librewolf/lkrg
1
0
Fork 0
mirror of https://github.com/openwall/lkrg.git synced 2023-12-13 21:30:29 +01:00
Code Issues Projects Releases Wiki Activity

Various spelling and grammar corrections (#7)

Browse source 
* Various spelling corrections by codespell 1.17.1
* Various grammar corrections

Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
Co-authored-by: Solar Designer <solar@openwall.com>
This commit is contained in:
Vitaly Chikunov 2020-08-19 00:18:56 +03:00 committed by Solar Designer
parent 671b079eb9
commit 2648a1d607
9 changed files with 24 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
PERFORMANCE
View file

@ -3,7 +3,7 @@ LKRG benchmarks with Phoronix Test Suite
Michael Larabel of Phoronix published an article on his benchmarks of LKRG as Michael Larabel of Phoronix published an article on his benchmarks of LKRG as
packaged for Whonix as of February 25, 2020. This means a development version packaged for Whonix as of February 25, 2020. This means a development version
inbetween LKRG 0.7 and 0.8. The benchmark system was a "Core i9 9900KS desktop between LKRG 0.7 and 0.8. The benchmark system was a "Core i9 9900KS desktop
running an Ubuntu 20.04 snapshot and using the Linux 5.4 Ubuntu kernel": running an Ubuntu 20.04 snapshot and using the Linux 5.4 Ubuntu kernel":
https://www.phoronix.com/scan.php?page=article&item=linux-lkrg-performance&num=1 https://www.phoronix.com/scan.php?page=article&item=linux-lkrg-performance&num=1

2
README
View file

@ -252,7 +252,7 @@ The sysctl's are (with default values specified in braces):
(potentially deviating from any of the profiles). (potentially deviating from any of the profiles).
Higher-numbered enforcement profiles provide higher likelihood of mitigating Higher-numbered enforcement profiles provide higher likelihood of mitigating
a compromise or stopping an attack, but also a higher risk of interferring a compromise or stopping an attack, but also a higher risk of interfering
with normal system behavior and to a worse extent in case of false positives. with normal system behavior and to a worse extent in case of false positives.
lkrg.profile_enforce=0 can be used for safe testing of LKRG, where any lkrg.profile_enforce=0 can be used for safe testing of LKRG, where any

16
src/modules/database/CPU.c
View file

@ -6,9 +6,9 @@
* => submodule for checking system configuration regarding CPUs * => submodule for checking system configuration regarding CPUs
* *
* Notes: * Notes:
* - Some of the critical data may exists per logical CPU (core) * - Some of the critical data may exist per logical CPU (core)
* and need to be independently verified / checked. * and need to be independently verified / checked.
* Additionally, it is strongly dependend from the architecture. * Additionally, it is strongly dependent on the architecture.
* Linux kernel defines different types of CPUs: * Linux kernel defines different types of CPUs:
* => online CPUs * => online CPUs
* => possible CPUs * => possible CPUs
@ -16,20 +16,20 @@
* => active CPUs * => active CPUs
* *
* This module will keep information about how many 'active CPUs', * This module will keep information about how many 'active CPUs',
* 'online CPUs' and 'present CPUs' exists in the current system. * 'online CPUs' and 'present CPUs' exist in the current system.
* Additionally Linux kernel exports global CPU id count ('nr_cpu_ids') * Additionally, Linux kernel exports global CPU id count ('nr_cpu_ids'),
* which is initialized per boot time. If over the time any of the * which is initialized per boot time. If over the time any of the
* CPU will be hot plugged / activated this information will be * CPU will be hot plugged / activated this information will be
* visible for us! * visible for us!
* *
* - x86 (and amd64) arch: following informations are critical and need * - x86 (and amd64) arch: the following pieces of information are
* to be verified (checking integrity): * critical and need to be verified (checking integrity):
* => IDT base and/or entire table * => IDT base and/or entire table
* => MSRs * => MSRs
* *
* - Since Linux 4.10 there isn't CPU_[ONLINE/DEAD] notifiers :( * - Since Linux 4.10 there isn't CPU_[ONLINE/DEAD] notifiers :(
* Hot CPU plug[in/out] notification logic has completaly changed. More information * Hot CPU plug[in/out] notification logic has completely changed.
* Can be found here: * More information can be found here:
* => https://patchwork.kernel.org/patch/9448577/ * => https://patchwork.kernel.org/patch/9448577/
* On new kernel (4.10.+) we use modern hot CPU plug[in/out] logic. * On new kernel (4.10.+) we use modern hot CPU plug[in/out] logic.
* *

4
src/modules/database/p_database.h
View file

@ -45,7 +45,7 @@ typedef struct p_cpu_info {
int online_CPUs; // Might be active (because it's online) but it is NOT int online_CPUs; // Might be active (because it's online) but it is NOT
// yet, so does NOT execute any task // yet, so does NOT execute any task
int possible_CPUs; // Physically possible CPUs handled by this kernel int possible_CPUs; // Physically possible CPUs handled by this kernel
int present_CPUs; // Currently availble CPUs, but doesn't need to be used int present_CPUs; // Currently available CPUs, but doesn't need to be used
// by kernel at this time. Value is dynamically updated // by kernel at this time. Value is dynamically updated
// when CPU is hotplug // when CPU is hotplug
int active_CPUs; // Currently active CPUs - can execute tasks int active_CPUs; // Currently active CPUs - can execute tasks
@ -108,7 +108,7 @@ struct p_jump_label {
}; };
/* /*
* Main database structure conatining: * Main database structure containing:
* - memory hashes * - memory hashes
* - Critical addresses * - Critical addresses
* - CPU specific information * - CPU specific information

2
src/modules/exploit_detection/p_exploit_detection.c
View file

@ -1938,7 +1938,7 @@ int p_ed_pcfi_validate_sp(struct task_struct *p_task, struct p_ed_process *p_ori
} }
/* /*
* Validate if stack is comming from the valid range (CONFIG_VMAP_STACK) * Validate if stack is coming from the valid range (CONFIG_VMAP_STACK)
*/ */
// TODO // TODO

4
src/modules/exploit_detection/p_rb_ed_trees/p_rb_ed_pids/p_rb_ed_pids_tree.c
View file

@ -2,10 +2,10 @@
* pi3's Linux kernel Runtime Guard * pi3's Linux kernel Runtime Guard
* *
* Component: * Component:
* - Red-black tree for keeping track user-mode process pid structure * - Red-black tree for keeping track of usermode processes
* *
* Notes: * Notes:
* - Make sence with own kmem_cache_* allocation * - Makes sense with own kmem_cache_* allocation
* *
* Timeline: * Timeline:
* - Created: 07.IX.2017 * - Created: 07.IX.2017

4
src/modules/exploit_detection/p_rb_ed_trees/p_rb_ed_pids/p_rb_ed_pids_tree.h
View file

@ -2,10 +2,10 @@
* pi3's Linux kernel Runtime Guard * pi3's Linux kernel Runtime Guard
* *
* Component: * Component:
* - Red-black tree for keeping track user-mode process pid structure * - Red-black tree for keeping track of usermode processes
* *
* Notes: * Notes:
* - Make sence with own kmem_cache_* allocation * - Makes sense with own kmem_cache_* allocation
* *
* Timeline: * Timeline:
* - Created: 07.IX.2017 * - Created: 07.IX.2017

12
src/modules/integrity_timer/p_integrity_timer.c
View file

@ -173,7 +173,7 @@ void p_check_integrity(struct work_struct *p_work) {
/* /*
* First allocate temporary buffer for per CPU data. Number of possible CPUs * First allocate temporary buffer for per CPU data. Number of possible CPUs
* is per kernel compilation. Hot plug-in/off won't change that value so it is * is per kernel compilation. Hot plug-in/off won't change that value so it is
* safe to prealocate buffer here - before lock and before recounting CPUs info. * safe to preallocate buffer here - before lock and before recounting CPUs info.
*/ */
/* /*
@ -244,7 +244,7 @@ void p_check_integrity(struct work_struct *p_work) {
* *) http://blog.pi3.com.pl/?p=549 * *) http://blog.pi3.com.pl/?p=549
* *) http://lists.openwall.net/linux-kernel/2016/09/21/68 * *) http://lists.openwall.net/linux-kernel/2016/09/21/68
* *
* on_each_cpu() might mitigate this problem a bit becuase has extra * on_each_cpu() might mitigate this problem a bit because has extra
* self-balancing code for performance reasons. * self-balancing code for performance reasons.
*/ */
on_each_cpu(p_dump_CPU_metadata,p_tmp_cpus,true); on_each_cpu(p_dump_CPU_metadata,p_tmp_cpus,true);
@ -855,7 +855,7 @@ void p_check_integrity(struct work_struct *p_work) {
/* /*
* We found as many modules in module list as in sysfs * We found as many modules in module list as in sysfs
* Let's validate if our databse has the same information as we gathered now * Let's validate if our database has the same information as we gathered now
* *
*/ */
@ -905,7 +905,7 @@ void p_check_integrity(struct work_struct *p_work) {
/* OK we found which module is in DB module list but not in current module list... */ /* OK we found which module is in DB module list but not in current module list... */
p_tmp_flag_cnt++; p_tmp_flag_cnt++;
// TODO: Module dissapeared and we didn't notice it! We shouldn't dump it becuase // TODO: Module disappeared and we didn't notice it! We shouldn't dump it because
// most likely module doesn't exists anymore... // most likely module doesn't exists anymore...
// But we can try to poke that page where modules used to be to find out scratches // But we can try to poke that page where modules used to be to find out scratches
// of information about it (e.g. name? symbols table?) // of information about it (e.g. name? symbols table?)
@ -1323,7 +1323,7 @@ void p_check_integrity(struct work_struct *p_work) {
/* OK we found which module is in KOBJ DB but not in the current KOBJ list... */ /* OK we found which module is in KOBJ DB but not in the current KOBJ list... */
p_tmp_flag_cnt++; p_tmp_flag_cnt++;
// TODO: Module dissapeared and we didn't notice it! We shouldn't dump it becuase // TODO: Module disappeared and we didn't notice it! We shouldn't dump it because
// most likely module doesn't exists anymore... // most likely module doesn't exists anymore...
// But we can try to poke that page where modules used to be to find out scratches // But we can try to poke that page where modules used to be to find out scratches
// of information about it (e.g. name? symbols table?) // of information about it (e.g. name? symbols table?)
@ -1676,7 +1676,7 @@ void p_check_integrity(struct work_struct *p_work) {
/* if ( (p_module_list_nr_tmp != p_module_kobj_nr_tmp) || (p_module_list_nr_tmp != p_db.p_module_list_nr) /* if ( (p_module_list_nr_tmp != p_module_kobj_nr_tmp) || (p_module_list_nr_tmp != p_db.p_module_list_nr)
|| (p_module_kobj_nr_tmp != p_db.p_module_kobj_nr) ) { || (p_module_kobj_nr_tmp != p_db.p_module_kobj_nr) ) {
printk(P_LKRG_PRINT P_LKRG_SIGNATURE printk(P_LKRG_PRINT P_LKRG_SIGNATURE
"ALERT !!! MODULES NUMBER ARE INCONSISTEN! IN DB: LIST[%d] KOBJ[%d], found LIST[%d], KOBJ[%d]\n", "ALERT !!! MODULE NUMBERS ARE INCONSISTENT! IN DB: LIST[%d] KOBJ[%d], found LIST[%d], KOBJ[%d]\n",
p_db.p_module_list_nr,p_db.p_module_kobj_nr,p_module_list_nr_tmp,p_module_kobj_nr_tmp); p_db.p_module_list_nr,p_db.p_module_kobj_nr,p_module_list_nr_tmp,p_module_kobj_nr_tmp);
p_hack_check++; p_hack_check++;

2
src/modules/kmod/p_kmod.c
View file

@ -475,7 +475,7 @@ int p_kmod_hash(unsigned int *p_module_list_cnt_arg, p_module_list_mem **p_mlm_t
* Allocation logic should be changed! Should preallocate memory once, and if there * Allocation logic should be changed! Should preallocate memory once, and if there
* there is not enough space, reallocate it multiplying the size, and so on... At some * there is not enough space, reallocate it multiplying the size, and so on... At some
* point allocation won't happen at all since we will have enough room to always store * point allocation won't happen at all since we will have enough room to always store
* all necessary informations. * all necessary information.
*/ */
if (!p_flag || 1 == p_flag) { if (!p_flag || 1 == p_flag) {