All posts by corbet

[$] The guaranteed contiguous memory allocator

Post Syndicated from corbet original https://lwn.net/Articles/1015000/

As a system runs and its memory becomes fragmented, allocating large,
physically contiguous regions of memory becomes increasingly difficult.
Much effort over the years has gone into avoiding the need to make such
allocations whenever possible, but there are times when they simply cannot
be avoided. The kernel’s contiguous memory
allocator (CMA) subsystem attempts to make such allocations possible,
but it has never been a perfect solution. Suren Baghdasaryan is is trying
to improve that situation with the guaranteed
contiguous memory allocator patch set, which includes work from Minchan
Kim as well.

An Asahi Linux 6.14 progress report

Post Syndicated from corbet original https://lwn.net/Articles/1015058/

The Asahi Linux project, working to support Linux on Apple hardware, has
published a
progress report to coincide with the 6.14 kernel release.

Now that Rust for Linux abstractions are starting to be merged at a
healthy pace, we are faced with an emerging challenge. It is rare
for any kernel patch to survive the mailing list without at least a
couple of non-trivial changes, and Rust abstractions are no
exception. Every time an abstraction used by our driver is merged,
we must drop our downstream version and rebase the driver atop the
version accepted upstream. This is grueling, menial, and
unpleasant work, and Janne has our deepest gratitude for
volunteering his time to get through it.

[$] MM medley: huge page allocation, page promotion, KSM, and BPF

Post Syndicated from corbet original https://lwn.net/Articles/1014220/

As the 2025 Linux
Storage, Filesystem, Memory-Management, and BPF Summit (LSFMM+BPF)
approaches, the density of memory-management patches on the mailing lists
has increased. Included among those are patches aimed at improving the
reliability and performance of huge-page allocation, implementing page
promotion on tiered-memory systems, adding a different approach to
deduplicating memory, and replacing the BPF memory allocator. Read on for
an overview of each.

Supply Chain Attacks on Linux distributions (Fenrisk)

Post Syndicated from corbet original https://lwn.net/Articles/1014741/

A security company called Fenrisk has posted an overview of a pair
of claimed successful supply-chain attacks on the Fedora and openSUSE
distributions.

We successfully identified vulnerabilities in the Pagure, the Git
forge used by Fedora to store their package definitions. We also
compromised Open Build Service, the all-in-one toolchain used and
developed by the openSUSE project for compilation and packaging.

Their exploitation by malicious actors would have led to the
compromise of all the packages of the distributions Fedora and
openSUSE, as well as their downstream distributions, impacting
millions of Linux servers and desktops.

[$] Looking forward to mapcount madness 2025

Post Syndicated from corbet original https://lwn.net/Articles/1013649/

One of the many important tasks that the kernel’s memory-management
subsystem must handle is keeping track of how pages of memory are mapped
into the address spaces of the processes running on the system. As long as
mappings to a given page exist, that page must be kept in place. As it
turns out, tracking these mappings is harder than it seems it should be,
and the move to folios within the memory-management subsystem is adding
some complexities of its own. As a follow-up to the “mapcount madness” session that he ran at
the 2024 Linux Storage, Filesystem,
Memory-Management, and BPF summit, David Hildenbrand has posted a patch series
intended to improve the handling of mapping counts for folios — but exact
accounting remains elusive in some situations.

[$] Warming up to frozen pages for networking

Post Syndicated from corbet original https://lwn.net/Articles/1013408/

When the 6.14 kernel is released later this month, it will include the
usual set of internal changes that users should never notice, with the
possible exception of changes that bring performance improvements. One of
those changes is frozen pages, a
memory-management optimization that should fly mostly under the radar.
When Hannes Reinecke reported a
crash in 6.14, though, frozen pages suddenly came into view. There is a
workaround for this problem, but it seems there is a fair
amount of work to be done that nobody had counted on to solve the problem
properly.

Security updates for Tuesday

Post Syndicated from corbet original https://lwn.net/Articles/1013717/

Security updates have been issued by Debian (libaws, ruby2.7, and squid), Fedora (bigloo, emacs, neovim, python-jinja2, rizin, and tree-sitter), Oracle (kernel), Red Hat (grub2, kernel, kernel-rt, and libxml2), SUSE (iniparser, kernel, krb5, libxkbfile, and u-boot), and Ubuntu (gnuchess, openjdk-17-crac, openjdk-21-crac, and openvpn).

[$] Capability analysis for the kernel

Post Syndicated from corbet original https://lwn.net/Articles/1012990/

One of the advantages of the Rust type system is its ability to encapsulate
requirements about the state of the program in the type system;
often, this state includes which locks must be held to be able to carry out
specific operations. C lacks the ability to express these
requirements, but there would be obvious benefits if that kind of feature
could be grafted onto the language. The Clang compiler has made some
strides in that direction with its thread-safety
analysis feature; two developers have been independently working to
take advantage of that work for the kernel.

[$] Timer IDs, CRIU, and ABI challenges

Post Syndicated from corbet original https://lwn.net/Articles/1012490/

The kernel project has usually been willing to make fundamental internal
changes if they lead to a better kernel in the end. The project also,
though, goes out of its way to avoid breaking interfaces that have been
exposed to user space, even if programs come to rely on behavior that was
never documented. Sometimes, those two principles come into conflict,
leading to a situation where fixing problems within the kernel is either
difficult or impossible. This sort of situation has been impeding
performance improvements in the kernel’s POSIX timers implementation for
some time, but it appears that a solution has been found.

Zen and the Art of Microcode Hacking (Google Bug Hunters)

Post Syndicated from corbet original https://lwn.net/Articles/1013136/

The Google Bug Hunters blog has a
detailed description of how a vulnerability in AMD’s microcode-patching
functionality was discovered and exploited; the authors have also released
a set of tools to assist with this kind of research in the future.

Secure hash functions are designed in such a way that there is no
secret key, and there is no way to use knowledge of the
intermediate state in order to generate a collision. However, CMAC
was not designed as a hash function, and therefore it is a weak
hash function against an adversary who has the key. Remember that
every AMD Zen CPU has to have the same AES-CMAC key in order to
successfully calculate the hash of the AMD public key and the
microcode patch contents. Therefore, the key only needs to be
revealed from a single CPU in order to compromise all other CPUs
using the same key. This opens up the potential for hardware
attacks (e.g., reading the key from ROM with a scanning electron
microscope), side-channel attacks (e.g., using Correlation Power
Analysis to leak the key during validation), or other software or
hardware attacks that can somehow reveal the key. In summary, it is
a safe assumption that such a key will not remain secret forever.

Security updates for Tuesday

Post Syndicated from corbet original https://lwn.net/Articles/1012915/

Security updates have been issued by AlmaLinux (kernel), Mageia (x11-server), Red Hat (emacs and webkit2gtk3), SUSE (ffmpeg-7, govulncheck-vulndb, kernel, and skopeo), and Ubuntu (cmark-gfm, erlang, krb5, linux-gcp-6.8, linux-raspi, linux-kvm, lucene-solr, postgresql-12, postgresql-14, postgresql-16, raptor2, spip, tomcat7, and wpa).