Welcome to LWN.net
LWN.net is a reader-supported news site dedicated to producing the best coverage from within the Linux and free software development communities. See the LWN FAQ for more information, and please consider subscribing to gain full access and support our activities.
[$] Unmaintained filesystems as a threat vector
One of the longstanding strengths of Linux, and a key to its early success, is its ability to interoperate with other systems. That interoperability includes filesystems; Linux supports a wide range of filesystem types, allowing it to mount filesystems created by many other operating systems. Some of those filesystem implementations, though, are better maintained than others; developers at both the kernel and distribution levels are currently considering, again, how to minimize the security risks presented by the others.
[$] Flags for fchmodat()
The fchmodat() system call on Linux hides a little secret: it does not actually implement all of the functionality that the man page claims (and that POSIX calls for). As a result, C libraries have to do a bit of a complicated workaround to provide the API that applications expect. That situation looks likely to change with the 6.6 kernel, though, as the result of this patch series posted by Alexey Gladkov.
[$] LWN.net Weekly Edition for July 27, 2023
Posted Jul 27, 2023 2:59 UTC (Thu)The LWN.net Weekly Edition for July 27, 2023 is available.
Inside this week's LWN.net Weekly Edition
- Front: U-Boot; Linux in Space; SBAT; Exceptions in BPF; Randomness for kmalloc().
- Briefs: Zenbleed; Extensible scheduler NAK; Debian for RISC-V; Inkscape 1.3; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
[$] A status update for U-Boot
The U-Boot "universal boot loader" is used extensively in the embedded-Linux world. At the 2023 Embedded Open Source Summit (EOSS), Simon Glass gave a presentation (slides, YouTube video) on the status of the project, with a focus on new features added over the last several years. He also wanted to talk about complexity in the firmware world, which he believes is increasing, and how U-Boot can help manage that complexity. The talk was something of a grab bag of ideas and changes throughout the increasingly large footprint of the project.
[$] A discussion on Linux in space
There was something of a space theme that pervaded the Embedded Linux Conference (ELC) portion of the 2023 Embedded Open Source Summit (EOSS), which is an umbrella event for various sub-conferences related to embedded open-source development. That may partly be because one of the organizers of EOSS (and ELC), Tim Bird, described himself as "a bit of a space junkie"; he made that observation during a panel session that he led on embedded Linux in space. Bird and four panelists discussed various aspects of the use of Linux in space-related systems, including where it has been used, the characteristics and challenges of aerospace deployments, certification of Linux for aerospace use, and more.
[$] Randomness for kmalloc()
The kernel's address-space layout randomization is intended to make life harder for attackers by changing the placement of kernel text and data at each boot. With this randomization, an attacker cannot know ahead of time where a vulnerable target will be found on any given system. There are techniques, though, that can be effective without knowing precisely where a given object is stored. As a way of hardening systems against such attacks, the kernel will be gaining yet another form of randomization.
[$] Exceptions in BPF
The BPF virtual machine in the kernel has been steadily gaining new features for years, many of which add capabilities that C programmers do not ordinarily have. So, from one point of view, it was only a matter of time before BPF gained support for exceptions. As it turns out, though, this "exceptions" feature is aimed at a specific use case, and its use in most programs will be truly exceptional.
[$] Much ado about SBAT
Sometimes, the shortest patches lead to the longest threads; for a case in point, see this three-line change posted by Emanuele Giuseppe Esposito. The purpose of this change is to improve the security of locked-down systems by adding a "revocation number" to the kernel image. But, as the discussion revealed, both the cost and the value of this feature are seen differently across the kernel-development community.
LWN.net Weekly Edition for July 20, 2023
Posted Jul 20, 2023 2:05 UTC (Thu)The LWN.net Weekly Edition for July 20, 2023 is available.
Inside this week's LWN.net Weekly Edition
- Front: Rust for embedded; Per-VMA locking; Splitting struct page; Realtime patches; Debian in 2038.
- Briefs: AlmaLinux divergence; Cython 3.0; Rust 1.71; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
Rust for embedded
The advantages of the Rust programming language are generally well-known; memory safety is a feature that has attracted a lot of developer attention over the last few years. At the inaugural Embedded Open Source Summit (EOSS), which is an umbrella event for numerous embedded-related conferences, Martin Mosler presented on using Rust for an embedded project. In the talk, he showed how easy it is to get up and running with a Rust-based application on a RISC-V-based development board.
Kernel prepatch 6.5-rc4
The 6.5-rc4 kernel prepatch is out for testing.
So here we are, and the 6.5 release cycle continues to look entirely normal.In fact, it's *so* normal that we have hit on a very particular (and peculiar) pattern with the rc4 releases: we have had *exactly* 328 non-merge commits in rc4 in 6.2, 6.3 and now 6.5. Weird coincidence.
And honestly, that weird numerological coincidence is just about the most interesting thing here.
No-GIL mode coming for Python
The Python Steering Council has announced its intent to accept PEP 703 (Making the Global Interpreter Lock Optional in CPython), with initial support possibly showing up in the 3.13 release. There are still some details to work out, though.
We want to be very careful with backward compatibility. We do not want another Python 3 situation, so any changes in third-party code needed to accommodate no-GIL builds should just work in with-GIL builds (although backward compatibility with older Python versions will still need to be addressed). This is not Python 4. We are still considering the requirements we want to place on ABI compatibility and other details for the two builds and the effect on backward compatibility.
Exploiting the StackRot vulnerability
For those who are interested in the gory details of how the StackRot vulnerability works, Ruihan Li has posted a detailed writeup of the bug and how it can be exploited.
As StackRot is a Linux kernel vulnerability found in the memory management subsystem, it affects almost all kernel configurations and requires minimal capabilities to trigger. However, it should be noted that maple nodes are freed using RCU callbacks, delaying the actual memory deallocation until after the RCU grace period. Consequently, exploiting this vulnerability is considered challenging.To the best of my knowledge, there are currently no publicly available exploits targeting use-after-free-by-RCU (UAFBR) bugs. This marks the first instance where UAFBR bugs have been proven to be exploitable, even without the presence of CONFIG_PREEMPT or CONFIG_SLAB_MERGE_DEFAULT settings.
Security updates for Friday
Security updates have been issued by Debian (kernel and libmail-dkim-perl), Fedora (openssh), and SUSE (kernel).
Systemd 254 released
Systemd 254 has been released. As usual, there is a long list of changes, including a new list-paths command for systemctl, the ability to send POSIX signals to services, a "soft reboot" feature that restarts user space while leaving the kernel in place, improved support for "confidential virtual machines", and a lot more.
The announcement also notes the support for split-/usr systems will be removed in the next release, and support for version-one control groups and for System V service scripts will be deleted in the near future as well.
Security updates for Thursday
Security updates have been issued by Debian (curl), Fedora (kitty, mingw-qt5-qtbase, and mingw-qt6-qtbase), Mageia (cri-o, kernel, kernel-linus, mediawiki, and microcode), SUSE (chromium, conmon, go1.20-openssl, iperf, java-11-openjdk, kernel-firmware, and mariadb), and Ubuntu (libvirt, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-snapdragon, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-aws-5.19, linux-gcp-5.19, linux-hwe-5.19, linux-intel-iotg-5.15, linux-iot, llvm-toolchain-13, llvm-toolchain-14, llvm-toolchain-15, open-iscsi, open-vm-tools, and xorg-server-hwe-16.04).
Five new stable kernels
The 6.4.7, 6.1.42, 5.15.123, 5.10.188, and 5.4.251 stable kernels have been released. As usual, they all contain lots of important fixes; users of those series should upgrade.
Extensible scheduler class rejected
The extensible scheduler class enables the creation of CPU schedulers in BPF. After the fourth version of this series was greeted with relative silence, Tejun Heo asked about the status of this work:
We are comfortable with the current API. Everything we tried fit pretty well. It will continue to evolve but sched_ext now seems mature enough for initial inclusion. I suppose lack of response doesn't indicate tacit agreement from everyone, so what are you guys all thinking?
Scheduler maintainer Peter Zijlstra gave
him his answer: "I'm still hating the whole thing with a
passion
". He went on to make it clear that this work will not be
merged into the mainline. So, it seems, developers wanting to try their
hand at BPF scheduler development will need to apply an out-of-tree patch
series, for now at least.
Security updates for Wednesday
Security updates have been issued by Debian (amd64-microcode, gst-plugins-bad1.0, gst-plugins-base1.0, gst-plugins-good1.0, iperf3, openjdk-17, and pandoc), Fedora (389-ds-base, kitty, and thunderbird), SUSE (libqt5-qtbase, libqt5-qtsvg, mysql-connector-java, netty, netty-tcnative, openssl, openssl-1_1, openssl1, php7, python-scipy, and xmltooling), and Ubuntu (amd64-microcode, avahi, libxpm, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi, linux, linux-aws, linux-azure, linux-gcp, linux-ibm, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi, linux-oem-5.17, linux-oem-6.0, linux-oem-6.1, openstack-trove, and python-django).
Security updates for Tuesday
Security updates have been issued by Debian (python-git and renderdoc), Red Hat (edk2, kernel, kernel-rt, and kpatch-patch), Slackware (kernel), SUSE (firefox, libcap, openssh, openssl-1_1, python39, and zabbix), and Ubuntu (cinder, ironic, nova, python-glance-store, python-os-brick, frr, graphite-web, and openssh).