LWN.net

Version 5.0 of theGNU Health Hospital Information System has been released. This project,working to support medical offices, shows just how far the free-softwareeffort can reach. Changes in this release include improved reporting andanalytics, more comprehensive handling of many types of patientinformation, a reworked medical-imaging subsystem, better insurance andbilling functionality, and more.

Transparent huge pages (THPs) are, theoretically, supposed to allow processes tobenefit from larger page sizes without changes to their code. This does work,but the performance impacts from THPs are not always a benefit, so systemadministrators with specific knowledge of their workloads may want the abilityto fine-tune THPs to the application. On May15, Usama Arifshared a patch set that would add aprctl() option for setting THP defaults for a process; that patchset has sparked discussion about whether such a setting is a good fit forprctl(), and what alternative designs may work instead.

The extensible scheduler class("sched_ext") allows the loading of a custom CPU scheduler into the kernelas a set of BPF functions; it was merged for the 6.12 kernel release.Since then, sched_ext has enabled a wide range of experimentation withscheduling algorithms. At the 2025 OpenSource Summit North America, Ching-Chun ("Jim") Huang presented workthat has been done to apply (local) machine learning to the problem ofscheduling processes on complex systems.

The OsmAnd map and navigation app project recently celebrated its 15thanniversary.

Security updates have been issued by AlmaLinux (delve, emacs, gimp, gimp:2.8, glibc, idm:DL1, ipa, iputils, kernel, krb5, libarchive, libblockdev, libxml2, mod_proxy_cluster, osbuild-composer, pam, perl-File-Find-Rule, perl-YAML-LibYAML, qt5-qtbase, weldr-client, xorg-x11-server and xorg-x11-server-Xwayland, and xorg-x11-server-Xwayland), Debian (mbedtls and sudo), Oracle (.NET 8.0, delve, delve, golang, firefox, ghostscript, glibc, golang, grafana, iputils, kernel, krb5, libarchive, libblockdev, nodejs22, ruby, thunderbird, tomcat, tomcat9, unbound, and wireshark), Red Hat (glibc and mod_auth_openidc), Slackware (sudo), SUSE (gpg2, ImageMagick, iputils, jakarta-commons-fileupload, kernel, libblockdev, libsoup, open-vm-tools, pam, python-tornado6, screen, sudo, and xwayland), and Ubuntu (linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime, linux-gcp, linux-gcp-6.8, linux-hwe-5.4, linux-oem-6.11, and sudo).

A changeproposal to end support for 32-bit x86 (i686) applications on thex86_64 architecture with the Fedora44 release has been withdrawnafter significant pushback. As proposed, the change could havehad a significant impact on gamers, compiler development, and the Bazzite project, which uses Fedora as abase for a gaming-focused distribution. While i686 gets a reprieve fornow, the question still lingers: who is going to keep the necessaryi686 packages in working order when few upstream maintainers orvolunteer packagers care about the architecture?

Security updates have been issued by AlmaLinux (mod_proxy_cluster), Debian (catdoc, chromium, nagvis, and sudo), Fedora (chromium, gum, kubernetes1.32, moodle, podman, python3-docs, python3.13, salt, and tigervnc), Mageia (x11-server, x11-server-xwayland & tigervnc), Oracle (apache-commons-beanutils, exiv2, expat, firefox, git, git-lfs, gstreamer1-plugins-bad-free, ipa, java-21-openjdk, kea, kernel, libarchive, libblockdev, libsoup3, libvpx, libxslt, mod_auth_openidc, nodejs22, osbuild-composer, perl, perl-File-Find-Rule, php, python-jinja2, python-tornado, sqlite, thunderbird, valkey, varnish, weldr-client, xorg-x11-server-Xwayland, xz, and yggdrasil), Red Hat (apache-commons-beanutils, javapackages-tools:201801, kernel, and python3.11), SUSE (apache-commons-fileupload, gimp, glib2, himmelblau, nvidia-open-driver-G06-signed, sqlite3, thunderbird, yelp, and yelp-xsl), and Ubuntu (samba).

Linus has released 6.16-rc4 for testing."Despite a fairly large merge window, things continue to look fairlycalm on the rc front".

In 2023, Fujita Tomonoriwrote a Rust version of the existing driver for theAsix AX88796B embedded Ethernet controller. At slightly more than 100 lines,it's about as simple as a driver can be, and therefore is a useful touchstone forthe differences between writing Rust and C in the kernel. Looking at the Rustsyntax, types, and APIs used by the driver and contrasting them with the Cversion will help illustrate those differences.

The history of the bcachefs filesystem in the kernel has been turbulent,most recently with Linus Torvalds refusinga pull request for the 6.16-rc3 release. Torvalds has now pulledthe code in question, but also said:

Kernel versions6.15.4,6.12.35,6.6.95,6.1.142,5.15.186,5.10.239, and5.4.295 have all been released.

Security updates have been issued by Debian (freeradius and icu), Fedora (clamav, glow, libssh, perl-Crypt-OpenSSL-RSA, perl-CryptX, podman, trafficserver, and xorg-x11-server), Mageia (gdk-pixbuf2.0 and thunderbird), Red Hat (osbuild-composer and weldr-client), SUSE (afterburn, google-osconfig-agent, libblockdev, pam, python-tornado6, screen, and yelp-xsl), and Ubuntu (libxslt and python-pip).

Version1.88.0 of the Rust language has been released. Changes include theability to chain let expressions, "naked" functions that have nocompiler-generated prologue or epilogue, automatic garbage collection incargo, a set of stabilized APIs, and more.

Version10 of the Oracle Linux distribution has been released.

Over on the Collabora blog, Tathagata Roy has an updateon the progress of targeting the Coccinelle toolfor matching and transforming source code to Rust. The Coccinelle for Rustproject, which we covered in a 2024talk by Roy at Kangrejos, is addingthe ability to transform Rust programs and the goal is "to bringCoccinelle For Rust at par with Coccinelle For C in terms of basicfunctionalities". There is still work to be done to get there, butprogress is being made in various areas.

Kernel development and machine learning seem like vastly different areas ofendeavor; there are not, yet, stories circulating about the vibe-coding ofnew memory-management algorithms. There may well be places where machinelearning (and large language models - LLMs - in particular) prove to behelpful on the edges of the kernel project, though. At the 2025North-American edition of the Open Source Summit, Sasha Levin presentedsome of the work he has done putting LLMs to work to make the kernel better

Security updates have been issued by Debian (firefox-esr and libxml2), Fedora (firefox, libtpms, and tigervnc), Mageia (chromium-browser-stable and nss & firefox), Oracle (emacs, iputils, kernel, krb5, libarchive, mod_proxy_cluster, pam, perl-File-Find-Rule, perl-YAML-LibYAML, and qt5-qtbase), Red Hat (opentelemetry-collector, osbuild-composer, and weldr-client), SUSE (clamav, firefox, go1.24-openssl, and helm), and Ubuntu (libarchive, linux-azure, linux-azure-5.4, linux-azure-fips, linux-fips, linux-azure-nvidia, linux-oracle, linux-oracle-6.8, linux-raspi, linux-raspi-realtime, linux-xilinx-zynqmp, and python-urllib3).

Inside this week's LWN.net Weekly Edition:

The NLnet Foundation has announceda new group of projects receiving funding through the NextGeneration Internet (NGI) Zero Commons Fund.

Libxml2, anXML parser and toolkit, is an almost perfect example of the successesand failures of the open-source movement. In the 25 years since itsfirst release, it has been widely adopted by open-source projects, foruse in commercial software, and for government use. It alsoillustrates that while many organizations love using open-source software,far fewer have yet to see value in helping to sustain it. That has ledlibxml2's current maintainer to reject security embargoes and sparkeda discussion about maintenance terms for free and open-sourceprojects.

One of the biggest changes to come to the Python world is the addition of the free-threadinginterpreter, which eliminates the globalinterpreter lock (GIL) that kept the interpreter thread-safe, but alsoserialized multi-threaded Python code. Over the years, the GIL has been asource of complaints about the scalability of Python code usingthreads, so many developers have been looking forward to the change, whichhas been an experimental feature since Python 3.13was released in October 2024. Making the free-threaded version workwith the rest of the Python ecosystem, especially native extensions, is anongoing effort, however; Nathan Goldbaum and Lysandros Nikolaou spoke at PyCon US 2025 about those efforts.

It took time and the writing of over 60 articles, but LWN's coverage fromthe 2025 Linux Storage, Filesystem,Memory-Management, and BPF Summit is now complete. We have also madean EPUB book (13MB) containingthe full set of coverage available to all readers. This coverageconstitutes the definitive guide to the challenges that these core-kernelcommunities are facing and their development plans for the coming year.Documenting an event of this intensity at such a detailed level is not asmall undertaking. We are grateful to the Linux Foundation for funding ourtravel to our event and, especially, to LWN's subscribers for making thewhole thing possible. If you appreciate this type of coverage and have notyet subscribed, please sign up today to help makemore of it possible.

Security updates have been issued by Debian (commons-beanutils, dcmtk, nginx, trafficserver, and xorg-server), Fedora (atuin, awatcher, dotnet8.0, firefox, glibc, gotify-desktop, keylime-agent-rust, libtpms, mirrorlist-server, qt6-qtbase, qt6-qtimageformats, udisks2, xorg-x11-server, and xorg-x11-server-Xwayland), Mageia (apache-mod_security, clamav, docker, python-django, tomcat, udisks2, and yarnpkg), Oracle (firefox, libblockdev, mod_auth_openidc, perl-FCGI, perl-YAML-LibYAML, tigervnc, and xorg-x11-server and xorg-x11-server-Xwayland), Slackware (libssh and mozilla), SUSE (gimp, gstreamer-plugins-good, icu, ignition, kernel, pam-config, perl-File-Find-Rule, python311, and webkit2gtk3), and Ubuntu (linux, linux-aws, linux-aws-6.8, linux-gke, linux-gkeop, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux, linux-gcp, linux-raspi, linux-realtime, linux-aws, linux-azure, linux-azure, linux-azure-6.8, linux-azure-5.15, linux-azure-fips, and linux-realtime).

Version140.0 of the Firefox browser has been released. Changes include morecontrol over vertical tabs, a dialog to add custom search engines,improvements to translation performance, and more.

Working on the kernel can be a challenging task but, for many,configuring a kernel build can be the largest obstacle to gettingstarted. The kernel has thousands of configuration options; many of those,if set incorrectly, will result in a kernel that does not work on thetarget system. The key to helping users with complex configurationproblems is to provide reasonable defaults but, in the kernel community,there is currently little consensus around what those defaults should be.

Security updates have been issued by Debian (dns-root-data and xorg-server), Fedora (glibc, mingw-glib2, and optipng), Red Hat (iputils, kernel, kernel-rt, krb5, libarchive, mod_auth_openidc, mod_proxy_cluster, and xorg-x11-server-Xwayland), SUSE (python313), and Ubuntu (fig2dev, gnuplot, gss-ntlmssp, linux, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-kvm, linux-lowlatency, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-oracle, linux-aws-5.15, linux-gcp-5.15, linux-ibm-5.15, linux-lowlatency-hwe-5.15, linux-oracle-5.15, linux-aws-fips, linux-fips, linux-gcp-fips, linux-hwe-5.15, and linux-intel-iot-realtime, linux-realtime).

KDE contributor Nate Graham recently wroteabout the KDE Project's plans for Plasma's X11 session. He notes thatthe project will continue to ensure that Plasma "continues tocompile and deploy on X11" and isn't horribly broken. Majorregressions will probably be fixed, eventually, but the writing is onthe wall:

The postmarketOS project,which creates a Linux distribution for mobile devices, announcedit was working on adding a version with systemd last March. That dayhas arrived with the announcementof version 25.06:

Adrian Vovk, a GNOME contributor and member of its releaseteam, recently announcedin a blog post that GNOME would be adding new dependencies on systemd, and soon. The idea is to shedGNOME's homegrown service manager in favor of using systemd, and toimprove GNOME's ability to run concurrent user sessions. However, themove is also going to throw a spanner in the works for the BSDs andLinux distributions without systemd when the changes take effect inthe GNOME49 release that is set for September.

The Collabora blog has a summary,written by Nicolas Dufresne, about the LinuxMedia Summit held on May 13 in Nice, France. It was co-located withthe Embedded Recipesconference and had sessions on stateless video encoders, camera support,staging drivers, memory accounting, and a multi-committer model for themedia subsystem."Our largest Media Summit to date brought together around 20 engaged participants. Engagement was strong, marked by thoughtful questions and lively discussions."

Security updates have been issued by AlmaLinux (libblockdev and open-vm-tools), Debian (debian-security-support, gdk-pixbuf, konsole, and node-send), Fedora (apache-commons-beanutils, chromium, clamav, dotnet9.0, libblockdev, mediawiki, mingw-python-setuptools, pam, perl-File-Find-Rule, python-pycares, python-setuptools, spdlog, udisks2, and xorg-x11-server-Xwayland), Mageia (chromium-browser-stable), Oracle (apache-commons-beanutils, container-tools:ol8, gimp:2.8, idm:DL1, perl-FCGI:0.78, and postgresql), Red Hat (container-tools:rhel8, delve, git-lfs, go-toolset:rhel8, grafana, kernel, mod_auth_openidc, and spice-client-win), SUSE (apache-commons-beanutils, apache2-mod_security2, distribution, gstreamer-plugins-good, icu, ignition, perl, python310, python311, python312, and python39), and Ubuntu (apache-log4j1.2 and botan).

Linus has released 6.16-rc3 for testing."So rc2 was smaller than usual, but rc3 seems to be right in the usualballpark for this time, so everything looks entirely normal."

The Linux kernel is seeing a steady accumulation of Rust code. As it becomesmore prevalent, maintainers may want to know how to read, review, and test theRust code that relates to their areas of expertise. Just as kernel C code isdifferent from user-space C code, so too is kernel Rust code somewhat differentfrom user-space Rust code. That fact makes Rust'sextensive documentation ofless use than it otherwise would be, and means that potential contributors withuser-space experience will need some additional instruction.This article is the first in a multi-part series aimed at helping existingkernel contributors become familiar with Rust, and helping existing Rustprogrammers become familiar with what the kernel does differently from thetypical Rust project.

A new filesystem was the topic of a session led by Zach Brown atthe 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit(LSFMM+BPF). The ngnfsfilesystem is not a "next generation" NFS, as might be guessed from thename; Brown said that he did not think about that linkage("I hate naming so much") until it was pointed out to him by ChuckLever in an email. It is, instead, a filesystem for enormous data setsthat are mostly stored offline.

Debian's long-awaited tag2upload service isnow ready for Debian maintainers to use in some circumstances. Tag2upload makes it easier for maintainers to upload packages, by allowing them to push a signed Git commit that will automatically be picked up and built, instead of pushing a build from their local machine. LWN covered thediscussion around the service in July of last year. With the timing of its readiness, it's likely to become more useful once Debian 13 ("trixie") is released.

Security updates have been issued by SUSE (apache2-mod_security2, augeas, ghc-pandoc, gstreamer, ignition, kernel, libblockdev, libxml2, nodejs20, openssl-3, pam_pkcs11, perl, python3, systemd, ucode-intel, webkit2gtk3, and xen) and Ubuntu (linux, linux-aws, linux-aws-5.4, linux-azure, linux-gcp, linux-gcp-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp, linux-aws-fips, linux-gcp-fips, python3.13, python3.12, and roundcube).

Asterinas is a newLinux-ABI-compatible kernel project written in Rust, based on what theauthors call a "framekernel architecture". The project overlaps somewhatwith the goals of the Rust for Linuxproject, but approaches the problem space from a different direction bytrying to get the best from both monolithic and microkernel designs.

Greg Kroah-Hartman has announced the release of the 6.15.3, 6.12.34, and 6.6.94 stable kernels. Each contains arelatively large number of important fixes throughout the kernel tree.

Security updates have been issued by AlmaLinux (gvisor-tap-vsock), Debian (activemq and chromium), Fedora (kea, python-django4.2, python-django5, python-setuptools, and rust-git-interactive-rebase-tool), Oracle (ipa and kernel), Red Hat (buildah, container-tools:rhel8, containernetworking-plugins, git-lfs, go-toolset:rhel8, golang, golang-github-openprinting-ipp-usb, grafana, grafana-pcp, gvisor-tap-vsock, podman, and skopeo), Slackware (libblockdev and xorg), SUSE (gdm, gstreamer-plugins-base, ignition, kernel, pam, redis, s390-tools, screen, systemd, and xorg-x11-server), and Ubuntu (godot, golang-1.22, libblockdev, node-express, pam, samba, and udisks2).

Inside this week's LWN.net Weekly Edition:

The POSIXrealtime model, which is implemented in the Linux kernel, can ensurethat a realtime process obtains the CPU time it needs to get its job done.It can be less effective, though, when there are multiple realtimeprocesses competing for the available CPU resources. The hierarchicalconstant bandwidth server patch series, posted by Yuri Andriaccio withwork by Luca Abeni, Alessio Balsini, and Andrea Parri, is a modification tothe Linux scheduler intended to make it possible to configure systems withmultiple realtime tasks in a deterministic and correct manner.

The Lustre filesystem has a longhistory, some of which intersects with Linux. It was added to the stagingtree in 2013, but was bounced out ofstaging in 2018, due to a lack of progress and a development modelthat was incompatible with the kernel's. Lustre may be working its wayback into the kernel, though. In a filesystem-track session atthe 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit(LSFMM+BPF), Timothy Day and James Simmons led a discussion on how to getLustre into the mainline.

The KDE Project has announced thePlasma 6.4 release. New features include more flexible tilingfeatures, improvements to the Spectacle screen capture utility, anumber of accessibility enhancements, and much more. See the changelogfor a complete list of new features, enhancements, and bug fixes.

Security updates have been issued by Debian (gst-plugins-bad1.0, konsole, and libblockdev), Oracle (buildah, containernetworking-plugins, gimp, git-lfs, gvisor-tap-vsock, kernel, libvpx, podman, and skopeo), Red Hat (apache-commons-beanutils and thunderbird), Slackware (xorg), SUSE (gdm, golang-github-prometheus-alertmanager, golang-github-prometheus-node_exporter, golang-github-prometheus-prometheus, govulncheck-vulndb, grafana, kernel, Multi-Linux Manager, Multi-Linux Manager Client Tools, openssl-3, pam, python-cryptography, python-requests, python-setuptools, python3-requests, SUSE Manager Server, systemd, ucode-intel, xorg-x11-server, and xwayland), and Ubuntu (dwarfutils, mujs, node-katex, xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04, and xorg-server, xwayland).

The fundamental concept of checkpoint/restore is elegant: capture aprocess's state and resurrect it later, perhaps elsewhere. Checkpointingmeticulously records a process's memory, open files, CPU state, and more into asnapshot. Restoration then reconstructs the process from this state. Thisestablished technique faces new challenges with GPU-accelerated applications,where low-latency restoration is crucial forfaulttolerance, live migration, andfast startups. Recently, the restore process for AMD GPUs has been redesigned toeliminate substantial bottlenecks.

Accessibility features and the work that goes into developing those featuresoften tend to be overlooked and are poorly understood by all but the people who actuallydepend on such features. At Fedora's annual developer conference, Flock, Luka Tyrychtr sought toimprove understanding and raise awareness about accessibility with his session on accessibilitybarriers and screen-reader functionality in GNOME. His talk provided rare insightinto the world of using and developing open-source software for visually-impairedusers-including landing important accessibility improvements inthe latest GNOME release.

Security updates have been issued by AlmaLinux (.NET 8.0, .NET 9.0, buildah, containernetworking-plugins, firefox, gstreamer1-plugins-bad-free, libsoup3, podman, skopeo, sqlite, thunderbird, unbound, valkey, varnish, and xz), Debian (webkit2gtk), Fedora (fido-device-onboard, python-django4.2, rust-git-interactive-rebase-tool, and thunderbird), Red Hat (libsoup), Slackware (libxml2), SUSE (java-11-openjdk, kernel, and wireshark), and Ubuntu (c3p0, dojo, python-django, python3.13, python3.12, python3.11, python3.10, python3.9, python3.8, python3.7, python3.6, and requests).

The Kubernetes project has announcedthat it will be losing its "special status" with the Slack communication platform and will bedowngraded to the free tier in a matter of days:

Version2.50.0 of the Git source-code management system has been releasedwith a long list of new user features, performance improvements, andbug fixes. See the announcement and thisGitHub blog post for details.

At the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit(LSFMM+BPF), Anna Schumaker led a discussion about implementing the NFSv4.2 WRITE_SAMEcommand in both the NFS client and server. WRITE_SAME ismeant to write large amounts of identical data (e.g. zeroes) to the serverwithout actually needing to transfer all of it over the wire. In her topicproposal, Schumaker wondered whether other filesystems needed thefunctionality, so that it should be implemented at the virtual filesystem(VFS) layer, or whether it should simply be handled as an NFS-specific ioctl().