Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 1 hour 1 min ago

[$] What happens to kernel staging-tree code

Thursday 5th of September 2019 03:42:13 PM
The staging tree was added to the kernel in 2008 for the 2.6.28 development cycle as a way to ease the process of getting substandard device drivers into shape and merged into the mainline. It has been followed by controversy for just about as long. The recent disagreements over the EROFS and exFAT filesystems have reignited many of the arguments over whether the staging tree is beneficial to the kernel community or not. LWN cannot answer that question, but we can look into what has transpired in the staging tree in its first eleven years to see if there are any conclusions to be drawn there. A lot of code has gone into the staging tree over the years; what happened to it thereafter?

Security updates for Thursday

Thursday 5th of September 2019 02:42:31 PM
Security updates have been issued by Debian (webkit2gtk), Fedora (systemd), openSUSE (go1.11, python-Twisted, SDL2_image, SDL_image, and wavpack), Oracle (kdelibs and kde-settings, kernel, and qemu-kvm), Red Hat (chromium-browser and firefox), Slackware (seamonkey), SUSE (java-1_8_0-ibm, kernel, and python-urllib3), and Ubuntu (firefox and npm/fstream).

Google's differential privacy library

Thursday 5th of September 2019 01:31:25 PM
Google has announced the release of a new library for applications using differential privacy techniques. "Differentially-private data analysis is a principled approach that enables organizations to learn from the majority of their data while simultaneously ensuring that those results do not allow any individual's data to be distinguished or re-identified. This type of analysis can be implemented in a wide variety of ways and for many different purposes. For example, if you are a health researcher, you may want to compare the average amount of time patients remain admitted across various hospitals in order to determine if there are differences in care. Differential privacy is a high-assurance, analytic means of ensuring that use cases like this are addressed in a privacy-preserving manner."

[$] LWN.net Weekly Edition for September 5, 2019

Thursday 5th of September 2019 12:10:20 AM
The LWN.net Weekly Edition for September 5, 2019 is available.

Linux Plumbers Conference waiting list closed; just a few days until the conference

Wednesday 4th of September 2019 09:40:26 PM
The Linux Plumbers Conference has filled up and has closed its waiting list. "All of the spots available have been allocated, so anyone who is not registered at this point will have to wait for next year. There will be no on-site registration. We regret that we could not accommodate everyone. The good news is that all of the microconferences, refereed talks, Kernel summit track, and Networking track will be recorded on video and made available as soon as possible after the conference. Anyone who could not make it to Lisbon this year will at least be able to catch up with what went on. Hopefully those who wanted to come will make it to a future LPC." LPC will be held in Lisbon, Portugal, September 9-11.

[$] Kernel runtime security instrumentation

Wednesday 4th of September 2019 04:49:33 PM
Finding ways to make it easier and faster to mitigate an ongoing attack against a Linux system at runtime is part of the motivation behind the kernel runtime security instrumentation (KRSI) project. Its developer, KP Singh, gave a presentation about the project at the 2019 Linux Security Summit North America (LSS-NA), which was held in late August in San Diego. A prototype of KRSI is implemented as a Linux security module (LSM) that allows eBPF programs to be attached to the kernel's security hooks.

Security updates for Wednesday

Wednesday 4th of September 2019 02:56:07 PM
Security updates have been issued by Arch Linux (grafana, irssi, and jenkins), Debian (freetype, samba, and varnish), Fedora (community-mysql, kernel, kernel-headers, kernel-tools, and python-mitogen), openSUSE (postgresql10 and python-SQLAlchemy), Oracle (kdelibs and kde-settings and squid:4), Red Hat (kdelibs and kde-settings, kernel, kernel-rt, openstack-nova, qemu-kvm, and redis), Scientific Linux (kdelibs and kde-settings, kernel, and qemu-kvm), SUSE (ansible, java-1_7_1-ibm, libosinfo, php53, and qemu), and Ubuntu (irssi, samba, and systemd).

[$] Maintaining the kernel's web of trust

Wednesday 4th of September 2019 12:49:38 PM
A typical kernel development cycle involves pulling patches from over 100 repositories into the mainline. Any of those pulls could conceivably bring with it malicious code, leaving the kernel (and its users) open to compromise. The kernel's web of trust helps maintainers to ensure that pull requests are legitimate, but that web has become difficult to maintain in the wake of the recent attacks on key servers and other problems. So now the kernel community is taking management of its web of trust into its own hands.

grsecurity: Teardown of a Failed Linux LTS Spectre Fix

Tuesday 3rd of September 2019 09:52:40 PM
This grsecurity blog entry looks at how an ineffective Spectre fix found its way into the stable kernel releases. If one looks past the advertising, it's a good summary of how the kernel processes can produce the wrong result. "Despite this warning, this code was merged into Thomas Gleixner's x86/tip tree verbatim, as can be seen here. Prior to merging the fix for 5.3-rc1, Linus Torvalds noticed the warning as seen on the LKML mailing list here and fixed it correctly. However, when the actual merge of the tree was performed, no mention was made of the correction to the fix, and with no specific commit mentioning the correction and fixing it alone, everyone else's processes that depended on cherry-picking specific commits ended up grabbing the bad warning-inducing change. As a further failure, instead of looking at Linus' correct fix (observable by checking out the master tree at the time), the approach seems to have been to naively silence the warning by simply swapping the order of the two lines."

[$] CHAOSS project bringing order to open-source metrics

Tuesday 3rd of September 2019 06:41:27 PM
Providing meaningful metrics for open-source projects has long been a challenge, as simply measuring downloads, commits, or GitHub stars typically doesn't say much about the health or diversity of a project. It's a challenge the Linux Foundation's Community Health Analytics Open Source Software (CHAOSS) project is looking to help solve. At the 2019 Open Source Summit North America (OSSNA), Matt Germonprez, one of the founding members of CHAOSS, outlined what the group is currently doing and why its initial efforts didn't work out as expected.

Android 10 released

Tuesday 3rd of September 2019 06:29:59 PM
Google has announced the release of Android 10, the free parts of which are available from the Android Open Source Project now. "Privacy is a central focus in Android 10, from stronger protections in the platform to new features designed with privacy in mind. Building on previous releases, Android 10 includes extensive changes to protect privacy and give users control, with improved system UI, stricter permissions, and restrictions on what data apps can use."

Firefox 69.0 released

Tuesday 3rd of September 2019 02:55:44 PM
Firefox 69.0 has been released. This release enables on-by-default Enhanced Tracking Protection for all users and gives more control over blocking playback of videos which start playing automatically. See the release notes for details.

Security updates for Tuesday

Tuesday 3rd of September 2019 02:39:52 PM
Security updates have been issued by Debian (qemu), Fedora (ansible and wavpack), openSUSE (apache-commons-beanutils, apache2, go1.12, httpie, libreoffice, qemu, and slurm), Oracle (ghostscript), Scientific Linux (ghostscript), SUSE (ardana-ansible, ardana-barbican, ardana-cinder, ardana-cluster, ardana-cobbler, ardana-db, ardana-designate, ardana-extensions-nsx, ardana-glance, ardana-heat, ardana-horizon, ardana-input-model, ardana-installer-ui, ardana-ironic, ardana-keystone, ardana-logging, ardana-magnum, ardana-monasca, ardana-mq, ardana-neutron, ardana-nova, ardana-octavia, ardana-opsconsole, ardana-opsconsole-ui, ardana-osconfig, ardana-service, ardana-ses, ardana-swift, ardana-tempest, crowbar-core, crowbar-ha, crowbar-openstack, crowbar-ui, java-monasca-common, java-monasca-common-kit, openstack-ceilometer, openstack-cinder, openstack-designate, openstack-heat, openstack-horizon-plugin-neutron-fwaas-ui, openstack-horizon-plugin-neutron-lbaas-ui, openstack-horizon-plugin-neutron-vpnaas-ui, openstack-ironic, openstack-ironic-python-agent, openstack-keystone, openstack-magnum, openstack-manila, openstack-monasca-notification, openstack-monasca-persister, openstack -monasca-persister-java, openstack-monasca-persister-java-kit, openstack-neutron, openstack-neutron-gbp, openstack-neutron-lbaas, openstack-nova, openstack-octavia, openstack-tempest, python-ardana-configurationprocessor, python-cinder-tempest-plugin, python-ironicclient, python-keystonemiddleware, python-monasca-tempest-plugin, python-openstackclient, python-openstacksdk, python-proliantutils, python-python-engineio, python-swiftlm, python-vmware-nsx, python-vmware-nsxlib, yast2-crowbar, pacemaker, and php72), and Ubuntu (linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-aws, linux-oracle, linux-raspi2, linux-raspi2, linux-snapdragon, and policykit-1).

[$] Bias and ethical issues in machine-learning models

Monday 2nd of September 2019 11:16:13 PM
The success stories that have gathered around data analytics drive broader adoption of the newest artificial-intelligence-based techniques—but risks come along with these techniques. The large numbers of freshly anointed data scientists piling into industry and the sensitivity of the areas given over to machine-learning models—hiring, loans, even sentencing for crime—means there is a danger of misapplied models, which is earning the attention of the public. Two sessions at the recent MinneBOS 2019 conference focused on maintaining ethics and addressing bias in machine-learning applications.

Kernel prepatch 5.3-rc7

Monday 2nd of September 2019 05:32:45 PM
The 5.3-rc7 kernel prepatch is out for testing, one day later than usual. The final 5.3 release may also be delayed a week to accommodate Linus's travel schedule: "So I do suspect that with my timing (and a number of other developers are probably going to be traveling for LPC and KS too) I'll just make an rc8 even if it turns this Labor Day week ends up being very quiet and there might not be any _technical_ reason to delay the release."

Security updates for Monday

Monday 2nd of September 2019 02:19:15 PM
Security updates have been issued by Debian (gosa, libav, libextractor, nghttp2, pump, and python2.7), Fedora (dovecot, mod_http2, and pango), Gentoo (dovecot, gnome-desktop, libofx, and nautilus), Mageia (ansible, ghostscript, graphicsmagick, memcached, mpg123, pango, vlc, wavpack, webmin, wireshark, and wpa_supplicant, hostapd), openSUSE (flatpak, libmirage, podman, slirp4netns and libcontainers-common, python-SQLAlchemy, and qemu), Red Hat (ghostscript, java-1.8.0-ibm, and squid:4), and SUSE (kernel, libsolv, libzypp, zypper, NetworkManager, nodejs10, nodejs8, perl, python-Django, and python-SQLAlchemy).

[$] Examining exFAT

Friday 30th of August 2019 06:43:28 PM
Linux kernel developers like to get support for new features — such as filesystem types — merged quickly. In the case of the exFAT filesystem, that didn't happen; exFAT was created by Microsoft in 2006 for use in larger flash-storage cards, but there has never been support in the kernel for this filesystem. Microsoft's recent announcement that it wanted to get exFAT support into the mainline kernel would appear to have removed the largest obstacle to Linux exFAT support. But, as is so often the case, it seems that some challenges remain.

A very deep dive into iOS Exploit chains found in the wild (Project Zero)

Friday 30th of August 2019 03:59:37 PM
It's not Linux but is worth a read: Google's Project Zero blog has a highly detailed analysis of several iOS exploits and how they were used to compromise large numbers of devices. "There's something thus far which is conspicuous only by its absence: is any of this encrypted? The short answer is no: they really do POST everything via HTTP (not HTTPS) and there is no asymmetric (or even symmetric) encryption applied to the data which is uploaded. Everything is in the clear. If you're connected to an unencrypted WiFi network this information is being broadcast to everyone around you, to your network operator and any intermediate network hops to the command and control server. This means that not only is the end-point of the end-to-end encryption offered by messaging apps compromised; the attackers then send all the contents of the end-to-end encrypted messages in plain text over the network to their server."

Security updates for Friday

Friday 30th of August 2019 12:56:46 PM
Security updates have been issued by Arch Linux (dovecot, gettext, go, go-pie, libnghttp2, and pigeonhole), Debian (djvulibre, dovecot, and subversion), Fedora (sleuthkit and wireshark), openSUSE (containerd, docker, docker-runc, and qbittorrent), Oracle (pango), SUSE (kernel, nodejs10, and python-SQLAlchemy), and Ubuntu (apache2).

[$] Change IDs for kernel patches

Thursday 29th of August 2019 04:58:52 PM
For all its faults, email has long proved to be an effective communication mechanism for kernel development. Similarly, Git is an effective tool for source-code management. But there is no real connection between the two, meaning that there is no straightforward way to connect a Git commit with the email discussions that led to its acceptance. Once a patch enters a repository, it transitions into a new form of existence and leaves its past life behind. Doug Anderson recently went to the ksummit-discuss list with a proposal to add Gerrit-style change IDs as a way of connecting the two lives of a kernel patch; the end result may not be quite what he was asking for.

More in Tux Machines

Android Leftovers

Intel's Gallium3D Driver Is Running Much Faster Than Their Current OpenGL Linux Driver With Mesa 19.3

Last month I did some fresh benchmarks of Intel's new open-source OpenGL Linux driver with Mesa 19.2 and those results were looking good as tested with a Core i9 9900K. Since then, more Intel Gallium3D driver improvements have landed for what will become Mesa 19.3 next quarter. In taking another look at their former/current and new OpenGL drivers, here are fresh benchmarks of the latest code using a Core i7 8700K desktop as well as a Core i7 8550U Dell XPS laptop. This month so far Intel's new Gallium3D OpenGL driver has seen OpenGL 4.6 support added, an optimization to help the Java OpenGL performance (one of the deficiencies noted by our earlier rounds of benchmarks), and other performance work. For some weekend benchmarking fun I tested the Core i7 8700K desktop and Dell XPS 13 laptop with Core i7 8550U graphics while comparing the OpenGL driver options. The driver state for both the i965 and Iris Gallium3D drivers were of Mesa 19.3-devel Git as of this week and also running with the near-final Linux 5.3 kernel. Read more

This week in KDE

See, I told you I’d continue to blog about the cool things that have happened in KDE-land. Read more

today's howtos