[$] May the FOLL_FORCE not be with you
One of the simplest hardening concepts to understand is
that memory should never be both writable and executable, otherwise an attacker
can use it to load and run arbitrary code. That rule is generally followed in
Linux systems, but there is a glaring loophole that is exploitable from user
space to inject code into a running process. Attackers have duly exploited it.
A new effort to close the hole ran into trouble early in the merge window, but a
solution may yet be found in time for the 6.11 kernel release.
Security updates for Friday
Security updates have been issued by AlmaLinux (linux-
firmware and squid), Debian (bind9), Fedora (kubernetes, thunderbird, and
tinyproxy), Oracle (containernetworking-plugins, cups, edk2, httpd, httpd:2.4,
kernel, kernel-container, libreoffice, libuv, libvirt, python3, and runc), Red
Hat (freeradius:3.0, httpd, and squid), and SUSE (giflib and python-
dnspython).
[$] What became of getrandom() in the vDSO
In the previous episode of the vgetrandom() story, Jason
Donenfeld had put together a version of the getrandom() system call that ran in
user space, significantly improving performance for applications that need a lot
of random data while retaining all of the guarantees provided by the system
call. At that time, it seemed that a consensus had built around the
implementation and that it was headed toward the mainline in that form. A few
milliseconds after that article was posted, though, a Linus-Torvalds-shaped
obstacle appeared in its path.
That obstacle has been overcome and this work
has now been merged for the 6.11 kernel, but its form has changed
somewhat.
[$] More informative kernel panics for Fedora
On July 12, Jocelyn Falempe proposed a change to the
configuration options that Fedora sets for its kernels, in order to make kernel
panics easier to report.
Falempe would like to enable the kernel's recently
added DRM-panic feature, which adds a graphical crash screen that is reminiscent
of the infamous Windows "blue screen of death" for kernel panics. The feature
introduces a few tradeoffs, including currently limited driver support, so the
proposal spawned a good deal of discussion.
Rust 1.80.0 released
Version 1.80.0 of the Rust language has been released.
Changes include the new LazyCell and LazyLock types (which delay data
initialization until the first access), the stabilization of the exclusive-range
syntax for match patterns, and more.