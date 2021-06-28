Linux Security and FUD Intel To Disable TSX By Default On More CPUs With New Microcode Intel is going to be disabling Transactional Synchronization Extensions (TSX) by default for various Skylake through Coffee Lake processors with forthcoming microcode updates. Yes, this does mean performance implications for workloads benefiting from TSX. This change has seemingly not been talked about much at all publicly and I just happened to become aware of it when looking through new kernel patches. Transactional Synchronization Extensions (TSX) have been around since Haswell for hardware transactional memory support and going off Intel's own past numbers can be around 40% faster in specific workloads or as much 4~5 times faster in database transaction benchmarks. TSX issues have been found in the past such as a possible side channel timing attack that could lead to KASLR being defeated and CVE-2019-11135 (TSX Async Abort) for an MDS-style flaw. Now in 2021 Intel is disabling TSX by default across multiple families of Intel CPUs from Skylake through Coffee Lake.

REvil ransomware's new Linux encryptor targets ESXi virtual machines [Ed: This is not a "Linux" issue but some Proprietary Software issue; classic Fear, Uncertainty, Doubt (FUD)/Fear-mongering/Dramatisation in a Microsoft-connected site] The REvil ransomware operation is now using a Linux encryptor that targets and encrypts Vmware ESXi virtual machines.

Programming Leftovers Clang Profile Guided Optimizations Support Sent In For Linux 5.14 - Phoronix Compiling the Linux kernel with LLVM's Clang code compiler continues to be more featureful with plumbing now being added to handle profile-guided optimizations (PGO) to help in achieving greater performance for optimizing kernel builds for targeted workloads. Earlier this month I wrote about Clang PGO likely coming for Linux 5.14 and indeed the pull request was sent in on Monday. While GCC PGO for the Linux kernel was previously shot down, it looks like this new infrastructure will make it in for this new cycle.

Glibc 2.34 Adds "_Fork" Function Ahead Of Future POSIX Revision - Phoronix The GNU C Library (Glibc) has landed its _Fork function implementation as an async-signal-safe fork replacement that is also expected to be made part of the next POSIX standards revision. Going back to 2007 has been Glibc Bug 4737 of the fork function not being signal safe with glibc, unlike some BSDs and other platforms. Various developers have commented on it over the years due to deadlocks occurring in their programs such as if using fork() within a signal handler and other conditions met.

Sensible datetime scale for Gonum Plot Few months ago I posted a library for sensible int scale for Gonum Plot. There is a similar package I’ve developed to handle timescales. The integer one, being based on a recursive function, works with any number scale. Differently, this one will only work well with a timescale between 2 days and a couple of years. Extending it is not hard since it’s enough to add additional case statements in the switch, but I’ve not found use-cases for different timeframes so far. If you add additional options, please commit them back!

GStreamer Rust bindings 0.17.0 release A new version of the GStreamer Rust bindings, 0.17.0, was released. As usual this release follows the latest gtk-rs release. This is the first version that includes optional support for new GStreamer 1.20 APIs. As GStreamer 1.20 was not released yet, these new APIs might still change. The minimum supported version of the bindings is still GStreamer 1.8 and the targetted GStreamer API version can be selected by applications via feature flags. Apart from this, the new version features a lot of API cleanup, especially of the subclassing APIs, and the addition of a few missing bindings. As usual, the focus of this release was to make usage of GStreamer from Rust as convenient and complete as possible.