. But how do you pipe all the data we care about these days? In particular, I found I wanted to transport audio from the output of one program to the input of another. Like most things in Linux, there are many ways you can get this done and — like most things in Linux — only some of those ways will work depending on your setup.

Why?

There are many reasons you might want to take an audio output and process it through a program that expects audio input. In my case, it was ham radio software. I’ve been working on making it possible to operate my station remotely. If all you want to do is talk, it is easy to find software that will connect you over the network.

However, if you want to do digital modes like PSK31, RTTY, or FT8, you may have a problem. The software to handle those modes all expect audio from a soundcard. They also want to send audio to a soundcard. But, in this case, the data is coming from a program.

Of course, one answer is to remote desktop into the computer directly connected to the radio. However, most remote desktop solutions aren’t made for high-fidelity and low-latency audio. Plus, it is nice to have apps running directly on your computer.

I’ll talk about how I’ve remoted my station in a future post, but for right now, just assume we want to get a program’s audio output into another program’s audio input. Continue reading “Linux Fu: Audio Network Pipes”

I Installed Gentoo So You Don’t Havtoo

November 4, 2024 by 72 Comments

A popular expression in the Linux forums nowadays is noting that someone “uses Arch btw”, signifying that they have the technical chops to install and use Arch Linux, a distribution designed to be cutting edge but that also has a reputation of being for advanced users only. Whether this meme was originally posted seriously or was started as a joke at the expense of some of the more socially unaware Linux users is up for debate. Either way, while it is true that Arch can be harder to install and configure than something like Debian or Fedora, thanks to excellent documentation and modern (but optional) install tools it’s no longer that much harder to run than either of these popular distributions.

For my money, the true mark of a Linux power user is the ability to install and configure Gentoo Linux and use it as a daily driver or as a way to breathe life into aging hardware. Gentoo requires much more configuration than any mainline distribution outside of things like Linux From Scratch, and has been my own technical white whale for nearly two decades now. I was finally able to harpoon this beast recently and hope that my story inspires some to try Gentoo while, at the same time, saving others the hassle.

A Long Process, in More Ways Than One

My first experience with Gentoo was in college at Clemson University in the late ’00s. The computing department there offered an official dual-boot image for any university-supported laptop at the time thanks to major effort from the Clemson Linux User Group, although the image contained the much-more-user-friendly Ubuntu alongside Windows. CLUG was largely responsible for helping me realize that I had options outside of Windows, and eventually I moved completely away from it and began using my own Linux-only installation. Being involved in a Linux community for the first time had me excited to learn about Linux beyond the confines of Ubuntu, though, and I quickly became the type of person featured in this relevant XKCD. So I fired up an old Pentium 4 Dell desktop that I had and attempted my first Gentoo installation.

For the uninitiated, the main thing that separates Gentoo from most other distributions is that it is source-based, meaning that users generally must compile the source code for all the software they want to use on their own machines rather than installing pre-compiled binaries from a repository. So, for a Gentoo installation, everything from the bootloader to the kernel to the desktop to the browser needs to be compiled when it is installed. This can take an extraordinary amount of time especially for underpowered machines, although its ability to customize compile options means that the ability to optimize software for specific computers will allow users to claim that time back when the software is actually used. At least, that’s the theory. Continue reading “I Installed Gentoo So You Don’t Havtoo”

A screen capture from Portal 2 running in Asahi Linux. The Asahi Linux logo is in the bottom right of the image as a watermark. The environment is a concrete and glass building with elements of nature taking over the room on the other side of the glass from the character. A red circle with a grey cube above it is in the foreground.

Asahi Linux Brings Better Gaming To Apple Silicon

October 29, 2024 by 8 Comments

For those of you longing for better gaming on an Apple Silicon device, Asahi Linux is here to help.

While Apple’s own line of CPUs are relatively new kids on the block, they’ve still been around for four years now, giving hackers ample time to dissect their innards. The team behind Asahi Linux has now brought us “the only conformant OpenGL®, OpenCL™, and Vulkan® drivers” for Apple’s M1 and M2.

The emulation overhead of the system means that most games will need at least 16 GB of RAM to run. Many games are playable, but newer titles can’t yet hit 60 frames per second. The developers are currently focused on “correctness” and hope to improve performance in future updates. Many indie titles are reported to already be working at full speed though.

You can hear more about some of the fiddly bits of how to “tessellate with arcane compute shaders” in the video below. Don’t worry, it’s only 40 minutes of the nine hour video and it should start right at the presentation by GPU dev [Alyssa Rosenzweig].

If you want to see some of how Linux on Apple Silicon started or some of the previous work on hacking the M1 GPU, we have you covered.

Continue reading “Asahi Linux Brings Better Gaming To Apple Silicon”

MOTU Audio Interface Resurrected After Some Reverse Engineering

October 18, 2024 by 8 Comments

These days, when something electronic breaks, most folks just throw it away and get a new one. But as hackers, we prefer to find out what the actual problem is and fix it. [Bonsembiante] took that very tack when a MOTU brand audio interface wasn’t booting. As it turns out, a bit of investigative work led to a simple and viable fix.

The previous owner had tried to get the unit fixed multiple times without success. When it ended up on [Bonsembiante]’s bench, reverse engineering was the order of the day. Based around an embedded Linux system, there was lots to poke and prod at inside, it’s just that… the system wasn’t booting, wasn’t showing up over USB or Ethernet, or doing much of anything at all.

Extracting the firmware only revealed that the firmware was actually valid, so that was a dead end. However, after some work following the boot process along in Ghidra, with some external help, the problem was revealed. Something was causing the valid firmware to fail the bootloader’s checks—and with that fixed, the unit booted. You’ll have to read the article to get the full juicy story—it’s worth it!

We’ve seen [Bonsembiante’s] work here before, when they turned an old ADSL router into a functioning guitar pedal. Video after the break.

Continue reading “MOTU Audio Interface Resurrected After Some Reverse Engineering”

Linux, Now In Real Time

September 21, 2024 by 27 Comments

Although Linux runs almost every supercomputer, most of the web, the majority of smart phones, and a few writers’ ancient Macbooks, there’s one major weak point in the Linux world that will almost always have developers reaching for a different operating system. Linux is not a real-time operating system (RTOS), meaning that it can’t respond to requests in the real world within a set timeframe. This means that applications needing computer control in industry, medicine, robotics, and other real-world situations generally need a purpose-built RTOS. At least, that was true until recently when an update to the Linux kernel added real-time capabilities.

The feature, called PREEMPT_RT, forces the Linux kernel to respond to certain request within a set limit of time. This means that a system with this support built into the kernel can “preempt” any current task, stopping everything else a computer is doing in order to execute that task right away. There are some existing solutions to getting a functional equivalent system working with Linux now, but they can be clunky or inelegant, requiring the user to install patches or other software to get it to work. With the support built directly into the kernel this will become much less of a pain point for anyone who needs this functionality going forward.

This feature has been in the works for around two decades now, so with this entering general use now we would expect to start seeing it show up in various projects as well as in commercial offerings soon, especially since other RTOS solutions can be pricey. Don’t recompile the kernel in your desktop for this feature just yet, though; real-time function can cause some unintended consequences with normal use you’ll need to account for. There’s some more discussion on this in the /r/Linux subreddit and there are some other real-time operating systems available for computers not typically capable of running Linux to take a look at as well.