All posts by corbet

Go 1.20 released

Post Syndicated from corbet original https://lwn.net/Articles/921894/

Version 1.20 of the Go language
has been released.

We’re particularly excited to launch a preview of profile-guided
optimization (PGO), which enables the compiler to perform
application- and workload-specific optimizations based on run-time
profile information. Providing a profile to go build enables the
compiler to speed up typical applications by around 3–4%, and we
expect future releases to benefit even more from PGO. Since this is
a preview release of PGO support, we encourage folks to try it out,
but there are still rough edges which may preclude production use.

Go 1.20 also includes a handful of language changes, many
improvements to tooling and the library, and better overall
performance.

TrenchBoot Anti Evil Maid for Qubes OS

Post Syndicated from corbet original https://lwn.net/Articles/921870/

The Qubes OS news site has a
detailed article
on work being done to ensure the integrity of the
system at boot time.

As you may know, traditional firmware security measures like UEFI
Secure Boot and measured boot, even with a Static Root of Trust
(SRT), may only sometimes be enough to ensure a completely secure
environment for your operating system. Compromised firmware may
allow for the injection of malicious software into your system,
making it difficult to detect. To overcome these limitations, many
silicon vendors have started implementing Dynamic Root of Trust
(DRT) technologies to establish a secure environment for operating
system launch and integrity measurements. We’re excited to take
advantage of these advancements through integration with the
TrenchBoot Project.

Elementary OS 7 released

Post Syndicated from corbet original https://lwn.net/Articles/921854/

Version 7 of
the Ubuntu-based elementary OS distribution has been released.

In the latest version of AppCenter we’ve worked on making app
descriptions more engaging with more information, making it easier
to update to the latest versions of apps, and improving support for
sideloading and alt stores. We’ve also worked on improving
AppCenter’s responsiveness—making sure you can comfortably use it
when tiling and on small displays as well as better using space on
large displays.

Cook: Bounded flexible arrays in C

Post Syndicated from corbet original https://lwn.net/Articles/921799/

Kees Cook has posted a
detailed document
describing the work to improve safety of
flexible-length arrays
in the kernel.

Converting such codebases to use “modern” language features, like
those in C99 (still from the prior millennium), can be a major
challenge, but it is an entirely tractable problem. This post is a
deep dive into an effort underway in the Linux kernel to make array
index overflows (and more generally, buffer overflows) a thing of
the past, where they belong. Our success hinges on replacing
anachronistic array definitions with well-defined C99 flexible
arrays.

This work has been covered here as well.

Security updates for Tuesday

Post Syndicated from corbet original https://lwn.net/Articles/921765/

Security updates have been issued by CentOS (bind, firefox, java-1.8.0-openjdk, java-11-openjdk, kernel, libXpm, pki-core, sssd, sudo, thunderbird, tigervnc, and xorg-x11-server), Debian (cinder, glance, libarchive, libhtml-stripscripts-perl, modsecurity-crs, node-moment, node-qs, nova, ruby-git, ruby-rack, and tiff), Fedora (java-17-openjdk, rust-bat, rust-cargo-c, rust-git-delta, rust-gitui, rust-pore, rust-silver, rust-tokei, and seamonkey), Oracle (libksba), Red Hat (kernel, kernel-rt, kpatch-patch, libksba, and pcs), Scientific Linux (libksba), SUSE (apache2-mod_auth_openidc, ghostscript, libarchive, nginx, python, vim, and xen), and Ubuntu (cinder, glance, linux-raspi, nova, python-future, and sudo).

[$] The Linux SVSM project

Post Syndicated from corbet original https://lwn.net/Articles/921266/

If legacy networks are like individual homes with a few doors
where a handful of people have the key, then cloud-based environments are like
apartment complexes that offer both higher density and greater flexibility,
but which include more key holders and potential entry points. The importance
of protecting virtual machines (VMs) running in these environments — from
both the host and other tenants — has become increasingly clear.
The Linux Secure VM Service
Module (SVSM)
is
a new, Rust-based, open-source project that aims to help preserve the confidentiality
and integrity of VMs on AMD hardware.

Kernel prepatch 6.2-rc6

Post Syndicated from corbet original https://lwn.net/Articles/921559/

The 6.2-rc6 kernel prepatch is out for
testing.

It’s suspiciously small, but who am I to look a gift horse in the
mouth? I’ll take it and hope it’s not an aberration, but instead a
sign that 6.2 is shaping up nicely. Call me optimistic, call me
naive, but let’s enjoy it and hope the trend continues.

The plan is still to do an -rc8, though, meaning that the final 6.2 release
can be expected on February 19.

[$] GFP flags and the end of __GFP_ATOMIC

Post Syndicated from corbet original https://lwn.net/Articles/920891/

Memory allocation within the kernel is a complex business. The amount of
physical memory available on any given system will be strictly limited,
meaning that an allocation request can often only be satisfied by taking
memory from somebody else, but some of the options for reclaiming memory
may not be available when a request is made. Additionally,
some allocation requests have
requirements dictating where that memory can be placed or how quickly the
allocation must be made. The kernel’s
memory-allocation functions have long supported a set of “GFP flags” used
to describe the requirements of each specific request. Those flags will
probably undergo some changes soon as the result of this
patch set
posted by Mel Gorman; that provides an opportunity to look at
those flags in some detail.

[$] GFP flags and the end of GFP_ATOMIC

Post Syndicated from corbet original https://lwn.net/Articles/920891/

Memory allocation within the kernel is a complex business. The amount of
physical memory available on any given system will be strictly limited,
meaning that an allocation request can often only be satisfied by taking
memory from somebody else, but some of the options for reclaiming memory
may not be available when a request is made. Additionally,
some allocation requests have
requirements dictating where that memory can be placed or how quickly the
allocation must be made. The kernel’s
memory-allocation functions have long supported a set of “GFP flags” used
to describe the requirements of each specific request. Those flags will
probably undergo some changes soon as the result of this
patch set
posted by Mel Gorman; that provides an opportunity to look at
those flags in some detail.

[$] Reconsidering BPF ABI stability

Post Syndicated from corbet original https://lwn.net/Articles/921088/

The BPF subsystem exposes many aspects of the kernel’s internal algorithms
and data structures; this naturally leads to concerns about maintaining
interface stability as the kernel changes. The longstanding position that
BPF offers no interface-stability guarantees to user space has always
seemed a little questionable; kernel developers have, in the past, found
themselves having to maintain interfaces that were not intended to be
stable. Now the BPF community is starting to think about what it might
mean to provide explicit stability promises for at least some of its
interfaces.

McKenney: What Does It Mean To Be An RCU Implementation?

Post Syndicated from corbet original https://lwn.net/Articles/921351/

Paul McKenney looks at
a couple of Rust crates
in an attempt to determine whether they
actually implement the read-copy-update algorithm; in the process, he gives
an overview of the numerous RCU variants in the kernel.

Except that the first RCU crate, rcu_clean, throws a monkey wrench
into the works. It does not have any grace-period primitives, but
instead a clean() function that takes a reference to a
RCU-protected data item. The user invokes this at some point in
the code where it is known that there are no readers, either within
this thread or anywhere else. In true Rust fashion, in some cases,
the compiler is able to prove the presence or absence of readers
and issue a diagnostic when needed.

A history of the FFmpeg project

Post Syndicated from corbet original https://lwn.net/Articles/921247/

Kostya Shishkov has just posted the
concluding installment
of an extensive history of the FFmpeg project:

See, unlike many people I don’t regard FFmpeg as something unique
(in the sense that it’s a project only Fabrice Bellard could
create). It was nice to have around and it helped immeasurably but
without it something else would fill the niche. There were other
people working on similar tasks after all (does anybody remember
transcode? or gmerlin?). Hopefully you got an idea on how many
talented unsung heroes had been working on FFmpeg and libav over
the years.

The full set can be found on this
page
. (Thanks to Paul Wise).

Security updates for Wednesday

Post Syndicated from corbet original https://lwn.net/Articles/921194/

Security updates have been issued by Debian (libde265, nodejs, and swift), Fedora (nautilus), Oracle (bash, bind, curl, dbus, expat, firefox, go-toolset, golang, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, libreoffice, libtiff, libxml2, libXpm, nodejs, nodejs-nodemon, postgresql-jdbc, qemu, ruby:2.5, sqlite, sssd, sudo, and usbguard), Red Hat (bind, go-toolset-1.18, go-toolset:rhel8, kernel, kernel-rt, kpatch-patch, pcs, sssd, and virt:rhel, virt-devel:rhel), Scientific Linux (bind, java-1.8.0-openjdk, kernel, and sssd), SUSE (mozilla-nss, rubygem-websocket-extensions, rust1.65, rust1.66, and samba), and Ubuntu (mysql-5.7, mysql-5.7, mysql-8.0, pam, and samba).