Overview of DNS The Domain Name System (DNS) is the cornerstone of the modern internet, acting as a distributed and hierarchical naming system that translates human-readable domain names (e.g., example.com) into IP addresses (e.g., 192.0.2.1) that networking equipment uses to route traffic. DNS Resolution Flow User Request: The user enters a domain in their browser. Recursive Resolver: The request first hits a recursive resolver (typically provided by the user’s ISP or a public resolver like Google or Cloudflare). Root Servers: If not cached, the resolver queries one of the root DNS servers (13 root server clusters). TLD Servers: The root server responds with the TLD (e.g., .com) nameservers. Authoritative Server: The resolver queries the TLD server, which responds with the authoritative nameserver for the domain. Final Resolution: The resolver queries the authoritative nameserver, retrieves the required record (e.g., A record), and returns it to the user. DNS Hierarchy Root Zone: Managed by IANA, root servers handle the top level of DNS. TLD Zone: Top-Level Domains like .com, .net, .org, governed by registries. Authoritative Zones: Domains and subdomains managed by authoritative nameservers, controlled by domain owners. Major DNS Record Types A (Address Record) Purpose: Maps a domain to an IPv4 address. Example: api.example.com. IN A 192.0.2.1 Use Cases: Web servers, API endpoints. AAAA (IPv6 Address Record) Purpose: Maps a domain to an IPv6 address. Example: api.example.com. IN AAAA 2001:db8::1 Use Cases: IPv6-compliant services. CNAME (Canonical Name Record) Purpose: Points a subdomain to another domain (alias). Constraints: Cannot be used at the root of a domain. Example: www.example.com. IN CNAME example.com. Use Cases: Load-balanced endpoints, third-party services. ALIAS (Non-standard, provider-specific) Purpose: Like CNAME but usable at the root domain. Example (Cloudflare or Route 53): example.com. IN ALIAS example.net. Use Cases: Root domain pointing to load balancer or CDN. MX (Mail Exchange Record) Purpose: Defines mail servers for a domain. Priority Field: Lower numbers have higher priority. Example: example.com. IN MX 10 mail1.example.com. example.com. IN MX 20 mail2.example.com. Use Cases: Email routing and delivery. NS (Name Server Record) Purpose: Specifies authoritative DNS servers for a domain. Example: example.com. IN NS ns1.exampledns.com. example.com. IN NS ns2.exampledns.com. Use Cases: Delegating zones. SOA (Start of Authority) Purpose: Metadata for the DNS zone. Fields: Primary NS Admin email Serial number (zone version) Refresh, retry, expire, minimum TTL Example: example.com. IN SOA ns1.exampledns.com. admin.example.com. ( 2025052101 ; serial 3600 ; refresh 600 ; retry 604800 ; expire 86400 ; minimum ) TXT (Text Record) Purpose: Stores arbitrary text data. Use Cases: SPF (Sender Policy Framework): example.com. IN TXT "v=spf1 include:_spf.google.com ~all" DKIM (DomainKeys Identified Mail): default._domainkey.example.com. IN TXT "v=DKIM1; k=rsa; p=..." DMARC: _dmarc.example.com. IN TXT "v=DMARC1; p=none; rua=mailto:dmarc@example.com" PTR (Pointer Record) Purpose: Reverse DNS lookup. Example: 1.2.0.192.in-addr.arpa. IN PTR api.example.com. Use Cases: Email server validation, diagnostics. SRV (Service Locator Record) Purpose: Defines the location of services by name. Fields: Priority, weight, port, target. Example: _sip._tcp.example.com. IN SRV 10 60 5060 sipserver.example.com. Use Cases: SIP, XMPP, LDAP. CAA (Certificate Authority Authorization) Purpose: Specifies which CAs are allowed to issue certificates. Example: example.com. IN CAA 0 issue "letsencrypt.org" Use Cases: TLS certificate issuance control. Real-World Examples and Configurations Subdomain Examples api.example.com. IN A 192.0.2.10 mail.example.com. IN MX 10 mailhost.example.com. ftp.example.com. IN CNAME files.example.net. Multiple Records example.com. IN MX 10 mx1.example.com. example.com. IN MX 20 mx2.example.com. example.com. IN A 192.0.2.1 example.com. IN A 192.0.2.2 TTL and Priority Tuning www.example.com. 3600 IN CNAME webhost.example.net. example.com. 300 IN MX 10 mail1.example.com. Common Pitfalls and Misconfigurations CNAME at Root Domain Using CNAME at the zone apex (example.com.) is invalid and breaks RFC compliance. Use ALIAS or ANAME records if supported by your DNS provider. ...

Generating a Patch Using diff 1. Extract the Original Source Ensure you have a pristine copy of the original source for comparison. You can extract it from the tarball in the dl directory: tar -xf dl/<package>-<version>.tar.gz -C /tmp/ This will create a directory like /tmp/<package>-<version>/. Using buildroot’s mechanism Clean the build directory and apply current patches of buildroot make <pkg>-dirclean # Remove <pkg> build directory make <pkg>-extract # Extract <pkg> sources make <pkg>-patch # Apply patches to <pkg> (Optional) cp -r output/build/<package> /tmp/ 2. Generate the Patch Use the diff command to create a unified diff between the original and modified sources: ...

Overview ssh-audit is a tool for ssh server & client configuration auditing(banner, key exchange, encryption, mac, compression, compatibility, security, etc). Installation On Arch pacman -S ssh-audit pip pip3 install ssh-audit Generic - Download and extract tarball from release Usage ./ssh-audit.py 192.168.101.201 References https://github.com/jtesta/ssh-audit https://www.ssh-audit.com/hardening_guides.html

This File contains all the markdown formatting which include generic markdown as well as obsidian specific markdown. Markdown Conversion Test Headings H1 H2 H3 H4 H5 H6 Text Formatting Italic Italic Bold Bold Bold Italic Strikethrough Lists Unordered list Nested item Deeper item Ordered list Second item Sub-item Sub-item Links Standard Markdown Link Obsidian internal link: [0-Inbox/Obsidian]({< ref “/posts/0-inbox/obsidian/” >}}) Obsidian link with alias: [0-Inbox/Obsidian|Custom Text]({< ref “/posts/0-inbox/obsidian|custom-text/” >}}) Obsidian section link: [0-Inbox/Obsidian#Themes]({< ref “/posts/0-inbox/obsidian#themes/” >}}) Obsidian section link with alias: [0-Inbox/Obsidian#Themes|Alias Text]({< ref “/posts/0-inbox/obsidian#themes|alias-text/” >}}) Mixed content: Regular and [../0-Inbox/Obsidian Export to HUGO]({< ref “/posts/../0-inbox/obsidian-export-to-hugo/” >}}) Obsidian section link display content: Images Markdown image: Obsidian image: Obsidian image relative path: Code Inline code example. ...

Install nfs-kernel-server mkdir ~/Public Export the rootfs folder Add the following entry to /etc/exports: /home/rishav/Public *(rw,async,nohide,insecure,no_root_squash,no_subtree_check) Update the NFS server’s exports sudo exportfs -arv Make the NFS server serve over UDP Add the following to /etc/nfs.conf [nfsd] udp=y vers2=y Restart the NFS server systemctl restart nfs-server.service

Process Mount recovery partition into temporary location mkdir -p /mnt/recovery mount /dev/mmcblk0p6 /mnt/recovery Prepare old_root directory mkdir -p /mnt/recovery/mnt/old_root Switch root using pivot_root cd /mnt/recovery pivot_root . mnt/old_root Now: New root is /mnt/recovery (i.e., /) The previous root (e.g., initramfs or mainfs) is now mounted at /mnt/old_root Note: The chroot must be available under the old root and under the new root(recovery) Remount /proc, /sys, /dev, etc mount -t proc proc /proc mount -t sysfs sysfs /sys mount -o bind /mnt/old_root/dev /dev mount -o bind /mnt/old_root/tmp /tmp mount -o bind /mnt/old_root/run /run Start a shell inside of new root exec /bin/sh Mount root filesystem from NFS Setup nfs-service on host machine (refer [3-Resource/Linux/NFS|this]({< ref “/posts/3-resource/linux/nfs|this/” >}})) Mount NFS filesystem into the board mount -t nfs -o nolock 192.168.1.27:/home/rishav/Public /mnt/nfsroot Mount ext image as a loopback device mkdir -p /mnt/local cp /mnt/nfs/rootfs.ext4 /tmp/rootfs.ext4 mount -o loop /tmp/rootfs.ext4 /mnt/local References Manual page of pivot_root Also see difference between pivot_root and chroot

1. Overview Process Context The kernel executes code on behalf of a user-space process (e.g., handling a system call like read() or write()). Key Properties: Associated with a struct task_struct (process descriptor). Can sleep (use blocking functions like mutex_lock()). Can access user-space memory (via copy_from_user()). Interrupt Context “Atomic context” or “Interrupt context”, The kernel executes code to handle a hardware interrupt or softirq (e.g., a network packet arriving) Key Properties: No associated process (current macro points to an idle task). Cannot sleep (blocking functions like kmalloc(GFP_KERNEL) are forbidden). Runs with interrupts disabled (on the current CPU). 2. CPU Execution States in ARM ARM architectures (e.g., ARMv8-A) define exception levels (ELs) that correspond to CPU execution states: ...

1. System Call Basics System calls (syscalls) are the interface for user-space programs to request services from the kernel. Examples include: File I/O: read(), write(), open(), close(). Device Control: ioctl(). Signal Handling: kill(), signal(). 2. System Call Table and Registration Syscall Table: A table (sys_call_table) maps syscall numbers to handler functions. Architecture-Specific: x86: Defined in arch/x86/entry/syscalls/syscall_64.tbl. ARM: Defined in arch/arm/tools/syscall.tbl. Registration: Syscalls are registered at compile time using macros like SYSCALL_DEFINE (e.g., SYSCALL_DEFINE3(write, ...) for write()). For custom syscalls (rare and discouraged), you would: Add an entry to the syscall table. Define the handler using SYSCALL_DEFINE. Recompile the kernel (or use modules for dynamic insertion). 3. Flow of System Calls 1. User-Space Invocation The libc wrapper (e.g., read(), ioctl()) triggers a software interrupt (int 0x80 on x86) or uses the syscall instruction (modern x86/ARM). // User-space code fd = open("/dev/mydevice", O_RDWR); // Syscall 1: open() read(fd, buf, 100); // Syscall 2: read() ioctl(fd, MY_CMD, arg); // Syscall 3: ioctl() close(fd); // Syscall 4: close() 2. Transition to Kernel Mode Switches to kernel mode (ring 0 on x86, EL1 on ARM). Saves user-space registers (e.g., RIP, RSP, EFLAGS). Jumps to the kernel’s syscall entry point (e.g., entry_SYSCALL_64 on x86) 3. Syscall Dispatching Syscall Number: The syscall number is stored in a register (e.g., RAX on x86, R7 on ARM). Example: __NR_read (syscall number for read()). Syscall Table: The kernel uses sys_call_table (array of function pointers) to find the handler. Example: sys_call_table[__NR_read] points to sys_read(). 4. Handler Execution in Process Context Generic Steps for All Syscalls: Argument Validation: Check pointers (e.g., buf in read()) using access_ok() Copy arguments from user space with copy_from_user() or get_user() Kernel Function Execution: Perform the requested operation (e.g., read from a file, send an ioctl command) File Operations (read/write): File Descriptor Resolution: Convert fd to a struct file using fdget(). Check file permissions (FMODE_READ/FMODE_WRITE). Driver Interaction: Call the read/write method from the file’s file_operations struct. Example: For /dev/mydevice, this invokes the driver’s .read function. I/O Control (ioctl): The ioctl syscall (sys_ioctl()) calls the driver’s .unlocked_ioctl method. 5. Return to User Space: Result is stored in eax/r0, and the kernel restores user registers Execute iret (x86) or exception return (ARM) to resume user-mode execution. 4. Device File Operations Character devices (e.g., /dev/char_dev) expose operations via file_operations: ...

1. Interrupt Generation A hardware device (e.g., NIC, keyboard) raises an interrupt via the Programmable Interrupt Controller (PIC/APIC). The PIC converts the IRQ line into a vector number and signals the CPU via the INTR/NMI pin. 2. CPU State Save & Context Switch The CPU finishes the current instruction, saves the process context (registers, PC, flags) to the stack, and disables local interrupts Switches to the interrupt context (no associated process, interrupts disabled). 3. IDT Lookup The CPU uses the Interrupt Descriptor Table (IDT) to find the handler address for the interrupt vector. On ARM, the vector table (similar to x86 IDT) is preconfigured with handlers like handle_level_irq or handle_edge_irq. 4. Top Half Execution Immediate Actions: Acknowledge the interrupt at the hardware level (irq_data.chip->irq_ack()) Read device status registers to confirm the interrupt source Minimal Processing: Copy critical data (e.g., network packets) to kernel buffers. Schedule deferred processing via bottom halves (tasklets, softirqs) APIs: request_irq(), free_irq() for driver-level registration. 5. Bottom Half Execution Deferred Work: Process data in safe contexts (e.g., tasklet_schedule() or workqueues). Runs with interrupts enabled (softirq context) or in process context (workqueues). Mechanisms: SoftIRQs: Statically allocated, high-priority (e.g., network RX) Tasklets: Dynamically allocated, atomic (e.g., USB transfers). Workqueues: Sleepable, process context (e.g., filesystem I/O) . 6. Interrupt Completion Send End-of-Interrupt (EOI) to the PIC (e.g., irq_data.chip->irq_eoi()) The result is stored in eax/r0, and the kernel uses iret (x86) or exception return (ARM) to resume user execution. 7. Examples Network Driver (Hardware Interrupt) Top Half: irqreturn_t nic_isr(int irq, void *dev_id) { // Read packet from hardware buffer tasklet_schedule(&nic_tasklet); // Schedule bottom half return IRQ_HANDLED; } Bottom Half: void nic_tasklet_fn(unsigned long data) { // Process packets, update kernel networking stack }

Q1: What happens if another interrupt occurs while a top half (ISR) is executing? Answer: By default, interrupts are disabled during the top half execution. When the CPU enters the ISR (via the IDT), it automatically clears the Interrupt Flag (IF) on x86 (using cli), preventing further interrupts until the ISR finishes. Exception: Some architectures or configurations (e.g., nested interrupts) allow interrupts to preempt an ISR. For example: IRQF_DISABLED (now deprecated): Previously controlled whether interrupts were disabled during the ISR. Modern kernels typically disable interrupts for all IRQ handlers by default. Threaded interrupts (using IRQF_ONESHOT or IRQF_THREAD): The “top half” runs in a kernel thread with interrupts enabled. Key Takeaway: ...