Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 33 min ago

Sunday's surfeit of stable kernels

8 hours 9 min ago
The 5.11.4, 5.10.21, 5.4.103, 4.19.179, 4.14.224, 4.9.260, and 4.4.260 stable kernels have all been released; each contains yet another set of important fixes.

Kernel prepatch 5.12-rc2

Sunday 7th of March 2021 12:33:40 AM
Linus has released 5.12-rc2 a little sooner than would normally be expected due to the problems with 5.12-rc1. "Other than that it all looks pretty normal".

[$] Lockless patterns: full memory barriers

Friday 5th of March 2021 04:29:51 PM
The first two articles in this series introduced four ways to order memory accesses: load-acquire and store-release operations in the first installment, read and write memory barriers in the second. The series continues with an exploration of full memory barriers, why they are more expensive, and how they are used in the kernel.

Security updates for Friday

Friday 5th of March 2021 02:23:55 PM
Security updates have been issued by Fedora (389-ds-base, dogtag-pki, dpdk, freeipa, isync, openvswitch, pki-core, and screen), Mageia (bind, chromium-browser-stable, gnome-autoar, jasper, openldap, openssl and compat-openssl10, screen, webkit2, and xpdf), Oracle (grub2), Red Hat (java-1.7.1-ibm, java-1.8.0-ibm, nodejs:10, and nodejs:12), SUSE (freeradius-server), and Ubuntu (wpa).

[$] BPF meets io_uring

Thursday 4th of March 2021 06:04:18 PM
Over the last couple of years, a lot of development effort has gone into two kernel subsystems: BPF and io_uring. The BPF virtual machine allows programs from user space to be safely run within the context of the kernel, while io_uring addresses the longstanding problem of running system calls asynchronously. As the two subsystems expand, it was inevitable that the two would eventually meet; the first encounter happened in mid-February with this patch set from Pavel Begunkov adding the ability to run BPF programs from within io_uring.

A warning about 5.12-rc1

Thursday 4th of March 2021 05:42:17 PM
Linus Torvalds has sent out a note telling people not to install the recent 5.12-rc1 development kernel; this is especially true for anybody running with swap files. "But I want everybody to be aware of because _if_ it bites you, it bites you hard, and you can end up with a filesystem that is essentially overwritten by random swap data. This is what we in the industry call 'double ungood'." Additionally, he is asking maintainers to not start branches from 5.12-rc1 to avoid future situations where people land in the buggy code while bisecting problems.

A large pile of stable kernels

Thursday 4th of March 2021 02:22:53 PM
Greg Kroah-Hartman has released the 5.11.3, 5.10.20, 5.4.102, 4.19.178, 4.14.223, 4.9.259, and 4.4.259 stable kernels. These are generally enormous updates, with important changes throughout the kernel tree; users should upgrade.

Security updates for Thursday

Thursday 4th of March 2021 02:06:34 PM
Security updates have been issued by Fedora (389-ds-base, dogtag-pki, freeipa, isync, pki-core, and screen), Mageia (firefox, kernel, kernel-linus, libtiff, nonfree-firmware, and thunderbird), Red Hat (bind and java-1.8.0-ibm), Scientific Linux (grub2), and SUSE (kernel-firmware, openldap2, postgresql12, and python-cryptography).

[$] LWN.net Weekly Edition for March 4, 2021

Thursday 4th of March 2021 02:18:56 AM
The LWN.net Weekly Edition for March 4, 2021 is available.

[$] Alternative syntax for Python's lambda

Wednesday 3rd of March 2021 10:07:39 PM
The Python lambda keyword, which can be used to create small, anonymous functions, comes from the world of functional programming, but is perhaps not the most beloved of Python features. In part, that may be because it is somewhat clunky to use, especially in comparison to the shorthand notation offered by other languages, such as JavaScript. That has led to some discussions on possible changes to lambda in Python mailing lists since mid-February.

OpenSSH 8.5 released

Wednesday 3rd of March 2021 04:00:21 PM
OpenSSH 8.5 has been released. It includes fixes for a couple of potential security problems (one of which only applies to Solaris hosts); it also enables UpdateHostKeys by default, allowing hosts with insecure keys to upgrade them without creating scary warnings for users. There are a lot of other small changes; see the announcement for details.

Security updates for Wednesday

Wednesday 3rd of March 2021 03:59:47 PM
Security updates have been issued by CentOS (bind), Debian (adminer, grub2, spip, and wpa), Mageia (openjpeg2, wpa_supplicant, and xterm), openSUSE (avahi, bind, firefox, ImageMagick, java-1_8_0-openjdk, nodejs10, and webkit2gtk3), Red Hat (container-tools:1.0, container-tools:2.0, grub2, and virt:rhel and virt-devel:rhel), SUSE (bind, gnome-autoar, grub2, and nodejs8), and Ubuntu (python2.7 and wpa).

[$] PipeWire: The Linux audio/video bus

Tuesday 2nd of March 2021 09:34:03 PM
For more than a decade, PulseAudio has been serving the Linux desktop as its predominant audio mixing and routing daemon — and its audio API. Unfortunately, PulseAudio's internal architecture does not fit the growing sandboxed-applications use case, even though there have been attempts to amend that. PipeWire, a new daemon created (in part) out of these attempts, will replace PulseAudio in the upcoming Fedora 34 release. It is a coming transition that deserves a look.

Security updates for Tuesday

Tuesday 2nd of March 2021 04:18:25 PM
Security updates have been issued by Arch Linux (bind, intel-ucode, ipmitool, isync, openssl, python, python-cryptography, python-httplib2, salt, tar, and thrift), Fedora (ansible, salt, webkit2gtk3, and wpa_supplicant), Oracle (bind), Red Hat (bind, kernel, and kpatch-patch), Scientific Linux (bind), SUSE (firefox, gnome-autoar, java-1_8_0-ibm, java-1_8_0-openjdk, nodejs10, open-iscsi, perl-XML-Twig, python-cryptography, and thunderbird), and Ubuntu (bind9).

[$] 5.12 merge window, part 2

Monday 1st of March 2021 09:02:02 PM
The 5.12 merge window closed with the release of 5.12-rc1 on February 28; this released followed the normal schedule despite the fact that Linus Torvalds had been without power for the first six days after 5.11 came out. At that point, 10,886 non-merge changesets had found their way into the mainline repository; about 2,000 of those showed up after the first-half merge-window summary was written. The pace of merging obviously slowed down, but there were still a number of interesting features to be found in those patches.

Security updates for Monday

Monday 1st of March 2021 04:31:44 PM
Security updates have been issued by CentOS (firefox, ImageMagick, libexif, thunderbird, and xorg-x11-server), Debian (docker.io, python-aiohttp, and thunderbird), Fedora (chromium, firefox, kernel, and rygel), Mageia (nodejs, pix, and subversion), openSUSE (glibc, gnuplot, nodejs12, nodejs14, pcp, python-cryptography, qemu, and salt), Red Hat (bind and podman), and SUSE (csync2, glibc, java-1_8_0-ibm, nodejs12, nodejs14, python-Jinja2, and rpmlint).

Garrett: Making hibernation work under Linux Lockdown

Monday 22nd of February 2021 03:25:40 PM
Matthew Garrett recently posted a patch set enabling hibernation on systems that are running in the UEFI secure-boot lockdown mode. This blog entry gets into the details of how it all works. "When we encrypt material with the TPM, we can ask it to record the PCR state. This is given back to us as metadata accompanying the encrypted secret. Along with the metadata is an additional signature created by the TPM, which can be used to prove that the metadata is both legitimate and associated with this specific encrypted data. In our case, that means we know what the value of PCR 23 was when we encrypted the key. That means that if we simply extend PCR 23 with a known value in-kernel before encrypting our key, we can look at the value of PCR 23 in the metadata. If it matches, the key was encrypted by the kernel - userland can create its own key, but it has no way to extend PCR 23 to the appropriate value first. We now know that the key was generated by the kernel."

Kodi 19 released

Monday 22nd of February 2021 03:11:36 PM
Version 19 of the Kodi "entertainment center" application is out with a long list of new features.

For audio and music lovers, there are significant improvements across the board to metadata handling: library improvements, new tags, new displays, improvements to how Kodi handles release dates, album durations, multi-disc sets, and more. There's a new, Matrix-inspired visualisation, there are improvements to display when fetching files from a web server, and several changes to how audio decoder addons can pass information through to the Kodi player.

For video, most of the changes are more technical, and may depend on your hardware: AV1 software decoding, HLG HDR and static HDR10 playback on Windows 10, static HDR10 and dynamic Dolby Vision HDR support on Android, and more OpenGL bicubic scalers.

Security updates for Monday

Monday 22nd of February 2021 02:41:37 PM
Security updates have been issued by Debian (chromium, libzstd, openldap, openvswitch, screen, and wpa), Fedora (dotnet5.0, subversion, and wpa_supplicant), openSUSE (mumble, python-djangorestframework, and tor), Oracle (container-tools:ol8, kernel, nodejs:10, nodejs:12, nodejs:14, subversion:1.10, and xterm), Red Hat (stunnel and xterm), and SUSE (ImageMagick, java-1_8_0-openjdk, kernel, krb5-appl, python3, tomcat, and webkit2gtk3).

[$] An introduction to lockless algorithms

Friday 19th of February 2021 06:33:32 PM
Lockless algorithms are of interest for the Linux kernel when traditional locking primitives either cannot be used or are not performant enough. For this reason they come up every now and then on LWN; one of the last mentions, which prompted me to write this article series, was last July. Topics that arise even more frequently are read-copy-update (RCU — these articles from 2007 are still highly relevant), reference counting, and ways of wrapping lockless primitives into higher-level, more easily understood APIs. These articles will delve into the concepts behind lockless algorithms and how they are used in the kernel.

More in Tux Machines

Audiocasts/Shows: Open Source Security Podcast, Linux Action News, and SMLR

Review: Artix Linux in 2021

Artix Linux is a fork (or continuation as an autonomous project) of the Arch-OpenRC and Manjaro-OpenRC projects. Artix Linux offers a lightweight, rolling-release operating system featuring alternative init software options, including OpenRC, runit, and s6. The distribution is available in many editions, including Base, Cinnamon, LXDE, LXQt, MATE, KDE Plasma and Xfce. With all of the desktop options, combined with the available init choices, there are 21 editions, not including community spins from which to choose. All editions appear to be built for 64-bit (x86_64) machines. Picking randomly, I selected Artix's Plasma edition featuring the runit init software. The download for this edition is is 1.3GB. Browsing the other editions it looks like most flavours are about 1.1GB to 1.3GB in size, though the minimal Base edition is a compact 618MB. The project's live media boots to the KDE Plasma desktop. On the desktop we find multiple documentation and README icons. There is also an icon for launching the system installer. The default layout places a panel at bottom of the screen where we can find the application menu and system tray. The default wallpaper is a soft blue while the theme for windows and menus is dark with high contrast fonts. [...] Artix Linux is one of those distributions I really enjoy using and yet struggle to review in a meaningful way because it doesn't really go out of its way to introduce new or exciting features and everything works smoothly. The distribution is wonderfully easy to install, offers top-notch performance, and is unusually light on resources. Artix is somewhat minimal, but still ships enough software to be immediately useful right out of the gate. We can browse the web, install packages, view files, and play videos. Meanwhile the application menu isn't cluttered with a lot of extras. The developers clearly expect us to install the functionality we need, while doing a really good job of providing enough for the desktop environment to feel base-line useful right from the start. Artix does a nice job of balancing performance and functionality while also juggling ease of use against not getting in the way. There is a little documentation, but no initial welcome screen or configuration wizards that might distract the user. The one piece I felt was missing was a graphical package manager which would have made it easier to build the extra functionality I wanted on top of the base distribution. However, that one piece aside, I felt as though Artix was really well designed and put together, at lease for someone like me. It's not a distribution geared toward beginners, it's not a "first distro". It is a bit minimal and requires command line knowledge. However, for someone with a little experience with Linux, for someone who doesn't mind the occasional trip to the command line or installing new applications as needed, then Artix provides an excellent experience. It's fast, light, looks (in my opinion) great with the default theme, and elegantly walks the line between minimalism and having enough applications ready to go out of the box to be immediately useful. I'm unusually impressed with how smooth and trouble-free my experience was with this distribution and the fact it offers such a range of desktop and init diversity is all the more appealing. Read more

Alpine Linux Review: Ultimate Distro for Power Users

Alpine Linux is gathering a lot of attention because of its super-small size and focus on security. However, Alpine is different from some of the other lightweight distros we covered on FOSSLinux. It isn’t your typical desktop distribution as it is terminal-based like Arch and is marketed as a “general purpose distro.” It is currently widely adopted as a Docker container thanks to its ultra-small footprint. However, it can be used for all sorts of Linux deployments that benefit from small, resource-efficient Linux distros. Now, that statement might feel too generic. But don’t worry, as we have put together an in-depth and comprehensive review of Alpine Linux, giving you a detailed look at what it has under the hood and how to use it. As such, by the end, you should have a clear understanding of whether you should consider Alpine Linux as your next Linux distro. So without further ado, let’s dive in. Read more

Programming Leftovers

  • How to manipulate strings in bash

    Without explicit support for variable types, all bash variables are by default treated as character strings. Therefore more often than not, you need to manipulate string variables in various fashions while working on your bash script. Unless you are well-versed in this department, you may end up constantly coming back to Google and searching for tips and examples to handle your specific use case. In the spirit of saving your time and thus boosting your productivity in shell scripting, I compile in this tutorial a comprehensive list of useful string manipulation tips for bash scripting. Where possible I will try to use bash's built-in mechanisms (e.g., parameter expansion) to manipulate strings instead of invoking external tools such as awk, sed or grep. If you find any missing tips, feel free to suggest it in the comment. I will be happy to incorporate it in the article.

  • Python Generators

    Python generators are very powerful for handling operations which require large amount of memory.

  • We got lucky

    If you’re having enough production incidents to be able to evaluate your preparation, you’re probably either unlucky or unprepared ;) If you have infrequent incidents you may be well prepared but it’s hard to tell. Chaos engineering experiments are a great way to test your preparation, and practice incident response in a less stressful context. It may seem like a huge leap from your current level of preparation to running automated chaos monkeys in production, but you don’t need to go straight there. Why not start with practice drills? You could have a game host who comes up with a failure scenario. You can work up to chaos in production.

  • React Testing Library – Tutorial with JavaScript Code Examples

    This post will help you to learn what React Testing Library is, and how you can use it to test your React application. This tutorial will assume you already know some basic JavaScript and understand the basics of how React works. React Testing Library is a testing utility tool that's built to test the actual DOM tree rendered by React on the browser. The goal of the library is to help you write tests that resembles how a user would use your application, so that you'll have more confidence that your application work as intended when a real user do use it.

  • Why I Moved From Ops to DevOps (and why you might want to)