More stable kernels with partial Dirty Frag fixes

https://lwn.net/Articles/1071483/ #LWN #Linux #kernel

"If Linux can be maintained by sending patches to an email mailing list, 'doesn’t work at scale' arguments are skill issues."
https://dbushell.com/2026/04/29/github-is-sinking/

Typical ML argument: "If I can read something legally, why can't I train an LLM on it?"

Humans are capable of reading things and later writing a similar thing that is still a copyright violation. If I go and write a book that follows the plot line of Star Wars, that's still a copyright violation, even if no text is literally the same. If I play the melody to a song on my piano and release it without the appropriate mechanical cover license, that's also a copyright violation.

The reason this does not happen often is that, as humans, we are aware that that's plagiarism and there are rules. Sometimes it happens by accident, and people still get sued and lose.

LLMs have no such awareness and routinely output things which are blatant copyright violations when appropriately prompted. That means the model weights encode that work, and therefore, are themselves a derivative work.

Your brain encodes a massive amount of copyrighted information. You are not a walking copyright violation because humans aren't data, can't be copied and distributed en masse, have human rights, etc. This is why "mind reading machines" are a classic dystopian plot point (monetizing your thoughts etc).

An LLM is not a human, does not have human rights, nor human privileges. It is data, and if it encodes copyrighted information, that's a derivative work. If you aren't following the license of the training data, that's a copyright violation.

@joshbressers I will quote this in many presentations in the future because it is so true:

"The Kernel assigns lots of CVEs. They say it’s because they don’t really know how the Kernel is being used, so they err on the side of caution. Companies hate this because they have to deal with a lot of CVEs. Does the Kernel do this because it’s easier or do they have some sort of secret nefarious reason? Probably because it’s just easier and they have zero downside to disclosing and moving on. "

RE: https://infosec.exchange/@joshbressers/116507930206819253

A lot of people are apparently happily running a script clearly marked as a root exploit from some random website using curl | bash

Some do inspect the script, but then still run it using curl | bash anyway.

Incidentally, this very relevant blogpost about detecting curl | bash and serving different scripts based on that is almost exactly a decade old:
https://web.archive.org/web/20230318063325/https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/

#CopyFail #InfoSec

Once again, my professional recommendation in response to the latest Linux kernel vulnerability in the news is that you should gather up all your electronic devices, cast them into the sea, and retreat to the woods.

Each night, gather your children and tell them tales of the Before Times when the hubris of humanity grew so large that we made idols of sand and spoke to them as equals. Remind them that the sand, of course, did not speak or think, but we imagined it could, and let it guide us to folly.

Should a stranger ever come to your village with a glowing rectangle, encourage the youth to beat them with sticks.

#infosec

My build system right now, as it's one of "those" mornings....

I was explaining how we built #bluefin with buildstream and bootc to a coworker and he goes.

"So you made Gentoo but cloud native."

And now I am never going to shut about it lol.

As people keep guessing what/who `gkh_clanker_t1000` is: https://lore.kernel.org/r/20260424054143.087847e1617a84df8b501313@linux-foundation.org

here it is after I cleaned up some of the horrid cable mess that had grown up around it.

We now require proof of work before you can submit a #curl security report.

Like mowing @bagder 's lawn or washing his car.😌

After 25+ years of kernel development, I was finally forced to touch `mm/` and it was due to a nommu "issue":
https://lore.kernel.org/lkml/2026042334-acutely-unadorned-e05c@gregkh/

As @axboe said the other day, we aren't expecting a box of chocolates:

https://lore.kernel.org/r/2f2c91cb-f20e-44eb-8ba3-2d5b3d649642@kernel.dk

but these past weeks have made me feel like someone owes a few of us kernel developers a bunch of whisky at the very least...

After totally messing up my gdm configuration by foolishly using `gdm-settings` (I didn't want the machine to suspend at the login screen for obvious reasons that doesn't play well with logging into it from other boxes), causing it to not properly even show a login screen, I've reverted back to running plasma and realizing it's been a long time since I last ran KDE and how nice it's gotten since then.

So, until I figure out how to wipe all gdm settings from the system (hint, I tried the "reset" option on gdm-settings and to blow away all dconf files that i could find on the disk, but odds are I missed something), I guess I'm now a KDE user until I move to a new system...

The #Linux 6.19.y series is now end of life:

""This is the LAST 6.19.y kernel to be released, this branch is now end-of-life. Please move to the 7.0.y kernel branch at this point in time.""

https://lore.kernel.org/all/2026042220-coastline-flirt-ad3c@gregkh/

http://git.kernel.org/pub/scm/docs/kernel/website.git/commit/?id=0287316cba72ac42454cb5befd7528bde4886d28

#LinuxKernel #kernel

"During one of my presentations at Open Source Summit Japan🇯🇵 the past year, I talked about a bug I found while addressing -Wflex-array-member-not-at-end issues in the Linux kernel. [...]

[...] not-at-end FAMs are a compiler extension that may cause undefined behavior, and compilers don't handle the sizes of objects containing them consistently. For this reason, they are now deprecated..[...]"🐧

https://embeddedor.com/blog/2026/04/18/wflex-array-member-not-at-end-and-a-misalignment-bug-in-the-linux-kernel/ 🐧

#Linux

We get randomest crap.

Dear semi-lazyweb,

Given a git diff of a C/Rust codebase, how to best determine which functions/defines have been modified between the two versions? Yes, the diff itself sometimes gives hints as to what has changed, but it's not always correct. Think about when it modifies the start of a function, but the diffstat "name" shows the previous function, a correct marking, but not what is needed.

Is the correct answer really going to be "compile the two versions and compare the AST" or something like that? No "diff library" somewhere that "knows" how to parse C (and Rust) that can do this in a faster way? Surely I'm missing something obvious here...

There is virtually **no** AI slop security reports anymore submitted about #curl. They don't seem to happen any longer.

Almost everyone still uses AI though.

1. GenAI is probably going to impact us but how? Nobody knows.
2. The worst thing about GenAI isn't the technology, it's the shitty people: https://karlbode.com/the-problem-with-ai-is-shitty-human-beings [<must-read]
3. We can’t have a grown-up conversation on the subject because the trillion-dollar bet’s fear+greed pressure crowds out truth.
4. When the bubble pops, the shitty people will melt away. Then we can maybe figure it out.
5. We so *SO* need that bubble to pop. Next week would be ideal.

#GenAI

you ever write code so inefficient they have to update the whole power grid

„By Wednesday morning, Anthropic representatives had used a copyright takedown request to force the removal of more than 8,000 copies and adaptations of the raw Claude Code instructions—known as source code—that developers had shared on programming platform GitHub.“

Because if there’s one thing GenAI companies absolutely don’t take lightly, it’s copyright.

https://www.wsj.com/tech/ai/anthropic-races-to-contain-leak-of-code-behind-claude-ai-agent-4bc5acc7