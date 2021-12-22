Kernel Space: LWN Articles and Chat With Dirk Hohndel
Gathering multiple system parameters in a single call [LWN.net]
Running a command like lsof, which lists the open files on the system along with information about the process that has each file open, takes a lot of system calls, mostly to read a small amount of information from many /proc files. Providing a new interface to collect those calls together into a single (or, at least, fewer) system calls is the target of Miklos Szeredi's getvalues() RFC patch that was posted on March 22. While the proposal does not look like it is going far, at least in its current form, it did spark some discussion of the need—or lack thereof—for a way to reduce this kind of overhead, as well as to explore some alternative ways to get there via code that already exists in the kernel.
5.18 Merge window, part 2 [LWN.net]
Linus Torvalds released the 5.18-rc1 kernel prepatch on April 3, after having pulled 13,207 non-merge changesets into the mainline repository. This merge window has thus not only been turbulent, with a significant number of regressions and refused pull requests, it has also been relatively busy. Just over 9,000 of those changesets were pulled after the first 5.18 merge window summary was written; the time has come to catch up with the remainder of changes merged for this development cycle.
A security fix briefly breaks DMA [LWN.net]
In theory, direct memory access (DMA) operations are simple to understand; a device transfers data directly to or from a memory buffer managed by the CPU. Almost all contemporary devices perform DMA, since it would not be possible to obtain the needed performance without it. Like so many things, DMA turns out to be a bit more complicated in practice. That complexity led to an erroneous patch, intended to improve security, breaking DMA for some devices in 5.17 and some stable kernels.
Indirect branch tracking for Intel CPUs [LWN.net]
"Control-flow integrity" (CFI) is a set of technologies intended to prevent an attacker from redirecting a program's control flow and taking it over. One of the approaches taken by CFI is called "indirect branch tracking" (IBT); its purpose is to prevent an attacker from causing an indirect branch (a function call via a pointer variable, for example) to go to an unintended place. IBT for Intel processors has been under development for some time; after an abrupt turn, support for protecting the kernel with IBT has been merged for the upcoming 5.18 release.
The kernel, like many C programs, makes extensive use of indirect branches. As a simple example, consider system calls; user space provides a number indicating which system call is required, and the kernel responds by looking up the appropriate function from a table (using that number) and calling that function via an indirect branch. Function pointers abound in the kernel; among other things, they are used to implement its vaguely object-oriented programming model.
If an attacker is able to somehow corrupt a variable that is used for indirect branches, they may be able to redirect the kernel's execution flow to an arbitrary location. That could result in unintended function calls; on complex processors like x86, it is also possible to get interesting results by jumping into the middle of a multi-byte instruction. Exploit techniques like return-oriented programming and jump-oriented programming depend on this kind of redirection.
IBT is meant as a defense against jump-oriented programming; it works by trying to ensure that the target of every indirect branch is, in fact, intended to be reached that way. There are a number of approaches to IBT, each with its own advantages and disadvantages. For example, the kernel gained support for a compiler-implemented IBT mechanism during the 5.13 development cycle. In this mode, the compiler routes every indirect branch through a "jump table", ensuring that the target is not only meant to be reached by indirect branches, but that the prototype of the called function matches what the caller is expecting. This approach works, at the cost of a fair amount of compile-time and run-time overhead.
Dirk Hohndel: Linux, Linus, Licenses, and the Business of Open Source
When Hohndel suddenly announced in January that he was leaving VMware earlier this year because “I had completed the job I set out to do,” I immediately pinged him to see about an interview. He agreed, but wanted to wait until after he was officially gone from VMware, and in early March we sat down to a Zoom meeting for what I thought would be a quick, down-and-dirty 20 minute interview on the whys and wherefores of leaving VMware, and perhaps a little bit about Linux and open source.
We ended up talking for the better part of an hour, most of which is included here because he had a lot of really interesting things to say that I just couldn’t leave on the cutting room floor. Our talk has been lightly edited for readability, and starts with me questioning why he suddenly left VMware.
Open Source Firmware on TigerLake platforms - part 1
If somebody would tell 7 years ago that Intel will support open source firmware, he would be laughed at instantly. If we recall time, like 15 years ago where the datasheets were more open and were sufficient to write open source firmware, today it is not possible. Silicon vendors are hiding the intellectual property contained in the processors. It would seem like the open source firmware is doomed, but… Thankfully there are companies and Intel employees that try to make impact and change this situation. For example Google supporting the coreboot project on their Chromebooks encourage Intel to release the Firmware Support Package (FSP). The FSP is a bundled silicon initialization code in a binary form with well documented interface and configuration options. It simplifies new hardware enabling and reduces cost of overall firmware development. While it doesn’t solve all problems and sometimes causes issues, kudos should go to Intel for supporting the open source firmware. Special credits should go to the open source firmware community members from Intel: Nathaniel DeSimone, Vincent Zimmer, Brian Richardson and Isaac Oram. Also: Open Source BIOS Runs on Alder Lake Motherboard for the First Time
Software: FitoTrack, Reproducible Builds/Projects, and hledger
Devices: e-con Systems and Arduino Projects
Updates on Boatswain
Since I wrote the announcement of Boatswain, things have progressed quite a lot. As I prepare for the 1.0 release, more features and bugfixes get in, and it’s getting dangerously close to achieving all features I personally want from it. Stream Deck Mini & Original (v1) Thanks to a generous Stream Deck Mini donation, I managed to fix a couple of bugs in the HID code that controls is. It is now able to upload icons to buttons, and properly fetch the serial number of the device. Later on, a kind individual helped testing and debugging the Stream Deck Original (v1) code. I only have a 2nd generation Original, and the HID protocol changed significantly between them, so this testing was invaluable. There were another couple of bugs specific to Original v1 fixed in no time after they were reported. Because Stream Deck Original (v2), XL, and MK.2 seem to share the same HID protocol, I’m cautiously confident that they all should be fine.
