Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 34 min ago

Kernel prepatch 5.2-rc5

Sunday 16th of June 2019 10:54:13 PM
The 5.2-rc5 kernel prepatch is out for testing. "But the good news is that we're getting to the later parts of the rc series, and things do seem to be calming down. I was hoping rc5 would end up smaller than rc4, and so it turned out."

Some weekend stable kernel updates

Saturday 15th of June 2019 04:52:02 PM
There's yet another set of stable kernel updates out there: 5.1.10, 4.19.51, and 4.14.126. Each contains another set of important fixes.

[$] Dueling memory-management performance regressions

Friday 14th of June 2019 04:04:05 PM
The 2019 Linux Storage, Filesystem, and Memory-Management Summit included a detailed discussion about a memory-management fix that addressed one performance regression while causing another. That fix, which was promptly reverted, is still believed by most memory-management developers to implement the correct behavior, so a patch posted by Andrea Arcangeli in early May has relatively broad support. That patch remains unapplied as of this writing, but the discussion surrounding it has continued at a slow pace over the last month. Memory-management subsystem maintainer Andrew Morton is faced with a choice: which performance regression is more important?

Security updates for Friday

Friday 14th of June 2019 02:15:54 PM
Security updates have been issued by Arch Linux (gvim, lib32-openssl, openssl, and vim), Debian (dbus), Fedora (dovecot, evince, js-jquery-jstree, libxslt, php-phpmyadmin-sql-parser, and phpMyAdmin), openSUSE (neovim and rubygem-rack), Oracle (docker-engine and python), Scientific Linux (python), Slackware (mozilla), and SUSE (containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork, elfutils, libvirt, and python-requests).

[$] Short waits with umwait

Thursday 13th of June 2019 05:04:51 PM
If a user-space process needs to wait for some event to happen, there is a whole range of mechanisms provided by the kernel to make that easy. But calling into the kernel tends not to work well for the shortest of waits — those measured in small numbers of microseconds. For delays of this magnitude, developers often resort to busy loops, which have a much smaller potential for turning a small delay into a larger one. Needless to say, busy waiting has its own disadvantages, so Intel has come up with a set of instructions to support short delays. A patch set from Fenghua Yu to support these instructions is currently working its way through the review process.

Security updates for Thursday

Thursday 13th of June 2019 01:02:57 PM
Security updates have been issued by Fedora (firefox, kernel, kernel-headers, libreswan, python-urllib3, and vim), Red Hat (python), SUSE (sssd), and Ubuntu (dbus).

[$] LWN.net Weekly Edition for June 13, 2019

Thursday 13th of June 2019 12:51:50 AM
The LWN.net Weekly Edition for June 13, 2019 is available.

[$] Paying (some) Debian developers

Wednesday 12th of June 2019 09:56:34 PM
In an offshoot of the Debian discussion we looked at last week, the Debian project has been discussing the idea of paying developers to work on the distribution. There is some history behind the idea, going back to the controversial Dunc-Tank initiative in 2006, but some think attitudes toward funding developers may have changed—or that a new approach might be better accepted. While it is playing out with regard to Debian right now, it is a topic that other projects have struggled with along the way—and surely will again.

Security updates for Wednesday

Wednesday 12th of June 2019 03:17:11 PM
Security updates have been issued by Debian (libgd2, mediawiki, otrs2, vlc, and zookeeper), Fedora (containernetworking-plugins, kernel, kernel-headers, nodejs-tough-cookie, podman, python-django, and python-urllib3), openSUSE (virtualbox), SUSE (gnome-shell, libcroco, and php7), and Ubuntu (dbus, Neovim, and vim).

[$] Python and "dead" batteries

Wednesday 12th of June 2019 12:44:54 PM
Python is, famously, a "batteries included" language; it comes with a rich standard library right out of the box, which makes for a highly useful starting point for everyone. But that does have some downsides as well. The standard library modules are largely maintained by the CPython core developers, which adds to their duties; the modules themselves are subject to the CPython release schedule, which may be suboptimal. For those reasons and others, there have been thoughts about retiring some of the older modules; it is a topic that has come up several times over the last year or so.

Introducing Matrix 1.0 and the Matrix.org Foundation

Tuesday 11th of June 2019 08:31:47 PM
The Matrix team has announced the first stable release of the Matrix protocol and specification across all APIs. The Synapse 1.0 reference implementation, which implements the full Matrix 1.0 API surface, has also been released. "Now, before you get too excited, it’s critical to understand that Matrix 1.0 is all about providing a stable, self-consistent, self-contained and secure version of the standard which anyone should be able to use to independently implement production-grade Matrix clients, servers, bots and bridges etc. It does not mean that all planned or possible features in Matrix are now specified and implemented, but that the most important core of the protocol is a well-defined stable platform for everyone to build on. On the Synapse side, our focus has been exclusively on ensuring that Synapse correctly implements Matrix 1.0, to provide a stable and secure basis for participating in Matrix without risk of room corruption or other nastinesses." The announcement also covers the launch of the Matrix.org Foundation.

[$] Generalized events notification and security policies

Tuesday 11th of June 2019 03:29:30 PM
Interfaces for the reporting of events to user space from the kernel have been a recurring topic on the kernel mailing lists for almost as long as the kernel has existed; LWN covered one 15 years ago, for example. Numerous special-purpose event-reporting APIs exist, but there are none that are designed to be a single place to obtain any type of event. David Howells is the latest to attempt to change that situation with a new notification interface that, naturally, uses a ring buffer to transfer events to user space without the need to make system calls. The API itself (which hasn't changed greatly since it was posted in 2018) is not hugely controversial, but the associated security model has inspired a few heated discussions.

Five new stable kernels

Tuesday 11th of June 2019 02:50:19 PM
Stable kernels 5.1.9, 4.19.50, 4.14.125, 4.9.181, and 4.4.181 have been released. They all contain important fixes and users should upgrade.

Security updates for Tuesday

Tuesday 11th of June 2019 02:36:28 PM
Security updates have been issued by CentOS (bind and thunderbird), Mageia (firefox, ghostscript, graphicsmagick, imagemagick, postgresql, and thunderbird), Oracle (kernel), Red Hat (Advanced Virtualization and rh-haproxy18-haproxy), SUSE (bind, gstreamer-0_10-plugins-base, thunderbird, and vim), and Ubuntu (elfutils, glib2.0, and libsndfile).

[$] BPF for security—and chaos—in Kubernetes

Monday 10th of June 2019 04:41:45 PM
BPF is probably familiar to many LWN readers, though it's likely not yet quite as well known in the Kubernetes community — but that could soon change. At KubeCon + CloudNativeCon Europe 2019 there were multiple sessions with BPF in the title where developers talked about how BPF can be used to help with Kubernetes security, monitoring, and even chaos engineering testing. We will look at two of those talks that were led by engineers closely aligned with the open-source Cilium project, which is all about bringing BPF to Kubernetes container environments. Thomas Graf, who contributes to BPF development in the Linux kernel, led a session on transparent chaos testing with Envoy, Cilium, and BPF, while his counterpart Dan Wendlandt, who is well known in the OpenStack community for helping to start the Neutron networking project, spoke about using the kernel's BPF capabilities to add visibility and security in a Kubernetes-aware manner.

Security updates for Monday

Monday 10th of June 2019 02:12:25 PM
Security updates have been issued by Arch Linux (chromium and pam-u2f), Debian (cyrus-imapd), Fedora (curl, cyrus-imapd, kernel, kernel-headers, php, and vim), openSUSE (axis, bind, bubblewrap, evolution, firefox, gnome-shell, libpng16, and rmt-server), Oracle (edk2 and kernel), and SUSE (bind, cloud7, and libvirt).

Kernel prepatch 5.2-rc4

Monday 10th of June 2019 02:09:47 PM
The 5.2-rc4 kernel prepatch is out for testing. "We've had a fairly calm release so far, and on the whole that seems to hold. rc4 isn't smaller than rc3 was (it's a bit bigger), but rc3 was fairly small, so the size increase isn't all that worrisome. I do hope that we'll start actually shrinking now, though."

Stable kernel updates

Monday 10th of June 2019 12:45:06 PM
The 5.1.8, 4.19.49, and 4.14.124 stable kernel updates have been released; each contains another set of important fixes.

[$] Detecting and handling split locks

Friday 7th of June 2019 04:56:29 PM
The Intel architecture allows misaligned memory access in situations where other architectures (such as ARM or RISC-V) do not. One such situation is atomic operations on memory that is split across two cache lines. This feature is largely unknown, but its impact is even less so. It turns out that the performance and security impact can be significant, breaking realtime applications or allowing a rogue application to slow the system as a whole. Recently, Fenghua Yu has been working on detecting and fixing these issues in the split-lock patch set, which is currently on its eighth revision.

Security updates for Friday

Friday 7th of June 2019 01:11:18 PM
Security updates have been issued by Debian (evolution and qemu), Fedora (cyrus-imapd and hostapd), Gentoo (exim), openSUSE (exim), Red Hat (qpid-proton), SUSE (bind, libvirt, mariadb, mariadb-connector-c, python, and rubygem-rack), and Ubuntu (firefox, jinja2, and linux-lts-xenial, linux-aws).

More in Tux Machines

Games: Strange Loop Games and City Builder

Debian GNU/Linux riscv64 port in mid 2019

As it can be seen in the first graph, perhaps with some difficulty, is that the percent of arch-dependent packages built for riscv64 (grey line) has been around or higher than 80% since mid 2018, just a few months after the port was added to the infrastructure. Given than the arch-dependent packages are about half of the Debian['s main, unstable] archive and that (in simple terms) arch-independent packages can be used by all ports (provided that the software that they rely on is present, e.g. a programming language interpreter), this means that around 90% of packages of the whole archive has been available for this architecture from early on. Read more

Latest Security FUD

Software: Synapse, Qmmp and LibreOffice

  • How to install and use Synapse, the MacOS Spotlight alternative for Linux
    Mac OS is everybody’s favorite, and there are several reasons behind it. One of the most useful utilities you can find on Mac OS is Spotlight, which makes searching for things a piece of cake, all directly from the desktop. While most developers have already designed similar utilities for Windows, the open-source Linux based operating systems are no exception, as well. Most Linux operating systems like Ubuntu have its own search functionality, but it can sometimes be troublesome to reach there and isn’t as powerful as Spotlight. So with Synapse for Linux, you can do just that, and boost the power of the search functionality on your system. With Synapse for Ubuntu, you can even search for things on the web, which is cool, as well. Some Linux distros like Lubuntu, don’t offer decent search functionality, and Synapse can be a great solution in such cases. With Synapse, searching is easy with just the navigation buttons on your keyboard, and you are ready to go. Synapse can be downloaded and installed from the Linux official repository. Synapse can also be configured to run on startup so that too don’t need to search for, and open Synapse, each time you need to use it.
  • Qmmp 1.3.3 Released with Floating PulseAudio, ALSA, OSS4 Support
    Qmmp, Qt based audio player, released version 1.3.3 with improvements and bug fixes. Here’s how to install it in Ubuntu 16.04, Ubuntu 18.04, Ubuntu 18.10, Ubuntu 19.04.
  • Office Suites for Ubuntu 18.04
    Today we are looking at different office suites for Ubuntu 18.04. LibreOffice is the default LibreOffice suite for Ubuntu but it is by all means not the only one. In this article, we will look at different office suites for Ubuntu and all of its pros and cons. All these Office Suites are available for at least all Ubuntu based distros, and the installation method is the same for all the Ubuntu based distros.
  • Week 3 Report
    I continue working on Rewriting the logger messages with the new DSL grammar: