Interesting post from @vegard about backdooring linux kernel in a sneaky way by abusing the build process, and about potential mitigations. I do agree that that the fundamental issues are quite tricky to solve. https://www.openwall.com/lists/oss-security/2024/04/17/3 #infosec #cybersecurity

Daylight savings time defeats Vorsprung durch Technik

Linux is now a CNA: http://www.kroah.com/log/blog/2024/02/13/linux-is-a-cna/

This has taken a long time, I'd like to thank all the groups that helped, and especially the CVE group themselves. Our application was a bit different than other groups, but they understood that this is important for security overall.

Snow play

The I in LLM stands for intelligence

https://daniel.haxx.se/blog/2024/01/02/the-i-in-llm-stands-for-intelligence/

Basil pesto makes for a pretty good compression algorithm.

Squash, Coding, & Robotics Camp?! I wonder if I could have claimed a continuing education expense with the employer 😁

https://www.hisawyer.com/marketplace/activity-set/474691

Do we still say WYSIWYG, or am I just paranoid I'll date myself using it around the kids?

Arrays in bash are the same "turn around now" warning that objects were in Perl.

From my first programming book, Learning Commodore 64 BASIC. More like 34 years later and I still have fun throwing my (or Kilroy's) name up on the screen.

https://archive.org/details/LearningCommodore64Basic

Hmm, GitLab offers some interesting emoji suggestions to spice up a merge request. Can it sort by controversial 🔥 ?

TIL: gcc’s -H flag to untangle header files

While backporting upstream patches to an older distro kernel:

  f6ac18fafcf6 sched: Improve try_invoke_on_locked_down_task()
  9b3c4ab3045e sched,rcu: Rework try_invoke_on_locked_down_task()
  00619f7c650e sched,livepatch: Use task_call_func()
  8850cb663b5c sched: Simplify wake_up_*idle*()
  5de62ea84abd sched,livepatch: Use wake_up_if_idle()

I ran into compilation error:

  kernel/livepatch/transition.c:434:33: error: implicit declaration of function ‘wake_up_if_idle’

A closer look at the upstream commits shows (“sched,livepatch: Use task_call_func()”) removed “../sched/sched.h” from kernel/livepatch/transition.c. wake_up_if_idle() is defined in include/linux/sched/idle.h so there is probably a connection – but how does this even build upstream and how to untangle the rat’s nest of kernel includes?

Enter gcc and the -H flag.

I rebuilt the upstream kernel kernel/livepatch/transition.o with V=1 and snarfed its gcc compilation line. Pasted into the terminal, added -H, and gcc generates a long header file stack. The header of interest was six includes deep:

  . ./include/linux/cpu.h
  .. ./include/linux/node.h
  ... ./include/linux/device.h
  .... ./include/linux/energy_model.h
  ..... ./include/linux/sched/topology.h
  ...... ./include/linux/sched/idle.h

Moving back to my distro kernel, its device.h did not include energy_model.h (introduced upstream by 1bc138c62295 (“PM / EM: add support for other devices than CPUs in Energy Model”).

Mystery solved and a new trick to remember for a future problem.

A brisk disc session between meetings.

Had to verify. And yes. Kernighan and Ritchie really did this. TIL :)

Obligatory #introduction: linux kernel livepatch for Red Hat kpatch by day, squash player and Philly sports fan by night. Reverb > distortion, pilsner > IPA, and other opinions.