再补充：
某安有人反馈双击亮屏后会黑屏。使用garnet-t-oss开源的display驱动确实会有此问题，同时，在MIUI14上还会导致低概率不可预测的自动重启，minidump和mtdoops还不会在此问题发生时记录任何日志。这就是Melt内核仍然在用官方预编译的display驱动的原因。嗯，相信陪伴Melt内核一路走来的老用户应该都记得。

Google Clang Prebuilt Update
#clang

Commit

Download tar.gz:
clang 19.0.1 (based on r536225) from build 12251623

Experimental Schedutil Patches Yield 30% Boost To Web Browser Benchmark On Linux
21 August 2024 - Schedutil Improvements

Google engineer Qais Yousef has posted a set of 16 patches for the "Schedutil" scheduler utilization code within the Linux kernel to better manage system response time. Schedutil is often used by default on many Linux distributions and with these patches a popular web browser benchmark can be as much as 30% faster with these kernel patches.

Comments

#Phoronix #LinuxKernel

Clash Verge Rev Update
2024-08-22
#Clash #ClashMeta

Release tag:
Clash Verge Rev v1.7.7

Assets:
There are too many, see here

Magisk Canary Update
2024-08-23
#MagiskCanary

Build version:
27007

Changelog:
https://github.com/topjohnwu/Magisk/releases/download/canary-27007/notes.md

Download:
app-release.apk

以下全是我对Magisk静默获取root权限漏洞的错误猜测，可以不看。

The following text is all my wrong guesses about the vulnerability of Magisk silently obtaining root permissions. You don’t need to read it.

关于昨天就开始传播的Magisk静默获取root权限漏洞视频，我认为不必过分惊慌。
首先，漏洞发现者表示该漏洞只能在部分设备上利用，其次，在演示视频中，演示用机为红米5 Plus（代号为vince，Soc为骁龙625），内核版本为3.18（等我调查清楚... 出厂内核版本为3.18，可更新至4.9，不过考虑到3.18不支持eBPF很难上Android 12，因此猜测视频中rom使用的内核为4.9），Android版本为12（但视频中没有展示Android安全补丁版本），因此有理由猜测该漏洞只能在比较旧的设备上触发。
因此，我建议各位始终坚持使用最新版本的rom（无论是官方还是非官方）以确保设备系统安全。

Regarding the video of Magisk silently obtaining root permissions that started to spread yesterday, I don't think there is any need to panic.
First, the vulnerability discoverer said that the vulnerability can only be exploited on some devices. Secondly, in the demonstration video, the demonstration device is Redmi 5 Plus (codenamed vince, Soc is Snapdragon 625), the kernel version is 3.18 (I'll confirm after I investigate... the factory kernel version is 3.18, which can be updated to 4.9. However, considering that the 3.18 kernel does not support eBPF and it is difficult to update to Android 12, it is speculated that the kernel used by the rom in the video is 4.9), and the Android version is 12 (but the Android security patch version is not shown in the video), so it is reasonable to guess that the vulnerability can only be triggered on older devices.
Therefore, I suggest that you always use the latest version of ROM (whether official or unofficial) to ensure the security of the system.

https://github.com/topjohnwu/Magisk/issues/8330#issuecomment-2305742145

破案了。27007已修复此漏洞。
简单来说，此漏洞只会影响那些没有预装GMS的rom。

Okay. 27007 has fixed this vulnerability.
Simply put, this vulnerability only affects those ROMs that do not have GMS pre-installed.

用简单易懂的话来解释一下这个漏洞的原理：
Magisk在检测到设备已安装GMS的情况下，会尝试调用com.google.android.gms（即Google Play服务）的某个方法，并且是以root权限调用的。
所以，攻击者可以伪造一个包名为com.google.android.gms的apk，并且实现Magisk需要调用的方法，然后Magisk就会以root权限执行攻击者编写的方法。
Magisk的修复方式也很简单：在尝试调用GMS的方法之前，先确保com.google.android.gms是系统应用。
因此，该漏洞不影响已预装了GMS的rom。
首先，攻击者伪造的恶意apk很难成为系统应用。其次，对于已预装了GMS的rom，即便是用户主动安装该恶意apk，因为攻击者伪造的com.google.android.gms apk签名肯定是与Google的签名不同的，所以肯定不会安装成功，漏洞自然也无法被利用，除非用户手贱用核心破解模块绕过了apk签名认证。

综上所述，我有以下几点建议：
1. 介于该漏洞的利用方式已完全公布，因此请Magisk用户立即更新到27007版本；
2. 谨慎使用核心破解模块，你可以在确实需要时暂时启用该模块，但在日常使用时务必禁用；
3. 永远记住，谨慎安装未知来源的apk。

Let me explain the principle of this vulnerability in simple and easy-to-understand words:
When Magisk detects that GMS is installed, it will try to call a method of com.google.android.gms (i.e. Google Play Services), and call it with root privileges.
Therefore, an attacker can forge an apk with the package name com.google.android.gms and implement the method that Magisk needs to call, and then Magisk will execute the method written by the attacker with root privileges.
The fix for Magisk is also very simple: before trying to call the GMS method, make sure that com.google.android.gms is a system app.
Therefore, this vulnerability does not affect ROMs pre-installed with GMS.
First, it's difficult for the malicious apk forged by the attacker to become a system app. Secondly, For ROMs pre-installed with GMS, even if the user actively installs the malicious apk, because the signature of the com.google.android.gms apk forged by the attacker is definitely different from that of Google, it will definitely not be installed successfully, and the vulnerability cannot be exploited, unless the user uses the core cracking module to bypass the apk signature authentication.

In summary, I have the following suggestions:
1. Since the exploit method of this vulnerability has been fully disclosed, for Magisk users, please update to version 27007 immediately;
2. Use the core cracking module with caution. You can temporarily enable the module when you really need it, but be sure to disable it in daily use;
3. Always remember to install apks from unknown sources with caution.

Linux 6.11-rc5 Released With Slimmed Down Set Of Bcachefs Fixes
25 August 2024 - Linux 6.11-rc5

The Linux 6.11-rc5 kernel is already out as stable today, roughly a half-day ahead of time due to travels by Linus Torvalds.

Comments

#Phoronix #LinuxKernel

对于感觉Melt Kernel比较耗电的用户，试试在安装过程中选择禁用“DAMON-based Reclamation”。
目前Melt Kernel预设的DAMON-based Reclamation相关参数有些不合理，会导致kdamond长时间保持活跃，从而消耗较多的电量。在之后的版本中我会进行优化调整。

For users who feel that Melt Kernel consumes too much power, try disabling "DAMON-based Reclamation" during the installation process.
The default DAMON-based Reclamation parameters of Melt Kernel are not appropriate, which will cause kdamond to remain active for a long time, thus consuming more power. I will make optimization adjustments in the next version.

Beyond Compare 5 Update
2024-08-28
#BeyondCompare5

Changelog:
https://www.scootersoftware.com/download/v5changelog

Download:
5.0.2, build 30045

One Of The Rust Linux Kernel Maintainers Steps Down - Cites "Nontechnical Nonsense"
29 August 2024 - Rust For Linux Resignation

One of the several Rust for Linux kernel maintainers has decided to step away from the project. The move is being driven at least in part due to having to deal with increased "nontechnical nonsense" raised around Rust programming language use within the Linux kernel.

Comments

#Phoronix #LinuxKernel

Xiaomi.eu Multilang HyperOS ROM stable Update
2024-08-29
#Marble #XiaomiEU #HyperOS #Stable

Build date:
Thu, 29 Aug 2024 10:17:28 UT

MD5:
abadf82c0a7988daaa527fc18e04ad9e

Download:
xiaomi.eu_MARBLE_OS1.0.6.0.UMRCNXM_14.zip

Size:
5.4 GB

Linux 6.12 To Optionally Display A QR Code During Kernel Panics
29 August 2024 - DRM Panic Handler QR Codes

Submitted today via DRM-Misc-Next to DRM-Next for staging ahead of the Linux 6.12 merge window in mid-September is optional support for displaying a QR code within the DRM Panic handler infrastructure when a Linux kernel panic occurs.

Comments

#Phoronix #LinuxKernel

今天下午更新HyperOS.eu到1.0.6.0.UMRCNXM，更新之后发现了一些问题：
1. Chrome闪退；
2. 其他app打开webview界面（比如：微信的“订阅号”）后闪退。
排除了内核、Magisk模块、Zygisk模块的影响后，初步怀疑是系统webview内核的问题。
打开设置 -> 更多设置 -> 开发者选项 -> WebView 实现，发现可选的WebView实现只有一个Android System WebView，版本号为127.0.6533.103。但在我的印象中，如果已经安装了Chrome的话，这里可选的WebView实现应该只有一个Chrome才对。
接下来开始解决问题。
首先解决问题2：卸载Chrome，这样app就会强制使用Android System WebView。
然后解决问题1：试着从Play商店重新安装Chrome，问题依旧。于是从APKMirror下载最新的Chrome apk，安装后问题解决。之后仍然可以从Play商店更新Chrome。

Rust Linux Developers Compared To Road Builders & Mapmakers
30 August 2024 - Airlie Comparison

Longtime Direct Rendering Manager (DRM) subsystem maintainer David Airlie of Red Hat has written an interesting blog post providing an analogy to types of developers compared to road builders and hotels.

Comments

#Phoronix #LinuxKernel