Linux 4.19 Preparing Better CPU Security Mitigations, New EROFS File-System (phoronix.com) 88
An anonymous reader writes: Linus Torvalds released on Sunday Linux 4.19-rc1 that he describes as a "fairly frustrating merge window" following the new features landing over the past two weeks. What does this "pretty big release" offer? Phoronix's Linux 4.19 feature overview sheds light on more Spectre CPU mitigations for x86/POWER/s390, the new EROFS read-only Android file-system, a Raspberry Pi voltage driver, ThinkPad calculator key support, an in-kernel GPS subsystem, the Google GASKET driver framework, virtual kernel mode-setting, Qualcomm Adreno 600 series support, and many other improvements.
Re: Frankenkernel (Score:2, Informative)
Re: (Score:2)
Yes you were & are.
Re: (Score:2)
Now with 150% more recycled pixels!
Re: Frankenkernel (Score:2)
Re: (Score:2)
That's probably why a single kernel doesn't do all this shit. The source is there for all these features, but each kernel is customized with conditional compilation controlled by the .config file at build time.
While that's true most will use their distro's precompiled kernel which obviously has most things enable to support all the possible use cases their customers have. I guess it works to keep experimental code in the tree but not in the default build, but once it's lifted to "production code" I think a lot of people will get it by default.
Re: Frankenkernel (Score:4, Informative)
Re: (Score:1)
very well said. sadly most folks who use x86/x86-64 distros don't see the delineation as clearly as the embedded folks. these projects spend months patching linux drivers to a specific SoC/SoM and know precisely where the kernel stops - and their fallback is busybox for what most people recognize as the OS. Patching/customizing linux is not for the faint hearted (and I've come to hate their use of macros with some passion) but one of the sad side effects of (the usability of) Ubuntu is that we have a lot of
Re: (Score:2)
You can actually compile what you don't want out of the kernel you know... ah nevermind, most of the kernel is just drivers anyway, and there's even USB support for the human body so it is really a frakenkernel.
Re: Frankenkernel (Score:1)
Message passing was stupid and therefore ultimately failed. Let's move on.
Re: Frankenkernel (Score:2)
Re: (Score:1)
Everyone builds their own message queue because there aren't any known good message queue libs, only standards which don't really fit anyone but pretending to be usable for everything.
The best message queue libs I've seen have always been internal company projects, and even they weren't generic enough, and were regularly bypassed for higher efficiency.
It's the same as any other protocol. We need very generic tools to properly explain specific protocols for specific tasks.
And the part of protocol design wher
Re: (Score:2)
Re: (Score:2)
well, computers aren't simple things anymore, should a single cpu do all the things it does today? compared to the old days (oh my) where it was possible for one person to know all the ins & outs of a whole machine, or where the circuit diagrams were included in the manual. impossible today.
that said, the linux kernel isn't as bad as you make it out to be. a lot of stuff is left to handle specifically in userland, i think it is even the preference of Linus to move anything out of the kernel that is not
Kernel Security Code (Score:5, Funny)
I got a preview of the security Code:
if (cpu_vendor == intel) {
disable_L1_cache();
disable_L2_cache();
disable_L3_cache();
disable_instr_cache();
disable_data_cache();
disable_branch_prediction();
disable_hyperthreading();
if (ultra_secure_mode == true) {
for (i=1;i=num_cores-1;i++) {
disable_core(i);
}
}
}
one can expect a heavy performance penalty, but the power consumption should go way down, so we have that going for us.
Re: Kernel Security Code (Score:1)
Actually its liable to overheat after it gets caught in that infinite loop in ultra secure mode.
Re: (Score:2)
Yes it is. The test condition is assignment and not a comparison.
If AC intended for it to be == then it would work fine until it ran on a single core machine. Then the loop would run 4 billion times.
So that comparison should be =
Re: (Score:2)
Gah, slashdot munged my less than or equal operator and turned it into =
I suspect now that's what happened to AC's code.
Re: Kernel Security Code (Score:1)
Re: (Score:2)
Way to improve CPU security: (Score:5, Insightful)
Only buy AMD.
Re: (Score:2, Offtopic)
Re: (Score:1)
AMD smokes Intel, everyone knows that.
Funny how everyone knows that now. If I wrote that little over a year ago I'd get downvoted into oblivion, and I've been using an AMD AM3 / AM3+ based PC for most of the last decade. How many Intel CPU socket changes happened during that time?
Re: (Score:2)
Uh, no.
New EROFS (Score:2)
Re: (Score:3)
It's a read-only file system from Huawei, intended to be an improvement on over existing read-only file systems for Android devices. Yes, this is the same Huawei that makes phone you can't (couldn't, may not be able to in the future...?) take into a US military facility, FWIW.
Re: (Score:3)
Yes, this is the same Huawei that makes phone you can't (couldn't, may not be able to in the future...?) take into a US military facility, FWIW.
It's worth nothing. Sudden panic banning Chinese equipment without any actionable intelligence is bad enough, but conflating the company with some open source code that has been independently reviewed and mainlined in the kernel is worth even less.
Re: (Score:3)
Sudden panic banning
The US congress has been warning US corporations to avoid Huawei and ZTE since 2012. You reveal your own ignorance if you actually believe current events are something sudden or surprising.
Australia has joined the US in banning Huawei from infrastructure work. They recognize this company is simply a commercial arm of the PLA and are wisely keeping it out of critical infrastructure.
This is the sort of naiveté people in the US use to have about Russia.
Re: (Score:2)
The US congress has been warning US corporations to avoid Huawei and ZTE since 2012. . You reveal your own ignorance if you actually believe current events are something sudden or surprising.
LOL WUT? If you think what was happening in 2012 is any way remotely comparable to the actions of the past 4 months I have a bridge to sell you, one with a government warning label.
Australia has joined the US in banning Huawei from infrastructure work.
Yep. The 51st State of America expressing its independence once again. Interestingly you note yourself here that the ban is new, the multinational effort is new, yet you accuse me of ignorance for realising that a fucking lot has changed in the past few months?
They recognize this company is simply a commercial arm of the PLA
They recognise the USA has told people without ever producing a shred
Support for laptops that only have USB-C (Score:4, Interesting)
The summary left out a pretty important point from the article, in my opinion:
The USB Type-C display mode alternate driver was merged to the mainline kernel for stepping up the DP Type-C support, but more work on integrating with the DRM drivers is still being tackled.
So what this means, is that you have a dongle or monitor cable with USB-C on one end, and DisplayPort on the other end.
This is important, because I expect to see new laptops coming out, that only have USB-C/Thunderbolt 3. The obvious existing ones are from Apple, but I expect that more laptops will come out with no other ports except USB-C/Thunderbolt 3.
USB: DP vs PD (Score:1)
The summary left out a pretty important point from the article, in my opinion:
The USB Type-C display mode alternate driver was merged to the mainline kernel for stepping up the DP Type-C support, but more work on integrating with the DRM drivers is still being tackled.
Slight confusing:
* DP = DisplayPort: https://www.displayport.org/displayport-over-usb-c/
But if you transpose them:
* PD = PowerDelivery: http://www.usb.org/developers/powerdelivery/
Of course you can connect a display using DP to a laptop, and also have the screen have PD to charge the battery.
Re: (Score:2)
Not likely outside apple. Most other manufacturers will keep at least one A port because they aren't stupid enough to assume everyone has a wireless mouse and all mouse transmitters are USB-A. They might have a single Halo product that mimics Apple but the majority will include A ports.
Re: (Score:2)
Depends on what you've mapped it to...
EROFS (Score:3)
People still only look st lines of code (Score:2)
Linux has been modular for decades, so you only include what you use. So if you don't use the filesystem or the patch, you don't install the filesystem or patch.
Interactions should only be with the local subsystem, so a hundred modules of a hundred thousand makes no difference. You're still only looking at core functions (kernel core functions plus local API). The subsystem takes care of security, etc.
With kernel threads, non-interacting code blocks don't need to risk blocking each other.
Because context swi
GPS subsystem (Score:2)
What can this subsystem do and why does it have to be in the kernel?
And yes, I buy AMD where I can.
Re: (Score:2)
If only there was a userland program like gpsd to unify GPS providers into a standard format output stream. Oh wait, there is... [wikipedia.org]