[$] LWN.net Weekly Edition for October 20, 2022
The LWN.net Weekly Edition for October 20, 2022 is available.
Hírolvasó
[$] The search for the correct amount of split-lock misery
Unlike many other architectures, x86 systems support atomic operations that
affect more than one cache line. This support comes at a cost, though, in
terms of overall system performance and, even, security. Over the last few
years, kernel developers have worked to discourage the use of this sort of
"split-lock" operation. Now, though, one group of users is feeling
a little too discouraged, leading to a discussion of how much misery can
appropriately be inflicted upon users who use problematic but
architecturally legal operations.
Security updates for Wednesday
Security updates have been issued by Debian (bcel, kernel, node-xmldom, and squid), Mageia (chromium-browser-stable, dhcp, dokuwiki, firefox, golang, python-joblib, sos, and unzip), Oracle (nodejs and nodejs:16), Red Hat (firefox, kernel, kernel-rt, nodejs, nodejs:14, and thunderbird), Scientific Linux (firefox and thunderbird), Slackware (git and mozilla), SUSE (amazon-ssm-agent, caasp-release, cri-o, patchinfo, release-notes-caasp, skuba, enlightenment, libreoffice, netty, nodejs12, nodejs14, nodejs16, pngcheck, postgresql-jdbc, python-waitress, rubygem-activesupport-5_1, and tcl), and Ubuntu (frr, git, libksba, and linux-azure-4.15).
[$] Identity management for WireGuard
Since its inclusion in the Linux kernel, the WireGuard VPN tunnel has become
increasingly popular. In general, WireGuard is simpler to configure than
other VPNs, but the approach that it takes to authentication can present
some challenges. Each node in a WireGuard network has a cryptographic key
that serves as the node's identity;
nodes that do not know each other's keys cannot directly communicate.
Keeping
track of these keys and distributing them to the other nodes
in a mesh network quickly becomes a chore as the network grows.
Fortunately, there are now
several open-source
tools that can automate the management of these keys and make using
WireGuard easier for both administrators and end users.
Firefox 106 released
Version
106.0 of the Firefox browser has been released. There are several new
features, including PDF editing, Firefox
View (an overview of recently closed tabs), and a set of new color
schemes.
Security updates for Tuesday
Security updates have been issued by Debian (glibc and libksba), Fedora (dhcp and kernel), Red Hat (.NET 6.0, .NET Core 3.1, compat-expat1, kpatch-patch, and nodejs:16), Slackware (xorg), SUSE (exiv2, expat, kernel, libreoffice, python, python-numpy, squid, and virtualbox), and Ubuntu (linux-azure and zlib).
Tails 5.5 released
Version
5.5 of the Tor-centered Tails distribution is out. The biggest change
appears to be a significant update to the Thunderbird email client.
Thunderbird 102 is a major update with many changes to the navigation, folder icons, and address book. Thunderbird 102 also includes important usability improvements to the OpenPGP feature. When composing an email, you can now see whether it will be encrypted or not. If encryption is impossible, a key assistant helps you solve key issues.
Two more stable kernel updates
[$] The rest of the 6.1 merge window
Linus Torvalds released
6.1-rc1 and closed the 6.1 merge window on
October 16; at that point, 11,537 non-merge changesets had been pulled
into the mainline repository. That is considerably less than the 13,543
changesets pulled during the 6.0 merge window, but quantity is not
everything: there were quite a few significant changes brought in this time
around. Many of those were part of the nearly 5,800 changesets pulled
since our first 6.1 merge window summary;
read on for a look at some of the work done in the latter part of this
merge window.
GnuPG 2.3.8 released
Version 2.3.8 of the GNU Privacy Guard is out. It contains a few new
features but the real purpose is to fix CVE-2022-3515,
an integer overflow vulnerability that can be exploited remotely for code
execution via a, for example, malicious S/MIME attachment. Note that the
actual vulnerability is in the libksba library, which is
normally packaged separately on Linux systems.
Security updates for Monday
Security updates have been issued by Arch Linux (kernel, linux-hardened, linux-lts, and linux-zen), Debian (python-django), Fedora (apptainer, kernel, python3.6, and vim), Gentoo (assimp, deluge, libvirt, libxml2, openssl, rust, tcpreplay, virglrenderer, and wireshark), Slackware (zlib), SUSE (chromium, python3, qemu, roundcubemail, and seamonkey), and Ubuntu (linux-aws-5.4 and linux-ibm).
Kernel prepatch 6.1-rc1
Linus has released 6.1-rc1 and closed the
merge window for this development cycle.
This isn't actually shaping up to be a particularly large release: we "only" have 11.5k non-merge commits during this merge window, compared to 13.5k last time around. So not exactly tiny, but smaller than the last few releases. At least in number of commits.
That said, we've got a few core things that have been brewing for a long time, most notably the multi-gen LRU VM series, and the initial Rust scaffolding (no actual real Rust code in the kernel yet, but the infrastructure is there).
Google launches KataOS
Google has announced
the existence of yet another new operating system, called KataOS, aimed at
the creation of secure embedded systems.
As the foundation for this new operating system, we chose seL4 as the microkernel because it puts security front and center; it is mathematically proven secure, with guaranteed confidentiality, integrity, and availability. Through the seL4 CAmkES framework, we're also able to provide statically-defined and analyzable system components. KataOS provides a verifiably-secure platform that protects the user's privacy because it is logically impossible for applications to breach the kernel's hardware security protections and the system components are verifiably secure. KataOS is also implemented almost entirely in Rust, which provides a strong starting point for software security, since it eliminates entire classes of bugs, such as off-by-one errors and buffer overflows.
Saturday's stable kernel updates
[$] The disabling of hardware codecs in community distributions
Software patents affect our systems in many ways, but perhaps most
strongly in the area of codecs — code that creates or plays back audio
or video that has been compressed using covered algorithms. For this
reason, certain formats have simply been unplayable on many Linux
distributions — especially those backed by companies that are big
enough to be worth suing — without installing add-on software from
third-party repositories. One might think that this problem could be
worked around by purchasing hardware that implements the patented algorithms,
but recent activity in the Fedora and openSUSE communities shows that life
is not so simple.
Security updates for Friday
Security updates have been issued by Debian (chromium), Fedora (dbus, dhcp, expat, kernel, thunderbird, vim, and weechat), Mageia (libofx, lighttpd, mediawiki, and python), Oracle (.NET 6.0 and .NET Core 3.1), Slackware (python3), SUSE (chromium, kernel, libosip2, python-Babel, and python-waitress), and Ubuntu (gThumb, heimdal, linux-aws, linux-gcp-4.15, linux-aws-hwe, linux-gcp, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, postgresql-9.5, and xmlsec1).
Dave Airlie (blogspot): LPC 2022 Accelerators BOF outcomes summary
At Linux Plumbers Conference 2022, we held a BoF session around accelerators.
This is a summary made from memory and notes taken by John Hubbard.
We started with defining categories of accelerator devices.
1. single shot data processors, submit one off jobs to a device. (simpler image processors)
2. single-user, single task offload devices (ML training devices)
3. multi-app devices (GPU, ML/inference execution engines)
One of the main points made is that common device frameworks are normally about targeting a common userspace (e.g. mesa for GPUs). Since a common userspace doesn't exist for accelerators, this presents a problem of what sort of common things can be targetted. Discussion about tensorflow, pytorch as being the userspace, but also camera image processing and OpenCL. OpenXLA was also named as a userspace API that might be of interest to use as a target for implementations.
There was a discussion on what to call the subsystem and where to place it in the tree. It was agreed that the drivers would likely need to use DRM subsystem functionality but having things live in drivers/gpu/drm would not be great. Moving things around now for current drivers is too hard to deal with for backports etc. Adding a new directory for accel drivers would be a good plan, even if they used the drm framework. There was a lot naming discussion, I think we landed on drivers/skynet or drivers/accel (Greg and I like skynet more).
We had a discussion about RAS (Reliability, Availability, Serviceability) which is how hardware is monitored in data centers. GPU and acceleration drivers for datacentre operations define a their own RAS interfaces that get plugged into monitoring systems. This seems like an area that could be standardised across drivers. Netlink was suggested as a possible solution for this area.
Namespacing for devices was brought up. I think the advice was if you ever think you are going to namespace something in the future, you should probably consider creating a namespace for it up front, as designing one in later might prove difficult to secure properly.
We should use the drm framework with another major number to avoid some of the pain points and lifetime issues other frameworks see.
There was discussion about who could drive this forward, and Oded Gabbay from Intel's Habana Labs team was the obvious and best placed person to move it forward, Oded said he would endeavor to make it happen.
This is mostly a summary of the notes, I think we have a fair idea on a path forward we just need to start bringing the pieces together upstream now.
Some remotely exploitable kernel WiFi vulnerabilities
It would appear that there is a set of
memory-related vulnerabilities in the kernel's WiFi stack that can be
exploited over the air via malicious packets; five CVE numbers have been
assigned to the set. Fixes are headed toward the
mainline and should show up in stable updates before too long; anybody who
uses WiFi on untrusted networks should probably keep an eye out for the
relevant updates.
[$] A first look at Rust in the 6.1 kernel
There have been a lot of significant changes merged into the mainline for
the 6.1 release, but one of the changes that has received the most
attention will also have the least short-term effect for users of the
kernel: the introduction of support for the Rust programming language. No
system with a production 6.1 kernel will be running any Rust code, but this
change does give kernel developers a chance to play with the language in
the kernel context and get a sense for how Rust development feels. Perhaps
the most likely conclusion for most developers, though, will be that there
isn't yet enough Rust in the kernel to do much of anything interesting.
PostgreSQL 15 released
Version 15 of the PostgreSQL database management system is out.
PostgreSQL 15 builds on the performance improvements of recent releases with noticeable gains for managing workloads in both local and distributed deployments, including improved sorting. This release improves the developer experience with the addition of the popular MERGE command, and adds more capabilities for observing the state of the database.
There are a lot of changes in this release; click below for the details, and see the release notes for more.