Chinaunix首页 | 论坛 | 博客
  • 博客访问: 565499
  • 博文数量: 197
  • 博客积分: 7001
  • 博客等级: 大校
  • 技术积分: 2155
  • 用 户 组: 普通用户
  • 注册时间: 2005-02-24 00:29












2012-01-19 19:58:48


A new library libkmod and set of tools (kmod-*) for handling kernel modules has been . The idea is to give early boot tools, installers, udev, and others an easy way to query and control kernel modules via a library, rather than using modprobe.



verifying the integrity of pull requests sent to Linus.use git to create a signed tag, which stores the signature in the repository itself. In the future, that may become the accepted way to get code into the mainline.


3Some numbers from the 3.2 development cycle


Paul Gortmaker split the EXPORT_SYMBOL* macros into ; after that, many files no longer needed to include . The real advantage of that kind of work, beyond minimizing the interactions between various parts of the kernel, is that it makes the kernel compilation process faster.


4 (重要)

整合ARM的各种clock实现。Typically those clocks are hooked together into elaborate tree-like structures. In those trees, child clocks can sometimes only change their frequency if the parent (and any other children) are correspondingly changed; disabling certain clocks will affect other clocks in the system and so on.



In summary: if all goes well, the 3.3 kernel should see the delta between Android kernels and the mainline go down considerably. That should make life easier for developers and for vendors wanting to provide Android-compatible hardware.



Vincent Bernat has posted a lengthy description of how the IPv4 routing cache works and how to tune it for best results.





The basic problem is a time-to-check-to-time-of-use (TOCTTOU) flaw. Buggy applications will look for the existence and/or characteristics of temporary files before opening them. An attacker can exploit the flaw by changing the file (often by making a symlink) in between the check and the open(). If the program with the flaw has elevated privileges (e.g. setuid), and the attacker replaces the file with a symlink to a system file, serious problems can result.

The bug generally happens in shared, world-writable directories that have the "sticky" bit set (like /tmp). The sticky bit on a directory is set to prevent users from deleting other users' files. So, the fix restricts the ability to follow symlinks in sticky directories. In particular, a symlink is only followed if it is owned by the follower or if the directory and symlink have the same owner. That solves much of the symlink race problem without breaking any known applications.

目前,补丁只存在于LSM,但是有希望进入VFS core code


另外hard link patch would disallow the creation of hard links to files that are inaccessible (neither readable nor writable) to the user making the link. It also disallows hard links to setuid and setgid files. That would close some further holes in the symlink race vulnerability, as well as fix some other application vulnerabilities.



Duplicated infrastructurenew user-space ABI导致LTTng被拒绝



Ideally, all decisions with regard to the merging of code would be based on whether that code makes technical sense or not; decisions based on "political" concerns are seen as being rather less ideal. But, as a recent discussion shows, even a seemingly "political" decision can have technical reasoning behind it.

vtunerc迎合了专有软件的需求,这是"political 否决,此外,还有技术原因导致被否决。



Jim Gettys and Kathleen Nichols have published in ACM Queue.



memory usage controller的缺点:it only applies to user-space memory.

Glauber Costa's starts by adding a bit of infrastructure to the memory controller for the tracking of kernel-space memory use. 目前仅用于buffers used in the implementation of the TCP network protocol. 但是由于影响性能被拒绝。



还是ARM社区引发的问题 While the x86 architecture and core interrupt code have used zero for "no IRQ,"但是许多平台0是有效中断号。目前的决定是NO_IRQ 0表示,But the ARM architecture still uses -1 as its value.



Paul McKenney的长文。

阅读(562) | 评论(0) | 转发(0) |