8h ago · 6 min read · We tried running Docker inside a microVM. It failed before the first container even started. The error wasn’t helpful: cgroup mountpoint does not exist On a normal EC2 instance, Docker just works. Sa
Join discussion
Apr 9 · 8 min read · Overview In the modern world of cybersecurity, most defense mechanisms are built on a familiar assumption: every threat will leave a trace — a suspicious connection, an open port, or at least an unusu
Join discussion
Feb 11 · 11 min read · What is the Linux Kernel? Think of the Linux Kernel as the "boss" of your computer. It’s the core software that bridges the gap between your apps and the actual physical hardware. Here is a summary of how it works and what it does: The Basics: What i...
Join discussion
Feb 6 · 5 min read · 在 eBPF 开发中,辅助函数(Helper Functions)是连接沙箱代码与内核原生的唯一桥梁, 辅助函数既不是动态加载的插件,也不是脆弱的符号引用。它们是在内核启动那一刻,由引导代码根据链接脚本的‘施工图’,强行焊接在内存只读区域的物理基石。 本文起源于我在开发ebpf程序时思考辅助函数到底是什么?它和内核提供的其他函数有什么区别? 。 本文记录了我是如何通过源码分析、逆向思考和底层调试,一步步打通 eBPF 辅助函数逻辑的全过程。所有的代码均出自于5.15.0-139内核源码 第一...
Join discussionFeb 3 · 3 min read · Overview The Linux kernel is the core component of the Linux operating system, serving as an intermediary between hardware and software. Developed by Linus Torvalds and released in 1991, it has evolved significantly over the years and is now maintain...
Join discussion
Feb 1 · 3 min read · Linux is built around a small set of powerful components. Understanding these core concepts helps you use Linux confidently and debug real systems faster. 1. Core Components of Linux The diagram below shows how Linux components are layered and intera...
Join discussion
Jan 27 · 3 min read · 📝 Quick Summary: Singularity is a stealthy Linux Kernel Module (LKM) rootkit for modern 6.x kernels, utilizing ftrace for advanced system call hooking. It offers comprehensive features for hiding processes, files, and network connections, alongside ...
Join discussion
