Sasha Levin oo ka tirsan NVIDIA, oo maamusha laamaha LTS ee Linux kernel isla markaana ka shaqeysa guddiga la-talinta ee Linux Foundation, ayaa diyaarisay qaybo balastar ah oo hirgelinaya habka killswitch ee kernel-ka Linux. Muuqaalka la soo jeediyay wuxuu u oggolaanayaa in si degdeg ah loo joojiyo shaqeynta kernel-ka qaarkood. Killswitch-ku waxaa loogu talagalay inuu waxtar u yeesho xannibaadda ku meel gaarka ah ilaa la rakibo cusbooneysiin kernel oo leh hagaajin.
Killswitch waxaa lagu maamulaa faylka "/sys/kernel/security/killswitch/control", kaas oo kuu oggolaanaya inaad habayso wicitaanada shaqada kernel ee magacyadooda. Tusaale ahaan, si aad u joojiso nuglaanta Nuqulka Fail, si fudud ugu dar amarka "engage af_alg_sendmsg -1" faylka xakamaynta si aad u suurtogeliso joojinta wicitaanka shaqada af_alg_sendmsg oo aad ku soo celiso koodka qaladka "-1".
Jilayaal kasta oo ay taageerto nidaamka hoose ee kprobes waxaa loo isticmaali karaa magacyo ahaan. Qaar badan oo ka mid ah nugulnada halista ah ee kernel-ka ee dhawaan la ogaaday waxay ka jiraan nidaamyada hoose ee ay isticmaalaan tiro yar oo isticmaaleyaal ah (tusaale ahaan, AF_ALG, ksmbd, nf_tables, vsock, ax25). Inta badan isticmaalayaasha, dhibka ka dhasha luminta shaqada ee hawlaha qaarkood uma qalmo khatarta ah in la isticmaalo kernel leh nuglaansho la yaqaan, oo aan la hagaajin ilaa balastar la rakibo. Habka killswitch wuxuu si gaar ah ugu habboon yahay macnaha nuglaanta Dirty Frag ee hadda jirta, kaas oo faa'iido-doon la daabacay ka hor inta aan arrinta lagu hagaajin kernel-ka.
Source: opennet.ru
