New Linux Kernel Vulnerability Fragnesia Allows Root Privilege Escalation
The vulnerability, tracked as CVE-2026-46300, is similar to the recently disclosed exploits named Dirty Frag and Copy Fail. The post New Linux Kernel Vulnerability Fragnesia Allows Root Privilege Escalation appeared first on SecurityWeek.| SecurityWeek
linux 0-day, access root-owned files as an unprivileged user
Comments| Lobsters
Information Security News – 5/4/2026 - Project Hyphae
Article Link: https://cyberpress.org/fake-invites-target-firms/| Project Hyphae
OrBit (Re)turns: Tracking an open-source Linux rootkit across four years of forks and deployments
Explore how OrBit, a two-stage malware, has changed over the last 4 years and why it matters for defenders. The post OrBit (Re)turns: Tracking an open-source Linux rootkit across four years of forks and deployments appeared first on Intezer.| Intezer
Linux Compromises, Broken Embargoes, and the Shrinking Patch Window — AskBaize
Copy Fail, Dirty Frag, CrackedArmor, io_wring ZCRX freewrite OOB, what are these? Read the technical explanations (supplemented with plain English ELI5s). Is the disclosure process broken? Why should people care?How can this be exploited?What can defenders do immediately and what are the next steps?| AskBaize
Fragnesia, la nuova falla nel kernel Linux che regala privilegi di root: come difendersi
Una terza vulnerabilità critica in meno di tre settimane colpisce il kernel Linux. Fragnesia consente a qualsiasi utente locale senza privilegi di ottenere accesso root corrompendo la page cache del kernel. Il PoC è già pubblico. Ecco l'analisi tecnica, le distribuzioni coinvolte e le indicazioni operative per mitigare il rischio L'articolo Fragnesia, la nuova falla nel kernel Linux che regala privilegi di root: come difendersi proviene da Cyber Security 360.| Cyber Security 360
Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431) - Help Net Security
Security researchers have disclosed CopyFail, a local privilege escalation (LPE) vulnerability (CVE-2026-31431) in the Linux kernel.| Help Net Security
Copy Fail and the forensic blind spot hiding in Linux memory | Andrea Fortuna
CVE-2026-31431 ‘Copy Fail’ is more than yet another Linux LPE. It is a stress test for how we design logging, detection, and forensics on modern Linux systems, containers, and cloud environments.| Andrea Fortuna
ACME Clients on Linux for Easy SSL/TLS Management
Every time you visit a website and see that padlock in the browser bar, an SSL/TLS certificate is quietly doing its job, authenticating the server and encrypting your connection so passwords, payment details, and personal data stay private. Take that certificate away, and the connection falls back to plain HTTP, where anyone on the sameContinue reading "ACME Clients on Linux for Easy SSL/TLS Management"| Encryption Consulting
The Update Conundrum - The Unknown Universe
How a “kept back” Proxmox kernel left my home lab exposed to CVE‑2026‑31431 — why I now check upgradable packages and use apt full‑upgrade.| The Unknown Universe
Raspberry Pi is getting into the services game - Jeff Geerling
...and it's all free—so far. Raspberry Pi today launched Raspberry Pi Connect, a free remote VPN service for all Pi OS users. If you create a Raspberry Pi ID, you can sign up for Connect, install rpi-connect on a Pi 4 or 5 running 64-bit Pi OS 12 'Bookworm', and register that Pi with the service. Then, on any other device's web browser, you can log in and remote control your Pi through Connect's web-based VNC viewer.| Jeff Geerling
Sovereign Tech Fund invests over €1 million in KDE software development - KDE Community
Big Tech’s disregard for privacy laws and individuals’ personal data has become a matter of national security. As news of willful mismanagement fill the headlines on an almost daily basis, the world is beginning to turn away from expensive and insecure spyware-riddled software imposed by the likes of Microsoft, Google, Meta, Apple, et al.| kde.org
JDownloader : le site officiel a diffusé un malware sur Windows et Linux pendant 24 heures
Le site officiel de JDownloader, l’un des gestionnaires de téléchargements les plus utilisés au monde, a été compromis... L’article JDownloader : le site officiel a diffusé un malware sur Windows et Linux pendant 24 heures est apparu en premier sur Cyberattaque.org.| Cyberattaque.org
What is BusyBox? | Specular
What is BusyBox?| Specular
Clunky or funky: Unix System Services vs mainframe Linux
The post Clunky or funky: Unix System Services vs mainframe Linux appeared first on Planet Mainframe.| Planet Mainframe
❓Linux: Tux in the Data Center
The post ❓Linux: Tux in the Data Center appeared first on Planet Mainframe.| Planet Mainframe
Beyond the Horizon: Running Db2 Tools from a Unix Shell
The post Beyond the Horizon: Running Db2 Tools from a Unix Shell appeared first on Planet Mainframe.| Planet Mainframe
RetroDECK Is More Than Emulation: An Interview with the Devs
There’s a certain way people talk about retro gaming that I’ve never fully clicked with. It almost always comes back to consoles and emulators: what system you’re recreating, how accurate it is, how close it feels to the original hardware. And of course, that’s part of| The Bryant Review
From Optional App to Built-In: Songo#5’s Expansion Across Firmware and Android
Now shipping with Spruce and soon muOS, Songo#5 is moving from a standalone music player to a default part of handheld firmware ecosystems, with an Android port on the horizon| The Bryant Review
'Bash Idioms' - Book Review
If you write Bash code, read this NOW.| Giles's Notes
'Linux Bible' Eleventh Edition - Book Review
Excellent Linux reference book.| Giles's Notes
"Little Snitch" Reveals Software Phoning Home and Pulling Ads
See your software using the network to phone home.| Giles's Notes
DirtyFrag agrava la alarma en Linux: otro fallo permite escalar a root
La seguridad del kernel Linux atraviesa una de esas semanas que obligan a parar y revisar prioridades. Apenas unos días […]| OpenSecurity
“My favorite device is a Chromebook, without ChromeOS”
Alfmanverbose=1Thom Holwerda,| OSnews
OpenSwarm: The Open-Source AI Workspace for Everything Beyond Claude Code
There are countless AI tools that still revolve around one assistant doing everything inside a chat window. OpenSwarm feels closer to assigning work across a small team. The research agent handles analysis. The slides agent builds presentations. The data analyst creates charts. Video and image agents manage media generation separately. Single-agent systems tend to hallucinate once projects become larger or more visual. OpenSwarm keeps tasks separated, which usually makes the outputs feel more...| Firethering
wayland.fyi minimalist wayland special interest group
wayland.fyi| wayland.fyi
Even Better Simplenote MCP Server – Simplenote
Last month, we announced a basic MCP server for Simplenote which allowed macOS users to use their favorite AI tool to search their notes. Now we’re excited to announce an updated version whic…| Simplenote
Dirty Frag CVE-2026-43284: Linux Local Privilege Escalation Risk and Mitigation Guide
A practical guide to Dirty Frag CVE-2026-43284, including affected Linux attack paths, CVE-2026-43500 / rxrpc risk, interim mitigations, patch priority, and post-compromise checks.| KnightLi Blog
Dirty Frag: Unpatched Linux vulnerability delivers root access - Help Net Security
Linux local privilege escalation vulnerability dubbed "Dirty Frag" has been revealed, along with a PoC exploit.| Help Net Security
Thelio Mira for Gaming - dominickm.com
If you’re a Coder Radio listener, you already know the deal: when a new Linux machine lands on my desk, there is roughly a zero percent chance I’m only going to use it for “serious work.” Yes, the Thelio Mira is officially my workstation. It’s going to spend its days running dev environments, local AI […]| dominickm.com
[PATCH] killswitch: add per-function short-circuit mitigation primitive [LWN.net]
When a (security) issue goes public, fleets stay exposed until a patched kernel| lwn.net
DirtyFrag obliga a revisar kernels Linux en producción y contenedores
DirtyFrag ha llegado en el peor momento posible para administradores Linux: apenas unos días después de Copy Fail y con una prueba de concepto pública circulando antes de que todas las distribuciones pudieran completar su ciclo de parcheo. No es una vulnerabilidad remota que permita entrar desde Internet sin credenciales, pero sí es una escalada […]| Administración de Sistemas
Arch Linux estrena ISO con Linux 7.0 y mejora su instalador guiado
Arch Linux ya tiene disponible su imagen ISO de mayo de 2026, una actualización especialmente interesante para quienes vayan a instalar la distribución desde cero en equipos recientes. La nueva imagen, identificada como 2026.05.01, llega con el kernel Linux 7.0.3 y un conjunto renovado de paquetes base, firmware y herramientas de instalación. No se trata […]| Administración de Sistemas
ProxPatch automatiza las actualizaciones en clústeres Proxmox VE
Actualizar un clúster Proxmox VE parece una tarea rutinaria hasta que hay que hacerlo nodo por nodo, con máquinas virtuales en producción, ventanas de mantenimiento ajustadas y el riesgo de dejar un host a medio reiniciar. ProxPatch nace precisamente para automatizar ese trabajo repetitivo: drenar un nodo, migrar las máquinas virtuales, aplicar parches, reiniciar si […]| Administración de Sistemas
Reproducible Ansible with Execution Environments
A “control node” with a hand-curated venv works. Until it doesn’t. A colleague has different collection versions, CI installs a slightly newer Python library, and a playbook that ran yesterday now fails. Execution Environments turn the control node into a versioned container image. ansible-builder produces it, ansible-navigator runs against it, and the same artifact ships from your laptop into AAP/AWX without modification.| Larvitz Blog
Ansible-Native Quadlets: Deploying a Mastodon Greeter Bot with containers.podman
Hand-writing Quadlet files works for one host. For a fleet, the containers.podman collection’s native Quadlet generation lets you describe containers as Ansible state, including secrets, registry logins, and templated configuration. A small Mastodon welcome bot makes a concrete example.| Larvitz Blog
retr0.zip
CVE-2026-31431: Copy Fail| retr0.zip
New Linux 'Dirty Frag' zero-day gives root on all major distros
A new Linux zero-day exploit, named Dirty Frag, allows local attackers to gain root privileges on most major Linux distributions with a single command. [...]| BleepingComputer
7 Best Libraries to Create CLI Applications in Linux
Discover the 7 best libraries to build powerful CLI applications on Linux with ease and flexibility.| Fresh Tech Tips
oss-security - Dirty Frag: Universal Linux LPE
Message-ID: <afzgS2SCWNcZU3vU@v4bel>| www.openwall.com
How Cloudflare responded to the “Copy Fail” Linux vulnerability
When a critical Linux kernel privilege escalation was publicly disclosed, Cloudflare's security and engineering teams detected, investigated, and mitigated the threat across our global fleet, confirming zero customer impact and no malicious exploitation.| The Cloudflare Blog
732 bajtów do uzyskania dostępu root – kolejna podatność znaleziona przez AI
29 kwietnia na stronie https://copy.fail/ zamieszczono informacje o całkiem krytycznej podatności określanej jako Copy Fail, która to otrzymała oznaczenie CVE-2026-31431. Podatność wykorzystuje skomplikowany błąd w obsłudze authencesn, z którego szerokim opisem można zapoznać się w tym opracowaniu. Istotne jest zrozumienie, że podatność istniała w tym module kernela od 2017 roku (tutaj commit zawierający wadliwe zmiany), […]| AVLab.pl
Smashing Security podcast #466: Meta sees everything, Copy Fail, and a deepfake gets hired
Meta's smart glasses promise privacy "designed for you" - but everything they record was being beamed off to workers in Nairobi to label by hand. When those workers blew the whistle, Meta sacked all 1,108 of them. Meanwhile, the IT press is in a frenzy over a new Linux bug called "Copy Fail" - complete with logo, dedicated website, and a marketing-friendly name. But is it really the disaster everyone's making it out to be? And in our featured interview, Jake Moore of ESET explains how he tric...| GRAHAM CLULEY
Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years
Copy Fail (CVE-2026-31431) is a critical Linux kernel LPE that allows stealthy root access. This flaw impacts millions of systems. Read our analysis. The post Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years appeared first on Unit 42.| Unit 42
MTP Speculative Decoding: 4.8x Faster Qwen 3.6 27B on Strix Halo
Multi-Token Prediction turns Qwen 3.6 27B from 6 t/s to 30 t/s on AMD Strix Halo, succeeding where draft models and ngram decoding failed, by using prediction heads baked into the model itself.| Sleeping Robots
Benchmarking Echo-TTS on Strix Halo | Sleeping Robots
Running a diffusion-based TTS model on AMD's Strix Halo, patching CUDA-only code for CPU, discovering a bf16 GPU hang on gfx1151, and a hybrid GPU/CPU trick that beats every other TTS model I've tested.| Sleeping Robots
How To Install Linux From Scratch
One can install Linux from the installer, but the process is not very| 一言堂
A new filesystem for pidfds [LWN.net]
The pidfd abstraction is a Linux-specific way of referring to processes that avoids the race co [...]| LWN.net
FreeBSD: Jails Networking and Container Management with Bastille
Sometimes on FreeBSD you need to run services that aren’t officially supported by FreeBSD, and this post actually came about because I was installing Open WebUI on my NAS – and Open WebUI was easier to set up on Linux. So I spun it up in a FreeBSD Linux jail, and to create the container… Read More » The post FreeBSD: Jails Networking and Container Management with Bastille first appeared on RTFM: Linux, DevOps, and system administration.| RTFM: Linux, DevOps, and system administration
The future of AI in Ubuntu · Jon Seager
AI tools are becoming ubiquitous. Adoption across the tech industry has been mixed, both in terms of which projects are embracing “AI” technologies, and in how companies are structuring their adoption This post details how AI will play a part in both Canonical and Ubuntu’s future, my framework for classifying AI features in the OS, and how Canonical is currently approaching adoption internally.| Jon Seager
Big O for MySQL: Why the Same Query Gets Slow at Scale
Discover how Big O complexity impacts MySQL performance. Learn how indexes move queries from O(n) to O(log n) and why table growth changes everything.| Another Boring Tech Blog
Podman rootless containers and the Copy Fail exploit
Podman rootless containers and the Copy Fail exploit| Gabriel Garrido
~mcf/oasis - a small statically-linked linux system - sourcehut git
#oasis| git.sr.ht
Broadcasting GPS on the local network
Ever since Mozilla killed its GPS location service, GPS hasn’t been very| evertpot.com
Misplaced windows in GNOME | Anagogistis
My personal blog| anagogistis
My favorite device is a Chromebook, without ChromeOS — kokada
I wrote in 2024 a blog post about a how cheap and low powered| kokada.dev
Fun With volshell – Righteous IT
An intro to running multiple Volatility plugins via volshell in order to avoid startup costs associated with re-parsing the memory image. And a (clever?) hack for getting volshell plugin output in …| Righteous IT
Power Systems Still Waiting For The GenAI Bump
With the Power11 systems upgrade cycle only nine months old and with price increases that have been happening monthly since early April 1 and possibly continuing through the end of the year, we expect for the Power Systems business to be up in 2026 for the full year. In the first quarter of 2026 ended in March, IBM’s Infrastructure group, which includes sales of servers, storage, operating systems, and used gear, posted sales of $3.33 billion, up 15.3 percent. Gross profits rose by 24.2 per...| IT Jungle
Modernised SSO for Linux in Microsoft Intune with Entra ID Integration
Hello - Here is the new HTMD Blog Article for you. Enjoy reading it. Subscribe to YouTube Channel https://www.youtube.com/c/AnoopCNairSCCM?sub_confirmation=1 and LinkedIn page for latest updates https://www.linkedin.com/company/how-to-manage-devices/ The post Modernised SSO for Linux in Microsoft Intune with Entra ID Integration appeared first on HTMD Community Intune Windows Modern Workplace Device Management by Anoop C Nair.| HTMD Community Intune Windows Modern Workplace Device Management
Security Researcher Publishes Method to Run Linux on PS5, Demonstrating GTA V at 60fps With Ray Tracing
Security researcher Andy Nguyen has shared a method for running Linux on certain PlayStation 5 units, along with setup instructions available on GitHub. Thank you for being a Ghacks reader. The post Security Researcher Publishes Method to Run Linux on PS5, Demonstrating GTA V at 60fps With Ray Tracing appeared first on gHacks.| gHacks
Screw you Realtek :: growse.com
So I’ve got three nodes in my homelab k8s cluster (celebrated its 7’th birthday the other day 🎈 ) that are lovely little lenovo M75 boxes. They’re cheap, reasonably powerful, not too old, and make great k8s nodes for light workloads. The big problem, however, is that they have Realtek RTL8111/8168/8211/8411 NICs in them, which are not good.| www.growse.com
Upcoming debian.org e-mail change (SPF)
---| lists.debian.org
Copy Fail: Any Local User Can Get Root on Nearly Every Linux System Since 2017
On April 28, a critical authentication bypass in cPanel forced hosting providers to take control panels offline globally while active exploits were confirmed in the wild. On April 29, researchers at Theori disclosed CVE-2026-31431, named Copy Fail: a Linux kernel privilege escalation affecting virtually all mainstream distributions since 2017, exploitable by any unprivileged user with local […]| Web Hosting Industry Portal | News, Insights and Trends
Linux PTP mainline development war story and new features
A few years ago, one of our customers came to us with what sounded like a reasonably straightforward request: adding support for the Precision Time Protocol to an existing Linux kernel Ethernet PHY driver, namely the Marvell PHY driver. Not only this sounded reasonably easy, but someone had actually already done the work: Russell King, … Continue reading "Linux PTP mainline development war story and new features"| Bootlin
TuxCon 2026 the Open Source Hardware and Software conference is on 16-17 of May in Plovdiv! | olimex
TuxCon is a FOSDEM-style conference, organized entirely by volunteers, dedicated to promoting open-source technologies in society. This year, it takes place on May 16–17. 🗓 Saturday in Technical Un…| olimex
Canonical wil AI toevoegen aan Ubuntu, gebruikers eisen kill switch
Canonical heeft deze week bekendgemaakt AI-functies te willen toevoegen aan Ubuntu, maar de reacties zijn allesbehalve enthousiast. Veel gebruikers eisen meer zeggenschap over welke functies ze gebruiken. Sommigen gaan nog verder en vragen om een zogenaamde ‘kill switch’ waarmee AI volledig kan worden uitgeschakeld. Canonical heeft al gereageerd op de kwestie, maar houdt dat vooralsnog […]| ICTMagazine.nl
The Browser Sync Privacy Rabbit Hole - The Unknown Universe
A 5am YouTube browse leads to a total privacy re-architecture. Moving NPM local for a blind-pipe VPS setup with no open ports and zero plaintext.| The Unknown Universe
Amber Documentation
Documentation for Amber programming language| Documentation for Amber programming language
LPE-уязвимость CopyFail позволяет получить root-права в Linux
В ядре Linux нашли уязвимость CopyFail, которая позволяет получить root-доступ без состояния гонки и сложных эксплоитов. Для атаки достаточно короткого Python-скрипта, который работает почти в любом дистрибутиве, вышедшем после 2017 года.| Хакер
We made Linux v6.19+ boot quicker for everyone! – The Good Penguin
Booting Linux quickly is highly desirable for embedded devices, particularly those that are battery-powered or require high availability. A common approach for reducing boot times with minimal effort is to remove unused features, effectively turning a general purpose operating system into a specialised one. However, this compromise of sacrificing features for boot time reduces flexibility …| www.thegoodpenguin.co.uk
Ken Thompson and the lesson many still ignore: better programming means deleting code
Few sentences explain a philosophy of software as clearly as the one long attributed to Ken Thompson: “One of my most productive days was throwing away 1,000 lines of code.” It is not just a clever remark or a slogan made for social media. It captures the mindset of one of the most influential figures […]| System Administration
40 open-source tools redefining how security teams secure the stack - Help Net Security
Discover free security software that helps teams monitor systems, find vulnerabilities, secure identities, and manage risk.| Help Net Security
Kunai: Open-source threat hunting tool for Linux - Help Net Security
Kunai is an open-source tool that provides deep and precise event monitoring specifically for Linux environments.| Help Net Security
Copy Fail — CVE-2026-31431
CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.| Xint
Copy Fail: 732 Bytes to Root on Every Major Linux Distributions - Xint
Xint Code disclosed CVE-2026-31431, an authencesn scratch-write bug chaining AF_ALG + splice() into a 4-byte page cache write. A 732-byte PoC gets root on Ubuntu, Amazon Linux, RHEL, SUSE. | AI for Security, Vulnerability Research| xint.io
KDE at 30 - KDE Community
KDE is turning 30 this year! Three decades of passionate community effort against all odds; delivering control, privacy, and freedom to our users; and tons and tons of software.| kde.org
How Linux 7.0 Broke PostgreSQL: The Preemption Regression Explained
Linux 7.0 delivered roughly half the throughput of Linux 6.x on the same hardware and workload.| read.thecoder.cafe
Create Bootable Arch USB on Linux / macOS with cat (Rufus on Windows)
You can use this to install Arch Linux or act as a recovery disk. Technically this method works for most Linux installers.| From Development to Production on Nick Janetakis
Combine Tmux, btop and a GPU Monitoring Tool for System Monitoring
Here's a quick way to get your system's overall health and it uses a nice trick to programmatically create tmux sessions or windows.| From Development to Production on Nick Janetakis
Differentiate Between an Empty or Unset String Variable with Bash — Nick Janetakis
We'll go over a POSIX compliant solution using parameter expansion as well as a Bash 4.2+ variable existence check.| Nick Janetakis
Ubuntu plans AI features with focus on local inference
Canonical is preparing to add AI features to Ubuntu over the next year, according to a blog post by Jon Seager, the company’s vice-president of engineering. Seager said the features will appear in two categories. Some will use AI models in the background to improve existing operating system functions, others are to introduce “AI native” […] The post Ubuntu plans AI features with focus on local inference appeared first on Developer Tech News.| Developer Tech News
Fedora Linux 44 ships with GNOME 50 and KDE Plasma 6.6
The Fedora Project released Fedora Linux 44, delivering updated desktop environments, revised installer behavior, and several lower-level system changes across its editions and spins. The release covers the project’s flagship editions, including Workstation, KDE Plasma Desktop, Cloud, Server, CoreOS, and IoT, alongside the Atomic Desktops lineup of Silverblue, Kinoite, Cosmic, Budgie, and Sway. Alternate spins such as Cinnamon and Xfce are also available. Desktop updates Fedora Workstation ...| Help Net Security
Fully Headless Linux Gaming VM with AMDGPU
Introduction There are various guides for how to create a “headless” gaming machine. However, these are not *truly* headless. Every guide I could find relies on either a hardware dummy plug or assigning an EDID to a physical port, sort of the software equivalent of a dummy plug. But what if you have in your … Continue reading Fully Headless Linux Gaming VM with AMDGPU| Simon's Blog
New Box64 v0.4.2 released – Box86 / Box64
The next release of Box64 is finally out. Many fixes, a new Dynarec backend and Vulkan overlay support... Let's dig in. Many fixes and improvements to Dynarec A lot of work has been done to fix issues. It can be in the dynarec where many opcodes got their behavior fixed, or many speed regressions introduced...| Box86 / Box64
Docker on RISC-V: From Release to Production in 6 Days - RISC-V International
Featured Work | RISC-V International
How to Install Software on Ubuntu 26.04: Complete Guide to APT, Snap, Flatpak & Manual Methods - The Back Room Tech
Master Ubuntu 26.04 software installation with APT, Snap, Flatpak & manual methods. Complete guide with troubleshooting tips and best practices.| The Back Room Tech - Serving up the info for back room techs everywhere
Bypassing DPI with eBPF sock_ops | Bora Tanrikulu
eBPF sock_ops, fake TLS packets, and why every platform needs a different hack| Bora
..and on the seventh day, Science created zsh
Inspired by some recent posts from Tom on zsh, I decided that I’d do my part to help people give it a whirl. I’ve been using zsh for a few years now and haven’t found myself missing bash. If you’re interested in taking a few minutes to give zsh a while, you’re in luck. I recently reorganized all of my zsh config into a package and tossed it on github to share. My goal was to create a reusable tool that would allow people to get up and running quickly with some of the fun configurati...| Robby on Rails
I tried to use Unreal on Linux… it’s rough
Like most game developers, I am mainly a Windows user. Not so much by choice, but just because it is the default that most tools and basically all the games are developed for. That being said, I also never was an actual Windows hater. Sure, Microsoft was never the likeable underdog company that I would […]| Larst Of Us
On Linux MAINTAINERS file removal of Russian developers
I sincerely regret to see Linux kernel patches like this one removing Russian developers from the MAINTAINERS file. To me, it is a sign or maybe even a symbol of how far the Linux kernel developer community I remember from ~ 20 years ago has changed, and how much it has alienated itself from what I remember back in the day. In my opinion this commit is wrong at so many different levels: it is intransparent. Initially it gave no explanation whatsoever (other than some compliance hand-waving). ...| LaForge's home page
OsmoDevCon 2024: "Introduction to XDP, eBPF and AF_XDP"
I've presented a talk Introduction to XDP, eBPF and AF_XDP as part of the OsmoDevCon 2024 conference on Open Source Mobile Communications. This talk provides a generic introduction to a set of modern Linux kernel technologies: eBPF (extended Berkeley Packet Filter) is a kind of virtual machine that runs sandboxed programs inside the Linux kernel. XDP (eXpress Data Path) is a framework for eBPF that enables high-performance programmable packet processing in the Linux kernel AF_XDP is an addres...| LaForge's home page
OsmoDevCon 2024: "Using bpftrace to analyze osmocom performance"
I've presented a talk Using bpftrace to analyze osmocom performance as part of the OsmoDevCon 2024 conference on Open Source Mobile Communications. bpftrace is a utility that uses the Linux kernel tracing infrastructure (and eBPF) in order to provide tracing capabilities within the kernel, like uprobe, kprobe, tracepoints, etc. bpftrace can help us to analyze the performance of [unmodified] Osmocom programs and quickly provide information like, for example: Histogram of time spent in a specif...| LaForge's home page
OsmoDevCon 2024: "High-performance I/O using io_uring via osmo_io"
I've co-presented a talk (together with Andreas EversbergHigh-performance I/O using io_uring via osmo_io as part of the OsmoDevCon 2024 conference on Open Source Mobile Communications. Traditional socket I/O via read/write/recvfrom/sendto/recvmsg/sendmsg and friends creates a very high system call load. A highly-loaded osmo-bsc spends most of its time in syscall entry and syscall exit. io_uring is a modern Linux kernel mechanism to avoid this syscall overhead. We have introduced the osmo_io`A...| LaForge's home page
Gradual migration of IP address/port between servers
I'm a strong proponent of self-hosting all your services, if not on your own hardware than at least on dedicated rented hardware. For IT nerds of my generation, this has been the norm sicne the early 1990s: If you wante to run your own webserver/mailserver/... back then, the only way was to self-host. So over the last 30 years, I've always been running a fleet of machines, some my own hardware colocated, and during the past ~18 years also some rented dedicated "root servers". They run a pleth...| LaForge's home page
Sometimes software development is a struggle
I'm currently working on the firmware for a new project, an 8-slot smart card reader. I will share more about the architecture and design ideas behind this project soon, but today I'll simply write about how hard it sometimes is to actually get software development done. Seemingly trivial things suddenly take ages. I guess everyone writing code knows this, but today I felt like I had to share this story. Chapter 1 - Introduction As I'm quite convinced of test-driven development these days, I ...| LaForge's home page
Mailing List hosting for FOSS Projects
Recently I've encountered several occasions in which a FOSS project would have been interested in some reliable, independent mailing list hosting for their project communication. I was surprised how difficult it was to find anyone running such a service. From the user / FOSS project point of view, the criteria that I would have are: operated by some respected entity that is unlikely to turn hostile, discontinue the service or go out of business altogether free of any type of advertisements (w...| LaForge's home page
udtrace - Unix domain socket tracing
When developing applications that exchange data over sockets, every so often you'd like to analyze exactly what kind of data is exchanged over the socket. For TCP/UDP/SCTP/DCCP or other IP-based sockets, this is rather easy by means of libpcap and tools like tcpdump, tshark or wireshark. However, for unix domain socket, unfortunately no such general capture/tracing infrastructure exists in the Linux kernel. Interestingly, even after searching for quite a bit I couldn't find any existing tools...| LaForge's home page
Report from the Geniatech vs. McHardy GPL violation court hearing
Today, I took some time off to attend the court hearing in the appeal hearing related to a GPL infringement dispute between former netfilter colleague Partrick McHardy and Geniatech Europe I am not in any way legally involved in the lawsuit on either the plaintiff or the defendant side. However, as a fellow (former) Linux kernel developer myself, and a long-term Free Software community member who strongly believes in the copyleft model, I of course am very interested in this case. History of ...| LaForge's home page