LWN.net News from the source
LWN.net is a reader-supported news site dedicated to producing the best coverage from within the Linux and free software development communities. See the LWN FAQ for more information, and please consider subscribing to gain full access and support our activities.
Developers who are concerned about system integrity often put a fair amount of effort into ensuring that data stored on disk cannot be tampered with without being detected. Technologies like dm-verity and fs-verity are attempts to solve this problem, as is the recently covered integrity policy enforcement security module. More Recently, Johannes Thumshirn has posted a patch series adding filesystem-level authentication to Btrfs; it promises to provide integrity with a surprisingly small amount of code.
Security updates have been issued by Arch Linux (chromium, git, and webkit2gtk), Debian (nodejs and tiff), Fedora (libxml2, php-horde-horde, pxz, and sqliteodbc), Oracle (python-twisted-web), Red Hat (chromium-browser, git, and rh-git218-git), Scientific Linux (python-twisted-web), SUSE (ceph, kernel, munge, openldap2, salt, squid, and xen), and Ubuntu (mailman, python3.8, samba, and webkit2gtk).
The LWN.net Weekly Edition for April 30, 2020 is available.
Inside this week's LWN.net Weekly Edition
The second annual Copyleft Conference was held on February 3 in Brussels; videos from the event have now been posted. "In his talk, Tony [Sebro] wonders whether the community around copyleft, like those around eschatology and Afro-centric hip-hop, has lost it's center and how we might entice new stakeholders to reinvest in our shared values. His keynote is a great place to start with this year's videos."
A call for faster Fedora updates in response to security vulnerabilities was recently posted to the Fedora devel mailing list; it urgently advocated changes to the process so that updates, in general, and to the kernel and packages based on web browsers, in particular, are handled more expeditiously. While Fedora developers are sympathetic to that, there is only so much the distribution can do as there are logistical and other hurdles between Fedora and its users. It turns out that, to a great extent, Fedora can already move quickly when it needs to.
Python's SimpleNamespace class provides an easy way for a programmer to create an object to store values as attributes without creating their own (almost empty) class. While it is useful (and used) in its present form, Raymond Hettinger thinks it could be better. He would like to see the hooks used by mappings (e.g. dictionaries) added to the class, so that attributes can be added and removed using either x.a or x['a']. It would bring benefits for JSON handling and more in the language.
The Trinity Desktop Environment (TDE) R14.0.8 release is out. Trinity started out as a fork of KDE 3. "Ten years ago today, the Trinity Desktop Environment (TDE) saw the release of its first version (3.5.11). Lot of things have happened since that day but TDE has continued to grow and flourish throughout the years. Today the project is healthier than ever, with dedicated self-hosted servers, regular releases, modern collaboration tools and a vibrant community of users and enthusiasts."
For as long as operating systems have had kernels, there has been a need to extract information from data structures stored within those kernels. Over the years, a wide range of approaches have been taken to make that information available. In current times, it has become natural to reach for BPF as the tool of choice for a variety of problems, and getting information from kernel data structures is no exception. There are two patches in circulation that take rather different approaches to using BPF to dump information from kernel data structures to user space.
Security updates have been issued by Debian (kernel, openjdk-7, openjdk-8, and openldap), Fedora (openvpn), openSUSE (teeworlds and vlc), Red Hat (bind, binutils, bluez, container-tools:1.0, container-tools:2.0, container-tools:rhel8, cups, curl, dnsmasq, dpdk, e2fsprogs, edk2, evolution, exiv2, fontforge, freeradius:3.0, gcc, gdb, glibc, GNOME, grafana, GStreamer, libmad, and SDL, haproxy, ibus and glib2, irssi, kernel, kernel-rt, liblouis, libmspack, libreoffice, libsndfile, libtiff, libxml2, memcached, mod_auth_mellon, openssl, patch, php:7.2, pki-core:10.6 and pki-deps:10.6, python-pip, python-twisted-web, python27:2.7, python3, qt5, rsyslog, ruby, samba, sqlite, sudo, systemd, targetcli, tcpdump, unbound, unzip, wavpack, and zziplib), SUSE (samba, squid, and webkit2gtk3), and Ubuntu (kernel, linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.3, linux-hwe,linux-kvm, linux-raspi2, linux-raspi2-5.3, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2,linux-snapdragon, linux-gke-5.0, linux-oem-osp11, and samba).
OpenSUSE Leap is a community distribution built on top of source packages from SUSE Linux Enterprise (SLE). Recently, Gerald Pfeifer, chair of the openSUSE board, posted an announcement describing a proposal from SUSE to unify some packages between SLE and openSUSE Leap. Here we analyze the proposal and the community's reaction to it.
Christian Schaller writes about the desktop improvements found in Fedora 32 — and beyond. "We spent a lot of time and energy over the last 6 years to get to where we are now, putting in place a lot of the basic building blocks needed to make Linux a great desktop operating system. And it feels great that just as we kick of the new line of Lenovo laptops running Fedora we are also entering a new phase of development where we can move beyond getting our basic infrastructure in place, but we can really start taking advantage of it to rapidly improve the experience we are providing even more. A good example is the Firefox work mentioned above, where we finally could move on from ‘make it work with Wayland and PipeWire, to ‘lets take advantage of these new pieces to make Firefox on Linux better’."
The realtime scheduler classes are intended to allow a developer to state which tasks have the highest priorities with the assurance that, at any given time, the highest-priority task will have unimpeded access to the CPU. The kernel itself carries out a number of tasks that have tight time constraints, so it is natural to want to assign realtime priorities to kernel threads carrying out those tasks. But, as Peter Zijlstra argues in a new patch set, it makes little sense for the kernel to be assigning such priorities; to put an end to that practice, he is proposing to take away most of the kernel's ability to prioritize its own threads.
Security updates have been issued by CentOS (firefox, java-1.7.0-openjdk, java-1.8.0-openjdk, kernel, qemu-kvm, and thunderbird), Debian (qemu and ruby-json), Fedora (chromium, haproxy, and libssh), openSUSE (cacti, cacti-spine and teeworlds), Oracle (kernel), SUSE (apache2, git, kernel, ovmf, and xen), and Ubuntu (cups, file-roller, and re2c).
The LWN.net Weekly Edition for April 23, 2020 is available.
Inside this week's LWN.net Weekly Edition
The Fedora 32 distribution release is out, in workstation, server, and CoreOS variants. "Following our 'First' foundation, we’ve updated key programming language and system library packages, including GCC 10, Ruby 2.7, and Python 3.8. Of course, with Python 2 past end-of-life, we’ve removed most Python 2 packages from Fedora. A legacy python27 package is provided for developers and users who still need it. In Fedora Workstation, we’ve enabled the EarlyOOM service by default to improve the user experience in low-memory situations."
A recent thread on the python-ideas mailing list explores adding a feature to Python, which is the normal fare for that forum. The problem being addressed is real, but may not be the highest-priority problem for the language on many people's lists. Function calls that have multiple keyword arguments passed from a variable of the same name (e.g. keyword=keyword) require developers to repeat themselves and can be somewhat confusing, especially to newcomers. The discussion of ways to fix it highlighted some lesser-known corners of the language, however, regardless of whether the idea will actually result in a change to Python.
Security updates have been issued by Arch Linux (chromium), Debian (eog, jsch, libgsf, mailman, ncmpc, openjdk-11, php5, python-reportlab, radicale, and rzip), Fedora (ansible, dolphin-emu, git, gnuchess, liblas, openvpn, php, qt5-qtbase, rubygem-rake, snakeyaml, webkit2gtk3, and wireshark), Mageia (chromium-browser-stable, git, java-1.8.0-openjdk, kernel, kernel-linus, mp3gain, and virtualbox), openSUSE (crawl, cups, freeradius-server, kubernetes, and otrs), SUSE (apache2, kernel, pam_radius, resource-agents, and webkit2gtk3), and Ubuntu (openexr).
Many applications benefit significantly from the use of huge pages. However, huge-page allocations often incur a high latency or even fail under fragmented memory conditions. Proactive compaction may provide an effective solution to these problems by doing memory compaction in the background. With guest author Nitin Gupta's proposed proactive compaction implementation, typical huge-page allocation latencies are reduced by a factor of 70-80 while incurring minimal CPU overhead.
Subscribers can read on for the full story from the upcoming weekly edition.
The 5.7-rc3 kernel prepatch is out for testing. "Again, that all looks very normal and very much 'nothing really odd stands out'. In a world gone mad, the kernel looks almost boringly regular. Which is just how I like it."
Copyright © 2020, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds