ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Some weekend stable kernel updates

([Kernel] Jun 7, 2020 22:31 UTC (Sun) (corbet))

The [1]5.7.1 , [2]5.6.17 , [3]5.4.45 , and [4]4.19.127 stable kernel updates have been released with another set of important fixes.



[1] https://lwn.net/Articles/822421/

[2] https://lwn.net/Articles/822422/

[3] https://lwn.net/Articles/822423/

[4] https://lwn.net/Articles/822424/

[$] A crop of new capabilities

([Kernel] Jun 8, 2020 19:51 UTC (Mon) (corbet))

Linux capabilities empower the holder to perform a set of specific privileged operations while withholding the full power of root access; see [1]the capabilities man page for a list of current capabilities and what they control. There have been no capabilities added to the kernel since [2]CAP_AUDIT_READ was merged for 3.16 in 2014. That's about to change with the 5.8 release, though, which is set to contain two new capabilities; yet another is currently under development.



[1] https://man7.org/linux/man-pages/man7/capabilities.7.html

[2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3a101b8de0d3

Rosenzweig: Bifrost meets GNOME: Onward & upward to zero graphics blobs

([Development] Jun 5, 2020 17:19 UTC (Fri) (corbet))

Alyssa Rosenzweig [1]provides an update on the Panfrost driver for Mali GPUs on the Collabora blog. " In the past 3 months since we began work on Bifrost, fellow Collaboran Tomeu Vizoso and I have progressed from stubbing out the new compiler and command stream in March to running real programs by May. Driven by a reverse-engineering effort in tandem with the free software community, we are confident that against proprietary blobs and downstream hacks, open-source software will prevail. "



[1] https://www.collabora.com/news-and-blog/blog/2020/06/05/bifrost-meets-gnome-onward-upward-zero-graphics-blobs/

Home Assistant, the Python IoT Hub

([Development] Jun 10, 2020 23:38 UTC (Wed) (coogle))

The Internet of Things (IoT) push continues to expand as tens of thousands of different internet-enabled devices from light bulbs to dishwashers reach consumers' homes. Home Assistant is an open-source project to make the most of all of those devices, potentially with no data being shared with third parties.

Security updates for Friday

([Security] Jun 5, 2020 14:08 UTC (Fri) (jake))

Security updates have been issued by CentOS (bind, firefox, and freerdp), Debian (netqmail and python-django), Fedora (cacti, cacti-spine, dbus, firefox, gjs, mbedtls, mozjs68, and perl), Oracle (freerdp and kernel), Scientific Linux (bind and firefox), Slackware (mozilla), SUSE (krb5-appl, libcroco, libexif, libreoffice, libxml2, qemu, transfig, and vim), and Ubuntu (firefox, freerdp, and python-django).

[$] Seccomp and deep argument inspection

([Kernel] Jun 10, 2020 23:16 UTC (Wed) (jake))

Kees Cook has been doing some thinking about plans for new [1]seccomp features to work on soon. There were four separate areas that he was interested in, which he [2]detailed in a lengthy mid-May message on the linux-kernel mailing list. One of those features, deep argument inspection, has been [3]covered here before , but it would seem that we are getting closer to a resolution on how that all will work.



[1] https://lwn.net/Articles/656307/

[2] https://lwn.net/ml/linux-kernel/202005181120.971232B7B@keescook/

[3] https://lwn.net/Articles/799557/

LWN.net Weekly Edition for June 11, 2020


Security updates for Thursday

([Security] Jun 4, 2020 13:15 UTC (Thu) (jake))

Security updates have been issued by Debian (firefox-esr), Fedora (firefox and prboom-plus), Oracle (bind), Red Hat (firefox), and SUSE (osc).

FreeNAS is coming to Linux

([Distributions] Jun 3, 2020 21:14 UTC (Wed) (corbet))

The FreeNAS distribution implements network-attached storage on top of the ZFS filesystem; it was [1]reviewed here back in 2015. FreeNAS has always been based on FreeBSD, but now iXsystems, the company behind this system, has [2]announced a new version, called TrueNAS SCALE, that will be based on Debian. " Linux is a key requirement to achieve some of the SCALE project goals ". More information about those goals will evidently be forthcoming in the future.



[1] https://lwn.net/Articles/631216/

[2] https://www.ixsystems.com/community/threads/starting-our-next-open-source-project-truenas-scale.85203/

Stable kernel updates

([Kernel] Jun 3, 2020 15:00 UTC (Wed) (ris))

Stable kernels [1]5.6.16 , [2]5.4.44 , [3]4.19.126 , [4]4.14.183 , [5]4.9.226 , and [6]4.4.226 have been released. They all contain important fixes and users should upgrade.



[1] https://lwn.net/Articles/822138/

[2] https://lwn.net/Articles/822139/

[3] https://lwn.net/Articles/822140/

[4] https://lwn.net/Articles/822141/

[5] https://lwn.net/Articles/822142/

[6] https://lwn.net/Articles/822143/

Security updates for Wednesday

([Security] Jun 3, 2020 14:51 UTC (Wed) (ris))

Security updates have been issued by Fedora (java-11-openjdk, perl-Email-MIME, perl-Email-MIME-ContentType, and slurm), openSUSE (imapfilter, mailman, and python-rpyc), Red Hat (bind and firefox), SUSE (evolution-data-server, python, qemu, and w3m), and Ubuntu (python-django).

[$] 5.8 Merge window, part 1

([Kernel] Jun 5, 2020 16:32 UTC (Fri) (corbet))

Just over 7,500 non-merge changesets have been pulled into the mainline repository since the opening of the 5.8 merge window — not a small amount of work for just four days. The early pulls are dominated by the networking and graphics trees, but there is a lot of other material in there as well. Read on for a summary of what entered the kernel in the first part of this development cycle.

Devuan Beowulf 3.0.0 released

([Distributions] Jun 2, 2020 21:33 UTC (Tue) (ris))

Devuan Beowulf 3.0.0 has been released. This version is based on Debian 10.4 Buster, with eudev and elogind to replace aspects of systemd. Optional alternatives runit and openrc are also available.

[$] DMA-BUF cache handling: Off the DMA API map (part 1)

([Kernel] Jun 4, 2020 18:54 UTC (Thu) (jstultz))

Recently, the [1]DMA-BUF heaps interface was added to the 5.6 kernel. This interface is similar to [2]ION , which has been used for years by Android vendors. However, in trying to move vendors to use DMA-BUF heaps, we have begun to see how the DMA API model doesn't fit well for modern mobile devices. Additionally, the lack of clear guidance in how to handle cache operations efficiently, results in vendors using custom device-specific optimizations that aren't generic enough for an upstream solution. This article will describe the nature of the problem; the upcoming second installment will look at the path toward a solution.



[1] https://lwn.net/Articles/792733/

[2] https://lwn.net/Articles/480055/

Firefox 77.0

([Development] Jun 2, 2020 15:56 UTC (Tue) (ris))

Firefox 77.0 has been released. Among the new things in this release, LWN readers may be most interested in the new about:certificate page where you can view and manage web certificates. See the [1]release notes for details.



[1] https://www.mozilla.org/en-US/firefox/77.0/releasenotes/

Security updates for Tuesday

([Security] Jun 2, 2020 14:55 UTC (Tue) (ris))

Security updates have been issued by Arch Linux (ant, bind, freerdp, and unbound), CentOS (bind, freerdp, and git), Debian (python-httplib2), Fedora (ant, kernel, sqlite, and sympa), openSUSE (java-11-openjdk and qemu), Oracle (bind), Red Hat (freerdp), Scientific Linux (python-pip and python-virtualenv), Slackware (firefox), SUSE (qemu), and Ubuntu (Apache Ant, ca-certificates, flask, and freerdp2).

Security updates for Monday

([Security] Jun 1, 2020 14:49 UTC (Mon) (ris))

Security updates have been issued by Debian (bind9, dosfstools, gst-plugins-good0.10, gst-plugins-ugly0.10, json-c, php-horde, php-horde-gollem, salt, and sane-backends), Fedora (drupal7, marked, NetworkManager, and wireshark), Mageia (gdb, jasper, and json-c), openSUSE (freetds, jasper, libmspack, mariadb-connector-c, sysstat, and trousers), Red Hat (bind), Scientific Linux (bind and freerdp), and SUSE (file-roller and java-11-openjdk).

The 5.7 kernel is out

([Kernel] Jun 1, 2020 2:25 UTC (Mon) (corbet))

Linus has [1]released the 5.7 kernel right on schedule. Headline features in 5.7 include x86 [2]split-lock detection , [3]thermal-pressure management , [4]frequency invariance in the load-tracking code, [5]coexistence between BPF and realtime preemption, support for BPF security hook programs (formerly called the [6]KRSI security module ), a new, Microsoft-blessed exFAT filesystem implementation, and more. The final patch to be merged was [7]this one deprecating the long-standing 80-column limit for kernel source. See the [8]KernelNewbies 5.7 page for lots of details.



[1] https://lwn.net/Articles/821872/

[2] https://lwn.net/Articles/806466/

[3] https://lwn.net/Articles/788380/

[4] https://lwn.net/Articles/816388/

[5] https://lwn.net/Articles/802884/

[6] https://lwn.net/Articles/808048/

[7] https://git.kernel.org/linus/bdc48fa11e46

[8] https://kernelnewbies.org/Linux_5.7

The history and evolution of PHP governance

([Development] Jun 3, 2020 21:43 UTC (Wed) (coogle))

The PHP language is widely used in solving some of the most interesting technical problems on the web. But for a language with widespread use, it is unique — or at least an outlier — in the way it's governed compared to other open-source projects. Unlike others, PHP governance has grown into something fairly democratic for a project its size, allowing almost anyone to bring an idea to the table. If it's popular enough, that idea can find its way into a future release. That is, of course, as long as there is a developer to put in the work to make it happen.

Free user space for non-graphics drivers

([Security] Jun 3, 2020 19:10 UTC (Wed) (jake))

In the kernel graphics world, there has been a longstanding " [1]line in the sand " that disallows merging kernel drivers without a corresponding free-software user-space driver. The idea is that not having a way to test the full functionality means that the kernel developers cannot verify the proper functioning and security of the driver; changes to the kernel driver may lead to unforeseen (and untestable) problems on the user-space side. More recently, though, we have seen other types of devices with complex drivers, but no useful free user-space piece, that have been proposed for inclusion into the kernel; at least one was merged, but the tide has perhaps turned against those types of drivers at this point—or some of them, anyway.



[1] https://lwn.net/Articles/394702/
More

Watch Rincewind.

Look at him. Scrawny, like most wizards, and clad in a dark red robe on
which a few mystic sigils were embroidered in tarnished sequins. Some might
have taken him for a mere apprentice enchanter who had run away from his
master out of defiance, boredom, fear and a lingering taste for
heterosexuality. Yet around his neck was a chain bearing the bronze octagon
that marked him as an alumnus of Unseen University, the high school of magic
whose time-and-space transcendent campus is never precisely Here or There.
Graduates were usually destined for mageship at least, but Rincewind--after
an unfortunate event--had left knowing only one spell and made a living of
sorts around the town by capitalizing on an innate gift for languages. He
avoided work as a rule, but had a quickness of wit that put his
acquaintances in mind of a bright rodent.
-- Terry Pratchett, "The Colour of Magic"