LWN.net

The LWN.net Weekly Edition for July 6, 2023 is available.

The6.4.2,6.3.12,6.1.38, and5.15.120stable kernel updates have all been released; each contains another set ofimportant fixes.

The i_versionfield in structinodeis meant to track changes to the data or metadata of a file. There aresome problems with the way thati_version is being handled in the kernel, so Jeff Layton led a filesystem session at the2023 Linux Storage, Filesystem,Memory-Management and BPF Summit to discuss them and what to doabout them. For the most part, there are solutions in the works that willresolve most of the larger issues.

Ruihan Li has discloseda significant vulnerability introduced into the 6.1 kernel:

Termux is an Android app thatprovides a Linux environment and terminal emulator for such devices. Mostcommand-line software can be used quite easily with Termux, and GUI software can be run by installing a few extra apps. It is an excellentoption for Android users who want to run Linux software occasionally on adevice more portable than a laptop but do not want to use a dedicated Linuxphone due to the cost or limitations of such devices.

The LXD container-management system is no longer a part of the linuxcontainers.org project:

Security updates have been issued by Fedora (firefox and python-reportlab), Slackware (mozilla), SUSE (dnsdist, grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python- cryptography-vectors, python-google-api-core, pyt, kernel, kubernetes1.18, libdwarf, python311, qt6-base, rmt-server, and virtualbox), and Ubuntu (containerd, firefox, and python-django).

Joe "Zonker" Brockmeier has been a part of the Linux community for decades;he is now using that experience to write a series on "Red Hat and the CloneWars". The first two episodes were RedHat and the Clone Wars and Ahistory of the early 2000s Linux landscape; the latest is Thedawn of CentOS:

Version115 of the Firefox browser has been released. New features includesupport for hardware video decoding on Intel GPUs on Linux and a new"close" option on the tab-manager dropdown. This release is also the endof the line for Windows7 and8 support, and for macOS 10.12,10.13, and 10.14 support as well.

Chuck Lever led a filesystem session at the2023 Linux Storage, Filesystem,Memory-Management and BPF Summit on the Linux NFS server, which is alsoknown as NFSD. He wanted to talk about converting the network filesystemto use iomap; that kind ofconversionwas the topic of the previous session atthe summit. Beyond that, he wanted to discuss using folios, which has beena frequent topic at recent LSFMM+BPF gatherings, including this year.

Security updates have been issued by Debian (ghostscript), Fedora (apache-ivy, chromium, golang-github-schollz-croc, golang-github-schollz-mnemonicode, and webkitgtk), SUSE (amazon-ecs-init, dnsdist, libcap, python-tornado, terraform, and xmltooling), and Ubuntu (imagemagick, openldap, php7.4, php8.1, and screen).

The C language is expressive in many ways, but it still does not have waysto express many of the relationships between fields in a data structure.That gap can be at least partially filled, though, if one is willing tocreate and use non-standard extensions. The adoption of of thoseextensions, in the form of the __counted_by() macro, has beenmerged for the 6.5 kernel release, even though the compiler feature itdepends on has not yet been finalized.

Version 5.38.0 of the Perl language is out. "Perl 5.38.0 representsapproximately 12 months of development since Perl 5.36.0 and containsapproximately 290,000 lines of changes across 1,500 files from 100authors." Significant changes include a new class feature,Unicode 15.0 support, a new API for hooking into functions, and more; seethe5.38.0 perldelta page for details.

Security updates have been issued by Debian (cups, gst-plugins-bad1.0, gst-plugins-base1.0, gst-plugins-good1.0, python3.7, and yajl), Fedora (chromium, kubernetes, pcs, and webkitgtk), Scientific Linux (open-vm-tools), SUSE (iniparser, keepass, libvirt, prometheus-ha_cluster_exporter, prometheus-sap_host_exporter, rekor, terraform-provider-aws, terraform-provider-helm, and terraform-provider-null), and Ubuntu (python-reportlab and vim).

The6.4.1,6.3.11, and6.1.37stable kernels have been released; each contains another set of importantfixes.

The first days of the 6.5 merge window have been a bit calmer than usual,with "only" 4,000 non-merge changesets having been pulled into the mainlinerepository. Those changesets include a fair amount of significant work,though. Read on for LWN's summary of the first set of changes merged forthe next major kernel release.

The Register reportsfrom Jii Benc's DevConf.cz talk on the making of the CentOS Streamkernel.

Security updates have been issued by Debian (docker-registry, flask, systemd, and trafficserver), Fedora (moodle, python-reportlab, suricata, and vim), Red Hat (go-toolset and golang, go-toolset-1.19 and go-toolset-1.19-golang, go-toolset:rhel8, open-vm-tools, python27:2.7, and python3), SUSE (buildah, chromium, gifsicle, libjxl, sqlite3, and xonotic), and Ubuntu (linux, linux-allwinner, linux-allwinner-5.19, linux-aws, linux-aws-5.19, linux-azure, linux-gcp, linux-gcp-5.19, linux-hwe-5.19, linux-ibm, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi, linux-starfive, linux-starfive-5.19, linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-azure, linux-azure-5.15, linux-azure-5.4, linux-azure-fde-5.15, linux-bluefield, linux-gcp, linux-gcp-5.15, linux-gcp-5.4, linux-gke, linux-gke-5.15, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, and linux-oem-6.1).

The Emacs editor is not tied to the Linux kernel; indeed, it was createdsome years before Linux existed. The Emacs code base is intended to beportable, and the editor runs, with varying levels of support, on a widevariety of systems. Recently, an energetic developer has worked to extendthe set of supported systems to Android; the result is a working port, butwhether that port will be accepted into the Emacs mainline is the topic ofongoing conversation.

Security updates have been issued by Debian (chromium and maradns), SUSE (iniparser, kubernetes1.23, python-reportlab, and python-sqlparse), and Ubuntu (accountsservice and linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon).

The LWN.net Weekly Edition for June 29, 2023 is available.

JupyterLab is aweb-based development environment widely used by data scientists,engineers, and educators for data visualization, data analysis,prototyping, and interactive learning materials. The Jupyter community has recently announced therelease of JupyterLab4.0, introducing lots of new features and performanceimprovements to enhance its capabilities both in research and educationalsettings.

The6.3.10,6.1.36,5.15.119,5.10.186,5.4.249,4.19.288, and4.14.320stable kernels have all been released; each contains another set ofimportant fixes.

Security updates have been issued by Mageia (docker-docker-registry, libcap, libx11, mediawiki, python-requests, python-tornado, sofia-sip, sqlite, and xonotic), Red Hat (kernel, kernel-rt, kpatch-patch, libssh, libtiff, python27:2.7, python39:3.9, python39-devel:3.9, ruby:2.7, sqlite, systemd, and virt:rhel, virt-devel:rhel), SUSE (bind, cosign, guile1, lilypond, keepass, kubernetes1.24, nodejs16, nodejs18, phpMyAdmin, and sqlite3), and Ubuntu (etcd).

A discussion that largely centered around the documentation ofiomap, which provides a block-mapping interface for modern filesystems,was led by Luis Chamberlain at the2023 Linux Storage, Filesystem,Memory-Management and BPF Summit. There is an ongoing process ofconverting filesystems to use iomap, in order to leave buffer heads behind and to better support folios, sothe intent was to get feedback on the documentation from developers who areworking on those conversions. One of the concrete outcomes of the sessionwas a plan to move that documentation from its current location on theKernelNewbies wiki intothe kernel documentation.

Faith Ekstrand has providedan update on the status of the NVKVulkan driver for NVIDIA GPUs.

Security updates have been issued by Debian (c-ares and libx11), Fedora (chromium and kubernetes), Red Hat (python3 and python38:3.8, python38-devel:3.8), and SUSE (amazon-ssm-agent, kernel, kubernetes1.24, libvirt, nodejs16, openssl-1_1, and webkit2gtk3).

Red Hat's Mike McGrath respondsto the many criticisms aimed at the company since it changed its policyregarding RHEL source code.

The 6.4 kernel was releasedon June25 after a nine-week development cycle. By that point, 14,835non-merge changesets had been pulled into the mainline kernel, a slightincrease from 6.3 (14,424 changesets) but still lower than many otherdevelopment cycles. As usual, LWN has taken a look at those changesets,who contributed them, and what the most active developers were up to.

Security updates have been issued by Debian (bind9 and owslib), Fedora (dav1d, dotnet6.0, dotnet7.0, mingw-dbus, vim, and wabt), and SUSE (cloud-init and golang-github-vpenso-prometheus_slurm_exporter).

Linus has released the 6.4 kernel.

Over on the Software Freedom Conservancy blog, Policy Fellow and Hacker-in-Residence Bradley M. Kuhn analyzes the recent changes to Red Hat Enterprise Linux (RHEL) source availability in light of the GPL. It contains some interesting information about two alleged GPL violations that came about because the company's business model is structured in a way that brings it too close to non-compliance with the license, he said:

The final day of the2023 Linux Storage, Filesystem,Memory-Management and BPF Summit featured three separate sessions led byLuis Chamberlain (he also led a plenary onday two); the first of those was a filesystem session on the status of thekthread-freezer-removal effort. The kthread freezer is meant to helpfilesystems freeze their state in order tosuspend or hibernate the system, but since at least2015, the freezer has been targeted for removal. Thingsdid not change much a year later, nor by LSFMM in2018 when Chamberlain had picked up Jiri Kosina's removaleffort; this year, Chamberlain was back to try to push things along.

The fifth conference on PowerManagement and Scheduling in the Linux Kernel (abbreviated "OSPM") washeld on April17 to19 in Ancona, Italy. LWN was not there,unfortunately, but the attendees of the event have gotten together to writeup summaries of the discussions that took place and LWN has the privilegeof being able to publish them. Reports from the third and final day of theevent appear below.

Security updates have been issued by Debian (asterisk, lua5.3, and trafficserver), Fedora (tang and trafficserver), Oracle (.NET 7.0, c-ares, firefox, openssl, postgresql, python3, texlive, and thunderbird), Red Hat (python27:2.7 and python39:3.9 and python39-devel:3.9), Scientific Linux (c-ares), Slackware (cups), SUSE (cups, dav1d, google-cloud-sap-agent, java-1_8_0-openjdk, libX11, openssl-1_0_0, openssl-1_1, openssl-3, openvswitch, and python-sqlparse), and Ubuntu (cups, dotnet6, dotnet7, and openssl).

The AlmaLinux organization has posted a messagedescribing the impact of Red Hat's decision to stop releasing the source tothe RHEL distribution and how AlmaLinux will respond.

The quest to enable limited use of BPF features in unprivileged processescontinues. In the previous episode, anattempt to use authoritative Linux security module (LSM) hooks for thispurpose was strongly rejected by the LSM developers. BPF developer AndriiNakryiko has now returned with a new mechanism based on aprivilege-conveying token. That approach, too, has run into someresistance, but a solution for the strongest concerns might be in sight.

Security updates have been issued by Debian (avahi, hsqldb, hsqldb1.8.0, minidlna, trafficserver, and xmltooling), Oracle (.NET 6.0, .NET 7.0, 18, c-ares, firefox, kernel, less, libtiff, libvirt, python, python3.11, texlive, and thunderbird), Red Hat (c-ares, kernel, kernel-rt, kpatch-patch, less, libtiff, libvirt, openssl, and postgresql), Slackware (bind and kernel), SUSE (bluez, curl, geoipupdate, kernel, netty, netty-tcnative, ntp, open-vm-tools, php8, python-reportlab, rustup, Salt, salt, terraform-provider-aws, terraform-provider-null, and webkit2gtk3), and Ubuntu (bind9, linux-aws, linux-azure, linux-bluefield, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-kvm, linux-oracle, linux-raspi, linux-azure, linux-gcp, linux-ibm, linux-kvm, linux-oracle, and linux-ibm).

The LWN.net Weekly Edition for June 22, 2023 is available.

Kernel support for copy offload is a feature that has been floating aroundin limbo for a decade or more at this point; it has been implemented along the way, but never merged. The idea is that the hostsystem can simply ask a block storage device to copy some data within the deviceand it will do so without further involving the host; instead of reading data intothe host so that it can be written back out again, the device circumventsthat process. At the2023 Linux Storage, Filesystem,Memory-Management and BPF Summit, Nitesh Shetty led a storage andfilesystem session to discuss the current status of a patch set that he andothers have been working on, with aneye toward getting something merged fairly soon.

Red Hat has announcedthat public source releases will be restricted to CentOS Stream goingforward:

The6.3.9,6.1.35,5.15.118,5.10.185,5.4.248,4.19.287, and4.14.319stable kernel updates have all been released; each contains another set ofimportant fixes.

Running a Linux distribution on Arm-based single-board computers (SBCs)is still not as easy as on x86 systems because many Arm devices require avendor-supplied kernel, a patched bootloader, and other device-specificcomponents. One distribution that addresses this problem is Armbian, which offers Debian- andUbuntu-based distributions formany devices. The headline feature in the recent release, Armbian23.05, which came at the end of May, is a major rework of the buildframework that has been made faster and more reliable after three years ofdevelopment.

Security updates have been issued by Debian (libfastjson, libx11, opensc, python-mechanize, and wordpress), SUSE (salt and terraform-provider-helm), and Ubuntu (firefox, libx11, pngcheck, python-werkzeug, ruby3.1, and vlc).

Backporting fixes to stable kernels is an ongoing process that, in general,is handled by the stable maintainers or the developers of the fixes.However, due to some unhappiness in the XFS developmentcommunity with the process of handling stable fixes for that filesystem,a different process has come about for backporting XFS patches to thestable kernels. The three developers doing that work, Leah Rumancik, AmirGoldstein, and Chandan Babu Rajendra, led a plenary session at the 2023 Linux Storage, Filesystem,Memory-Management and BPF Summit (with Rajendraparticipating remotely) to discuss that process.

The Rust project has announcedthe formation of the Rust Leadership Council, which will take the place ofthe existing Core Team and Leadership Chat groups.

Security updates have been issued by Debian (libxpm and php7.3), Fedora (chromium), Mageia (kernel, kernel-linus, and sysstat), Red Hat (c-ares), SUSE (libwebp), and Ubuntu (cups-filters, libjettison-java, and libsvgpp-dev).

Drew DeVault has announcedthe launch of a new web sitethat is intended to be a better introduction to the free-softwarecommunity.

In the fast-moving open-source world, programs can come and go quickly; atool that has many users today can easily be eclipsed by something betternext week. Even in this environment, though, some programs endure for along time. As an example, consider thePostgreSQL database system, which traces itshistory back to 1986. Making fundamental changes to a large code basewith that much history is never an easy task. As fundamental changes go,moving PostgreSQL away from its process-oriented model is not a small one,but it is one that the project is considering seriously.

Security updates have been issued by Debian (golang-go.crypto, maradns, requests, sofia-sip, and xmltooling), Fedora (chromium, iaito, iniparser, libX11, matrix-synapse, radare2, and thunderbird), Red Hat (c-ares, jenkins and jenkins-2-plugins, and texlive), SUSE (bluez, chromium, go1.19, go1.20, jetty-minimal, kernel, kubernetes1.18, kubernetes1.23, kubernetes1.24, libX11, open-vm-tools, openvswitch3, opera, syncthing, and xen), and Ubuntu (libcap2, libpod, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi, linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.19, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi, linux, linux-aws, linux-lowlatency, linux-raspi, linux-oem-5.17, linux-oem-6.1, pypdf2, and qemu).