LWN.net

Security updates have been issued by Debian (wireshark), Fedora (kernel), openSUSE (enigmail), Red Hat (kernel), SUSE (cairo, java-1_7_0-ibm, libvirt, perl-DBD-mysql, and xen), and Ubuntu (batik and isc-dhcp).

Version 26.1 of the Emacs editor is out. Highlights include a built-inLisp threading mechanism that provides some concurrency, double bufferingwhen running under X, a redesigned flymake mode, 24-bit color support intext mode, and a systemd unit file.

Suppose you have a program running on your system that you don't quitetrust. Maybe it's a program submitted by a student to an automatedgrading system. Or maybe it's a QEMU device model running in a Xencontrol domain ("domain 0" or "dom0"), and you want to make surethat even if an attacker from a rogue virtual machine manages to take over the QEMUprocess, they can't do any further harm. There are many things you want to do as faras restricting its ability to do mischief. But one thing in particular you probably want to dois to be able to reliably kill the process once you think it should bedone. This turns out to be quite a bit more tricky than you'd think.

Security updates have been issued by Debian (batik, cups, gitlab, ming, and xdg-utils), Fedora (dpdk, firefox, glibc, nodejs-deep-extend, strongswan, thunderbird, thunderbird-enigmail, wavpack, xdg-utils, and xen), Gentoo (ntp, rkhunter, and zsh), openSUSE (Chromium, GraphicsMagick, jasper, opencv, pdns, and wireshark), SUSE (jasper, java-1_7_1-ibm, krb5, libmodplug, and openstack-nova), and Ubuntu (thunderbird).

This CERTadvisory warns of over 500,000 home routers that have been compromisedby the VPNFilter malware and is advising everybody to reboot their routersto (partially) remove it. This TalosIntelligence page has a lot more information about VPNFilter, though alot apparently remains unknown. "At the time of this publication, wedo not have definitive proof on how the threat actor is exploiting theaffected devices. However, all of the affected makes/models that we haveuncovered had well-known, public vulnerabilities. Since advanced threatactors tend to only use the minimum resources necessary to accomplish theirgoals, we assess with high confidence that VPNFilter required no zero-dayexploitation techniques."

The 4.17-rc7 kernel prepatch is out; it'slikely the last one for this development cycle. "So this week wasn'tas calm as the previous weeks have been, but despite that I suspect this isthe last rc."

The 4.16.12,4.14.44,4.9.103,4.4.133, and3.18.110stable kernel updates have all been released; each contains a relativelylarge set of important fixes.

OpenSUSE Leap 15 has been released."With a brand new look developed by the community, openSUSE Leap 15brings plenty of community packages built on top of a core from SUSE LinuxEnterprise (SLE) 15 sources, with the two major releases being built inparallel from the beginning for the first time. Leap 15 shares a commoncore with SLE 15, which is due for release in the coming months. The firstrelease of Leap was version 42.1, and it was based on the first ServicePack (SP1) of SLE 12. Three years later SUSE’s enterprise version andopenSUSE’s community version are now aligned at 15 with a freshrebase." Leap 15 will receive maintenance and security updates forat least 3 years.

Security updates have been issued by Arch Linux (bind, libofx, and thunderbird), Debian (thunderbird, xdg-utils, and xen), Fedora (procps-ng), Mageia (gnupg2, mbedtls, pdns, and pdns-recursor), openSUSE (bash, GraphicsMagick, icu, and kernel), Oracle (thunderbird), Red Hat (java-1.7.1-ibm, java-1.8.0-ibm, and thunderbird), Scientific Linux (thunderbird), and Ubuntu (curl).

The second Operating-System-Directed Power-Management (OSPM18) Summit tookplace at the ReTiS Lab of the Scuola Superiore Sant'Anna in Pisa betweenApril 16 and April 18, 2018. Like lastyear, the summit was organized as a collection of collaborativesessions focused on trying to improve how operating-system-directed powermanagement and the kernel's task scheduler work together to achieve thegoal of reducing energy consumption while still meeting performance andlatency requirements. Read on for an extensive set of notes collected by anumber of the participants to the summit.

The Linux Journal mournsthe passing of Robin Miller, a longtime presence in our community."Miller was perhaps best known by the community for his role asEditor in Chief of Open Source Technology Group, the company that ownedSlashdot, SourceForge.net, freshmeat, Linux.com, NewsForge, and ThinkGeekfrom 2000 to 2008."

Linux Journal reportsthat Robin "Roblimo" Miller has passed away. "Miller was perhaps best known by the community for his roll as Editor in Chief of Open Source Technology Group, the company that owned Slashdot, SourceForge.net, freshmeat, Linux.com, NewsForge, and ThinkGeek from 2000 to 2008."

During KubeCon+ CloudNativeCon Europe 2018, Justin Cormack and Nassim Eddequiouaq presenteda proposal to simplify the setting of security parameters for containerizedapplications. Containers depend on a large set of intricate security primitives that canhave weird interactions. Because they are so hard to use, people often justturn the whole thing off. The goal of the proposal is to make thosecontrols easier to understand and use; it is partly inspired by mobile appson iOS and Android platforms, an idea that trickled back into Microsoft andApple desktops. The time seems ripe to improve the field ofcontainer security, which is in desperate need of simpler controls.

Security updates have been issued by Debian (imagemagick), Fedora (curl, glibc, kernel, and thunderbird-enigmail), openSUSE (enigmail, knot, and python), Oracle (procps-ng), Red Hat (librelp, procps-ng, redhat-virtualization-host, rhev-hypervisor7, and unboundid-ldapsdk), Scientific Linux (procps-ng), SUSE (bash, ceph, icu, kvm, and qemu), and Ubuntu (procps and spice, spice-protocol).

The LWN.net Weekly Edition for May 24, 2018 is available.

The bcachefs filesystem has been underdevelopment for a number of years now; according to lead developer KentOverstreet, it is time to start talking about getting the code upstream.He came to the 2018 Linux Storage, Filesystem, and Memory-Management Summit(LSFMM) to discuss that in a combined filesystem and storagesession. Bcachefs grew out of bcache, which is a block layercache that was merged into Linux 3.10 in mid-2013.

If pressed, I will admit to thinking that, if NIS was good enough for Charles Babbage, it'sgood enough for me. I am therefore not a huge fan of LDAP; I feel I can detect in it the heavy hand of the ITU,which seems to wish to apply X.500 toeverything. Nevertheless, for secure, distributed, multi-platform identitymanagement it's quite hard to beat. If you decide to run an LDAP serveron Unix, one of the major free implementations is slapd, the coreengine of the OpenLDAP project.Howard Chu is the chief architect of the project,and spoke at FLOSS 2018 about the upcoming 2.5 release. Any rumorsthat he might have passed the time while the room filled up by givinga short but nicely rendered fiddle recital are completely true.

The Python release cycle has an 18-month cadence; a new major release (e.g.Python 3.7) ismade roughly on that schedule. But Łukasz Langa, who is the releasemanager for Python 3.8 and 3.9, would like to see things movemore quickly—perhaps on a yearly cadence. In the first session after lunchat the 2018 Python Language Summit, Langa wanted to discuss that idea.

Security updates have been issued by CentOS (java-1.7.0-openjdk, java-1.8.0-openjdk, kernel, libvirt, and qemu-kvm), Debian (procps), Fedora (curl, mariadb, and procps-ng), Gentoo (samba, shadow, and virtualbox), openSUSE (opencv, openjpeg2, pdns, qemu, and wget), Oracle (java-1.8.0-openjdk and kernel), Red Hat (java-1.7.0-openjdk, java-1.8.0-openjdk, kernel, kernel-rt, libvirt, qemu-kvm, qemu-kvm-rhev, redhat-virtualization-host, and vdsm), Scientific Linux (java-1.7.0-openjdk, java-1.8.0-openjdk, kernel, libvirt, and qemu-kvm), Slackware (kernel, mozilla, and procps), SUSE (ghostscript-library, kernel, mariadb, python, qemu, and wget), and Ubuntu (linux-raspi2 and linux-raspi2, linux-snapdragon).

Case-insensitive file name lookups are a feature that is fairly frequentlyraised at the Linux Storage, Filesystem, and Memory-Management Summit (LSFMM). At the 2018summit, Gabriel Krisman Bertazi proposed a new way to supportthe feature, though it met with a rather skeptical reception—with onenotable exception. Ted Ts'o seemed favorably disposed to the idea, in partbecause it would potentially be a way to get rid of some longstanding Android ugliness:wrapfs.

Kata Containers 1.0 has been released. "This first release of Kata Containers completes the merger of Intel’s Clear Containers and Hyper’s runV technologies, and delivers an OCI compatible runtime with seamless integration for container ecosystem technologies like Docker and Kubernetes."

Stable kernels 4.16.11, 4.14.43, and 4.9.102 have been released. They all containimportant fixes and users should update.

In a filesystem-track session at the 2018 Linux Storage, Filesystem, andMemory-Management Summit (LSFMM), Ronnie Sahlberg talked about some changeshe has made to add support for compounding to the SMB/CIFSimplementation in Linux. Compounding is a way to combine multipleoperations into a single request that can help reduce network round-trips.

Security updates have been issued by Debian (gitlab and packagekit), Fedora (glibc, postgresql, and webkitgtk4), Oracle (java-1.7.0-openjdk, java-1.8.0-openjdk, kernel, libvirt, and qemu-kvm), Red Hat (java-1.7.0-openjdk, kernel-rt, qemu-kvm, and qemu-kvm-rhev), SUSE (openjpeg2, qemu, and squid3), and Ubuntu (kernel, linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux, linux-aws, linux-kvm,, linux-hwe, linux-azure, linux-gcp, linux-oem, linux-lts-trusty, linux-lts-xenial, linux-aws, qemu, and xdg-utils).

In a 2018 Python Language Summit talk that was initially billed as"Mariatta's Topic of Mystery", Mariatta Wijaya described her reasoning for advocating moving Python awayfrom its current bug tracker toGitHub Issues. She wanted to surprise her co-attendees with the talktopic at least partly because it is somewhat controversial. But it wouldcomplete Python's journey to GitHub that started a ways back.

It is the season for web sites to be updating their privacy policies andobtaining consent from their users for whatever data they collect. LWN,being short of staff with the time or interest to work in this area, israther late to this game. The first step is an updatedprivacy policy, which we're now putting out for review. Little has changedfrom the current version; we still don'tcollect much data, share data with others, or attempt to monetize what we have in any way. We would like to ask interested readersto have a look and let us know about any potential problems they see.

Intel has, finally, disclosedtwo more Spectre variants, called 3a and 4. The first ("rogue systemregister read") allows system-configuration registers to be readspeculatively, while the second ("speculative store bypass") could enablespeculative reads to data after a store operation has been speculativelyignored. Some more information on variant 4 can be found in theProject Zero bug tracker. The fix is to install microcode updates,which are not yet available.

At the 2018 Linux Storage, Filesystem, andMemory-Management Summit (LSFMM), Steve French led a discussion of variousproblem areas for network filesystems. Unlike previous sessions (in 2016 and 2017), there was some good news to reportbecause the long-awaited statx()system call was released in Linux 4.11. But thereis still plenty of work to be done to better support network filesystems inLinux.

Parrot 4.0 has been released. Parrotis a security-oriented distribution aimed at penetration tests and digitalforensics analysis, with additional tools to preserve privacy. "OnParrot 4.0 we decided to provide netinstall images too as we would likepeople to use Parrot not only as a pentest distribution, but also as aframework to build their very own working environment with ease."Docker templates are also available.

Security updates have been issued by Arch Linux (lib32-curl, lib32-libcurl-compat, lib32-libcurl-gnutls, libcurl-compat, and libcurl-gnutls), CentOS (firefox), Debian (imagemagick), Fedora (exiv2, LibRaw, and love), Gentoo (chromium), Mageia (kernel, librelp, and miniupnpc), openSUSE (curl, enigmail, ghostscript, libvorbis, lilypond, and thunderbird), Red Hat (Red Hat OpenStack Platform director), and Ubuntu (firefox).

The 4.17-rc6 kernel prepatch is out."So nothing special to report. Go read the shortlog, pull thechanges, build, and test. It should all be good and pretty stable by thispoint."

The4.16.10,4.14.42, and4.9.101stable kernel updates are available; each contains another set of importantfixes.

The Software Freedom Conservancy has put out ablog posting on the history and current status of Tesla's GPLcompliance issues. "We're thus glad that, this week, Tesla has actedpublicly regarding its current GPL violations and has announced thatthey've taken their first steps toward compliance. While Tesla acknowledgesthat they still have more work to do, their recent actions show progresstoward compliance and a commitment to getting all the way there."

At the 2018 Linux Storage, Filesystem, and Memory-Management Summit, AndiryXu presented the NOVA filesystem, which heis trying to get into the upstream kernel. Unlike existing kernelfilesystems, NOVA exclusively targets non-volatile main memory (NVMM)rather than traditional block devices (disks or SSDs). In fact, it does not use thekernel's block layer at all and instead uses persistent memory mappeddirectly into the kernel address space.

Brandon Williams writesabout the new Git remote protocol that will debut in the 2.18 release."We recently rolled out support for protocol version 2 at Google andhave seen a performance improvement of 3x for no-op fetches of a singlebranch on repositories containing 500k references. Protocol v2 has alsoenabled a reduction of 8x of the overhead bytes (non-packfile) sent fromgooglesource.com servers. A majority of this improvement is due tofiltering references advertised by the server to the refs the client hasexpressed interest in."

Version 8.1 of the Vimeditor is available. "The main new feature of Vim 8.1 is supportfor running a terminal in a Vim window. This builds on top of theasynchronous features added in Vim 8.0."

In April, LWN looked at the new API forzero-copy reception of TCP data that had been merged into the net-next treefor the 4.18 development cycle. After that article was written, a coupleof issues came to the fore that required some changes to the API for thisfeature. Those changes have been made and merged; read on for the details.

Security updates have been issued by Arch Linux (curl and zathura-pdf-mupdf), Debian (libmad and vlc), openSUSE (enigmail), Red Hat (collectd, Red Hat OpenStack Platform director, and sensu), and SUSE (firefox, ghostscript, and mysql).

Robert Haas writesabout the sharding capabilities that PostgreSQL will someday have."The capabilities already added are independently useful, but Ibelieve that some time in the next few years we're going to reach a tippingpoint. Indeed, I think in a certain sense we already have. Just a few yearsago, there was serious debate about whether PostgreSQL would ever havebuilt-in sharding. Today, the question is about exactly which features arestill needed."

"Security is hard" is a tautology, especially in the fast-moving worldof container orchestration. We have previously covered various aspects ofLinux containersecurity through, for example, the Clear Containers implementationor the broader question of Kubernetes andsecurity, but those are mostly concerned with container isolation; they do not address thequestion of trusting a container's contents. What is a container running?Who built it and when? Even assuming we have good programmers and solidisolation layers, propagating that good code around a Kubernetes clusterand making strong assertions on the integrity of that supply chain is farfrom trivial. The 2018 KubeCon+ CloudNativeCon Europe event featured some projects that couldeventually solve that problem.

Security updates have been issued by Arch Linux (runc), Debian (curl), Fedora (xdg-utils), Mageia (firefox), openSUSE (libreoffice, librsvg, and php5), Slackware (curl and php), SUSE (curl, firefox, kernel, kvm, libapr1, libvorbis, and memcached), and Ubuntu (curl, dpdk, php5, and qemu).

The LWN.net Weekly Edition for May 17, 2018 is available.

In a rather short session at the 2018 Python Language Summit, LarryHastings updated attendees on the status of his Gilectomy project. The aim of that effort isto remove the global interpreter lock (GIL) from CPython. Since his status report at last year's summit, littlehas happened, which is part of why the session was so short. He hasn'tgiven up on the overall idea, but it needs a new approach.

Stable kernels 4.16.9, 4.14.41, 4.9.100, 4.4.132, and 3.18.109 have been released. As usual, theyall contain important fixes and users should upgrade.

In a filesystem track session at the 2018 Linux Storage, Filesystem, andMemory-Management Summit (LSFMM), Darrick Wong talked about the onlinescrubbing and repair features he has been working on. His target has mostly beenXFS, but he has concurrently been working on scrubbing for ext4.Part of what he wanted to discuss was the possibility of standardizing someof these interfaces across different filesystem types.

At KubeCon+ CloudNativeCon Europe 2018, several talks explored the topic ofcontainer isolation and security. The last year saw the release of Kata Containers which, combined withthe CRI-O project, provided strong isolationguarantees for containers using a hypervisor. During the conference, Googlereleased its own hypervisor called gVisor, adding yet anotherpossible solution for this problem. Those new developments prompted thecommunity to work on integrating the concept of "secure containers"(or "sandboxed containers") deeperinto Kubernetes. This work is now coming to fruition; it prompts us to lookagain at how Kubernetes tries to keep the bad guys from wreaking havoc oncethey break into a container.

Security updates have been issued by CentOS (dhcp), Debian (xen), Fedora (dhcp, flac, kubernetes, leptonica, libgxps, LibRaw, matrix-synapse, mingw-LibRaw, mysql-mmm, patch, seamonkey, webkitgtk4, and xen), Mageia (389-ds-base, exempi, golang, graphite2, libpam4j, libraw, libsndfile, libtiff, perl, quassel, spring-ldap, util-linux, and wget), Oracle (dhcp and kernel), Red Hat (389-ds-base, chromium-browser, dhcp, docker-latest, firefox, kernel-alt, libvirt, qemu-kvm, redhat-virtualization-host, rh-haproxy18-haproxy, and rhvm-appliance), Scientific Linux (389-ds-base, dhcp, firefox, libvirt, and qemu-kvm), and Ubuntu (poppler).

At the 2018 Python Language Summit, Carl Shapiro described some ofthe experiments that he and others at Instagram did to look at ways toimprove the performance of the CPython interpreter.The talk was somewhat academic in tone and built on what has been learnedin other dynamic languages over the years. By modifying the Python objectmodel fairly substantially, they were able to roughly double the performanceof the "classic" Richards benchmark.

In a combined filesystem and storage session at the 2018 Linux Storage,Filesystem, and Memory-Management Summit (LSFMM), Tim Walker asked for helpin designing the interface to some new storage hardware. He wanted somefeedback on how a multi-actuatordrive should present itself to the system. These drives have two (or, eventually, more) sets of read/write heads andother hardware that can all operate in parallel.

Eric Snow kicked off the 2018 edition ofthe Python Language Summit with a look at getting a better story formulticore Python by way of subinterpreters. Back in 2015, we looked at his efforts at that point; thingshave been progressing since. There is more to do, of course, so he ishoping to attract more developers to work on the project.This is the start of the Python Language Summit coverage for this year; articles are being collected on a dedicated summit page as they are finished.