Interesting post from @vegard about backdooring linux kernel in a sneaky way by abusing the build process, and about potential mitigations. I do agree that that the fundamental issues are quite tricky to solve. https://www.openwall.com/lists/oss-security/2024/04/17/3 #infosec #cybersecurity

Daylight savings time defeats Vorsprung durch Technik

Linux is now a CNA: http://www.kroah.com/log/blog/2024/02/13/linux-is-a-cna/

This has taken a long time, I'd like to thank all the groups that helped, and especially the CVE group themselves. Our application was a bit different than other groups, but they understood that this is important for security overall.

Snow play

The I in LLM stands for intelligence

https://daniel.haxx.se/blog/2024/01/02/the-i-in-llm-stands-for-intelligence/

Basil pesto makes for a pretty good compression algorithm.

Squash, Coding, & Robotics Camp?! I wonder if I could have claimed a continuing education expense with the employer 😁

https://www.hisawyer.com/marketplace/activity-set/474691

Do we still say WYSIWYG, or am I just paranoid I'll date myself using it around the kids?

Arrays in bash are the same "turn around now" warning that objects were in Perl.

From my first programming book, Learning Commodore 64 BASIC. More like 34 years later and I still have fun throwing my (or Kilroy's) name up on the screen.

https://archive.org/details/LearningCommodore64Basic

@mpdesouza gentle ping noted 😄

@rostedt yes, it feels like a multi decade Linux desktop problem, doesn't it?

@monsieuricon : Makeup and Vanity Set, specifically the 88:88 soundtrack

@nathanchance would be surprising if they had the new version, given it was apparently just released?

Hmm, GitLab offers some interesting emoji suggestions to spice up a merge request. Can it sort by controversial 🔥 ?

@mpdesouza cool, thanks for taking a look. Feel free to ask any questions about the concept or the repo. I don't normally organize patchsets in this fashion, but it's been a lot of work to build and test for so many arches. (Also the kernel selftest infra is not really designed to verify build failures.).

@mpdesouza Hi, yea that v7 is in progress for a while. If you are working on selftest reorg, don't hesitate to post your work first. The klp-convert patchset isn't in any hurry and I can rebase accordingly.

TIL: gcc’s -H flag to untangle header files

While backporting upstream patches to an older distro kernel:

  f6ac18fafcf6 sched: Improve try_invoke_on_locked_down_task()
  9b3c4ab3045e sched,rcu: Rework try_invoke_on_locked_down_task()
  00619f7c650e sched,livepatch: Use task_call_func()
  8850cb663b5c sched: Simplify wake_up_*idle*()
  5de62ea84abd sched,livepatch: Use wake_up_if_idle()

I ran into compilation error:

  kernel/livepatch/transition.c:434:33: error: implicit declaration of function ‘wake_up_if_idle’

A closer look at the upstream commits shows (“sched,livepatch: Use task_call_func()”) removed “../sched/sched.h” from kernel/livepatch/transition.c. wake_up_if_idle() is defined in include/linux/sched/idle.h so there is probably a connection – but how does this even build upstream and how to untangle the rat’s nest of kernel includes?

Enter gcc and the -H flag.

I rebuilt the upstream kernel kernel/livepatch/transition.o with V=1 and snarfed its gcc compilation line. Pasted into the terminal, added -H, and gcc generates a long header file stack. The header of interest was six includes deep:

  . ./include/linux/cpu.h
  .. ./include/linux/node.h
  ... ./include/linux/device.h
  .... ./include/linux/energy_model.h
  ..... ./include/linux/sched/topology.h
  ...... ./include/linux/sched/idle.h

Moving back to my distro kernel, its device.h did not include energy_model.h (introduced upstream by 1bc138c62295 (“PM / EM: add support for other devices than CPUs in Energy Model”).

Mystery solved and a new trick to remember for a future problem.

@rostedt the emacs pedal would would look something like