Language Selection

English French German Italian Portuguese Spanish

Kernel: Xen Summit, Linux Plumbers Conference, Linux KVM 'Oops' and Micron Bugs

Filed under
Linux
  • Xen Summit 2020 Pivots to a Virtual Experience

    In light of continued Covid-19 safety concerns, the 2020 XenProject Developer and Design Summit will now be held virtually on July 6-9. As our in-person event shifts to a virtual one, we are taking careful consideration to ensure the Xen Summit will continue to be a great forum to learn, connect, and grow.

    Attendees will have the ability to network, attend presentations with live Q&A, and hash out technical issues in design sessions – all virtually, from anywhere.

  • Linux Plumbers Conference: Containers and Checkpoint/Restore Microconference Accepted into 2020 Linux Plumbers Conference

    We are pleased to announce that the Containers and Checkpoint/Restore Microconference has been accepted into the 2020 Linux Plumbers Conference!

    After another successful Containers Microconference last year , there’s still a lot more work to be done. Last year we discussed the intersection between the new mount api and containers, various new vfs features including a strong and fruitful discussion about id shifting, several new security hardening aspects, and improvements when restarting syscalls during checkpoint/restore. Last year’s microconference topics led to quite a few patches that have since landed in the upstream kernel with others actively being discussed. This includes, various improvements to seccomp syscall interceptions, the implementation of a new process creation syscall, the implementation of pidfds, and the addition of time namespaces.

  • Linux KVM Virtualization Had Mistakenly Been Applying L1TF Workaround To Unaffected CPUs

    The all-important Linux Kernel-based Virtual Machine (KVM) code for open-source virtualization had mistakenly been applying its L1TF workaround for unaffected CPUs -- namely AMD EPYC CPUs -- for the past several months until the issue was uncovered this week.

    Only Intel CPUs are vulnerable to L1 Terminal Fault (L1TF) / Foreshadow, but the KVM code ended up applying L1TF workarounds to guests on unaffected processors. The change that borked KVM's L1TF handling was mainlined back in January and subsequently back-ported to the various maintained kernel branches as a "fix" thus found on the various LTS kernels currently and just not the recent 5.x kernels released this calendar year.

  • Linux Kernel Seeing Workaround Revived For Buggy Micron NAND Block Erase Behavior

    A new patch series has been revived from work originally published by Micron back in 2018 for dealing with the behavior on their planar 2D NAND devices where in rare cases when issuing block erase commands, the flash block might not actually be erased and this could lead to further problems down the road when touching said block.

    Five patches sent out today revive Micron's work in dealing with some of their legacy 2D NAND devices where when a block erase command is issued, the block erase operation completes and a pass status returned, the flash block might have not been erased. But making matters worse is that operations on said blocks could in rare cases lead to subtle failures or corruption.

Self-promotional hype

  • Safe-Linking: Making Linux exploitation harder

    Safe-Linking had the potential to block several major exploits that Check Point has investigated over the years, that turned ‘broken’ software products to ‘unexploitable’ products. “In the case of our research into smart lightbulb vulnerabilities, this would have blocked the exploit and attack.”

    While Safe-Linking is not a magic bullet that will stop all exploit attempts against modern-day heap implementations, the company says, it is another step in the right direction. “By forcing attackers to have a memory leak vulnerability before they can even start their exploit, we have raised the security bar and made exploitations harder to execute. This, in turn, helps to better protect users globally.”

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Open Hardware: Raspberry Pi and Arduino

  • Introducing the Raspberry Pi Pico Microcontroller - IoT Tech Trends

    The Raspberry Pi Foundation comes through again with another innovative device. Already well-known for its series of single-board computers, the company has announced the Raspberry Pi Pico, a microcontroller that costs a shockingly low $4. Adding to the interest, the company is using its own RP2040 chip for it, meaning it’s making its own silicon, just like Apple with its M1.

  •  
  • Kernel 5.10.9 compiled for Pi4

    EasyOS for the Raspberry Pi4, version 2.6, has the 5.10.4 Linux kernel. I have now compiled the 5.10.9 kernel, that will be used in the next release of Easy.

  •  
  • Fixed compile of Samba without krb5 in OE

    EasyOS on the Pi4 does not have samba, as compile failed in OE. Yes, I could compile it in a running EasyOS on the Pi4, but would rather fix it in OE. I have a 'samba_%.bbappend' file, the main objective being to remove the 'pam' and 'krb5' dependencies. I worked on this recipe this morning. The problem is that instead of 'krb5', the internal 'heimdahl' is used, and this compiles two binaries, that are then executed during compile. The problem is that the binaries are compiled for the target system, in this case aarch64, whereas the build system is x86_64, so the binaries cannot run. OE does have a mechanism to handle this. It is possible to compile 'samba-native', that is, samba compiled to run on the build-system, and then use the two binaries from that when compile 'samba'. Fine, except that exactly how to do this is very poorly documented. The official documentation is very vague. A couple of years ago, I bought a book, "Embedded Linux Systems with the Yocto Project", but found that it also said hardly anything about this. I consider this to be an important topic, yet it seems that many OE experts don't know much about it either.

  •     
  • Arduino Blog » Turn your staircase into a flaircase with this LED system

    If you live in a house with stairs and have to traipse up and down at night, it’s best to have some sort of light that guides you. Although a cell phone can work just fine, or you could likely activate bright overhead lighting, creator MagicManu devised an automatic and progressive solution to illuminate his path instead. MagicManu’s system knows when someone is there using PIR sensors arranged at both ends, and only activates if it’s dark enough thanks to a photoresistor. The entire setup is controlled by an Arduino Nano, while two potentiometers adjust light sensitivity and duration of ignition.

Red Hat’s Disruption of CentOS Unleashes Storm of Dissent

Five weeks after angering much of the CentOS Linux developer community by unveiling controversial changes to the no-cost CentOS operating system, Red Hat has unveiled alternatives for affected users that give them several options for using existing Red Hat products. But for many users of CentOS Linux, the Red Hat options won’t solve the huge problems that were created for them when Red Hat announced Dec. 8 that CentOS would no longer include a stable version with a long, steady future. Instead, CentOS will now only be offered as a free CentOS Stream operating system which will be a rolling release with frequent updates, essentially turning it into a beta OS that is no longer suitable for reliable production workloads. For users who have deployed CentOS throughout the internet, data centers, corporate and business uses and more, this is a potentially major blow. Read more Also: Fedora program update: 2021-03

The Demise of Chromium as Free Software

  • This is why Leading Linux Distros going to remove Chromium from their Official Repositories

    Jochen Eisinger from Google team mentioned in a discussion thread that they will be banning sync support system of Chromium. This lead to lot of frustration in the Linux Dev community & rage against googles sudden decision. This Decision can kill small browser projects & lead the web to single browser monopoly i.e. Google Chrome! As a result of the googles decision multiple distros are strictly considering removal of Chromium from their official repositories. Leading distros like Arch Linux, Fedora, Debian, Slackware & OpenSUSE have stated that if the sync support goes down from google they will definitely remove chromium from their official repositories.

  • Chromium 88 removes Flash support [Ed: But DRM added]

    I uploaded a set of chromium packages to my repository today. Chromium 88.0.4324.96 sources were released two days ago. The release notes on the Google Chrome Releases Blog mention 36 security fixes with at least one being tagged as “critical” but the article does not mention that Flash support has been entirely removed from Chromium now. Adobe’s Flash was already actively being blocked for a long time and you had to consciously enable Flash content on web pages, but after Adobe discontinued Flash on 1st of January 2021 it was only a matter of time before support in web browsers would be removed as well. Let’s also briefly revisit the topic of my previous post – Google will remove access to Chrome Sync for all community builds of the open source variant of their Chrome browser: Chromium… thereby crippling it as far as I am concerned.

  • Chrome 89 Preparing To Ship With AV1 Encoder For WebRTC Usage [Ed: Massive patent trap]

    Now that Chrome 88 released, attention is turning to Chrome 89 of which an interesting technical change is the enabling of AV1 encode support within the web browser. Going back to 2018 there's been AV1 decode support within the browser when wanting to enjoy content encoded in this royalty-free, modern codec. But now for Chrome 89 is coming AV1 encode support. AV1 encode support is being added for the WebRTC use-case for real-time conferencing. Web applications like WebEx, Meet, and Duo (among others) already support using AV1 for better compression efficiency, improved low-bandwidth handling, and greater screen sharing efficiency. While hardware-based AV1 encoding isn't yet common, Chrome Linux/macOS/Windows desktop builds are adding the ability to use CPU-based AV1 encoding.

José Antonio Rey: New times, new solutions

Just as humans change, the Ubuntu community is also changing. People interact in different ways. Platforms that did not exist before are now available, and the community changes as the humans in it change as well. When we started the Local Communities project several years ago, we did it with the sole purpose of celebrating Ubuntu. The ways in which we celebrated included release parties, conferences, and gatherings in IRC. However, we have lately seen a decline in the momentum we had with regards to participation in this project. We have not done a review of the project since its inception, and inevitably, the Community Council believes that it is time to do a deep dive at how we can regain that momentum and continue getting together to celebrate Ubuntu. As such, we are putting together the Local Communities Research Committee, an independent entity overseen by the Community Council, which will help us understand the behavior of Local Community teams, how to better adapt to their needs, and to create a model that is suitable for the world we are living in today. Read more Also: Bits from Debian: New Debian Maintainers (November and December 2020)