Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux 4.19 Preparing Better CPU Security Mitigations, New EROFS File-System (phoronix.com)

Posted by msmash on from the for-the-record dept.

An anonymous reader writes: Linus Torvalds released on Sunday Linux 4.19-rc1 that he describes as a "fairly frustrating merge window" following the new features landing over the past two weeks. What does this "pretty big release" offer? Phoronix's Linux 4.19 feature overview sheds light on more Spectre CPU mitigations for x86/POWER/s390, the new EROFS read-only Android file-system, a Raspberry Pi voltage driver, ThinkPad calculator key support, an in-kernel GPS subsystem, the Google GASKET driver framework, virtual kernel mode-setting, Qualcomm Adreno 600 series support, and many other improvements.

10 of 88 comments (clear)

  1. Kernel Security Code by Anonymous Coward · · Score: 5, Funny

    I got a preview of the security Code:

    if (cpu_vendor == intel) {
                        disable_L1_cache();
                        disable_L2_cache();
                        disable_L3_cache();
                        disable_instr_cache();
                        disable_data_cache();
                        disable_branch_prediction();
                        disable_hyperthreading();
                        if (ultra_secure_mode == true) {
                                          for (i=1;i=num_cores-1;i++) {
                                                        disable_core(i);
                                          }
                        }
    }

    one can expect a heavy performance penalty, but the power consumption should go way down, so we have that going for us.

  2. Way to improve CPU security: by Gravis+Zero · · Score: 4, Insightful

    Only buy AMD.

    --
    Anons need not reply. Questions end with a question mark.
  3. Re: Frankenkernel by Zero__Kelvin · · Score: 2

    That's probably why a single kernel doesn't do all this shit. The source is there for all these features, but each kernel is customized with conditional compilation controlled by the .config file at build time.

    --
    Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  4. Re: Frankenkernel by Zero__Kelvin · · Score: 2, Informative

    ... has literally *nothing* to do with the kernel. There is *zero lines* of systemd code in the kernel. You can't even troll competently. Sad ... Bigly sad.

    --
    Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  5. Re:New EROFS by Tailhook · · Score: 2

    It's a read-only file system from Huawei, intended to be an improvement on over existing read-only file systems for Android devices. Yes, this is the same Huawei that makes phone you can't (couldn't, may not be able to in the future...?) take into a US military facility, FWIW.

    --
    Maw! Fire up the karma burner!
  6. Re: Frankenkernel by Zero__Kelvin · · Score: 4, Informative

    That is not correct. The Linux kernel supports over 30 hardware architectures so it is impossible to build it with most options enabled. Furthermore many options are suboptions. With over 1000 choices, many of which are mutually exclusive there is literally no way to build a Linux kernel with "most options enabled." Finally, most drivers are built as modules, which technically aren't "enabled" they way you are using the term unless they are loaded at runtime. Since you never built a kernel from source in your life (or you would know this) it is best to remain silent and be thought the fool you are than to open your mouth and remove all doubt as you have done.

    --
    Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  7. Support for laptops that only have USB-C by cerberusss · · Score: 3, Interesting

    The summary left out a pretty important point from the article, in my opinion:

    The USB Type-C display mode alternate driver was merged to the mainline kernel for stepping up the DP Type-C support, but more work on integrating with the DRM drivers is still being tackled.

    So what this means, is that you have a dongle or monitor cable with USB-C on one end, and DisplayPort on the other end.

    This is important, because I expect to see new laptops coming out, that only have USB-C/Thunderbolt 3. The obvious existing ones are from Apple, but I expect that more laptops will come out with no other ports except USB-C/Thunderbolt 3.

    --
    8 of 13 people found this answer helpful. Did you?
  8. EROFS by azrael29a · · Score: 2

    By looking at the name of EROFS I thought we will finally have a dedicated porn filesystem. So disappointed.

  9. Re:New EROFS by thegarbz · · Score: 2

    Yes, this is the same Huawei that makes phone you can't (couldn't, may not be able to in the future...?) take into a US military facility, FWIW.

    It's worth nothing. Sudden panic banning Chinese equipment without any actionable intelligence is bad enough, but conflating the company with some open source code that has been independently reviewed and mainlined in the kernel is worth even less.

  10. Re:New EROFS by Tailhook · · Score: 2

    Sudden panic banning

    The US congress has been warning US corporations to avoid Huawei and ZTE since 2012. You reveal your own ignorance if you actually believe current events are something sudden or surprising.

    Australia has joined the US in banning Huawei from infrastructure work. They recognize this company is simply a commercial arm of the PLA and are wisely keeping it out of critical infrastructure.

    This is the sort of naiveté people in the US use to have about Russia.

    --
    Maw! Fire up the karma burner!