Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 54 min ago

[$] Building the kernel with clang

3 hours 34 min ago

Over the years, there has been a persistent effort to build the Linux kernel using the Clang C compiler that is part of the LLVM project. We last looked in on the effort in a report from the LLVM microconference at the 2015 Linux Plumbers Conference (LPC), but we have followed it before that as well. At this year's LPC, two Google kernel engineers, Greg Hackmann and Nick Desaulniers, came to the Android microconference to update the status; at this point, it is possible to build two long-term support kernels (4.4 and 4.9) with Clang.

Moore: The 2017 Linux Security Summit

6 hours 6 min ago
Paul Moore has posted his notes from the 2017 Linux Security Summit, held September 14 and 15 in Los Angeles. "LinuxKit was designed to make it easy for people to create their own Linux distribution, with a strong focus on minimal OS installs such as one would use in a container hosting environment. LinuxKit has several features that make it interesting from a security perspective, the most notable being the read-only rootfs which is managed using external tooling. Applications are installed via signed container images."

Security updates for Tuesday

6 hours 11 min ago
Security updates have been issued by Arch Linux (apache and ettercap), Debian (gdk-pixbuf and newsbeuter), Red Hat (kernel), Slackware (httpd, libgcrypt, and ruby), SUSE (kernel), and Ubuntu (bind9, kernel, libidn2-0, libxml2, linux, linux-aws, linux-gke, linux-kvm, linux-raspi2, linux-snapdragon, linux, linux-raspi2, linux-hwe, linux-lts-trusty, and linux-lts-xenial).

Schaller: Launching Pipewire

7 hours 5 min ago
Christian Schaller announces Pipewire, a media system that is meant to eventually replace PulseAudio and handle video as well. "Anyway as work progressed Wim decided to also take a look at Jack, as supporting the pro-audio usecase was an area PulseAudio had never tried to do, yet we felt that if we could ensure Pipewire supported the pro-audio usecase in addition to consumer level audio and video it would improve our multimedia infrastructure significantly and ensure pro-audio became a first class citizen on the Linux desktop." A video-only version will be shipping in Fedora 27.

[$] Testing kernels

Tuesday 19th of September 2017 01:40:04 AM

New kernels are released regularly, but it is not entirely clear how much in-depth testing they are actually getting. Even the mainline kernel may not be getting enough of the right kind of testing. That was the topic for a "birds of a feather" (BoF) meeting at this year's Linux Plumbers Conference (LPC) held in mid-September in Los Angeles, CA. Dhaval Giani and Sasha Levin organized the BoF as a prelude to the Testing and Fuzzing microconference they were leading the next day.

[$] Notes from the LPC scheduler microconference

Monday 18th of September 2017 11:11:04 PM
The scheduler workloads microconference at the 2017 Linux Plumbers Conference covered several aspects of the kernel's CPU scheduler. While workloads were on the agenda, so were a rework of the realtime scheduler's push/pull mechanism, a distinctly different approach to multi-core scheduling, and the use of tracing for workload simulation and analysis. As the following summary shows, CPU scheduling has not yet reached a point where all of the important questions have been answered.

EME is now a W3C recommendation

Monday 18th of September 2017 09:04:13 PM
The World Wide Web Consortium has put out a press release trumpeting its publication of the "Encrypted Media Extensions" as an official recommendation and enshrining DRM into what was previously a standard for open communication. See the EFF's open letter for a less rosy view of this development. "Today, the W3C bequeaths an legally unauditable attack-surface to browsers used by billions of people. They give media companies the power to sue or intimidate away those who might re-purpose video for people with disabilities. They side against the archivists who are scrambling to preserve the public record of our era. The W3C process has been abused by companies that made their fortunes by upsetting the established order, and now, thanks to EME, they’ll be able to ensure no one ever subjects them to the same innovative pressures."

Robinson: The state of open source accelerated graphics on ARM devices

Monday 18th of September 2017 07:20:50 PM
Peter Robinson looks at the state of open source accelerated graphics on ARM devices. "Despite the two bad examples above there’s actually been a lot of good change in the last five years. We now have a number of options for fully accelerated 2D/3D graphics on ARM SoCs and I run GNOME Shell on Wayland, yes the full open source shiny, on a number of different devices regularly."

Security updates for Monday

Monday 18th of September 2017 03:36:04 PM
Security updates have been issued by Arch Linux (ffmpeg, lib32-libgcrypt, libgcrypt, linux-zen, and newsbeuter), Debian (emacs25, freexl, and tomcat8), Fedora (cyrus-imapd, FlightGear, freexl, gdm, kernel, LibRaw, ruby, and xen), Gentoo (binutils, chkrootkit, curl, gdk-pixbuf, gimps, git, kpathsea, mod_gnutls, perl, squirrelmail, subversion, supervisor, and webkit-gtk), Mageia (389-ds-base, kernel, kernel-linus, kernel-tmb, and mpg123), openSUSE (ffmpeg, ffmpeg2, qemu, and xen), Slackware (kernel), SUSE (xen), and Ubuntu (gdk-pixbuf).

[$] The rest of the 4.14 merge window

Sunday 17th of September 2017 10:36:43 PM
As is sometimes his way, Linus Torvalds released 4.14-rc1 and closed the merge window one day earlier than some might have expected. By the time, though, 11,556 non-merge changesets had found their way into the mainline repository, so there is no shortage of material for this release. Around 3,500 of those changes were pulled after the previous 4.14 merge-window summary; read on for an overview of what was in that last set.

Kernel prepatch 4.14-rc1

Sunday 17th of September 2017 04:23:28 PM
The 4.14-rc1 kernel prepatch is out, and the merge window is closed for this development cycle. "Yes, I realize this is a day early, and yes, I realize that if I had waited until tomorrow, I would also have hit the 26th anniversary of the Linux-0.01 release, but neither of those undeniable facts made me want to wait with closing the merge window." In the end, 11,556 non-merge changesets were pulled into the mainline for this release.

[$] Building an ARM64 laptop

Friday 15th of September 2017 11:19:52 PM
Processors based on the 64-bit ARM architecture have been finding their way into various types of systems, including mobile handsets and servers. There is a distinct gap in the middle of the range, though: there are no ARM64 laptops. Bernhard Rosenkränzer and a group of colleagues set out to change that situation by building such a laptop from available components. He showed up at the 2017 Open Source Summit North America to present the result.

Malicious software libraries found in PyPI

Friday 15th of September 2017 10:04:58 PM
An advisory from the National Security Authority of Slovakia warns that they have found fake packages in PyPI, posing as well known libraries. "Copies of several well known Python packages were published under slightly modified names in the official Python package repository PyPI (prominent example includes urllib vs. urrlib3, bzip vs. bzip2, etc.). These packages contain the exact same code as their upstream package thus their functionality is the same, but the installation script, setup.py, is modified to include a malicious (but relatively benign) code." The administrators of PyPI were informed and the fake packages are gone now, however they were available from June 2017 to September 2017. (Thanks to Paul Wise)

Security updates for Friday

Friday 15th of September 2017 02:50:39 PM
Security updates have been issued by Arch Linux (flashplugin, kernel, lib32-flashplugin, and linux-lts), CentOS (postgresql), Debian (tcpdump and wordpress-shibboleth), Fedora (lightdm, python-django, and tomcat), Mageia (flash-player-plugin and libsndfile), openSUSE (chromium, cvs, kernel, and libreoffice), Oracle (postgresql), and Ubuntu (libgcrypt20 and thunderbird).

Purism and KDE to work together on free smartphone

Thursday 14th of September 2017 04:55:50 PM
Purism and KDE are working together to adapt Plasma Mobile to Purism's Librem 5 smartphone. "The shared vision of freedom, openness and personal control for end users has brought KDE and Purism together in a common venture. Both organisations agree that cooperating will help bring a truly free and open source smartphone to the market. KDE and Purism will work together to make this happen."

A pile of stable kernel updates

Thursday 14th of September 2017 04:22:42 PM
The stable-kernel update train continues with the release of 4.13.2, 4.12.13, 4.9.50, 4.4.88, and 3.18.71. Among other things, these updates contain the fix for the recently disclosed Bluetooth vulnerability.

Security updates for Thursday

Thursday 14th of September 2017 03:24:25 PM
Security updates have been issued by Arch Linux (tcpdump), CentOS (bluez and kernel), Debian (wordpress-shibboleth), Fedora (augeas, bluez, emacs, and libwmf), Oracle (kernel), Red Hat (instack-undercloud, kernel, openvswitch, and postgresql), Scientific Linux (postgresql), SUSE (kernel and xen), and Ubuntu (tcpdump).

Verified cryptography for Firefox 57

Thursday 14th of September 2017 02:03:57 PM
The Mozilla Security Blog announces that Firefox 57 will benefit from the addition of a formally verified crypto package. "The first result of this collaboration, an implementation of the Curve25519 key establishment algorithm (RFC7748), has just landed in Firefox Nightly. Curve25519 is widely used for key-exchange in TLS, and was recently standardized by the IETF. As an additional bonus, besides being formally verified, the HACL* Curve25519 implementation is also almost 20% faster on 64 bit platforms than the existing NSS implementation (19500 scalar multiplications per second instead of 15100) which represents an improvement in both security and performance to our users."

[$] LWN.net Weekly Edition for September 14, 2017

Thursday 14th of September 2017 01:06:00 AM
The LWN.net Weekly Edition for September 14, 2017 is available.

[$] Antipatterns in IoT security

Wednesday 13th of September 2017 11:12:04 PM

Security for Internet of Things (IoT) devices is something of a hot topic over the last year or more. Marti Bolivar presented an overview of some of the antipatterns that are leading to the lack of security for these devices at a session at the 2017 Open Source Summit North America in Los Angeles. He also had some specific recommendations for IoT developers on how to think about these problems and where to turn for help in making security a part of the normal development process.

More in Tux Machines