All posts by corbet

[$] An update and future plans for DAMON

Post Syndicated from corbet original

subsystem was the subject of the first session in the memory-management
track at the Linux
Storage, Filesystem, Memory Management, and BPF Summit
maintainer SeongJae Park introduced the data-access monitoring
framework, which can generate snapshots of how memory is accessed, enabling
the detection of hot and cold regions of memory in both the virtual and
physical address spaces. The session covered recent changes and future
plans for this tool.

White paper: Vendor Kernels, Bugs and Stability

Post Syndicated from corbet original

Ronnie Sahlberg, Jonathan Maple, and Jeremy Allison of CiQ have published
a white
looking at the security-relevant bug fixes applied (or not
applied) to the RHEL 8.x kernel over time.

This means that over time, the security of the RHEL kernels get
worse and worse as more issues are discovered in the upstream code
and are potentially exploitable but fewer and fewer of the fixes
for these known bugs are back-ported into RHEL kernels.

After reaching RHEL 8.7, the theory is that the kernel has been
stabilized, with a corresponding improvement in security. However
we still have an influx of newly discovered bugs in the upstream
kernel affecting RHEL 8.7 that are not addressed. Each minor
version of upstream is released on an approximately quarterly basis
and we can see that the influx of new bugs that are unaddressed in
RHEL is growing. The number of known issues in these kernels
increases by approximately 250 new bugs per quarter or more.

[$] The first half of the 6.10 merge window

Post Syndicated from corbet original

The merge window for the 6.10 kernel release opened on May 12; between
then and the time of this writing, 6,819 non-merge commits were pulled into
the mainline kernel for that release. Your editor has taken some time out
from LSFMM+BPF in an attempt to keep
up with the commit flood. Read on for an overview of the most significant
changes that were pulled in the early part of the 6.10 merge window.

Mozilla Foundation Welcomes Nabiha Syed as Executive Director

Post Syndicated from corbet original

The Mozilla Foundation has announced
that its new executive director will be Nabiha Syed.

Syed is known for her mission-driven leadership, focused on
increasing transparency into the most powerful institutions in
society. She comes to Mozilla after leading The Markup, an
award-winning publication that challenges technology to serve the
public good, from its launch through its successful acquisition in

Linux maintainers were infected for 2 years by SSH-dwelling backdoor (ars technica)

Post Syndicated from corbet original

Ars technica looks
a a
recent report
on the Ebury root kit, with a focus on the 2011 compromise of, which may have
been more extensive than believed at the time.

In 2014, ESET researchers said the 2011 attack likely infected servers with a second piece of malware they called
Ebury. The malware, the firm said, came in the form of a malicious
code library that, when installed, created a backdoor in OpenSSH
that provided the attackers with a remote root shell on infected
hosts with no valid password required. In a little less than 22
months, starting in August 2011, Ebury spread to 25,000
servers. Besides the four belonging to the Linux Kernel
Organization, the infection also touched one or more servers inside
hosting facilities and an unnamed domain registrar and web hosting

[$] The state of the page in 2024

Post Syndicated from corbet original

The advent of the folio structure to
describe groups of pages has been one of the most fundamental
transformations within the kernel in recent years. Since the folio
transition affects many subsystems, it is fitting that the subject was
covered at the beginning of the 2024 Linux Storage,
Filesystem, Memory Management, and BPF Summit
in a joint session of the
storage, filesystem, and memory-management tracks. Matthew Wilcox used the
session to review the work that has been done in this area and to discuss
what comes next.

[$] Some 6.9 development statistics

Post Syndicated from corbet original

The 6.9 kernel was released
on May 12 after a typical nine-week development cycle. Once again,
this is a major release containing a lot of changes and new features. Our
merge-window summaries (part 1, part 2) covered those changes; now that
the development cycle is complete, the time has come to look at where all
that work came from — and to introduce a new and experimental LWN feature
for readers interested in this kind of information.

The 6.9 kernel is out

Post Syndicated from corbet original

Linus has released the 6.9 kernel.
So 6.9 is now out, and last week has looked quite stable (and the
whole release has felt pretty normal).

Significant changes in this release include
the ability to create pidfds for individual
the BPF arena subsystem,
the BPF token security mechanism,
truncate() support in io_uring,
support for the Rust language on 64-bit Arm systems,
weighted interleaving in the
memory-management subsystem,
the device-mapper
virtual data optimizer
initial FUSE passthrough support,
and more.

See the LWN merge-window summaries
(part 1, part 2) for more information.

[$] Another push for sched_ext

Post Syndicated from corbet original

The extensible scheduler class (or “sched_ext”) is a comprehensive
framework that enables the implementation of CPU schedulers as a set of BPF
programs that can be loaded at run time. Despite having attracted a fair
amount of interest from the development community, sched_ext has run into
considerable opposition and seems far from acceptance into the mainline.
The posting by Tejun Heo of a new
version of the sched_ext series
at the beginning of May has restarted
this long-running discussion, but it is not clear what the end result will

Secure Randomness in Go 1.22 (Go Blog)

Post Syndicated from corbet original

The Go Blog has a detailed
on the new, more secure random-number generator implemented for
the 1.22 release.

For example, when Go 1.20 deprecated math/rand’s Read, we heard
from developers who discovered (thanks to tooling pointing out use
of deprecated functionality) they had been using it in places where
crypto/rand’s Read was definitely needed, like generating key
material. Using Go 1.20, that mistake is a serious security problem
that merits a detailed investigation to understand the
damage. Where were the keys used? How were the keys exposed? Were
other random outputs exposed that might allow an attacker to derive
the keys? And so on. Using Go 1.22, that mistake is just a mistake.

The 2023 FSF Free Software Awards

Post Syndicated from corbet original

The Free Software Foundation has announced
the recipients of its 2023 Free Software Awards: Bruno Haible for work on
gnulib, Nick Logozzo as
the “outstanding new free software contributior”, and for projects of social

When presenting the award to Haible, FSF executive director Zoë
Kooyman commented on the significance of Haible’s work, saying that
Haible’s work enabled free software programmers around the world to
focus on the main, innovative portions of their program, thus
facilitating the development of more and more free software.

[$] The file_operations structure gets smaller

Post Syndicated from corbet original

Kernel developers are encouraged to send their changes in small batches as
a way of making life easier for reviewers. So when a longtime developer
and maintainer hits the list with a 437-patch series touching 859 files,
eyebrows are certain to head skyward. Specifically, this series
from Jens Axboe
is cleaning up one of the core abstractions that has
been part of the Linux kernel almost since the beginning; authors of device
drivers (among others) will have to take note.

[$] Inheritable credentials for directory file descriptors

Post Syndicated from corbet original

In Unix-like systems, an open file descriptor carries the right to access
the opened object in specific ways. As a general rule, that file
descriptor does not enable access to any other objects. The
recently merged BPF token feature runs
counter to this practice by creating file descriptors that carry specific
BPF-related access rights. A similar but different approach to
capability-carrying file descriptors, in the form of directory file
descriptors that include their own credentials, is currently under
consideration in the kernel community.

Rust 1.78.0 released

Post Syndicated from corbet original

of the Rust language has been released. Changes include a new
mechanism for diagnostic attributes, changes to how assertions around
unsafe blocks are handled, and more.

Rust now supports a #[diagnostic] attribute namespace to
influence compiler error messages. These are treated as hints which
the compiler is not required to use, and it is also not an error to
provide a diagnostic that the compiler doesn’t recognize. This
flexibility allows source code to provide diagnostics even when
they’re not supported by all compilers, whether those are different
versions or entirely different implementations.