Dynamically Loadable Kernel Modules for Dummies.
Patching a live running Kernel !!!
I mean is this what happens when Windows or Linux
or any other OS is updated.
Kernel is the Core foundation of an Operating system.
Kernel modules are extra pieces of code added to the
Kernel.These lines of code increase the functionality
of the Kernel.Dynamically Loadable Kernel Modules
make it easy for systems administrators to add
features to an OS without any costly down time.
Developers testing new drivers also can test there
code without the need for a reboot.
There was/is also a more lengthy method wherein
new module to the kernels are loaded and than
the OS is rebuilt and rebooted.This would be like
changing a few lines in a program and than
compiling or re-running it again.A much longer
method indeed.
DLKM is like live swapping modules in and out of
a running program in this case an OS Kernel
without the need for a reboot.Modules can be
loaded and unloaded as required.
The Kernel Module can be statically linked when
the kernel is rebuilt or dynamically linked depending
on setting a Flag in the Module.
This suits both systems administrators and developers.
The Security issue is this can be exploited by Rootkits to
hide processes , files ,network connections etc.
No comments:
Post a Comment