#12 Message À Caractère Informatique #12 – 30% Des News Du Kernel Seront Reversées Aux Hackers Russes

Hosted by Clément Nivolle

Clever Cloud
Clever Cloud
Message À Caractère Informatique #12 - 30% Des News Du Kernel Seront Reversées Aux Hackers Russes
Loading
/

Avec par ordre d’apparition : @waxzce @juuduu @keruspe @gcouprie

Des infos sur Mozilla et sa restructuration : https://twitter.com/jwajsberg/status/1295401144936738816

Et la création de la fondation Rust : https://blog.rust-lang.org/2020/08/18/laying-the-foundation-for-rusts-future.html

Cette épisode est un spécial kernel et systemd

Dans l’intro sur le low level GNU – linux – systemd

Série de blog post sur le binaire : https://twitter.com/fasterthanlime/status/1216435739157835776?s=20

Le kernel : https://kernelnewbies.org/LinuxChanges

https://linuxfr.org/tags/kernel/public

https://www.phoronix.com/scan.php?page=article&item=linux-58-features&num=1

https://lwn.net/

Kernel 5.8 en condensé:

Meilleur algo de reclaim de ram / swap (LRU, refault, IO cost)
Swapiness 200

Swap perf, defrag, reclaim

Cgroup memory.swap.high

KCSAN (needs gcc/clang 11 unreleased) / KTSAN : Kernel Concurrency Sanitizer “data race detector for the kernel”

Event pipes + gnome

Virtio mem hotplug

Btw, depuis Linux 5.6 on a wireguard, le VPN le plus simple du monde : 1 algo de chiffrement, 1 algo de KEX, 1 format de clé.

Pidfd + setns

1.6. Shadow Call Stack and Branch Target Identification for improved security on ARM64

1.8. Introduce CAP_BPF and CAP_PERFMON security capabilities (Ça permet de donner accès à certaines features BPF sans donner accès à tout le reste du système.)

https://perf.wiki.kernel.org/index.php/Main_Page

http://www.brendangregg.com/blog/2019-01-01/learn-ebpf-tracing.html

https://ebpf.io/

https://www.youtube.com/watch?v=tDacjrSCeq4 ← shouting in the datacenter

Btrfs improvements (ENOSPC, xattr/chown pour send, repair perfs)

Ext4 ENOSPC race

io_uring

https://github.com/cloud-hypervisor/cloud-hypervisor/releases/tag/v0.9.0

POWER10

Private procfs instances

Inline encryption for block devices

Systemd 246:

https://lwn.net/Articles/827675/

https://systemd.io

Cgroup freezer (unit suspend)

Cpuaffinity numa (expliquer numa ? en gros, on choisit ses cœurs cpus pour rester près de la RAM)

Tmpfs limits

Noauto swap

SNI for DNS over TLS

Zstd

Fido2 + fixes for homed

systemd versions in various distributions:

ArchLinux: 246

Centos/RHEL (Oracle Linux):

7: 219

8: 239

EPEL (unsupported DIY): 245

Amazon Linux 2: 219 (derived from Centos 7)

Debian:

stable, Debian buster: 241; buster-backports: 245

testing, Debian bullseye: 246

Fedora:

stable, Fedora 32: systemd 245

upcoming (october), Fedora 33: systemd 246

OpenSUSE / SLES:

OpenSUSE Tumbleweed (rolling): 245

SLES (Enterprise) 15.2: 234

Ubuntu:

stable, Ubuntu 20.04 (LTS): systemd 245

upcoming, Ubuntu 20.10: systemd 246

Source-based (Gentoo, Exherbo…): choice to compile and use the latest 246

“Enterprise distributions” are still stuck with systemd < 234 (patched but lacking latest features) https://abevoelker.github.io/how-long-since-google-said-a-google-drive-linux-client-is-coming/

Apple / fortnite

https://twitter.com/maxhrau_tech/status/1294023803417362433?s=19

https://stratechery.com/2020/apple-epic-and-the-app-store/

https://arstechnica.com/gaming/2020/08/impending-apple-ban-an-existential-threat-to-the-unreal-engine-epic-says/

https://www.troyhunt.com/im-open-sourcing-the-have-i-been-pwned-code-base/

https://monitor.firefox.com/

Recrutement chez Clever Cloud https://twitter.com/waxzce/status/1295714190032801793

La découverte musicale https://youtu.be/8oYWfJuMGMA?t=2009 Vivaldi Recomposed by Max Richter

Podcast

Nos dernières émissions