Welcome to the LWN.net Weekly Edition for May 27, 2021

This edition contains the following feature content:

• Turmoil at the freenode IRC network: an apparently hostile takeover at freenode causes many community projects to flee.
• Why RISC-V doesn't (yet) support KVM: the RISC-V KVM implementation appears to be ready, but has encountered roadblocks getting into the mainline kernel.
• Control-flow integrity in 5.13: a new security feature in the next kernel release.
• Multi-generational LRU: the next generation: this complex memory-management patch set continues to evolve.
• Julia 1.6 addresses latency issues: changes made to the Julia runtime to reduce the "time to first plot" problem.

This week's edition also includes these inner pages:

• Brief items: Brief news items from throughout the community.
• Announcements: Newsletters, conferences, security updates, patches, and more.

Please enjoy this week's edition, and, as always, thank you for supporting LWN.net.

Comments (none posted)

Turmoil at the freenode IRC network

Internet Relay Chat (IRC) is a longstanding protocol—or series of protocols—for creating online, text-based chat rooms. While many of the "channels" (as chat rooms are usually called) are highly useful to a wide variety of projects and organizations, including much of the free-software world, IRC seems to have a community that suffers from more than its fair share of disagreements, hostile forks, vitriol, and other types of divisiveness. It is perhaps no huge surprise, then, that the IRC world is currently undergoing another of its periodic upheavals. The largest IRC network, freenode, is embroiled in a messy dispute that has led to the mass resignation of many of its volunteer staff, the founding of a competitor network (run by the former staff), and its abandonment by multiple high-profile projects.

As one digs into the details, though, they will find a number of conflicting accounts of what happened, "The freenode resignation FAQ" gathers a bunch of information in one place and makes for a good starting point. It was written by Sven Slootweg ("joepie91"), who is not directly involved: "I am not a Freenode staffer, and this document only contains information from public channels." He does, however, note that his sympathies lie with the freenode staff. This Ars Technica article provides a somewhat more balanced view of the mess perhaps.

Selling freenode

This episode has its roots in 2016, when Christel Dahlskjaer ("christel"), the project lead at freenode at the time, formed a corporation called Freenode Limited. That company was sold in 2017 to Andrew Lee ("rasengan"), founder of VPN service provider Private Internet Access (PIA). Ostensibly, at least, Freenode Ltd. was formed in order to have an entity that could sign contracts and such for the freenode #live conference; the new owner was not supposed to have any operational control over the IRC network and the staff of volunteers, and freenode users, were assured of that.

At the time of the sale, Dahlskjaer posted a note about "PIA and freenode joining forces". It painted a picture of a harmonious alliance that would not affect the operational side of freenode at all:

Freenode will continue to operate as a not-for-profit entity under the same management, with the same principles, but PIA's involvement going forwards will provide us with opportunities and resources that we could previously only dream of.

At the time, some were leery of the sale and of PIA's involvement in freenode. In that same post, Dahlskjaer announced that she had taken a full-time job at PIA in a dual role as the head of freenode and the director of sponsorship and events for PIA, which probably also contributed to the level of concern. But for several years, nothing changed for the IRC network—it kept running as it had been without interference from its new owner—so those concerns faded into the background.

Changes

That all changed in February 2021 when the logo for another company co-founded by Lee, Shells, appeared on the freenode front page. According to the recent resignation letter of freenode staff member Aaron Jones ("amdj"), the acknowledgments page is normally used for that kind of thing. He said that adding the logo/link for Shells on the site was disruptive:

This was not discussed among staff at the time. This caused some disruption and considerable confusion among staff for months afterward, as to how to handle user inquiries about it, of which we received many.

Ultimately, christel chose to resign rather than explain the situation to us.

A new project lead, Tom Wesley ("tomaw"), was elected by the rest of the freenode staff in April. A blog post in mid-April announced the organizational changes, pointing to a page describing the people and their roles; the blog post has since been removed and the "people" page now reflects the organization post-upheaval. According to Jones, Lee "insisted that we remove" the blog post, without any discussion

As might be guessed, Lee has a rather different take on things. On May 12, he posted a "Letter to freenode" that featured a "timeline" of events (without much in the way of dates) starting from Shells sponsoring freenode for $3,000 per month, which resulted in the logo/link addition to the web site. According to Lee, that led, in turn, to attacks that caused Dahlskjaer to resign because she was "unable to deal with the persistent harassment". The latter is disputed by Jones and others. From there, Lee recounts a power struggle that he had with Wesley for control of freenode, which, at least in part, revolved around the freenode domain-name registrations.

Another part of the dispute seems to center around a project for a new IRC server that some at freenode were working on along with staff members from the Open and Free Technology Community (OFTC), which is another IRC network. Freenode and OFTC staff started work on Solanum in September 2020, according to Jones, after the Charybdis IRCd, which had been planned as the next IRC server for freenode, was forked "because of unrelated drama".

But late in April, the test network "which was being used to ready Solanum in preparation for the network's migration to it" was unexpectedly (and silently) shut down. That was apparently done by Wesley, though he has been conspicuously quiet throughout all of the recent uproar. Jones believes legal action (Lee did mention getting a lawyer in his letter) is behind it:

Attempts to discover a reason why were met with silence. Tom [Wesley] has not been able to talk about it, but I strongly suspect that Andrew [Lee] is behind it, and given Tom's silence on the subject, I suspect Andrew used the threat of legal force to ensure it. I have also heard rumours that a gag order was sent to a large collection of OFTC staff [...]

Resignations

Since then, things have spiraled further out of control. On May 19, the staff resignations started being posted; there are 11 separate staff members who have stepped down at this point. Links for the resignations can be found in the FAQ; each has its own account of the last few months (or more), which are, perhaps unsurprisingly, generally consistent with what Jones posted.

For his part, Lee posted a note on the freenode site on the same day that outlined the situation from his perspective. He made it clear that he is in control of the network, since he has been the "owner of freenode since 2017"; his hope is for "freenode to continue to be what it has been". He also noted that the community is paramount: "Freenode is freenode, and it exists for the sake of the FOSS movement."

Libera.Chat

The FOSS community has another option now, however. Many of the resignation letters pointed to the new Libera.Chat IRC network, which was introduced on that same fateful day. Libera.Chat came about due to the freenode mess and it is staffed by former freenode volunteers. It would seem that the founders of Libera.Chat are keen to prevent a repeat of the freenode situation:

Our legal home is a non-profit association in Sweden, with all our staff holding equal stakes, and we will never accept corporate control.

The first week or so for Libera.Chat has gone rather well, it would seem. As of May 25, the numbers for the new network are rather eye-opening:

In these first few days, we’ve been able to reach 16,500 simultaneous connections and 20,000 registered accounts. We entered the global top 10 within days, and are the fastest-growing IRC network ever.

This growth is not without challenges: We have managed to finalise registrations of 250+ projects, and we’re getting more and more all the time. Our backlog is as large as our finished registrations!

As shown in the IRC top 100 networks on netsplit.de, Libera.Chat has already slightly overtaken OFTC, though it is still well below the numbers for freenode (which is not tracked in the top 100, though it does appear in the top 10 graph). In addition, many different projects have moved or are in the process of moving from freenode to Libera.Chat:

We’re proud to host projects across the entire spectrum of use cases, from games, to programming languages, to Linux distributions, and even the world’s knowledge. Some of the projects we are now supporting include Ubuntu, PostgreSQL, Wikimedia, Wikipedia, and friends, and of course the IRCv3 Working Group.

Over at freenode

Lee posted a rather strident note on May 25; it boasted that "the plan to destroy freenode has failed", though the evidence for the existence of such a plan seems fairly thin. Meanwhile, he claims that there has been an enormous outpouring of good wishes—"tens of thousands of messages of love and support"—from the "silent majority" of the FOSS community that is sticking with freenode.

He suggested that there are only a few projects leaving freenode and that they are doing their users a disservice by forcing them to migrate elsewhere. The projects came to freenode for its users, he said, not the users for the projects. He also claims that he has "hundreds of reports from project leads" who are being threatened with "being canceled" (whatever that might mean in this context) if they do not move their channel(s) away from freenode; he called for a halt to that practice.

One suspects that if things were as rosy as Lee paints them, there would be no need for a posting of this sort. In addition, there would be no need to try to stop channels from publishing their plans to change servers, but there are reports of just that kind of activity on freenode. It would seem that mentioning "Libera" in the topic of any channel on freenode is enough to have the channel taken over by the freenode staff in order to, apparently, keep it running there under new management. It seems that forcing users to go elsewhere for official communication channels is wrong, but keeping them at freenode under false pretenses is ... not.

Wrapping up

This whole saga highlights something that Lee may not have realized when he "bought" freenode. An IRC network is more than just the servers on which it runs. And, for freenode, those servers are being donated by various entities, so they could not have been part of any purchase in any case. Effectively, Lee bought the domain names, web site, and name recognition of freenode. The latter has been severely sullied at this point, at least in the eyes of a large and seemingly growing list of projects and people. It will be interesting to see where freenode (and Libera.Chat) go from here.

There is something of a bottomless pit of links to web pages and IRC logs that crops up as one starts to dig into this affair—and IRC history in general. Even just limited to the current freenode kerfluffle, there are allegations of bribery (with money or revenge), a sad tale of a would-be moderator of the dispute disassociating themselves from both "sides" and, in fact, from IRC development altogether, connections to the Korean "royal family" and to the failed Mt. Gox Bitcoin exchange, and more. To an outsider like myself, it is all truly weird—bordering on surreal at times. Those interested should strap in, follow links, do searches on search engines or sites like Hacker News, and make up their own minds.

At its core, the struggle here is about control. The former freenode staff thought they were in control of the network and had policies in place to ensure they were involved in any changes going forward. When they were disabused of that notion, they decided to go elsewhere to regain that control. On the flipside, Lee decided (or was forced, depending on which account you believe) to assume control over freenode, apparently believing that either the staff would acquiesce or that freenode could weather the storm. We are now watching the latter play out in realtime.

One thing seems clear, however: projects should be able to decide where their communication channels live. Even if one disagrees with the reasons for a switch away from a network, the choice of the project should be honored. Confusing users about where to go for help or discussion does not in any way help the cause of less FOSS fragmentation—quite the reverse, in fact.

Comments (32 posted)

Why RISC-V doesn't (yet) support KVM

The RISC-V CPU architecture has been gaining prominence for some years; its relatively open nature makes it an attractive platform on which a number of companies have built products. Linux supports RISC-V well, but there is one gaping hole: there is no support for virtualization with KVM, despite the fact that a high-quality implementation exists. A recent attempt to add that support is shining some light on a part of the ecosystem that, it seems, does not work quite as well as one would like.

Linux supports a number of virtualization mechanisms, but KVM is generally seen as the native solution. It provides a standard interface across systems, but much of KVM is necessarily architecture-specific, since the mechanisms for supporting virtualization vary from one processor to the next. Thus, architectures that support KVM generally have a kvm directory nestled in with the rest of the architecture-specific code.

Given that, some eyebrows were raised when Anup Patel's patch series adding RISC-V KVM support deposited the architecture-specific code into the staging directory instead. Staging is normally used for device drivers that do not meet the kernel's standards for code quality; if all goes well they are improved and eventually "graduate" out of the staging directory. It is not usually a place for architecture support. So staging maintainer Greg Kroah-Hartman was quick to ask why things were being done that way.

The answer comes down to the patch-acceptance policy for RISC-V code, found in Documentation/riscv/patch-acceptance.rst, which reads:

We'll only accept patches for new modules or extensions if the specifications for those modules or extensions are listed as being "Frozen" or "Ratified" by the RISC-V Foundation. (Developers may, of course, maintain their own Linux kernel trees that contain code for any draft extensions that they wish.)

Virtualization for RISC-V is described by the hypervisor extension specification. As Patel explained, that extension has not yet been approved:

The KVM RISC-V patches have been sitting on the lists for almost 2 years now. The requirements for freezing RISC-V H-extension (hypervisor extension) keeps changing and we are not clear when it will be frozen. In fact, quite a few people have already implemented RISC-V H-extension in hardware as well and KVM RISC-V works on real HW as well.

Rationale of moving KVM RISC-V to drivers/staging is to continue KVM RISC-V development without breaking the Linux RISC-V patch acceptance policy until RISC-V H-extension is frozen.

It is fair to say that Kroah-Hartman was not impressed; he stated that circumventing policies in other parts of the kernel tree is not the purpose of the staging directory, so the RISC-V KVM code would not be accepted there. Paolo Bonzini, the overall maintainer for KVM, added that "the RISC-V acceptance policy as is just doesn't work", as demonstrated by the fact that developers are having to work around it. This is especially unfortunate here, he said, because the RISC-V KVM implementation "is also a very good example of how to do things right". He went on to suggest that there may be some players out there who benefit from the slowing down of patches on their way into the kernel.

Kroah-Hartman responded that slowing down the merging of useful code is "horrible" and that the job of the kernel community is to make hardware work; a policy that prevents the merging of good code that adds support for existing hardware does not make sense. He asked the RISC-V maintainers to explain this policy; they have yet to answer that question. Back in April, though, RISC-V maintainer Palmer Dabbelt acknowledged that the acceptance policy is not producing the desired results:

My goal with the RISC-V stuff has always been getting us to a place where we have real shipping products running a software stack that is as close as possible to the upstream codebases. I see that as the only way to get the software stack to a point where it can be sustainably maintained. The "only frozen extensions" policy was meant to help this by steering vendors towards a common base we could support, but in practice it's just not working out.

He added that the policy could change, but only when there is a new policy for patch acceptance in place that everybody agrees to. Co-maintainer Paul Walmsley, though, placed the blame with RISC-V International's specification process and said that any fixes should be applied there instead.

It is not that hard to understand why the RISC-V maintainers might not want to attempt to support every nonstandard CPU that is out there. The open nature of RISC-V makes it relatively easy for anybody to create their own variant, and supporting them all could become unworkable. The counterpoint is, as Kroah-Hartman said, that the kernel's job is to run on the hardware that is out there. Blocking support for shipping systems can only have the effect of pushing those systems toward vendor-supplied kernels with a lot of out-of-tree code — an unfortunate outcome for what is supposed to be an open architecture.

When the subject is support for a feature as fundamental as virtualization, the question becomes even more urgent. Hopefully this episode will lead to a rethinking of the patch-acceptance policies for the RISC-V architecture. Failing that, Kroah-Hartman has signaled his willingness to allow that support into staging if there is truly no alternative. So Linux seems likely to gain KVM support for RISC-V in the relatively near future, even if it's necessary to circumvent the architecture's maintainers to do it.

Comments (25 posted)

Control-flow integrity in 5.13

Among the many changes merged for the 5.13 kernel is support for the LLVM control-flow integrity (CFI) mechanism. CFI defends against exploits by ensuring that indirect function calls have not been redirected by an attacker. Quite a bit of work was needed to make this feature work well for the kernel, but the result appears to be production-ready and able to defend Linux systems from a range of attacks.

Protecting indirect function calls

The kernel depends heavily on indirect function calls — calls where the destination address is not known at compile time. Device drivers, filesystems, and other kernel subsystems interface with the generic, core code by providing functions to be called to carry out specific actions. When the time comes to, for example, open a file (which may be a special file corresponding to a device), the core kernel will make an indirect call to the appropriate open() function defined in the file_operations structure for the file in question. Indirect function calls allow for a clean separation between generic and low-level code.

This mechanism is flexible and performs well, but it also makes those indirect calls into an attractive target for attackers. If an indirect call can be redirected to an attacker-chosen location, there are few limits to the disorder that can result. Changes over the years have made it hard for attackers to inject their own code into the kernel, but if they can force execution to an arbitrary location, that matters little. Note that an exploit need not redirect a call to the beginning of another function; it can jump to any arbitrary point within the kernel image. There is no shortage of useful targets for a corrupted indirect function call.

CFI attempts to block this sort of exploit by restricting indirect calls to locations that are plausible targets. In this case, "plausible" means that the call goes to the beginning of an actual function, and that the target function has the same prototype as the caller was expecting. That is not a perfect test; there may be functions with the same prototype that will perform some sort of useful action for an attacker. But the result is still a massive reduction in the set of available targets, which will often be enough.

This check is often called "forward-edge CFI", since it protects calls to functions. The corresponding "backward-edge" protection ensures that return addresses on the stack have not been tampered with. The patches merged for 5.13 are focused on the forward-edge problem.

LLVM CFI in Linux

Specifically, this CFI implementation works by examining the full kernel image at link time; for this reason, link-time optimization must also be enabled to use it. Whenever a location is found where the address of a function is taken, LLVM makes a note of the function and its prototype. It then injects a set of "jump tables" into the built kernel, one for each encountered function prototype. So, for example, the open() function mentioned above is defined as:

    int (*open) (struct inode *inode, struct file *file);

There are many functions in the kernel matching this prototype that have their address taken to stuff into a file_operations structure somewhere. LLVM will collect them all into a single jump table, which is essentially a list of the addresses of these functions.

The next step is to change all of the places where that function's address is taken, and replace the address with the corresponding location in the jump table. So an assignment like:

    func_ptr = my_open_function;

will result in assigning an address within the jump table to func_ptr.

Finally, whenever an indirect function call is made, control goes to a special function called __cfi_check(); this function receives, along with the target address, the address of the jump table matching the prototype of the called function. It will verify that the target address is, indeed, an address within the expected jump table, extract the real function address from the table, and jump to that address. If the target address is not within the jump table, instead, the default action is to assume that an attack is in progress and immediately panic the system. There is a permissive mode selectable at configuration time that simply logs the error instead.

Kernel-specific quirks

That severe response may be justified, but it would be awfully annoying if there were situations where the kernel makes an indirect call to a function that doesn't exactly match the prototype of the pointer being used. So, naturally, the kernel did exactly that. In pre-5.13 kernels, list_sort() was declared as:

    void list_sort(void *priv, struct list_head *head,
		   int (*cmp)(void *priv, struct list_head *a, struct list_head *b))

The comparison function cmp() is passed in by the caller and is invoked, via an indirect call, to compare items in the list. Inside list_sort(), though, one sees this line:

    a = merge(priv, (cmp_func)cmp, b, a);

The cmp_func() type to which the function pointer is cast looks almost like the prototype of cmp(), except that the two list_head pointers have the const attribute. That is enough to change the prototype of the function and, at run time, to cause a CFI failure. The fix that was adopted was to propagate the const attribute to the callers of list_sort() so that the cast of the function pointer became unnecessary. That, however, required changing callers in 40 different files across the kernel source.

Another interesting quirk comes from the fact that the jump tables are built at link time. That works for the monolithic kernel, but loadable modules are linked separately. CFI in loadable modules works, but each module gets its own jump tables. Remember that function pointers are replaced by pointers into the jump tables; since modules have different jump tables, they will get different pointers as well. In other words, the values of two pointers to the same function will differ if one of them is in a loadable module.

For the most part, things will work anyway; calls to those two different pointers will end up in the same place. But consider this line in __queue_delayed_work():

    WARN_ON_ONCE(timer->function != delayed_work_timer_fn);

This test was added to the 3.7 kernel in 2012 as a way to "detect delayed_work users which diddle with the internal timer"; nearly nine years later one assumes that they have all been found, but the test remains. But, if CFI is in use, then the address for delayed_work_timer_fn() as seen from a loadable module will not be the same as the address seen from the core kernel; that will cause the test to fail. There are a couple of places in the kernel with tests like this; they have been "fixed" by simply disabling the test when CFI is configured in.

Various other things needed to be fixed as well, including making provisions for parts of the code that absolutely must have a direct pointer to a function rather than to the jump table. CFI in the kernel only works for the arm64 architecture in 5.13; support for x86 is in the works but is not yet ready to be enabled. There doesn't seem to be much in the way of data regarding the performance impact of this feature, but the LLVM page describing CFI says that its cost is "less than 1%".

CFI looks like a new feature that could have some scary, sharp edges. It is worth noting though that Kees Cook, when he sent the pull request asking that the patches (which were written by Sami Tolvanen) be merged, said that CFI "has happily lived in Android kernels for almost 3 years". It is, in other words, already widely deployed in the real world and probably doesn't have many surprises left to offer — except, perhaps, for attackers, who will find that many of their exploits no longer work.

Comments (20 posted)

Multi-generational LRU: the next generation

The multi-generational LRU patch set is a significant reworking of the kernel's memory-management subsystem that promises better performance for a number of workloads; it was covered here in April. Since then, two new versions of that work have been released by developer Yu Zhao, with version 3 being posted on May 20. Some significant changes have been made since the original post, so another look is in order.

As a quick refresher: current kernels maintain two least-recently-used (LRU) lists to track pages of memory, called the "active" and "inactive" lists. The former contains pages thought to be in active use, while the latter holds pages that are thought to be unused and available to be reclaimed for other uses; a fair amount of effort goes into deciding when to move pages between the two lists. The multi-generational LRU generalizes that concept into multiple generations, allowing pages to be in a state between "likely to be active" and "likely to be unused". Pages move from older to newer generations when they are accessed; when memory is needed pages are reclaimed from the oldest generation. Generations age over time, with new generations being created as the oldest ones are fully reclaimed.

That summary oversimplifies a lot of things; see the above-linked article for a more detailed description.

Multi-tier, multi-generational LRU

Perhaps the largest change since the first posting of this work is the concept of "tiers", which are used to subdivide the generations of pages which, in turn, facilitates better decisions about which pages to reclaim, especially on systems where a lot of buffered I/O is taking place. Specifically, tiers are a way of sorting the pages in a generation by the frequency of accesses — but only accesses made by way of file descriptors. When a page first enters a generation, it normally goes into tier 0. If some process accesses that page via a file descriptor, the page's usage count goes up and it will move to tier 1. Further accesses will push the page into higher tiers; the actual tier number is the base-2 log of the usage count.

Before looking at how these tiers are used, it is worth asking why they are managed this way — why are only file-descriptor-based accesses counted? One possible reason is never mentioned in the patch set or discussion, but seems plausible: accesses via file-descriptor will happen as the result of a system call and are relatively easy and cheap to count. Direct accesses to memory by the CPU are more costly to track and cannot reasonably be monitored with the same resolution.

The other reason, though, is that this mechanism enables some changes to how the aging of pages brought in via I/O is done. In current kernels, a page that is brought into memory as the result of, say, a read() call will initially be added to the inactive list. This makes sense because that page will often never be used again. Should there be another access to the page, though, it will be made active and the kernel will try to avoid reclaiming it. This mechanism works better than its predecessors, but it is still possible for processes doing a lot of I/O to flush useful pages out of the active list, hurting the performance of the system.

Doing better involves making use of the existing shadow-page tracking in the kernel. When pages are reclaimed for another use, the kernel remembers, for a while, what those pages contained and when the old contents were pushed out. If one of those pages is accessed again in the near future, requiring it to be brought back in from secondary storage, the kernel will notice this "refault", which is a signal that actively used pages are being reclaimed. As a general rule, refaults indicate thrashing, which is not a good thing. The kernel can respond to excessive refaulting by, for example, making the active list larger.

The multi-generational LRU work tweaks the shadow entries to record which tier a page was in when it was reclaimed. If the page is refaulted, it can be restored to its prior tier, but the refault can also be counted in association with that tier. That allows the computation of the refault rate for each tier — what percentage of pages being reclaimed from that tier are being subsequently refaulted back into memory? It seems evident that refaults on pages in higher tiers — those which are being accessed more frequently — would be worth avoiding in general.

This refault information is used by comparing the refault rates of the higher tiers against that of tier 0, which contains, remember, pages that are accessed directly by the CPU and pages that have not been accessed at all. If the higher tiers have a refault rate that is higher than the tier 0 rate, then pages in those tiers are moved to a younger generation and thus protected (for a while) from reclaim. That has the effect of focusing reclaim on the types of pages that are seeing fewer refaults.

The other piece of the puzzle is that the memory-management code no longer automatically promotes pages on the second file-descriptor-based access, as is done in current kernels. Instead, pages resulting from I/O stay in the oldest generation unless they have been moved, as the result of usage, into a tier that is refaulting at a higher rate than directly accessed pages. That, as Zhao explained in this lengthy message, has the effect of preventing these pages from forcing out directly accessed pages that are more heavily used. That should give better performance on systems doing a lot of buffered I/O; this remark from Jens Axboe suggests that it does indeed help.

Another change from the first version is the addition of a user-space knob to force the eviction of one or more generations. The purpose of this feature appears to be to allow job controllers to make some space available for incoming work; this documentation patch contains a little more information.

Multiple patch generations

The multi-generational LRU work remains promising, and it has garnered a fair amount of interest. Its path into the mainline kernel still looks long and difficult, though. Johannes Weiner raised a concern that was mentioned in the first article as well: the multi-generational LRU, as implemented now, sits alongside the existing memory-management code as a separate option, essentially giving the kernel two page-reclaim mechanisms. That will always be a hard sell for reasons described by Weiner:

It would be impossible to maintain both, focus development and testing resources, and provide a reasonably stable experience with both systems tugging at a complicated shared code base.

So the new code would have to replace the existing system, which is a tall order. It would have to be shown to perform better (or, at least, not worse) for just about any workload, at a level of confidence that would motivate the replacement of code that has "billions of hours of production testing and tuning". The only way to do this is to merge the changes as a series of small, evolutionary steps. So the multi-generational LRU patch set would have to be broken up into a series of changes, none of which are so big that the memory-management developers don't feel that they can be safely merged.

Over the years, the kernel has absorbed massive changes this way, but it is not a fast or easy process. Weiner suggested a couple of areas that could be focused on as a way of beginning the task of getting parts of this work upstream and making the rest easier to consider. If this advice is followed, some progress toward merging the multi-generational LRU could be made in the relatively near future. But this functionality as a whole is likely to have to go through numerous generations of revisions before it all makes it into a mainline kernel.

Comments (18 posted)

Julia 1.6 addresses latency issues

On March 24, version 1.6.0 of the Julia programming language was released. This is the first feature release since 1.0 came out in 2018. The new release significantly reduces the "time to first plot", which is a common source of dissatisfaction for newcomers to the language, by parallelizing pre-compilation, downloading packages more efficiently, and reducing the frequency of just-in-time re-compilations at run time.

The detailed list of new features, added functions, improvements to existing functions, and so on can be found in the release notes. The focus of this article will be the changes that affect all users of Julia, rather than those that only apply to certain packages or usage patterns.

The perennial complaint

Despite Julia's success as a vehicle for high-performance computing, there has been one persistent complaint on the part of those who try it out for the first time. This complaint is so common that it is referred to by a standard tag in discussions about Julia performance: the "time to first plot" problem. It refers to the fact that while typing julia at the terminal would result in the read-eval-print loop (REPL) prompt appearing instantly, one had to endure several minutes of loading and pre-compiling before plotting something for the first time. Although subsequent plots are speedy, this was still a pain point for many users who are familiar with one or more of Python, Octave, Matlab, gnuplot, etc., where the "first plot" appears without a noticeable delay.

The reasons behind the wait for the first plot are, perhaps paradoxically, also the reasons for Julia's ability to achieve the execution speed of C and Fortran while also providing the interactive experience of an interpreted language. But Julia does its compilation step as part of an interactive session, which is where the wait comes in.

It is worth noting that the membership of the "Petaflop" club, those languages that have reached one petaflop per second on real-world problems, consists of Fortran, C, C++, and Julia. The precocious Julia was admitted to this group before it had reached version 1.0, with an astronomical calculation using over a million threads on this Cray XC40. All of the languages in this club are ahead-of-time (AOT) compiled, except Julia. They achieve their performance as the result of efficient machine code that is created by optimizing compilers, a process that can take significant time.

Julia is different. The journey from source code to machine instructions has multiple stages. The first stage (after downloading), which happens when a package is installed, is pre-compilation, where parsed and serialized representations of some functions and data structures are stored on disk. This is what can cause delays of several minutes when installing or upgrading a package, and adds to the time to first plot.

The other major stage that can lead to a noticeable lag is the just-in-time (JIT) compilation phase. The Julia JIT compiler is different from the typical sort found in, for example, LuaJIT. Those compilers trace the execution of code and create highly optimized versions of time-consuming functions or loops. The Julia version is sometimes called a "just-barely-ahead-of-time" compiler. Rather than trace execution, it performs a static analysis of code. This happens at run time and can cause pauses in execution when, for example, functions are invoked for the first time.

Choosing this type of JIT compiler is due to Julia's type system and its organization around multiple dispatch. Each generic function in the source can have hundreds of methods associated with it. The compiler does not generate machine code for each possible method, but only for those actually used, which is not generally known until run time. This is why there is a delay the first time plot() is invoked in the REPL, but the second time is delay-free. It is also why, after importing other packages, invoking plot() sometimes incurs additional latency. The new functions may create method invalidations, requiring additional methods, not needed previously, to be compiled.

For those used to compiled languages, such as Fortran, this was never a cause for concern. We are used to having to compile our programs before running them. But since Julia has been widely described as something like a better Python, many people curious enough to look into it only had experience with interpreted languages. Julia offers the user a REPL like any other interpreted language, and then expects you to wait a minute after you ask it to do something. For many, this was jarring; thus, the perennial complaint.

Timing Julia 1.6

The new version of Julia makes good progress toward eliminating some of the latency that led to these complaints. It significantly reduces pre-compilation time, is faster at downloading package files, and reduces the frequency of run-time JIT compilation delays. Due to the factors discussed above, latency in Julia can never be completely eliminated, but the current version creates a noticeably snappier interactive experience. Pre-compilation times in 1.6 are reduced mainly through the use of all available cores to carry out concurrent compilation of modules. Therefore, the more cores available, the greater the reduction in pre-compilation latency (to a point, of course).

The 1.6 release was followed five weeks later by a "patch release" tagged v1.6.1. This minor release adds no new features, but fixes a few bugs and applies several optimizations, in addition to some subtle enhancements, for example in the display of stacktraces.

Below are the results of some timing trials comparing versions 1.6.1 with 1.5.0 and 1.0.5, which is the current long-term support release (LTS) from September 2019. The next LTS release may be one of the 1.6 series, or it may be deferred to the 1.7 series; this decision will be made later. The machine on which I carried out these experiments has an Intel Core i5 processor, which has two physical and four logical cores, and 4GB of RAM. The table below compares the timings for the three Julia versions. I measured all times with a stopwatch, as this was the most reliable way to get actual wall clock times, which are the times that affect the user experience.

Julia version	install + plot	download	pre-compile	start + plot	Plots version
1.0.5	417s	103 (5.1 MB/s)	315s	30.0s	1.4.3
1.5.0	599s	230 (3.1 MB/s)	367s	38.5s	1.15.0
1.6.1	306s	123 (5.1 MB/s)	170s	19.2s	1.15.0

The first column shows the Julia version. The second column, "install + plot", shows the total time from entering the command:

    Pkg.add("Plots"); using Plots; plot(rand(100))

until seeing the plot. It was timed on a fresh install of the given Julia version, with no other packages installed. [Update: As pointed out by a reader, Pkg must be imported before the command above will work; doing so is nearly instantaneous and was not included in the timings.]

The next two columns separate the times into downloading and pre-compiling times. The numbers in these columns do not always add exactly to the numbers in the second column, for several reasons. I had to depend on the display in the REPL to discern when different phases were in progress; the way this information is displayed varies greatly among the three versions in the table. In addition, there are delays during which it is not clear what is happening; the REPL indicates neither downloading nor pre-compiling. These delays are presumably JIT passes, and account for much of the 13-second discrepancy in the last row.

Download time measurements are necessarily subject to variations in my network conditions at the time, but I minimized this by averaging two installs for each version, interleaving the downloads among versions, and conducting all the timings within a span of three hours. I wiped out my ~/.julia directory before each of these timing runs, so each version started with a blank slate.

The "start + plot" column shows the amount of time it takes for subsequent plots to appear; after restarting the REPL, the following command is timed:

    using Plots; plot(rand(100))

Once the first plot has been performed in a given REPL session, additional simple plots will be nearly instantaneous. The other times that are shown are for actions that do not occur frequently; packages are installed once, and not again until a new version is desired. The "start + plot" times, in contrast, affect the startup time of any script that uses Plots, and influence the responsiveness of interactive work when the REPL needs to be restarted repeatedly. As the table shows, this time is cut about in half in the new version.

Version differences

The times across different Julia versions cannot be compared meaningfully without taking account of a few other facts. As seen in the final column, the version of the package fetched with the add command is different for version 1.0.5. This earlier version of Plots is simpler and smaller. Fetching Plots downloads 523MB for Julia 1.0.5, 716MB for 1.5.0, and 629MB for the current version. Although the version of the Plots package is the same for the two recent Julia versions, the size of the payload is significantly different; while Plots is the same, the versions of some packages in its dependency graph may have changed. The more recent versions of Julia also download a larger number of smaller files, which may account for the observed faster average download speed of 1.0.5 compared with 1.5.0.

The significant improvement in download speed over version 1.5.0 is presumably due to an improved system for file transfers. In previous versions, when fetching a package with the add command, the Julia packaging system would search for a binary installed on the system that was capable of downloading files from URLs: curl, wget, etc. This was fragile, inconsistent, and slow as each download would launch a new process that had to connect and negotiate TLS anew, all of which slows things down.

The new system uses libcurl for all downloads. It works through Downloads.jl, which is a new package in the standard library that exposes two functions, one for downloading files and the other for making http requests. Now all of the downloads that are part of a package installation, which could be a large number of files for a complex package, are downloaded in-process and can reuse connections.

Watching the CPU meters during the compilation phase confirms that the new version uses all available cores, and that previous versions use one core only. It also shows that the concurrent compilation in the new version seems to be confined to simultaneous compilation of different packages; when there was one package left, Plots itself, the work to complete that job stayed on one core. This suggests a possible opportunity for further speedups, by concurrently compiling functions within packages.

The use of concurrent compilation means that the speedup here will depend on the number of cores available and also, to some extent, on how the package is organized. Here is a report of compiling and loading the DifferentialEquations package, which I explored in a recent article, that shows version 1.6 taking about one minute to compile and load, while version 1.5 took eight minutes.

The reduction in the "start + plot" times can be attributed to the improvements in the scheme for method invalidation that reduce the frequency of JIT compilations. These improvements make package loading through the use command faster, and reduce latency overall.

Sysimages

One may wonder: if packages need to be pre-compiled, how is it possible for the REPL to start up instantly? After all, when that prompt appears, a slew of functions are already available, including the large and complex REPL system itself, along with its subsystems for documentation, package management, and more.

This is possible because all of that, along with other commonly used functions, is already compiled and included in a "sysimage": the binary that is loaded when you type julia. For a while now, the ability to create custom sysimages has been exposed to the user. So someone who routinely uses the Plots package along with, say, the Statistics package, could create a custom sysimage that already has these things pre-compiled. It will start up instantly, with all of the plotting and statistics functions ready to use.

A drawback to using sysimages is that the package versions compiled into them are, of course, frozen. Upgrading any of the ingredients of a sysimage means manually creating a new one. For those who want to learn how to do this, the PackageCompiler.jl package contains all of the functions required for creating sysimages; it comes with a manual complete with practical examples. A sysimage is not only useful for eliminating latency; it is the way to distribute Julia executable programs to those without the Julia runtime installed.

Final words

Since my last article here about Julia six months ago, the language has continued to increase its footprint in the world of high-performance and scientific computing. It has also undergone significant development, both in the language itself and in the ecosystem of packages for numerical, mathematical, and scientific applications.

Installation of Julia is simple. The latest releases can be found on the download page, as tarfiles for various operating systems and architectures. Simply download the appropriate file and unpack it, then create a link to the Julia binary somewhere in the executable path. After I expanded the tarfile for 1.6.1, I found that the installation occupied 393MB. Julia is also commonly found in the package managers of Linux distributions, but the versions there may be older than desired, depending on the distribution; for example, the version packaged with Debian 10 is 1.0.3, but Arch Linux is completely up to date.

Julia appears to have become established as one of a small handful of languages that are serious contenders for large-scale number-crunching projects. I'd like to highlight two interesting recent research initiatives with Julia at the core.

CliMA, the Climate Modeling Alliance, consists of researchers from Caltech, MIT, the Naval Postgraduate School, and NASA's Jet Propulsion Laboratory, who have joined to create an Earth-system simulation integrating data from multiple sources, including satellites and ground sensors. All of the code will be open source; simulation results and predictions will also be available to the public.

The system is based on a collection of Julia packages that are developed on GitHub. These range from the general-purpose fluid dynamics solver Oceananigans that I played with in this article, to VizCLIMA, which is a specialized tool for visualizing the results of CliMA simulations. One exciting thing about this type of open-source science is that anyone can check out current versions of any of these packages and calculate with them, as well as contribute improvements and bug fixes.

Julia Computing, a company established to create products and offer consulting to support the use of the language, has teamed with quantum-computing startup QuEra on a DARPA contract to apply machine learning to microelectronic system design. This project uses Julia code to train a reduced model of an electronic circuit that can be, potentially, several orders of magnitude faster to run than a detailed simulation, while remaining accurate. QuEra's goal is to acquire tools to design the control electronics for their quantum computers, a task for which they have found existing circuit-simulation technology inadequate.

The success of Julia in the scientific-computing sphere is an important development at the intersection of science, engineering, and free software (in the free speech sense). Until the advent of Julia, the only programming language with comparable influence and ubiquity in the science world was Fortran.

While there are capable free compilers for Fortran, large-scale computations using the language are usually performed using proprietary compilers created by chip manufacturers such as Intel. This is because these compilers squeeze the best performance out of particular CPUs. In contrast, the LLVM compiler used by Julia is a free-software project. Also, there is a strong tradition within the community of scientists using Julia to expose the code used in research to scrutiny, usually on GitHub. These are healthy developments for science, where, in the interests of transparency and reproducibility, ideally there should be no black boxes.

With this new release, Julia is easier than ever to get started with for those interested in exploring whether it might be suitable for their work or their play. On the timescale defined by Fortran, it's still a young language. And as Fortran has continuously evolved since the 1950s in response to the needs of its users, Julia will undoubtedly evolve as well, in directions that are unpredictable. It already occupies a unique position as a language that is both friendly to use as an interactive calculator and capable of running the most demanding number-crunching applications. Even for those not involved with scientific computing, I recommend looking into Julia as an example of interesting language and system design.

Comments (8 posted)

Security quotes of the week

This suggests a missing factor in machine-learning research: manners. We’ve evolved manners to signal to others that our intent is not hostile, and to negotiate the many little transactions that in a hostile environment might lead to a tussle for dominance. Yet these are hard for robots. Food-delivery robots can become unpopular for obstructing and harassing other pavement users; and one of the show-stoppers for automated driving is the difficulty that self-driving cars have in crossing traffic, or otherwise negotiating precedence with other road users. And even in the military, manners have a role – from the chivalry codes of medieval knights to the more modern protocols whereby warships and warplanes warn other craft before opening fire. If we let loose swarms of killer drones with no manners, conflict will be more likely.

— Ross Anderson

Traditionally, Rowhammer was understood to operate at a distance of one row: when a DRAM row is accessed repeatedly (the “aggressor”), bit flips were found only in the two adjacent rows (the “victims”). However, with Half-Double, we have observed Rowhammer effects propagating to rows beyond adjacent neighbors, albeit at a reduced strength. Given three consecutive rows A, B, and C, we were able to attack C by directing a very large number of accesses to A, along with just a handful (~dozens) to B. [...] This is likely an indication that the electrical coupling responsible for Rowhammer is a property of distance, effectively becoming stronger and longer-ranged as cell geometries shrink down. Distances greater than two are conceivable.

— Salman Qazi, Yoongu Kim, Nicolas Boichat, Eric Shiu & Mattias Nissler report on their discovery of Half-Double (Thanks to Paul Wise.)

When the floodgates open, democratic speech is in danger of drowning beneath a tide of fake letters and comments, tweets and Facebook posts. The danger isn’t just that fake support can be generated for unpopular positions, as happened with net neutrality. It is that public commentary will be completely discredited. This would be bad news for specialist AstroTurf companies, which would have no business model if there isn’t a public that they can pretend to be representing. But it would empower still further other kinds of lobbyists, who at least can prove that they are who they say they are.

We may have a brief window to shore up the flood walls. The most effective response would be to regulate what UCLA sociologist Edward Walker has described as the “grassroots for hire” industry. Organizations that deliberately fabricate citizen voices shouldn’t just be subject to civil fines, but to criminal penalties. Businesses that hire these organizations should be held liable for failures of oversight. [...]

— Bruce Schneier and Henry Farrell

Comments (6 posted)

Kernel release status

The current development kernel is 5.13-rc3, released on May 23. "It's been a very calm rc3 week, and at least in pure number of commits this is the smallest rc3 we've had in the 5.x series. Considering that the merge window was not in any way small, this is a bit surprising, but I suspect it's one of those 'not everybody sent in fixes this week' things that will rectify itself next week."

Smallness notwithstanding, there are a couple of interesting things in 5.13-rc3, the first of which is a big set of reverts and fixes for a long series of broken patches identified in the TAB report on the UMN mess.

The other notable change in 5.13-rc3 is that the quotactl_path() system call, which was added during the 5.13 merge window, has been disabled. The commit turning it off notes that the concerns about this call were first raised in the LWN comment stream — good work everybody!

Stable updates: 5.12.6, 5.10.39, 5.4.121, 4.19.191, 4.14.233, 4.9.269, and 4.4.269 were released on May 22, followed by 5.12.7, 5.10.40, 5.4.122, 4.19.192, 4.14.234, 4.9.270, and 4.4.270 on May 26.

Comments (none posted)

Quotes of the week

It matters because over time the Standard and the common compilers have made C an unsuitable language for developing a range of applications, from memory allocators, to cryptography applications, to threading libraries and, especially operating systems. We have the absurd situation that C, specifically constructed to write the UNIX kernel, cannot be used to write operating systems. In fact, Linux and other operating systems are written in an unstable dialect of C that is produced by using a number of special flags that turn off compiler transformations based on undefined behavior (with no guarantees about future “optimizations”). The Postgres database also needs some of these flags as does the libsodium encryption library and even the machine learning tensor-flow package.

— Victor Yodaiken

If [RISC-V] vendors want to make sure their hardware is supported then the best way to do that is to make sure specifications get ratified in a timely fashion that describe the behavior required from their products. That way we have an agreed upon interface that vendors can implement and software can rely on. I understand that a lot of people are frustrated with the pace of that process when it comes to the H [virtualization] extension, but circumventing that process doesn't fix the fundamental problem. If there really are products out there that people can't build because the H extension isn't upstream then we need to have a serious discussion about those, but without something specific to discuss this is just going to devolve into speculation which isn't a good use of time.

— Palmer Dabbelt

Please describe the runtime effects of this bug. Please always include this information when fixing bugs. And when adding them.

— Andrew Morton

Comments (28 posted)

CSIRO's seL4 project shut down

In 2018, LWN covered a talk by Gernot Heiser about the seL4 project, which has developed an open-source operating system for safety-critical applications and gone to the trouble of proving its correctness. Much of that work has been done at CSIRO in Australia. Heiser has announced via Twitter that CSIRO's support for this project is being shut down, with the staff being redirected to artificial-intelligence projects. Hopefully the seL4 Foundation, established in 2020, will be able to carry on this interesting work.

Comments (10 posted)

Distribution quote of the week

Modern (>2010) networked printers JustWork(tm), without need for local drivers. CUPS-shared printers JustWork(tm), also without local drivers. Folks with smartphones can print to most CUPS-attached printers, again, no drivers.

We have a standard _lossless_ raster image format that all printers must accept. We have a native PDF-based print flow, enabling far more consistent rendering behavior than pure postscript, as well as a much richer set of capabilities.

We have end-to-end colorspace awareness, with automatic colorspace conversion if the appropriate profiles are installed. We have sane auto-scaling/cropping modes that generally do the right thing in the face of aspect ratio mismatches.

We're closer than ever to a universal printing system that is not tied to any specific OS or client, and that behaves identically no matter where or how the printer is attached. Underpinning all of this are formally standardized protocols (and equally importantly, well-defined behaviors), Free Software reference implementations and conformance tests.

Of course we also have bugs galore, because it's software.

— Solomon Peachy

Linux distributions on smartphones are here to stay!

— postmarketOS blog

Comments (6 posted)

Inkscape 1.1 released

Version 1.1 of the Inkscape vector image editor has been released. "Among the highlights in Inkscape 1.1 are a Welcome dialog, a Command Palette, a revamped Dialog Docking System, and searchable preference options, along with new formats for exporting your work."

Comments (none posted)

Magit 3.0 released

Version 3.0 of Magit, a Git interface that runs inside emacs, has been released. "The big change are the completely reworked menus used to select arguments and invoke suffix commands. Magit now uses the Transient package to implement these menus." See the release notes for more details.

Comments (2 posted)

Perl 5.34.0 released

Version 5.34.0 of the Perl language has been released. "Perl 5.34.0 represents approximately 11 months of development since Perl 5.32.0 and contains approximately 280,000 lines of changes across 2,100 files from 78 authors." See this page for a list of changes; they include a new try/catch syntax, a new octal syntax, and many improvements to various modules.

Full Story (comments: 24)

Development quote of the week

One morning recently, I was staring at a git tree when the realisation slapped me in the face that in a git workflow the primary / master / main branches reflected a consensus point in that workflow.

    Consensus: Decisions are reached in a dialogue between equals

That realisation settled it pretty hard for me, consensus not only accurately reflected the point in the workflow but was also the most correct English word for what that branch represented.

— Craige McWhirter

Comments (none posted)

CFP Deadlines: May 27, 2021 to July 26, 2021

The following listing of CFP deadlines is taken from the LWN.net CFP Calendar.

Deadline	Event Dates	Event	Location
June 10	July 19 July 23	Netdev 0x15 Main Conference	Online
June 13	September 27 September 29	OSPOCon	Seattle, WA, and online
June 13	September 27 September 30	Open Source Summit + Embedded Linux Conference	Seattle, WA, and online
June 13	September 28 September 30	Qt Developer Conference [POSTPONED]	Berlin, Germany
June 14	September 13 September 14	OpenMP Developer Conference	Bristol, UK
June 20	August 22 August 29	DebConf	Online
June 20	October 11 October 12	Open Networking & Edge Summit + Kubernetes on Edge Day	Virtual
July 4	September 15 September 17	X.Org Developers Conference 2021	Virtual
July 10	August 6 August 8	openSUSE.Asia Virtual Summit 2021	Faridabad, India
July 11	November 9 November 10	Open Source Strategy Forum New York	New York, NY, USA
July 11	October 4 October 5	Open Source Strategy Forum London	London, UK
July 11	September 29 October 1	Linux Security Summit	Seattle, WA, and online
July 13	September 8 September 10	Linaro Virtual Connect	Online
July 15	August 7	Raku Conference	Online
July 15	September 16	Practical Open Source Information	Online
July 18	October 6	OSPOCon Europe	London, UK
July 23	August 18 August 19	eBPF Summit	Virtual
July 24	August 14 August 15	OpenFest 2021	Sofia, Bulgaria

If the CFP deadline for your event does not appear here, please tell us about it.

Events: May 27, 2021 to July 26, 2021

The following event listing is taken from the LWN.net Calendar.

Date(s)	Event	Location
June 1 June 30	Ceph Month June	Virtual
June 3	Live Embedded Event	Online
June 15 June 16	stackconf online 2021	Online
June 18 June 25	Akademy 2021	Online
June 18 June 20	openSUSE conference	online
June 22 June 23	Postgres Vision 2020	online
June 23	Linaro and Arm CCA Tech Event	Online
June 24 June 25	Build Meetup 2021	Virtual
July 9 July 11	State of the Map	Online
July 13 July 14	Netdev 0x15 Workshops & Tutorials	Online
July 19 July 23	Netdev 0x15 Main Conference	Online
July 21 July 25	GUADEC	Online

If your event does not appear here, please tell us about it.

Alert summary May 20, 2021 to May 26, 2021

Dist.	ID	Release	Package	Date
Arch Linux	ASA-202105-3		ceph	2021-05-20
Arch Linux	ASA-202105-7		chromium	2021-05-20
Arch Linux	ASA-202105-18		djvulibre	2021-05-26
Arch Linux	ASA-202105-21		dotnet-runtime	2021-05-26
Arch Linux	ASA-202105-22		dotnet-runtime-3.1	2021-05-26
Arch Linux	ASA-202105-20		dotnet-sdk	2021-05-26
Arch Linux	ASA-202105-23		dotnet-sdk-3.1	2021-05-26
Arch Linux	ASA-202105-5		firefox	2021-05-20
Arch Linux	ASA-202105-4		gitlab	2021-05-20
Arch Linux	ASA-202105-26		gupnp	2021-05-26
Arch Linux	ASA-202105-9		hedgedoc	2021-05-20
Arch Linux	ASA-202105-28		hivex	2021-05-26
Arch Linux	ASA-202105-6		keycloak	2021-05-20
Arch Linux	ASA-202105-12		libx11	2021-05-20
Arch Linux	ASA-202105-27		lz4	2021-05-26
Arch Linux	ASA-202105-14		mariadb	2021-05-20
Arch Linux	ASA-202105-19		matrix-synapse	2021-05-26
Arch Linux	ASA-202105-13		opendmarc	2021-05-20
Arch Linux	ASA-202105-25		prometheus	2021-05-26
Arch Linux	ASA-202105-11		prosody	2021-05-20
Arch Linux	ASA-202105-15		python-babel	2021-05-20
Arch Linux	ASA-202105-2		python-flask-security-too	2021-05-20
Arch Linux	ASA-202105-24		python-pydantic	2021-05-26
Arch Linux	ASA-202105-1		redmine	2021-05-20
Arch Linux	ASA-202105-17		runc	2021-05-26
Arch Linux	ASA-202105-10		squid	2021-05-20
Arch Linux	ASA-202105-29		thunderbird	2021-05-26
Arch Linux	ASA-202105-8		vivaldi	2021-05-20
Arch Linux	ASA-202105-16		websvn	2021-05-26
Debian	DLA-2666-1	LTS	libx11	2021-05-24
Debian	DSA-4920-1	stable	libx11	2021-05-24
Debian	DSA-4919-1	stable	lz4	2021-05-21
Debian	DSA-4916-2	stable	prosody	2021-05-21
Debian	DLA-2665-1	LTS	ring	2021-05-23
Fedora	FEDORA-2021-0e0fd08e44	F34	cacti	2021-05-20
Fedora	FEDORA-2021-0e0fd08e44	F34	cacti-spine	2021-05-20
Fedora	FEDORA-2021-6e540b85b9	F32	ceph	2021-05-23
Fedora	FEDORA-2021-1bf13db941	F33	ceph	2021-05-23
Fedora	FEDORA-2021-ec414c5e18	F34	ceph	2021-05-21
Fedora	FEDORA-2021-8a098ecbcf	F33	composer	2021-05-26
Fedora	FEDORA-2021-ab7d0d3486	F34	composer	2021-05-26
Fedora	FEDORA-2021-b2bd2b1d13	F34	exif	2021-05-20
Fedora	FEDORA-2021-4f06d202d4	F32	firefox	2021-05-20
Fedora	FEDORA-2021-2ba993d6c5	F33	glibc	2021-05-22
Fedora	FEDORA-2021-8832eab899	F32	kernel	2021-05-20
Fedora	FEDORA-2021-0722515c0a	F32	kernel	2021-05-23
Fedora	FEDORA-2021-4f852b79d1	F33	kernel	2021-05-20
Fedora	FEDORA-2021-bae582b42c	F34	kernel	2021-05-20
Fedora	FEDORA-2021-e8b7e177a4	F34	libxml2	2021-05-24
Fedora	FEDORA-2021-179f2fbb88	F32	mariadb	2021-05-20
Fedora	FEDORA-2021-1716261bc3	F34	moodle	2021-05-26
Fedora	FEDORA-2021-9fde3d7ab1	F33	python-eventlet	2021-05-25
Fedora	FEDORA-2021-d5915c247b	F34	python-eventlet	2021-05-25
Fedora	FEDORA-2021-3f378dda90	F34	python-pip	2021-05-24
Fedora	FEDORA-2021-f8bb3ba3ec	F33	python-pydantic	2021-05-21
Fedora	FEDORA-2021-4d3de3183f	F34	python-pydantic	2021-05-21
Fedora	FEDORA-2021-f75a803ff3	F33	slurm	2021-05-24
Fedora	FEDORA-2021-335cd3eab7	F34	slurm	2021-05-24
Fedora	FEDORA-2021-38e1f87ac3	F32	thunderbird	2021-05-20
Fedora	FEDORA-2021-fa78f3ca9f	F34	tpm2-tss	2021-05-24
Fedora	FEDORA-2021-935da812d7	F33	wordpress	2021-05-26
Fedora	FEDORA-2021-5abe99c62b	F34	wordpress	2021-05-26
Gentoo	202105-34		bash	2021-05-26
Gentoo	202105-04		boost	2021-05-26
Gentoo	202105-09		busybox	2021-05-26
Gentoo	202105-33		containerd	2021-05-26
Gentoo	202105-36		curl	2021-05-26
Gentoo	202105-20		dnsmasq	2021-05-26
Gentoo	202105-24		ffmpeg	2021-05-26
Gentoo	202105-19		firejail	2021-05-26
Gentoo	202105-10		gnome-autoar	2021-05-26
Gentoo	202105-03		gptfdisk	2021-05-26
Gentoo	202105-08		icu	2021-05-26
Gentoo	202105-18		lcms	2021-05-26
Gentoo	202105-16		libX11	2021-05-26
Gentoo	202105-28		mariadb	2021-05-26
Gentoo	202105-13		mumble	2021-05-26
Gentoo	202105-30		mupdf	2021-05-26
Gentoo	202105-05		mutt	2021-05-26
Gentoo	202105-27		mysql	2021-05-26
Gentoo	202105-31		nettle	2021-05-26
Gentoo	202105-37		nextcloud-client	2021-05-26
Gentoo	202105-12		opensmtpd	2021-05-26
Gentoo	202105-35		openssh	2021-05-26
Gentoo	202105-25		openvpn	2021-05-26
Gentoo	202105-23		php	2021-05-26
Gentoo	202105-32		postgresql	2021-05-26
Gentoo	202105-15		prosody	2021-05-26
Gentoo	202105-17		rxvt-unicode	2021-05-26
Gentoo	202105-22		samba	2021-05-26
Gentoo	202105-11		screen	2021-05-26
Gentoo	202105-06		smarty	2021-05-26
Gentoo	202105-26		spamassassin	2021-05-26
Gentoo	202105-14		squid	2021-05-26
Gentoo	202105-02		stunnel	2021-05-26
Gentoo	202105-29		tar	2021-05-26
Gentoo	202105-21		tcpreplay	2021-05-26
Gentoo	202105-07		telegram-desktop	2021-05-26
Mageia	MGASA-2021-0220	7, 8	bind	2021-05-23
Mageia	MGASA-2021-0214	7, 8	kernel	2021-05-19
Mageia	MGASA-2021-0215	7, 8	kernel-linus	2021-05-19
Mageia	MGASA-2021-0219	7, 8	libx11	2021-05-23
Mageia	MGASA-2021-0213	7, 8	libxml2	2021-05-19
Mageia	MGASA-2021-0218	7, 8	mediawiki	2021-05-23
Mageia	MGASA-2021-0216	7, 8	openjpeg2	2021-05-22
Mageia	MGASA-2021-0221	7, 8	postgresql	2021-05-23
Mageia	MGASA-2021-0217	7, 8	thunderbird	2021-05-22
openSUSE	openSUSE-SU-2021:0794-1		Botan	2021-05-25
openSUSE	openSUSE-SU-2021:0765-1	15.2	Botan	2021-05-22
openSUSE	openSUSE-SU-2021:0787-1		cacti, cacti-spine	2021-05-24
openSUSE	openSUSE-SU-2021:0755-1	15.2	cacti, cacti-spine	2021-05-21
openSUSE	openSUSE-SU-2021:0755-1	SPH SLE12	cacti, cacti-spine	2021-05-21
openSUSE	openSUSE-SU-2021:0762-1	15.2	chromium	2021-05-22
openSUSE	openSUSE-SU-2021:0759-1	15.2	djvulibre	2021-05-22
openSUSE	openSUSE-SU-2021:0754-1	oSB SLE15	exim	2021-05-20
openSUSE	openSUSE-SU-2021:0753-1	oSB SLE15	exim	2021-05-20
openSUSE	openSUSE-SU-2021:0763-1	15.2	fribidi	2021-05-22
openSUSE	openSUSE-SU-2021:0757-1	15.2	graphviz	2021-05-22
openSUSE	openSUSE-SU-2021:0790-1	15.2	grub2	2021-05-25
openSUSE	openSUSE-SU-2021:0776-1	15.2	java-1_8_0-openj9	2021-05-23
openSUSE	openSUSE-SU-2021:0752-1	oSB SLE15	jhead	2021-05-19
openSUSE	openSUSE-SU-2021:0758-1	15.2	kernel	2021-05-22
openSUSE	openSUSE-SU-2021:0773-1	15.2	libass	2021-05-23
openSUSE	openSUSE-SU-2021:0764-1	15.2	libxml2	2021-05-22
openSUSE	openSUSE-SU-2021:0760-1	15.2	lz4	2021-05-22
openSUSE	openSUSE-SU-2021:0788-1	15.2	mpv	2021-05-24
openSUSE	openSUSE-SU-2021:0772-1	15.2	python-httplib2	2021-05-23
Oracle	ELSA-2021-2032	OL7	slapi-nis	2021-05-19
Oracle	ELSA-2021-2032	OL7	slapi-nis	2021-05-19
Oracle	ELSA-2021-2033	OL7	xorg-x11-server	2021-05-19
Oracle	ELSA-2021-2033	OL7	xorg-x11-server	2021-05-19
Red Hat	RHSA-2021:2106-01	EL8.1	kernel	2021-05-25
Red Hat	RHSA-2021:2099-01	EL8.1	kpatch-patch	2021-05-25
Red Hat	RHSA-2021:2104-01	SCL	rh-ruby25-ruby	2021-05-25
Scientific Linux	SLSA-2021:2032-1	SL7	slapi-nis	2021-05-20
Scientific Linux	SLSA-2021:2033-1	SL7	xorg-x11-server	2021-05-20
Slackware	SSA:2021-143-01		expat	2021-05-23
Slackware	SSA:2021-145-01		gnutls	2021-05-25
Slackware	SSA:2021-139-01		libX11	2021-05-19
SUSE	SUSE-SU-2021:1649-1	MP4.0 SLE15 SES6	djvulibre	2021-05-19
SUSE	SUSE-SU-2021:1645-1	OS8 OS9 SLE12	djvulibre	2021-05-19
SUSE	SUSE-SU-2021:14728-1	SLE11	djvulibre	2021-05-19
SUSE	SUSE-SU-2021:1641-1	SLE15	djvulibre	2021-05-19
SUSE	SUSE-SU-2021:1655-1	SLE15	fribidi	2021-05-19
SUSE	SUSE-SU-2021:1651-1	MP4.0 SLE15 SES6	graphviz	2021-05-19
SUSE	SUSE-SU-2021:1646-1	OS8 OS9 SLE12	graphviz	2021-05-19
SUSE	SUSE-SU-2021:1636-1	SLE15	grub2	2021-05-19
SUSE	SUSE-SU-2021:1760-1	SLE12	hivex	2021-05-26
SUSE	SUSE-SU-2021:1761-1	SLE15	hivex	2021-05-26
SUSE	SUSE-SU-2021:1664-1	SLE15	libass	2021-05-20
SUSE	SUSE-SU-2021:1755-1	SLE15	libu2f-host	2021-05-25
SUSE	SUSE-SU-2021:1658-1	OS8 OS9 SLE12	libxml2	2021-05-19
SUSE	SUSE-SU-2021:14729-1	SLE11	libxml2	2021-05-19
SUSE	SUSE-SU-2021:1654-1	SLE15	libxml2	2021-05-19
SUSE	SUSE-SU-2021:1647-1	MP4.0 SLE15 SES6	lz4	2021-05-19
SUSE	SUSE-SU-2021:1637-1	SLE15	python-httplib2	2021-05-19
SUSE	SUSE-SU-2021:1652-1	SLE15	redis	2021-05-19
SUSE	SUSE-SU-2021:1650-1	OS7	rubygem-actionpack-4_2	2021-05-19
SUSE	SUSE-SU-2021:1759-1	SLE15	rubygem-actionpack-5_1	2021-05-26
SUSE	SUSE-SU-2021:1648-1	OS9 SLE12	xen	2021-05-19
Ubuntu	USN-4965-2	14.04 16.04	apport	2021-05-25
Ubuntu	USN-4965-1	18.04 20.04 20.10 21.04	apport	2021-05-25
Ubuntu	USN-4964-1	16.04 18.04 20.04 20.10 21.04	exiv2	2021-05-25
Ubuntu	USN-4966-2	14.04 16.04	libx11	2021-05-25
Ubuntu	USN-4966-1	18.04 20.04 20.10 21.04	libx11	2021-05-25
Ubuntu	USN-4963-1	18.04 20.04 20.10 21.04	pillow	2021-05-19
Ubuntu	USN-4962-1	14.04 16.04 18.04 20.04 20.10 21.04	python-babel	2021-05-19

Full Story (comments: none)