linux

679 Articles

Linux Fu: Customizing Printf

October 24, 2023 by 13 Comments

When it comes to programming in C and, sometimes, C++, the printf function is a jack-of-all-trades. It does a nice job of quickly writing output, but it can also do surprisingly intricate formatting. For debugging, it is a quick way to dump some data. But what if you have data that printf can’t format? Sure, you can just write a function to pick things apart into things printf knows about. But if you are using the GNU C library, you can also extend printf to use custom specifications. It isn’t that hard, and it makes using custom data types easier.

An Example

Suppose you are writing a program that studies coin flips. Even numbers are considered tails, and odd numbers are heads. Of course, you could just print out the number or even mask off the least significant bit and print that. But what fun is that?

Here’s a very simple example of using our new printf specifier “%H”:

printf("%H %H %H %H\n",1,2,3,4);
printf("%1H %1H\n",0,1);

When you have a width specification of 1 (like you do in the second line) the output will be H or T. If you have anything else, the output will be HEADS or TAILS.

Continue reading “Linux Fu: Customizing Printf”

Because You Can: Linux On An Arduino Uno

October 13, 2023 by 26 Comments

There are a few “Will it run” tropes when it comes to microcontrollers, one for example is “Will it run Doom?“, while another is “Will it run Linux?”. In one of the lowest spec examples of the last one, [gvl610] has got an up-to-date Linux kernel to boot on a vanilla Arduino Uno. And your eyes didn’t deceive you, that’s a full-fat kernel rather than the cut-down μClinux for microcontrollers.

Those of you who’ve been around a while will probably have guessed how this was done, as the ATmega328 in the Uno has no MMU and is in to way powerful enough for the job. It’s running an emulator, in this case just enough RISC-V to be capable, and as you’d imagine it’s extremely slow. You’ll be waiting many hours for a shell with this machine.

The code is written in pure AVR C, and full instructions for compilation are provided. Storage comes from an SD card, as the ATmega’s meagre 32k is nowhere near enough. If you’re having a bit of deja vu here we wouldn’t blame you, but this one is reputed to be worse than the famous 2012 “Worst PC Ever“, which emulated ARM instead of RISC-V.

Thanks [Electronics Boy] for the tip!

Explore Linux Space Time

September 27, 2023 by 7 Comments

If you’ve ever wondered how much memory a process uses, you’ve probably used a form of task manager or system monitor. System monitors can be useful to identify resource hogs, but are often less versatile if you want more details about just one process. If you’ve ever faced this problem, then [Fabien Sanglard]’s Space-Time explorer is for you!

The wonderfully punny Space-Time tool records physical memory usage, time spent in user space vs. kernel space and even threads and subprocesses created. These words may not mean much to some readers, so let’s quickly go over them: Physical memory usage is the actual amount of RAM given (not always the same as requested). The kernel (which lives in kernel space) is the supervisor to all processes on a computer. In contrast, every process lives in it’s own “user space”, a way of protecting the kernel. Finally, a subprocess (or “child process”) is simply a process started by another process (the “parent”). Continue reading “Explore Linux Space Time”

This Week In Security: WebP, Cavium, Gitlab, And Asahi Lina

September 22, 2023 by 15 Comments

Last week we covered the latest 0-day from NSO group, BLASTPASS. There’s more details about exactly how that works, and a bit of a worrying revelation for Android users. One of the vulnerabilities used was CVE-2023-41064, a buffer overflow in the ImageIO library. The details have not been confirmed, but the timing suggests that this is the same bug as CVE-2023-4863, a Webp 0-day flaw in Chrome that is known to be exploited in the wild.

The problem seems to be an Out Of Bounds write in the BuildHuffmanTable() function of libwebp. And to understand that, we have to understand libwebp does, and what a Huffman Table has to do with it. The first is easy. Webp is Google’s pet image format, potentially replacing JPEG, PNG, and GIF. It supports lossy and lossless compression, and the compression format for lossless images uses Huffman coding among other techniques. And hence, we have a Huffman table, a building block in the image compression and decompression.

What’s particularly fun about this compression technique is that the image includes not just Huffman compressed data, but also a table of statistical data needed for decompression. The table is rather large, so it gets Huffman compressed too. It turns out, there can be multiple layers of this compression format, which makes the vulnerability particularly challenging to reverse-engineer. The vulnerability is when the pre-allocated buffer isn’t big enough to hold one of these decompressed Huffman tables, and it turns out that the way to do that is to make maximum-size tables for the outer layers, and then malform the last one. In this configuration, it can write out of bounds before the final consistency check.

An interesting note is that as one of Google’s C libraries, this is an extensively fuzzed codebase. While fuzzing and code coverage are both great, neither is guaranteed to find vulnerabilities, particularly well hidden ones like this one. And on that note, this vulnerability is present in Android, and the fix is likely going to wait til the October security update. And who knows where else this bug is lurking. Continue reading “This Week In Security: WebP, Cavium, Gitlab, And Asahi Lina”

A colorful diagram representing the inner structure of the Linux kernel.

Find That Obscure Function With This Interactive Map Of The Linux Kernel

September 14, 2023 by 12 Comments

Linux has become one of the largest operating systems on the servers that run large websites, and hopefully, one day, it will be big in the desktop market too. Some of you may know how Linux as an operating system is structured, but have you ever wondered how the kernel itself is structured? Maybe you’ll find this colorful interactive map of the Linux kernel by [Costa Shulyupin] useful.

The interactive map depicts the major levels of abstraction and functionalities, dotted with over 400 prominent functions from the Linux kernel, which are also links to a cross-reference site so you can see all the definitions and usages. It divides the kernel into 7 rows and 7 columns containing domains with well-known terms like security and debugging, but also more obscure things like block devices and address families. These are also links, this time to the definition of the term in question. Finally, there are arrows flying everywhere, to show the relationships between all the many functions in the kernel.
Continue reading “Find That Obscure Function With This Interactive Map Of The Linux Kernel”

Grannophone Helps You Stay In Touch

September 10, 2023 by 20 Comments

Whether it’s distance, pandemics, or both that separate you from your elderly loved ones, what’s the best idea for communicating with them so they don’t suffer from loneliness on top of issues like dementia? We’d say it’s probably something like [Stefan Baur]’s Grannophone.

Back in late 2020, a Twitter user named [Nitek] asked the Internet what could be done in the way of a grandma-friendly video-conferencing solution, provided Grandma has a TV and a broadband internet connection. At first, [Stefan] was like, just get her an old iPad and FaceTime with her. But the question got him thinking. And prototyping.

Grannophones are essentially Linux machines with a video-capable SIP client connected over a VPN for privacy reasons. In simple mode, picking up the handset of one Grannophone will call the other, but more complicated configurations are possible. We particularly like that replacing the handset automatically obscures the camera. That’s a nice touch.

At this point, the Grannophone is a work in progress. The idea is that they be extremely easy to build at the kitchen table, like on the order of disposable Swedish furniture. If you can contribute to the project, please do. Be sure to check out the demonstration video after the break.

On the other hand, if Granny is 1337, you could always video-conference in terminal.

Continue reading “Grannophone Helps You Stay In Touch”

Linux Fu: Build A Better Ls

September 8, 2023 by 27 Comments

Ask someone to name all the things they can find in a room. Only a few will mention air. Ask a Linux command line user about programs they use and they may well forget to mention ls. Like air, it is seemingly invisible since it is so everpresent. But is it the best it can be? Sure, you can use environment variables and aliases to make it work a little nicer, but, in fact, it is much the same ls we have used for decades. But there have always been moves to make better ls programs. One of them, exa, was recently deprecated in favor of one of its forks, eza.

One thing we liked about eza is that it is a single file. No strange installation. No multiple files to coordinate. Put it on your path, and you are done. So installation is easy, but why should you install it?

Continue reading “Linux Fu: Build A Better Ls”