SCHED_DEADLINE realtime scheduling in Linux

This is best explained by the article:

Realtime framework in Android:

Back to school: Learning security in Linux: old and new stuff

Linux Security: Securing and Hardening Linux Production Systems

And Ubuntu has a matrix to show its security features:

Seccomp and Sandboxing:

“What the Chrome developers would like is a more flexible way of specifying which system calls can be run directly by code inside the sandbox.One suggestion that came out was to add a new “mode” to seccomp. The API was designed with the idea that different applications might have different security requirements; it includes a “mode” value which specifies the restrictions that should be put in place. Only the original mode has ever been implemented, but others can certainly be added. Creating a new mode which allowed the initiating process to specify which system calls would be allowed would make the facility more useful for situations like the Chrome sandbox.”

Bypassing module_disabled functionality (disabling kernel modules loading):

Ultrasonic sensor + Arduino programming

After purchasing this ultrasonic sensor (JSN-SR04T):

I have got some problem understanding the specs and programming it. After some experimentation, and reading up Arduino’s version of the solution:

The following is the outcome:

unsigned long echo = 0;
int ultraSoundSignal = 9; // Ultrasound signal pin
int ultraSoundSignalIN = 7; // Ultrasound signal pin

unsigned long ultrasoundValue = 0;

void setup()


unsigned long ping(){
pinMode(ultraSoundSignal, OUTPUT); // Switch signalpin to output
digitalWrite(ultraSoundSignal, LOW); // Send low pulse
delayMicroseconds(2); // Wait for 2 microseconds
digitalWrite(ultraSoundSignal, HIGH); // Send high pulse
delayMicroseconds(15); // Wait for 15 microseconds
digitalWrite(ultraSoundSignal, LOW); // Holdoff
pinMode(ultraSoundSignalIN, INPUT); // Switch signalpin to input
digitalWrite(ultraSoundSignalIN, HIGH); // Turn on pullup resistor
// please note that pulseIn has a 1sec timeout, which may
// not be desirable. Depending on your sensor specs, you
// can likely bound the time like this — marcmerlin
// echo = pulseIn(ultraSoundSignal, HIGH, 38000)
echo = pulseIn(ultraSoundSignalIN, HIGH); //Listen for echo
ultrasoundValue = (echo / 58.138) * .39; //convert to CM then to inches
return ultrasoundValue;


void loop()
int x = 0;
x = ping();
delay(250); //delay 1/4 seconds.


A research into Android Binder

Thesis analysing Android BINDER:

Binder vs Ashmem vs other IPC:

Rooting ZenFone 2

Master page for Zenfone2:!k4MHiAgL!dVuOKeH3eokcwPSNI79ffw!k4MHiAgL!dVuOKeH3eokcwPSNI79ffw

After downloading all the images (essentially from and, and compared their differences to ensure they are of the same file),

  1. When it launches, type in the following command (you can get adb and fastboot from Android SDK’s “platform-tools” directory) and press Enter:
    adb reboot-bootloader
  2. Your device should reboot into bootloader mode.
  3. Now, rename the system image that you have downloaded to system.img. You can do that by right-clicking on the system image and selecting Rename.
  4. Type in the following command into the Command Prompt Window and press Enter:
    fastboot flash system system.img
  5. Wait for it to flash the system image on your device.
  6. When it’s done flashing the image, reboot your device by issuing the following command:
    fastboot reboot

Above procedure is also described below:

Hardware means of “recovery mode”:

Never update SuperSU app, explained inside here:

Installing CyanogenMod KitKat 4.4.2 for my Galaxy Ace GT-S5830

Update Galaxy Ace GT-S5830 to Android 4.4.2 KitKat with CyanogenMod 11 ROM [How to Install]: proven working ROM for my Galaxy ACE

My procedure (different from above, assuming you are running on Linux as hosts, Android SDK installed, and “adb” is in your $PATH environment variables, otherwise just enter the full path for “adb”):

a. Download the “” file from above:



b. Connect Samsung Galaxy Ace to computer via USB, and use adb to put it into recovery mode: adb reboot recovery

c. In the menu on the phone, choose “update zip” option, and then navigate to sideload.

d. In the computer, issue “adb sideload <>”, and you should see percentage by percentage the CM file is being uploaded into phone.

e. After it has been uploaded and updated, choose “reboot” on the phone.

f. After it has rebooted into the new image, now go to settings, and then “about phone” and tap on the “Build Number” 7 times: developer option is enabled, and ensure adb debugging via the different option is enable (default it is NOT), and you can also choose to have “root” enable as well (SuperUser–>Allow).

Viola….a fully rooted CynogenMod KitKat 4.4.2 for Galaxy Ace!

The above page has two download link.   The rule (for me) is NEVER download or run any download with “exe” as the extension.   The other download is “zip” as the extension, and using “unzip” in my Linux terminal, I can see (via unzip -l ) all the contents inside – and it clearly has all the usual contents of an Android ROM image.

The advantage of the above procedure using “adb” is that different phone has different key combination of putting it in recovery mode.   And from recovery mode, you have to navigate to the SD card that contained that ROM (which is the zipped file).   Not always, eg, in Xiaomi Mi Tablet, you have to put it in the root directory of the internal storage, not SD card.   All these procedures is rather cumbersome.   The method described above just need one USB cable to connect to the host Linux computer, where you downloaded all the ROM file, and you issued the “adb reboot recovery” command to put it in recovery mode, and then the “adb sideload” command to load the ROM image into the phone/tablet:   one-stop location to do everything.   What is the catch?   Sideloading is a feature only available in CWM recovery, so you will have to flash that using the non-sideloading means first.

What is happening in Ubuntu?

Just look at the following spawned processes:

     \_ init --user
         \_ dbus-daemon --fork --session --address=unix:abstract=/tmp/dbus-QUZeqof8X5
         \_ upstart-event-bridge
         \_ /usr/lib/x86_64-linux-gnu/hud/window-stack-bridge
         \_ /usr/lib/x86_64-linux-gnu/bamf/bamfdaemon
         \_ upstart-dbus-bridge --daemon --session --user --bus-name session
         \_ upstart-file-bridge --daemon --user
         \_ upstart-dbus-bridge --daemon --system --user --bus-name system
         \_ /usr/lib/at-spi2-core/at-spi-bus-launcher
         |   \_ /bin/dbus-daemon --config-file=/etc/at-spi2/accessibility.conf --nofork --print-address 3
         \_ /usr/lib/at-spi2-core/at-spi2-registryd --use-gnome-session
         \_ /usr/lib/gvfs/gvfsd
         \_ /usr/lib/gvfs/gvfsd-fuse /run/user/1000/gvfs -f -o big_writes
         \_ /usr/bin/ibus-daemon --daemonize --xim
         |   \_ /usr/lib/ibus/ibus-dconf
         |   \_ /usr/lib/ibus/ibus-ui-gtk3
         |   \_ /usr/lib/ibus/ibus-engine-simple
         \_ /usr/lib/unity-settings-daemon/unity-settings-daemon
         \_ /usr/lib/ibus/ibus-x11 --kill-daemon
         \_ /usr/lib/x86_64-linux-gnu/hud/hud-service
         \_ gnome-session --session=ubuntu
         |   \_ compiz
         |   \_ /usr/lib/unity-settings-daemon/unity-fallback-mount-helper
         |   \_ nautilus -n
         |   \_ /usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent-1
         |   \_ nm-applet
         |   \_ /opt/google/chrome/chrome --type=service
         |   \_ telepathy-indicator
         |   \_ zeitgeist-datahub
         |   \_ update-notifier
         \_ /usr/lib/unity/unity-panel-service
         \_ /usr/lib/x86_64-linux-gnu/indicator-keyboard-service --use-gtk
         \_ /usr/lib/x86_64-linux-gnu/indicator-messages/indicator-messages-service
         \_ /usr/lib/x86_64-linux-gnu/indicator-bluetooth/indicator-bluetooth-service
         \_ /usr/lib/x86_64-linux-gnu/indicator-power/indicator-power-service
         \_ /usr/lib/x86_64-linux-gnu/indicator-datetime/indicator-datetime-service
         \_ /usr/lib/x86_64-linux-gnu/indicator-sound/indicator-sound-service
         \_ /usr/lib/x86_64-linux-gnu/indicator-printers/indicator-printers-service
         \_ /usr/lib/x86_64-linux-gnu/indicator-session/indicator-session-service
         \_ /usr/lib/x86_64-linux-gnu/indicator-application/indicator-application-service
         \_ /usr/lib/evolution/evolution-source-registry
         \_ /usr/lib/x86_64-linux-gnu/notify-osd
         \_ /usr/lib/evolution/evolution-calendar-factory
         \_ /usr/lib/dconf/dconf-service
         \_ /usr/lib/gvfs/gvfs-udisks2-volume-monitor
         \_ /usr/lib/x86_64-linux-gnu/gconf/gconfd-2
         \_ /usr/lib/gvfs/gvfs-mtp-volume-monitor
         \_ /usr/lib/gvfs/gvfs-gphoto2-volume-monitor
         \_ /usr/lib/gvfs/gvfs-afc-volume-monitor
         \_ /usr/lib/gvfs/gvfsd-trash --spawner :1.9 /org/gtk/gvfs/exec_spaw/0
         \_ /usr/lib/gvfs/gvfsd-burn --spawner :1.9 /org/gtk/gvfs/exec_spaw/1
         \_ /usr/lib/gvfs/gvfsd-metadata
         \_ /usr/lib/telepathy/mission-control-5
         \_ /usr/bin/zeitgeist-daemon
         \_ /usr/lib/x86_64-linux-gnu/zeitgeist-fts
         |   \_ /bin/cat
         \_ gnome-terminal
             \_ gnome-pty-helper
             \_ bash
                 \_ ps auxwf

These processes are created simply just by logging in passed the Gnome session authentication prompt. No applications other than the gnome-terminal is started yet.

Yet, applications like Chrome can already start by itself.

Frankly this is getting really bloated, and sounds more like trojans than ever.


Get every new post delivered to your Inbox.

%d bloggers like this: