Language Selection

English French German Italian Portuguese Spanish

Linux

Linux >=4.9: eBPF memory corruption bugs

Filed under
Linux
Security

A few BPF verifier bugs in the Linux kernel, most of which can be used
for controlled memory corruption, have been fixed over the last days.
One of the bugs was introduced in 4.9, the others were only introduced
in 4.14.

The fixes are in the net tree of the Linux kernel
(https://git.kernel.org/pub/scm/linux/kernel/git/davem/net...),
but not in Linus' tree yet.

The following bug was introduced in 4.9:

Read more

FSF adds PureOS to list of endorsed GNU/Linux distributions

Filed under
OS
GNU
Linux

The FSF's list showcases GNU/Linux operating system distributions whose developers have made a commitment to follow its Guidelines for Free System Distributions. Each one includes and endorses exclusively free "as in freedom" software.

After extensive evaluation and many iterations, the FSF concluded that PureOS, a modern and user-friendly Debian-derived distribution, meets these criteria.

Read more

What Is GNU In GNU/Linux?

Filed under
GNU
Linux

GNU is an operating system and an extensive collection of free and open source software all of which are licensed under GPL(General Public License). A lot of people often get confused with the full form of GNU. Well, the full form of GNU is GNU’s Not UNIX. Yes, this is not a typing error and you read it right. It is a recursive word and has no actual meaning.

However, an animal called Wildebeest is in some places called GNU, hence it was chosen as the official mascot for GNU.

Read more

Also: FSF adds PureOS to list of endorsed GNU/Linux distributions

Raspberry Pi CM3 based automation controller adds ESP32

Filed under
Linux
Hardware

Techbase updated its ModBerry controllers with a model that mixes RPi CM3 and ESP32 modules, plus options like an expandable aluminum Modberry case, OLED display, and supercap backup.

Techbase announced several enhancements to its Linux-driven ModBerry family of automation controllers, which are based on a variety of open source boards. First, the company is introducing a new version of its ModBerry 500 to add an Espressif ESP32 module as a backup system for its Raspberry Pi Compute Module 3 (CM3) computer-on-module. The Gdansk, Poland based company also announced options that can be added to other ModBerry models, including a more expandable aluminum case, an OLED display, and a supercapacitor battery backup system (see farther below).

Read more

Also: Pico-ITX SBC offers TPM and a pair each of M.2 and MIPI-CSI

Restore Corrupted USB Drive To Original State

Filed under
Linux

​Many times our storage devices like sd cards and Pen drives get corrupted and unusable due to some reasons. It may be because of making a bootable media with that device, formatting via wrong platforms or creating partitions on that device.

Read<br />
more

Raspberry Pi 3 OS RaspAnd Now Supports Raspberry Pi 7" Touchscreen, Smart TVs

Filed under
Linux

Coming less than a week after the previous version, which introduced the latest Kodi 17.6 "Krypton" media center and TeamViewer 13 software to allow users to control other computers from their Raspberry Pi 3 SBC, RaspAnd 7.1.2 Build 171220 is here with support for the official Raspberry Pi 7" touchscreen.

"Thanks to a member on this site who asked for support for the Raspberry Pi official 7-inch touchscreen, I started to experiment with different configurations. Success! The changes are so good that I’ve decided to upload a new version of RaspAnd today," writes Arne Exton in the release announcement.

Read more

LWN on Linux (Paywall Expired): CPU Load, DRM, Process Tagging and tthe The MAP_FIXED

Filed under
Linux
  • Toward better CPU load estimation

    "Load tracking" refers to the kernel's attempts to track how much load each running process will put on the system's CPUs. Good load tracking can yield reasonable predictions about the near-future demands on the system; those, in turn, can be used to optimize the placement of processes and the selection of CPU-frequency parameters. Obviously, poor load tracking will lead to less-than-optimal results. While achieving perfection in load tracking seems unlikely for now, it appears that it is possible to do better than current kernels do. The utilization estimation patch set from Patrick Bellasi is the latest in a series of efforts to make the scheduler's load tracking work well with a wider variety of workloads.
    Until relatively recently, the kernel had no notion of how much load any process was putting on the system at all. It tracked a process's total CPU utilization, but that is different from — and less useful than — tracking how much of the available CPU time that process has been using recently. In 2013, the per-entity load-tracking (PELT) mechanism was merged; it maintains a running average of each process's CPU demands. That average decays quickly over time, so that a process's recent behavior is weighted much more heavily than its distant past. The PELT values are maintained (and continue to decay) while processes are blocked, giving a better overall view of their utilization.

  • Kernel support for HDCP

    High-bandwidth Digital Content Protection (or HDCP) is an Intel-designed copy-protection mechanism for video and audio streams. It is a digital rights management (DRM) system of the type disliked by many in the Linux community. But does that antipathy mean that Linux should not support HDCP? That question is being answered — probably in favor of support — in a conversation underway on the kernel mailing lists.
    HDCP is based on encryption and authentication. An HDCP-compliant device is not allowed to send high-quality media streams to any other device that cannot authenticate itself under the HDCP protocol and show that it contains a suitable key. In theory, HDCP prevents the extraction of digital media streams from a chain of devices using it; the practice is, as is often the case, a bit less certain. That notwithstanding, various content providers require HDCP to be present before making their offerings available.

    Many of the devices implementing HDCP — set-top boxes, televisions, etc. — run Linux, but the kernel itself does not currently have HDCP support. That may be about to change with this patch set from Sean Paul implementing HDCP for Intel i915 graphics. One part of the patch set in particular provides a generic capability in the direct-rendering layer to enable user space to turn on the content protection feature of the hardware; the application can also verify whether the graphics subsystem was able to establish an authenticated connection with the device at the other end of the cable. Said application is likely to use that information to refuse to play content in the absence of an HDCP-compliant device on the line.

  • Process tagging with ptags

    For various reasons related to accounting and security, there is recurring interest in having the kernel identify the container that holds any given process. Attempts to implement that functionality tend to run into the same roadblock, though: the kernel has no concept of what a "container" is, and there is seemingly little desire to change that state of affairs. A solution to this problem may exist in the form of a neglected patch called "ptags", which enables the attachment of arbitrary tags to processes.

    Given that containers are at the receiving end of a lot of attention currently, it is natural to wonder why the kernel refuses to recognize them. The kernel does provide the features needed to implement containers: namespaces for isolation, control groups for resource management, seccomp and security modules to implement security policies, etc. But there is little agreement over what actually constitutes a container, and there is still a lot of experimentation going on with interesting new ways of implementing the container concept.

  • MAP_FIXED_SAFE

    The MAP_FIXED option to the mmap() system call allows a process to specify that a mapping should be placed at a given virtual address if at all possible. It turns out, though, that "if at all possible" can involve a bit more collateral damage than some would like, and can even lead to exploitable vulnerabilities. A new, safer option is in the works but, as is often the case, it has run into a bit of non-technical difficulty.

antiX-16.3-full iso files available

Filed under
GNU
Linux

I have made available updated point-release 3 iso files of antiX-16 (jessie) series – full versions only – for 32 and 64 bit arches. This is basically antiX-16.2 plus over 250 MB of upgrades.

Both isos fit on a cd.

If you already are using antiX-16 (16.1,16.2) series, there is no need to replace your install with this newer version.

Read more

7-Way Linux OS Comparison With KVM

Filed under
OS
Linux

Complementing our recent Amazon EC2 Linux cloud distribution benchmarks, here are some fresh test results when comparing various Linux distributions when benchmarking them as guest VMs with the KVM hypervisor.

Read more

Linux Distros That Discontinued Unexpectedly

Filed under
Linux

The thing about Linux is that anyone can model it to their choice, this has led to many users/teams creating their own customized distributions. Since there is no fully fledged organization behind them, some of them are not able to sustain development. This may lead to the discontinuation of the project. So here in this article, let us have a look at some Linux distributions that discontinued unexpectedly.

Read more

Syndicate content

More in Tux Machines

Librem 5 Phone Progress Report

  • Librem 5 Phone Progress Report – The First of Many More to Come!
    First, let me apologize for the silence. It was not because we went into hibernation for the winter, but because we were so busy in the initial preparation and planning of a totally new product while orienting an entirely new development team. Since we are more settled into place now, we want to change this pattern of silence and provide regular updates. Purism will be giving weekly news update posts every Tuesday, rotating between progress on phone development from a technology viewpoint (the hardware, kernel, OS, etc.) and an art of design viewpoint (UI/UX from GNOME/GTK to KDE/Plasma). To kickoff this new update process, this post will discus the technological progress of the Librem 5 since November of 2017.
  • Purism Eyeing The i.MX8M For The Librem 5 Smartphone, Issues First Status Update
    If you have been curious about the state of Purism's Librem 5 smartphone project since its successful crowdfunding last year and expedited plans to begin shipping this Linux smartphone in early 2019, the company has issued their first status update.

Benchmarking Retpoline-Enabled GCC 8 With -mindirect-branch=thunk

We have looked several times already at the performance impact of Retpoline support in the Linux kernel, but what about building user-space packages with -mindirect-branch=thunk? Here is the performance cost to building some performance tests in user-space with -mindirect-branch=thunk and -mindirect-branch=thunk-inline. Read more

An introduction to Inkscape for absolute beginners

Inkscape is a powerful, open source desktop application for creating two-dimensional scalable vector graphics. Although it's primarily an illustration tool, Inkscape is used for a wide range of computer graphic tasks. The variety of what can be done with Inkscape is vast and sometimes surprising. It is used to make diagrams, logos, programmatic marketing materials, web graphics, and even for paper scrapbooking. People also draw game sprites, produce banners, posters, and brochures. Others use Inkscape to draft web design mockups, detail layouts for printed circuit boards, or produce outline files to send to laser cutting equipment. Read more

Behind the scenes with Pop!_OS Linux

In October, Linux PC maker System76 released its homegrown version of Linux, Pop!_OS, giving users the choice between its legacy Ubuntu operating system or the new Pop!_OS flavor of Linux. Recently Opensource.com gave away a System76 laptop with Pop!_OS installed, which made me curious about the company and this new version of Linux, so I spoke with Cassidy James Blaede, Pop!_OS's user experience (UX) designer. Blaede joined System76 in 2014, fresh out of college at the University of Northern Iowa and marriage to his wife, Katie. While in college, he co-founded the elementary OS project and interned at UX consultancy Visual Logic, both of which influenced his work for System76. He started at System76 as a front-end developer and was later promoted to UX architect. Read more