Kernel Log: more details on the kernel.org hack
by Thorsten Leemhuis
The recent Kernel Summit, LinuxCon Europe and Realtime Workshop events revealed lots of interesting developments from the kernel scene, including a few details of the hack at kernel.org. AMD has released new graphics drivers and there's a patch to fix serious problems in the RAID 10 code in Linux 3.1.
Prague was the venue for a number of Linux kernel and kernel related conferences held in late October. These included this year's Kernel Summit, at which just shy of a hundred kernel developers came together to share their experiences at the invitation only event. Delegates included Linus Torvalds, Andrew Morton, Greg Kroah-Hartman and many more key kernel developers.
LWN.net has, as ever, produced articles summarising the more significant discussions. The event revealed some of the details of the kernel.org hack. In late August, H. Peter Anvin, an experienced kernel developer also known for his work in areas such as the bootloader collection Isolinux, discovered that his private server had been hacked. On investigating further, he discovered that kernel.org was also affected. The attack was part of a credential-stealing network which had been operating for several years. All evidence suggested that kernel.org was not a specific target, but had just happened to fall victim to the attackers. The attackers proceeded silently, did not use the computer for activities such as spamming and did not modify any of the data stored on the server.
The only administrator working on kernel.org maintenance reported on the state of the rebuild of the kernel.org infrastructure, which was commenced once the attack was discovered. Kernel hackers will now have to update their git trees via Gitolite and sign the archives containing Linux source code themselves before uploading. Only administrators have shell access now. LWN.net reports that the kernel.org administrator also noted that various tasks performed by kernel.org systems will in future be more strictly separated, in part through the use of virtual machines.
A number of further reports on presentations and panel discussions provide a good deal of additional information on recent developments, such as changes to the memory subsystem currently in the pipeline. As in previous years, patch review and general considerations on the development process were again on the agenda. Linus Torvalds and other developers appear to be broadly satisfied with how things work, so that no major changes are to be anticipated.
The conference agenda also included elections for the ten seats on the Linux Foundation's technical advisory board (TAB). Alan Cox, Thomas Gleixner, Jonathan Corbet, Theodore Ts'o and Greg Kroah-Hartman were all re-elected.
The Kernel Summit was followed by LinuxCon Europe, the first ever European offshoot of the Linux Foundation conference which has long been a established on the North American Linux circuit. With around 900 delegates, numbers were better than expected. Presentations were given by a number of kernel developers, including lead btrfs developer Chris Mason.
He discussed a number of enhancements aimed at improving the performance and stability of the experimental file system which are expected to find their way into Linux 3.2. In the long term, file system level support for RAID 5 and 6 arrays is planned. Before that happens, however, he is, keen to work on a program for checking and repairing btrfs file systems. He gave a brief demonstration of a prototype of this tool, known as btrfsck, which is able to resolve one of the most critical errors and should make its way into a development version soon. Mason has also merged a program known as restore, which can be used to rescue data from damaged btrfs file systems, into the git development tree for the recently updated btrfs tool. How long it will be before the major distributions start to include these new and updated tools is a question of wait and see.
The issue of compatibility was raised during a panel discussion with four kernel developers, after lead systemd developer and moderator Lennart Poettering criticised the fact that the interface between kernel and user space occasionally changes in a manner which breaks backwards compatibility. Torvalds conceded that the inclusion of incompatible changes and the problems that result are occasionally unavoidable, for example when fixing certain security vulnerabilities, but asserted that such cases are very rare. In all other situations, he stated, changes resulting in incompatibilities are completely unacceptable. He would, he said, revert any such change if he became aware that it was causing problems and if it could be reverted without causing even greater problems.