Post Syndicated from corbet original https://lwn.net/Articles/944307/

The GCC stack-protector feature detects stack-based buffer overruns by
putting a canary value on the stack and noticing if that value is changed.
It
turns out, though, that dynamically allocated local variables (such as
variable-length arrays and space obtained with alloca()) are
placed beyond the canary, so overflows of those variables will not be
detected. As a result, arm64 binaries built with vulnerable versions of
GCC are not as protected as they should be and need to be rebuilt.

Dynamic allocations are just as susceptible to overflows as other
locals. In fact, they’re arguably more susceptible because they’re
almost always arrays, whereas fixed locals are often integers,
pointers, or other types to which variable-length data is never
written. GCC’s own heuristics for when to use a stack guard reflect
this.

Kees Cook, meanwhile, has pointed out that
the kernel no longer uses variable-length arrays, so kernel builds should
not be affected by this vulnerability.

Post Syndicated from corbet original https://lwn.net/Articles/944263/

Security updates have been issued by Debian (node-cookiejar and orthanc), Oracle (firefox, kernel, and kernel-container), Red Hat (flac and httpd:2.4), Slackware (vim), SUSE (python-Django, terraform-provider-aws, terraform-provider-helm, and terraform-provider-null), and Ubuntu (c-ares, curl, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15,
linux-raspi, and linux-ibm, linux-ibm-5.4).

Post Syndicated from corbet original https://lwn.net/Articles/943245/

Linus Torvalds released
6.6-rc1 and closed the 6.6 merge window on September 10. At that
point, 12,230 non-merge changesets had been pulled into the mainline
repository, which is exactly 500 more than were pulled for 6.5 at this stage
in the cycle. Over 7,000 of those changes were pulled after our first-half summary was written; they
brought a fair amount of new functionality with them. Read on for an
overview of those changes.

Post Syndicated from corbet original https://lwn.net/Articles/944121/

Linus has released 6.6-rc1 and closed the
merge window for this release.

All the stats for 6.6 look fairly normal so far – as always, the
bulk of the patch is drivers (a bit of everything, but networking
and gpu are the two biggest areas), with arch updates coming in as
a notable second, and then we have tooling and documentation.

Post Syndicated from corbet original https://lwn.net/Articles/943758/

The work to add support for large anonymous
folios to the kernel has been underway for some time, but this feature
has not yet landed in the mainline. The author of this work, Ryan Roberts,
has been trying to get a handle on what the remaining obstacles are so he
can address them. On September 6, an online meeting of
memory-management developers discussed that topic and made some progress;
there is still some work to do, though, before large anonymous folios can
go upstream.

Post Syndicated from corbet original https://lwn.net/Articles/943969/

This
ars technica article looks at the widespread deployment of Google’s
“privacy sandbox” in the Chrome browser:

If you haven’t been following this, this feature will track the web
pages you visit and generate a list of advertising topics that it
will share with web pages whenever they ask, and it’s built
directly into the Chrome browser. It’s been in the news previously
as “FLoC” and then the “Topics API,” and despite widespread
opposition from just about every non-advertiser in the world,
Google owns Chrome and is one of the world’s biggest advertising
companies, so this is being railroaded into the production builds.

For those who use Chrome anyway, there are instructions on how to disable
this functionality.

Post Syndicated from corbet original https://lwn.net/Articles/943969/

This
Ars Technica article looks at the widespread deployment of Google’s
“privacy sandbox” in the Chrome browser:

If you haven’t been following this, this feature will track the web
pages you visit and generate a list of advertising topics that it
will share with web pages whenever they ask, and it’s built
directly into the Chrome browser. It’s been in the news previously
as “FLoC” and then the “Topics API,” and despite widespread
opposition from just about every non-advertiser in the world,
Google owns Chrome and is one of the world’s biggest advertising
companies, so this is being railroaded into the production builds.

For those who use Chrome anyway, there are instructions on how to disable
this functionality.

Post Syndicated from corbet original https://lwn.net/Articles/943869/

The Ubuntu blog has a
detailed article on plans to add full-disk encryption, with the key
stored in the system’s trusted platform module (TPM), to the desktop
distribution.

In order to deliver these benefits, the implementation of
TPM-backed FDE relies on two main design principles. First, it
seals the FDE secret key to the full EFI state, including the
kernel command line. Second, access to the decryption key will only
be permitted if and when the device boots software that has been
defined as authorised to access the confidential data. This is
when the initrd code will unseal the key in the secure-boot
protected kernel.efi at boot time.

Post Syndicated from corbet original https://lwn.net/Articles/943591/

OpenSUSE Leap is a hybrid
distribution; it is based on SUSE’s enterprise distribution (SLE), which
follows the “slow and stable” approach, but adds a number of newer packages
on top. Leap is intended to be a desktop-oriented distribution with a stable
and reliable base. As SUSE transitions away from its traditional
enterprise distribution toward its “Adaptable
Linux Platform” (ALP), though, the stable base upon which openSUSE Leap
is built is going away. The openSUSE community is currently discussing how
the project should respond.

Post Syndicated from corbet original https://lwn.net/Articles/943199/

The LWN.net Weekly Edition for September 7, 2023 is available.

Post Syndicated from corbet original https://lwn.net/Articles/943751/

The
6.5.2,
6.4.15,
6.1.52, and
5.15.131
stable kernels have been released; each contains another set of important
fixes.

Post Syndicated from corbet original https://lwn.net/Articles/943699/

The Mozilla Foundation has published a
report on the data-collection and privacy practices of 25 car brands.

We reviewed 25 car brands in our research and we handed out 25
“dings” for how those companies collect and use data and personal
information. That’s right: every car brand we looked at collects
more personal data than necessary and uses that information for a
reason other than to operate your vehicle and manage their
relationship with you. For context, 63% of the mental health apps
(another product category that stinks at privacy) we reviewed this
year received this “ding.”

Proof, once again, that running Linux does not automatically make a device
privacy-friendly.

Post Syndicated from corbet original https://lwn.net/Articles/943697/

Leandro Moreira is maintaining a
detailed description of Linux network tuning parameters and how they
all tie together. There is a lot of good information for administrators
seeking a better understanding of how all those knobs work and
interoperate. (Seen on HN).

Post Syndicated from corbet original https://lwn.net/Articles/943679/

Security updates have been issued by Debian (aom and php7.3), Fedora (freeimage and mingw-freeimage), Scientific Linux (thunderbird), SUSE (amazon-ssm-agent, chromium, container-suseconnect, docker, glib2, php7, python-Django1, and rubygem-rails-html-sanitizer), and Ubuntu (kernel, linux, linux-aws, linux-aws-5.4, linux-gcp, linux-hwe-5.4, linux-ibm,
linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux, linux-aws, linux-aws-6.2, linux-hwe-6.2, linux-kvm,
linux-lowlatency, linux-lowlatency-hwe-6.2, linux-raspi, linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe,
linux-kvm, linux-oracle, and linux, linux-gcp, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency,
linux-lowlatency-hwe-5.15, linux-nvidia).

Post Syndicated from corbet original https://lwn.net/Articles/943596/

FOSS Force looks
at the KDE Gear 23.08 release.

For this release, developers have been working in high gear (no pun
intended) as there were important improvements made to many of
Gear’s most iconic applications. Not only that: just a little over
a year after its arrival, the Kalendar app is going through a name
change as it morphs into what appears will eventually become a
full-featured email application.

Post Syndicated from corbet original https://lwn.net/Articles/943584/

Security updates have been issued by Debian (file and thunderbird), Fedora (exercism, libtommath, moby-engine, and python-pyramid), Oracle (cups and kernel), Red Hat (firefox, kernel, kernel-rt, kpatch-patch, and thunderbird), SUSE (amazon-ecs-init, buildah, busybox, djvulibre, exempi, firefox, gsl, keylime, kubernetes1.18, php7, and sccache), and Ubuntu (docker-registry and linux-azure-5.4).

Post Syndicated from corbet original https://lwn.net/Articles/943239/

The kernel-development community has recently been discussing a number of
independent patches, each of which is intended to help improve the security
of deployed systems in some way. They touch on a number of areas within the
kernel, including the question of how widely io_uring should be available,
how to allow virtual machines to attest to their integrity, and the best
way to inform applications when their random-number generators need to be
reseeded.

Post Syndicated from corbet original https://lwn.net/Articles/943400/

The
6.5.1,
6.4.14,
6.1.51,
5.15.130,
5.10.194,
5.4.256,
4.19.294, and
4.14.325
stable kernel updates have all been released; each contains another set of
important fixes.

Post Syndicated from corbet original https://lwn.net/Articles/943022/

The pidfd API has been added to the kernel
over the last several years to provide a race-free way for processes to
refer to each other. While the GNU C Library (glibc) gained
basic pidfd support with the 2.36 release in 2022, it still lacks a
complete solution for race-free process creation. This
patch set from Adhemerval Zanella seems likely to fill that gap in the
near future, though, with an extension to the posix_spawn()
API.

Post Syndicated from corbet original https://lwn.net/Articles/942954/

As of this writing, 4,588 non-merge changesets have been pulled into the
mainline repository for the 6.6 kernel release. The 6.6 merge window, in
other words, is just getting started. Nonetheless, a fair amount of
significant work has already been pulled, so the time has come to summarize
what has happened so far in this development cycle.