All posts by corbet

[$] Per-system-call kernel-stack offset randomization

Post Syndicated from corbet original https://lwn.net/Articles/816085/rss

In recent years, the kernel has (finally) upped its game when it comes to
hardening. It is rather harder to compromise a running kernel than it used
to be. But “rather harder” is relative: attackers still manage to find
ways to exploit kernel bugs. One piece of information that can be helpful
to attackers is the location of the kernel stack; this
patch set
from Kees Cook and Elena Reshetova may soon make that
information harder to come by and nearly useless in any case.

Malcolm: Static analysis in GCC 10

Post Syndicated from corbet original https://lwn.net/Articles/816089/rss

David Malcolm writes
about the static-analysis features
that he is working on adding to the
GCC compiler. “This issue is, of course, a huge problem to
tackle. For this release, I’ve focused on the kinds of problems seen in C
code—and, in particular double-free bugs—but with a view toward creating a
framework that we can expand on in subsequent releases (when we can add
more checks and support languages other than C).

[$] Avoiding retpolines with static calls

Post Syndicated from corbet original https://lwn.net/Articles/815908/rss

January 2018 was a sad time in the kernel community. The Meltdown and
Spectre vulnerabilities had finally been disclosed, and the required
workarounds hurt kernel performance in a number of ways. One of those
workarounds — retpolines
continues to cause pain, with developers going
out of their way to avoid indirect calls, since they must now be implemented
with retpolines. In some cases, though, there may be a way to
avoid retpolines and regain much of the lost performance;
after a long gestation period, the “static calls” mechanism may finally be
nearing the point where it can be merged upstream.

Plasma on TV: Presenting Plasma Bigscreen (KDE.News)

Post Syndicated from corbet original https://lwn.net/Articles/816052/rss

The KDE.News site is carrying an
announcement
for the Plasma
Bigscreen
environment, which is meant for
large-screen televisions. “Talking of interacting from the couch,
voice control provides users with the ultimate comfort when it comes to TV
viewing. But most big brands not only do not safeguard the privacy of their
customers, but actively harvest their conversations even when they are not
sending instructions to their TV sets. We use Mycroft’s Open Source voice
assistant to solve this problem.

O’Reilly shutting down its conference group

Post Syndicated from corbet original https://lwn.net/Articles/815966/rss

O’Reilly has announced
that it is canceling all of its upcoming in-person conferences and shutting
down its conference group permanently. “Without understanding when
this global health emergency may come to an end, we can’t plan for or
execute on a business that will be forever changed as a result of this
crisis. With large technology vendors moving their events completely
on-line, we believe the stage is set for a new normal moving forward when
it comes to in-person events.
” There is still no notice to this
effect on the OSCON page, but
one assumes that is coming.

Speeding up Linux disk encryption (Cloudflare)

Post Syndicated from corbet original https://lwn.net/Articles/815923/rss

The Cloudflare blog has an
article on the company’s work
to improve the performance of Linux disk
encryption.
As we can see the default Linux disk encryption implementation has a
significant impact on our cache latency in worst case scenarios, whereas
the patched implementation is indistinguishable from not using encryption
at all. In other words the improved encryption implementation does not have
any impact at all on our cache response speed, so we basically get it for
free!

Patches are available, but they are apparently not in any form to go
upstream.

[$] Video conferencing with Jitsi

Post Syndicated from corbet original https://lwn.net/Articles/815751/rss

Spring is coming to the northern hemisphere, and one’s thoughts naturally
turn to … being locked up inside the house and not allowed to go
anywhere. That has, in turn, led to an increasing interest in alternative
mechanisms for keeping up with family and coworkers, especially video
conferencing. There are a number of proprietary video-conferencing
services out there; your editor decided to look into what solutions exist
in the free-software realm. It turns out that there are a few; the first
to be looked at is Jitsi.

[$] Automatic buffer selection for io_uring

Post Syndicated from corbet original https://lwn.net/Articles/815491/rss

The io_uring subsystem has, in the last
year, redefined how asynchronous I/O is done on Linux systems. As this
subsystem grows in both capability and users, though, it starts to run into
limitations in the types of operations that can be expressed. That is
driving a number of changes in how operations are programmed for io_uring.
One example is the mechanisms considered for carrying a file descriptor
between operations that was covered here in early March. Another has to
do with how I/O buffers are chosen for operations.

Hacking the planet with Notcurses

Post Syndicated from corbet original https://lwn.net/Articles/815475/rss

Author Nick Black has written an extensive book on the creation of textual
user interfaces using the notcurses library; it’s available under the Apache
license [PDF]
. “Many people asked how such a thing was
useful. My usual response was that numerous devices don’t present a bitmap
interface, that X11 GUIs run remotely over SSH are effectively unusable,
that plenty of machines don’t have a GUI environment installed, that there
are obvious applications for large outdoor displays, and that Sixel isn’t
well-supported across different terminal emulators. It seems impossible in
an age of gigatransistor graphics cards, but the text environment still
presents perceivably less latency than most GUI toolkits.

[$] Working-set protection for anonymous pages

Post Syndicated from corbet original https://lwn.net/Articles/815342/rss

The kernel’s memory-management subsystem goes to great lengths to keep the
pages that are actually in use in memory. But sometimes it gets things
wrong, leading to reduced performance or, in the worst cases, flat-out
thrashing. We may be about to see a significant improvement, though,
thanks to a
patch set
from Joonsoo Kim changing how anonymous pages (those
containing data not backed by files on disk) are managed.
As it turns out, all that had to be done was to make use of some work that
already exists in related parts of the memory-management code.

Qubes Architecture Next Steps: The GUI Domain

Post Syndicated from corbet original https://lwn.net/Articles/815444/rss

Here’s a
detailed blog post
on how the Qubes distribution is working to isolate
the graphical interface from the rest of the system. “The upcoming
4.1 release changes this protocol to a more flexible form. It will no
longer use direct memory addresses, but an abstract mechanism in which the
qube has to explicitly allow access to a particular memory page. In our
current implementation — under Xen — we use the grant tables mechanism,
which provides a separate memory allocation API and allows working on
grants and not directly on memory pages. Other implementations will also be
possible: whether for another hypervisor (e.g. KVM) or for a completely
different architecture not based on shared memory (e.g. directly sending
frames to another machine).

Ryabitsev: Introducing b4 and patch attestation

Post Syndicated from corbet original https://lwn.net/Articles/815332/rss

Konstantin Ryabitsev introduces
the “b4” tool for kernel development
. Developers and LWN readers will
be familiar with b4 under its previous name: get-lore-mbox. “On top of that, b4 also
introduces support for cryptographic patch attestation, which makes it
possible to verify that patches (and their metadata) weren’t modified in
transit between developers. This is still an experimental feature, but
initial tests have been pretty encouraging.
” See this article for early coverage of the
attestation feature.

DeVault: The reckless, infinite scope of web browsers

Post Syndicated from corbet original https://lwn.net/Articles/815315/rss

Drew DeVault complains
about the complexity of the web
and the browsers that work with it.
The major projects are open source, and usually when an open-source
project misbehaves, we’re able to to fork them to offer an alternative. But
even this is an impossible task where web browsers are concerned. The
number of W3C specifications grows at an average rate of 200 new specs per
year, or about 4 million words, or about one POSIX every 4 to 6 months. How
can a new team possibly keep up with this on top of implementing the
outrageous scope web browsers already have now?

[$] Filesystem-oriented flags: sad, messy and not going away

Post Syndicated from corbet original https://lwn.net/Articles/815118/rss

Over the last decade, the addition of a “flags”
argument
to all new system calls, even if no flags are actually needed
at the
outset, has been widely adopted as a best practice. The result has
certainly been greater API extensibility, but we have also seen a proliferation of
various types of flags for related system calls. For calls related to
files and filesystems, in particular, the available flags have reached a
point where some calls will need as many as three arguments for them
rather than just one.