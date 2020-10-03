Kernel: Development, LVFS and AMD RAPL PowerCap Patches Updated For Linux
-
Is it possible to implement a Linux kernel patch without disrupting other applications?
If you’re running your system with Linux servers, you could implement a couple of methods to keep your system kernels up-to-date. Let’s look at some of the most common.
-
Saying goodbye to set_fs()
The set_fs() function dates back to the earliest days of the Linux kernel; it is a key part of the machinery that keeps user-space and kernel-space memory separated from each other. It is also easy to misuse and has been the source of various security problems over the years; kernel developers have long wanted to be rid of it. They won't completely get their wish in the 5.10 kernel but, as the result of work that has been quietly progressing for several months, the end of set_fs() will be easily visible at that point.
This 2017 article describes set_fs() and its history in some detail. The short version is that set_fs() sets the location of the boundary between the user-space portion of the address space and the kernel's part. Any virtual address that is below the boundary set by the last set_fs() call on behalf of a given process is fair game for that process to access, though the memory permissions stored in the page tables still apply. Anything above that limit belongs to the kernel and is out of bounds.
Normally, that boundary should be firmly fixed in place. When the need to move it arises, the reason is usually the same: some kernel subsystem needs to invoke a function that is intended to access user-space data, but on a kernel-space address. Think, for example, of the simple task of reading the contents of a file into a memory buffer; the read() system call will do that, but it also performs all of the usual access checks, meaning that it will refuse to read into a kernel-space buffer. If a kernel subsystem must perform such a read, it first calls set_fs() to disable those checks; if all goes well, it remembers to restore the old boundary with another set_fs() call when the work is done.
Naturally, history has proved that all does not always go well. It's thus not surprising that the development community has wanted to rid itself of set_fs() for many years. It's also unsurprising that this hasn't happened, though. The kernel project does not lack for developers, but there is always a shortage of people who are willing and able to do this sort of deep infrastructural work; it tends to not feature highly in any company's marketing plan. So the task of removing set_fs() has languished for years.
-
LVFS tames firmware updates
Keeping device firmware up-to-date can be a challenge for end users. Firmware updates are often important for correct behavior, and they can have security implications as well. The Linux Vendor Firmware Service (LVFS) project is playing an increasing role in making firmware updates more straightforward for both end users and vendors; LVFS just announced its 20-millionth firmware download. Since even a wireless mouse dongle can pose a security threat, the importance of simple, reliable, and easily applied firmware updates is hard to overstate.
Red Hat's Richard Hughes started LVFS in 2016, and in 2019 the Linux Foundation took the project under its wing. Since its inception, LVFS has grown to provide firmware updates for over 2,000 devices from approximately 100 different vendors.
In a 2019 presentation [YouTube] (slides [PDF]), Hughes discussed firmware updates in terms of human, organizational, and technical complexity. As he explained, end users generally don't know what exact hardware they have in their machines, whether its firmware can be updated, if that firmware needs to be updated, where to get that update, or how to apply it. Additionally, users often do not understand the importance of these updates; as Hughes pointed out, "updating your mouse firmware when your mouse is working fine seems ridiculous."
Further, one vendor's hardware often contains updatable components from another vendor, and each only provides firmware for the hardware that it is directly responsible for. Taken together, as Hughes said, "users have no chance of getting this right." LVFS addresses this complexity by providing a centralized repository of firmware and the associated metadata, bringing vendors and end users together. LVFS, however, is more than a centralized firmware distribution site; in the words of Hughes, the LVFS provides "a pipeline right from the firmware author, all the way to the end user."
-
AMD RAPL PowerCap Patches Updated For Linux - Now Include Family 19h (Zen 3)
Patches from a Google engineer allow run-time average power limiting (RAPL) support for AMD Zen processors within the Linux PowerCap driver.
Earlier this year was AMD Zen RAPL support in the Perf subsystem while this more recent activity for AMD RAPL has been about the PowerCap code. The Linux PowerCap framework was originally conceived by Intel but AMD Zen CPUs have similar MSRs available for supporting limiting the CPU TDP and also reading the current energy usage. With these patches /sys/class/powercap/intel-rapl/intel-rapl:0/energy_uj is the latest way of exposing the AMD CPU energy usage under Linux.
-
- Login or register to post comments
- Printer-friendly version
- 1178 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
LibreOffice 7.0.2 Is Now Available for Download with More Than 130 Bug Fixes
LibreOffice 7.0 was launched about two months ago with many new features and enhancements, including support for the OpenDocument Format (ODF) 1.3, better compatibility with MS Office formats like DOCX, XLSX and PPTX, HiDPI scaling for Qt5/KDE5, and much more. The first point release arrived last month with almost 80 bug fixes, but the LibreOffice development team didn’t stop there so they continued hunting and squashing bugs. As such, LibreOffice 7.0.2 is here today with a total of 131 bug fixes across all core components to improve document compatibility and the overall performance of the office suite.
Games: Ziggurat 2, Godot Engine, Sunshine Manor and X4: Cradle of Humanity
today's howtos
Oracle Linux 7.9 Released with New Unbreakable Enterprise Kernel Based on Linux 5.4 LTS
Oracle Linux 7 Update 9 is here to introduce the Unbreakable Enterprise Kernel (UEK) Release 6 as the default kernel for x86_64 (64-bit) and AArch64 (ARM64) platforms, which is based on the mainline Linux 5.4 LTS kernel and introduces numerous new features and improvements for top-notch hardware support. These include zero copy networking to boost the network performance and enable building of faster networking products, support for the Btrfs file system, support for the OCFS2 file system, DTrace support, as well as enhanced security and virtualization support for the AArch64 (ARM64) platform.
Recent comments
1 hour 25 min ago
3 hours 5 min ago
4 hours 59 min ago
7 hours 53 min ago
7 hours 56 min ago
10 hours 28 min ago
12 hours 15 min ago
16 hours 49 min ago
16 hours 51 min ago
17 hours 14 sec ago