LWN.net

Over the holiday week, we missed the announcement of Ruby 2.7 on December 25. It is the most recent release of the Ruby programming language and was more than a year in development. There are quite a few new features including experimental pattern matching for case statements (more information can be found in these slides), a new compaction garbage collector for the heap, support for separating positional and keyword arguments, and plenty more.

Security updates have been issued by Red Hat (chromium-browser and rh-git218-git) and SUSE (java-1_8_0-ibm and openssl-1_1).

The LWN.net Weekly Edition for January 2, 2020 is available.

Python prides itself on being a newbie-friendly language; its developershave gone out of their way to try to ensure that easy tasks arestraightforward to program. A recent discussion on the python-ideasmailing list looked at a use case that is common, but often implemented in aninefficient, incorrect fashion, with an eye toward making it easier to docorrectly. Finding the first match for a regular expression in a body oftext is where the conversation started, but it went in some otherinteresting directions as well.

January 1, 2020 marks the beginning of a new year and a new decade. Manythings will doubtless change over the course of this year in thefree-software community and beyond, while others will remain the same. One thing that will certainlyhold true is LWN's tradition of starting the new year with some ill-advisedpredictions about what may be in store. Your editor has no special vision,but neither does he fear being proved badly wrong in a public setting —it's all in a day's work.

Security updates have been issued by Debian (igraph, jhead, libgcrypt20, otrs2, and waitress) and Mageia (clamaw, exiv2, filezilla, hunspell, libidn2, pdfresurrect, roundcubemail, and xpdf).

A proposal to periodically run the fstrimcommand on Fedora 32 systems was discussed recently on the Fedoradevel mailing list.fstrim is used to cause a filesystem to inform the underlyingstorage of unused blocks, which can help SSDs and other types of blockdevices perform better.There were a number of questions and concerns raised,including whether to change the behavior of earlier versions of thedistribution when they get upgraded and if the kernel should be responsiblefor handling the whole problem.

Stable kernels 5.4.7, 4.19.92, and 4.14.161 have been released. They all containimportant fixes and users should upgrade.

Security updates have been issued by Debian (intel-microcode and libbsd), openSUSE (chromium, LibreOffice, and spectre-meltdown-checker), and SUSE (mozilla-nspr, mozilla-nss and python-azure-agent).

Security updates have been issued by Debian (debian-lan-config, freeimage, imagemagick, libxml2, mediawiki, openssl1.0, php5, and tomcat8).

The results from the Debian general resolutionvote on init systems are in; the project's developers chose the option titled "Systemd but wesupport exploring alternatives". It makes systemd into the preferredinit system, and allows packages to use systemd-specific features;packagers are not required to support other init systems, but support forother systems is encouraged where it is practical.

The 5.5-rc4 kernel prepatch is out fortesting. "To absolutely nobody's surprise, last week was very quietindeed. It's hardly even worth making an rc release, but there are _some_fixes in here, so here's the usual weekly Sunday afternoon rc."

Matthew Garrett worksout how to avoid being recorded by "Ring" door cameras in his apartmentbuilding. "The most interesting one here is the deauthenticationframe that access points can use to tell clients that they're no longerwelcome. These can be sent for a variety of reasons, including resourceexhaustion or authentication failure. And, by default, they're entirelyunprotected. Anyone can inject such a frame into your network and causeclients to believe they're no longer authorised to use the network, atwhich point they'll have to go through a new authentication cycle - andwhile they're doing that, they're not able to send any otherpackets."

Security updates have been issued by SUSE (dia, kernel, and libgcrypt).

One of the first uses of the BPF virtualmachine outside of networking was to implement access-control policiesfor the seccomp()system call. Since then, though, the role of BPF in the security area hasnot changed much in the mainline kernel, even though BPF has evolvedconsiderably from the "classic" variant still used with seccomp()to the "extended" BPF now supported by the kernel. That has not been for alack of trying, though. The out-of-tree Landlock security module was covered here over three years ago. We also looked at the kernel runtime securityinstrumentation (KRSI) patch set in September. KP Singh has posted a newKRSI series, so the time seems right for a closer look.

Andrew 'bunnie' Huang has posted a detailed article onwhy creating trustable hardware is so difficult and describing a projecthe's working on to do it anyway. "While open hardware has the opportunity toempower users to innovate and embody a more correct and transparent designintent than closed hardware, at the end of the day any hardware ofsufficient complexity is not practical to verify, whether open orclosed. Even if we published the complete mask set for a modernbillion-transistor CPU, this 'source code' is meaningless without apractical method to verify an equivalence between the mask set and the chipin your possession down to a near-atomic level without simultaneouslydestroying the CPU."

Security updates have been issued by CentOS (firefox, fribidi, nss, nss-softokn, nss-util, openslp, and thunderbird), Debian (opensc), and Mageia (389-ds-base, apache, apache-mod_auth_openidc, kernel, libofx, microcode, php, and ruby).

Security updates have been issued by CentOS (freetype, kernel, nss, nss-softokn, nss-util, and thunderbird), Mageia (ghostpcl, libmirage, and spamassassin), Oracle (fribidi), and SUSE (mariadb-100, shibboleth-sp, and slurm).

Security updates have been issued by Debian (cups, cyrus-sasl2, tightvnc, and x2goclient), Fedora (cacti and cacti-spine), openSUSE (mariadb and samba), Oracle (fribidi, git, and python), Red Hat (fribidi, libyang, and qemu-kvm-rhev), Slackware (openssl and tigervnc), and SUSE (firefox, nspr, nss and kernel).

The third 5.5 kernel prepatch is out; itwas a bit bigger than Linus would have liked."Anyway, I'm hoping rc3 is a one-off. In fact, with the holiday seasoncoming up, I'd be very surprised indeed if it wasn't. So I suspectthings will calm down a lot over the next couple of weeks, but pleasedo use the down-time to do some extra testing instead, ok?"

The5.4.6,4.19.91,4.14.160,4.9.207, and4.4.207stable kernel updates have all been released; each contains another set ofimportant fixes.

The Linux control-group mechanism was designed to make it easy to assignprocesses to groups or move them around; it is a simple matter of writing aprocess ID to the appropriate cgroup.procs file in thecontrol-group filesystem hierarchy. That only works for processes thatactually exist, though. Adding the ability to place a new process into acontrol group at birth is the subject of thispatch set from Christian Brauner.

Michał Górny describesan effort to create something one might have never expected to see: abinary kernel package for the Gentoo distribution. "I have manuallyconfigured the kernels for my private systems long time ago. Today, Iwouldn’t really have bothered. In fact, I realized that for some time I’mreally hesitant to even upgrade them because of the effort needed to updateconfiguration. The worst part is, whenever a new kernel does not boot, Ihave to ask myself: is it a real bug, or is it my fault for configuring itwrong?"

Security updates have been issued by Debian (cyrus-imapd and gdk-pixbuf), Fedora (cacti, cacti-spine, and fribidi), Red Hat (fribidi, git, and openstack-keystone), Scientific Linux (fribidi), Slackware (wavpack), and SUSE (firefox, kernel, mariadb, spectre-meltdown-checker, and trousers).

Version3.11 of the lightweight Alpine Linux distribution is available.Changes include the 5.4 kernel, Raspberry Pi 4 support, GNOME and KDEsupport, and the deprecation of Python 2.

The Cloud Native Computing Foundation (CNCF) is part of the Linux Foundation that is focused on Kubernetes and other cloud technologies. It has announced that The Update Framework (TUF) has graduated to a full member project. "TUF, an open-source technology that secures software update systems, is the first specification and first security-focused project to graduate. Justin Cappos, associate professor of computer science and engineering at NYU Tandon School of Engineering, initially developed the project in 2009. Cappos is also the first academic researcher to lead a graduated project and TUF is the first project born out of a university to graduate.

Security updates have been issued by Arch Linux (git, libgit2, and shadow), Debian (debian-edu-config and python-django), Fedora (python-django), Mageia (apache-commons-beanutils, fence-agents, flightcrew, freerdp, htmldoc, libssh, pacemaker, rsyslog, samba, and sssd), Oracle (freetype and kernel), Scientific Linux (freetype and kernel), SUSE (firefox, spectre-meltdown-checker, thunderbird, xen, and zziplib), and Ubuntu (python-django).

The LWN.net Weekly Edition for December 19, 2019 is available.

2019 is coming to a close. It has been anotherbusy year with a lot going on in the Linux and free-software communities.Here at LWN, we have a longstanding tradition of looking back at the predictions made in January to see justhow badly we did; it's not good to go against tradition no matter howembarrassing the results might be, so we might as well get right into it.

Once upon a time, Linux was installed from a stack of floppydisks—thankfully cassette tape "drives" were long in the past at thatpoint—but floppies were superseded by optical media, first CDs and thenDVDs. These days, those options are starting to fade away in most newcomputer systems; just as it is now rather hard to find a floppy-based Linuxinstaller, not to mention the media and drives themselves, someday opticalmedia installation will disappear as well. For Fedora, that day has not trulyarrived, though a somewhat confusingly presented proposal on the Fedoradevel mailing list is, to a limited extent, a step in that direction.

Stable kernels 5.4.4, 5.3.17, 4.19.90, and 4.14.159 have been released. They all containimportant fixes and users should upgrade.Update: Stable kernels 5.4.5 and 5.3.18 have also been released. This is thelast 5.3.y kernel release and users should move to 5.4.y.

Security updates have been issued by Debian (debian-edu-config, harfbuzz, libvorbis, and python-ecdsa), Fedora (chromium, fribidi, libssh, and openslp), openSUSE (chromium), Oracle (grub2), Red Hat (rh-maven35-apache-commons-beanutils), SUSE (kernel, libssh, mariadb, samba, and xen), and Ubuntu (openjdk-8, openjdk-lts).

Programming languages generally have limits—explicit or implicit—on variousaspects of their operation. Things like the maximum length of anidentifier or the range of values that a variable can store are fairlyobvious examples, but there are others, many of which are unspecifiedby the language designers and come about from various implementations ofthe language. That ambiguity has consequences, so nailing down a widevariety of limits in Python is the target of an ongoing discussion on thepython-dev mailing list.

SpamAssassin 3.4.3 has been released. It includes a new plugin for findingmacros in Office documents, a couple of security fixes, and various otherimprovements. The project is also letting it be known that, due to thedropping of support for rulesets with SHA-1 signatures, versions ofSpamAssassin prior to 3.4.2 will no longer be able to download rule updatesas of the beginning of March.

Security updates have been issued by Debian (libssh, ruby2.3, and ruby2.5), Fedora (kernel and libgit2), openSUSE (chromium and libssh), Oracle (openslp), Red Hat (container-tools:1.0, container-tools:rhel8, freetype, kernel, and kpatch-patch), Scientific Linux (openslp), SUSE (git and LibreOffice), and Ubuntu (graphicsmagick).

XFS filesystem maintainer Darrick Wong summarizesthe significant XFS developments from the last year. "The year2038 poses a special problem for Linux -- any signed 32-bit seconds counterwill overflow back to 1901. Work is underway in the kernel to extend all ofthose counters to support 64-bit counters fully. In 2020, we will beginwork on extending XFS's metadata (primarily inode timestamps and quotaexpiration timer) to support timestamps out to the year 2486. It should bepossible to upgrade to existing V5 filesystems."

Stable kernels 5.4.3, 5.3.16, and 4.19.89 have been released. They all containimportant fixes throughout the tree and users should upgrade.

Security updates have been issued by Debian (davical, intel-microcode, libpgf, php-horde, spamassassin, spip, and thunderbird), Mageia (clementine, dnsmasq, git, jasper, kdelibs4, kernel, libcroco, libgit2, libvirt, ncurses, openafs, proftpd, qbittorrent, signing-party, squid, and wireshark), openSUSE (java-1_8_0-openjdk and postgresql), Oracle (kernel), Red Hat (chromium-browser and openslp), and SUSE (kernel, libssh, and xen).

The second 5.5 kernel prepatch is out."Things look normal - rc2 is usually fairly calm, and so it was thisweek too."

ZDNet reportson a police raid at the NGINX office. "Moscow police executed the raid after last week the Rambler Group filed a copyright violation against NGINX Inc., claiming full ownership of the NGINX web server code. The Rambler Group is the parent company of rambler.ru, one of Russia's biggest search engines and internet portals.According to copies of the search warrant posted on Twitter today, Ramblerclaims that Igor Sysoev developed NGINX while he was working as a systemadministrator for the company, hence they are the rightful owner of theproject."

The saga of get_user_pages() — and the problems it causes withinthe kernel — has been extensively chronicled here; see the LWN kernelindex for the full series. In short, get_user_pages() is usedto pin user-space pages in memory for some sort of manipulation outside ofthe owning process(es); that manipulation can sometimes surprise otherparts of the kernel that think they have exclusive rights to the pages inquestion. Thispatch series from John Hubbard does not solve all of the problems, butit does create some infrastructure that may make a solution easier to comeby.

Security updates have been issued by Fedora (knot-resolver and xen), openSUSE (kernel), and SUSE (haproxy, kernel, and openssl).

Linux offers two modes for file I/O: buffered and direct. Buffered I/Opasses through the kernel's page cache; it is relatively easy to use andcan yield significant performance benefits for data that is accessedmultiple times. Direct I/O, instead, goes straight between a user-spacebuffer and the storage device. It can be much faster for situations wherecaching by the operating system isn't necessary, but it is complex to useand contains traps for the unwary. Now, it seems, Jens Axboe has come upwith away to get many of the benefits of direct I/O with a lot less bother.

Security updates have been issued by CentOS (firefox and nss-softokn), Fedora (samba), Oracle (nss, nss-softokn, nss-util, nss-softokn, and thunderbird), Scientific Linux (thunderbird), SUSE (firefox), and Ubuntu (librabbitmq and samba).

The LWN.net Weekly Edition for December 12, 2019 is available.

An effort to protect package downloads from the PythonPackage Index (PyPI) has resulted in a Python Enhancement Proposal(PEP) and, perhaps belatedly, some discussion in the wider community. Thebasic idea is to use TheUpdate Framework (TUF) to protect PyPI users from some maliciousactors who are aiming to interfere with the installation and update ofPython modules. But the name of the PEP and its wording, coupled with some recent typosquatting problems on PyPI, causedsome confusion along the way. There are some competing interests anddifferent cultures coming together over this PEP; the process has not run assmoothly as anyone might want, though that seems to be resolving itself atthis point.

Security updates have been issued by Arch Linux (crypto++ and thunderbird), Debian (cacti, freeimage, git, and jackson-databind), Fedora (nss), openSUSE (clamav, dnsmasq, munge, opencv, permissions, and shadowsocks-libev), Red Hat (nss, nss-softokn, nss-util, rh-maven35-jackson-databind, and thunderbird), Scientific Linux (nss, nss-softokn, nss-util, nss-softokn, and thunderbird), SUSE (caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, crowbar-ui, etcd, flannel, galera-3, mariadb, mariadb-connector-c, openstack-dashboard-theme-SUSE, openstack-heat-templates, openstack-neutron, openstack-nova, openstack-quickstart, patterns-cloud, python-oslo.messaging, python-oslo.utils, python-pysaml2, libssh, and strongswan), and Ubuntu (git, libpcap, libssh, and thunderbird).

The Electronic Frontier Foundation has posted a detailedstudy on third-party corporate surveillance on the Internet (andbeyond). "Both Google and Apple encourage developers to use ad IDsfor behavioral profiling in lieu of other identifiers like IMEI or phonenumber. Ostensibly, this gives users more control over how they aretracked, since users can reset their identifiers by hand if theychoose. However, in practice, even if a user goes to the trouble to resettheir ad ID, it’s very easy for trackers to identify them across resets byusing other identifiers, like IP address or in-app storage. Android’sdeveloper policy instructs trackers not to engage in such behavior, but theplatform has no technical safeguards to stop it. In February 2019, a studyfound that over 18,000 apps on the Play store were violating Google’spolicy."

A new mechanism to help thwart return-orientedprogramming (ROP) and similar attacks has recently been added to theOpenBSD kernel. It will block system calls that are not made via the Clibrary (libc) system-call wrappers. Instead of being able to stringtogether some "gadgets" that make a system call directly, an attacker wouldneed to be able to call the wrapper, which is normally at a randomized location.

The Kubernetes scheduler is being overhauled with a series of improvementsthat will introduce a new framework and enhanced capabilities that couldhelp cluster administrators to optimize performance andutilization. Abdullah Gharaibeh, co-chair of the Kubernetes schedulingspecial interest group (SIGScheduling), detailed what has been happening with thescheduler in recent releases and what's on the roadmapin a session at KubeCon + CloudNativeCon North America 2019.