ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Security updates for Monday

([Security] Jun 15, 2020 14:53 UTC (Mon) (ris))

Security updates have been issued by Debian (intel-microcode, libexif, mysql-connector-java, and thunderbird), Fedora (gnutls, grafana, kernel, kernel-headers, mingw-gnutls, mod_auth_openidc, NetworkManager, and pdns-recursor), Gentoo (adobe-flash, ansible, chromium, firefox, glibc, mailutils, nokogiri, readline, ssvnc, and webkit-gtk), Mageia (axel, bind, dbus, flash-player-plugin, libreoffice, networkmanager, and roundcubemail), openSUSE (java-1_8_0-openjdk, kernel, nodejs8, rubygem-bundler, texlive-filesystem, and thunderbird), Oracle (libexif and tomcat6), Red Hat (chromium-browser, flash-plugin, and libexif), Scientific Linux (tomcat6), SUSE (libEMF), and Ubuntu (fwupd).

Kernel prepatch 5.8-rc1

([Kernel] Jun 14, 2020 22:14 UTC (Sun) (corbet))

Linus has [1]released 5.8-rc1 and closed the merge window for this release. By the end, 14,206 non-merge changesets found their way into the mainline repository, making this one of the busiest development cycles ever. " So in the 5.8 merge window we have modified about 20% of all the files in the kernel source repository. That's really a fairly big percentage, and while some of it _is_ scripted, on the whole it's really just the same pattern: 5.8 has simply seen a lot of development. IOW, 5.8 looks big. Really big. "



[1] https://lwn.net/Articles/823019/

PsychOS: A Crazy Cool Distro That Pushes Linux Limits (TechNewsWorld)

([Distributions] Jun 13, 2020 1:09 UTC (Sat) (jake))

Over at TechNewsWorld, Jack M. Germain [1]reviews the rather ... different ... distribution, [2]PsychOS Linux . Just taking a peek at the home page may be enough to cause flashbacks to a misspent youth, or perhaps that of one's parents at this point. Bucking the trend for modern distributions, PsychOS is only built for 32-bit systems; the main focus seems to be DOS-oriented: " Retro comes alive in PsychOS and is the main driving point in its development. The distro creator still uses DOS software, which is launched easily from the applications menu via emulators such as DOSBox. Anyone with PsychOS 3.4.6 and higher who uses [3]RetroGrab to install older software can do the same, noted the developer. The corresponding emulators must be installed first. PsychOS lets you run more than one DOS program at a time, too. Other programming influences include BASIC and BBC BASIC, due to shortcomings that helped the PsychOS developer learn more about Python. Other BASIC flavors are FreeBASIC, QB45, and QB64. "



[1] https://www.technewsworld.com/story/PsychOS-A-Crazy-Cool-Distro-That-Pushes-Linux-Limits-86708.html

[2] https://psychoslinux.gitlab.io/

[3] https://theouterlinux.gitlab.io/Public/Videos/RetroGrab.html

[$] Tools to improve English text

([Development] Jun 16, 2020 15:53 UTC (Tue) (tbm))

Open-source developers put a lot of emphasis on quality and have created many tools to improve source code, such as [1]linters and code formatters. Documentation, on the other hand, doesn't receive the attention it deserves. LWN reviewed several grammar and style-checking tools back in 2016. It seems like a good time to evaluate progress in this area.



[1] https://en.wikipedia.org/wiki/Lint_(software)

Security updates for Friday

([Security] Jun 12, 2020 15:39 UTC (Fri) (jake))

Security updates have been issued by CentOS (tomcat), Debian (intel-microcode, libphp-phpmailer, mysql-connector-java, python-django, thunderbird, and xawtv), Fedora (kernel and thunderbird), Gentoo (perl), openSUSE (libexif and vim), Oracle (dotnet, kernel, microcode_ctl, and tomcat), Red Hat (net-snmp), Scientific Linux (libexif and tomcat), Slackware (kernel), and SUSE (adns, audiofile, ed, kvm, nodejs12, and xen).

LWN.net Weekly Edition for June 18, 2020


Seven new stable kernels

([Kernel] Jun 11, 2020 13:46 UTC (Thu) (jake))

Greg Kroah-Hartman has announced the release of the [1]5.7.2 , [2]5.6.18 , [3]5.4.46 , [4]4.19.128 , [5]4.14.184 , [6]4.9.227 , and [7]4.4.227 stable kernels. These contain mitigations for the [8]special register buffer data sampling (SRBDS) hardware vulnerability, as well as other fixes elsewhere in the trees. Users of those series should upgrade.



[1] https://lwn.net/Articles/822838/

[2] https://lwn.net/Articles/822839/

[3] https://lwn.net/Articles/822840/

[4] https://lwn.net/Articles/822841/

[5] https://lwn.net/Articles/822842/

[6] https://lwn.net/Articles/822843/

[7] https://lwn.net/Articles/822844/

[8] https://lwn.net/Articles/822595/

Security updates for Thursday

([Security] Jun 11, 2020 13:19 UTC (Thu) (jake))

Security updates have been issued by CentOS (kernel and microcode_ctl), Debian (roundcube), Mageia (coturn, cups, libarchive, libvirt, libzypp, nghttp2, nrpe, openconnect, perl, python-typed-ast, ruby-rack, ruby-RubyGems, sudo, vino, wpa_supplicant, and xawtv), openSUSE (firefox, gnutls, GraphicsMagick, ucode-intel, and xawtv), Oracle (dotnet3.1 and kernel), Red Hat (curl, expat, file, gettext, kernel, kpatch-patch, libexif, pcs, python, tomcat, tomcat6, and unzip), Scientific Linux (kernel and microcode_ctl), SUSE (kernel), and Ubuntu (intel-microcode and sqlite3).

[$] Rethinking bpfilter and user-mode helpers

([Kernel] Jun 12, 2020 18:01 UTC (Fri) (corbet))

The [1]bpfilter subsystem, along with its "user-mode blobs" infrastructure, attracted a lot of attention when it was merged for the 4.18 kernel in 2018. Since then, however, development in this effort has been, to put it charitably, subdued. Now, two years after its merging, bpfilter may be in danger of being removed from the kernel as a failed experiment.



[1] https://lwn.net/Articles/755919/

Security updates for Wednesday

([Security] Jun 10, 2020 14:50 UTC (Wed) (ris))

Security updates have been issued by Arch Linux (chromium, firefox, gnutls, python-django, thunderbird, tomcat7, tomcat8, and tomcat9), CentOS (unbound), Debian (bluez, firefox-esr, kernel, and linux-4.9), Oracle (kernel), Red Hat (.NET Core, .NET Core 3.1, kernel, kernel-rt, libexif, microcode_ctl, pcs, and virt:rhel), SUSE (gnutls, java-1_7_0-ibm, kernel, microcode_ctl, nodejs10, nodejs8, rubygem-bundler, texlive, texlive-filesystem, thunderbird, and ucode-intel), and Ubuntu (intel-microcode, kernel, libjpeg-turbo, linux, linux-aws, linux-aws-5.3, linux-azure, linux-azure-5.3, linux-gcp, linux-gcp-5.3, linux-gke-5.3, linux-hwe, linux-kvm, linux-oracle, linux-oracle-5.3, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oracle, linux, linux-aws, linux-kvm, linux, linux-lts-trusty, and linux-gke-5.0, linux-oem-osp1).

Second Debian Med COVID-19 hackathon

([Briefs] Jun 9, 2020 22:53 UTC (Tue) (ris))

The Debian Med team joined a COVID-19 Biohackathon last April and is planing on doing it again on June 15-21. A recently shared pre-publication draft paper highlights which software tools are considered useful "to Accelerate SARS-CoV-2 and Coronavirus Research". Many of these tools would benefit from being packaged in Debian and all the advantages that Debian brings for both users and upstream alike.

As in the first sprint most tasks do not require any knowledge of biology or medicine, and all types of contributions are welcome: bug triage, testing, documentation, CI, translations, packaging, and code contributions.

The "special register buffer data sampling" hardware vulnerability

([Security] Jun 9, 2020 19:03 UTC (Tue) (corbet))

We have not had a new CPU vulnerability for a little while — a situation that was clearly too good to last. The mainline kernel has just merged mitigations for the "special register buffer data sampling" vulnerability which, in short, allows an attacker to spy on the random numbers obtained by others. In particular, the results of the RDRAND instruction can be obtained via a speculative attack. The mitigation involves more flushing and the serialization of RDRAND . That means a RDRAND instruction will take longer to run, but it also means that RDRAND requires locking across the system, which will slow things considerably if it is executed frequently. There are ways to turn the mitigations off, of course. See [1]this new kernel document for more information.



[1] https://lwn.net/Articles/822596/ These fixes are currently queued to be part of the [1]5.7.2 , [2]5.6.18 , [3]5.4.46 , [4]4.19.128 , [5]4.14.184 [6]4.9.227 , [7]4.4.227 , and [8]3.16.85 stable updates.



[1] https://lwn.net/ml/linux-kernel/20200609174149.255223112@linuxfoundation.org/

[2] https://lwn.net/ml/linux-kernel/20200609174112.129412236@linuxfoundation.org/

[3] https://lwn.net/ml/linux-kernel/20200609174052.628006868@linuxfoundation.org/

[4] https://lwn.net/ml/linux-kernel/20200609174048.576094775@linuxfoundation.org/

[5] https://lwn.net/ml/linux-kernel/20200609174022.938987501@linuxfoundation.org/

[6] https://lwn.net/ml/linux-kernel/20200609174015.379493548@linuxfoundation.org/

[7] https://lwn.net/ml/linux-kernel/20200609173933.288044334@linuxfoundation.org/

[8] https://lwn.net/ml/linux-kernel/lsq.1591725831.850867383@decadent.org.uk/

'The world is really changing': Why Linux on desktop is taking a sudden leap forward (TechRepublic)

([Distributions] Jun 9, 2020 17:58 UTC (Tue) (coogle))

TechRepublic [1]interviewed Lenovo's general manager and executive director of the Workstation & Client AI Group Rob Herman about the company's plans to begin optionally pre-loading enterprise versions of the Red Hat and Ubuntu Linux distributions across its P Series ThinkPad and ThinkStation products, putting Linux on parity with Microsoft Windows for those product lines. " 'Around the workstation and what I would call the performance computing world, the world is really changing [...] We're starting to see a lot more use of data science and AI workloads on performance client products like workstations, [and] we're seeing software development need the ability for more customization and flexibility.' This is where Linux and the power of open source come into the picture, says Herman. This is particularly crucial in artificial intelligence data science and content creation applications, areas Lenovo is eager to tap. 'Overall, we see content creators looking for an edge, looking for a new way, a new platform to develop on,' says Herman. 'The number of Linux users is increasing year on year, so from a market standpoint, we see it's the right time to do it.' "



[1] https://www.techrepublic.com/article/the-world-is-really-changing-why-linux-on-desktop-is-taking-a-leap-forward/

Security updates for Tuesday

([Security] Jun 9, 2020 15:06 UTC (Tue) (ris))

Security updates have been issued by Debian (libpam-tacplus), Gentoo (gnutls), Oracle (unbound), Scientific Linux (freerdp and unbound), and SUSE (firefox, java-11-openjdk, java-1_7_0-openjdk, java-1_8_0-openjdk, nodejs10, and ruby2.1).

Plasma 5.19 released

([Development] Jun 9, 2020 14:11 UTC (Tue) (corbet))

[1]Version 5.19 of the KDE Plasma desktop is out. " In this release, we have prioritized making Plasma more consistent, correcting and unifying designs of widgets and desktop elements; worked on giving you more control over your desktop by adding configuration options to the System Settings; and improved usability, making Plasma and its components easier to use and an overall more pleasurable experience. "



[1] https://kde.org/announcements/plasma-5.19.0

Lightweight alternatives to Google Analytics

([Development] Jun 17, 2020 18:34 UTC (Wed) (benhoyt))

More and more web-site owners are concerned about the "all-seeing Google" tracking users as they browse around the web. [1]Google Analytics (GA) is a full-featured web-analytics system that is available for free and, despite the privacy concerns, has become the de facto analytics tool for small and large web sites alike. However, in recent years, a growing number of alternatives are helping break Google's dominance. In this article we'll look at two of the lightweight open-source options, namely GoatCounter and Plausible. In a subsequent article, we'll look at a few of the larger tools.



[1] https://en.wikipedia.org/wiki/Google_Analytics

[$] 5.8 Merge window, part 2

([Kernel] Jun 14, 2020 22:18 UTC (Sun) (corbet))

By the time Linus Torvalds [1]released 5.8-rc1 and closed the merge window for this development cycle, 14,206 non-merge changesets had been pulled into the repository for 5.8. That is more work than was pulled for the entire 5.7 cycle; clearly development work on the kernel has not (yet) slowed down in response to events in the wider world. The nearly 6,700 changes pulled since [2]the previous summary include huge numbers of fixes and internal cleanups, but there were a number of significant features added as well.



[1] https://lwn.net/Articles/823019/

[2] https://lwn.net/Articles/822077/

[$] DMA-BUF cache handling: Off the DMA API map (part 2)

([Kernel] Jun 11, 2020 19:38 UTC (Thu) (jstultz))

[1]Part 1 of this series , covered some background on ION, DMA-BUF heaps, the DMA API, and the concept of "ownership" when it comes to handling CPU-cache maintenance, finally ending on a conventional DMA API view of how DMA-BUF cache handling should be done. The article concluded with a discussion of why the traditional DMA APIs can perform poorly on contemporary systems. This article completes the series with an exploration of some of the approaches that DMA-BUF exporters can use to avoid unnecessary cache operations along with some rough proposals for how we might improve things.



[1] https://lwn.net/Articles/822052/

[$] A look at the ESP8266 for IoT

([Development] Jun 15, 2020 15:53 UTC (Mon) (coogle))

The Internet of Things (IoT) world is filled with countless microprocessors. One option we have covered in various ways before is the Arduino ecosystem. In the same vein, we now will look at another interesting segment of that community: The WiFi-enabled Espressif ESP8266 chip.

Security updates for Monday

([Security] Jun 8, 2020 14:44 UTC (Mon) (ris))

Security updates have been issued by Debian (cups, dbus, gnutls28, graphicsmagick, libupnp, and nodejs), Fedora (gnutls, kernel, libarchive, php-phpmailer6, and sympa), openSUSE (axel, GraphicsMagick, libcroco, libreoffice, libxml2, and xawtv), Oracle (bind, firefox, freerdp, and kernel), Red Hat (bind, freerdp, and unbound), Scientific Linux (firefox), SUSE (dpdk, file-roller, firefox, gnuplot, libexif, php7, php72, slurm_20_02, and vim), and Ubuntu (gnutls28).
More

That's no moon...
-- Obi-wan Kenobi