Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux 4.19 Preparing Better CPU Security Mitigations, New EROFS File-System (phoronix.com)

Posted by msmash on from the for-the-record dept.

An anonymous reader writes: Linus Torvalds released on Sunday Linux 4.19-rc1 that he describes as a "fairly frustrating merge window" following the new features landing over the past two weeks. What does this "pretty big release" offer? Phoronix's Linux 4.19 feature overview sheds light on more Spectre CPU mitigations for x86/POWER/s390, the new EROFS read-only Android file-system, a Raspberry Pi voltage driver, ThinkPad calculator key support, an in-kernel GPS subsystem, the Google GASKET driver framework, virtual kernel mode-setting, Qualcomm Adreno 600 series support, and many other improvements.

4 of 88 comments (clear)

  1. Kernel Security Code by Anonymous Coward · · Score: 5, Funny

    I got a preview of the security Code:

    if (cpu_vendor == intel) {
                        disable_L1_cache();
                        disable_L2_cache();
                        disable_L3_cache();
                        disable_instr_cache();
                        disable_data_cache();
                        disable_branch_prediction();
                        disable_hyperthreading();
                        if (ultra_secure_mode == true) {
                                          for (i=1;i=num_cores-1;i++) {
                                                        disable_core(i);
                                          }
                        }
    }

    one can expect a heavy performance penalty, but the power consumption should go way down, so we have that going for us.

  2. Way to improve CPU security: by Gravis+Zero · · Score: 4, Insightful

    Only buy AMD.

    --
    Anons need not reply. Questions end with a question mark.
  3. Re: Frankenkernel by Zero__Kelvin · · Score: 4, Informative

    That is not correct. The Linux kernel supports over 30 hardware architectures so it is impossible to build it with most options enabled. Furthermore many options are suboptions. With over 1000 choices, many of which are mutually exclusive there is literally no way to build a Linux kernel with "most options enabled." Finally, most drivers are built as modules, which technically aren't "enabled" they way you are using the term unless they are loaded at runtime. Since you never built a kernel from source in your life (or you would know this) it is best to remain silent and be thought the fool you are than to open your mouth and remove all doubt as you have done.

    --
    Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  4. Support for laptops that only have USB-C by cerberusss · · Score: 3, Interesting

    The summary left out a pretty important point from the article, in my opinion:

    The USB Type-C display mode alternate driver was merged to the mainline kernel for stepping up the DP Type-C support, but more work on integrating with the DRM drivers is still being tackled.

    So what this means, is that you have a dongle or monitor cable with USB-C on one end, and DisplayPort on the other end.

    This is important, because I expect to see new laptops coming out, that only have USB-C/Thunderbolt 3. The obvious existing ones are from Apple, but I expect that more laptops will come out with no other ports except USB-C/Thunderbolt 3.

    --
    8 of 13 people found this answer helpful. Did you?