LWN.net

The Linux Journal mournsthe passing of Robin Miller, a longtime presence in our community."Miller was perhaps best known by the community for his role asEditor in Chief of Open Source Technology Group, the company that ownedSlashdot, SourceForge.net, freshmeat, Linux.com, NewsForge, and ThinkGeekfrom 2000 to 2008."

Linux Journal reportsthat Robin "Roblimo" Miller has passed away. "Miller was perhaps best known by the community for his roll as Editor in Chief of Open Source Technology Group, the company that owned Slashdot, SourceForge.net, freshmeat, Linux.com, NewsForge, and ThinkGeek from 2000 to 2008."

During KubeCon+ CloudNativeCon Europe 2018, Justin Cormack and Nassim Eddequiouaq presenteda proposal to simplify the setting of security parameters for containerizedapplications. Containers depend on a large set of intricate security primitives that canhave weird interactions. Because they are so hard to use, people often justturn the whole thing off. The goal of the proposal is to make thosecontrols easier to understand and use; it is partly inspired by mobile appson iOS and Android platforms, an idea that trickled back into Microsoft andApple desktops. The time seems ripe to improve the field ofcontainer security, which is in desperate need of simpler controls.

Security updates have been issued by Debian (imagemagick), Fedora (curl, glibc, kernel, and thunderbird-enigmail), openSUSE (enigmail, knot, and python), Oracle (procps-ng), Red Hat (librelp, procps-ng, redhat-virtualization-host, rhev-hypervisor7, and unboundid-ldapsdk), Scientific Linux (procps-ng), SUSE (bash, ceph, icu, kvm, and qemu), and Ubuntu (procps and spice, spice-protocol).

The LWN.net Weekly Edition for May 24, 2018 is available.

The bcachefs filesystem has been underdevelopment for a number of years now; according to lead developer KentOverstreet, it is time to start talking about getting the code upstream.He came to the 2018 Linux Storage, Filesystem, and Memory-Management Summit(LSFMM) to discuss that in a combined filesystem and storagesession. Bcachefs grew out of bcache, which is a block layercache that was merged into Linux 3.10 in mid-2013.

If pressed, I will admit to thinking that, if NIS was good enough for Charles Babbage, it'sgood enough for me. I am therefore not a huge fan of LDAP; I feel I can detect in it the heavy hand of the ITU,which seems to wish to apply X.500 toeverything. Nevertheless, for secure, distributed, multi-platform identitymanagement it's quite hard to beat. If you decide to run an LDAP serveron Unix, one of the major free implementations is slapd, the coreengine of the OpenLDAP project.Howard Chu is the chief architect of the project,and spoke at FLOSS 2018 about the upcoming 2.5 release. Any rumorsthat he might have passed the time while the room filled up by givinga short but nicely rendered fiddle recital are completely true.

The Python release cycle has an 18-month cadence; a new major release (e.g.Python 3.7) ismade roughly on that schedule. But Łukasz Langa, who is the releasemanager for Python 3.8 and 3.9, would like to see things movemore quickly—perhaps on a yearly cadence. In the first session after lunchat the 2018 Python Language Summit, Langa wanted to discuss that idea.

Security updates have been issued by CentOS (java-1.7.0-openjdk, java-1.8.0-openjdk, kernel, libvirt, and qemu-kvm), Debian (procps), Fedora (curl, mariadb, and procps-ng), Gentoo (samba, shadow, and virtualbox), openSUSE (opencv, openjpeg2, pdns, qemu, and wget), Oracle (java-1.8.0-openjdk and kernel), Red Hat (java-1.7.0-openjdk, java-1.8.0-openjdk, kernel, kernel-rt, libvirt, qemu-kvm, qemu-kvm-rhev, redhat-virtualization-host, and vdsm), Scientific Linux (java-1.7.0-openjdk, java-1.8.0-openjdk, kernel, libvirt, and qemu-kvm), Slackware (kernel, mozilla, and procps), SUSE (ghostscript-library, kernel, mariadb, python, qemu, and wget), and Ubuntu (linux-raspi2 and linux-raspi2, linux-snapdragon).

Case-insensitive file name lookups are a feature that is fairly frequentlyraised at the Linux Storage, Filesystem, and Memory-Management Summit (LSFMM). At the 2018summit, Gabriel Krisman Bertazi proposed a new way to supportthe feature, though it met with a rather skeptical reception—with onenotable exception. Ted Ts'o seemed favorably disposed to the idea, in partbecause it would potentially be a way to get rid of some longstanding Android ugliness:wrapfs.

Kata Containers 1.0 has been released. "This first release of Kata Containers completes the merger of Intel’s Clear Containers and Hyper’s runV technologies, and delivers an OCI compatible runtime with seamless integration for container ecosystem technologies like Docker and Kubernetes."

Stable kernels 4.16.11, 4.14.43, and 4.9.102 have been released. They all containimportant fixes and users should update.

In a filesystem-track session at the 2018 Linux Storage, Filesystem, andMemory-Management Summit (LSFMM), Ronnie Sahlberg talked about some changeshe has made to add support for compounding to the SMB/CIFSimplementation in Linux. Compounding is a way to combine multipleoperations into a single request that can help reduce network round-trips.

Security updates have been issued by Debian (gitlab and packagekit), Fedora (glibc, postgresql, and webkitgtk4), Oracle (java-1.7.0-openjdk, java-1.8.0-openjdk, kernel, libvirt, and qemu-kvm), Red Hat (java-1.7.0-openjdk, kernel-rt, qemu-kvm, and qemu-kvm-rhev), SUSE (openjpeg2, qemu, and squid3), and Ubuntu (kernel, linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux, linux-aws, linux-kvm,, linux-hwe, linux-azure, linux-gcp, linux-oem, linux-lts-trusty, linux-lts-xenial, linux-aws, qemu, and xdg-utils).

In a 2018 Python Language Summit talk that was initially billed as"Mariatta's Topic of Mystery", Mariatta Wijaya described her reasoning for advocating moving Python awayfrom its current bug tracker toGitHub Issues. She wanted to surprise her co-attendees with the talktopic at least partly because it is somewhat controversial. But it wouldcomplete Python's journey to GitHub that started a ways back.

It is the season for web sites to be updating their privacy policies andobtaining consent from their users for whatever data they collect. LWN,being short of staff with the time or interest to work in this area, israther late to this game. The first step is an updatedprivacy policy, which we're now putting out for review. Little has changedfrom the current version; we still don'tcollect much data, share data with others, or attempt to monetize what we have in any way. We would like to ask interested readersto have a look and let us know about any potential problems they see.

Intel has, finally, disclosedtwo more Spectre variants, called 3a and 4. The first ("rogue systemregister read") allows system-configuration registers to be readspeculatively, while the second ("speculative store bypass") could enablespeculative reads to data after a store operation has been speculativelyignored. Some more information on variant 4 can be found in theProject Zero bug tracker. The fix is to install microcode updates,which are not yet available.

At the 2018 Linux Storage, Filesystem, andMemory-Management Summit (LSFMM), Steve French led a discussion of variousproblem areas for network filesystems. Unlike previous sessions (in 2016 and 2017), there was some good news to reportbecause the long-awaited statx()system call was released in Linux 4.11. But thereis still plenty of work to be done to better support network filesystems inLinux.

Parrot 4.0 has been released. Parrotis a security-oriented distribution aimed at penetration tests and digitalforensics analysis, with additional tools to preserve privacy. "OnParrot 4.0 we decided to provide netinstall images too as we would likepeople to use Parrot not only as a pentest distribution, but also as aframework to build their very own working environment with ease."Docker templates are also available.

Security updates have been issued by Arch Linux (lib32-curl, lib32-libcurl-compat, lib32-libcurl-gnutls, libcurl-compat, and libcurl-gnutls), CentOS (firefox), Debian (imagemagick), Fedora (exiv2, LibRaw, and love), Gentoo (chromium), Mageia (kernel, librelp, and miniupnpc), openSUSE (curl, enigmail, ghostscript, libvorbis, lilypond, and thunderbird), Red Hat (Red Hat OpenStack Platform director), and Ubuntu (firefox).

The 4.17-rc6 kernel prepatch is out."So nothing special to report. Go read the shortlog, pull thechanges, build, and test. It should all be good and pretty stable by thispoint."

The4.16.10,4.14.42, and4.9.101stable kernel updates are available; each contains another set of importantfixes.

The Software Freedom Conservancy has put out ablog posting on the history and current status of Tesla's GPLcompliance issues. "We're thus glad that, this week, Tesla has actedpublicly regarding its current GPL violations and has announced thatthey've taken their first steps toward compliance. While Tesla acknowledgesthat they still have more work to do, their recent actions show progresstoward compliance and a commitment to getting all the way there."

At the 2018 Linux Storage, Filesystem, and Memory-Management Summit, AndiryXu presented the NOVA filesystem, which heis trying to get into the upstream kernel. Unlike existing kernelfilesystems, NOVA exclusively targets non-volatile main memory (NVMM)rather than traditional block devices (disks or SSDs). In fact, it does not use thekernel's block layer at all and instead uses persistent memory mappeddirectly into the kernel address space.

Brandon Williams writesabout the new Git remote protocol that will debut in the 2.18 release."We recently rolled out support for protocol version 2 at Google andhave seen a performance improvement of 3x for no-op fetches of a singlebranch on repositories containing 500k references. Protocol v2 has alsoenabled a reduction of 8x of the overhead bytes (non-packfile) sent fromgooglesource.com servers. A majority of this improvement is due tofiltering references advertised by the server to the refs the client hasexpressed interest in."

Version 8.1 of the Vimeditor is available. "The main new feature of Vim 8.1 is supportfor running a terminal in a Vim window. This builds on top of theasynchronous features added in Vim 8.0."

In April, LWN looked at the new API forzero-copy reception of TCP data that had been merged into the net-next treefor the 4.18 development cycle. After that article was written, a coupleof issues came to the fore that required some changes to the API for thisfeature. Those changes have been made and merged; read on for the details.

Security updates have been issued by Arch Linux (curl and zathura-pdf-mupdf), Debian (libmad and vlc), openSUSE (enigmail), Red Hat (collectd, Red Hat OpenStack Platform director, and sensu), and SUSE (firefox, ghostscript, and mysql).

Robert Haas writesabout the sharding capabilities that PostgreSQL will someday have."The capabilities already added are independently useful, but Ibelieve that some time in the next few years we're going to reach a tippingpoint. Indeed, I think in a certain sense we already have. Just a few yearsago, there was serious debate about whether PostgreSQL would ever havebuilt-in sharding. Today, the question is about exactly which features arestill needed."

"Security is hard" is a tautology, especially in the fast-moving worldof container orchestration. We have previously covered various aspects ofLinux containersecurity through, for example, the Clear Containers implementationor the broader question of Kubernetes andsecurity, but those are mostly concerned with container isolation; they do not address thequestion of trusting a container's contents. What is a container running?Who built it and when? Even assuming we have good programmers and solidisolation layers, propagating that good code around a Kubernetes clusterand making strong assertions on the integrity of that supply chain is farfrom trivial. The 2018 KubeCon+ CloudNativeCon Europe event featured some projects that couldeventually solve that problem.

Security updates have been issued by Arch Linux (runc), Debian (curl), Fedora (xdg-utils), Mageia (firefox), openSUSE (libreoffice, librsvg, and php5), Slackware (curl and php), SUSE (curl, firefox, kernel, kvm, libapr1, libvorbis, and memcached), and Ubuntu (curl, dpdk, php5, and qemu).

The LWN.net Weekly Edition for May 17, 2018 is available.

In a rather short session at the 2018 Python Language Summit, LarryHastings updated attendees on the status of his Gilectomy project. The aim of that effort isto remove the global interpreter lock (GIL) from CPython. Since his status report at last year's summit, littlehas happened, which is part of why the session was so short. He hasn'tgiven up on the overall idea, but it needs a new approach.

Stable kernels 4.16.9, 4.14.41, 4.9.100, 4.4.132, and 3.18.109 have been released. As usual, theyall contain important fixes and users should upgrade.

In a filesystem track session at the 2018 Linux Storage, Filesystem, andMemory-Management Summit (LSFMM), Darrick Wong talked about the onlinescrubbing and repair features he has been working on. His target has mostly beenXFS, but he has concurrently been working on scrubbing for ext4.Part of what he wanted to discuss was the possibility of standardizing someof these interfaces across different filesystem types.

At KubeCon+ CloudNativeCon Europe 2018, several talks explored the topic ofcontainer isolation and security. The last year saw the release of Kata Containers which, combined withthe CRI-O project, provided strong isolationguarantees for containers using a hypervisor. During the conference, Googlereleased its own hypervisor called gVisor, adding yet anotherpossible solution for this problem. Those new developments prompted thecommunity to work on integrating the concept of "secure containers"(or "sandboxed containers") deeperinto Kubernetes. This work is now coming to fruition; it prompts us to lookagain at how Kubernetes tries to keep the bad guys from wreaking havoc oncethey break into a container.

Security updates have been issued by CentOS (dhcp), Debian (xen), Fedora (dhcp, flac, kubernetes, leptonica, libgxps, LibRaw, matrix-synapse, mingw-LibRaw, mysql-mmm, patch, seamonkey, webkitgtk4, and xen), Mageia (389-ds-base, exempi, golang, graphite2, libpam4j, libraw, libsndfile, libtiff, perl, quassel, spring-ldap, util-linux, and wget), Oracle (dhcp and kernel), Red Hat (389-ds-base, chromium-browser, dhcp, docker-latest, firefox, kernel-alt, libvirt, qemu-kvm, redhat-virtualization-host, rh-haproxy18-haproxy, and rhvm-appliance), Scientific Linux (389-ds-base, dhcp, firefox, libvirt, and qemu-kvm), and Ubuntu (poppler).

At the 2018 Python Language Summit, Carl Shapiro described some ofthe experiments that he and others at Instagram did to look at ways toimprove the performance of the CPython interpreter.The talk was somewhat academic in tone and built on what has been learnedin other dynamic languages over the years. By modifying the Python objectmodel fairly substantially, they were able to roughly double the performanceof the "classic" Richards benchmark.

In a combined filesystem and storage session at the 2018 Linux Storage,Filesystem, and Memory-Management Summit (LSFMM), Tim Walker asked for helpin designing the interface to some new storage hardware. He wanted somefeedback on how a multi-actuatordrive should present itself to the system. These drives have two (or, eventually, more) sets of read/write heads andother hardware that can all operate in parallel.

Eric Snow kicked off the 2018 edition ofthe Python Language Summit with a look at getting a better story formulticore Python by way of subinterpreters. Back in 2015, we looked at his efforts at that point; thingshave been progressing since. There is more to do, of course, so he ishoping to attract more developers to work on the project.This is the start of the Python Language Summit coverage for this year; articles are being collected on a dedicated summit page as they are finished.

Here's aposting from Canonical concerning the cryptocurrency-mining app thatwas discovered in its Snap Store. "Several years ago when we startedthe work on snap packages, we understood that we could not instantlyimplement an alternative that was completely safe from all perspectives. Inaddition to being safe, it had to be useful. So the challenge we gaveourselves was to significantly improve the situation immediately, and thenpave the road for incremental improvements that could be rolled outgradually."

Security updates have been issued by Arch Linux (firefox, llpp, and webkit2gtk), Debian (kwallet-pam), Fedora (kernel and pam-kwallet), Gentoo (mpv), Oracle (389-ds-base, firefox, libvirt, and qemu-kvm), and Ubuntu (php5 and php5, php7.0, php7.1, php7.2).

Security updates have been issued by Debian (tiff and tiff3), Fedora (glusterfs, kernel, libgxps, LibRaw, postgresql, seamonkey, webkit2gtk3, wget, and xen), Mageia (afflib, flash-player-plugin, imagemagick, qpdf, and transmission), openSUSE (Chromium, opencv, and xen), SUSE (kernel), and Ubuntu (firefox).

Technologies like containers, clusters, and Kubernetes offer the prospectof rapidly scaling the available computing resources to match variable demandsplaced on the system. Actually implementing that scaling can be achallenge, though.During KubeCon+ CloudNativeCon Europe 2018, Frederic Branczyk from CoreOS (nowpart of Red Hat) held a packed sessionto introduce a standard and officially recommended way to scale workloadsautomatically in Kubernetesclusters.

The efail.de site describes a set ofvulnerabilities in the implementation of PGP and MIME that can cause thedisclosure of encrypted communications, including old messages. "In anutshell, EFAIL abuses active content of HTML emails, for exampleexternally loaded images or styles, to exfiltrate plaintext throughrequested URLs."The EFF recommendsuninstalling email-encryption tools that automaticallydecrypt email entirely. "Until the flawsdescribed in the paper are more widely understood and fixed, users shouldarrange for the use of alternative end-to-end secure channels, such asSignal, and temporarily stop sending and especially reading PGP-encryptedemail."

The 4.17-rc5 kernel prepatch has beenreleased. "So I think we're in pretty good shape. Please go keeptesting, though, to make sure we're not missing anything."

Gian-Carlo Pascutto postsabout the sandboxing improvements in the Firefox 60 release."The most important change is that content processes — which renderWeb pages and execute JavaScript — are no longer allowed to directlyconnect to the Internet, or connect to most local services accessed withUnix-domain sockets (for example, PulseAudio)."

Much has been written on LWN about dynamically instrumenting kernelcode. These features are also available to user-space code with aspecial kind of probe known as a User Statically-Defined Tracing(USDT) probe. These probes provide a low-overhead way of instrumenting user-space code and provide a convenient way to debug applicationsrunning in production. In this final article of the BPF and BCC serieswe'll look at where USDT probes come from and how you can use them tounderstand the behavior of your own applications.

Security updates have been issued by Arch Linux (libmupdf, mupdf, mupdf-gl, and mupdf-tools), Debian (firebird2.5, firefox-esr, and wget), Fedora (ckeditor, drupal7, firefox, kubernetes, papi, perl-Dancer2, and quassel), openSUSE (cairo, firefox, ImageMagick, libapr1, nodejs6, php7, and tiff), Red Hat (qemu-kvm-rhev), Slackware (mariadb), SUSE (xen), and Ubuntu (openjdk-8).

The Rust team has announcedthe release of version 1.26.0 of the Rust programming language. "The past few releases have had a steady stream of relatively minor additions. We’ve been working on a lot of stuff, however, and it’s all starting to land in stable. 1.26 is possibly the most feature-packed release since Rust 1.0."