Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 20 min ago

An IEEE statement on the UMN paper

Friday 7th of May 2021 10:31:02 PM
The IEEE, whose Symposium on Security and Privacy conference had accepted the "hypocrite commits" paper for publication, has posted a statement [PDF] on the episode.

The paper was reviewed by four reviewers in the Fall S&P 2021 review cycle and received a very positive overall rating (2 Accept and 2 Weak Accept scores, putting it in the top 5% of submitted papers). The reviewers noted that the fact that a malicious actor can attempt to intentionally add a vulnerability to an open source project is not new, but also acknowledged that the authors provide several new insights by describing why this might be easier than expected, and why it might be difficult for maintainers to detect the problem. One of the PC members briefly mentioned a possible ethical concern in their review, but that comment was not significantly discussed any further at the time; we acknowledge that we missed it.

The statement concludes with some actions to be taken by IEEE to ensure that ethically questionable papers are not accepted again.

[$] Noncoherent DMA mappings

Friday 7th of May 2021 02:18:04 PM
While it is sometimes possible to perform I/O by moving data through the CPU, the only way to get the required level of performance is usually for devices to move data directly to and from memory. Direct memory access (DMA) I/O has been well supported in the Linux kernel since the early days, but there are always ways in which that support can be improved, especially when hardware adds some challenges of its own. The somewhat confusingly named "non-contiguous" DMA API that was added for 5.13 shows the kinds of things that have to be done to get the best performance on current systems.

Five new stable kernels

Friday 7th of May 2021 02:15:57 PM
New stable kernels 5.12.2, 5.11.19, 5.10.35, 5.4.117, and 4.19.190 have been released. They contain a relatively short list of updates throughout the tree; users of those series should upgrade.

Security updates for Friday

Friday 7th of May 2021 01:55:27 PM
Security updates have been issued by Debian (mediawiki and unbound1.9), Fedora (djvulibre and samba), Mageia (ceph, messagelib, and pagure), openSUSE (alpine and exim), Oracle (kernel and postgresql), Scientific Linux (postgresql), and Ubuntu (thunderbird and unbound).

An Interview With Linus Torvalds: Open Source And Beyond - Part 2 (Tag1)

Friday 7th of May 2021 01:45:28 PM
The second half of the interview with Linus Torvalds on the Tag1 Consulting site has been posted.

I think one of the reasons Linux succeeded was exactly the fact that I actually did NOT have a big plan, and did not have high expectations of where things would go, and so when people started sending me patches, or sending me requests for features, to me that was all great, and I had no preconceived notion of what Linux should be. End result: all those individuals (and later big companies) that wanted to participate in Linux kernel development had a fairly easy time to do so, because I was quite open to Linux doing things that I personally had had no real interest in originally.

[$] A pair of memory-allocation improvements in 5.13

Thursday 6th of May 2021 02:23:05 PM
Among the many changes merged for 5.13 can be found performance improvements throughout the kernel. This work does not always stand out the way that new features do, but it is vitally important for the future of the kernel overall. In the memory-management area, a couple of long-running patch sets have finally made it into the mainline; these provide a bulk page-allocation interface and huge-page mappings in the vmalloc() area. Both of these changes should make things faster, at least for some workloads.

Security updates for Thursday

Thursday 6th of May 2021 01:29:53 PM
Security updates have been issued by Debian (python-django), Fedora (java-latest-openjdk, libopenmpt, python-yara, skopeo, thunderbird, and yara), openSUSE (ceph and openexr), Red Hat (postgresql), SUSE (libxml2), and Ubuntu (exim4 and gnome-autoar).

[$] LWN.net Weekly Edition for May 6, 2021

Thursday 6th of May 2021 03:41:27 AM
The LWN.net Weekly Edition for May 6, 2021 is available.

[$] A replacement for third-party cookies?

Wednesday 5th of May 2021 10:19:39 PM
The era of tracking users all across the web using third-party cookies is coming to a close; that type of cookie is something of a zombie at this point. All of the major browsers, save one, are blocking third-party cookies by default and the holdout, Google Chrome, plans to make that change next year. But Google, which has a business model built around advertising that benefits greatly from the status quo, has offered up an alternative scheme to "replace" third-party cookies. The Federated Learning of Cohorts (FLoC) is an in-browser mechanism to pigeonhole users in a way that will be useful to advertisers, but the only reason the idea has any traction at all is because it is being implemented in Chrome—the dominant browser today.

The TAB report on the UMN affair

Wednesday 5th of May 2021 05:46:43 PM
The Linux Foundation Technical Advisory Board has issued its report on the submission of (intentionally and unintentionally) buggy patches from the University of Minnesota.

This report summarizes the events that led to this point, reviews the "Hypocrite Commits" paper that had been submitted for publication, and reviews all known prior kernel commits from UMN paper authors that had been accepted into our source repository. It concludes with a few suggestions about how the community, with UMN included, can move forward.

The recommendations include establishing an internal review process for patches submitted by the community and the creation (by the TAB in cooperation with researchers) of a "best practices" document for researchers working with the kernel community.

(LWN editor Jonathan Corbet played a small part in the writing of this report).

Security updates for Wednesday

Wednesday 5th of May 2021 03:23:52 PM
Security updates have been issued by Debian (cgal, exim4, and mediawiki), Fedora (axel, libmicrohttpd, libtpms, perl-Image-ExifTool, pngcheck, python-yara, and yara), Gentoo (exim), Mageia (kernel-linus), openSUSE (bind and postsrsd), SUSE (avahi, openexr, p7zip, python-Pygments, python36, samba, sca-patterns-sle11, and webkit2gtk3), and Ubuntu (nvidia-graphics-drivers-390, nvidia-graphics-drivers-418-server, nvidia-graphics-drivers-450, nvidia-graphics-drivers-450-server, nvidia-graphics-drivers-460, nvidia-graphics-drivers-460-server).

[$] Rustls: memory safety for TLS

Tuesday 4th of May 2021 08:45:06 PM
The movement toward using memory-safe languages, and Rust in particular, has picked up a lot of steam over the past year or two. Removing the possibility of buffer overflows, use-after-free bugs, and other woes associated with unmanaged pointers is an attractive feature, especially given that the majority of today's vulnerabilities stem from memory-safety issues. On April 20, the Internet Security Research Group (ISRG) announced a funding initiative targeting the Rustls TLS library in order to prepare it for more widespread adoption—including by ISRG's Let's Encrypt project.

Security updates for Tuesday

Tuesday 4th of May 2021 03:49:37 PM
Security updates have been issued by Debian (bind9, chromium, exim4, and subversion), Fedora (exiv2 and skopeo), openSUSE (gsoap), Oracle (bind, kernel, and sudo), SUSE (bind, ceph, ceph, deepsea, permissions, and stunnel), and Ubuntu (clamav, exim4, openvpn, python-django, and samba).

An important Exim security release

Tuesday 4th of May 2021 03:20:59 PM
There are, it seems, 21 vulnerabilities in the Exim email server that have been fixed in the 4.94.2 release; at least some of these are remotely exploitable for root access. "The current Exim versions (and likely older versions too) suffer from several exploitable vulnerabilities. These vulnerabilities were reported by Qualys via security@exim.org back in October 2020. Due to several internal reasons it took more time than usual for the Exim development team to work on these reported issues in a timely manner." See this advisory from Qualys for the details.

Instant replay: Debugging C and C++ programs with rr (Red Hat Developer)

Tuesday 4th of May 2021 02:35:08 PM
The Red Hat Developer Blog has posted an introduction to the rr debugger. "rr records trace information about the execution of an application. This information allows you to repeatedly replay a particular recording of a failure and examine it in the GNU Debugger (GDB) to better investigate the cause. In addition to replaying the trace, rr lets you run the program in reverse, in essence allowing you 'rewind the tape' to see what happened earlier in the execution of the program."

[$] A "kill" button for control groups

Monday 3rd of May 2021 03:51:41 PM
The kernel's control-group mechanism exists to partition processes and to provide resource guarantees (and limits) for each. Processes running within a properly configured control group are unable to deprive those running in a different group of their allocated resources (CPU time, memory, I/O bandwidth, etc.), and are equally protected from interference by others. With few exceptions, control groups are not used to take direct actions on processes; Christian Brauner's cgroup.kill patch set is meant to be one of those exceptions.

Security updates for Monday

Monday 3rd of May 2021 02:57:45 PM
Security updates have been issued by CentOS (bind, GNOME, java-1.8.0-openjdk, java-11-openjdk, nss and nspr, xstream, and xterm), Debian (bind9 and libimage-exiftool-perl), Fedora (ansible, babel, java-11-openjdk, and java-latest-openjdk), Gentoo (chromium, clamav, firefox, git, grub, python, thunderbird, tiff, webkit-gtk, and xorg-server), Mageia (kernel, nvidia-current, nvidia390, qtbase5, and sdl2), openSUSE (Chromium, cifs-utils, cups, giflib, gsoap, libnettle, librsvg, netdata, postsrsd, samba, thunderbird, virtualbox, and webkit2gtk3), Red Hat (bind), Scientific Linux (bind), and SUSE (containerd, docker, runc and xen).

Some weekend stable kernels

Sunday 2nd of May 2021 02:48:28 PM
The 5.12.1, 5.11.18, 5.10.34, and 5.4.116 stable updates have been released. These are small and relatively minor-seeming updates with the exception of 5.4.116, which contains a significant set of BPF verifier fixes.

QEMU 6.0.0 released

Friday 30th of April 2021 01:28:58 PM
Version 6.0.0 of the QEMU hardware emulator is out. "This release contains 3300+ commits from 268 authors." This release includes a lot of new emulations; see the announcement for a short list or the changelog for details.

[$] The first half of the 5.13 merge window

Friday 30th of April 2021 01:24:37 PM
As of this writing, just over 7,800 non-merge commits have been pulled into the mainline repository for the 5.13 development cycle. It does indeed seem true that 5.13 will be busier than its predecessor was. The work merged thus far affects subsystems across the kernel; read on for a summary of what has been merged so far.

More in Tux Machines

Today in Techrights

today's howtos

  • Hans de Goede: Changing hidden/locked BIOS settings under Linux

    This all started with a Mele PCG09 before testing Linux on this I took a quick look under Windows and the device-manager there showed an exclamation mark next to a Realtek 8723BS bluetooth device, so BT did not work. Under Linux I quickly found out why, the device actually uses a Broadcom Wifi/BT chipset attached over SDIO/an UART for the Wifi resp. BT parts. The UART connected BT part was described in the ACPI tables with a HID (Hardware-ID) of "OBDA8723", not good. Now I could have easily fixed this with an extra initrd with DSDT-overrride but that did not feel right. There was an option in the BIOS which actually controls what HID gets advertised for the Wifi/BT named "WIFI" which was set to "RTL8723" which obviously is wrong, but that option was grayed out. So instead of going for the DSDT-override I really want to be able to change that BIOS option and set it to the right value. Some duckduckgo-ing found this blogpost on changing locked BIOS settings.

  • Test Day:2021-05-09 Kernel 5.12.2 on Fedora 34

    All logs report PASSED for each test done and uploaded as prompted at instruction page.

  • James Hunt: Can you handle an argument?

    This post explores some of the darker corners of command-line parsing that some may be unaware of. [...] No, I’m not questioning your debating skills, I’m referring to parsing command-lines! Parsing command-line option is something most programmers need to deal with at some point. Every language of note provides some sort of facility for handling command-line options. All a programmer needs to do is skim read the docs or grab the sample code, tweak to taste, et voila! But is it that simple? Do you really understand what is going on? I would suggest that most programmers really don’t think that much about it. Handling the parsing of command-line options is just something you bolt on to your codebase. And then you move onto the more interesting stuff. Yes, it really does tend to be that easy and everything just works… most of the time. Most? I hit an interesting issue recently which expanded in scope somewhat. It might raise an eyebrow for some or be a minor bomb-shell for others.

  • 10 Very Stupid Linux Commands [ Some Of Them Deadly ]

    If you are reading this page then you are like all of us a Linux fan, also you are using the command line every day and absolutely love Linux. But even in love and marriage there are things that make you just a little bit annoyed. Here in this article we are going to show you some of the most stupid Linux commands that a person can find.

China Is Launching A New Alternative To Google Summer of Code, Outreachy

The Institute of Software Chinese Academy of Sciences (ISCAS) in cooperation with the Chinese openEuler Linux distribution have been working on their own project akin to Google Summer of Code and Outreachy for paying university-aged students to become involved in open-source software development. "Summer 2021" as the initiative is simply called or "Summer 2021 of Open Source Promotion Plan" is providing university-aged students around the world funding by the Institute of Software Chinese Academy of Sciences to work on community open-source projects. It's just like Google Summer of Code but with offering different funding levels based upon the complexity of the project -- funding options are 12000 RMB, 9000 RMB, or 6000 RMB. That's roughly $932 to $1,865 USD for students to devote their summer to working on open-source. There are not any gender/nationality restrictions with this initative but students must be at least eighteen years old. Read more

Kernel: Linux 5.10 and Linux 5.13

  • Linux 5.10 LTS Will Be Maintained Through End Of Year 2026 - Phoronix

    Linux 5.10 as the latest Long Term Support release when announced was only going to be maintained until the end of 2022 but following enough companies stepping up to help with testing, Linux 5.10 LTS will now be maintained until the end of year 2026. Linux 5.10 LTS was originally just going to be maintained until the end of next year while prior kernels like Linux 5.4 LTS are being maintained until 2024 or even Linux 4.19 LTS and 4.14 LTS going into 2024. Linux 5.10 LTS was short to begin with due to the limited number of developers/organizations helping to test new point release candidates and/or committing resources to using this kernel LTS series. But now there are enough participants committing to it that Greg Kroah-Hartman confirmed he along with Sasha Levin will maintain the kernel through December 2026.

  • Oracle Continues Working On The Maple Tree For The Linux Kernel

    Oracle engineers have continued working on the "Maple Tree" data structure for the Linux kernel as an RCU-safe, range-based B-tree designed to make efficient use of modern processor caches. Sent out last year was the RFC patch series of Maple Tree for the Linux kernel to introduce this new data structure and make initial use of it. Sent out last week was the latest 94 patches in a post-RFC state for introducing this data structure.

  • Linux 5.13 Brings Simplified Retpolines Handling - Phoronix

    In addition to work like Linux 5.13 addressing some network overhead caused by Retpolines, this next kernel's return trampoline implementation itself is seeing a simplification. Merged as part of x86/core last week for the Linux 5.13 kernel were enabling PPIN support for Xeon Sapphire Rapids, KProbes improvements, and other minor changes plus simplifying the Retpolines implementation used by some CPUs as part of the Spectre V2 mitigations. The x86/core pull request for Linux 5.13 also re-sorts and better documents Intel's increasingly long list of different CPU cores/models.

  • Linux 5.13 Adds Support For SPI NOR One-Time Programmable Memory Regions - Phoronix

    The Linux 5.13 kernel has initial support for dealing with SPI one-time programmable (OTP) flash memory regions. Linux 5.13 adds the new MTD OTP functions for accessing SPI one-time programmable data. The OTP are memory regions intended to be programmed once and can be used for permanent secure identification, immutable properties, and similar purposes. In addition to adding the core infrastructure support for OTP to the MTD SPI-NOR code in Linux 5.13, the functionality is wired up for Winbond and similar flash memory chips. The MTD subsystem has already supported OTP areas but not for SPI-NOR flash memory.