Race condition in sshd(8)
A critical vulnerability in sshd(8) was present in Portable OpenSSH versions 8.5p1 and 9.7p1 (inclusive) that may allow arbitrary code execution with root privileges.
https://www.openssh.com/releasenotes.html

Qualys Security Advisory: https://www.mail-archive.com/[email protected]/msg00235.html

Mitigation: set LoginGraceTime=0 in sshd_config

Fixing commit: https://github.com/openssh/openssh-portable/commit/81c1099d22b81ebfd20a334ce986c4f753b0db29

Because this fix is part of a large commit (81c1099), on top of an even larger defense-in-depth commit (03e3de4, "Start the process of splitting sshd into separate binaries"), it might prove difficult to backport. In that case, the signal handler race condition itself can be fixed by removing or commenting out the async-signal-unsafe code from the sshsigdie() function; for example:

 sshsigdie(const char *file, const char *func, int line, int showfunc,
     LogLevel level, const char *suffix, const char *fmt, ...)
 {
+#if 0
         va_list args;
 
         va_start(args, fmt);
         sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL,
             suffix, fmt, args);
         va_end(args);
+#endif
         _exit(1);
 }

www.openssh.org

OpenSSH: Release Notes

OpenSSH release notes

▓▓▓▓▓▓▓▓▓▓░░░░░░░░░░ 50%

Chips and Cheese
Examining the Nintendo Switch (Tegra X1) Video Engine
#ChipAndCheese

Telegraph | source
(author: clamchowder)

Telegraph

Examining the Nintendo Switch (Tegra X1) Video Engine

The Tegra X1 SoC featured in Nintendo’s Switch was meant to fill a variety of market segments including Android set top boxes and automotive applications. Hardware video encode and decode are vital to all of those use cases. Tegra X1’s video engine can handle…

Daniel Lemire's blog
How much memory does a call to ‘malloc’ allocates?

Telegraph | source

Telegraph

How much memory does a call to ‘malloc’ allocates?

In C, we allocate memory on the heap using the malloc function. Other programming languages like C++ or zig often call on malloc underneath so it is important to understand how malloc works. In theory, you could allocate just one byte like so: char * buffer…

#academic
CVPR 2024圆满落幕：海报创意不断，学者穿cos服装讨论学术问题？！这届CVPR真是太有趣了
https://mp.weixin.qq.com/s/LI0CdPKIQYRitAH8eJ-Rtw

要知道很多人勉强活着，日复一日，年复一年，不知道何为欢乐，也不知道何为幸福，只是凭着一种机械的习惯。

Ведь многие живут кое-как, изо дня в день, из года в год, не зная ни радости, ни счастья, а лишь одну механическую привычку.

Л. Е. 乌利茨卡娅《库科茨基医生的病案》

陈方丨译 source

Chips and Cheese
Testing AMD’s Giant MI300X
#ChipAndCheese

Telegraph | source
(author: clamchowder)

Telegraph

Testing AMD’s Giant MI300X

AMD’s Radeon Instinct MI300X is the latest in the company’s compute focused CDNA line. NVIDIA has dominated the GPU compute market for time immemorial, thanks to a combination of strong compute GPUs and a dominant software ecosystem (CUDA) that isn’t compatible…

Daniel Lemire's blog
Performance tip: avoid unnecessary copies

Telegraph | source

Telegraph

Performance tip: avoid unnecessary copies

Copying data in software is cheap, but it is not at all free. As you start optimizing your code, you might find that copies become a performance bottleneck. Let me be clear that copies really are cheap. It is often more performant to copy that data than to…

Chips and Cheese
Testing AMD’s Bergamo: Zen 4c Spam
#ChipAndCheese

Telegraph | source
(author: clamchowder)

Telegraph

Testing AMD’s Bergamo: Zen 4c Spam

Server CPUs have pushed high core counts for a long time, though they way they got high core counts has varied. Bergamo is AMD’s move to increase core counts beyond what scaling up an interconnect can do, by using density focused Zen 4c cores. It’s a strategy…

#龙芯 #JamesAslan
#高通 #Oryon

https://zhuanlan.zhihu.com/p/704707254

Zen 5 抢先体验：Ryzen AI 9 365 (Strix Point SoC) 简单测试 https://blog.hjc.im/zen5-preliminary-review.html

（以后文章不发知乎了）

Daniel Lemire's blog
Validating gigabytes of Unicode strings per second… in C#?

Telegraph | source

Telegraph

Validating gigabytes of Unicode strings per second… in C#?

We have been working on a fast library to validate and transcode Unicode and other formats such as base64 in C++: simdutf. We wondered: could we achieve the same good results in C#? Microsoft’s .NET framework has made great strides in leveraging advanced…

Chips and Cheese
Intel Details Skymont
#ChipAndCheese

Telegraph | source
(author: clamchowder)

Telegraph

Intel Details Skymont

Previously Intel’s Skymont slides were published in low resolution, and I wrote a short article on them. Now, the presentation is public with higher resolution slides and presenter audio. Because there’s a lot more detail to comment on, it’s time for a follow…

Daniel Lemire's blog
Rolling your own fast matrix multiplication: loop order and vectorization

Telegraph | source

Telegraph

Rolling your own fast matrix multiplication: loop order and …

If you must multiply matrices, you should use dedicated libraries. However, we sometimes need to roll our own code. In C++, you can quickly write your own Matrix template: template <typename T> struct Matrix { Matrix(size_t rows, size_t cols) : data(new T[rows…

Chips and Cheese
Tracing Intel’s Atom Journey: Goldmont Plus
#ChipAndCheese

Telegraph | source
(author: clamchowder)

Telegraph

Tracing Intel’s Atom Journey: Goldmont Plus

Today Intel’s Atom line occupies a prominent place in Intel’s best client chips. Atom cores are also going into Intel’s upcoming Sierra Forest server CPU, where they’ll similarly aim to deliver area efficient multithreaded performance. But a few generations…

Daniel Lemire's blog
Scan HTML faster with SIMD instructions: Chrome edition

Telegraph | source

Telegraph

Scan HTML faster with SIMD instructions: Chrome edition

Modern processors have instructions to process several bytes at once. Effectively all processors have the capability of processing 16 bytes one once. These instructions are called SIMD, for single instruction, multiple data. It was once an open question whether…

金枪鱼之夜：支持多种 ISA 扩展的二进制背后的秘密

随着算力需求的提升，我们不断往 CPU 加入新的 ISA 扩展来提高指令表达能力。然而，在软件分发过程中，为每一种 CPU 所支持的 ISA 扩展组合进行编译与分发并不现实，无法接受各种组合的软件构建成本以及镜像站的存储成本。因此，在目前的软件中，往往通过增加性能敏感函数针对不同 ISA 的实现，配合一些函数重定向方法来解决问题。然而，这些方法或多或少存在性能或安全的问题，特别是 IFUNC 机制更是被著名的 xz 软件后门所利用。因此，cyy 希望在 Tunight 上与大家分享目前常见软件实现一个二进制支持多种 ISA 扩展的方法，以及探讨目前的性能与安全问题的案例以及可行的解决方案。

- 主讲人：陈泱宇
- 时间：2024/06/08（校历第十五周周六） 19:00-21:00 UTC +08:00
- 活动形式：线下 + 线上会议 + 直播
- 地点：三教 3104
- 线上会议：Zoom 会议: 970 8479 0044, 密码 20240608
- 直播链接：YouTube 直播: https://youtube.com/live/s78ynPBsTtY

YouTube

金枪鱼之夜：支持多种 ISA 扩展的二进制背后的秘密

https://tuna.moe/event/2024/multi-isa-binary/

#Music
張雨生 - 這一年這一夜
https://www.youtube.com/watch?v=72VWvTU4c5U

Chips and Cheese
Intel’s Lion Cove Architecture Preview
#ChipAndCheese

Telegraph | source

Telegraph

Intel’s Lion Cove Architecture Preview

Intel’s P-Core’s lineage can be traced all the way back to the P6 architecture that was originally found in the Pentium Pro. From the Pentium Pro to Pentium III to Sandy Bridge to Golden Cove, Intel’s P Cores have had many changes over the years and Lion…