Development statistics for the 5.7 kernel
([Kernel] Jun 2, 2020 17:13 UTC (Tue) (corbet))
The 5.7 kernel was [1]released on May 31. By all appearances this was a normal development cycle, unaffected by the troubles in the wider world. Still, there are things to be learned by looking at where the code came from this time around. Read on for LWN's traditional look at who contributed to 5.7, who supported that work, and the paths by which it got into the mainline.
[1] https://lwn.net/Articles/821872/
[1] https://lwn.net/Articles/821872/
Security updates for Friday
([Security] May 29, 2020 13:36 UTC (Fri) (jake))
Security updates have been issued by Debian (libexif and tomcat8), Fedora (python38), openSUSE (libxslt), Oracle (git), Red Hat (bind, freerdp, and git), Scientific Linux (git), SUSE (qemu and tomcat), and Ubuntu (apt, json-c, kernel, linux, linux-raspi2, linux-raspi2-5.3, and openssl).
[$] A possible end to the FSGSBASE saga
([Kernel] Jun 1, 2020 15:23 UTC (Mon) (corbet))
The [1]FSGSBASE patch series is up to its thirteenth version as of late May. It enables some "new" instructions for the x86 architecture, opening the way for a number of significant performance improvements. One might think that such a patch series would be a shoo-in, but FSGSBASE has had a troubled history; meanwhile, the delays in getting it merged may have led to a number of users installing root holes on their Linux systems in the hope of improving security.
[1] https://lwn.net/ml/linux-kernel/20200528201402.1708239-1-sashal@kernel.org/
[1] https://lwn.net/ml/linux-kernel/20200528201402.1708239-1-sashal@kernel.org/
LWN.net Weekly Edition for June 4, 2020
Security updates for Thursday
([Security] May 28, 2020 12:52 UTC (Thu) (jake))
Security updates have been issued by Fedora (dovecot, dpdk, knot-resolver, and unbound), Mageia (ant, libexif, and php), SUSE (libmspack), and Ubuntu (php5, php7.0, php7.2, php7.3, php7.4 and unbound).
Cook: security things in Linux v5.5
([Security] May 27, 2020 21:19 UTC (Wed) (ris))
Kees Cook [1]takes a look some changes improving security in Linux 5.5. Topics include restrict perf_event_open() from LSM, generic fast full refcount_t , linker script cleanup for exception tables, KASLR for 32-bit PowerPC, seccomp for RISC-V, and more.
[1] https://outflux.net/blog/archives/2020/05/27/security-things-in-linux-v5-5/
[1] https://outflux.net/blog/archives/2020/05/27/security-things-in-linux-v5-5/
[$] Capacity awareness for the deadline scheduler
([Kernel] May 29, 2020 18:45 UTC (Fri) (mrybczyn))
The Linux deadline scheduler supports realtime systems where applications need to be sure of getting their work done within a specific period of time. It allocates CPU time to deadline tasks in such a way as to ensure that each task's specific timing constraints are met. However, the current implementation does not work well on asymmetric CPU configurations like [1]Arm's big.LITTLE . Dietmar Eggemann recently [2]posted a patch set to address this problem by adding the notion of CPU capacity to the deadline scheduler.
[1] https://en.wikipedia.org/wiki/ARM_big.LITTLE
[2] https://lwn.net/ml/linux-kernel/20200520134243.19352-1-dietmar.eggemann@arm.com/
[1] https://en.wikipedia.org/wiki/ARM_big.LITTLE
[2] https://lwn.net/ml/linux-kernel/20200520134243.19352-1-dietmar.eggemann@arm.com/
A pandemic-era LWN update
([Front] May 27, 2020 20:03 UTC (Wed) (corbet))
We are living through interesting times that present challenges in a number of areas, including running a business. While we think of LWN primarily as a community resource, it is also a business that is not unaffected by the ongoing pandemic. It is, we figure, a good time for a status update, especially since we have some news to share.
A set of stable kernels
([Kernel] May 27, 2020 16:33 UTC (Wed) (ris))
Stable kernels [1]5.6.15 , [2]5.4.43 , [3]4.19.125 , [4]4.14.182 , [5]4.9.225 , and [6]4.4.225 have been released. They all contain important fixes and users should upgrade.
[1] https://lwn.net/Articles/821548/
[2] https://lwn.net/Articles/821549/
[3] https://lwn.net/Articles/821550/
[4] https://lwn.net/Articles/821551/
[5] https://lwn.net/Articles/821552/
[6] https://lwn.net/Articles/821553/
[1] https://lwn.net/Articles/821548/
[2] https://lwn.net/Articles/821549/
[3] https://lwn.net/Articles/821550/
[4] https://lwn.net/Articles/821551/
[5] https://lwn.net/Articles/821552/
[6] https://lwn.net/Articles/821553/
OpenSSH 8.3 released (and ssh-rsa deprecation notice)
([Security] May 27, 2020 15:38 UTC (Wed) (corbet))
The OpenSSH 8.3 release is out. This primarily a bug-fix release with a handful of minor new features. It does, however, carry a prominent notice that ssh-rsa signature algorithm will be disabled in " a near-future release ". The announcement includes information on how to determine whether hosts you care about are affected.
Security updates for Wednesday
([Security] May 27, 2020 14:34 UTC (Wed) (ris))
Security updates have been issued by Debian (drupal7 and unbound), Fedora (libEMF and transmission), Mageia (dojo, log4net, nginx, nodejs-set-value, sleuthkit, and transmission), Red Hat (rh-maven35-jackson-databind), SUSE (dpdk and mariadb-connector-c), and Ubuntu (thunderbird).
Carpenter: Writing the Ultimate Locking Check
([Kernel] May 26, 2020 20:04 UTC (Tue) (corbet))
Here's [1]a detailed blog entry from Dan Carpenter on adding improved lock checking to the smatch static-analysis tool. " When Smatch gained the ability to do cross function analysis in 2010, I knew that I had to re-write the locking check to take advantage of the new cross function analysis feature. When you combine cross function analysis with top of the line flow analysis available and in depth knowledge of kernel locks then the result is the Ultimate Locking Check! Unfortunately, I have a tendency towards procrastination and it took me a decade to get around to it, but it is done now. This blog will step through how the locking analysis works. "
[1] https://blogs.oracle.com/linux/writing-the-ultimate-locking-check
[1] https://blogs.oracle.com/linux/writing-the-ultimate-locking-check
Security updates for Tuesday
([Security] May 26, 2020 14:42 UTC (Tue) (ris))
Security updates have been issued by Debian (sqlite3), Fedora (libarchive and netdata), openSUSE (dom4j, dovecot23, gcc9, and memcached), Red Hat (devtoolset-9-gcc, httpd24-httpd and httpd24-mod_md, ipmitool, kernel, kpatch-patch, openvswitch, openvswitch2.11, openvswitch2.13, rh-haproxy18-haproxy, and ruby), and SUSE (freetds, jasper, libxslt, and sysstat).
Some sessions from the Python Language Summit
([Development] May 27, 2020 21:58 UTC (Wed) (jake))
The Python Language Summit is an annual gathering for the developers of various Python implementations, though, this year, the gathering actually happened via videoconference—as with so many other conferences due to the pandemic. The invite-only gathering typically has numerous interesting sessions, as can be seen in the LWN [1]coverage of the summit from 2015 to 2018, as well as in the 2019 summit [2]coverage on the [3]Python Software Foundation (PSF) blog. Those writeups were penned by A. Jesse Jiryu Davis, who reprised his role for [4]this year's summit . In this article, I will summarize some of the sessions that caught my eye.
[1] https://lwn.net/Archives/ConferenceIndex/#Python_Language_Summit
[2] https://pyfound.blogspot.com/2019/05/the-2019-python-language-summit.html
[3] https://www.python.org/psf-landing/
[4] http://pyfound.blogspot.com/2020/04/the-2020-python-language-summit.html
[1] https://lwn.net/Archives/ConferenceIndex/#Python_Language_Summit
[2] https://pyfound.blogspot.com/2019/05/the-2019-python-language-summit.html
[3] https://www.python.org/psf-landing/
[4] http://pyfound.blogspot.com/2020/04/the-2020-python-language-summit.html
[$] Merkle trees and build systems
([Development] May 28, 2020 13:19 UTC (Thu) (drothlis))
In traditional build tools like Make, targets and dependencies are always files . Imagine if you could specify an entire tree (directory) as a dependency: You could exhaustively specify a "build root" filesystem containing the toolchain used for building some target as a dependency of that target. Similarly, a rule that creates that build root would have the tree as its target . Using [1]Merkle trees as first-class citizens in a build system gives great flexibility and many optimization opportunities. In this article, guest author David Röthlisberger explores this idea using [2]OSTree , [3]Ninja , and [4]Python .
[1] https://en.wikipedia.org/wiki/Merkle_tree
[2] https://ostree.readthedocs.io
[3] https://ninja-build.org/
[4] https://www.python.org/
[1] https://en.wikipedia.org/wiki/Merkle_tree
[2] https://ostree.readthedocs.io
[3] https://ninja-build.org/
[4] https://www.python.org/
[$] Testing in Go: philosophy and tools
([Development] May 26, 2020 18:35 UTC (Tue) (benhoyt))
The [1]Go programming language comes with tools for writing and running tests: the standard library's [2]testing package, and the [3]go test command to run test suites. Like the language itself, Go's philosophy for writing tests is minimalist: use the lightweight testing package along with helper functions written in plain Go. The idea is that tests are just code, and since a Go developer already knows how to write Go using its abstractions and types, there's no need to learn a quirky domain-specific language for writing tests.
[1] https://golang.org/
[2] https://golang.org/pkg/testing/
[3] https://golang.org/pkg/cmd/go/internal/test/
[1] https://golang.org/
[2] https://golang.org/pkg/testing/
[3] https://golang.org/pkg/cmd/go/internal/test/
GoboLinux 017 released
([Distributions] May 25, 2020 15:37 UTC (Mon) (corbet))
[1]Version 017 of the decidedly non-traditional GoboLinux distribution has been released. " This release introduces a simplified model for recipe management and contribution that's fully integrated with the Compile build tool. The recipe tree is now a plain Git repository managed via GitHub cloned into your /Data/Compile/Recipes directory and used by the GoboLinux Compile tool directly. "
[1] https://gobolinux.org/gobolinux017.html
[1] https://gobolinux.org/gobolinux017.html
Security updates for Monday
([Security] May 25, 2020 15:07 UTC (Mon) (ris))
Security updates have been issued by Arch Linux (chromium, dovecot, openconnect, and powerdns-recursor), Debian (cracklib2, feh, netqmail, ruby-rack, tomcat7, and transmission), Fedora (dovecot, kernel, log4net, openconnect, python-markdown2, and unbound), Mageia (ansible, clamav, dovecot, file-roller, glpi, kernel, kernel-linus, libntlm, microcode, nmap, pdns-recursor, unbound, viewvc, and wireshark), openSUSE (ant, autoyast2, dpdk, file, freetype2, gstreamer-plugins-base, imapfilter, libbsd, libvpx, libxml2, nextcloud, openconnect, openexr, opera, pdns-recursor, python, python-rpyc, and tomcat), and SUSE (salt, tomcat6, and zstd).
Kernel prepatch 5.7-rc7
([Kernel] May 24, 2020 23:59 UTC (Sun) (corbet))
The [1]5.7-rc7 kernel prepatch is out. " So it looks like I was worried for nothing last rc. Of course, anything can still change, but everything _looks_ all set for a regular release scheduled for next weekend. Knock wood. "
[1] https://lwn.net/Articles/821282/
[1] https://lwn.net/Articles/821282/
Security updates for Friday
([Security] May 22, 2020 13:23 UTC (Fri) (jake))
Security updates have been issued by CentOS (firefox, ipmitool, kernel, squid, and thunderbird), Debian (pdns-recursor), Fedora (php and ruby), Red Hat (dotnet and dotnet3.1), SUSE (dom4j, dovecot23, memcached, and tomcat), and Ubuntu (clamav, libvirt, and qemu).
Cleanse area thoroughly before applying.