📣 Attention all change-makers! Join our mission to protect online privacy and freedom by applying for one of our exciting open positions. You will contribute to a meaningful cause while growing professionally in a supportive and collaborative environment. 🚀💪 Don't miss out - apply now and be a part of something bigger than yourself! https://www.torproject.org/about/jobs/

@troglobit @kernellogger @torvalds I mean if you consider either POSIX capabilities and Yama both of them are only part of the "stacking problem" (two containers with different LSMs) only for the reason that they are implemented as LSM. Scaling down a problem to make it more manageable is usually the first step to more sane and healthy situation, right? :-)

@troglobit @torvalds @kernellogger IMHO, the first thing that should be done would be to detach all the code out of LSM framework that is not an optional security module. That would bring some clarity on its purpose because then it would be more logically constrained entity.

Even if that causes a few additional calls around the hooks call site, it removes abstraction shenanigans and other unnecessary boilerplate code, and thus makes reading and debugging kernel code overall more pleasing experience.

E.g. documentation [1] states that "the Linux capabilities modules will always be included" but really does not gives existential reason for abstracting it that way. Maybe there are legit reasons for doing that but they are undocumented and I get a feeling that i'm in a spaceship with a bunch of architecture astronauts :-) [2]

[1] https://www.kernel.org/doc/html/latest/admin-guide/LSM/index.html
[2] https://www.joelonsoftware.com/2001/04/21/dont-let-architecture-astronauts-scare-you/

@kernellogger @torvalds

I’ve understood by reading LKML and LWN that the problem that nested LSM’s is trying can be described as follows:

1. Host is using LSM A.
2. Container is using LSM B.

Given that the most of the popular LSM’s are made for the sake of SELinux being too tedious to configure I’ve sometimes wondered why they could not just convert their policy to SELinux policy, and not be kernel features in the first place 🤷

That said, LSM’s are not my area really, and could easily overlook some aspects that might make them useful as kernel features.

@kernellogger @torvalds Yama actually demonstrated the general problem in any possible framework: they can make blind on considering what the feature actually is and even "right feature" might go to a "wrong socket".

@kernellogger @torvalds Yama at least could just as well be config flag-enabled feature. It gains nothing for being an LSM but is useful security feature for most. Not really going to solve any of this but it is always good to start with the low-hanging fruit :-) Even if nested LSM's was beloved by everyone it still would not make sense as an LSM, and never has. Yama really should have been "CONFIG_PTRACE_RESTRICT_SCOPE" or similar and just a flagged feature with no connection to LSM's.

@troglobit Agree! I'll check that one out thank you :-)

From @torvalds on #LKML:

Hardcoded security module suggestion - stop the stacking insanity

https://lore.kernel.org/all/CAHk-%3Dwh%2B_xXpnHfUv%3DFwGWcce4XwqwKvtq7LcxK6WKmbf4eGGA@mail.gmail.com/

"'[…]this whole "nested LSM" stuff as a design goal just needs to be all rolled back, and the new design target is "one LSM, enabled statically at build time, without the need for indirect calls."

Because we're now in the situation where the security hooks are actually a source of not just horrible performance issues, but also actual insecurity[…]"'

#Linux #kernel #LinuxKernel

Mitigations for the "native BHI(Branch History Injection)"[1] hardware vulnerability have just been merged into #Linux mainline: https://git.kernel.org/torvalds/c/2bb69f5fc72183e1c62547d900f560d0e9334925

"'BHI attacks may allow a malicious application to influence indirect branch prediction in kernel by poisoning the branch history. […]"

[1] for details, see https://www.vusec.net/projects/native-bhi/

I hate soldering but still would be sometimes nice to have a soldering station at home. What would be a good choice in let's say in less than 500 euros price range? Should also do desoldering (that is my most common use case: desolder old part and solder new part).

Do not need anything too high end, as long as the durability and overall quality are acceptable...

Edit: actually it costed bit less than 60 euros with a discount. The list price is 70 euros:
https://www.amazon.de/dp/B0CSD529PW?psc=1&ref=ppx_yo2ov_dt_b_product_details

The USB HAT with UART-micro-USB bridge I got is https://www.amazon.de/dp/B072Q5S1XH?psc=1&ref=ppx_yo2ov_dt_b_product_details. I ordered couple of these (other for raspberry pi 400).

huge workflow improvements with less than 100 EUR investment :-)

#storj way of billing cloud works for me as my main archive is in local NAS and the amount of stuff in the cloud storage is variable. The first cost me $1.50. also support for S3 API is great thing and makes moving files between cloud, NAS etc. a breeze, when using something like rclone. Totally made sense to migrate from Dropbox...

@briankrebs in practice he can move within the whole EU region freely as long as he does not use a plane.

According to the news, he has to report to the police every other day, and is only allowed to move in a restricted area in the city of Espoo. So if he wants to escape, he has 48h of time window to do that, no idea if he is under surveillance or not.

A Finnish court has decided to let alleged mass extortionist Julius "Zeekill" Kivimaki free pending the rest of his trial, without even an ankle bracelet. This is a guy who was hiding in France under an assumed name and passport when police arrested him and sent him back to Finland to face charges that he extorted thousands of patients of the Vastaamo psych practice in 2020.

https://www.hs.fi/kotimaa/art-2000010206299.html

"The processing of the data breach and blackmail case is scheduled to continue on Wednesday at 9 o'clock.

"The trial will continue, even if he doesn't show up," Vainio formulates Kivimäki's arrival for the upcoming hearings."

They've taken away his passport, but it's not hard to walk out of Finland. Hope they're following him around wherever he goes.

https://krebsonsecurity.com/2023/11/alleged-extortioner-of-psychotherapy-patients-faces-trial/

Overall I think VisionFive2 is overall better board than e.g. BeagleV for kernel development tasks because:

• 2/3 of price
• twice more memory at least in the 8GB version
• Hat that can supply power and UART through micro-USB is about half price of comparable mikrobus and the overall setup is more compact in price.

I had no idea how the CPU’s compare but for my tasks I neither care :-) I guess they help each other to mature in Linux kernel because the hardware platform are from the same family (jh7100 for beaglev and jh7110 for visionfive2). For some other task, e.g. building something around the SBC, the evalution might different.

I came to these conclusions based on working with VisionFive2 and I do not have BeagleV at my hands so that my cause some dilation but at least this board feels like better bang for the buck.

Still would love to get my hands on BeagleV too and get more familiar with it, and yeah, competition is a great thing, and can’t wait for more Beagleboard RISC-V products.

#riscv #visionfive2 #beaglev #beagleboard #raspberrypi #mikrobus

The only wiring I have in it for serial TTY access:

Super-nice additional benefit of this shield: one cable less. Before I needed power cable and USB-TTL for TTY. Now only by connecting micro-USB to the shield it draws the power and provides serial access.

The screenshot has unmodified #BuildRoot master branch version built with visionfive2_defconfig. Seems to be much more stable than lean, at least for the kernel development, than the official SDK, which is quite scary looking construction tbh :-)

Also got this display, right now it is connected to a 7th gen NUC that use to test all x86 patches (because it has full sgx2 support). Display cost less than 50 euros and it is super handy for kernel testing.

oops, wrong way around, never installed these before 🤷

@duxsco ok cool thanks! :-)