Getting somewhat closer to releasing a new version of #swad. I now improved the functionality to execute something on a different worker thread: Use an in-memory queue, providing a #lockfree version. This gives me a consistent reliable throughput of 3000 requests/s (with outliers up to 4500 r/s) at an average response time of 350 - 400 ms (with TLS enabled). For waking up worker threads, I implemented different backends as well: kqueue, eventfd and event-ports, the fallback is still a self-pipe.

So, #portability here really means implement lots of different flavors of the same thing.

Looking at these startup logs, you can see that #kqueue (#FreeBSD and other BSDs) is really a "jack of all trades", being used for "everything" if available (and that's pretty awesome, it means one single #syscall per event loop iteration in the generic case). #illumos' (#Solaris) #eventports come somewhat close (but need a lot more syscalls as there's no "batch registering" and certain event types need to be re-registered every time they fired), they just can't do signals, but illumos offers Linux-compatible signalfd. Looking at #Linux, there's a "special case fd" for everything. 🙈 Plus #epoll also needs one syscall for each event to be registered. The "generic #POSIX" case without any of these interfaces is just added for completeness 😆

https://blog.gslin.org/archives/2025/05/29/12419/%e7%94%a8-strace-%e6%8f%9b%e6%8e%89-syscall/

用 strace 換掉 syscall

#call #debug #injection #kernel #strace #syscall

Watch out for any #Linux #malware sneakily evading #syscall-watching #antivirus

https://www.theregister.com/2025/04/29/linux_io_uring_security_flaw/

#cybersecurity #FOSS #Curing

Syscall и cgo в Go

Привет, Хабр! В этой статье рассмотрим работу с системными утилитами в Go. Будем напрямую общаться с ядром, дергать системные вызовы и писать код на C, чтобы Go не чувствовал себя одиноким.

https://habr.com/ru/companies/otus/articles/886062/

#golang #системные_утилиты #syscall #cgo

Decai decompiling a malicious shellcode.
The instructions are not so readable, if you're not used to syscalls int 0x80. AI does it for you.

https://asciinema.org/a/4PY8wn2TPg2oBdDQ0Q5bgMYjk

#r2ai #decai #r2 #malware #shellcode #syscall #linux

I'm surprised at how badly #Ghidra decompiles this very simple function.

It's a syscall 0x57 which is unlink (remove a file).

I'm surprised it decompiles saying it *returns 0x57* ...

#decompiler #syscall #linux

On thread vs. process permissions

In common Unix and POSIX systems, all threads in a process are supposed to have the same permission. So why does the vortex8 program work as exploited, where one thread sets different permissions than another one using setresuid/setresgid?

Reference: https://man7.org/linux/man-pages/man2/setresuid.2.html

Answer in thread.

#ctf #cybersecurity #posix #linux #glibc #syscall #overthewire #vortex

FreshyCalls: Syscalls Freshly Squeezed!

FreshyCalls is a C++ library to simplify syscalls on Windows, allowing to extract syscall numbers dynamically without depending on specific versions.

https://github.com/crummie5/FreshyCalls

#windows #syscall