Kernel Watch
Jon Masters summarises the latest happenings in the Linux kernel, so that you don’t have to.
“Assorted finger pointing, along with a grumpy post to the kernel mailing list from a Valve dev.”
Linus Torvalds announced the release of Linux 5.2, noting that he had been “somewhat pre-disposed towards making an rc8 [5.2-rc8], simply because of my travels” but that it ultimately had not been necessary. The new kernel includes improvements to “pressure stall information” for memory pressure handling, a new “mitigations=” parameter for controlling chip security fixes, and a tweak to how “clone” handles process (task) creation to reliably
pass a PID (Process ID) to its parent that won’t have a chance of being recycled.
One topic we hadn’t covered previously was the Sound Open Firmware project. SOF (sofproject.org) aims to produce completely open source firmware for DSPS (Digital Signal Processors) contained within the audio hardware of modern machines. The initial release includes extensive support for Intel’s laptop parts, and will also enables developers to leverage this hardware for novel purposes unrelated (Bitcoin mining?–ed) to audio.
Two newly disclosed vulnerabilities in Linux and FREEBSD kernels were revealed. The first is known as “Multiple TCP Selective Acknowledgement” or SACK. TCP is the protocol layer used by the Internet for reliable “datagram” (packet) delivery. This means that it handles breaking individual messages to be sent between two computers (such as data in a webpage) into individual packets that are sent over the wire. It also handles automatic retransmission of any packets that are lost on the way to the destination. An optimization exists in TCP known as “SACK” in which a destination can specifically acknowledge receiving a collection of parts without needing to acknowledge each individually. This improves performance since a sender can reconstruct a view of what data has made it to a destination safely. In the vulnerability disclosed this month, Linux may experience an integer overflow or excessive resource usage if sent a series of specially crafted SACK messages.
The fixes – that improve SACK memory allocation – were shipped by most vendors in a coordinated fashion, but later it was observed that Steam (the game service) was breaking on Linux systems that had been patched. There was a reddit thread and even a github discussion with assorted finger pointing, along with a grumpy post to the kernel mailing list from a Valve developer. The problem indeed turned out to be the SACK patches, with a relatively easy followon fix. Linus even chimed in directly on the github discussion with a link to a patch. He really gets that engaged.