Linux 6.15 Goes Heavy on Intel and AMD x86_64 CPU Changes
(phoronix.com)
Merged today for the recently-opened Linux 6.15 merge window were all of the "x86/core" changes that are particularly heavy on new feature work for both Intel and AMD x86/x86_64 processors.
Merged today for the recently-opened Linux 6.15 merge window were all of the "x86/core" changes that are particularly heavy on new feature work for both Intel and AMD x86/x86_64 processors.
Google Developing "Live Update Orchestrator" New Means Live Linux Kernel Updates
(phoronix.com)
While there is Kpatch, Ksplice, and other live patching solutions already in use for patching a running Linux kernel for deploying security updates without downtime, Google engineers are developing the Live Update Orchestrator as a new means of transitioning to a new updated kernel with minimal downtime.
While there is Kpatch, Ksplice, and other live patching solutions already in use for patching a running Linux kernel for deploying security updates without downtime, Google engineers are developing the Live Update Orchestrator as a new means of transitioning to a new updated kernel with minimal downtime.
Apple rearranged its XNU kernel with exclaves
(theregister.com)
Apple has been working to harden the XNU kernel that powers its various operating systems, including iOS and macOS, with a feature called "exclaves."
Apple has been working to harden the XNU kernel that powers its various operating systems, including iOS and macOS, with a feature called "exclaves."
Fiwix: Small Unix-Like Kernel
(fiwix.org)
Fiwix is an operating system kernel written from scratch, based on the UNIX architecture and fully focused on being POSIX compatible.
Fiwix is an operating system kernel written from scratch, based on the UNIX architecture and fully focused on being POSIX compatible.
Geico Developing TuxTape – A New Linux Kernel Livepatching Solution
(phoronix.com)
Prominent US insurance company GEICO has been working on TuxTape as a new Linux kernel livepatching toolkit.
Prominent US insurance company GEICO has been working on TuxTape as a new Linux kernel livepatching toolkit.
Resistance to Rust abstractions for DMA mapping
(lwn.net)
While the path toward the ability to write device drivers in Rust has been anything but smooth, steady progress has been made and that goal is close to being achieved — for some types of drivers at least. Device drivers need to be able to set up memory areas for direct memory access (DMA) transfers, though; that means Rust drivers will need a set of abstractions to interface with the kernel's DMA-mapping subsystem.
While the path toward the ability to write device drivers in Rust has been anything but smooth, steady progress has been made and that goal is close to being achieved — for some types of drivers at least. Device drivers need to be able to set up memory areas for direct memory access (DMA) transfers, though; that means Rust drivers will need a set of abstractions to interface with the kernel's DMA-mapping subsystem.
Resistance to Rust abstractions for DMA mapping
(lwn.net)
While the path toward the ability to write device drivers in Rust has been anything but smooth, steady progress has been made and that goal is close to being achieved — for some types of drivers at least. Device drivers need to be able to set up memory areas for direct memory access (DMA) transfers, though; that means Rust drivers will need a set of abstractions to interface with the kernel's DMA-mapping subsystem.
While the path toward the ability to write device drivers in Rust has been anything but smooth, steady progress has been made and that goal is close to being achieved — for some types of drivers at least. Device drivers need to be able to set up memory areas for direct memory access (DMA) transfers, though; that means Rust drivers will need a set of abstractions to interface with the kernel's DMA-mapping subsystem.
Susctl CVE-2024-54507: A particularly 'sus' sysctl in the XNU kernel
(jprx.io)
Every time Apple releases a new version of XNU, I run a custom suite of tests under an address sanitizer to see if I can spot any regressions, or even possibly new bugs.
Every time Apple releases a new version of XNU, I run a custom suite of tests under an address sanitizer to see if I can spot any regressions, or even possibly new bugs.
Why is my CPU usage always 100%?
(downtowndougbrown.com)
If you’re new to this series, I’ve been documenting the process I went through upgrading my old PXA166-based Chumby 8’s 2.6.28 Linux kernel to a modern 6.x version.
If you’re new to this series, I’ve been documenting the process I went through upgrading my old PXA166-based Chumby 8’s 2.6.28 Linux kernel to a modern 6.x version.
Failing Randomly: Linux Seccomp and Kernel Hacking
(mejedi.dev)
Seccomp filters system calls with cBPF code. One can blacklist certain system call numbers or even make a decision based on call arguments. Both Docker and Chromium use seccomp to protect host from malicious or misbehaving programs.
Seccomp filters system calls with cBPF code. One can blacklist certain system call numbers or even make a decision based on call arguments. Both Docker and Chromium use seccomp to protect host from malicious or misbehaving programs.
Linux 6.13 Staging Clears 107k Lines of Code from Old and Unmaintained Drivers
(phoronix.com)
Just a quick reminder this "Black Friday" if you would like to help show your support.
Just a quick reminder this "Black Friday" if you would like to help show your support.
The Case for a High-Level Kernel-Bypass I/O Abstraction
(irenezhang.net)
After chatting with people at HotOS, I was inspired to write this blog post summarizing my HotOS paper. At a high-level, the HotOS paper advocates for a new high-level I/O abstraction for kernel-bypass.
After chatting with people at HotOS, I was inspired to write this blog post summarizing my HotOS paper. At a high-level, the HotOS paper advocates for a new high-level I/O abstraction for kernel-bypass.
How to build a custom kernel for WSL in 2025
(boxofcables.dev)
Thanks to the WSL System Distro, we no longer need distro-specific instructions to build a WSL custom kernel.
Thanks to the WSL System Distro, we no longer need distro-specific instructions to build a WSL custom kernel.
Linux Kernel 6.12 Has Landed – and It's a Big One
(omgubuntu.co.uk)
Linus Torvalds has announced the release of Linux kernel 6.12, and an eclectic assortment of changes contained within make it one of the most biggest kernel releases for a while.
Linus Torvalds has announced the release of Linux kernel 6.12, and an eclectic assortment of changes contained within make it one of the most biggest kernel releases for a while.
Linux Fixes Hosts Randomly Rebooting During Virtualization with Ryzen 7000/8000
(phoronix.com)
Ahead of the Linux 6.12 kernel release expected today there is a last minute "x86/urgent" pull request.
Ahead of the Linux 6.12 kernel release expected today there is a last minute "x86/urgent" pull request.
Linux 6.12 Released with Real-Time Capabilities, Sched_Ext, AMD RDNA4 and More
(phoronix.com)
As expected, minutes ago Linus Torvalds just released the Linux 6.12 kernel as stable. Linux 6.12 brings many new features, new hardware support, and is rounded out by the fact of expected to become this year's Long Term Support (LTS) kernel version.
As expected, minutes ago Linus Torvalds just released the Linux 6.12 kernel as stable. Linux 6.12 brings many new features, new hardware support, and is rounded out by the fact of expected to become this year's Long Term Support (LTS) kernel version.
An attempt to backdoor the kernel (2003)
(lwn.net)
Someone recently made an attempt to add a local root backdoor to the Linux kernel, by making a checkin to the subsidiary CVS repository under someone else's name. Fortunately, the master repository is on Linus' computer, behind a firewall, and the automated tracking of BitKeeper, the source control system, caught the illegal change.
Someone recently made an attempt to add a local root backdoor to the Linux kernel, by making a checkin to the subsidiary CVS repository under someone else's name. Fortunately, the master repository is on Linus' computer, behind a firewall, and the automated tracking of BitKeeper, the source control system, caught the illegal change.
Intel Spots 3888.9% Performance Improvement in Linux Kernel from 1 Line of Code
(phoronix.com)
Intel's Linux kernel test robot has reported a 3888.9% performance improvement in the mainline Linux kernel as of this past week.
Intel's Linux kernel test robot has reported a 3888.9% performance improvement in the mainline Linux kernel as of this past week.
Intel Spots a 3888% Performance Improvement in the Linux Kernel
(phoronix.com)
Intel's Linux kernel test robot has reported a 3888.9% performance improvement in the mainline Linux kernel as of this past week.
Intel's Linux kernel test robot has reported a 3888.9% performance improvement in the mainline Linux kernel as of this past week.
x86 Early Kernel Boot Process with Microcode, ACPI Overrides, and Initrd
(labcsmart.com)
In this third installment of our x86 Platforms series, following Part 2: UEFI Bootloader Management and Integration with Yocto, we’re going to explore the early kernel boot process in more depth. Specifically, we’ll cover how x86 systems handle microcode updates, ACPI table overrides, and the initrd (initial RAM disk). These elements are critical for configuring the CPU, hardware, and the system during the boot process.
In this third installment of our x86 Platforms series, following Part 2: UEFI Bootloader Management and Integration with Yocto, we’re going to explore the early kernel boot process in more depth. Specifically, we’ll cover how x86 systems handle microcode updates, ACPI table overrides, and the initrd (initial RAM disk). These elements are critical for configuring the CPU, hardware, and the system during the boot process.
SELinux bypasses
(klecko.github.io)
This post aims at giving an overview of what SELinux is, how it is implemented, and how to bypass it, from the point of view of Android kernel exploitation.
This post aims at giving an overview of what SELinux is, how it is implemented, and how to bypass it, from the point of view of Android kernel exploitation.
A deep dive into Linux's new mseal syscall
(trailofbits.com)
If you love exploit mitigations, you may have heard of a new system call named mseal landing into the Linux kernel’s 6.10 release, providing a protection called “memory sealing.” Beyond notes from the authors, very little information about this mitigation exists. In this blog post, we’ll explain what this syscall is, including how it’s different from prior memory protection schemes and how it works in the kernel to protect virtual memory.
If you love exploit mitigations, you may have heard of a new system call named mseal landing into the Linux kernel’s 6.10 release, providing a protection called “memory sealing.” Beyond notes from the authors, very little information about this mitigation exists. In this blog post, we’ll explain what this syscall is, including how it’s different from prior memory protection schemes and how it works in the kernel to protect virtual memory.
ReiserFS File-System Expected to Be Removed with Linux 6.13
(phoronix.com)
With ReiserFS having been deprecated for two years with plans to remove it in 2025, the upcoming Linux 6.13 cycle for what will be the first major kernel release of the new year and past the Linux 6.12 LTS kernel is expected to do just that... ReiserFS is set to be stripped from the mainline kernel codebase.
With ReiserFS having been deprecated for two years with plans to remove it in 2025, the upcoming Linux 6.13 cycle for what will be the first major kernel release of the new year and past the Linux 6.12 LTS kernel is expected to do just that... ReiserFS is set to be stripped from the mainline kernel codebase.
The Case for a High-Level Kernel-Bypass I/O Abstraction
(irenezhang.net)
After chatting with people at HotOS, I was inspired to write this blog post summarizing my HotOS paper. At a high-level, the HotOS paper advocates for a new high-level I/O abstraction for kernel-bypass.
After chatting with people at HotOS, I was inspired to write this blog post summarizing my HotOS paper. At a high-level, the HotOS paper advocates for a new high-level I/O abstraction for kernel-bypass.
Real-Time "Preempt_rt" Support Merged for Linux 6.12
(phoronix.com)
After many years in the making, it finally was merged overnight... The real-time "PREEMPT_RT" kernel support was merged a few hours ago into Linux Git for this year's Linux 6.12 kernel!
After many years in the making, it finally was merged overnight... The real-time "PREEMPT_RT" kernel support was merged a few hours ago into Linux Git for this year's Linux 6.12 kernel!
Real-time Linux is officially part of the kernel
(arstechnica.com)
As is so often the case, a notable change in an upcoming Linux kernel is both historic and no big deal.
As is so often the case, a notable change in an upcoming Linux kernel is both historic and no big deal.
CrowdStrike outage leads Microsoft plan security capabilities outside of kernel
(scmagazine.com)
In light of the CrowdStrike outage incident in July, Microsoft is planning to develop more options for security solutions to operate outside of kernel mode, according to a post on the Windows Experience Blog published Thursday.
In light of the CrowdStrike outage incident in July, Microsoft is planning to develop more options for security solutions to operate outside of kernel mode, according to a post on the Windows Experience Blog published Thursday.