|Og dreams of kernels||Greg KH||2 years 29 weeks ago|
|Re: Old IPSEC bug||Theo de Raadt||2 years 13 weeks ago|
|Re: Allegations regarding OpenBSD IPSEC||Rod Whitworth||2 years 13 weeks ago|
|Re: Allegations regarding OpenBSD IPSEC||Jason L. Wright||2 years 14 weeks ago|
|Re: Allegations regarding OpenBSD IPSEC||Bob Beck||2 years 14 weeks ago|
|Allegations regarding OpenBSD IPSEC||Theo de Raadt||2 years 14 weeks ago|
Marcelo Tosatti has begun using BitKeeper to keep a hold on the 2.4 tree. You can read the juicy details in the thread here.
I'm out of town again, gone until March 24'th or so. Submitting content would be wonderful - users are able to vote whether or not stories should be published.
One nifty feature was just added to KernelTrap: Private Messages. This allows you to send private messages from one user to another. If you wish to try it, feel free to drop me a note (you must be logged in). You'll know you've got an incoming message from the blinking pencil icon that appears next to the KernelTrap logo.
With the recent zlib bug getting a fair amount of press, I was curious of its potential impact on OpenBSD's security record. Reading through the past couple day's mail, I found I wasn't alone in this curiousity. Todd Miller says, "Actually, I committed a fix for the problem in January. We didn't realize it was a security problem at the time (and neither did the zlib folks)".
Alan Cox released the 2.2.21-rc1 kernel today. Today's patch is the first release candidate that should become 2.2.21-final, barring any unforseen issues. This puts him a little behind his earlier tentative schedule, but we expect to see the final release soon. This patch includes a few minor bug fixes, and the reversal of an earlier fix ("back out problem mce change").
The previous release of this stable 2.2 kernel series was 2.2.20 on November 2nd, 2001. The first release, 2.2.0, was on January 26th, 1999.
Martin J. Bligh posted to LKML about a 23-second linux-kernel compile on a 16-way NUMA cluster with a heavily patched-up kernel. Ingo Molnar's O(1) scheduler was particularly crucial. says Bligh, "Appling Ingo's patch alone took time from 47s to 30s."
Read more for the full post (with information on which patches he used).
Dimitar Peikov recently posted a small tool to the FreeBSD-Hackers mailing list. The tool was intended to help him compare malloc between the FreeBSD and Linux kernels. This particular test was faster on Linux than FreeBSD, and he asked why.
The responses by Matt Dillon and Terry Lambert make for an interesting reading, explaining much of the differences between Linux and FreeBSD VMs.
Linus' earlier decision to test the BitKeeper source management tool with the 2.5 kernel tree has continued to create wakes of dissent. One group went so far as to start a petition against the usage of the tool, saying "We, the undersigned members and officers of the Open Source Club at the Ohio State University, are unhappy with the advocacy of the proprietary BitKeeper software for use in maintaining the Linux kernel." Details on the BitKeeper licenses that so many are opposed to can be found here.
The posting of this petition led to a frenzy of replies, in a thread that continues to grow. Many pointed out that the time spent protesting this tool could be much more productively invested into writing an open source alternative of at least equal caliber. All seem to agree that such an alternative does not currently exist.
Towards the end of the many samples from this thread that follow is a reply from Linus, making it clear that he is content using BK himself, but will in no way force it upon anyone else. In his email, he says, "And I personally refuse to use inferior tools because of ideology. In fact, I will go as far as saying that making excuses for bad tools due to ideology is _stupid_, and people who do that think with their gonads, not their brains".
OpenSSH 3.1p1 was released today, though at the time of this posting the new version has not yet made it to all OpenBSD mirrors.
This release has numerous fixes, including one security fix. According to the advisory, there is an "off-by-one error in the channel code" that affects OpenSSH versions 2.0 through 3.0.2. "This bug can be exploited locally by an authenticated user logging into a vulnerable OpenSSH server or by a malicious SSH server attacking a vulnerable OpenSSH client".
A better explanation of the problem was offered via a FreeBSD Security Advisory:
"OpenSSH multiplexes `channels' over a single TCP connection in order to implement X11, TCP, and agent forwarding. An off-by-one error in the code which manages channels can result in a reference to memory beyond that allocated for channels. A malicious client or server may be able to influence the contents of the memory so referenced."
To fix this bug, either upgrade to the latest 3.1 release or apply this patch to your older version of OpenSSH. The full changelog follows.
Alan has added the O(1) scheduler to his -ac branch of 2.4 kernels, saying of the latest 2.4.19-pre2ac1, "This one is a bit more experimental. I've avoided putting too much in so we can see how the O(1) scheduler pans out".