In recent years, the kernel has (finally) upped its game when it comes to hardening. It is rather harder to compromise a running kernel than it used to be. But “rather harder” is relative: attackers still manage to find ways to exploit kernel bugs. One piece of information that can be helpful to attackers is the location of the kernel stack; this patch set from Kees Cook and Elena Reshetova may soon make that information harder to come by and nearly useless in any case.
David Malcolm writes about the static-analysis features that he is working on adding to the GCC compiler. “This issue is, of course, a huge problem to tackle. For this release, I’ve focused on the kinds of problems seen in C code—and, in particular double-free bugs—but with a view toward creating a framework that we can expand on in subsequent releases (when we can add more checks and support languages other than C).”
January 2018 was a sad time in the kernel community. The Meltdown and Spectre vulnerabilities had finally been disclosed, and the required workarounds hurt kernel performance in a number of ways. One of those workarounds — retpolines — continues to cause pain, with developers going out of their way to avoid indirect calls, since they must now be implemented with retpolines. In some cases, though, there may be a way to avoid retpolines and regain much of the lost performance; after a long gestation period, the “static calls” mechanism may finally be nearing the point where it can be merged upstream.
The KDE.News site is carrying an announcement for the Plasma Bigscreen environment, which is meant for large-screen televisions. “Talking of interacting from the couch, voice control provides users with the ultimate comfort when it comes to TV viewing. But most big brands not only do not safeguard the privacy of their customers, but actively harvest their conversations even when they are not sending instructions to their TV sets. We use Mycroft’s Open Source voice assistant to solve this problem.”
O’Reilly has announced that it is canceling all of its upcoming in-person conferences and shutting down its conference group permanently. “Without understanding when this global health emergency may come to an end, we can’t plan for or execute on a business that will be forever changed as a result of this crisis. With large technology vendors moving their events completely on-line, we believe the stage is set for a new normal moving forward when it comes to in-person events.” There is still no notice to this effect on the OSCON page, but one assumes that is coming.
The Cloudflare blog has an article on the company’s work to improve the performance of Linux disk encryption. “As we can see the default Linux disk encryption implementation has a significant impact on our cache latency in worst case scenarios, whereas the patched implementation is indistinguishable from not using encryption at all. In other words the improved encryption implementation does not have any impact at all on our cache response speed, so we basically get it for free!” Patches are available, but they are apparently not in any form to go upstream.
Version 10.0.0 of the LLVM compiler suite is out. New features include support for C++ concepts, Windows control flow guard support, and much more; click below for pointers to a set of language-specific release notes.
Spring is coming to the northern hemisphere, and one’s thoughts naturally turn to … being locked up inside the house and not allowed to go anywhere. That has, in turn, led to an increasing interest in alternative mechanisms for keeping up with family and coworkers, especially video conferencing. There are a number of proprietary video-conferencing services out there; your editor decided to look into what solutions exist in the free-software realm. It turns out that there are a few; the first to be looked at is Jitsi.
Version 2.26.0 of the Git source-code management system is out. Significant changes include a reimplementation of the “rebase” mechanism, improvements to sparse checkouts, performance improvements, and more. See this GitHub blog entry for more information.
The 5.6-rc7 kernel prepatch is out for testing; this may be the last one before the final release. “The world around us may be going through strange times, but at least so far kernel development looks normal.”
The io_uring subsystem has, in the last year, redefined how asynchronous I/O is done on Linux systems. As this subsystem grows in both capability and users, though, it starts to run into limitations in the types of operations that can be expressed. That is driving a number of changes in how operations are programmed for io_uring. One example is the mechanisms considered for carrying a file descriptor between operations that was covered here in early March. Another has to do with how I/O buffers are chosen for operations.
Author Nick Black has written an extensive book on the creation of textual user interfaces using the notcurses library; it’s available under the Apache license [PDF]. “Many people asked how such a thing was useful. My usual response was that numerous devices don’t present a bitmap interface, that X11 GUIs run remotely over SSH are effectively unusable, that plenty of machines don’t have a GUI environment installed, that there are obvious applications for large outdoor displays, and that Sixel isn’t well-supported across different terminal emulators. It seems impossible in an age of gigatransistor graphics cards, but the text environment still presents perceivably less latency than most GUI toolkits.”
The kernel’s memory-management subsystem goes to great lengths to keep the pages that are actually in use in memory. But sometimes it gets things wrong, leading to reduced performance or, in the worst cases, flat-out thrashing. We may be about to see a significant improvement, though, thanks to a patch set from Joonsoo Kim changing how anonymous pages (those containing data not backed by files on disk) are managed. As it turns out, all that had to be done was to make use of some work that already exists in related parts of the memory-management code.
Here’s a detailed blog post on how the Qubes distribution is working to isolate the graphical interface from the rest of the system. “The upcoming 4.1 release changes this protocol to a more flexible form. It will no longer use direct memory addresses, but an abstract mechanism in which the qube has to explicitly allow access to a particular memory page. In our current implementation — under Xen — we use the grant tables mechanism, which provides a separate memory allocation API and allows working on grants and not directly on memory pages. Other implementations will also be possible: whether for another hypervisor (e.g. KVM) or for a completely different architecture not based on shared memory (e.g. directly sending frames to another machine).”
Konstantin Ryabitsev introduces the “b4” tool for kernel development. Developers and LWN readers will be familiar with b4 under its previous name: get-lore-mbox. “On top of that, b4 also introduces support for cryptographic patch attestation, which makes it possible to verify that patches (and their metadata) weren’t modified in transit between developers. This is still an experimental feature, but initial tests have been pretty encouraging.” See this article for early coverage of the attestation feature.
Drew DeVault complains about the complexity of the web and the browsers that work with it. “The major projects are open source, and usually when an open-source project misbehaves, we’re able to to fork them to offer an alternative. But even this is an impossible task where web browsers are concerned. The number of W3C specifications grows at an average rate of 200 new specs per year, or about 4 million words, or about one POSIX every 4 to 6 months. How can a new team possibly keep up with this on top of implementing the outrageous scope web browsers already have now?”
Over the last decade, the addition of a “flags” argument to all new system calls, even if no flags are actually needed at the outset, has been widely adopted as a best practice. The result has certainly been greater API extensibility, but we have also seen a proliferation of various types of flags for related system calls. For calls related to files and filesystems, in particular, the available flags have reached a point where some calls will need as many as three arguments for them rather than just one.
The 5.6-rc6 kernel prepatch has been released. “Diffstat looks normal, and the number of commits is right in the middle of the usual range too. And I don’t think any of the commits look all that strange either – it’s all pretty small.”
The collective thoughts of the interwebz
By continuing to use the site, you agree to the use of cookies. more information
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.