Just like I did for 6.10, I wrote up a "what's new with io_uring" but for the 6.11/12 kernels. 6.11 wasn't super exciting in terms of features, so bundled these into a single page.

https://github.com/axboe/liburing/wiki/What's-new-with-io_uring-in-6.11-12

Tomorrow I'll be hosting a Linux Security Modules (LSM) BoF at LPC. If you have any LSM questions or a related topic to discuss, please join us!

https://lpc.events/event/18/contributions/1890/

#lpc #linux #lsm

Great write-up by @psychomario on a root privilege escalation toolchain which leverages DBus, CUPS, and WPA on Ubuntu: https://snyk.io/blog/abusing-ubuntu-root-privilege-escalation/

Please help us test OpenSSH ahead of the 9.9 release, due in a few weeks.

New features include a new post-quantum key exchange based on ML-KEM, improved controls to disallow unwanted connections and better performance for the existing PQ key exchange.

Full details at: https://marc.info/?l=openssh-unix-dev&m=172638834815257&w=2

Having worked on the kernel for decades, and imposing a lot of the same code/git hygiene for liburing, there can be a disconnect for contributors on what is expected of a commit and commit message, and what series of commits should look like. I attempted to provide a basic guideline here:

https://github.com/axboe/liburing/blob/master/CONTRIBUTING.md

and would appreciate feedback from folks on what I missed, what isn't clear, etc.

Gonna be giving a talk "SLUB Internals for Exploit Developers" at @LinuxSecSummit next week.

Plan to cover the basics one needs to know before writing exploits for slab bugs; slides coming along 😁

Also gonna stay around for @linuxplumbersconf.

https://lsseu2024.sched.com/event/1ebVN

the debugging manifesto poster I've been talking about is finally available for sale! You can get it here for $20 US + shipping: https://store.wizardzines.com/products/poster-debugging-manifesto

it was redesigned and riso printed by Inner Loop Press and I'm SO delighted with how it turned out (https://www.innerloop.press/)

BBC Model Linear B

Shameless begpost:

Since a couple people have offered, I wonder if I might not be out of line to try my luck openly.

So here’s the story. I’m poor. What money I earn generally goes back into making stuff. That’s fine. It makes me happy and keeps me busy. But it does mean that I face certain challenges, specifically with the cost of test equipment, which is pure capitalist insanity.

My multimeter is absolute dreck. My oscilloscope is of very limited use being an El Cheapo model. I need better gear, and can’t afford it. I have been getting a lot of mileage out of crap gear, but there is a limit to what can be done.

So if you have test equipment gathering dust, like a bench meter, oscilloscope, logic probe, bench power supply, that sort of thing, I would be very happy and grateful to adopt it. Your basic test equipment you’d expect to use if you were designing a computer from scratch. I don’t need fancy, but nearly anything is better than what I have. Don’t deprive yourself on my account though - I’m soliciting specifically stuff that is going unused.

And if not, no worries.

Just published the #ASG2024 schedule! Lots of good stuff, and at least one terrible talk that nobody should attend.

Early bird tickets are also still available - but not for long - go grab them while they last!

https://all-systems-go.io/

It's been a while since the last one, but here is the fourth #Landlock newsletter: https://lore.kernel.org/landlock/20240716.yui4Iezai8ae@digikod.net/
Moar sandboxing! 🥳

Another relatively small update, but here are the LSM, SELinux, and audit* highlights from the Linux v6.11 merge window.

https://paul-moore.com/blog/d/2024/07/linux_v611_merge_window.html

#lsm #selinux #audit

There are three hard things in computer science: cache invalidation, naming things, and getting your video game character onto a ladder.