Kexecing Jokes

Presented at Kiwicon 7: Cyberfriends (2013), Nov. 9, 2013, 11 a.m. (30 minutes).

Kexec is a Linux kernel feature that allows you to load and launch a new kernel. You might naively expect this to be implemented with some sort of rational mechanism that didn't allow userspace to stuff arbitrary code into the kernel in such a way that it then gets executed in ring 0 with no memory protection. Ha. Ha. Ha. This presentation will give a brief overview of kexec, its implementation, terrifying things that are mentioned in its documentation, and some demonstrations of it being used for the lulz.

Presenters:

  • Matthew 'mjg' Garrett
    Matthew used to hack fruitflies[1], now he mostly hacks firmware. He's ported Zork to UEFI and has possibly run arbitrary code on your IPMI hardware, but by day he works to improve cloud security at Nebula. [1] Mostly into a thin paste. Have you ever tried taking one apart? It's not easy.

Links:

Similar Presentations: