LWN.net News from the source
LWN.net is a reader-supported news site dedicated to producing the best coverage from within the Linux and free software development communities. See the LWN FAQ for more information, and please consider subscribing to gain full access and support our activities.
The seccomp() mechanism allows the imposition of a filter program (expressed in "classic" BPF) that makes policy decisions on whether to allow each system call invoked by the target process. The user-space notification feature further allows those decisions to be deferred to another process. As this recent patch set from Sargun Dhillon shows, though, user-space notification still has some rough edges, especially when it comes to signals. This patch makes a simple change to try to address a rather complex problem brought to the fore by changes in the Go language's preemption model.
Richard Stallman's return to the Free Software Foundation's board of directors has provoked a flurry of responses, and many organizations in the free-software community have expressed their unhappiness with that appointment. In almost every case, the process leading up to that expression has been carried out behind closed doors. The Debian project, instead, is deciding what to do in a classic Debian way — holding a public vote on a general resolution with a wide range of possible outcomes.
The LWN.net Weekly Edition for April 8, 2021 is available.
Inside this week's LWN.net Weekly Edition
Five years ago, we looked at an effort to assist in the assignment of Common Vulnerabilities and Exposures (CVE) IDs, especially for open-source projects. Developers in the free-software world have often found it difficult to obtain CVE IDs for the vulnerabilities that they find. The Distributed Weakness Filing (DWF) project was meant to reduce the friction in the CVE-assignment process, but it never really got off the ground. In a blog post, Josh Bressers said that DWF was hampered by trying to follow the rules for CVEs. That has led to a plan to restart DWF, but this time without the "yoke of legacy CVE".
Projects, even of the open-source variety, sometimes have secrets that need to be maintained. They can range from things like signing keys, which are (or should be) securely stored away from the project's code, to credentials and tokens for access to various web-based services, such as cloud-hosting services or the Python Package Index (PyPI). These credentials are sometimes needed by instances of the running code, and some others benefit from being stored "near" the code, but these types of credentials are not meant to be distributed outside of the project. They can sometimes mistakenly be added to a public repository, however, which is a slip that attackers are most definitely on the lookout for. The big repository-hosting services like GitHub and GitLab are well-placed to scan for these kinds of secrets being committed to project repositories—and they do.
The recent proposal from David Hildenbrand to remove support for the /dev/kmem special file has not sparked a lot of discussion. Perhaps that is because today's youngsters, lacking an understanding of history, may be wondering what that file is in the first place and, thus, be unclear on why it may matter. Chances are that /dev/kmem will not be missed, but in passing it takes away a venerable part of the Unix kernel interface.
One of the key tasks assigned to the memory-management subsystem is to optimize the system's use of the available memory; that means pushing out pages containing unused data so that they can be put to better use elsewhere. Predicting which pages will be accessed in the near future is a tricky task, and the kernel has evolved a number of mechanisms designed to improve its chances of guessing right. But the kernel not only often gets it wrong, it also can expend a lot of CPU time to make the incorrect choice. The multi-generational LRU patch set posted by Yu Zhao is an attempt to improve that situation.
The process of hardening the kernel can benefit in a number of ways from support by the compiler. In recent years, the Kernel Self Protection Project has brought this support from the grsecurity/PaX patch set into the kernel in the form of GCC plugins; LWN looked into that process back in 2017. A recent discussion has highlighted the fact that the use of GCC plugins brings disadvantages as well, and some developers would prefer to see those plugins replaced.
The LWN.net Weekly Edition for April 1, 2021 is available.
Inside this week's LWN.net Weekly Edition
The HPy project has been around for more than a year now; it is meant to provide an alternate C API for Python that allows extensions to the language to run, and run well, in more environments. It first came to our attention in a report of a talk at the 2020 Python Language Summit (LWN coverage), but it goes back to some discussions that were held at EuroPython 2019. There are a number of ways that the existing C API holds back innovation for Python, but there are also some hugely important extensions (e.g. NumPy) that use it; any change to the API needs to take those into account.
There is another set of stable kernel updates out: 5.11.13, 5.10.29, 5.4.111, 4.19.186, 4.14.230, 4.9.266, and 4.4.266. Each contains another set of important fixes.
HPVM ("heterogeneous parallel virtual machine") is a compiler for targets like GPUs and FPGAs based on LLVM; the 1.0 release is available now. "This release is a major addition to our first release (version 0.5), adding support for linear algebra tensor operations, Pytorch and Keras frontends, approximations for convolution operators, and an efficient and flexible framework for approximation tuning. Our novel approximation-tuner automatically selects approximation knobs for individual tensor operations and selects configurations that maximize a (configurable) performance objective."
Security updates have been issued by Debian (lib3mf, php-pear, and python-django), Fedora (perl-Net-Netmask), openSUSE (flatpak, libostree, xdg-desktop-portal,, fwupd, fwupdate, and hostapd), Oracle (kernel, libldb, nettle, and squid), Red Hat (nettle), and SUSE (fwupdate, tpm2-tss-engine, and umoci).
Security updates have been issued by Fedora (chromium, libldb, rpm, samba, and seamonkey), openSUSE (isync), Oracle (kernel), Red Hat (openssl and squid), SUSE (ceph, flatpak, libostree, xdg-desktop-portal, xdg-desktop-portal-gtk, fwupd, fwupdate, and openexr), and Ubuntu (curl, linux-lts-trusty, and lxml).
Stable kernels 5.11.12, 5.10.28, 5.4.110, 4.19.185, 4.14.229, 4.9.265, and 4.4.265 have been released with the usual set of important fixes. Users should upgrade.
Security updates have been issued by openSUSE (chromium), Oracle (flatpak and kernel), Red Hat (virt:8.3 and virt-devel:8.3), and SUSE (gssproxy and xen).
The Mozilla Hacks site has a report on the use of ThreadSanitizer to detect and fix data races in the Firefox browser. "While benign data races do exist, we found that data races are very easily misclassified as benign. The reasons for this are clear: It is hard to reason about what compilers can and will optimize, and confirmation for certain 'benign' data races requires you to look at the assembler code that the compiler finally produces. Needless to say, this procedure is often much more time consuming than fixing the actual data race and also not future-proof. As a result, we decided that the ultimate goal should be a 'no data races' policy that declares even benign data races as undesirable due to their risk of misclassification, the required time for investigation and the potential risk from future compilers (with better optimizations) or future platforms (e.g. ARM)."
Security updates have been issued by Debian (chromium, netty, python-bleach, and python3.5), Fedora (libmediainfo, libzen, and mediainfo), Mageia (openssl), openSUSE (chromium), Red Hat (389-ds:1.4, flatpak, kernel, kernel-rt, kpatch-patch, libldb, and virt:rhel and virt-devel:rhel), and Ubuntu (python-django and ruby-rack).
Kees Cook has posted a long list of security-related improvements that made it into the 5.9 kernel release. "Sasha Levin, Andy Lutomirski, Chang S. Bae, Andi Kleen, Tony Luck, Thomas Gleixner, and others landed the long-awaited FSGSBASE series. This provides task switching performance improvements while keeping the kernel safe from modules accidentally (or maliciously) trying to use the features directly (which exposed an unprivileged direct kernel access hole)."
Version 3.2 of the Django web framework is out; it has been designated as a long-term-support release. New features include automatic AppConfig discovery, functional indexes, pymemcache support, and more; see the release notes for details.
Copyright © 2021, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds