Writing

Technical notes on Linux kernel internals, kernel hardening, memory safety, and low-level systems programming.

I use this section to develop longer articles from source reading, experiments, and small systems projects. Drafts are published when the structure is useful, even if the final article is still being refined.

Current drafts

Type Isolation in Kernel Allocators: Linux SLUB vs XNU Zones

A draft comparing Linux SLUB and XNU’s zone allocator through the question of allocator type isolation.

The article currently focuses on:

why Linux SLUB can merge compatible caches
how XNU zones keep allocation domains separate
what these choices mean for memory use and hardening
how cross-cache attacks relate to allocator behavior
Linux hardening mechanisms such as SLAB_NEVER_MERGE, RANDOM_KMALLOC_CACHES, and proposed SLAB_VIRTUAL

Status: in progress.

A Small RAII Wrapper for POSIX File Descriptors in C++17

A draft explaining the design of a small C++17 RAII wrapper for POSIX file descriptors.

The article currently focuses on:

what a file descriptor represents in Linux
why raw descriptor ownership is easy to get wrong
move-only ownership
safe cleanup
close() semantics
O_CLOEXEC
reset(), release(), duplication, and swap

Status: in progress.

A Small RAII Wrapper for POSIX File Descriptors in C++17

Status: draft in progress Overview This article explains the design of a small RAII wrapper for POSIX file descriptors in C++17. A file descriptor is only an integer in userspace, but it refers to kernel-managed state. Treating it as a plain integer makes ownership easy to lose track of. The wrapper is meant to make descriptor ownership explicit and harder to misuse. Bugs this tries to avoid The article discusses common descriptor-management bugs: ...

Type Isolation in Kernel Allocators: Linux SLUB vs XNU Zones

Status: draft in progress Overview This article compares two allocator designs: Linux SLUB, which can merge compatible caches of similar-sized objects. XNU zones, which keep allocation domains separated by zone. The article is not meant to argue that one design is simply better than the other. The goal is to understand the tradeoff. SLUB’s cache merging can reduce memory overhead and allocator complexity. XNU’s zone isolation gives stronger type separation. Both choices make sense in context, and both have security and engineering consequences. ...

Current drafts#

Type Isolation in Kernel Allocators: Linux SLUB vs XNU Zones#

A Small RAII Wrapper for POSIX File Descriptors in C++17#

Current drafts

Type Isolation in Kernel Allocators: Linux SLUB vs XNU Zones

A Small RAII Wrapper for POSIX File Descriptors in C++17