Security updates have been issued by Debian (libgd2, mediawiki, otrs2, vlc, and zookeeper), Fedora (containernetworking-plugins, kernel, kernel-headers, nodejs-tough-cookie, podman, python-django, and python-urllib3), openSUSE (virtualbox), SUSE (gnome-shell, libcroco, and php7), and Ubuntu (dbus, Neovim, and vim).
Python is, famously, a "batteries included" language; it comes with a richstandard library right out of the box, which makes for a highly usefulstarting point for everyone. But that does have some downsides as well. Thestandard library modules are largely maintained by the CPython coredevelopers, which adds to their duties; the modules themselves aresubject to the CPython release schedule, which may be suboptimal. Forthose reasons and others, there have been thoughts about retiring someof the older modules; it is a topic that has come up several times over thelast year or so.
The Matrix team has announcedthe first stable release of the Matrix protocol and specification acrossall APIs. The Synapse 1.0 reference implementation, which implements thefull Matrix 1.0 API surface, has also been released. "Now, before you get too excited, it’s critical to understand that Matrix 1.0 is all about providing a stable, self-consistent, self-contained and secure version of the standard which anyone should be able to use to independently implement production-grade Matrix clients, servers, bots and bridges etc. It does not mean that all planned or possible features in Matrix are now specified and implemented, but that the most important core of the protocol is a well-defined stable platform for everyone to build on.On the Synapse side, our focus has been exclusively on ensuring thatSynapse correctly implements Matrix 1.0, to provide a stable and securebasis for participating in Matrix without risk of room corruption or othernastinesses." The announcement also covers the launch of theMatrix.org Foundation.
Interfaces for the reporting of events to user space from the kernel havebeen a recurring topic on the kernel mailing lists for almost as long asthe kernel has existed; LWN covered one 15years ago, for example. Numerous special-purpose event-reporting APIsexist, but there are none that are designed to be a single place toobtain any type of event. David Howells is the latest to attempt to changethat situation with anew notification interface that, naturally, uses a ring buffer totransfer events to user space without the need to make system calls. TheAPI itself (which hasn't changed greatly since it was posted in 2018) is not hugely controversial,but the associated security model has inspired a few heated discussions.
Security updates have been issued by CentOS (bind and thunderbird), Mageia (firefox, ghostscript, graphicsmagick, imagemagick, postgresql, and thunderbird), Oracle (kernel), Red Hat (Advanced Virtualization and rh-haproxy18-haproxy), SUSE (bind, gstreamer-0_10-plugins-base, thunderbird, and vim), and Ubuntu (elfutils, glib2.0, and libsndfile).
BPF is probably familiar to many LWN readers, though it's likely not yetquite as well known in the Kubernetes community — but that could soonchange. At KubeCon +CloudNativeCon Europe 2019 there were multiple sessions with BPF in the title where developers talked about how BPF can be used tohelp with Kubernetes security, monitoring, and even chaos engineeringtesting.We will look at two of those talks that were led by engineers closelyaligned with the open-source Cilium project, which is allabout bringing BPF to Kubernetes container environments.Thomas Graf, who contributes to BPF development in the Linux kernel,led a session on transparent chaos testing with Envoy, Cilium, and BPF,while his counterpart Dan Wendlandt, who is well known in the OpenStackcommunity for helping to start the Neutron networking project, spoke aboutusing the kernel's BPF capabilities to add visibility andsecurity in a Kubernetes-aware manner.
Security updates have been issued by Arch Linux (chromium and pam-u2f), Debian (cyrus-imapd), Fedora (curl, cyrus-imapd, kernel, kernel-headers, php, and vim), openSUSE (axis, bind, bubblewrap, evolution, firefox, gnome-shell, libpng16, and rmt-server), Oracle (edk2 and kernel), and SUSE (bind, cloud7, and libvirt).
The 5.2-rc4 kernel prepatch is out fortesting. "We've had a fairly calm release so far, and on the whole that seems tohold. rc4 isn't smaller than rc3 was (it's a bit bigger), but rc3 wasfairly small, so the size increase isn't all that worrisome. I do hopethat we'll start actually shrinking now, though."
The Intel architecture allows misaligned memory access in situationswhere other architectures (such as ARM or RISC-V) do not. One suchsituation is atomic operations on memory that is split across two cachelines. This feature is largely unknown, but its impact is even less so. Itturns out that the performance and security impact can be significant,breaking realtime applications or allowing a rogue application to slow thesystem as a whole. Recently, Fenghua Yu has been working on detecting andfixing these issues in the split-lockpatch set, which is currently on its eighth revision.
Security updates have been issued by Debian (evolution and qemu), Fedora (cyrus-imapd and hostapd), Gentoo (exim), openSUSE (exim), Red Hat (qpid-proton), SUSE (bind, libvirt, mariadb, mariadb-connector-c, python, and rubygem-rack), and Ubuntu (firefox, jinja2, and linux-lts-xenial, linux-aws).
In mid-May, LWN reported on the discussions in the openSUSE project over whether a separation from SUSEwould be a good move. It would appear that this issue hasbeen resolved and that openSUSE will be setting up a foundation as its newhome independent of the SUSE corporation. But now the community has beenovertaken by a new, related discussion that demonstrates a characteristicof free-software projects: the hardest issues are usually related tonaming.
Qualys has put out an advisory on a vulnerability in the Exim mail transferagent, versions 4.87 through 4.91; it allows for easy command execution bya local attacker and remote execution in some scenarios. "To remotelyexploit this vulnerability in the default configuration, an attackermust keep a connection to the vulnerable server open for 7 days (bytransmitting one byte every few minutes). However, because of theextreme complexity of Exim's code, we cannot guarantee that thisexploitation method is unique; faster methods may exist." Sitesrunning Exim should upgrade to 4.92 if they have not already.
Security updates have been issued by Arch Linux (binutils), Debian (exim4 and poppler), Fedora (deepin-api, kernel, kernel-headers, kernel-tools, and php), openSUSE (cronie), and Ubuntu (apparmor, exim4, mariadb-10.1, php5, and php7.0, php7.2).
Debian takes an almost completely "hands off" approach to the decisionsthat Debian developers(DDs) can make in regard to the packaging and maintenance of theirpackages. That leads to maximal freedom for DDs, but impacts the project in other ways, some of which may be less than entirelydesirable. New Debian project leader (DPL) Sam Hartman started aconversation about potential changes to the Debian packaging requirementsback in mid-May. In something of a departure from the Debian tradition ofnearly endless discussion without reaching a conclusion (and, possibly,punting the decision to the technical committee or avote in a general resolution), Hartman has instead tried to guide the discussion toward reaching some kind of rough consensus.
The kernel self-test framework (kselftest) has been a part of the kernel for some time now; a relatively recentproposal for a kernel unit-testing framework,called KUnit,has left some wondering why both exist. In a lengthy discussion thread aboutKUnit, the justification for adding another testingframework to the kernel was debated. While there are different use casesfor kselftest and KUnit, there was concern about fragmenting the kernel-testinglandscape.
The CockroachDB database management system has beenrelicensed; the new license is non-free. "CockroachDB users canscale CockroachDB to any number of nodes. They can use CockroachDB or embedit in their applications (whether they ship those applications to customersor run them as a service). They can even run it as a serviceinternally. The one and only thing that you cannot do is offer a commercialversion of CockroachDB as a service without buying a license."
The Mozilla blog announcesa new Firefox feature: "One of those initiatives outlined was toblock cookies from known third party trackers in Firefox. Today, Firefoxwill be rolling out this feature, Enhanced Tracking Protection, to all newusers on by default, to make it harder for over a thousand companies totrack their every move. Additionally, we’re updating our privacy-focusedfeatures including an upgraded Facebook Container extension, a Firefoxdesktop extension for Lockwise, a way to keep their passwords safe acrossall platforms, and Firefox Monitor’s new dashboard to manage multiple emailaddresses."
Nina Zakharenko has been programming for a long time; when she was youngshe thought that "the idea that I could trick computers into doing what Itell them was pretty awesome". But as she joined the workforce, heropportunities for "creative coding" faded away; she regained some of thatworking with open source, but tinkering with hardware is what let hercreativity "truly explode". It has taken her years to get back what shelearned long ago, she said, and her keynote at PyCon 2019 was meant to showattendees the kinds of things can be built with Python—starting withsomething that attendees would find in their swag bag.
Stable kernels 5.1.7, 5.0.21, and 4.19.48 have been released. They all containthe usual set of important fixes. This is the last 5.0.y release and usersshould move to 5.1.y now.
Security updates have been issued by Arch Linux (python-django and python2-django), Debian (heimdal), Fedora (kernel, kernel-headers, kernel-tools, and sqlite), openSUSE (containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork and GraphicsMagick), Oracle (thunderbird), Red Hat (systemd and thunderbird), SUSE (bind and firefox), and Ubuntu (qtbase-opensource-src).
Nedim Šabić has written atutorial article on using the eXpress Data Path for fast packetfiltering. "Now comes the most relevant part of our XDP program thatdeals with packet’s processing logic. XDP ships with a predefined set ofverdicts that determine how the kernel diverts the packet flow. Forinstance, we can pass the packet to the regular network stack, drop it,redirect the packet to another NIC and such. In our case, XDP_DROP yieldsan ultra-fast packet drop."
The fs‑verity mechanism has its origins in the Android project; its purposeis to make individual files read-only and enable the kernel to detectany modifications that might have been made, even if those changes happenoffline. Previous fs‑verity implementations have run into criticism in thedevelopment community, and none have been merged. A newversion of the patch set was posted on May 23; it features achanged user-space API and may have a better chance of getting into themainline.
The 5.2-rc3 kernel prepatch has beenreleased. "Anyway, even ignoring the SPDX changes, there's just alot of small fixes spread all over, not anything that looks particularlyscary or worrisome. Maybe next week is when the other shoe drops, but maybethis will just be a nice calm release. That would be lovely."
The 5.1.6, 5.0.20, 4.19.47, 4.14.123, and 4.9.180 stable kernels have been released. Asusual, they contain important fixes throughout the kernel tree; users ofthose series should upgrade.
The basic organizational construct within the Kubernetes project is a setof Special Interest Groups (SIGs), each of which represents a different area ofresponsibility within the project. Introductions to what the various SIGsdo, as well as more detailed sessions, were a core part of KubeCon + CloudNativeCon Europe 2019, as the different groups explained whatthey're doing now and their plans for the future. Two sessions, inparticular, covered the work of the Release and Architecture SIGs, both ofwhich have a key role in driving the project forward.
Security updates have been issued by Debian (miniupnpd and qemu), Fedora (drupal7-entity and xen), openSUSE (kernel), Oracle (bind and firefox), Red Hat (go-toolset-1.11-golang), SUSE (cronie, evolution, firefox, gnome-shell, java-1_7_0-openjdk, jpeg, and mailman), and Ubuntu (corosync, evolution-data-server, gnutls28, and libseccomp).
The set of system calls known collectively as epoll wasdesigned to make polling for I/O events more scalable. To that end, itminimizes the amount of setup that must be done for each system call andreturns multiple events so that the number of calls can also be minimized.But that turns out to still not be scalable enough for some users. Theresponse to this problem, in the form of this patchseries from Roman Penyaev, takes a familiar form: add yet anotherring-buffer interface to the kernel.
Security updates have been issued by CentOS (firefox and libvirt), Debian (openjdk-8 and tomcat7), Fedora (drupal7-entity), Mageia (kernel), openSUSE (bluez, gnutls, and libu2f-host), Oracle (bind), Red Hat (bind), Scientific Linux (bind), SUSE (axis, libtasn1, and rmt-server), and Ubuntu (sudo).
A kernel debugger that allows Python scripts to access data structures ina running kernel was the topic of Omar Sandoval's plenary session at the2019 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM). Inhis day job at Facebook, Sandoval does a fair amount of kernel debuggingand he found the existing tools to be lacking. That led him to build drgn, which is a debugger builtinto a Python library.
In a followup to his earlier session on dyingcontrol groups, Roman Gushchin wanted to talk about problems with theshrinkers and filesystem caches in a combined filesystem andmemory-management session at the 2019 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM).Specifically, for control groups that share the same underlying filesystem,the shrinkers are not able to reclaim memory from the VFS caches after acontrol group dies, at least under slight to moderate memory pressure. Hewanted to discuss how to reclaim that memory without major performanceimpacts.
Version 1.0 of the GParted GNOME Partition Editor has been released. "The GParted 1.0.0 release includes a significant undertaking to migratethe code base from gtkmm2 to gtkmm3 (our GTK3 port)."
Version 4.2.0of the Krita paint tool is out. "New in Krita 4.2.0 is updatedsupport for drawing tablets, support for HDR monitors on Windows, animproved color palette docker, scripting API for animation, color gamutmasking, improved selection handling, much nicer handling of theinteraction between opacity and flow and much, much, much more" Seethe releasenotes for more details.
Kees Cook reviewsthe security-related enhancements in the 5.1 kernel release."Now /proc/$pid can be opened and used as an argument for sendingsignals with the new pidfd_send_signal() syscall. This handle will onlyrefer to the original process at the time the open() happened, and not toany later 'reused' pid if the process dies and a new process is assignedthe same pid. Using this method, it’s now possible to racelessly sendsignals to exactly the intended process without having to worry about pidreuse. (BTW, this commit wins the 2019 award for Most Well DocumentedCommit Log Justification.)"
<p>In a filesystem session on the third day of the 2019 Linux Storage,Filesystem, and Memory-Management Summit (LSFMM), Steve French wanted totalk about copy operations. Much of the development work that has gone onin the Linux filesystem world over the last few years has been related tothe performance ofcopying files, at least indirectly, he said. There are still painpoints around copy operations, however, so he would like to see those getaddressed.
Security updates have been issued by Arch Linux (webkit2gtk), Debian (kernel and libav), Fedora (c3p0 and community-mysql), Scientific Linux (pacemaker), SUSE (axis, libtasn1, NetworkManager, sles12sp3-docker-image, sles12sp4-image, system-user-root, and xen), and Ubuntu (freerdp, GNU Screen, keepalived, and thunderbird).
<p>Finding a way for applications to do atomic writes to files, so that eitherthe old or new data is present after a crash and not a combination of thetwo, was the topic of a session led by Christoph Hellwig at the 2019 Linux Storage, Filesystem, andMemory-Management Summit (LSFMM).Application developers hate the fact that when they update files in place,a crash can leave them with old or new data—or sometimes a combination ofboth. He discussed some implementation ideasthat he has for atomic writes for XFS and wanted to see what the otherfilesystem developers thought about it.
Ted Ts'o led a discussion on storage testing and, in particular, on hisexperience getting blktests running for his testenvironment,in a combined storage and filesystem session at the 2019 Linux Storage,Filesystem, and Memory-Management Summit. He has been adding more testingto his automated test platform, including blktests, and he would like tosee more people running storage tests. The idea of his session was to seewhat could be done to help that cause.
Debian Linux and its family of derivatives (such as Ubuntu) are partlycharacterized by their use of .deb as the packaging format.Packages in this format are produced not only by the distributions themselves,but also by independent software vendors. The last major change of the formatinternals happened back in 1995. However, a discussion of possiblechanges has been brought up recently on the debian-devel mailing list by AdamBorowski.
Security updates have been issued by Arch Linux (firefox and thunderbird), Debian (sox and vcftools), Fedora (safelease and sharpziplib), openSUSE (chromium, evolution, graphviz, nmap, systemd, transfig, and ucode-intel), Red Hat (pacemaker), SUSE (curl, libvirt, openssl, php7, php72, and systemd), and Ubuntu (gnome-desktop3, keepalived, and samba).
<p>The stable tree was the topic for a plenary session led by Sasha Levin atthe 2019 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM).One of the main areas that needs attention is testing, according to Levin.He wanted to discuss how to do more and better testing as well as toaddress any concerns that attendees might have with regard to the stable tree.
The physical memory in a computer system is a precious resource, so alot of effort has been put into managing it effectively. This task is mademore difficult by the complexity of the memory architecture on contemporarysystems. There are severallayers of abstraction that deal with the details of how physical memoryis laid out; one of those is simply called the "memory model". Thereare three models supported in the kernel, but one of them is on its wayout. As a way of understanding this change, this article willtake a closer look at the evolution of the kernel's memory models,their current state, and their possible future.
The second 5.2 kernel prepatch is out fortesting. "Fairly normal rc2, no real highlights - I thinkmost of the diff is the SPDX updates.Who am I kidding? The highlight of the week was clearly Finlandwinning the ice hockey world championships." The codename has beenchanged to "Golden Lions".
LWN.net