Sections: Main page Security Kernel Distributions Development Commerce Linux in the news Announcements Back page All in one big page See also: last week's Kernel page. |
Kernel developmentThe current development kernel release is 2.4.0-test4. The -test5 prepatch is in its fifth revision as of this writing. It contains a great many NLS/codepage updates (improving Chinese support among other things), an update to the direct rendering infrastructure driver, a number of ARM architecture tweaks adding support for new systems, an IA-64 update, some md (RAID) updates, a bttv driver update and reorganization, a new SCM Microsystems USB-ATAPI driver, and a tremendous number of little fixes. The current stable kernel release is still 2.2.16. No new 2.2.17 prepatches have come out in the last week - Alan was too busy drinking beer in Ottawa. Alan Cox is pulling out of 2.4 work, at least for now. He apparently just does not have the time to put into it. He made that clear with his posting of the latest 2.4 status page - "Dont mail me updates, find someone else to maintain it." This is a problem. Alan has been a crucial part of the release process for a long time. Somehow he has managed to keep on top of the vast majority of the issues out there. His ability to track problems and to understand what is really important is perhaps unparalleled. His absence is guaranteed to make it harder to put out a stable 2.4 in a short time period. Linus has recognized this problem in his call for a new status list maintainer. In short: it's important. And it's something that Alan did for both 2.0 and 2.2. Nobody can quite live up to "being Alan", but hey, if you don't like long beards you may be just as heppy knowing that. Thankfully, a candidate has actually been crazy enough to step forward and volunteer for this job - it's Ted Ts'o. Ted is an accomplished kernel hacker, but he also has a balanced and calm approach to issues and commands a good deal of respect. This issue was still developing as this page was written, and it was not yet clear that Ted would end up performing this function. But it looks like a good resolution to the problem. Turning disks to bricks with Linux. Andre Hedrick is the maintainer of the Linux IDE/ATA subsystem; as such, he works with a piece of code that is critical to the vast majority of Linux users. He also sits on the ATA standards committee, and understands well the ups and downs of how the protocol works. He recently discovered a significant "down." It seems that there are certain ATA commands that can be sent to a drive which will cause it to destroy itself. Andre posted a thing he called disk-destroyer.c which will use an IDE command to trash the partition table on a disk, thus rendering all data inaccessible. Apparently, however, there are other variants possible which will cause the drive to wipe out its firmware, thus turning it into a true brick. Now, a Linux system is not normally programmed to do such things. But a malicious user program using the ioctl system call is able to bring about this sort of result. Andre saw this as a serious problem, and responded with a major patch to the IDE subsystem; essentially he put in a protocol verification layer which filters out everything that doesn't look like a proper command. The response to the patch was largely negative. Quite a few objections were raised, including:
Let's take a hypothetial example (you judge on just _how_ hypothetical it actually is): imagine that you have a drive that can be made to refuse to read certain removable media based on where the drive was purchased. Imagine that this was actually done in firmware, and that there was a way of overriding it. Imagine further that you moved, and you wanted to make the drive read certain removable media in the new location, using undocumented commands.. Given that the example is in no way hypothetical, this is a point that should be kept in mind. Andre did not, shall we say, take this rejection well. The exchange was long and heated, and is not worth reproducing here. While it is a stretch to say that a consensus was reached, most people seem to have concluded that the drive manufacturers have erred by implementing destructive commands with no sort of protection (a physical jumper, cryptographic verification or both). Andre has now sent a proposed standard change to address the issue. The problem is now back in the court of the drive manufacturers. But then, according to Andre's alleged final post on the issue the standards committee is not particularly concerned by the problem. It may take a "disk2brick" virus to get their attention. A new Linux NFS FAQ is up on nfs.sourceforge.net. It covers a number of issues regarding the current status of Linux NFS. Ironically, it was unavailable for a while due to, well, NFS problems on SourceForge... Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
July 27, 2000
| ||