LWN Kernel Coverage (Now Outside Paywall)

Submitted by Roy Schestowitz on Thursday 4th of October 2018 05:18:24 AM
Linux
  • Software-tag-based KASAN

    The kernel address sanitizer (KASAN) is a kernel debugging tool meant to catch incorrect use of kernel pointers. It is an effective tool, if the number of KASAN-based bug reports showing up on the mailing lists is any indication. The downside of KASAN is a significant increase in the amount of memory used by a running system. The software-tag-based mode proposed by Andrey Konovalov has the potential to address that problem, but it brings some limitations of its own.

    KASAN works by allocating a shadow memory map to describe the addressability of the kernel's virtual address space. Each byte in the shadow map corresponds to eight bytes of address space and indicates how many of those eight bytes (if any) are currently accessible to the kernel. When the kernel allocates or frees a range of memory, the shadow map is updated accordingly. Using some instrumentation inserted by the compiler, KASAN checks each kernel pointer dereference against the shadow map to ensure that the kernel is meant to be accessing the pointed-to memory. If the shadow map indicates a problem, an error is raised.

    It is an effective technique and, thanks to the support from the compiler, the run-time CPU overhead is tolerable in many settings. But the shadow map requires a great deal of memory, and that does affect the usability of KASAN in the real world, especially when it is used on memory-constrained systems. This overhead is particularly painful for users who would like to run KASAN on production systems as an additional security measure.

  • Time namespaces

    The kernel's namespace abstraction allows different groups of processes to have different views of the system. This feature is most often used with containers; it allows each container to have its own view of the set of running processes, the network environment, the filesystem hierarchy, and more. One aspect of the system that remains universal, though, is the concept of the system time. The recently posted time namespace patch set (from Dmitry Safonov with a lot of work by Andrei Vagin) seeks to change that.

    Creating a virtualized view of the system time is not a new concept; Jeff Dike posted an implementation back in 2006 to support his user-mode Linux project. Those patches were not merged at the time but, since then, the use of containers has taken off and the interest has increased. One might view time as a universal concept, but there are use cases for a per-container notion of time; they can be as simple as testing software at different points in time. The driving force behind this patch set, though, is likely to be problems associated with the checkpointing of processes and migrating them between physical hosts. When a process is restarted, it should have a consistent view of time, and that may require applying some adjustments at restart time.

    The implementation is straightforward enough. Each time namespace contains a set of offsets to be added to the system's notion of the current time. The kernel maintains a number of clocks with different characteristics (documented here), each of which can have a different offset. Some of these clocks, such as CLOCK_MONOTONIC, have an undefined start point that will vary from one running system to the next, so they will need their own offsets to maintain consistent behavior for a container that has been migrated. System calls that adjust the system time will, when called outside of the root time namespace, adjust the namespace-specific offsets instead.

  • Progress on Zinc (thus WireGuard)

    When last we looked at the WireGuard VPN code and its progress toward mainline inclusion, said progress was impeded by disagreements about the new "Zinc" cryptographic library that is added by the WireGuard patches. Since that August look, several more versions of WireGuard and Zinc have been posted; it would seem that Zinc is getting closer to being accepted. Once that happens, the networking developers are poised to review that portion of the code, which likely will lead to WireGuard in the kernel some time in the next development cycle or two.

    Jason Donenfeld posted Zinc v3 as part of an updated WireGuard posting on September 10. Of the versions he has posted since our article (up to v6 as of this writing), v3 has gotten most of the comments. One of the main complaints about Zinc is that it creates a new crypto API in the kernel without really addressing why the existing one would not work for WireGuard.

  • The kernel's code of conduct, one week later

    The dust has begun to settle after the abrupt decisions by Linus Torvalds to take a break from kernel maintainership and to adopt a code of conduct for the community as a whole. Unsurprisingly, the development community, most of which was not consulted prior to the adoption of this code, has a lot of questions about it and a number of concerns. While many of the answers to those questions will be a while in coming, a few things are beginning to come into focus.

    It is worth starting with one important point that last week's article failed to mention: the new code of conduct is not actually new to the community as a whole. In particular, the DRM (graphics) subsystem adopted the freedesktop.org code of conduct in April 2017. This code, like the code for the kernel as a whole, is derived from the Contributor Covenant text. There have not been any problems of note arising from the use of this code in that subsystem to date. Your editor has been told that the DRM community's successful use of this code was a direct contributor to Torvalds's choice of this particular code as a starting point for the kernel.

OSS: RMS on Commons Clause, Customer Conversations Changing in Era of Open Source, Sourcegraph Liberated

  • Stallman says Commons Clause is a non-free licence
    Free Software Foundation chairman Richard Stallman has described the Commons Clause licence as "ill-named" because it is a non-free licence that does not provide the four freedoms mandated by the FSF. Stallman was responding to queries from iTWire about the Commons Clause licence, which surfaced earlier this year. The company behind it, Fossa.io, was contacted by iTWire on Monday after hearing that some changes were contemplated in the licence which has received no support from any of the organisations that judge whether a licence is an open-source one or not.
  • Customer Conversations Changing in Era of Open Source, Automation
    Open source and automation are changing customer conversations, but in different ways for different customers, says John Isch, director of the network and voice practice in North America for Orange Business Services. Not everyone wants the details, but some businesses will do a deep dive on the technology and he has to be prepared for that.
  • Sourcegraph, a code search, and navigation engine is now open source!
    The Sourcegraph team announced that they’re making Sourcegraph, a self-hosted code search and navigation engine, available as open source, earlier this week. “We opened up Sourcegraph to bring code search and intelligence to more developers and developer ecosystems—and to help us realize the Sourcegraph master plan,” writes Quinn Slack on the announcement page. This Sourcegraph master plan involves making basic code intelligence ubiquitous (for every language, and in every editor, code host, etc.). It wants to focus on making code review continuous and intelligent. Additionally, they also hope to increase the amount and quality of open-source code.
  • OSNEXUS to Present on Open Source Software-Defined Storage at OpenStack Days Nordic

Why TENS is the secure bootable Linux you need

Before you get too excited, TENS isn't a pen-testing distro for admins to use to harden their network. TENS is a live desktop Linux distribution that gives the user a level of security they would not have with a standard desktop. That means it's great to use in places where network security is questionable, or when you need to submit sensitive data, and you don't trust a standard desktop operating system. In other words, anytime you need to use a network for the transmission of sensitive data, TENS Linux could easily be a top choice for users. Read more

Security: ClamAV, Phishing Attack on Azure Blob Storage, Fingbox/Ubuntu

  • ClamAV 0.100.2 has been released!
    ClamAV 0.100.2 has been released! This is a patch release to address several vulnerabilities.
  • Phishing Attack on Azure Blog Storage Dodges Users by Displaying a Signed SSL Certificate from Microsoft
    The user when enters their information, the contents will be submitted to a server which is being operated by the phishing attackers. The opened page will pretend that the document is beginning to download but it ultimately just redirects the user to this URL: https://products.office.com/en-us/sharepoint/collaboration Microsoft site.
  • Phishing Attack Uses Azure Blob Storage to Impersonate Microsoft
    Even though phishing attacks can be quite convincing, a give away is when diligent users notice that the login form is unsecured or the SSL certificate is clearly not owned by the company being impersonated. A new Office 365 phishing attack utilizes an interesting method of storing their phishing form hosted on Azure Blob Storage in order to be secured by a Microsoft SSL certificate.
  • Fing: future-proofing Fingbox the IoT home network monitoring device
    As many as 20.4 billion internet of things devices are estimated to be in use by 2020, according to Gartner, with consumer products making up 63% of this figure. A large amount of these will be low-cost devices, rushed out by manufacturers in order to capitalise on this opportunity. Unfortunately, this method typically pays no attention to the long-term lifecycle of a product or software strategy. Factors that are typically not considered include: how can security updates be rolled out quickly? How to ensure your customers are on the latest version of your software especially once the device is out in consumer’s homes? How can the product lifecycle be extended through software functionality which may even up new revenue opportunities?

