Hírolvasó

The OpenSSH suite of tools for secure remote logins is used widely within our communities; it also underlies things like remote Git repository access. A recent experimental feature for the upcoming OpenSSH 8.9 release will help close a security hole that can be exploited by attacker-controlled SSH servers (e.g. sshd) when the user is forwarding authentication to a local ssh-agent. Instead of allowing the keys held in the agent to be used for authenticating to any host where they might work, SSH agent restriction will allow users to specify where and how those keys can be used.

The 5.15.13, 5.10.90, 5.4.170, 4.19.224, 4.14.261, 4.9.296, and 4.4.298 stable kernel updates have all been released. These medium-size updates all contain another set of important fixes.

Security updates have been issued by CentOS (xorg-x11-server), Debian (apache2), openSUSE (libvirt), Oracle (grafana, qemu, and xorg-x11-server), Red Hat (idm:DL1, samba, and telnet), SUSE (libvirt), and Ubuntu (python-django).

File-integrity management for the Fedora distribution has been the overarching theme of a number of different feature proposals over the last year or so. In general, they have been met with skepticism, particularly with regard to how well the features mesh with Fedora's goals, but also in how they will change the process of building RPM packages. A new proposal that would allow systems to (optionally) perform remote attestation is likewise encountering headwinds; there are several different concerns being raised in the discussion of it.

I was dealing with a codebase S at work that uses a certain Python package N (I'll name it in the end, because its identity is so odious that it will distract from the topic at hand). Anyhow, S failed tests because N didn't work on my Fedora 35. That happened because S installed N with pip(1), which pulls from PyPI, and the archive at PyPI contained broken code.

The code for N in its source repository was fine, only PyPI was bad.

When I tried to find out what happened, it turned out that there is no audit trail for the code in PyPI. In addition, it is not possible to contact listed maintainers of N in PyPI, and there is no way to report the problem: the problem tracking system of PyPI is all plastered with warnings not to use it for problems with packages, but only with PyPI software itself.

By fuzzy-matching provided personal details with git logs, I was able to contact the maintainers. To my great surprise, two out of three even responded, but they disclaimed any knowledge of what went on.

So, an unknown entity was able to insert a certain code into a package at PyPI, and pip(1) was downloading it for years. This only came to light because the inserted code failed on my Fedora test box.

At this point I can only conclude that PyPI is not trustworthy.

Oh, yeah. The package N is actually nose. I am aware that it was dead and unmaintained, and nobody should be using it anymore, least of all S. I'm working on it.

The Gentoo Linux project looks back at 2021.

The number of commits to the main ::gentoo repository has once more clearly grown in 2021, from 104507 to 126920, i.e., by 21%. While the number of commits by external contributors, 11775, has remained roughly constant, this number now distributes across 435 unique external authors compared to 391 last year.

Version 1.22.0 of the NumPy scientific computing module is out. "NumPy 1.22.0 is a big release featuring the work of 153 contributors spread over 609 pull requests. There have been many improvements". Those improvements include the "essentially complete" annotation of the main namespace, a preliminary version of the proposed Array API, and more.

Security updates have been issued by Debian (salt and thunderbird), Red Hat (xorg-x11-server), and Scientific Linux (xorg-x11-server).

It is 2022 already, and that can only mean one thing: it's time for your editor to make a (bigger) fool of himself by posting a set of predictions for what may come in the new year. One should never pass up an opportunity for a humbling experience, after all. There can be no doubt that interesting things will happen this year; let's see how many random darts thrown in that direction can hit close to the mark.

Longtime GnuPG maintainer Werner Koch has posted an update on the project, mostly focused on the new associated "GnuPG VS-Desktop" business that is, it seems, going quite well:

For many years our work was mainly financed by donations and smaller projects. Now we have reached a point where we can benefit from a continuous revenue stream to maintain and extend the software without asking for donations or grants. This is quite a new experience to us and I am actually a bit proud to lead one of the few self-sustaining free software projects who had not to sacrifice the goals of the movement.

He concludes with a request for individuals who have been donating to GnuPG to redirect their generosity toward another deserving project. This is good news; GnuPG ran on a shoestring for far too long.

The GIMP project has put out a report summarizing a year of development on this image-manipulation application.

With 4 development versions released already, you know that we are working very hard on the future: GIMP 3.0.

Some features took a lot of time, mostly when we changed core logics. I am thinking in particular about the code for multi-selection of layers. It’s not that selecting multiple items in a list is hard to implement, it’s that any feature in the whole application has been forever expecting just one layer or one channel selected. So what happens when there are 2, 3 or any number of items selected? Every feature, every tool, every plug-in and filter has to be rethought for this new use case.

Security updates have been issued by Debian (thunderbird), Fedora (kernel, libopenmpt, and xorg-x11-server), Mageia (gegl, libgda5.0, log4j, ntfs-3g, and wireshark), openSUSE (log4j), and Red Hat (grafana).

Kernel developer Ingo Molnar has been quiet for a while; now we know why. He has just announced a massive set of patches (touching over half of the files in the kernel tree) reworking how header files are handled.

The fast-headers tree offers a +50-80% improvement in absolute kernel build performance on supported architectures, depending on the config. This is a major step forward in terms of Linux kernel build efficiency & performance.

A justified question would be: why on Earth 2,200 commits??

It seems likely that interesting conversations will follow; stay tuned.

The eighth and final 5.16 kernel prepatch is out for testing. "Please, as you emerge from your holiday-induced food coma, do give it a quick test so that we can all be happy about the final release next weekend".

Version 1.0 of the GNOME libadwaita library is out; this will be of interest to GNOME application developers. "Libadwaita is a library implementing the GNOME HIG, complementing GTK. For GTK 3 this role has increasingly been played by Libhandy, and so Libadwaita is a direct Libhandy successor."

Security updates have been issued by Debian (agg, aria2, fort-validator, and lxml), Fedora (libgda, pgbouncer, and xorg-x11-server-Xwayland), Mageia (calibre, e2guardian, eclipse, libtpms/swtpm, nodejs, python-lxml, and toxcore), openSUSE (c-toxcore, gegl, getdata, kernel-firmware, log4j, postrsd, and privoxy), and SUSE (gegl).

Some time back I wrote up a description of my proposed (and implemented) solution for making hibernation work under Linux even within the bounds of the integrity model. It's been a while, so here's an update.

The first is that localities just aren't an option. It turns out that they're optional in the spec, and TPMs are entirely permitted to say they don't support them. The only time they're likely to work is on platforms that support DRTM implementations like TXT. Most consumer hardware doesn't fall into that category, so we don't get to use that solution. Unfortunate, but, well.

The second is that I'd ignored an attack vector. If the kernel is configured to restrict access to PCR 23, then yes, an attacker is never able to modify PCR 23 to be in the same state it would be if hibernation were occurring and the key certification data will fail to validate. Unfortunately, an attacker could simply boot into an older kernel that didn't implement the PCR 23 restriction, and could fake things up there (yes, this is getting a bit convoluted, but the entire point here is to make this impossible rather than just awkward). Once PCR 23 was in the correct state, they would then be able to write out a new swap image, boot into a new kernel that supported the secure hibernation solution, and have that resume successfully in the (incorrect) belief that the image was written out in a secure environment.

This felt like an awkward problem to fix. We need to be able to distinguish between the kernel having modified the PCRs and userland having modified the PCRs, and we need to be able to do this without modifying any kernels that have already been released[1]. The normal approach to determining whether an event occurred in a specific phase of the boot process is to "cap" the PCR - extend it with a known value that indicates a transition between stages of the boot process. Any events that occur before the cap event must have occurred in the previous stage of boot, and since the final PCR value depends on the order of measurements and not just the contents of those measurements, if a PCR is capped before userland runs, userland can't fake the same PCR value afterwards. If Linux capped a PCR before userland started running, we'd be able to place a measurement there before the cap occurred and then prove that that extension occurred before userland had the opportunity to interfere. We could simply place a statement that the kernel supported the PCR 23 restrictions there, and we'd be fine.

Unfortunately Linux doesn't currently do this, and adding support for doing so doesn't fix the problem - if an attacker boots a kernel that doesn't cap a PCR, they can just cap it themselves from userland. So, we're faced with the same problem: booting an older kernel allows the system to be placed in an identical state to the current kernel, and a fake hibernation image can be written out. Solving this required a PCR that was being modified after kernel code was running, but before userland was started, even with existing kernels.

Thankfully, there is one! PCR 5 is defined as containing measurements related to boot management configuration and data. One of the measurements it contains is the result of the UEFI ExitBootServices() call. ExitBootServices() is called at the transition from the UEFI boot environment to the running OS, and the kernel contains code that executes before it. So, if we measure an assertion regarding whether or not we support restricted access to PCR 23 into PCR 5 before we call ExitBootServices(), this will prevent userspace from spoofing us (because userspace will only be able to extend PCR 5 after the firmware extended PCR 5 in response to ExitBootServices() being called). Obviously this depends on the firmware actually performing the PCR 5 extension when ExitBootServices() is called, but if firmware's out of spec then I don't think there's any real expectation of it being secure enough for any of this to buy you anything anyway.

My current tree is here, but there's a couple of things I want to do before submitting it, including ensuring that the key material is wiped from RAM after use (otherwise it could potentially be scraped out and used to generate another image afterwards) and, uh, actually making sure this works (I no longer have the machine I was previously using for testing, and switching my other dev machine over to TPM 2 firmware is proving troublesome, so I need to pull another machine out of the stack and reimage it).

[1] The linear nature of time makes feature development much more frustrating

comments

When the goal is to push bits over the network as fast as the hardware can go, any overhead hurts. The cost of copying data to be transmitted from user space into the kernel can be especially painful; it adds latency, takes valuable CPU time, and can be hard on cache performance. So it is unsurprising that the developers working with io_uring, which is all about performance, have turned their attention to zero-copy network transmission. This patch set from Pavel Begunkov, now in its second revision, looks to be significantly faster than the MSG_ZEROCOPY option supported by current kernels.

Security updates have been issued by Debian (advancecomp, apache-log4j2, postgis, spip, uw-imap, and xorg-server), Mageia (kernel and kernel-linus), Scientific Linux (log4j), and SUSE (kernel-firmware and mariadb).

The 5.15.12, 5.10.89, 5.4.169, 4.19.223, 4.14.260, 4.9.295, and 4.4.297 stable kernel updates have all been released. These should be the last updates for this year; as usual, they all contain more important fixes and updates.