printf("Welcome to my corner of the internet.\n");
I work as a Software Security Engineer at Google.
I live in Sydney Switzerland.
I am a software geek/UNIX berserker/console cowboy.
I am highly interested in computer security, C programming, and the Linux kernel.
Programming languages of choice? Predominantly C and Python, although I'm very open to learning other programming languages. Perhaps I will give Go a go soon, get it?
The postings on this site are solely my own and under no circumstances do not necessarily represent my employer's positions, strategies or opinions.
I hack on the Linux kernel.
The first patch series that I authored landed in the mainline tree introduced two new event masks within the fanotify(7) API, which is one of the filesystem event notification subsystems within the Linux kernel. The event masks FAN_OPEN_EXEC and FAN_OPEN_EXEC_PERM are available since Linux 5.0 and aim to raise events to userspace applications when a marked filesystem object has been executed using either execve(2) or execveat(2) system calls.
The second patch series that I was responsible for authoring was focused on porting the legacy EXT4 direct I/O buffer_head implementation to make use of the newer iomap infrastructure. The idea behind this change was to simplify the overall direct I/O implementation within the EXT4 filesystem codebase, support the ability to handle transaction restarts and eventually implcitily make use of larger page sizes through the use of iomap infrastructure. Under some workloads i.e. O_SYNC | O_DIRECT, slight performance improvements are also achievable. Articles referring to this change can be found here and also here. This new functionality was released as part of Linux 5.5.
This is an open source project that aims to validate the reliability, robustness and stability of the Linux kernel. As a result of contributing and making changes to the Linux kernel ABI, I found myself having to write a number of system tests that support and validate the changes made to the application binary interface. In addition to writing the tests to support my very own features, I also found myself writing system tests for features being introduced by other Linux kernel developers.
This is a software project started by Steve Grubb from Red Hat which aims to solve the application whitelisting requirement when it comes to GNU/Linux systems. At present, I believe that this software package is only available on some of the newer Fedora releases and perhaps has been backported to also be available on Red Hat Enterprise Linux 8. More information about this project can be found here.
As a result of introducing changes into the Linux kernel ABI, it only made sense for those changes to be thoroughly documented and made available within the Linux man pages. I performed siginificant updates to fanotify(7), fanotify_init(2) and fanotify_mark(2) not only detailing the changes that I introduced within the fanotify API, but also working closely with other Linux kernel developers to document their features too.