Post Syndicated from corbet original https://lwn.net/Articles/940808/

LWN recently covered a discussion on
file-position locking that demonstrated the hazards that can result
from unexpected concurrency. It turns out that this discussion had not yet
fully run its course. Since that article was written, additional changes
intended to address a performance regression evolved into a core virtual
filesystem (VFS) layer API change to carry out some much-delayed housecleaning.

Post Syndicated from corbet original https://lwn.net/Articles/941091/

The Open Enterprise Linux Association
has announced its
existence. It is a collaboration between CIQ (Rocky Linux), Oracle,
and SUSE to provide an RHEL-compatible distribution.

Starting later this year, OpenELA will provide sources necessary
for downstreams compatible with RHEL to exist, with initial focus
on RHEL versions EL8, EL9 and possibly EL7. The project is
committed to ensuring the continued availability of OpenELA sources
to the community indefinitely.

OpenELA’s core tenets, reflecting the spirit of the project,
include full compliance with this existing standard, swift updates
and secure fixes, transparency, community, and ensuring the
resource remains free and redistributable for all.

Post Syndicated from corbet original https://lwn.net/Articles/940704/

It is the kernel’s business to know when a process’s memory has been
written to; among other things, this knowledge is needed to determine which
pages can
be immediately reclaimed or to properly write dirty pages to backing store.
Sometimes, though, user space also needs access to this information in a
reliable and fast manner. This
patch series from Muhammad Usama Anjum adds a new ioctl() call
for this purpose; using it requires repurposing an existing system call in
an unusual way, though.

Post Syndicated from corbet original https://lwn.net/Articles/941083/

OpenSSH 9.4 has been released. Changes this time include the ability to
forward Unix-domain sockets, a tags mechanism for more flexible
configuration, and more.

Post Syndicated from corbet original https://lwn.net/Articles/940290/

The LWN.net Weekly Edition for August 10, 2023 is available.

Post Syndicated from corbet original https://lwn.net/Articles/940912/

Security updates have been issued by Debian (cjose, hdf5, and orthanc), Fedora (java-17-openjdk and seamonkey), Red Hat (curl, dbus, iperf3, kernel, kpatch-patch, libcap, libxml2, nodejs:16, nodejs:18, postgresql:10, postgresql:12, postgresql:13, and python-requests), SUSE (bluez, cjose, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly, keylime, openssl-1_1, openssl-3, pipewire, poppler, qemu, rubygem-actionpack-4_2, rubygem-actionpack-5_1, rust1.71, tomcat, webkit2gtk3, and wireshark), and Ubuntu (binutils, dotnet6, dotnet7, openssh, php-dompdf, and unixodbc).

Post Syndicated from corbet original https://lwn.net/Articles/940798/

The
6.4.9,
6.1.44,
5.15.125,
5.10.189,
5.4.252,
4.19.290, and
4.14.321
stable kernel updates have all been released; they are dominated by fixes
for the latest round of
speculative-execution vulnerabilities.

Do note the warning attached to each of these releases:

Note, PLEASE TEST this kernel if you are on the 6.4.y tree before
using it in a real workload. This was a quick release due to the
obvious security fixes in it, and as such, it has not had very much
testing “in the wild”. Please let us know of any problems seen.
Also note that the user/kernel api for the new security mitigations
might be changing over time, so do not get used to them being fixed
in stone just yet.

Post Syndicated from corbet original https://lwn.net/Articles/940783/

There is a newly disclosed set of vulnerabilities in Intel processors that
have been given the name Downfall
attacks.

Downfall attacks targets a critical weakness found in billions of
modern processors used in personal and cloud computers. This
vulnerability, identified as CVE-2022-40982, enables a user to
access and steal data from other users who share the same
computer. For instance, a malicious app obtained from an app store
could use the Downfall attack to steal sensitive information like
passwords, encryption keys, and private data such as banking
details, personal emails, and messages. Similarly, in cloud
computing environments, a malicious customer could exploit the
Downfall vulnerability to steal data and credentials from other
customers who share the same cloud computer.

A series of patches has landed in the mainline kernel, including one for gather data sampling
mitigation and one to disable the AVX
extension on CPUs where microcode mitigation is not available.
“This is a *big* hammer. It is known to break buggy userspace that
uses incomplete, buggy AVX enumeration.”

Not to be left out, AMD processors suffer from a return-stack overflow
vulnerability, again exploitable via speculative execution; this patch, also just
merged, describes the problem and its mitigation.

Post Syndicated from corbet original https://lwn.net/Articles/940755/

Security updates have been issued by Debian (libhtmlcleaner-java and thunderbird), Red Hat (dbus, kernel, kernel-rt, kpatch-patch, and thunderbird), Scientific Linux (thunderbird), SUSE (chromium, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly, kernel-firmware, libqt5-qtbase, libqt5-qtsvg, librsvg, pcre2, perl-Net-Netmask, qt6-base, and thunderbird), and Ubuntu (firefox).

Post Syndicated from corbet original https://lwn.net/Articles/940683/

Sourceware, the development home for
the GNU toolchain and more, is about to celebrate its 25th anniversary and
is looking
forward to the next 25 years:

That is why in the last couple of years we have started to
diversify our hardware partners, setup new services using
containers and isolated VMs, investigated secure supply chain
issues, added redundant mirrors, created a non-profit home,
collected funds, invested in open communication, open office hours
and introduced community oversight by a Sourceware Project
Leadership Committee with the help from the Software Freedom
Conservancy.

Post Syndicated from corbet original https://lwn.net/Articles/940403/

Return-oriented
programming (ROP) has, for some years now, been a valuable tool for
those who would subvert a system’s security. It is thus not surprising
that a lot of effort has gone into thwarting ROP attacks, which depend on
corrupting the call stack with a carefully chosen set of return addresses,
at both the hardware and software levels. One result of this work is
shadow stacks, which can detect corruption of the call stack, allowing the
operating system to react accordingly. The 64-bit Arm implementation of
shadow stacks is called “guarded control stack” (GCS); patches implementing
support for this feature are currently under discussion.

Post Syndicated from corbet original https://lwn.net/Articles/940618/

Linus has released 6.5-rc5 for testing.
“Things continue to look pretty normal. Not a huge number of commits,
and most of the ones here are tiny“.

Post Syndicated from corbet original https://lwn.net/Articles/940567/

Faith Ekstrand announces
on the Collabora blog
that NVK, an open-source driver for NVIDIA GPUs, will be included in the
Mesa 23.3 release.

Merging into mesa/main is certainly a big milestone but NVK is
nowhere near finished. It will take a long time before we get the
bugs worked out and get a full feature set with reasonable
performance. What it does mean is that we’re pretty confident in
the core of the driver and that we have a good base to build on
going forward.

The necessary kernel support is planned for the 6.6 release; this
blog post from David Airlie describes the work being done on that side.

Post Syndicated from corbet original https://lwn.net/Articles/940551/

Bram Moolenaar, the creator of the vim editor, passed
away on August 3. “Bram dedicated a large part of his life to
VIM and he was very proud of the VIM community that you are all part
of.” He will be missed.

Post Syndicated from corbet original https://lwn.net/Articles/939973/

The big kernel lock (BKL) is a distant memory now but, for years, it was
one of the more intractable problems faced by the kernel development
community. The end of the BKL does not mean that the kernel is without
problematic locks, however. In recent times, some attention has been paid
to the software-interrupt (or “bottom half”) lock, which can create latency
problems, especially on realtime systems. Frederic Weisbecker is taking a
new tack in his campaign to cut this lock down to size, with an approach
based on how the BKL was eventually removed.

Post Syndicated from corbet original https://lwn.net/Articles/939842/

The kernel community has never had a smooth relationship with the purveyors
of proprietary kernel modules. Developers tend to strongly dislike those
modules, which cannot be debugged or fixed by anybody other than their
creator, and many see them as a violation of the kernel’s license and their
copyrights on the code. Nonetheless, proprietary modules are tolerated,
within bounds. A recent patch from Christoph Hellwig suggests that those
bounds are about to be tightened slightly, in a somewhat surprising way.

Post Syndicated from corbet original https://lwn.net/Articles/939364/

The LWN.net Weekly Edition for August 3, 2023 is available.

Post Syndicated from corbet original https://lwn.net/Articles/940152/

Google’s Project Zero has spent some time studying the Arm memory tagging
extension (MTE), support for which was
merged into the 5.10 kernel, and posted
the results:

Despite its limitations, MTE is still by far the most promising
path forward for improving C/C++ software security in 2023. The
ability of MTE to detect memory corruption exploitation at the
first dangerous access provides a significant improvement in
diagnostic and potential security effectiveness.

There is a
separate section on weaknesses in the current kernel implementation of
MTE support.

Post Syndicated from corbet original https://lwn.net/Articles/940144/

The Asahi Linux project, which is
working to create a Linux distribution for Apple hardware, has announced
that its new “flagship” distribution will be based on Fedora Linux.

Working directly with upstream means not only can we integrate more
closely with the core distribution, but we can also get issues in
other packages fixed quickly and smoothly. This is particularly
important for platforms like desktop ARM64, where we still run into
random app and package bugs quite often. ARM64 desktop Linux has
been a niche platform (until now!), and with much less testing
comes a higher propensity for bugs, so it’s very important that we
can address these issues quickly. Fedora already has a very solid,
fully supported ARM64 port with a large userbase in the
server/headless segment, so it is an excellent base to build upon
and help improve the state of desktop Linux on ARM64 for everyone.

There is a version for “adventurous users” to play with now, with an
official release expected by the end of the month.

Post Syndicated from corbet original https://lwn.net/Articles/940103/

Security updates have been issued by Debian (bouncycastle), Fedora (firefox), Red Hat (cjose, curl, iperf3, kernel, kernel-rt, kpatch-patch, libeconf, libxml2, mod_auth_openidc:2.3, openssh, and python-requests), SUSE (firefox, jtidy, libredwg, openssl, salt, SUSE Manager Client Tools, and SUSE Manager Salt Bundle), and Ubuntu (firefox).