LWN.net

Linus has released the 4.12 kernel.Some of the headline features in 4.12 includethe BFQ and Kyber block I/O schedulers,busy-polling of network sockets in epoll_wait(),the hybridconsistency model for live patching,the trusted execution environmentframework,and more.The KernelNewbies 4.12page is still under construction, but should be filled out in the nearfuture.

The kernel's file capabilities mechanism is a bit of an awkward fit withuser namespaces, in that all namespaces have the same view of thecapabilities associated with a given executable file. There is a patch set under consideration that addsawareness of user namespaces to file capabilities, but it has brought forthsome disagreement on how such a mechanism should work. The question is, inbrief: how should a set of file capabilities be picked for any given usernamespace?

Version1.7 of the Kubernetes orchestration system is out."At-a-glance, security enhancements in this release include encrypted secrets, network policy for pod-to-pod communication, node authorizer to limit kubelet access and client / server TLS certificate rotation. For those of you running scale-out databases on Kubernetes, this release has a major feature that adds automated updates to StatefulSets and enhances updates for DaemonSets. We are also announcing alpha support for local storage and a burst mode for scaling StatefulSets faster."

Security updates have been issued by CentOS (freeradius, kernel, and mercurial), Debian (libarchive and mercurial), Fedora (chromium-native_client, systemd, and tomcat), Mageia (drupal, golang, libmwaw, libsndfile, rxvt-unicode, and tomcat), Oracle (kernel), Slackware (bind, httpd, kernel, and libgcrypt), SUSE (bind, clamav, kernel, and openvpn-openssl1), and Ubuntu (bind9, eglibc, and linux-hwe).

In honor of the 23rd anniversary of FreeDOS, project founder Jim Hall has written about the project over at Opensource.com. The free MS-DOS replacement has been in around for longer than MS-DOS was and is still under active development. "DOS is an old system and the original didn't support networking out of the box. Typically, you had to install device drivers for your hardware to connect to a network, which was usually a simple network like IPX. Few systems supported TCP/IP.With FreeDOS, not only do we include a TCP/IP networking stack, we include tools and programs that let you browse the web. Use Dillo for a graphical web browser experience, or Lynx to view the web as formatted plain text. If you just want to grab the HTML code and manipulate it yourself, use Wget or Curl."

A microconference on containers will be featured at this year's Linux Plumbers Conference, which will be held in Los Angeles, CA, US on13-15 September in conjunction with The Linux Foundation Open SourceSummit. "The agenda for this year will focus on unsolved issues and otherproblem areas in the Linux kernel container interfaces with the goal ofallowing all container runtimes and orchestration systems to provideenhanced services. Of particular interest is the unprivileged use ofcontainer APIs in which we can use both to enable self-containerisingapplications as well as to deprivilege (make more secure) containerorchestration systems. In addition we will be discussing the potentialaddition of new namespaces: (LSM for per-container security modules;IMA for per-container integrity and appraisal, file capabilities toallow setcap binaries to run within unprivileged containers)."

Greg Kroah-Hartman has announced the release of the 4.11.8, 4.9.35, 4.4.75, and 3.18.59 stable kernels. As usual, theycontain important fixes and users of those kernel series should upgrade.

Security updates have been issued by Arch Linux (apache and libnl), CentOS (mercurial), Debian (drupal7), Fedora (c-ares), Oracle (freeradius and kernel), Scientific Linux (kernel), SUSE (php53 and xen), and Ubuntu (kernel, linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon, linux, linux-raspi2, linux-lts-trusty, and linux-lts-xenial).

The LWN.net Weekly Edition for June 29, 2017 is available.

Recently, Lennart Poettering announceda new tool called casync for efficiently distributing filesystem and diskimages. Deployment of virtual machines or containers often requires suchan image to be distributed for them. These images typically contain mostor all of an entire operating system and its requisite data files; they canbe quite large. The images also often need updates, which can take upconsiderable bandwidth depending on how efficient the update mechanismis. Poettering developed casync as an efficient tool for distributing suchfilesystem images, as well as for their updates.

In his PyCon 2017 talk, MiguelGrinberg wanted to introduce asynchronous programming with Python tocomplete beginners. There is a lot of talk about asynchronous Python,especially with the advent of theasyncio module, but there are multiple ways to createasynchronous Python programs, many of which have been available for quitesome time. In the talk, Grinberg took something of a step back from theintricacies of those solutions to look at what asynchronous processingmeans at a higher level.

Last week Lennart Poettering introducedcasync, a tool for distributing system images. This week he introducesmkosi, a tool for making OS images. "mkosi is definitely a tool with a focus on developer's needs for building OS images, for testing and debugging, but also for generating production images with cryptographic protection. A typical use-case would be to add a mkosi.default file to an existing project (for example, one written in C or Python), and thus making it easy to generate an OS image for it. mkosi will put together the image with development headers and tools, compile your code in it, run your test suite, then throw away the image again, and build a new one, this time without development headers and tools, and install your build artifacts in it. This final image is then "production-ready", and only contains your built program and the minimal set of packages you configured otherwise. Such an image could then be deployed with casync (or any other tool of course) to be delivered to your set of servers, or IoT devices or whatever you are building."

In one sense, the Stack Clash vulnerabilitythat was announced on June 19 has not had a huge impact: thus far, atleast, there have been few (if any) stories of active exploits in thewild. At other levels, though, this would appear to be an importantvulnerability, in that it has raised a number of questions about how thecommunity handles security issues and what can be expected in the future.The indications, unfortunately, are not all positive.

Security updates have been issued by Debian (kernel and openvpn), Mageia (docker, libetpan, weechat, and yodl), Oracle (mercurial), Scientific Linux (freeradius), SUSE (kernel), and Ubuntu (systemd).

The CentOS distribution has long beena boon to those who want an enterprise-level operating system without anenterprise-level support contract—and the costs that go with it. Inkeeping with its server orientation, CentOS has been largely focused onx86 systems, but that has been changing over the last fewyears. Jim Perrin has been with the project since 2004 and his talk at OpenSource Summit Japan (OSSJ) described the process of making CentOSavailable for the ARM server market; he also discussed the status of thatproject and some plans for the future.

GitHub has announceda new program that aims to make it easier for people to contribute to opensource projects. "Open Source Friday isn't limited toindividuals. Your team, department, or company can take part,too. Contributing to the software you already use isn't altruistic—it's aninvestment in the tools your company relies on. And you can always startsmall: spend two hours every Friday working on an open source projectrelevant to your business. Whether you're an aspiring contributor or activemaintainer of open source software, we help you track and share your Fridaycontributions. We also provide a framework for regular contribution, alongwith resources to help you convince your employers to join in."

Security updates have been issued by Arch Linux (expat and poppler), Debian (unrar-nonfree and vlc), Fedora (chromium and mercurial), Gentoo (freeradius, kauth, and libreoffice), Mageia (glibc, irssi, kernel, kernel-linus, kernel-tmb, and rpcbind/libtirpc), openSUSE (libgcrypt, netpbm, and sudo), Oracle (sudo), Scientific Linux (mercurial), Slackware (kernel), SUSE (jakarta-taglibs-standard, kernel, and kernel-source), and Ubuntu (apache2).

Persistent memory promises high-speed, byte-addressable access to storage,with consequent benefits for all kinds of applications. But realizing thosebenefits has turned out to present a number of challenges for the Linuxkernel community. Persistent memory is neither ordinary memory norordinary storage, so traditional approaches to memory and storage are not always well suitedto this new world. A proposal for a new daxctl() system call,along with the ensuing discussion, shows how hard it can be to get the mostout of persistent memory.

Henrique de Moraes Holschuh has posted an advisory about a processor/microcodedefect recently identified on Intel Skylake and Intel Kaby Lake processorswith hyper-threading enabled. "TL;DR: unfixed Skylake and Kaby Lakeprocessors could, in some situations, dangerously misbehave whenhyper-threading is enabled. Disable hyper-threading immediately inBIOS/UEFI to work around the problem. Read this advisory for instructionsabout an Intel-provided fix."

Greg Kroah-Hartman has released stable kernels 4.4.74 and 3.18.58. Both contain the usual set ofimportant fixes and users should upgrade.

Security updates have been issued by Arch Linux (kernel, linux-zen, and tcpreplay), Debian (drupal7, exim4, expat, imagemagick, and smb4k), Fedora (chromium, firefox, glibc, kernel, openvpn, and wireshark), Mageia (mercurial and roundcubemail), openSUSE (kernel, libmicrohttpd, libqt5-qtbase, libqt5-qtdeclarative, openvpn, and python-tablib), Scientific Linux (sudo), and SUSE (firefox).

The 4.12-rc7 kernel prepatch is out."It's fairly small, and there were no huge surprises, so if nothinguntoward happens this upcoming week, this will be the final rc. But asusual, I reserve the right to just drag things out if I end up feelinguncomfortable about things for any reason including just random gutfeelings, so we'll see."

The4.11.7 and4.9.34 stable kernel updates have beenreleased. Among other things, they contain the fixes for the recentlydisclosed "Stack Clash" vulnerability.The 4.4.74, and3.18.58 updates are still in the reviewprocess but should be out in the near future.

The default apps on a mobile platform like Android are familiar targets forreplacement, especially for developers concerned about security. But whilemessaging and voice apps (which can be replaced by Signal and Ostel, forinstance) may be the best known examples, the non-profit Guardian Project has taken up thecause of improving the security features of the camera app. Its latestsuch project is ProofMode, an appto let users take photos and videos that can be verified as authentic bythird parties.

Security updates have been issued by Arch Linux (linux-hardened), CentOS (sudo), Debian (apache2, c-ares, flatpak, graphite2, and openvpn), Fedora (glibc and thunderbird), Gentoo (graphite2, jbig2dec, libksba, nettle, urbanterror, and vim), openSUSE (go and unrar), Oracle (sudo), SUSE (tomcat), and Ubuntu (openvpn).

The digiKam Team has releasedversion 5.6.0 of the digiKam Software Collection for photo management. "With this version the HTML gallery and the video slideshow tools are back, database shrinking (e.g. purging stale thumbnails) is also supported on MySQL, grouping items feature has been improved, the support for custom sidecars type-mime have been added, the geolocation bookmarks introduce fixes to be fully functional with bundles, the support for custom sidecars, and of course a lots of bug has been fixed."

Security updates have been issued by Arch Linux (lxterminal, lxterminal-gtk3, openvpn, and pcmanfm), CentOS (thunderbird), Debian (jython, spip, tomcat7, and tomcat8), openSUSE (openvpn), Oracle (thunderbird), Slackware (openvpn), SUSE (openvpn), and Ubuntu (kernel, linux-lts-trusty, nss, and valgrind).

The LWN.net Weekly Edition for June 22, 2017 is available.

At OpenSource Summit Japan (OSSJ)—OSS is the new name for LinuxCon,ContainerCon, and CloudOpen—Sasha Levin gave a talk on the kernel'sapplication binary interface (ABI). There is an effort to create a kernelABI specification that has its genesis in a discussion about fuzzers at the 2016 Linux Plumbers Conference. Sincethat time, some progress on it has been made, so Levin described what the ABI is and thebenefits that would come from having a specification. He also coveredwhat has been done so far—and thethe extensive work remaining to be done.

Guido Vranken describeshis efforts to fuzz-test OpenVPN and the bug reports that resulted."Most of this issues were found through fuzzing. I hate admitting it,but my chops in the arcane art of reviewing code manually, acquired throughgrueling practice, are dwarfed by the fuzzer in one fell swoop; themortal’s mind can only retain and comprehend so much information at a time,and for programs that perform long cycles of complex, deeply nestedoperations it is simply not feasible to expect a human to perform anencompassing and reliable verification."

At PyCon 2017, Kavya Joshi lookedat some of the differences between the Python reference implementation(known as "CPython") andthat of MicroPython. In particular,she described the differences in memory use and handling between the two.Those differences are part of what allows MicroPython to run on the severely memory-constrainedmicrocontrollers it targets—an environment that could never support CPython.

For those who are curious about how the community deals with a seriousvulnerability, Solar Designer's description of the embargo process aroundthe "Stack Clash" issue (and his unhappiness with it) is wortha read. "Qualys first informed the distros list about this upcoming set of issueson May 3. This initial notification didn't say Stack Clash nor anythinglike that, but merely expressed intent to disclose the issues andconcern that the list's maximum embargo duration of 14 to 19 days mightnot be sufficient in this case. In the resulting discussion, I agreedto consider extending the embargo beyond list policy should there beconvincing reasons for that. In retrospect, I think I shouldn't haveagreed to that."

Version 1.2 of the Opus audio codec has been released. "For music encoding Opus has already been shown to out-perform other audio codecs at both 64 kb/s and 96 kb/s. We originally thought that 64 kb/s was near the lowest bitrate at which Opus could be useful for streaming stereo music. However, with variable bitrate (VBR) improvements in Opus 1.1, suddenly 48 kb/s became a realistic target. Opus 1.2 continues on the path to lowering the bitrate limit. Music at 48 kb/s is now quite usable and while the artefacts are generally audible, they are rarely annoying. Even more, we've actually been pushing all the way to fullband stereo at just 32 kb/s!Most of the music encoding quality improvements in 1.2 don't come from big new features (like tonality analysis that got added to version 1.1), but from many small changes that all add up."

In a brief note to the GCC list, David Edelson announces: "I ampleased to announce that the GCC Steering Committee has accepted the DLanguage front-end and runtime for inclusion in GCC and appointed IainBuclaw as maintainer."

Security updates have been issued by CentOS (kernel), Debian (libffi, swftools, tomcat7, and zziplib), Gentoo (chromium, glibc, kodi, mbedtls, and wget), openSUSE (glibc and kernel), Oracle (kernel), Scientific Linux (thunderbird), and SUSE (kernel, sudo, and tomcat6).

Simon Raffeiner describesin detail the reasons he sees for the failure of the Ubuntu phoneproject. "I understand there weren’t enough developers to fix everything atonce, but instead of deciding to either make a good phone OR a good tabletwith Convergence, we had devices which couldn’t really do anythingright. The whole project also always always had this 'these are developerdevices, it’s not important to do it fast, we will win in the long run' airaround it – until the management quite obviously realised that this was allway too expensive and too much time had already been lost."

Free Electrons has announceda new service to the embedded Linux community: toolchains.free-electrons.com."This web site provides a large number of cross-compilationtoolchains, available for a wide range of architectures, in multiplevariants. The toolchains are based on the classical combination of gcc,binutils and gdb, plus a C library." There are over 100 toolchainscovering many architectures.

Lennart Poettering announcescasync, a tool for distributing system images."casync takes inspiration from the popular rsync file synchronizationtool as well as the probably even more popular git revision controlsystem. It combines the idea of the rsync algorithm with the idea ofgit-style content-addressable file systems, and creates a new system forefficiently storing and delivering file system images, optimized forhigh-frequency update cycles over the Internet. Its current focus is ondelivering IoT, container, VM, application, portable service or OS images,but I hope to extend it later in a generic fashion to become useful forbackups and home directory synchronization as well."

The kernel's command line allows the specification of many operatingparameters at boot time. A silly bug in command-line parsing was reportedby Ilya Matveychikov on May 22; it can be exploited to force a stackbuffer overflow with a controlled payload that can overwrite memory. Thebug itself stems from a bounds-checking error that, while simple, has stillbeen in the Linux kernel source since version 2.6.20. The subsequentdisclosure post byMatveychikov in the oss-security list spawned a discussion on whatconstitutes a vulnerability, and what is, instead, merely a bug.

Christian Schaller has posted anextensive look forward at the changes coming to the Fedora desktop."Another major project we been working on for a long time in FleetCommander. Fleet Commander is a tool to allow you to manage Fedora and RHELdesktops centrally. This is a tool targeted at for instance Universities orcompanies with tens, hundreds or thousands of workstation installation. Itgives you a graphical browser based UI (accessible through Cockpit) tocreate configuration profiles and deploy across your organization."

Security updates have been issued by Arch Linux (glibc and lib32-glibc), CentOS (glibc and kernel), Debian (eglibc, kernel, and libffi), openSUSE (exim, freeradius-server, libxml2, Mozilla based packages, and xorg-x11-server), Oracle (glibc and kernel), Scientific Linux (glibc and kernel), SUSE (glibc, kernel, and openvpn), and Ubuntu (eglibc, glibc, exim4, libnl3, linux, linux-meta, linux-aws, linux-meta-aws, linux-gke, linux-meta-gke, linux-hwe, linux-meta-hwe, linux-lts-xenial, linux-meta-lts-xenial, linux-meta-raspi2, linux-raspi2, and linux-meta-snapdragon, linux-snapdragon).

Normally, the -rc6 kernel testing release is not the place where one wouldexpect to find a 900-line memory-management change. As it happens, though,such a change was quietly merged immediately prior to the 4.12-rc6 release; indeed, it may have been thereal reason behind 4.12-rc6 coming out some hours later than would havebeen expected. This change is important, though, in that it addresses anewly publicized security threat that, it seems, is being activelyexploited.

Windows Management Instrumentation (WMI) is a vaguely defined mechanism forthe control of platform-specific devices; laptop functions like specialbuttons, LEDs, and the backlight are often controlled through WMIinterfaces. On Linux, access to WMI functions is restricted to the kernel,while Windows allows user space to use them as well. A recent proposal tomake WMI functions available to user space in Linux as well spawned aslow-moving conversation that turned on a couple of interesting questions —only one of which was anticipated in the proposal itself.

Debian Edu, also known as Skolelinux, is a Debian derivative aimed atmaking it easy to administrate a computer lab or a whole school network.Version 9 "Stretch" has been released. "Would you like to installservers, workstations and laptops which will then work together? Do you want thestability of Debian with network services already preconfigured? Do youwish to have a web-based tool to manage systems and several hundred or evenmore user accounts? Have you asked yourself if and how older computerscould be used? Then Debian Edu is for you."

Security updates have been issued by Arch Linux (chromium, firefox, and thunderbird), Debian (exim4, expat, firefox-esr, glibc, gnutls28, irssi, jython, and kernel), Fedora (dolphin-emu, firefox, golang, mariadb, perl-File-Path, redis, and yara), Mageia (firefox, kodi, and thunderbird), openSUSE (chromium and lynis), and SUSE (mercurial).

The 4.12-rc6 kernel prepatch is out fortesting. "The good news is that rc6 is smaller than rc5 was, and I think we'reback on track and rc5 really was big just due to random timing. We'llsee. Next weekend when I'm back home and do rc7, I'll see how I feelabout things. I'm still hopeful that this would be a normal releasecycle where rc7 is the last rc."

The AIMS desktop is aDebian-derived distribution aimed at mathematical and scientific use. Thisproject's first public release, based on Debian 9, is now available.It is a GNOME-based distribution with a bunch of add-on software."It is maintained by AIMS (The African Institute for MathematicalSciences), a pan-African network of centres of excellence enabling Africa’stalented students to become innovators driving the continent’s scientific,educational and economic self-sufficiency."

The Debian 9 "Stretch" release is now available. "Debian 9 isdedicated to the project's founder Ian Murdock, who passed away on 28December 2015." There are a lot of changes in this release,including a switch to MariaDB, the return of Firefox and Thunderbird underthose names, 90% reproducible-build coverage, a rootless X server, andmore.

The 4.11.6,4.9.33, and4.4.73 stable kernel updates are out with arelatively large set of important fixes. Greg Kroah-Hartman has also let itbe known that the next long-term stable kernel series will be 4.14.

On his blog, Jiri Konecny writes about plans for modularizing Anaconda, which is the installer for Fedora and other Linux distributions. Anaconda is written in Python 3, but is all contained in one monolithic program."The current Anaconda has one significant problem: all of the code is in one place--the monolith. It is more difficult to trace bugs and to a have a stable API. Implementing new features or modifying existing code in Anaconda is also more challenging. Modularisation should help with these things mainly because of isolation between the modules. It will be much easier to create tests for modules or to add new functionality.Modularisation also opens up new possibilities to developers. They should be able to create a new user interface easily. Since developers can rely on the existing API documentation, it should not be necessary to browse the source code tree very often. Another benefit is that an addon is like another module, communicating with other modules, so it has the same capabilities. Developers can use the public API to write their addons in their favourite programming language which supports DBus."