Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
LaurieWired Profile picture
@lauriewired
Nov 4, 2024 4 tweets 2 min read Read on X
Linux has a new(ish) syscall you should know about.

mseal ("memory sealing") locks memory regions against modification. Many shellcode techniques are blocked since executable permissions can’t be added to sealed memory.

Here’s how it works: Image
mseal adds a VM_SEALED flag to memory regions, stopping attackers from using syscalls like mprotect and munmap to alter permissions or remap memory.

This hardens against common exploits by ensuring protected memory stays intact during runtime. Image
The syscall proved...controversial.

(read the linux mailing list on the subject, it's a doozy)

Linus criticized mseal's implementation as “nonsensical” for its inconsistent application of sealing rules across memory operations. Thankfully, they eventually came to a consensus. Image
mseal is now available in kernel 6.10+

To use it, apps need to seal sensitive memory regions via direct syscall invocation.

It's not an automatic process, but it's an interesting new tool that I hope to see more of, especially in highly targeted applications like web browsers Image

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with LaurieWired

LaurieWired Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @lauriewired

LaurieWired Profile picture
Sep 11
How do you program an unknown CPU?

The original specs are gone; no compilers exist, and the ISA is completely unrecognized.

It happens more often than you think, behind very closed doors.

It's almost always military hardware. Image
Image
There is *one* glimpse of this that I know of in the wild.

In 2012, two Russian PhDs researchers gave a presentation at RECon.

Titled quite innocuously, they were tasked with reversing a single, unknown binary.

No hardware. No datasheet. No Documentation. Image
Details about *why* they were doing this are sparse.

No, they aren't reversing Alien CPUs.

If I had to guess, they were likely reversing a Soviet, cold-war era clone of the PDP-11.

Smells like an Avionics / Defense MCU. Image
Image
Read 4 tweets
LaurieWired Profile picture
Sep 3
It’s time to get rid of frame rates.

In weird corners of the internet, researchers and standards committees discuss frameless video containers.

Sensor data as a continuous function, down-sampled to any frame rate you want.

Here's what it'll look like in 10 years: Image
Image
There’s two schools of thought, depending on the crowd you hang around.

NeurIPS folks tend to like continuous-time fields (software).

Hardcore EE types discuss event-based sensing (hardware, timestamps).

Bear with me, it's easier than it sounds: Image
Image
Consumers are gonna see continuous-time fields first.

It doesn’t require new cameras or hardware.

Take a video, re-encode frames into “extracted features”, decode with a ML model, refit to any framerate.

Popular topic at NeurIPS, MPEG Standard is already discussing it. Image
Read 5 tweets
LaurieWired Profile picture
Sep 2
Much like humans, CPUs heal in their sleep.

CPUs are *technically* replaceable / wear items. They don’t last forever.

Yet, the moment stress is removed, transistor degradation (partially) reverses.

It's called Bias Temperature Instability (BTI) recovery: Image
Image
Transistors are little switches.

When you hold a switch on, especially when it’s hot, a bit of charge gets stuck where it shouldn’t.

Every time that happens, it gets a little bit harder to switch.

In other words, the transistor gets a little “lazier”. Image
Over 10 years, in a modern processor, the ALU can slow down 6%!

FPGAs get hit even harder. Run it hard (slightly over-volted), and you’re looking at a few % a year of slowdown.

Not something the average user would notice, but definitely has to be accounted for. Image
Image
Read 5 tweets
LaurieWired Profile picture
Aug 29
I’ve been on a filesystem kick, and it’s interesting to see the DNA of older ideas pop up in modern designs.

BeFS was crazy in the 90s; the whole architecture was basically a searchable database.

Skimming through their book…it sounds a lot like current Apple FS design. Image
Image
Turns out there’s a good reason for that.

“Practical File System Design”, was written by Dominic Giampaolo in 1999, for BeOS.

Giampaolo joined Apple in 2002, where he became lead architect for…APFS.

Released in 2016, it's funny to see the same ideas 17 years later. Image
Image
In some ways, BeFS is still the more “modern” filesystem!

BeFS embedded search into the FS itself, Apple keeps the indexing+search layer separate.

Both love B-trees, per-file metadata, and 64-bit structures.

It's really not *that* different. Image
Read 4 tweets
LaurieWired Profile picture
Aug 21
Why do most uninterruptible power supplies still use old, lead-acid battery tech?

Nearly every battery in your house (phone, watch, even electric car) is lithium based...except UPSs.

It all has to do with battery chemistry. Lead-Acid has some unique advantages: Image
Image
Contrary to what you might think; lithium batteries are not a “straight upgrade”.

Lead-Acid handles being “floated” at near ~100% capacity for years.

Considering UPS’s spend 99.9% of their life sitting at full charge…waiting for an outage, it's an ideal use-case. Image
Lithium-based cells *hate* sitting at 100%.

The thermal management, per-cell protection, and balancing electronics are significantly more complex than lead-acid’s simple float charge.

Lithium UPSs do exist, but they are pricey and make some huge compromises. Image
Read 4 tweets
LaurieWired Profile picture
Aug 19
The West has a blindspot when it comes to alternative CPU designs.

We’re so entrenched in the usual x86, ARM, RISC-V world, that most people have no idea what’s happening over in China.

LoongArch is a fully independent ISA that’s sorta MIPS…sorta RISC-V…and sorta x87! Image
Image
Of course, Loongson (the company) realizes that most software is compiled for x86 and ARM.

Thus, they decided to add some hefty translation layers (LBT) built into the hardware.

LBT gives you for extra scratch registers, x86+ARM eflags, and an x87(!) stack pointer. Image
LoongArch is a *hefty* ISA; about ~2,000 instructions.
To put it in perspective, base RISC-V is like 50.

That said, it’s pretty clean to read. All instructions are 32 bits, and there are only 9 possible formats.

Certainly easier to decipher than modern x86. Image
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(