Mastodawn

[$] The first half of the 7.1 merge window

The 7.1 merge window opened on April 12 with the release of the 7.0 kernel. Since then, 3,855 non-merge changesets have been pulled into the mainline repository for the next relea [...]

https://lwn.net/Articles/1067250/ #LWN #Linux #kernel #Debian #ArchLinux #Rust #Git #BPF #io_uring

Show thread

Nicolas MØUART 5d ago

I tried to debug the issue with bpftrace, but I did not catch the problem for now (I caught some IRQ interrupts to the audio card!). I haven't seen people using it in bug reports, I wonder why.

https://kernel.org/doc/html/latest/sound/kernel-api/alsa-driver-api.html

#alsa #bpf #troubleshooting

The ALSA Driver API — The Linux Kernel documentation

Paul Buetow Apr 12

I started to look into #BPF #eBPF lately (for the understanding of new tools I use and want to use and also to write my own observability tools). This is an interesting article how BPF helped to detect noisy neighbors (other processes in other cgroups consuming too much resources) Noisy Neighbor Detection with eBPF https://netflixtechblog.com/noisy-neighbor-detection-with-ebpf-64b1f4b3bbdd

CyberVeille.ch Apr 12

📢 Génération automatique de magic packets BPF via exécution symbolique et Z3 pour analyser BPFDoor
📝 ## 🔍 Contexte

Article publié le 8 avril 2026 sur le blog de Cloudflare, rédigé par Axel Boesenach.
📖 cyberveille : https://cyberveille.ch/posts/2026-04-12-generation-automatique-de-magic-packets-bpf-via-execution-symbolique-et-z3-pour-analyser-bpfdoor/
🌐 source : https://blog.cloudflare.com/from-bpf-to-packet/
#BPF #BPFDoor #Cyberveille

Génération automatique de magic packets BPF via exécution symbolique et Z3 pour analyser BPFDoor

🔍 Contexte Article publié le 8 avril 2026 sur le blog de Cloudflare, rédigé par Axel Boesenach. Il présente une recherche technique sur l’automatisation de l’analyse des filtres Berkeley Packet Filter (BPF) utilisés par des malwares Linux comme BPFDoor. 🧩 Problématique Les malwares Linux exploitent des programmes BPF classiques (non eBPF) pour rester dormants jusqu’à la réception d’un magic packet spécifique. Ces filtres peuvent dépasser 200 instructions, rendant leur rétro-ingénierie manuelle très coûteuse en temps (jusqu’à une journée de travail pour certains échantillons).

CyberVeille

LWN.net Apr 10

[$] Removing read-only transparent huge pages for the page cache

Things do not always go the way kernel developers think they will. When the kernel gained support for the creation of read-only transparent huge pages for the page cache in 2019, [...]

https://lwn.net/Articles/1066582/ #LWN #Linux #kernel #Git #XFS #BPF

LWN.net Mar 25

[$] More efficient removal of pages from the direct map

The kernel's direct map provides code running in kernel mode with direct access to all physical memory installed in the system — on 64-bit systems, at least. It obviously makes li [...]

https://lwn.net/Articles/1064090/ #LWN #Linux #kernel #BPF

LWN.net Mar 23

[$] Tracking when BPF programs may sleep

BPF programs can run in both sleepable and non-sleepable (atomic) contexts. Currently, sleepable BPF programs are not allowed to enter an atomic context. Puranjay Mohan has a new [...]

https://lwn.net/Articles/1062868/ #LWN #Linux #kernel #BPF

LWN.net Mar 18

[$] BPF comes to io_uring at last

The kernel's asynchronous io_uring interface maintains two shared ring buffers: a submission queue for sending requests to the kernel, and a completion queue containing the result [...]

https://lwn.net/Articles/1062286/ #LWN #Linux #kernel #Git #BPF #io_uring

char (#4|2 Mar 18

Caetra new release v1.2.0; added new shield that reacts when a webcam turns it on/off.

With this shield we are trying to avoid privacy leaks from you and others, among possible security visual breaches like harvesting information about your surroundings. Do not forget to cover your webcam with a nice cat sticker :3

https://github.com/carvilsi/caetra

#physicalSecurity #physicalAttacks #linuxhardening #hardwareSecurity #bpf #ebpF #bcc