[$] NonStop discussion around adding Rust to Git
The Linux kernel community's discussions about including Rust have
<a href="https://lwn.net/Kernel/Index/#Development_tools-Rust" rel="nofollow">
gotten a lot of attention</a>, but the kernel is not the only project wrestling
with the question of whether to allow Rust. The Git project
<a href="https://lwn.net/ml/git/ZZ77NQkSuiRxRDwt@nand.local/" rel="nofollow">
discussed</a> the prospect in January, and then
<a href="https://lwn.net/ml/all/Zu2DmS30E0kKug2a@nand.local/" rel="nofollow">
again</a> at the Git Contributor's Summit in September. Complicating the
discussion is the Git project's lack of a policy on platform
support, and the fact that it does already have tools written in other
languages.
While the project has not committed to using
or avoiding Rust, it seems like only a matter of time until maintainers will
have to make a decision.
https://lwn.net/Articles/998115/
[$] The beginning of the 6.13 merge window
As of this writing, just over 1,800 non-merge changesets have been pulled
into the mainline kernel for the 6.13 release. That number may seem small,
given that a typical merge window brings in at least 12,000 commits, but
the early pulls this time around have focused on significant core changes,
and there are quite a few of them. The time has come to summarize the
changes pulled so far, including lazy preemption, multi-grained timestamps,
new extended-attribute system calls, and more.
https://lwn.net/Articles/998623/
Security updates for Thursday
Security updates have been issued by AlmaLinux (kernel, NetworkManager-libreswan, and openssl), Fedora (chromium and llvm-test-suite), Mageia (thunderbird), and Ubuntu (linux-aws-6.8, linux-azure, linux-azure-6.8, linux-oracle-6.8,, linux-azure, and ruby2.7).
https://lwn.net/Articles/998949/
Plans for CHICKEN 6
<a href="https://www.call-cc.org/" rel="nofollow">
CHICKEN Scheme</a>, a portable Scheme compiler, is gearing up for its next major release. Maintainer Felix Winkelmann has
shared
<a href="https://www.more-magic.net/posts/chicken-6.html" rel="nofollow">
an article</a> about what changes to expect in version 6 of the language, including better Unicode support and support for the
<a href="https://r7rs.org/" rel="nofollow">
R7RS</a> Scheme standard.
Every major release is a chance of fixing long-standing problems with the codebase and address bad design decisions. CHICKEN is now nearly 25 years old and we had many major overhauls of the system. Sometimes these caused a lot of pain, but still we always try to improve things and hopefully make it more enjoyable and practical for our users. There are places in the code that are messy, too complex, or that require cleanup or rewrite, always sitting there waiting to be addressed. On the other hand CHICKEN has been relatively stable compared to many other language implementations and has a priceless community of users that help us improving it. Our users never stop reminding us of what could be better, where the shortcomings are, where things are hard to use or inefficient.
https://lwn.net/Articles/998856/
FreeCAD 1.0 released
It took more than 20 years, but the FreeCAD computer-aided design project
has just <a href="https://blog.freecad.org/2024/11/19/freecad-version-1-0-released/" rel="nofollow">made
its 1.0 release</a>.
Since the very beginnings, the FreeCAD community had a clear view
of what 1.0 represented for us. What we wanted in it. FreeCAD
matured over the years, and that list narrowed down to just two
major remaining pieces: fixing the toponaming problem, and having a
built-in assembly module.
Well, I'm very proud to say those two issues are now solved.
https://lwn.net/Articles/998807/
[$] Book review: Run Your Own Mail Server
The most common piece of advice given to users who ask about
running their own mail server is https://lwn.net/Articles/987566/
. Setting up
and securing a mail server in 2024 is not for the faint of heart, nor
for anyone without copious spare time. Spammers want to flood inboxes
with ads for questionable supplements, attackers want to abuse servers
to send spam (or worse), and getting the big providers to accept mail
from small servers is a constant uphill battle. Michael W. Lucas,
however, encourages users to thumb their nose at the "Email
Empire", and declare email independence. His self-published book,
<a href="https://mwl.io/nonfiction/tools#ryoms" rel="nofollow">Run Your Own Mail
Server</a>, provides a manual (and manifesto) for users who are
interested in the challenge.
https://lwn.net/Articles/998153/
Incus 6.7 released
Version 6.7 of the Incus container-management system (forked from LXD) has
been released. "This is another one of those pretty well rounded
releases with new features and improvements for everyone". New
features include automatic cluster rebalancing, DHCP improvements, and more.
https://lwn.net/Articles/998756/
AlmaLinux 9.5 released
Version 9.5 of the AlmaLinux enterprise-oriented distribution has been
released.
AlmaLinux 9.5 aims to improve performance, development tooling, and
security. Updated module streams offer better support for web
applications. New versions of compilers provide access to the
latest features and optimizations that improve performance and
enable better code generation. The release also introduces
improvements to system performance monitoring, visualization, and
system performance data collecting.
https://lwn.net/Articles/998637/
[$] Development statistics for 6.12
Linus Torvalds <a href="https://lwn.net/ml/all/CAHk-=wgtGkHshfvaAe_O2ntnFBH3EprNk1juieLmjcF2HBwBgQ@mail.gmail.com/" rel="nofollow">released
the 6.12 kernel</a> on November 17, as expected. This development
cycle, the last for 2024, brought 13,344 non-merge changesets into the
mainline kernel; that made it a relatively slow cycle from this
perspective, but 6.12 includes a long list of significant new features.
The time has come to look at where those changes came from, and to look at
the year-long LTS cycle as well.
https://lwn.net/Articles/997959/
[$] Two approaches to tightening restrictions on loadable modules
The kernel's loadable-module facility allows code to be loaded into (and
sometimes removed from) a running kernel. Among other things, loadable
modules make it possible to run a kernel with only the subsystems needed
for the system's hardware and workload. Loadable modules can also make it
easy for out-of-tree code to access parts of the kernel that developers
would prefer to keep private; this has led to https://lwn.net/Kernel/Index/#Modules-Exported_symbols
in the
past. The topic has returned to the kernel's mailing lists with two
different patch sets aimed at further tightening the restrictions applied
to loadable modules.
https://lwn.net/Articles/998221/
Security updates for Friday
Security updates have been issued by Debian (curl and unbound), Fedora (krb5 and microcode_ctl), Red Hat (kernel and kernel-rt), SUSE (glib2, python3-wxPython, and ucode-intel), and Ubuntu (golang-1.17, golang-1.18, libgd2, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-gke, linux-raspi, linux-raspi, linux-raspi-5.4, and php7.0, php7.2).
https://lwn.net/Articles/998291/
[$] Dancing the DMA two-step
Direct memory access (DMA) I/O is simple in concept: a peripheral device
moves data directly to or from memory while the CPU is busy doing other
things. As is so often the case, DMA is rather more complicated in
practice, and the kernel has developed a complicated internal API to
support it. It turns out that the DMA API, as it exists now, can affect
the performance of some high-bandwidth devices. In an effort to address
that problem, Leon Romanovsky is making the API even more complex with https://lwn.net/ml/all/cover.1731244445.git.leon@kernel.org
adding a new two-step mapping API.
https://lwn.net/Articles/997563/
Security updates for Thursday
Security updates have been issued by Fedora (llama-cpp, mingw-expat, python3.6, webkit2gtk4.0, and xorg-x11-server-Xwayland), Mageia (java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-21-openjdk & java-latest-openjdk and libarchive), Oracle (expat, gstreamer1-plugins-base, kernel, libsoup, podman, and tigervnc), SUSE (buildah, java-1_8_0-openjdk, and switchboard-plug-bluetooth), and Ubuntu (zlib).
https://lwn.net/Articles/998143/
[$] Truly portable C applications
Programming language polyglots are files that are valid
programs in multiple languages, and do different things in each. While polyglots are normally
nothing more than a curiosity, the
<a href="https://justine.lol/cosmopolitan/index.html" rel="nofollow">
Cosmopolitan Libc</a> project has been trying
to put them to a novel use: producing native, multi-platform binaries that
run directly on several operating systems and architectures. There are still
some rough edges with the project's approach, but it is generally possible to
build C programs into a polyglot format with with minimal
tweaking.
https://lwn.net/Articles/997238/
Security updates for Wednesday
Security updates have been issued by AlmaLinux (expat), Fedora (chromium and golang-github-nvidia-container-toolkit), Mageia (curl, expat, mpg123, networkmanager-libreswan, openssl, php-tcpdf, qbittorrent, and x11-server, x11-server-xwayland, and tigervnc), Red Hat (kernel and libsoup), Slackware (mozilla), SUSE (firefox, kernel, python-PyPDF2, and xen), and Ubuntu (dotnet9, ghostscript, linux-aws, linux-oem-6.8, and pydantic).
https://lwn.net/Articles/998044/
[$] Progress on toolchain security features
Over the years, there has been steady progress in adding security features to
compilers and other tools to assist with hardening the Linux kernel (and, of course, other
programs). In something of a tradition in the <a href="https://lpc.events/event/18/sessions/180/#20240918" rel="nofollow">toolchains
track</a> at the <a href="https://linuxplumbersconf.org" rel="nofollow">Linux
Plumbers Conference</a>, Kees Cook and Qing Zhao have led a session on that progress and
further plans; this year, they were joined by Justin Stitt (https://www.youtube.com/watch?v=68PZz_9cPms
).
https://lwn.net/Articles/996344/
Anaconda’s new "Web UI" (Fedora Magazine)
Garrett LeSage has written an in-depth https://fedoramagazine.org/anaconda-installer-redesign/
for Fedora Magazine about a new web-based user interface (UI) for Fedora's
https://fedoraproject.org/wiki/Anaconda%22
installer, planned to ship with Fedora 42. The article looks at
the rationale for moving from GTK3 to a web-based UI, provides a
number of screenshots and demo screencasts, as well as instructions on
trying out the new installer with Fedora Rawhide.
https://lwn.net/Articles/997927/
[$] The top open-source security events in 2024
What have been the most significant security-related incidents for the
open-source community in 2024 (so far)? Marta Rybczyńska recently ran a
poll and got some interesting results. At the 2024 <a href="https://events.linuxfoundation.org/open-source-summit-japan/" rel="nofollow">Open
Source Summit Japan</a>, she presented those results along with some
commentary of her own. The events in question are unlikely to be a
surprise to LWN readers, but the overall picture that was presented was
worth a look.
https://lwn.net/Articles/996955/
[$] Back In Time back from the dead
<a href="https://github.com/bit-team/backintime?tab=readme-ov-file#back-in-time" rel="nofollow">
Back In Time</a> is a GPL-2.0-licensed backup tool based on
<a href="https://rsync.samba.org/" rel="nofollow">
rsync</a> and written in Python. It has both graphical and command-line interfaces, and
supports backups to local disks or over SSH.
Back In Time was originally written by
Oprea Dan and released in 2009. The tool has been
through some rough patches over the years, and is currently on its third set of
maintainers. Christian Buhtz, one of the current maintainers, explained to me
how he and his co-maintainers had revived the project, as well as why he thought
Back In Time stood out from all of the existing backup solutions.
https://lwn.net/Articles/996720/
[$] Pondering systemd-homed for Fedora
Fedora Linux, as a rule, handles version upgrades reasonably
well. However, there are times when users may want to do a fresh
installation rather than an upgrade but preserve existing
users and data under /home. This is a scenario that the
Fedora installer, currently, does not address. Users can maintain a
separate /home partition, of course, but the installer does
not incorporate existing users into the new install—that is an
exercise left to the user to handle. One solution might be to use https://systemd.io/HOME_DIRECTORY/
, a systemd
service for managing users and home directories. However, a discussion
proposing the use systemd-homed as part of Fedora installation
uncovered some hurdles, such as trying to blend its approach to
managing users with tools that centralize user management.
https://lwn.net/Articles/995915/
Cohen: gccrs: An alternative compiler for Rust
Arthur Cohen has posted <a href="https://blog.rust-lang.org/2024/11/07/gccrs-an-alternative-compiler-for-rust.html" rel="nofollow">a
detailed introduction to the gccrs project</a> on the Rust Blog, seemingly
with the goal of convincing the Rust community about the value of the
project.
Likewise, many GCC plugins are used for increasing the safety of
critical projects such as the Linux kernel, which has recently
gained support for the Rust programming language. This makes
gccrs a useful tool for analyzing unsafe Rust code, and
more generally Rust code which has to interact with existing C
code. We also want gccrs to be a useful tool for
rustc itself by helping pan out the Rust specification
effort with a unique viewpoint - that of a tool trying to replicate
another's functionality, oftentimes through careful experimentation
and source reading where the existing documentation did not go into
enough detail.
(LWN last https://lwn.net/Articles/991199/
in October).
https://lwn.net/Articles/997483/
[$] The trouble with struct sockaddr's fake flexible array
Flexible arrays — arrays that are declared as the final member of a
structure and which have a size determined at run time — have long drawn
the attention of developers seeking to harden the kernel against
buffer-overflow vulnerabilities. These arrays have reliably been a source
of bugs, so anything that can be done to ensure that operations on them
stay within bounds is a welcome improvement. While many improvements,
including the recent https://lwn.net/Articles/936728/
, have
been made, one of the most difficult cases remains. Now, however,
developers who are interested in using recent compiler bounds-checking
features are trying to get a handle on struct sockaddr.
https://lwn.net/Articles/997094/
[$] Building secure images with NixOS
Image-based Linux distributions have seen increasing popularity, recently. They
promise reliability and security, but pose packaging problems for
existing distributions. Ryan Lahfa and Niklas Sturm spoke about the work that
NixOS has done to enable an image-based workflow at this year's
<a href="https://all-systems-go.io/" rel="nofollow">
All Systems Go!</a>
conference in Berlin.
Unfortunately, LWN was not able to cover the conference for scheduling reasons,
but the
<a href="https://www.youtube.com/watch?v=YAl27ciB6c8&list=PLWYdJViL9EipIImmvuoGFAeS-lKeHH2DD" rel="nofollow">
videos of the event</a> are available for anyone interested in watching the
talks.
Lahfa and Sturm explained that it is currently possible to create a
<a href="https://nixos.org/" rel="nofollow">
NixOS</a> system that
cryptographically verifies the kernel, initrd, and Nix store on boot — although
doing so still has some rough edges. Making an image-based NixOS installation is
similarly possible.
https://lwn.net/Articles/996329/
Funding restored for man-page maintenance
Man pages maintainer Alejandro Colomar https://lwn.net/Articles/989215/
in September that he was suspending
his work due to a lack of support. He has now <a href="https://lwn.net/ml/all/nimzecx26lzxo2v64qjazmisbwfeljpto522wlnauktqesmdoc@gv3yrp64cvug" rel="nofollow">let
it be known</a> that funding has been found for the next year at least:
We've been talking for a couple of months, and we have already
agreed to sign a contract through the LF [Linux Foundation], where
a number of companies provide the funds for the contract. The
contract will cover the next 12 months for the agreed amount, and
we should sign it in the following days. Since I've already seen a
draft of the contract, and it looks good, I've already started
maintaining the project again, starting on Nov 1st.
https://lwn.net/Articles/997193/
Security updates for Wednesday
Security updates have been issued by AlmaLinux (libtiff), Debian (context, libheif, and thunderbird), Fedora (php-tcpdf, syncthing, and thunderbird), Gentoo (EditorConfig core C library, Flatpak, Neat VNC, and Ubiquiti UniFi), Oracle (bcc, bpftrace, grafana-pcp, haproxy, kernel, krb5, libtiff, python-gevent, python3.11-urllib3, python3.12-urllib3, and xmlrpc-c), Red Hat (python3.11-urllib3), SUSE (audacity, curl, govulncheck-vulndb, gradle, htmldoc, libgsf, python310, and qbittorrent), and Ubuntu (linux-aws-5.4, linux-oracle-5.4, mpg123, and python-werkzeug).
https://lwn.net/Articles/997182/
LXQt 2.1.0 released
<a href="https://lxqt-project.org/release/2024/11/05/release-lxqt-2-1-0/" rel="nofollow">Version
2.1.0</a> of the https://lxqt-project.org/
lightweight Qt desktop environment has been released. The highlight of
this release is support for multiple Wayland compositors:
Through its new component lxqt-wayland-session, LXQt 2.1.0
supports 7 Wayland sessions (with Labwc, KWin, Wayfire, Hyprland,
Sway, River and Niri), has two Wayland back-ends in
lxqt-panel (one for kwin_wayland and the other
general), and will add more later. All LXQt components that are not
limited to X11 — i.e., most components — work fine on Wayland. [...]
Of course, the X11 session will be supported
indefinitely. Wayland is optional and rather experimental.
https://lwn.net/Articles/997034/
The BPF instruction set architecture is now RFC 9669
After a couple of years of effort, the BPF instruction set architecture has
been accepted as <a href="https://www.rfc-editor.org/rfc/rfc9669.html" rel="nofollow">RFC
9669</a>, giving it a standard outside of the in-kernel implementation. <a href="https://lwn.net/ml/all/20241105035101.GD41004@maniforge" rel="nofollow">This message from David
Vernet</a> (who also contributed <a href="https://lwn.net/Articles/926882/" rel="nofollow">an article on
the standardization process</a> last year) describes the process and why it
is important:
Though some vendors have already implemented BPF offloading
capabilities without having a standardized ISA, others are not
quite as risk tolerant. As Christoph [Hellwig] discussed at LSFMM
2022, certain NVMe vendors have expressed an interest in building
BPF offloading capabilities for various use cases such as eXpress
Resubmission Path (XRP), but they simply can't fund such a project
without certain components of BPF being standardized. Hence, the
effort to standardize BPF was born.
https://lwn.net/Articles/997002/
Security updates for Tuesday
Security updates have been issued by AlmaLinux (firefox, openexr, and thunderbird), Fedora (llama-cpp and python-quart), Oracle (firefox, openexr, thunderbird, and xorg-x11-server and xorg-x11-server-Xwayland), SUSE (chromium, govulncheck-vulndb, openssl-1_1, python311, and python312), and Ubuntu (linux-azure, linux-bluefield, linux-azure, linux-gcp, linux-ibm, openjpeg2, and ruby3.0, ruby3.2, ruby3.3).
https://lwn.net/Articles/997030/
[$] The OpenWrt One system
https://openwrt.org/
is, despite its relatively low
profile, one of our community's most important distributions; it runs
untold numbers of network routers and has served as the base on which a lot
of network-oriented development (including the <a href="https://www.bufferbloat.net/projects/" rel="nofollow">bufferbloat-reduction
work</a>) has been done. At the beginning of 2024, a few members of the
project https://lwn.net/ml/all/a8aaa495-da0b-4ddc-8c4f-3e1192d8b012@phrozen.org
a plan to design and produce a router device specifically designed to run
OpenWrt. This device, dubbed the "OpenWrt One", is now becoming available;
the kind folks at the <a href="https://sfconservancy.org/" rel="nofollow">Software Freedom
Conservancy</a> were kind enough to ship one to LWN, where the desire to
play with a new toy is never lacking.
https://lwn.net/Articles/994961/
Kernel prepatch 6.12-rc6
The https://lwn.net/Articles/996829/
kernel prepatch is out for
testing. Linus says: "Another week, another rc. Nothing odd or special
seems to be going on - this may be a bit on the bigger side for an rc6, but
not hugely so, and nothing stands out."
https://lwn.net/Articles/996828/
[$] The Overture open-mapping project
https://openstreetmap.org/
tends to dominate
the space for open mapping data, but it is not the only project working in
this area. At the 2024 <a href="https://events.linuxfoundation.org/open-source-summit-japan/" rel="nofollow">Open
Source Summit Japan</a>, Marc Prioleau presented the https://overturemaps.org/
, which is
building and distributing a set of worldwide maps under open licenses.
Overture may have a similar goal to OpenStreetMap, but its approach and
intended uses are significantly different.
https://lwn.net/Articles/995992/
Security updates for Thursday
Security updates have been issued by Debian (firefox-esr and openssl), Fedora (firefox, libarchive, micropython, NetworkManager-libreswan, and xorg-x11-server-Xwayland), Red Hat (nano), Slackware (mozilla-firefox, mozilla-thunderbird, tigervnc, and xorg), SUSE (389-ds, Botan, go1.21-openssl, govulncheck-vulndb, java-11-openjdk, lxc, python-Werkzeug, and uwsgi), and Ubuntu (firefox, libarchive, linux-azure-fde, linux-azure-fde-5.15, python-pip, and xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04).
https://lwn.net/Articles/996526/
[$] A new approach to validating test suites
The first program that Martin Pool ever wrote, he said, had bugs; the ones he's writing
now most likely have bugs too. The talk Pool gave at
https://rustconf.com/
this year was about a way to try
to write programs with fewer bugs. He has developed a tool called
<a href="https://mutants.rs/" rel="nofollow">
cargo-mutants</a> that highlights gaps in test coverage by identifying
functions that can be broken without causing any tests to fail.
This can be a valuable complement to other testing techniques,
he explained.
https://lwn.net/Articles/995276/
Security updates for Tuesday
Security updates have been issued by Debian (exim4) and SUSE (chromium, openssl-1_1, and openssl-3).
https://lwn.net/Articles/996196/
Flock: a Flutter fork
A project called Flock has <a href="https://flutterfoundation.dev/blog/posts/we-are-forking-flutter-this-is-why/" rel="nofollow">announced
its existence</a>. Flock is a fork of the Flutter user-interface toolkit
project, motivated by frustration with the resources that Google is putting
into Flutter.
We describe Flock as "Flutter+". In other words, we do not want, or
intend, to fork the Flutter community. Flock will remain constantly
up to date with Flutter. Flock will add important bug fixes, and
popular community features, which the Flutter team either can't, or
won't implement.
(LWN https://lwn.net/Articles/828475/
in 2020).
https://lwn.net/Articles/996147/
[$] The performance of the Rust compiler
Sparrow Li presented virtually at
<a href="https://rustconf.com" rel="nofollow">
RustConf</a> 2024 about the current state of and
future plans for the Rust compiler's performance. The compiler is relatively slow to compile
large programs, although it has been getting better over time. The next big
performance improvement to come will be parallelizing the compiler's parsing,
type-checking, and related operations, but even after that, the project has
several avenues left to explore.
https://lwn.net/Articles/995125/
Kernel prepatch 6.12-rc5
Linus has released https://lwn.net/Articles/995980/
for testing.
rc5 looks perfectly normal, and maybe even on the small side of
normal. The diffstat looks nice and flat too, with the exception of
the removal of the da8xx fbdev driver due to it having been
replaced by the tilcdc driver. And I'm sure we're all thinking the
same thing: "What lovely descriptive driver names we have".
https://lwn.net/Articles/995981/
[$] OSI readies controversial Open AI definition
The https://opensource.org/
(OSI) has been working on defining https://opensource.org/ai
—that is what
constitutes an AI system that can be used, studied, modified, and
shared for any purpose—for almost two
years. Its https://opensource.org/about/board-of-directors
will
be voting on the https://opensource.org/ai/drafts/the-open-source-ai-definition-1-0-rc2
(OSAID) on Sunday,
October 27, with the 1.0 version slated to be published on
October 28. It is never possible to please everyone in
such an endeavor, and it would be folly to make that a goal. However,
a number of prominent figures in the open-source community have voiced
concerns that OSI is setting the bar too low with the OSAID—which
will undo decades of community work to cajole vendors into adhering to
or respecting the original <a href="https://opensource.org/osd" rel="nofollow">Open Source
Definition</a> (OSD).
https://lwn.net/Articles/995159/
[$] realloc() and the oversize importance of zero-size objects
Small objects can lead to large email threads. In this
case, the GNU C Library (glibc) community has been having an extensive
debate over the handling of zero-byte allocations. Specifically, what
should happen when a program calls https://man7.org/linux/man-pages/man3/malloc.3.html
specifying a size of zero? This is, it seems, a topic about which some
people, at least, have strong feelings.
https://lwn.net/Articles/995196/
[$] Toward safe transmutation in Rust
Currently in Rust, there is no efficient and safe way to turn an array of bytes
into a structure that corresponds to the array. Changing that was the topic of
Jack Wrenn's talk this year at
<a href="https://rustconf.com" rel="nofollow">
RustConf</a>:
<a href="https://jack.wrenn.fyi/blog/safety-goggles-for-alchemists/" rel="nofollow">
"Safety Goggles for Alchemists"</a>. The goal is to be able to "transmute" —
Rust's name for this kind of conversion — values into arbitrary user-defined
types in a safer way. Wrenn justified the approach that the project has taken to
accomplish this, and spoke about the future work required to stabilize it.
https://lwn.net/Articles/994334/
[$] Free-software foundations face fundraising problems
In July, at the GNOME https://lwn.net/Articles/983203/
(AGM),
held at <a href="https://foundation.gnome.org/2023/12/20/guadec-2024-in-denver-colorado/" rel="nofollow">GUADEC
2024</a>,
the message from the GNOME Foundation board was that all was well,
financially speaking. Not great, but the foundation was on a
break-even budget and expected to go into its next fiscal year with a
similar budget and headcount. On October 7, however, the board https://foundation.gnome.org/2024/10/07/update-from-the-board-2024-10/
that it had had to make some cuts, including reducing its staff by
two people. This is not, however, strictly a GNOME problem: similar
organizations, such as the Python Software Foundation (PSF), KDE e.V.,
and the Free Software Foundation Europe (FSFE) are seeing declines in
fundraising while also being affected by inflation.
https://lwn.net/Articles/993665/
Security updates for Wednesday
Security updates have been issued by Debian (dmitry, libheif, and python-sql), Fedora (suricata and wireshark), SUSE (cargo-c, libeverest, protobuf, and qemu), and Ubuntu (golang-1.22, libheif, unbound, and webkit2gtk).
https://lwn.net/Articles/995293/
Several Russian developers lose kernel maintainership status
Perhaps one of the more surprising changes in the 6.12-rc4 development
kernel was <a href="https://git.kernel.org/linus/6e90b675cf94" rel="nofollow">the removal
of several entries</a> from the kernel's MAINTAINERS file. The https://lore.kernel.org/all/2024101835-tiptop-blip-09ed@gregkh/
performing the removal was sent (by Greg Kroah-Hartman) only to the
patches@lists.linux.dev mailing list; the change was included in <a href="https://lwn.net/ml/linux-kernel/ZxUH2J0BL3FCV6Hr@kroah.com/" rel="nofollow">a char-misc drivers
pull request</a> with no particular mention.
The explanation for the removal is simply "various compliance
requirements". Given that the developers involved all appear to be of
Russian origin, it is not too hard to imagine what sort of compliance is
involved here. There has, however, been no public posting of the policy
that required the removal of these entries.
https://lwn.net/Articles/995186/
[$] A report from the 2024 Image-Based Linux Summit
The Image-Based Linux Summit has by now established itself as a yearly event.
Following on from https://lwn.net/Articles/946526/
,
the third edition was held in Berlin on September 24, the
day before
<a href="https://all-systems-go.io" rel="nofollow">
All Systems Go! 2024</a> (ASG). The purpose of this event is to gather
stakeholders from various engineering groups and hold friendly but lively
discussions around the topic of image-based Linux — that is, Linux distributions
based around immutable images, instead of mutable root filesystems.
https://lwn.net/Articles/994704/
Introducing AlmaLinux OS Kitten (AlmaLinux Blog)
The https://almalinux.org/
a new edition called "Kitten",
which will serve as "the direct upstream for AlmaLinux OS and is
the primary point for the AlmaLinux community to engage and influence
the future of AlmaLinux OS". Not intended for production use, the
first release is based on CentOS Stream 10 source, which
will eventually be the basis for Red Hat Enterprise Linux (RHEL)
10:
Because we anticipated many changes in 10, we wanted to get a head
start on building AlmaLinux OS 10. Earlier this year we started
setting up infrastructure and the build pipeline for AlmaLinux OS 10,
and started testing using CentOS Stream 10's code. Based on this
preparation work, we are excited to share that we have successfully
built a preview of AlmaLinux OS 10 that we are calling AlmaLinux OS
Kitten 10.
The first Kitten release previews a number of ways that AlmaLinux will
diverge from RHEL 10, including re-enabling frame pointers,
including Simple Protocol for Independent Computing Environments
(SPICE), and adding packages for Firefox and Thunderbird, which have
been dropped from CentOS Stream 10 in favor of Flatpak versions. New
installation images for Kitten will be built quarterly. See the <a href="https://wiki.almalinux.org/release-notes/kitten-10.html" rel="nofollow">release
notes</a> for download links, installation instructions, and more
information.
https://lwn.net/Articles/995140/
OpenSSL 3.4.0 released
Version 3.4.0 of the OpenSSL SSL/TLS library has been released. It adds a
number of new encryption algorithms, support for "directly fetched
composite signature algorithms such as RSA-SHA2-256", and more. See <a href="https://openssl-library.org/news/openssl-3.4-notes/index.html" rel="nofollow">the
release notes</a> for details.
https://lwn.net/Articles/995098/
Security updates for Tuesday
Security updates have been issued by Debian (ffmpeg, ghostscript, libsepol, openjdk-11, openjdk-17, perl, and python-sql), Oracle (389-ds-base, buildah, containernetworking-plugins, edk2, httpd, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-21-openjdk, kernel, python-setuptools, skopeo, and webkit2gtk3), Red Hat (buildah), Slackware (openssl), SUSE (apache2, firefox, libopenssl-3-devel, podman, and python310-starlette), and Ubuntu (cups-browsed, firefox, libgsf, and linux-gke).
https://lwn.net/Articles/995095/
A new kernel testing tree
Sasha Levin has https://lwn.net/ml/all/ZxZ8MStt4e8JXeJb@sashalap
a
new tree that is intended to perform continuous-integration tests of pull
requests aimed at the mainline. The plan is for this tree to hold more
finished work than sometimes ends up in linux-next; in a name that seems
destined to create typographical confusion, it is called "linus-next".
The linus-next tree aims to provide a more stable and testable
integration point compared to linux-next, addressing the runtime
issues that make testing linux-next challenging and focusing on
code that's about to be pulled by Linus.
https://lwn.net/Articles/994983/
Kernel prepatch 6.12-rc4
Linus has released https://lwn.net/Articles/994842/
for testing.
"I'm not happy with how big this is - it's probably far from the biggest
rc4 ever, but it _is_ the biggest rc4 we've had in the 6.x series at least
in number of commits."
https://lwn.net/Articles/994843/
[$] The long road to lazy preemption
The kernel's CPU scheduler currently offers several preemption modes that
implement a range of tradeoffs between system throughput and response time.
Back in September 2023, a <a href="https://lwn.net/Articles/944686/" rel="nofollow">discussion
on scheduling</a> led to the concept of "lazy preemption", which could
simplify scheduling in the kernel while providing better results. Things
went quiet for a while, but lazy preemption has returned in the form of https://lwn.net/ml/all/20241007074609.447006177@infradead.org
from Peter Zijlstra. While the concept appears to work well, there is
still a fair amount of work to be done.
https://lwn.net/Articles/994322/
Security updates for Friday
Security updates have been issued by AlmaLinux (java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-21-openjdk, and webkit2gtk3), Debian (apache2), Red Hat (expat), SUSE (cups-filters, jetty-minimal, OpenIPMI, and python-starlette), and Ubuntu (linux-azure, linux-azure, linux-azure-5.15, linux-azure, linux-azure-5.4, and oath-toolkit).
https://lwn.net/Articles/994703/
Rust 1.82.0 released
<a href="https://blog.rust-lang.org/2024/10/17/Rust-1.82.0.html" rel="nofollow">Version
1.82.0</a> of the Rust language has been released. There are a lot of new
features this time, including a cargo info command, tier-1 support
for 64-bit Apple Arm systems, a new native syntax (&raw) to create
raw pointers, changes to unsafe extern, unsafe attributes,
standardized rules around the handling of floating-point not-a-number
values, and more.
https://lwn.net/Articles/994654/
[$] A look at the aerc mail client
Email has become somewhat unfashionable as a collaboration tool for
open-source projects, but there are still a number of projects—such as
PostgreSQL and the Linux kernel—that expect contributors to send and
review patches via email. The https://aerc-mail.org/
mail client is aimed at developers looking for a text-based, efficient, and
extensible client that is meant to be used for working with Git and
email. It uses Vim-style keybindings by default, and has an interface
inspired by https://github.com/tmux/tmux/wiki
that
lets users manage multiple accounts, mails, and embedded terminals at once.
https://lwn.net/Articles/993498/
[$] Using LKMM atomics in Rust
Rust, like C, has its own memory model describing how concurrent access to the
same data by multiple threads can behave.
The Linux kernel, however, has its own
ideas. The
<a href="https://lwn.net/Articles/718628/" rel="nofollow">
Linux kernel memory model</a> (LKMM) is subtly different from both the
standard C memory model and Rust's model.
At Kangrejos, Boqun Feng gave a presentation about the
need to reconcile the memory models used by Rust and the kernel,
including a few potential avenues for doing so. While
no consensus was reached, it is an area of active discussion.
https://lwn.net/Articles/993785/
Oddbean new post about login | logout
Notes by LWN.net (RSS Feed) | export