Language Selection

English French German Italian Portuguese Spanish

Kernel: LWN Coverage (No Longer Paywalled) and Initial HDMI 2.0 Support With Nouveau Slated For The Next Linux Kernel

Filed under
Linux
  • Revenge of the modems

    Back in the halcyon days of the previous century, those with a technical inclination often became overly acquainted with modems—not just the strange sounds they made when connecting, but the AT commands that were used to control them. While the AT command set is still in use (notably for GSM networks), it is generally hidden these days. But some security researchers have found that Android phones often make AT commands available via their USB ports, which is something that can potentially be exploited by rogue USB devices of various sorts.

    A paper [PDF] that was written by a long list of researchers (Dave (Jing) Tian, Grant Hernandez, Joseph I. Choi, Vanessa Frost, Christie Ruales, Patrick Traynor, Hayawardh Vijayakumar, Lee Harrison, Amir Rahmati, Michael Grace, and Kevin R. B. Butler) and presented at the 27th USENIX Security Symposium described the findings. A rather large number of Android firmware builds were scanned for the presence of AT commands and many were found to have them. That's not entirely surprising since the baseband processors used to communicate with the mobile network often use AT commands for configuration. But it turns out that Android vendors have also added their own custom AT commands that can have a variety of potentially harmful effects—making those available over USB is even more problematic.

    They started by searching through 2018 separate Android binary images (it is not clear how that number came about, perhaps it is simply coincidental) from 11 different vendors. They extracted and decompressed the various pieces inside the images and then searched those files for AT command strings. That process led to a database of 3500 AT commands, which can be seen at the web site for ATtention Spanned—the name given to the vulnerabilities.

  • XFS, LSM, and low-level management APIs

    The Linux Security Module (LSM) subsystem allows security modules to hook into many low-level operations within the kernel; modules can use those hooks to examine each requested operation and decide whether it should be allowed to proceed or not. In theory, just about every low-level operation is covered by an LSM hook; in practice, there are some gaps. A discussion regarding one of those gaps — low-level ioctl() operations on XFS filesystems — has revealed a thorny problem and a significant difference of opinion on what the correct solution is.

    In late September Tong Zhang pointed out that xfs_file_ioctl(), the 300-line function that dispatches the various ioctl() operations that can be performed on an XFS filesystem, was making a call to vfs_readlink() without first consulting the security_inode_readlink() LSM hook. As a result, a user with the privilege to invoke that operation (CAP_SYS_ADMIN) could read the value of a symbolic link within the filesystem, even if the security policy in place would otherwise forbid it. Zhang suggested that a call to the LSM hook should be added to address this problem.

  • Initial HDMI 2.0 Support With Nouveau Slated For The Next Linux Kernel

    Days after Nouveau DRM maintainer Ben Skeggs began staging changes for this open-source NVIDIA driver ahead of the next kernel cycle, this evening Ben Skeggs submitted the DRM-Next pull request to queue this work for the Linux 4.20/5.0 kernel cycle.

    As covered in that previous article, there isn't a whole lot on the Nouveau kernel driver front at this time. Skeggs summed up these open-source NVIDIA driver changes as: "Just initial HDMI 2.0 support, and a bunch of other cleanups."

  • Device-to-device memory-transfer offload with P2PDMA

    One of the most common tasks carried out by device drivers is setting up DMA operations for data transfers between main memory and the device. Often, data read into memory from one device will be immediately written, unchanged, to another device. Common examples include carrying the image between the camera and screen on a mobile phone, or downloading files to be saved on a disk. Those transfers have an impact on the CPU even if it does not use the data directly, due to higher memory use and effects like cache trashing. There are cases where it is possible to avoid usage of the system memory completely, though. A patch set (posted by Logan Gunthorpe with contributions by Christoph Hellwig and Steve Wise) has been in the works for some time that addresses this case for PCI devices using peer-to-peer (P2P) transfers, with a focus on offering an offload option for the NVMe fabrics target subsystem.

More in Tux Machines

Purism Ships Librem 5 Dev Kits as the Linux Phones Will Arrive in April 2019

Based on the newer and more powerful i.MX 8M 64-bit ARM boards, upgrading older devs kits based on the generic i.MX6 boards, the Librem 5 dev kits will soon arrive in the hands of early adopters as Purism needs all the help it can get from the community to continue and accelerate the development of its Linux-powered, privacy-focused phones, the Librem 5. Read more Also: Purism's Librem 5 Developer Kits Finally Shipping, Linux Phone Price Going Up To $699

VirtualBox 6.0 Officially Released with Major New Features, Here's What's New

Several months in development, VirtualBox 6.0 is finally here as the most advanced release of the widely used virtualization software that lets users run various operating systems in virtual machines on the same or different hosts. As expected, this is a major release that adds important new features to the application. Highlights of VirtualBox 6.0 include support for exporting virtual machines to Oracle Cloud infrastructure, much-improved HiDPI and scaling support for high-end displays, including better detection of displays, support for surround speaker setups for Windows 10 Build 1809 users, and Hyper-V support on Windows hosts for better performance. Read more VirtualBox 6.0 Released With Better HiDPI Support, VMSVGA 3D Graphics On Linux

Radeon Software 18.50 vs. Linux 4.20 + Mesa 19 Benchmarks On The AMD RX 590

Just days after the NVIDIA 415.23 Linux driver release that was published to fix 4.20 kernel issues, the NVIDIA 415.25 driver is now available with new product support. The NVIDIA 415.25 is out today in order to formally introduce support for the new TITAN RTX and Quadro RTX 8000 graphics cards, the newest Turing-based products. The TITAN RTX is available beginning today from the NVIDIA store at $2499 USD meanwhile the flagship RTX 8000 card will retail for about $10k USD. Read more

Linux 4.14 vs. 4.20 Performance Benchmarks - The Kernel Speed Difference For 2018

As some additional end-of-year kernel benchmarking, here is a look at the Linux 4.14 versus 4.20 kernel benchmarks on the same system for seeing how the kernel performance changed over the course of 2018. Additionally, Linux 4.20 was also tested a second time when disabling the Spectre/Meltdown mitigations that added some performance overhead to the kernel this year. On a Core i9 7980XE system, Linux 4.14.4 vs. 4.20 Git (with default Spectre/Meltdown mitigations and then again without) were benchmarked. Read more