One afternoon I went crazy and decided that I wanted to decompile kernels. (I have a magic decompiler for Windows that lets me do that.) I get out my old Windows XP disk, and then download the first Linux kernel. I decompile them and now have thousands of pages of code sitting in front of me.
Then I go completely mad. I decide I want to compare kernels on a line by line basis to see if there are any instances in which code, regardless of its function, has been written in precisely the same way in both the Windows and Linux kernel. Some questions arise from this:
1. How likely am I to find instances in which this occurs?
2. Where would this most likely occur, if it did?
3. If this kind of overlap doesn't occur, why not?
4. If Windows and Linux shared identical sequences of code, doesn't that imply that it's very difficult to design a completely original (from a code implementation perspective) OS?
5. Wouldn't similar code yield similar vulnerabilities?
Originality of OS code: a different way of asking a question
Re: Originality of OS code: a different way of asking a ques
there are probably part that are similar, specially parts that deal with hardware and cpu
but why decompiling linux kernel when you can just download the source code in C ?
both windows and linux share big deal of concept anyway, all modern os use similar base architecture for many things, and lot of it is hardware or cpu dependant, and they both use similar concept for file system, permission with group/user, shared libraries, virtual memory, the basics of it is probably similar in all modern os, only the layer of drivers and higher level functions would have major difference
both windows linux and even the intel macs are designed in similar way with similar purpose for similar hardware, and they are not all that different in the fundementals, if you would want to design an os with the same feature and same purpose than win/linux/macos, to make server os or desktop following industry standard, you would probably come up with something similar
similar code would yield similar vulneratbilities if the execution of these function would be controlled directly from user space application, which is rarely the case, and vulnerabilities would more depend on the way higher level api that application use are made, or how the kernel function are encapsulated and how well parameters are checked in the higher level api
even two different os built on the exact same kernel can have different vulnerabities depending on the whole layer of software that is exposed to user/application level space, vulnerabilities that are interesting to exploit are rarely at the level of the kernel, but on the level of higher level server application for example, to bypass some high level security setting that the system is configured with, but not exactly to execute kernel specific function, it would not be very usefull in most of the case
the libc and c runtime are much better target to find vulnerabilities, because all application make intensive use of them, and kernel function are generally accessed either throught the libc or daemon, api, vfs etc, even if vulnerabilities can be found in kernel code, it's not likely they would be directly exploitable in the context of server application because they more use the libc than kernel specific function for portability reason
and the assembly code can also be different only because they use different compilers with different options, modern compiler can already do a great deal to check and prevent most vulnerabilities, at least the most obvious one like buffer overflow, exploiting problem with the stack or other things, and on more conceptual level, it more happen in higher level, and even bad configuration can open hole even if the kernel is perfectly secure, it's why also default configuration is important part of os developpement to ship os that are secure with the default configuration
but why decompiling linux kernel when you can just download the source code in C ?
both windows and linux share big deal of concept anyway, all modern os use similar base architecture for many things, and lot of it is hardware or cpu dependant, and they both use similar concept for file system, permission with group/user, shared libraries, virtual memory, the basics of it is probably similar in all modern os, only the layer of drivers and higher level functions would have major difference
both windows linux and even the intel macs are designed in similar way with similar purpose for similar hardware, and they are not all that different in the fundementals, if you would want to design an os with the same feature and same purpose than win/linux/macos, to make server os or desktop following industry standard, you would probably come up with something similar
similar code would yield similar vulneratbilities if the execution of these function would be controlled directly from user space application, which is rarely the case, and vulnerabilities would more depend on the way higher level api that application use are made, or how the kernel function are encapsulated and how well parameters are checked in the higher level api
even two different os built on the exact same kernel can have different vulnerabities depending on the whole layer of software that is exposed to user/application level space, vulnerabilities that are interesting to exploit are rarely at the level of the kernel, but on the level of higher level server application for example, to bypass some high level security setting that the system is configured with, but not exactly to execute kernel specific function, it would not be very usefull in most of the case
the libc and c runtime are much better target to find vulnerabilities, because all application make intensive use of them, and kernel function are generally accessed either throught the libc or daemon, api, vfs etc, even if vulnerabilities can be found in kernel code, it's not likely they would be directly exploitable in the context of server application because they more use the libc than kernel specific function for portability reason
and the assembly code can also be different only because they use different compilers with different options, modern compiler can already do a great deal to check and prevent most vulnerabilities, at least the most obvious one like buffer overflow, exploiting problem with the stack or other things, and on more conceptual level, it more happen in higher level, and even bad configuration can open hole even if the kernel is perfectly secure, it's why also default configuration is important part of os developpement to ship os that are secure with the default configuration
Re: Originality of OS code: a different way of asking a ques
1. Extremely unlikely. SCO spent many millions of dollars and many years trying to prove such similarities in Linux and their versions of UNIX (ostensibly far more similar OSs than anything and Windows). They failed miserably.
2-5. Irrelevant.
2-5. Irrelevant.