ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

[$] MagicMirror: a versatile home information hub

([Development] Sep 7, 2020 20:07 UTC (Mon) (coogle))

Back in 2014, a [1]Raspberry Pi enthusiast by the name of Michael Teeuw [2] shared his build of a "magic mirror" with the world in a six-part series. The system consisted of a Raspberry Pi and monitor running a web browser in kiosk mode, with a web server that provided a dashboard interface — all stored in a custom-built case with a [3]one-way mirror . Since his post, others [4]around the world have built these devices for their home (including myself), forming both a community and an interesting open-source project. The [5]recent release of MagicMirror 2 (MM2) version 2.12.0 gives us an opportunity to learn more about where the project started and where it is today.



[1] https://www.raspberrypi.org/

[2] https://michaelteeuw.nl/post/80391333672/magic-mirror-part-i-the-idea-the-mirror

[3] https://en.wikipedia.org/wiki/One-way_mirror

[4] https://michaelteeuw.nl/post/111886383522/magic-mirrors-around-the-world

[5] https://github.com/MichMich/MagicMirror/releases/tag/v2.12.0

Security updates for Wednesday

([Security] Sep 2, 2020 13:45 UTC (Wed) (ris))

Security updates have been issued by CentOS (firefox), Mageia (mutt and putty), openSUSE (ldb, samba, libqt5-qtbase, opera, and postgresql10), Red Hat (bash, kernel, and libvncserver), SUSE (apache2, curl, and squid), and Ubuntu (ark, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon, and linux-hwe, linux-aws-5.3, linux-gke-5.3, linux-raspi2-5.3).

[$] Profile-guided optimization for the kernel

([Kernel] Sep 3, 2020 14:34 UTC (Thu) (corbet))

One of the many unfortunate consequences of the Covid-19 pandemic was the cancellation of the [1]2020 GNU Tools Cauldron . That loss turned out to be a gain for the [2]Linux Plumbers Conference , which was able to add a GNU Tools track to host many of the discussions that would have otherwise occurred at Cauldron. In that track, Ian Bearman presented his group's work using [3]profile-guided optimization with the Linux kernel. This technique, which he often referred to as "pogo", is not straightforward to apply to the kernel, but the benefits would appear to justify the effort.



[1] https://gcc.gnu.org/wiki/cauldron2020

[2] https://linuxplumbersconf.org/

[3] https://en.wikipedia.org/wiki/Profile-guided_optimization

Velikov: Pushing pixels to your Chromebook

([Development] Sep 1, 2020 17:00 UTC (Tue) (ris))

Emil Velikov [1]provides a high-level introduction of the Linux graphics stack, how it is used within ChromeOS, and the work being done to improve software rendering. " One of our goals is to be as flexible as possible, while minimising the amount of legacy code required - so in our case we're using OpenGL/GLES and EGL. In particular we are making use of the [2]EGL_MESA_platform_surfaceless extension. It allows us to use OpenGL or GLES and render into a memory area, not requiring integration with the display subsystem. "



[1] https://www.collabora.com/news-and-blog/blog/2020/08/31/pushing-pixels-to-your-chromebook/

[2] https://www.khronos.org/registry/EGL/extensions/MESA/EGL_MESA_platform_surfaceless.txt

Security updates for Tuesday

([Security] Sep 1, 2020 14:57 UTC (Tue) (ris))

Security updates have been issued by Debian (apache2 and libx11), Fedora (batik, ecj, eclipse, eclipse-cdt, eclipse-ecf, eclipse-emf, eclipse-gef, eclipse-m2e-core, eclipse-mpc, eclipse-mylyn, eclipse-remote, eclipse-webtools, firefox, httpd, jetty, lucene, selinux-policy, and univocity-parsers), Mageia (hylafax+), openSUSE (ark and chromium), Red Hat (virt:8.2 and virt-devel:8.2), SUSE (freeradius-server, freerdp, php7, php72, php74, and xorg-x11-server), and Ubuntu (freerdp2, keystone, net-snmp, python-django, and python-rsa).

The winding road to PHP 8's match expression

([Development] Sep 2, 2020 16:29 UTC (Wed) (coogle))

New to the forthcoming PHP 8.0 release is a feature called match expressions, which is a construct designed to address several shortcomings in PHP's switch statement. While it took three separate request-for-comment (RFC) proposals in order to be accepted, the new expression eventually received broad support for inclusion.

LXD 4.5 released

([Development] Aug 31, 2020 18:23 UTC (Mon) (ris))

The LXD team has [1]announced the release of LXD 4.5. [2]LXD is a container and VM manager focused on running full Linux distributions. Highlights include virtual networks through [3]OVN , bpf system call interception, a new way to allocate PTS devices, improved cluster remote storage, AppArmor confinement for some side services, and graphical console attach on Windows clients.



[1] https://discuss.linuxcontainers.org/t/lxd-4-5-has-been-released/8824/1

[2] https://linuxcontainers.org/lxd

[3] https://www.ovn.org/en/

Lua in the kernel?

([Kernel] Sep 9, 2020 16:17 UTC (Wed) (jake))

[1]BPF is, of course, the language used for network (and other) customization in the Linux kernel, but some people have been using the [2]Lua language for the networking side of that equation. Two developers from [3]Ring-0 Networks , Lourival Vieira Neto and Victor Nogueira, came to the virtual [4]Netdev 0x14 to [5]present that work . It consists of a framework to allow the injection of Lua scripts into the running kernel as well as two projects aimed at routers, one of which is deployed on 20 million devices.



[1] https://lwn.net/Articles/740157/

[2] https://www.lua.org/

[3] https://ring-0.io/en

[4] https://netdevconf.info/0x14/index.html

[5] https://netdevconf.info/0x14/session.html?talk-linux-network-scripting-with-lua

Security updates for Monday

([Security] Aug 31, 2020 14:55 UTC (Mon) (ris))

Security updates have been issued by Debian (bacula, bind9, freerdp, libvncserver, lilypond, mupdf, ndpi, openexr, php-horde, php-horde-core, php-horde-gollem, php-horde-kronolith, ros-actionlib, thunderbird, and xorg-server), Fedora (golang-github-ulikunitz-xz and qt), Gentoo (bind, chrony, ghostscript-gpl, kleopatra, openjdk, and targetcli-fb), Mageia (ark, evolution-data-server, fossil, kernel, kernel-linus, and thunderbird), openSUSE (apache2, graphviz, grub2, inn, librepo, and xorg-x11-server), Oracle (firefox), and Red Hat (git).

Kernel prepatch 5.9-rc3

([Kernel] Aug 31, 2020 12:47 UTC (Mon) (corbet))

The [1]third 5.9 kernel prepatch is out for testing. " On the whole it's been pretty calm for being rc3. This is actually one of the smaller rc3's we've had in recent releases. "



[1] https://lwn.net/Articles/830062/

Supporting Linux kernel development in Rust

([Kernel] Aug 31, 2020 17:20 UTC (Mon) (nelhage))

The [1]Rust programming language has long aimed to be a suitable replacement for C in operating-system kernel development. As Rust has matured, many developers have expressed growing interest in using it in the Linux kernel. At the 2020 (virtual) [2]Linux Plumbers Conference , the [3]LLVM microconference track hosted a session on open questions about and obstacles to accepting Rust upstream in the Linux kernel. The interest in this topic can be seen in the fact that this was the single most heavily attended session at the 2020 event.



[1] https://www.rust-lang.org/

[2] https://linuxplumbersconf.org/

[3] https://llvm.org/

Security updates for Friday

([Security] Aug 28, 2020 18:04 UTC (Fri) (jake))

Security updates have been issued by Debian (bind9 and squid), Fedora (libX11 and wireshark), Gentoo (libX11 and redis), Mageia (firefox, libx11, qt4 and qt5base, and x11-server), openSUSE (gettext-runtime, inn, and webkit2gtk3), Oracle (firefox), SUSE (libqt5-qtbase, openvpn, openvpn-openssl1, postgresql10, and targetcli-fb), and Ubuntu (chrony, nss, and squid).

Krisman: Using the Linux kernel's Case-insensitive feature in Ext4

([Kernel] Aug 27, 2020 22:45 UTC (Thu) (jake))

On the Collabora blog, Gabriel Krisman Bertazi [1]writes about a feature he developed: [2]case-insensitive ext4 . He describes how to enable the feature in the kernel (>= 5.2), how to create an ext4 filesystem that will support case-insensitive lookups, as well as some gotchas; he starts with some justification for the idea:



[1] https://www.collabora.com/news-and-blog/blog/2020/08/27/using-the-linux-kernel-case-insensitive-feature-in-ext4/

[2] https://lwn.net/Articles/784041/ A file name is a text string used to uniquely identify a file (in this context, 'directory' is the same as a file) at a specific level of the directory hierarchy. While, from the operating system point of view, it doesn't matter what the file name is, as long as it is unique, meaningful file names are essential for the end user, since it is the main key to locate and retrieve data. In other words, a meaningful file name is what people rely upon to find their valuable documents, pictures and spreadsheets.

Traditionally, Linux (and Unix) filesystems have always considered file names as an opaque byte sequence without any special meaning, requiring users to submit the exact match of the file to find it in the filesystem. But that is not how humans operate. When people write titles, 'important report.ods' and 'IMPORTANT REPORT.ods' usually mean the same piece of data, and you don't care how it was written when creating it. We care about the content and the semantics of the words IMPORTANT and REPORT.

[$] Software and hardware obsolescence in the kernel

([Kernel] Aug 28, 2020 21:50 UTC (Fri) (corbet))

Adding code to the kernel to support new hardware is relatively easy. Removing code that is no longer useful can be harder, mostly because it can be difficult to know when something is truly no longer needed. Arnd Bergmann, who [1]removed support for eight architectures from the kernel in 2018, knows well just how hard this can be. At the [2]2020 Linux Plumbers Conference , he led two sessions dedicated to the topic of obsolete software and hardware. With a bit of effort, he said, it should be possible to have a better idea of when something can be removed.



[1] https://lwn.net/Articles/748074/

[2] https://linuxplumbersconf.org/

Rust 1.46.0

([Development] Aug 27, 2020 18:28 UTC (Thu) (ris))

The Rust team has [1]announced the release of Rust 1.46.0. " This release enables quite a lot of new things to appear in const fn , two new standard library APIs, and one feature useful for library authors. See the [2]detailed release notes to learn about other changes not covered by this post. "



[1] https://blog.rust-lang.org/2020/08/27/Rust-1.46.0.html

[2] https://github.com/rust-lang/rust/blob/master/RELEASES.md#version-1460-2020-08-27

Stable kernels 5.8.5 and 5.7.19

([Kernel] Aug 27, 2020 18:11 UTC (Thu) (jake))

Greg Kroah-Hartman has released the [1]5.8.5 and [2]5.7.19 stable kernels with a relatively small number of fixes. Note that this is the last release for the 5.7.x kernel series, so users should move to 5.8.5 along with those on 5.8.x.



[1] https://lwn.net/Articles/829713/

[2] https://lwn.net/Articles/829714/

LWN.net Weekly Edition for September 3, 2020


Security updates for Thursday

([Security] Aug 27, 2020 12:59 UTC (Thu) (jake))

Security updates have been issued by Debian (firefox-esr and nginx), Fedora (firefox, firejail, and lua), Gentoo (chromium, docker, firefox and thunderbird, net-snmp, postgresql, and wireshark), openSUSE (chromium, claws-mail, dovecot23, libreoffice, and python3), Oracle (kernel), Scientific Linux (firefox), SUSE (apache2, graphviz, and libxslt), and Ubuntu (firefox, libmysofa, and squid3).

X.Org Server 1.20.9 released

([Security] Aug 26, 2020 19:51 UTC (Wed) (coogle))

The [1]X.Org project has [2]announced the release of xorg-server version 1.20.9. Among other improvements are numerous fixes to [3]XWayland , including a bug that could cause an infinite loop at startup as well as other potential crash fixes. The release also addresses several [4]security issues that can " lead to local privileges elevation on systems where the X server is running privileged. " Users of xorg-server are encouraged to upgrade.



[1] http://x.org

[2] https://lwn.net/Articles/829638/

[3] https://wayland.freedesktop.org/xserver.html#heading_toc_j_0

[4] https://lwn.net/Articles/829639/

Fuzzing the Linux kernel (x86) entry code (Oracle)

([Kernel] Aug 26, 2020 19:35 UTC (Wed) (corbet))

The Oracle blog is putting up a series by Vegard Nossum on fuzzing the kernel's entry code; [1]part 1 and [2]part 2 are available now. " While these fuzzers effectively test the system calls themselves (and the code reachable through system calls), one thing they don't test very well is what happens at the actual transition point between userspace and the kernel. There is more to this boundary than meets the eye; it is written in assembly code and there is a lot of architectural state (CPU state) that must be verified or sanitized before the kernel can safely start executing its C code. This blog post explores how one might go about writing a fuzzer targeting the Linux kernel entry code on x86. "



[1] https://blogs.oracle.com/linux/fuzzing-the-linux-kernel-x86-entry-code%2c-part-1-of-3

[2] https://blogs.oracle.com/linux/fuzzing-the-linux-kernel-x86-entry-code%2c-part-2-of-3
More

The soldier came knocking upon the queen's door.
He said, "I am not fighting for you any more."
The queen knew she had seen his face someplace before,
And slowly she let him inside.

He said, "I see you now, and you're so very young,
But I've seen more battles lost than I have battles won,
And I have this intuition that it's all for your fun.
And now will you tell me why?"
-- Suzanne Vega, "The Queen and The Soldier"