Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 1 hour 37 min ago

[$] Holes in the WiFi

1 hour 46 min ago
The discoverer of the KRACK attacks against WPA2 encryption in WiFi is back with a new set of flaws in the wireless-networking protocols. FragAttacks is a sizable group of WiFi vulnerabilities that (ab)use the fragmentation and aggregation (thus "Frag") features of the standard. The fixes have been coordinated over a nine-month period, which has allowed security researcher Mathy Vanhoef time to create multiple papers, some slide decks, a demo video, patches, and, of course, a web site and logo for the vulnerabilities.

GNU Guix 1.3.0 released

8 hours 47 min ago
GNU Guix, the transactional package manager and distribution, has released version 1.3.0. This released adds new features, refines the user experience, and improves performance. Support for the POWER9 platform is now offered as technological preview.

New stable kernels

9 hours 10 min ago
Stable kernels 5.12.3 and 5.11.20 have been released with important fixes throughout the tree. Users should upgrade.

Security updates for Wednesday

9 hours 25 min ago
Security updates have been issued by Debian (composer, hivex, lz4, and rails), Fedora (chromium, community-mysql, djvulibre, dom4j, firefox, php, php-phpmailer6, python-django, and redis), Mageia (mariadb, nagios, and pngcheck), openSUSE (opera, syncthing, and vlc), SUSE (kernel, openvpn, openvpn-openssl1, shim, and xen), and Ubuntu (flatpak, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi, linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oracle, linux-raspi, linux, linux-aws, lnux-aws-hwe, linux-azure, inux-azure-4.15, linux-dell300x, linux-gcp, linux-hwe, linux-gcp-4.15, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux-oem-5.10, linux-oem-5.6, and mariadb-10.1, mariadb-10.3, mariadb-10.5).

[$] Pyodide: Python for the browser

Tuesday 11th of May 2021 10:43:13 PM
Python in the browser has long been an item on the wish list of many in the Python community. At this point, though, JavaScript has well-cemented its role as the language embedded into the web and its browsers. The Pyodide project provides a way to run Python in the browser by compiling the existing CPython interpreter to WebAssembly and running that binary within the browser's JavaScript environment. Pyodide came about as part of Mozilla's Iodide project, which has fallen by the wayside, but Pyodide is now being spun out as a community-driven project.

Why Sleep Apnea Patients Rely on a CPAP Machine Hacker (Vice)

Tuesday 11th of May 2021 09:39:13 PM
Vice takes a look at the SleepyHead system for the management of CPAP machines.

The free, open-source, and definitely not FDA-approved piece of software is the product of thousands of hours of hacking and development by a lone Australian developer named Mark Watkins, who has helped thousands of sleep apnea patients take back control of their treatment from overburdened and underinvested doctors. The software gives patients access to the sleep data that is already being generated by their CPAP machines but generally remains inaccessible, hidden by proprietary data formats that can only be read by authorized users (doctors) on proprietary pieces of software that patients often can’t buy or download.

Making eBPF work on Windows (Microsoft Open Source Blog)

Tuesday 11th of May 2021 05:10:25 PM
The Microsoft Open Source Blog takes a look at implementing eBPF support in Windows. "Although support for eBPF was first implemented in the Linux kernel, there has been increasing interest in allowing eBPF to be used on other operating systems and also to extend user-mode services and daemons in addition to just the kernel. Today we are excited to announce a new Microsoft open source project to make eBPF work on Windows 10 and Windows Server 2016 and later. The ebpf-for-windows project aims to allow developers to use familiar eBPF toolchains and application programming interfaces (APIs) on top of existing versions of Windows. Building on the work of others, this project takes several existing eBPF open source projects and adds the “glue” to make them run on Windows."

Announcing coreboot 4.14

Tuesday 11th of May 2021 04:36:10 PM
The coreboot firmware project has released version 4.14. "These changes have been all over the place, so that there's no particular area to focus on when describing this release: We had improvements to mainboards, to chipsets (including much welcomed work to open source implementations of what has been blobs before), to the overall architecture."

Two stable kernels

Tuesday 11th of May 2021 03:32:30 PM
Stable kernels 5.10.36 and 5.4.118 have been released. They both contain important fixes throughout the tree. Users should upgrade.

Security updates for Tuesday

Tuesday 11th of May 2021 03:20:22 PM
Security updates have been issued by Debian (hivex), Fedora (djvulibre and thunderbird), openSUSE (monitoring-plugins-smart and perl-Image-ExifTool), Oracle (kernel and kernel-container), Red Hat (kernel and kpatch-patch), SUSE (drbd-utils, java-11-openjdk, and python3), and Ubuntu (exiv2, firefox, libxstream-java, and pyyaml).

DragonFly BSD 6.0

Monday 10th of May 2021 08:39:08 PM
DragonFly BSD 6.0 has been released. "This version has a revamped VFS caching system, various filesystem updates including HAMMER2, and a long list of userland updates."

[$] The second half of the 5.13 merge window

Monday 10th of May 2021 08:30:53 PM
By the time the last pull request was acted on and 5.13-rc1 was released, a total of 14,231 non-merge commits had found their way into the mainline. That makes the 5.13 merge window larger than the entire 5.12 development cycle (13,015 commits) and just short of all of 5.11 (14,340). In other words, 5.13 looks like one of the busier development cycles we have seen for a little while. About 6,400 of these commits came in after the first-half summary was written, and they include a number of significant new features.

Security updates for Monday

Monday 10th of May 2021 03:13:35 PM
Security updates have been issued by Debian (libxml2), Fedora (autotrace, babel, kernel, libopenmpt, libxml2, mingw-exiv2, mingw-OpenEXR, mingw-openexr, python-markdown2, and samba), openSUSE (alpine, avahi, libxml2, p7zip, redis, syncthing, and vlc), and Ubuntu (webkit2gtk).

Kernel prepatch 5.13-rc1

Monday 10th of May 2021 02:04:29 AM
The first 5.13 kernel prepatch is out for testing, and the merge window is closed for this development cycle. "This was - as expected - a fairly big merge window, but things seem to have proceeded fairly smoothly. Famous last words." In the end, 14,231 non-merge changesets were pulled into the mainline during the merge window — more than were seen during the entire 5.12 cycle.

An IEEE statement on the UMN paper

Friday 7th of May 2021 10:31:02 PM
The IEEE, whose Symposium on Security and Privacy conference had accepted the "hypocrite commits" paper for publication, has posted a statement [PDF] on the episode.

The paper was reviewed by four reviewers in the Fall S&P 2021 review cycle and received a very positive overall rating (2 Accept and 2 Weak Accept scores, putting it in the top 5% of submitted papers). The reviewers noted that the fact that a malicious actor can attempt to intentionally add a vulnerability to an open source project is not new, but also acknowledged that the authors provide several new insights by describing why this might be easier than expected, and why it might be difficult for maintainers to detect the problem. One of the PC members briefly mentioned a possible ethical concern in their review, but that comment was not significantly discussed any further at the time; we acknowledge that we missed it.

The statement concludes with some actions to be taken by IEEE to ensure that ethically questionable papers are not accepted again.

[$] Noncoherent DMA mappings

Friday 7th of May 2021 02:18:04 PM
While it is sometimes possible to perform I/O by moving data through the CPU, the only way to get the required level of performance is usually for devices to move data directly to and from memory. Direct memory access (DMA) I/O has been well supported in the Linux kernel since the early days, but there are always ways in which that support can be improved, especially when hardware adds some challenges of its own. The somewhat confusingly named "non-contiguous" DMA API that was added for 5.13 shows the kinds of things that have to be done to get the best performance on current systems.

Five new stable kernels

Friday 7th of May 2021 02:15:57 PM
New stable kernels 5.12.2, 5.11.19, 5.10.35, 5.4.117, and 4.19.190 have been released. They contain a relatively short list of updates throughout the tree; users of those series should upgrade.

Security updates for Friday

Friday 7th of May 2021 01:55:27 PM
Security updates have been issued by Debian (mediawiki and unbound1.9), Fedora (djvulibre and samba), Mageia (ceph, messagelib, and pagure), openSUSE (alpine and exim), Oracle (kernel and postgresql), Scientific Linux (postgresql), and Ubuntu (thunderbird and unbound).

An Interview With Linus Torvalds: Open Source And Beyond - Part 2 (Tag1)

Friday 7th of May 2021 01:45:28 PM
The second half of the interview with Linus Torvalds on the Tag1 Consulting site has been posted.

I think one of the reasons Linux succeeded was exactly the fact that I actually did NOT have a big plan, and did not have high expectations of where things would go, and so when people started sending me patches, or sending me requests for features, to me that was all great, and I had no preconceived notion of what Linux should be. End result: all those individuals (and later big companies) that wanted to participate in Linux kernel development had a fairly easy time to do so, because I was quite open to Linux doing things that I personally had had no real interest in originally.

[$] A pair of memory-allocation improvements in 5.13

Thursday 6th of May 2021 02:23:05 PM
Among the many changes merged for 5.13 can be found performance improvements throughout the kernel. This work does not always stand out the way that new features do, but it is vitally important for the future of the kernel overall. In the memory-management area, a couple of long-running patch sets have finally made it into the mainline; these provide a bulk page-allocation interface and huge-page mappings in the vmalloc() area. Both of these changes should make things faster, at least for some workloads.