Creating packages with FPM

http://rnelson0.com/2014/09/15/creating-packages-with-fpm/

https://www.digitalocean.com/community/tutorials/how-to-use-fpm-to-easily-create-packages-in-multiple-formats

https://github.com/jordansissel/fpm

http://www.ducea.com/2011/08/31/build-your-own-packages-easily-with-fpm/

▶ Analysis of IPMI based vulnerabilities

https://www.youtube.com/watch?v=GZeUntdObCA

And here is a good introduction on the vulnerabilities in detail:

https://community.rapid7.com/community/metasploit/blog/2013/07/02/a-penetration-testers-guide-to-ipmi

IPMI architecture diagram shows BMC sideband via SMBUS.

https://threatpost.com/vulnerabilities-in-ipmi-protocol-have-long-shelf-life/106480

https://www.us-cert.gov/ncas/alerts/TA13-207A

https://securityledger.com/2014/06/ipmis-inconvenient-truth-a-conversation-with-dan-farmer/

http://fish2.com/ipmi/

http://www.fish2.com/security/

http://fish2.com/ipmi/river.pdf

http://fish2.com/ipmi/itrain.pdf

http://fish2.com/ipmi/itrain-gz.html

https://en.wikipedia.org/wiki/Intel_Active_Management_Technology

https://en.wikipedia.org/wiki/WS-Management

Tools:

http://www.gnu.org/software/freeipmi/

http://sourceforge.net/projects/ipmitool/

Redfish:

http://dmtf.org/standards/redfish

http://robhirschfeld.com/2014/12/11/redfish-ipmi-bios/

http://www.uefi.org/sites/default/files/resources/UEFI_Plugfest_May_2015_HTTP_Boot_Redfish_Samer_El-Haj_ver1.2.pdf

Different presentations:

https://groups.google.com/forum/#!topic/pdxdevops/KGu9kbVMstg

IPMI + RESTFUL API

https://wiki.openstack.org/wiki/IpmiCredentials

https://github.com/Ahiknsr/igor-rest-api

http://www.eyeshalfclosed.com/blog/2014/08/28/building-the-igor-rest-api/

Foreman:

http://www.fitzdsl.net/tag/ipmi/

How to quickly compile all the Android samples via command line?

The procedure described here is working only for the “legacy” branch of Android SDK, as the later version are all using “Gradle” now (procedure to compile to be covered in another blog).

First the prerequisites (for Ubuntu 14.04 64-bit host environment, and Android SDK has been installed in /opt/android-sdk-linux directory):

1. Update Android SDK:

cd /opt/android-sdk-linux
tools/android update sdk –no-ui

2. Ensure “ant” is installed: “sudo apt-get install ant”.

3. Ensure java and javac is installed, version 7 preferred. (Java 6 confirmed will give errors).

4. Next, “cd /opt/android-sdk-linux/samples/android-22/legacy” to the Android version 22 legacy branch.

Using this script (named as “myant”):

#!/bin/bash

export ANDROID_SDK=/opt/android-sdk-linux
export ANDROID_HOME=/opt/android-sdk-linux

$ANDROID_SDK/tools/android update project –path . –target android-21

ant debug

(Noticed above that I specified the target as Android version 21).

5. And then run the following script (ensuring that the above “myant” is in your $PATH):

list=”AccelerometerPlay/ \
ActionBarCompat/ \
AndroidBeamDemo/ \
ApiDemos/ \
AppNavigation/ \
BackupRestore/ \
BasicGLSurfaceView/ \
BluetoothHDP/ \
ContactManager/ \
CrossCompatibility/ \
CubeLiveWallpaper/ \
GestureBuilder/ \
HelloEffects/ \
Home/ \
HoneycombGallery/ \
JetBoy/ \
KeyChainDemo/ \
LunarLander/ \
MultiResolution/ \
NotePad/ \
RandomMusicPlayer/ \
RenderScript/ \
SampleSyncAdapter/ \
SearchableDictionary/ \
SipDemo/ \
SkeletonApp/ \
Snake/ \
SoftKeyboard/ \
SpellChecker/ \
Spinner/ \
SpinnerTest/ \
TicTacToeLib/ \
TicTacToeMain/ \
ToyVpn/ \
TtsEngine/ \
UiAutomator/ \
VoicemailProviderDemo/ \
VoiceRecognitionService/ \
WeatherListWidget/ \
WidgetPreview/ \
WiFiDirectDemo/ \
WiFiDirectServiceDiscovery/ \
Wiktionary/ \
WiktionarySimple/ \
XmlAdapters/”

for name in $list
do
if
[ -f “$name/AndroidManifest.xml” ]
then
cd $name
myant
cd ..
else
echo $name NOTBUILD
fi
done

All the samples will build successfully (just grep for successful) but only three subdirectory remain untouch: Renderscript, UiAutomator, and SpellChecker. Just “cd” to specific directory involved, and execute “myant” whenever AndroidManifest.xml is found.

Only UiAutomator remained cannot be compiled, as it does not comes with “AndroidManifest.xml” file.

SCHED_DEADLINE realtime scheduling in Linux

This is best explained by the lwn.net article:

https://lwn.net/Articles/396634/

http://www.artist-embedded.org/docs/Events/2010/OSPERT/OSPERT2010-Proceedings.pdf

http://retis.sssup.it/~marko/papers/ICPP09.pdf

ftp://ftp.rcs.ei.tum.de/pub/papers/rtsg/edffast.pdf

https://wiki.automotivelinux.org/sched_deadline

http://retis.sssup.it/~jlelli/talks/rts-like14/SCHED_DEADLINE.pdf

https://www.kernel.org/doc/Documentation/scheduler/sched-deadline.txt

elinux.org/images/b/b6/ELC2013-Kobayashi.pdf

Realtime framework in Android:

http://stackoverflow.com/questions/2380774/android-architecture-for-real-time-applications?rq=1

Back to school: Learning security in Linux: old and new stuff

Linux Security: Securing and Hardening Linux Production Systems

http://www.puschitz.com/SecuringLinux.shtml

And Ubuntu has a matrix to show its security features:

https://wiki.ubuntu.com/Security/Features

Seccomp and Sandboxing:

http://lwn.net/Articles/332974/
https://www.kernel.org/doc/Documentation/prctl/seccomp_filter.txt

“What the Chrome developers would like is a more flexible way of specifying which system calls can be run directly by code inside the sandbox.One suggestion that came out was to add a new “mode” to seccomp. The API was designed with the idea that different applications might have different security requirements; it includes a “mode” value which specifies the restrictions that should be put in place. Only the original mode has ever been implemented, but others can certainly be added. Creating a new mode which allowed the initiating process to specify which system calls would be allowed would make the facility more useful for situations like the Chrome sandbox.”

Bypassing module_disabled functionality (disabling kernel modules loading):

http://turbochaos.blogspot.sg/2013/10/writing-linux-rootkits-301_31.html

Ultrasonic sensor + Arduino programming

After purchasing this ultrasonic sensor (JSN-SR04T):

http://www.aliexpress.com/store/product/JSN-SR04T-integrated-ultrasonic-ranging-module-waterproof-type-ultrasonic-reversing-radar/221555_2041881738.html

I have got some problem understanding the specs and programming it. After some experimentation, and reading up Arduino’s version of the solution:

http://playground.arduino.cc/Main/UltrasonicSensor

The following is the outcome:

unsigned long echo = 0;
int ultraSoundSignal = 9; // Ultrasound signal pin
int ultraSoundSignalIN = 7; // Ultrasound signal pin

unsigned long ultrasoundValue = 0;

void setup()
{
Serial.begin(9600);
pinMode(ultraSoundSignal,OUTPUT);
pinMode(ultraSoundSignalIN,INPUT);

}

unsigned long ping(){
pinMode(ultraSoundSignal, OUTPUT); // Switch signalpin to output
digitalWrite(ultraSoundSignal, LOW); // Send low pulse
delayMicroseconds(2); // Wait for 2 microseconds
digitalWrite(ultraSoundSignal, HIGH); // Send high pulse
delayMicroseconds(15); // Wait for 15 microseconds
digitalWrite(ultraSoundSignal, LOW); // Holdoff
pinMode(ultraSoundSignalIN, INPUT); // Switch signalpin to input
digitalWrite(ultraSoundSignalIN, HIGH); // Turn on pullup resistor
// please note that pulseIn has a 1sec timeout, which may
// not be desirable. Depending on your sensor specs, you
// can likely bound the time like this — marcmerlin
// echo = pulseIn(ultraSoundSignal, HIGH, 38000)
echo = pulseIn(ultraSoundSignalIN, HIGH); //Listen for echo
Serial.println(echo);
ultrasoundValue = (echo / 58.138) * .39; //convert to CM then to inches
return ultrasoundValue;

}

void loop()
{
int x = 0;
x = ping();
//Serial.println(x);
delay(250); //delay 1/4 seconds.

}

A research into Android Binder

http://elinux.org/Android_Binder

Thesis analysing Android BINDER:

https://www.nds.rub.de/media/attachments/files/2011/10/main.pdf

https://www.nds.rub.de/media/attachments/files/2012/03/binder.pdf

http://www.slideshare.net/pchethan/android-binder-ipc-implementation

http://www.slideshare.net/jserv/android-ipc-mechanism

http://events.linuxfoundation.org/images/stories/slides/abs2013_gargentas.pdf

http://stackoverflow.com/questions/14012499/can-an-android-service-provide-two-interfaces-to-communicate-with

http://mobilengineering.blogspot.sg/2013/02/inter-process-communication-on-android.html

http://www.dre.vanderbilt.edu/~schmidt/cs282/PDFs/android-binder-ipc.pdf

http://www.developer.am/android/?page=Android+IPC+Compared+with+Java+Native+Interface

http://codetheory.in/android-interprocess-communication-ipc-messenger-remote-bound-services/

Binder vs Ashmem vs other IPC:

http://elinux.org/Android_Kernel_Features

http://developer.android.com/guide/components/bound-services.html

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: