Odprtokodni pogled

Opensource view

LWN.net

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Posodobljeno: 9 min 50 sec nazaj

Security updates for Friday

Pet, 12/22/2023 - 14:57
Security updates have been issued by Debian (bluez, chromium, gst-plugins-bad1.0, openssh, and thunderbird), Fedora (chromium, firefox, kernel, libssh, nss, opensc, and thunderbird), Gentoo (Arduino, Exiv2, LibRaw, libssh, NASM, and QtWebEngine), Mageia (gstreamer), and SUSE (gnutls, gstreamer-plugins-bad, libcryptopp, libqt5-qtbase, ppp, tinyxml, xorg-x11-server, and zbar).

The 6.7 kernel will be released on January 7

Čet, 12/21/2023 - 23:48
Unsurprisingly, Linus Torvalds has let it be known that he will do a 6.7-rc8 release (rather than 6.7 final) on December 31, thus avoiding opening the 6.8 merge window on New Year's Day.

Just FYI - my current plan is that -rc7 will happen this Saturday (because I still follow the Finnish customs of Christmas _Eve_ being the important day, so Sunday I'll be off), and then if anything comes in that week - which it will do, even if networking might be offline - I'll do an rc8 the week after.

Then, unless anything odd happens, the final 6.7 release will be Jan 7th, and so the merge window for 6.8 will open Jan 8th.

[$] Data-type profiling for perf

Čet, 12/21/2023 - 17:41
Tooling for profiling the effects of memory usage and layout has always lagged behind that for profiling processor activity, so Namhyung Kim's patch set for data-type profiling in perf is a welcome addition. It provides aggregated breakdowns of memory accesses by data type that can inform structure layout and access pattern changes. Existing tools have either, like heaptrack, focused on profiling allocations, or, like perf mem, on accounting memory accesses only at the address level. This new work builds on the latter, using DWARF debugging information to correlate memory operations with their source-level types.

[$] Data-type profiling for perf

Čet, 12/21/2023 - 17:41
Tooling for profiling the effects of memory usage and layout has always lagged behind that for profiling processor activity, so Namhyung Kim's patch set for data-type profiling in perf is a welcome addition. It provides aggregated breakdowns of memory accesses by data type that can inform structure layout and access pattern changes. Existing tools have either, like heaptrack, focused on profiling allocations, or, like perf mem, on accounting memory accesses only at the address level. This new work builds on the latter, using DWARF debugging information to correlate memory operations with their source-level types.

Announcing `async fn` and return-position `impl Trait` in traits (Rust Blog)

Čet, 12/21/2023 - 17:02
The Rust Blog announces the stabilization of a couple of trait features aimed at improving support for async code:

Ever since the stabilization of RFC #1522 in Rust 1.26, Rust has allowed users to write impl Trait as the return type of functions (often called "RPIT"). This means that the function returns "some type that implements Trait". This is commonly used to return closures, iterators, and other types that are complex or impossible to write explicitly. [...]

Starting in Rust 1.75, you can use return-position impl Trait in trait (RPITIT) definitions and in trait impls. For example, you could use this to write a trait method that returns an iterator: [...]

So what does all of this have to do with async functions? Well, async functions are "just sugar" for functions that return -> impl Future. Since these are now permitted in traits, we also permit you to write traits that use async fn.

Security updates for Thursday

Čet, 12/21/2023 - 14:58
Security updates have been issued by Debian (firefox-esr), Fedora (kernel), Mageia (bluez), Oracle (fence-agents, gstreamer1-plugins-bad-free, opensc, openssl, postgresql:10, and postgresql:12), Red Hat (postgresql:15 and tigervnc), Slackware (proftpd), and SUSE (docker, rootlesskit, firefox, go1.20-openssl, go1.21-openssl, gstreamer-plugins-bad, libreoffice, libssh2_org, poppler, putty, rabbitmq-server, wireshark, xen, xorg-x11-server, and xwayland).

[$] LWN.net Weekly Edition for December 21, 2023

Čet, 12/21/2023 - 01:45
The LWN.net Weekly Edition for December 21, 2023 is available.

QEMU 8.2.0 released

Sre, 12/20/2023 - 21:21
Version 8.2.0 of the QEMU emulator is out. Changes include new emulations for virtio-sound devices, universal flash storage devices, Xilinx Versal boards, and much more.

[$] Looking back at 2023

Sre, 12/20/2023 - 18:40
Yet another year has come to an end. Much to our dismay, 2023 did not, in fact, happen exactly as we predicted back in January. So it seems that, once again, we will have to go through the process of looking at the predictions that we made and mocking each in turn, before getting into what was missed altogether. A lot happened in 2023, not all of which was predictable.

LSFMM+BPF 2024 call for proposals

Sre, 12/20/2023 - 17:52
The 2024 Linux Storage, Filesystem, Memory-Management, and BPF Summit will be held May 13 to 15 in Salt Lake City, Utah, USA. The call for proposals has already gone out, with a deadline of March 1. "LSF/MM/BPF is an invitation-only technical workshop to map out improvements to the Linux storage, filesystem, BPF, and memory management subsystems that will make their way into the mainline kernel within the coming years."

Seven stable kernels

Sre, 12/20/2023 - 17:28
The 6.6.8, 6.1.69, 5.15.144, 5.10.205, 5.4.265, 4.19.303, and 4.14.334 stable kernel updates have all been released; each contains another set of important fixes.

Note that 5.15.145 is already in the review process, with a due date of December 22. It consists almost exclusively of ksmbd patches in a flurry of backporting that was seemingly inspired by the recent marking of ksmbd as broken in 5.15.

Security updates for Wednesday

Sre, 12/20/2023 - 16:04
Security updates have been issued by Fedora (ansible and ansible-core), Gentoo (Minecraft Server and thunderbird), Mageia (fusiondirectory), Red Hat (gstreamer1-plugins-bad-free, opensc, and openssl), Slackware (libssh and mozilla), SUSE (avahi, firefox, ghostscript, gstreamer-plugins-bad, mariadb, openssh, openssl-1_1-livepatches, python-aiohttp, python-cryptography, xorg-x11-server, and xwayland), and Ubuntu (libssh and openssh).

[$] The Linux graphics stack in a nutshell, part 1

Tor, 12/19/2023 - 18:19
Linux graphics developers often speak of modern Linux graphics when they refer to a number of individual software components and how they interact with each other. Among other things, it's a mix of kernel-managed display resources, Wayland for compositing, accelerated 3D rendering, and decidedly not X11. In a two-part series, we will take a fast-paced journey through the graphics code to see how it converts application data to pixel data and displays it on the screen. In this installment, we look at application rendering, Mesa internals, and the necessary kernel features.

Qubes OS 4.2.0 released

Tor, 12/19/2023 - 16:50
Version 4.2.0 of the Qubes OS distribution has been released; changes include a switch to Xfce for the Fedora and Debian templates, a number of rewritten graphical applications, PipeWire support, and more. See the release notes for details. (Qubes OS was last covered here in 2021).

OpenSSH 9.6 released

Tor, 12/19/2023 - 16:05
OpenSSH 9.6 has been released. It includes some minor improvements and a fix for the so-called Terrapin attack.

While cryptographically novel, the security impact of this attack is fortunately very limited as it only allows deletion of consecutive messages, and deleting most messages at this stage of the protocol prevents user authentication from proceeding and results in a stuck connection.

Firefox 121.0 released

Tor, 12/19/2023 - 15:56
Version 121.0 of the Firefox browser is out. Along with the usual pile of security fixes, this release add the ability to force links to be rendered with underlines and use of Wayland by default if it is available: "This brings support for touchpad & touchscreen gestures, swipe-to-nav, per-monitor DPI settings, better graphics performance, and more."

Security updates for Tuesday

Tor, 12/19/2023 - 15:49
Security updates have been issued by Debian (webkit2gtk), Fedora (rdiff-backup and xorg-x11-server-Xwayland), Mageia (cjose and ghostscript), Oracle (avahi), Red Hat (postgresql:10), and SUSE (avahi, freerdp, libsass, and ncurses).

[$] The intersection of mlx5, netdev, and lockdown

Pon, 12/18/2023 - 16:01
The NVIDIA Mellanox ConnectX HW family of adapters is a complex beast, supporting networking, InfiniBand, RDMA, and more. As a result, the mlx5 kernel driver that supports this hardware is also complex, as is the interface that it provides to user space. The mlx5 developers have, for a while now, been proposing the addition of a new control interface, in the form of a separate virtual device exported by the kernel, that would make vast amounts of debugging information available. This driver has encountered some significant opposition on its way toward the mainline, though, raising a number of questions about appropriate interfaces and when subsystem maintainers have veto power over submissions.

Security updates for Monday

Pon, 12/18/2023 - 15:00
Security updates have been issued by Debian (freeimage, ghostscript, intel-microcode, spip, and xorg-server), Fedora (chromium, perl, perl-Devel-Cover, perl-PAR-Packer, polymake, PyDrive2, seamonkey, and vim), Gentoo (Leptonica), Mageia (audiofile, gimp, golang, and poppler), Oracle (buildah, containernetworking-plugins, gstreamer1-plugins-bad-free, kernel, kernel-container, libxml2, pixman, podman, postgresql, postgresql:15, runc, skopeo, tracker-miners, and webkit2gtk3), and SUSE (fish).

Kernel prepatch 6.7-rc6

Pon, 12/18/2023 - 01:19
Linus has released 6.7-rc6 for testing. " Please do give this a test in between the last-minute xmas shopping or whatever else is going on ..."
sfy39587f05