The kernel's print function, printk(), has been the target of numerous improvement efforts over the years for a variety of reasons. One persistent problem with printk() has been that its latency is unacceptably high for the realtime Linux kernel; at this point, printk() represents the last piece needing changes before the RT_PREEMPT patches can be fully merged. So there have been efforts to rework printk() for latency and lots of other reasons, but those have not made it into the mainline; a recent discussion at the 2022 Linux Plumbers Conference (LPC) seems to have paved the way for new solution to land in the mainline before too long.

Jason Ekstrand announces a new Vulkan driver for NVIDIA hardware on the Collabora blog. It seems to be off to a good start, but there is some work yet to do:

Normally, I would have submitted the merge request long ago. There are far more alpha-quality drivers already in Mesa. The problem is that we really need a new kernel uAPI to support Vulkan properly and I don't want to be stuck supporting the current nouveau uAPI for the next five years.

The 5.19.13 stable kernel update is out. "This release is to resolve a regression on some Intel graphics systems that had problems with 5.19.12. If you do not have this problem with 5.19.12, there is no need to upgrade."

OpenSSH 9.1 has been released. It is advertised as a bug-fix release (and it addresses a few low-priority memory-safety bugs), but there's also a new option to set the minimum RSA key size for authentication, a few sftp extensions, and more.

Security updates have been issued by Debian (barbican), Fedora (libdxfrw, librecad, and python-oauthlib), Oracle (bind), Red Hat (bind and rh-python38-python), SUSE (bind, chromium, colord, libcroco, libgit2, lighttpd, nodejs12, python, python3, slurm, slurm_20_02, and webkit2gtk3), and Ubuntu (linux-azure, python-django, strongswan, and wayland).

Version 2.38.0 of the Git distributed version-control system has been released. It comes with lots of new features and bug fixes, some of the former are described in a GitHub blog post by Taylor Blau. Highlights include the promotion of the scalar addition for large repositories into Git core, improvements to multi-branch rebase operations with --update-refs, performance improvements, a bash prompt indication for unmerged indexes, and lots more.

The accepted sessions for the upcoming Netdev 0x16 have been posted. The conference will be held virtually and in-person in Lisbon, Portugal October 24-28. In addition, early-bird registration rates have been extended to October 4. Netdev 0x16, like all the previous netdev conferences, is a conference of the netdev community, by the netdev community, for the netdev community. Linux kernel networking and user space utilization of the interfaces to the Linux kernel networking subsystem are the focus. If you are using Linux as a boot system for proprietary networking, then this conference _may not be for you_.

Linus Torvalds released the 6.0 kernel on October 2. There were 15,402 non-merge changesets pulled into the mainline for this release, growing the kernel by just over 1.1 million lines of code. As usual, a lot went into the creation of this kernel release; read on for a look at where some of that work came from.

Security updates have been issued by Debian (chromium, gdal, kernel, libdatetime-timezone-perl, libhttp-daemon-perl, lighttpd, mariadb-10.3, node-thenify, snakeyaml, tinyxml, and tzdata), Fedora (enlightenment, kitty, and thunderbird), Mageia (expat, firejail, libjpeg, nodejs, perl-HTTP-Daemon, python-mako, squid, and thunderbird), Scientific Linux (firefox and thunderbird), SUSE (buildah, connman, cosign, expat, ImageMagick, python36, python39, slurm, and webkit2gtk3), and Ubuntu (linux, linux-aws, linux-kvm, linux-lts-xenial and linux-gke-5.15).

Linus has released the 6.0 kernel as expected.

So, as is hopefully clear to everybody, the major version number change is more about me running out of fingers and toes than it is about any big fundamental changes.

But of course there's a lot of various changes in 6.0 - we've got over 15k non-merge commits in there in total, after all, and as such 6.0 is one of the bigger releases at least in numbers of commits in a while.

Headline features in 6.0 include a number of io_uring improvements including support for buffered writes to XFS filesystems and zero-copy network transmission, an io_uring-based block driver mechanism, the runtime verification subsystem, and much more; see the LWN merge-window summaries (part 1, part 2) for more information.

The results are in on the Debian project's general-resolution vote regarding non-free firmware in the installer image. The winning option allows the installer image to include firmware necessary to use the system:

We will include non-free firmware packages from the "non-free-firmware" section of the Debian archive on our official media (installer images and live images). The included firmware binaries will normally be enabled by default where the system determines that they are required, but where possible we will include ways for users to disable this at boot (boot menu option, kernel command line etc.).

The vote also changes the Debian Social Contract to make it clear that including non-free firmware in this manner is allowed.

Just over ten years ago, the Arm big.LITTLE architecture posed a challenge for the kernel's CPU scheduler: how should processes be assigned to CPUs when not all CPUs have the same capacity? The situation has not gotten simpler since then; new systems bring new quirks that must be kept in mind for optimal scheduling. At the 2022 Linux Plumbers Conference, Len Brown and Ricardo Neri talked about Intel's hybrid systems and the work that is being done to schedule properly on those systems.

Security updates have been issued by Debian (libsndfile and libvncserver), Fedora (bash), Red Hat (httpd24-httpd, java-1.7.1-ibm, and java-1.8.0-ibm), and SUSE (krb5-appl, libjpeg-turbo, python310, and slurm_20_02).

Over on the Collabora blog, Marius Vlad writes about the recent Weston 11.0.0 release. Weston is the reference compositor for the Wayland display server protocol. Vlad looks at features of the release, including some things that are being deprecated and removed, as well as features coming in Weston 12. Color management infrastructure code has landed that allows HDR [high dynamic range] characteristics to be delivered to an HDR-capable monitor by setting-up HDR metadata in a weston.ini configuration file and delivering that to KMS [kernel mode setting]. Once Weston gains the ability to produce HDR content in a future version, it will come naturally supported.

This new version brings in multiple RDP [remote desktop protocol] improvements, like clipboard pasting, various keyboard language support, bumped support for a newer version of FreeRDP library, and many more other improvements and fixes.

Over on the Collabora blog, Marius Vlad writes about the recent Weston 11.0.0 release. Weston is the reference compositor for the Wayland display server protocol. Vlad looks at features of the release, including some things that are being deprecated and removed, as well as features coming in Weston 12. Color management infrastructure code has landed that allows HDR [high dynamic range] characteristics to be delivered to an HDR-capable monitor by setting-up HDR metadata in a weston.ini configuration file and delivering that to KMS [kernel mode setting]. Once Weston gains the ability to produce HDR content in a future version, it will come naturally supported.

This new version brings in multiple RDP [remote desktop protocol] improvements, like clipboard pasting, various keyboard language support, bumped support for a newer version of FreeRDP library, and many more other improvements and fixes.

The GDB debugger has a long history; it was first created in 1986. It may thus be unsurprising that some GDB development happens over relatively long time frames but, even when taking that into account, the existence of an open bug first reported in 2007 may be a little surprising. At the 2022 GNU Tools Cauldron, GDB maintainer Pedro Alves talked about why this problem has been difficult to solve, and what the eventual solution looks like.

When the kernel is running, it has access to its entire address space — usually including all of physical memory — even if only a small portion of that address space is actually needed. That increases the kernel's vulnerability to speculative attacks. An address-space isolation patch set aiming to change this situation has been circulating for a few years, but has never been seriously considered for merging into the mainline. At the 2022 Linux Plumbers Conference, Ofir Weisse sought to convince the development community to reconsider address-space isolation.

Security updates have been issued by Debian (chromium, lighttpd, and webkit2gtk), Fedora (firefox, gajim, libofx, and python-nbxmpp), Gentoo (bluez, chromium, expat, firefox, go, graphicsmagick, kitty, php, poppler, redis, thunderbird, and zutty), Oracle (firefox and thunderbird), Red Hat (kernel), Slackware (xorg), SUSE (expat, libostree, lighttpd, python3-lxml, rust1.62, slurm, slurm_18_08, and vsftpd), and Ubuntu (libxi, linux-gcp, postgresql-9.5, and sqlite3).

The LWN.net Weekly Edition for September 29, 2022 is available.

Over the past few years, there has been quite a bit of progress in various kernel features that can be used to create containers without requiring privileges. Most of the containers these days run as root, which means that a vulnerability leading to an escape from the container can result in system compromise. Stéphane Graber gave a talk at the 2022 Linux Security Summit Europe (LSS EU) to fill in some of the details of work that he and others have been doing to run containers as unprivileged code.