Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 49 min ago

Security updates for Friday

Friday 19th of July 2019 01:43:58 PM
Security updates have been issued by Debian (bzip2), Fedora (freetds, kernel, kernel-headers, and knot-resolver), openSUSE (bubblewrap, fence-agents, kernel, libqb, libu2f-host, pam_u2f, and tomcat), Oracle (vim), SUSE (kernel, LibreOffice, libxml2, and tomcat), and Ubuntu (libmspack and squid, squid3).

Cook: security things in Linux v5.2

Thursday 18th of July 2019 08:30:49 PM
Over on his blog, Kees Cook runs through the security changes that came in Linux 5.2. "While the SLUB and SLAB allocator freelists have been randomized for a while now, the overarching page allocator itself wasn't. This meant that anything doing allocation outside of the kmem_cache/kmalloc() would have deterministic placement in memory. This is bad both for security and for some cache management cases. Dan Williams implemented this randomization under CONFIG_SHUFFLE_PAGE_ALLOCATOR now, which provides additional uncertainty to memory layouts, though at a rather low granularity of 4MB (see SHUFFLE_ORDER). Also note that this feature needs to be enabled at boot time with page_alloc.shuffle=1 unless you have direct-mapped memory-side-cache (you can check the state at /sys/module/page_alloc/parameters/shuffle)."

[$] Kernel analysis with bpftrace

Thursday 18th of July 2019 06:35:03 PM
At the 2019 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM) Brendan Gregg gave a keynote on BPF observability that included a kernel issue he had debugged on Netflix production servers using bpftrace. In this article, he provides a crash course on bpftrace for kernel developers—to help them more easily analyze their code.

Subscribers can read on for a look at kernel analysis using bpftrace from the upcoming weekly edition.

Security updates for Thursday

Thursday 18th of July 2019 01:45:55 PM
Security updates have been issued by Arch Linux (chromium, firefox, and squid), CentOS (thunderbird and vim), Debian (libonig), SUSE (firefox, glibc, kernel, libxslt, and tomcat), and Ubuntu (libreoffice and thunderbird).

[$] LWN.net Weekly Edition for July 18, 2019

Thursday 18th of July 2019 12:14:31 AM
The LWN.net Weekly Edition for July 18, 2019 is available.

[$] What's coming in Python 3.8

Wednesday 17th of July 2019 05:44:14 PM
The Python 3.8 beta cycle is already underway, with Python 3.8.0b1 released on June 4, followed by the second beta on July 4. That means that Python 3.8 is feature complete at this point, which makes it a good time to see what will be part of it when the final release is made. That is currently scheduled for October, so users don't have that long to wait to start using those new features.

[$] Fedora, GNOME Software, and snap

Wednesday 17th of July 2019 03:10:51 PM
A question about the future of package distribution is at the heart of a disagreement about the snap plugin for the GNOME Software application in Fedora. In a Fedora devel mailing list thread, Richard Hughes raised multiple issues about the plugin and the direction that he sees Canonical taking with snaps for Ubuntu. He plans to remove support for the plugin for GNOME Software in Fedora 31.

Security updates for Wednesday

Wednesday 17th of July 2019 02:45:26 PM
Security updates have been issued by Debian (libreoffice), Red Hat (thunderbird), SUSE (ardana and crowbar, firefox, libgcrypt, and xrdp), and Ubuntu (nss, squid3, and wavpack).

Security updates for Tuesday

Tuesday 16th of July 2019 02:54:14 PM
Security updates have been issued by Fedora (expat and radare2), Oracle (thunderbird), Red Hat (389-ds-base, keepalived, libssh2, perl, and vim), Scientific Linux (thunderbird), SUSE (bzip2, kernel, podofo, systemd, webkit2gtk3, and xrdp), and Ubuntu (bash, nss, redis, squid, squid3, and Zipios).

LXD 3.15 released

Monday 15th of July 2019 03:22:14 PM
The LXD team has announced the release of LXD 3.15. "One big highlight is the transition to the dqlite 1.0 branch which will bring us more performance and reliability, both for our cluster users and for standalone installations. This rework moves a lot of the low-level database/replication logic to dedicated C libraries and significantly reduces the amount of back and forth going on between C and Go."

[$] Who's afraid of a big bad optimizing compiler?

Monday 15th of July 2019 03:10:05 PM
Our increasingly aggressive modern compilers produce increasingly surprising code optimizations. Some of these optimizations might be especially surprising to developers who assume that each plain C-language load or store will always result in an assembly-language load or store. Although this article is written for Linux kernel developers, many of these scenarios also apply to other concurrent code bases, keeping in mind that "concurrent code bases" also includes single-threaded code bases that use interrupts or signals.

Security updates for Monday

Monday 15th of July 2019 02:57:15 PM
Security updates have been issued by CentOS (firefox), Debian (libspring-java, ruby-mini-magick, and thunderbird), Fedora (fossil, python-django, snapd-glib, and thunderbird), openSUSE (helm and monitoring-plugins), Red Hat (cyrus-imapd, thunderbird, and vim), Scientific Linux (vim), Slackware (bzip2), SUSE (bubblewrap, bzip2, expat, glib2, kernel, php7, python3, and tomcat), and Ubuntu (exiv2, firefox, and flightcrew).

Three new stable kernels

Sunday 14th of July 2019 09:54:53 PM
Greg Kroah-Hartman has announced the release of the 5.2.1, 5.1.18, and 4.19.59 stable kernels. As is usual, they contain important fixes throughout the tree; users of those series should upgrade.

[$] 5.3 Merge window, part 1

Friday 12th of July 2019 08:51:26 PM
As of this writing, exactly 6,666 non-merge changesets have been pulled into the mainline repository for the 5.3 development cycle. The merge window has thus just begun, there is still quite a bit in the way of interesting changes to look at. Read on for a list of what has been merged so far.

What is Silverblue? (Fedora Magazine)

Friday 12th of July 2019 05:45:15 PM
Fedora Magazine has posted an introduction to the Silverblue distribution. "One of the main benefits is security. The base operating system is mounted as read-only, and thus cannot be modified by malicious software. The only way to alter the system is through the rpm-ostree utility. Another benefit is robustness. It’s nearly impossible for a regular user to get the OS to the state when it doesn’t boot or doesn’t work properly after accidentally or unintentionally removing some system library."

Security updates for Friday

Friday 12th of July 2019 01:17:53 PM
Security updates have been issued by CentOS (dbus), Debian (firefox-esr, python3.4, and redis), Mageia (ffmpeg), Oracle (firefox, libvirt, and qemu), Red Hat (firefox and virt:8.0.0), Scientific Linux (firefox), and SUSE (kernel).

[$] Bcachefs gets closer

Thursday 11th of July 2019 05:33:26 PM
When it comes to new filesystems for Linux, patience is certainly a virtue. Btrfs took years to mature and, according to some, still isn't ready yet. Tux3 has kept users waiting since at least 2008; as of 2018 its developer still said that it was progressing. By these measures, bcachefs is a relative youngster, having been first announced a mere four years ago. Development of this next-generation filesystem continues, and bcachefs developer Kent Overstreet recently proclaimed his desire to "get this sucker merged", but there are some obstacles to overcome still.

Conway: Infinite work is less work

Thursday 11th of July 2019 01:54:29 PM
Damian Conway writes about the power of infinite sequences in Perl 6.

The sequence of primes is just the sequence of positive integers, filtered (with a .grep) to keep only the ones that are prime. And, of course, Perl 6 already has a prime number tester: the built-in &is-prime function. The sequence of primes never changes, so we can declare it as a constant: constant p = [ (1..∞).grep( &is-prime ) ]; Now we need to extract just the strong and weak primes.

Security updates for Thursday

Thursday 11th of July 2019 01:52:27 PM
Security updates have been issued by Debian (dosbox and openjpeg2), Oracle (dbus and kernel), Scientific Linux (dbus), Slackware (mozilla), and SUSE (fence-agents, libqb, postgresql10, and sqlite3).

[$] LWN.net Weekly Edition for July 11, 2019

Thursday 11th of July 2019 12:12:05 AM
The LWN.net Weekly Edition for July 11, 2019 is available.

More in Tux Machines

Intel's Gallium3D Driver Is Running Much Faster Than Their Current OpenGL Linux Driver With Mesa 19.3

Last month I did some fresh benchmarks of Intel's new open-source OpenGL Linux driver with Mesa 19.2 and those results were looking good as tested with a Core i9 9900K. Since then, more Intel Gallium3D driver improvements have landed for what will become Mesa 19.3 next quarter. In taking another look at their former/current and new OpenGL drivers, here are fresh benchmarks of the latest code using a Core i7 8700K desktop as well as a Core i7 8550U Dell XPS laptop. This month so far Intel's new Gallium3D OpenGL driver has seen OpenGL 4.6 support added, an optimization to help the Java OpenGL performance (one of the deficiencies noted by our earlier rounds of benchmarks), and other performance work. For some weekend benchmarking fun I tested the Core i7 8700K desktop and Dell XPS 13 laptop with Core i7 8550U graphics while comparing the OpenGL driver options. The driver state for both the i965 and Iris Gallium3D drivers were of Mesa 19.3-devel Git as of this week and also running with the near-final Linux 5.3 kernel. Read more

This week in KDE

See, I told you I’d continue to blog about the cool things that have happened in KDE-land.

today's howtos

Databases: MariaDB, ScyllaDB, Percona, Cassandra

  • MariaDB opens US headquarters in California

    MariaDB Corporation, the database company born as a result of forking the well-known open-source MySQL database...

  • ScyllaDB takes on Amazon with new DynamoDB migration tool

    There are a lot of open-source databases out there, and ScyllaDB, a NoSQL variety, is looking to differentiate itself by attracting none other than Amazon users. Today, it announced a DynamoDB migration tool to help Amazon customers move to its product.

  • ScyllaDB Announces Alternator, an Open Source Amazon DynamoDB-Compatible API

    ScyllaDB today announced the Alternator project, open-source software that will enable application- and API-level compatibility between Scylla and Amazon’s NoSQL cloud database, Amazon DynamoDB. Scylla’s DynamoDB-compatible API will be available for use with Scylla Open Source, supporting the majority of DynamoDB use cases and features.

  • ScyllaDB Secures $25 Million to Open Source Amazon DynamoDB-compatible API

    Fast-growing NoSQL database company raises funds to extend operations and bring new deployment flexibility to users of Amazon DynamoDB.

  • ScyllaDB Announces Alternator, an Open Source Amazon DynamoDB-Compatible API

    ScyllaDB today announced the Alternator project, open-source software that will enable application- and API-level compatibility between Scylla and Amazon’s NoSQL cloud database, Amazon DynamoDB. Scylla’s DynamoDB-compatible API will be available for use with Scylla Open Source, supporting the majority of DynamoDB use cases and features.

  • ScyllaDB powers up Alternator: an open Amazon DynamoDB API

    Companies normally keep things pretty quiet in the run up to their annual user conferences, so they can pepper the press with a bag of announcements designed to show how much market momentum and traction that have going. Not so with ScyllaDB, the company has been dropping updates in advance of its Scylla Summit event in what is perhaps an unusually vocal kind of way. [...] Scylla itself is a real-time big data database that is fully compatible with Apache Cassandra and is known for its ‘shared-nothing’ approach (a distributed-computing architecture in which each update request is satisfied by a single node –processor/memory/storage unit to increase throughput and storage capacity.

  • Percona Announces Full Conference Schedule for Percona Live Open Source Database Conference Europe 2019

    The Percona Live Open Source Database Conference Europe 2019 is the premier open source database event. Percona Live conferences provide the open source database community with an opportunity to discover and discuss the latest open source trends, technologies and innovations. The conference includes the best and brightest innovators and influencers in the open source database industry.

  • Thwarting Digital Ad Fraud at Scale: An Open Source Experiment with Anomaly Detection

    Our experiment assembles Kafka, Cassandra, and our anomaly detection application in a Lambda architecture, in which Kafka and our streaming data pipeline are the speed layer, and Cassandra acts as the batch and serving layer. In this configuration, Kafka makes it possible to ingest streaming digital ad data in a fast and scalable manner, while taking a “store and forward” approach so that Kafka can serve as a buffer to protect the Cassandra database from being overwhelmed by major data surges. Cassandra’s strength is in storing high-velocity streams of ad metric data in its linearly scalable, write-optimized database. In order to handle automation for provisioning, deploying, and scaling the application, the anomaly detection experiment relies on Kubernetes on AWS EKS.