The Linux deadline scheduler supports realtime systems where applications need to be sure of getting their work done within a specific period of time. It allocates CPU time to deadline tasks in such a way as to ensure that each task's specific timing constraints are met. However, the current implementation does not work well on asymmetric CPU configurations like Arm's big.LITTLE. Dietmar Eggemann recently posted a patch set to address this problem by adding the notion of CPU capacity to the deadline scheduler.

Security updates have been issued by Debian (libexif and tomcat8), Fedora (python38), openSUSE (libxslt), Oracle (git), Red Hat (bind, freerdp, and git), Scientific Linux (git), SUSE (qemu and tomcat), and Ubuntu (apt, json-c, kernel, linux, linux-raspi2, linux-raspi2-5.3, and openssl).

In traditional build tools like Make, targets and dependencies are always files. Imagine if you could specify an entire tree (directory) as a dependency: You could exhaustively specify a "build root" filesystem containing the toolchain used for building some target as a dependency of that target. Similarly, a rule that creates that build root would have the tree as its target. Using Merkle trees as first-class citizens in a build system gives great flexibility and many optimization opportunities. In this article, guest author David Röthlisberger explores this idea using OSTree, Ninja, and Python.

Security updates have been issued by Fedora (dovecot, dpdk, knot-resolver, and unbound), Mageia (ant, libexif, and php), SUSE (libmspack), and Ubuntu (php5, php7.0, php7.2, php7.3, php7.4 and unbound).

The LWN.net Weekly Edition for May 28, 2020 is available.

The Python Language Summit is an annual gathering for the developers of various Python implementations, though, this year, the gathering actually happened via videoconference—as with so many other conferences due to the pandemic. The invite-only gathering typically has numerous interesting sessions, as can be seen in the LWN coverage of the summit from 2015 to 2018, as well as in the 2019 summit coverage on the Python Software Foundation (PSF) blog. Those writeups were penned by A. Jesse Jiryu Davis, who reprised his role for this year's summit. In this article, I will summarize some of the sessions that caught my eye.

Kees Cook takes a look some changes improving security in Linux 5.5. Topics include restrict perf_event_open() from LSM, generic fast full refcount_t, linker script cleanup for exception tables, KASLR for 32-bit PowerPC, seccomp for RISC-V, and more.

We are living through interesting times that present challenges in a number of areas, including running a business. While we think of LWN primarily as a community resource, it is also a business that is not unaffected by the ongoing pandemic. It is, we figure, a good time for a status update, especially since we have some news to share.

Stable kernels 5.6.15, 5.4.43, 4.19.125, 4.14.182, 4.9.225, and 4.4.225 have been released. They all contain important fixes and users should upgrade.

The OpenSSH 8.3 release is out. This primarily a bug-fix release with a handful of minor new features. It does, however, carry a prominent notice that ssh-rsa signature algorithm will be disabled in "a near-future release". The announcement includes information on how to determine whether hosts you care about are affected.

The OpenSSH 8.3 release is out. This primarily a bug-fix release with a handful of minor new features. It does, however, carry a prominent notice that ssh-rsa signature algorithm will be disabled in "a near-future release". The announcement includes information on how to determine whether hosts you care about are affected.

Security updates have been issued by Debian (drupal7 and unbound), Fedora (libEMF and transmission), Mageia (dojo, log4net, nginx, nodejs-set-value, sleuthkit, and transmission), Red Hat (rh-maven35-jackson-databind), SUSE (dpdk and mariadb-connector-c), and Ubuntu (thunderbird).

Here's a detailed blog entry from Dan Carpenter on adding improved lock checking to the smatch static-analysis tool. "When Smatch gained the ability to do cross function analysis in 2010, I knew that I had to re-write the locking check to take advantage of the new cross function analysis feature. When you combine cross function analysis with top of the line flow analysis available and in depth knowledge of kernel locks then the result is the Ultimate Locking Check! Unfortunately, I have a tendency towards procrastination and it took me a decade to get around to it, but it is done now. This blog will step through how the locking analysis works."

The Go programming language comes with tools for writing and running tests: the standard library's testing package, and the go test command to run test suites. Like the language itself, Go's philosophy for writing tests is minimalist: use the lightweight testing package along with helper functions written in plain Go. The idea is that tests are just code, and since a Go developer already knows how to write Go using its abstractions and types, there's no need to learn a quirky domain-specific language for writing tests.

Security updates have been issued by Debian (sqlite3), Fedora (libarchive and netdata), openSUSE (dom4j, dovecot23, gcc9, and memcached), Red Hat (devtoolset-9-gcc, httpd24-httpd and httpd24-mod_md, ipmitool, kernel, kpatch-patch, openvswitch, openvswitch2.11, openvswitch2.13, rh-haproxy18-haproxy, and ruby), and SUSE (freetds, jasper, libxslt, and sysstat).

Version 017 of the decidedly non-traditional GoboLinux distribution has been released. "This release introduces a simplified model for recipe management and contribution that's fully integrated with the Compile build tool. The recipe tree is now a plain Git repository managed via GitHub cloned into your /Data/Compile/Recipes directory and used by the GoboLinux Compile tool directly."

Hibernation is normally thought of as a laptop feature — and an old and obsolete laptop feature at that. One does not normally consider it to be relevant in cloud settings. But, at the 2020 Power Management and Scheduling in the Linux Kernel summit (OSPM), Andrea Righi argued that there may actually be a place for hibernation on cloud-based systems if it can be made to work reliably.

Security updates have been issued by Arch Linux (chromium, dovecot, openconnect, and powerdns-recursor), Debian (cracklib2, feh, netqmail, ruby-rack, tomcat7, and transmission), Fedora (dovecot, kernel, log4net, openconnect, python-markdown2, and unbound), Mageia (ansible, clamav, dovecot, file-roller, glpi, kernel, kernel-linus, libntlm, microcode, nmap, pdns-recursor, unbound, viewvc, and wireshark), openSUSE (ant, autoyast2, dpdk, file, freetype2, gstreamer-plugins-base, imapfilter, libbsd, libvpx, libxml2, nextcloud, openconnect, openexr, opera, pdns-recursor, python, python-rpyc, and tomcat), and SUSE (salt, tomcat6, and zstd).

The 5.7-rc7 kernel prepatch is out. "So it looks like I was worried for nothing last rc. Of course, anything can still change, but everything _looks_ all set for a regular release scheduled for next weekend. Knock wood."

The kernel's CPU scheduler is good at distributing tasks across a multiprocessor system, but does it do so fairly? If some tasks get a lot more CPU time than others, the result is likely to be unhappy users. Vincent Guittot ran a session at the 2020 Power Management and Scheduling in the Linux Kernel summit (OSPM) looking into this issue, with a focus on detecting load imbalances between CPUs and what to do with a workload that cannot be balanced.