LWN.net

Linus Torvalds released6.3-rc1 and closed the 6.3 merge window as expected on March 5.By that time, 12,717 non-merge commits (and 848 merges) had found theirway into the mainline kernel; nearly 7,000 of those commits came in after the first-half merge-window summary waswritten. The second half of the 6.3 merge window was thus a busy time,with quite a bit of new functionality landing in the mainline.

Heise interviewsMiguel Ojeda about the Rust-for-Linux project.

Security updates have been issued by Debian (apache2, libde265, libreswan, spip, syslog-ng, and xfig), Fedora (edk2, libtpms, python-django3, stb, sudo, vim, and xen), Red Hat (libjpeg-turbo and pesign), SUSE (kernel, python36, samba, and trivy), and Ubuntu (linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux, linux-aws, linux-dell300x, linux-gcp-4.15, linux-oracle, linux-aws-hwe, linux-oracle, and linux-bluefield).

The 6.3-rc1 kernel prepatch is out, and themerge window is closed for this development cycle.

On March 7, 2003, a struggling company called The SCO Group filed a lawsuit against IBM, claiming that thesuccess of Linux was the result of a theft of SCO's technology. Twodecades later, it is easy to look back on that incident as a somewhathumorous side-story in the development of Linux. At the time, though, itshook our community to its foundations. It is hard to overestimate howmuch the community we find ourselves in now was shaped by a ridiculouslawsuit 20 years ago.

Thorsten Kukuk demonstratesthat we are not done with year-2038 problems yet.

Greg Kroah-Hartman has announced the release of the 6.2.2, 6.1.15,5.15.97, 5.10.171, 5.4.234, and 4.19.275 stable kernels. All contain arelatively small number of important fixes.Update:5.15.98 and5.10.172have subsequently been released with an io_uring fix.

Security updates have been issued by Debian (linux-5.10 and node-css-what), SUSE (gnutls, google-guest-agent, google-osconfig-agent, nodejs10, nodejs14, nodejs16, opera, pkgconf, python-cryptography, python-cryptography-vectors, rubygem-activesupport-4_2, thunderbird, and tpm2-0-tss), and Ubuntu (git, kernel, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-hwe-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.19, linux-ibm, linux-lowlatency, linux-oracle, linux-azure-fde, linux-oem-5.14, linux-oem-5.17, linux-oem-6.0, linux-oem-6.1, php7.0, python-pip, ruby-rack, spip, and sudo).

While the 6.3 kernel has gained more support for the Rust language, itstill remains true that there is little that can be done in Rust beyond thecreation of a "hello world" module. That functionality was alreadyavailable in C, of course, with a level of safety similar to what Rust canprovide. Interest is growing, though, in merging actually useful moduleswritten in Rust; that will require some more capable infrastructure than iscurrently present. A recent discussion on the handling of time values inRust demonstrates the challenges — and opportunities — inherent in thiseffort.

Security updates have been issued by CentOS (git), Debian (spip), Fedora (epiphany), Mageia (binwalk, chromium-browser-stable, crmsh, emacs, libraw, libtiff, nodejs, pkgconf, tar, and vim), Oracle (kernel and systemd), SUSE (emacs, kernel, nrpe, and rubygem-activerecord-4_2), and Ubuntu (c-ares, git, postgresql-12, postgresql-14, and sox).

The LWN.net Weekly Edition for March 2, 2023 is available.

The Python-packaging discussions continued in January and February; theyshow no sign of abating in March either. This time around, we look (again)at tools for packaging, including a brand new Rust-based entrant. There isalso a proposal to have interested parties create Python EnhancementProposals (PEPs) for packaging solutions that would be judged by a panel ofPEP delegates in order to try to choose something that the whole communitycan rally around—without precluding the existence of other options. Asalways, it is all a difficult balancing act.

Konstantin Ryabitsev has arequest for anybody who is using mutt for kernel work:

The waiting is done; version4.0 of the Godot game engine has been released.

Security updates have been issued by Debian (multipath-tools and syslog-ng), Fedora (gnutls and guile-gnutls), Oracle (git, httpd, lua, openssl, php, python-setuptools, python3.9, sudo, tar, and vim), Red Hat (kpatch-patch), Scientific Linux (git), SUSE (compat-openssl098, glibc, openssl, postgresql13, python-Django, webkit2gtk3, and xterm), and Ubuntu (awstats, expat, firefox, gnutls28, lighttpd, php7.2, php7.4, php8.1, python-pip, and tar).

Linux users often work with text files; tools like grep,awk, and sed are standard utilities in their toolbox. However, thesetools fall short when trying to extract or edit data from files in a binary format, analyzecorrupt media files, or for parsing a binary data format. FOSDEM 2023 in Brussels had a whole binary toolsdevroom dedicated to open-source programs that deal with binary data.

Security updates have been issued by Debian (curl, python-werkzeug, and spip), Fedora (curl), Mageia (apache-commons-fileupload, apr, c-ares, clamav, git, gnutls, ipython, jupyter-core, php, postgresql, python-cryptography, python-jupyterlab, python-twisted, sofia-sip, and sox), Red Hat (git, httpd, kernel, kernel-rt, kpatch-patch, lua, openssl, pcs, php, python-setuptools, python3.9, systemd, tar, vim, and zlib), SUSE (libxslt, php8, postgresql15, python3, tpm2-0-tss, and ucode-intel), and Ubuntu (curl, mplayer, openjdk-17, openjdk-19, openjdk-lts, openjdk-8, python3.9, and ruby-rack).

The Asahi Linux project has posted anupdate and reality check on the status of Linux support for Apple's M1hardware.

Most of the kernel's code is written in C and intended to be run directlyon the underlying hardware. That situation is changing in a few ways,though; one of those is the ability to write kernel code for the BPFvirtual machine. The 6.3 kernel release will include a new API making the red-black tree data structure available to BPFprograms. Beyond being an interesting feature in its own right, this newAPI shows how BPF is bringing a different approach to kernel programming —and to the C language in general.

Security updates have been issued by Debian (apr-util, freeradius, mono, nodejs, php7.3, php7.4, and python-cryptography), Fedora (epiphany, haproxy, and podman), SUSE (chromium, libraw, php7, php74, python-pip, and rubygem-activerecord-4_2), and Ubuntu (apr, clamav, curl, intel-microcode, nss, openvswitch, webkit2gtk, and zoneminder).

The6.2.1,6.1.14,5.15.965.10.170,5.4.233,4.19.274, and4.14.307stable kernel updates have all been released; each contains another set ofimportant fixes.

Developers who build distributions often (but not always) put considerableeffort into backward compatibility, ensuring, for example, that a programbuilt for one release will continue to run on later releases. Forwardcompatibility, where it is possible to move a program (or other artifact)from a more recent release to an older one, can be less of a concern, butit still tends to be seen as something that is better to not break ifpossible. So it is not surprising that an issue affecting theforward-compatibility of ext4 filesystems built for the upcomingDebian 12 ("bookworm") release has generated a fair amount ofdiscussion, even if the number of affected users is likely to be small.

Security updates have been issued by Debian (binwalk, chromium, curl, emacs, frr, git, libgit2, and tiff), Fedora (qt5-qtbase), SUSE (c-ares, kernel, openssl-1_1-livepatches, pesign, poppler, rubygem-activerecord-5_1, and webkit2gtk3), and Ubuntu (linux-aws).

As of this writing, 5,776 non-merge changesets have been pulled into themainline kernel for the 6.3 release; that is a bit less than half of thework that was waiting in linux-next before the merge window opened. Thismerge window is thus well underway, but far from complete. Quite a bit ofsignificant work has been pulled so far; read on to see what entered thekernel in the first half of the 6.3 merge window.

The group working on adding keyword generics to the Rust language isforeshadowing what it plans to propose:

Security updates have been issued by CentOS (firefox and thunderbird), Debian (asterisk, git, mariadb-10.3, node-url-parse, python-cryptography, and sofia-sip), Fedora (c-ares, golang-github-need-being-tree, golang-helm-3, golang-oras, golang-oras-1, and golang-oras-2), Oracle (httpd:2.4, kernel, php:8.0, python-setuptools, python3, samba, systemd, tar, and webkit2gtk3), Red Hat (webkit2gtk3), SUSE (phpMyAdmin, poppler, and postgresql12), and Ubuntu (dcmtk and linux-hwe).

The LWN.net Weekly Edition for February 23, 2023 is available.

The Rust community has been working to reform its governance model; thatwork is now being presented as adraft document describing how that model will work.

As we have seen in earlier articles, the packaging landscape for Python isfragmented and complex, though users of the language have been clamoringfor some kind of unification for a decade or more at this point. The developers behindpip and other packaging tools would like to find a way to satisfythis wish fromPython-language users and developers, thus they have been discussing possiblesolutions with increasing urgency, it seems, of late. In order to do that,though, it is important to understand what specific items—and types of Pythonusers—to target.

The Ubuntu Flavorsofferings (Kubuntu and the like) have decidedthat the way to improve the user experience is to put more emphasis on theSnap package format.

The6.1.13,5.15.95,5.10.169,5.4.232,4.19.273, and4.14.306stable kernel updates have all been released; each contains another set ofimportant fixes.

Security updates have been issued by Debian (amanda, apr-util, and tiff), Fedora (apptainer, git, gssntlmssp, OpenImageIO, openssl, webkit2gtk3, xorg-x11-server, and xorg-x11-server-Xwayland), Oracle (firefox and thunderbird), Red Hat (python3), SUSE (gnutls, php7, and python-Django), and Ubuntu (chromium-browser, libxpm, and mariadb-10.3, mariadb-10.6).

FIDO2 is a standard forauthenticating users without the need for passwords. While the technology hasbeen introduced mainly to protect accounts on web sites, it's also usefulfor other purposes, such as logging into Linux systems. The same technologycan even be used beyond authentication, for example to sign files or Gitcommits. A couple of talks at FOSDEM2023 in Brussels presented the possibilities for Linux users.

Security updates have been issued by CentOS (libksba, thunderbird, and tigervnc and xorg-x11-server), Debian (clamav, nss, python-django, and sox), Fedora (kernel and thunderbird), Mageia (curl, firefox, nodejs-qs, qtbase5, thunderbird, upx, and webkit2), Red Hat (httpd:2.4, kernel, kernel-rt, kpatch-patch, pcs, php:8.0, python-setuptools, Red Hat build of Cryostat, Red Hat Virtualization Host 4.4.z SP 1, samba, systemd, tar, and thunderbird), Scientific Linux (firefox and thunderbird), and SUSE (clamav, firefox, jhead, mozilla-nss, prometheus-ha_cluster_exporter, tar, and ucode-intel).

The 6.2 kernel was released on February 19,at the end of a ten-week development cycle. This time around, 15,536non-merge changesets found their way into the mainline repository, makingthis cycle significantly more active than itspredecessor. Read on for a look at the work that went into this kernelrelease.

Version 13.1 of the GNU GDB debugger has been released. Changes includesupport for the LoongArch and CSKY architectures, a number of Python APIimprovements, support for zstd-compressed debug sections, and more.

Security updates have been issued by Debian (c-ares, gnutls28, golang-github-opencontainers-selinux, isc-dhcp, nss, openssl, snort, and thunderbird), Fedora (clamav, curl, phpMyAdmin, thunderbird, vim, webkitgtk, and xen), Red Hat (firefox), Slackware (kernel), SUSE (apache2-mod_security2, gssntlmssp, postgresql-jdbc, postgresql12, and timescaledb), and Ubuntu (firefox).

Linus has released the 6.2 kernel asexpected.

Security updates have been issued by Debian (webkit2gtk and wpewebkit), Fedora (firefox, phpMyAdmin, tpm2-tools, and tpm2-tss), Slackware (mozilla), SUSE (mozilla-nss, rubygem-actionpack-4_2, rubygem-actionpack-5_1, and tar), and Ubuntu (linux-azure and linux-hwe-5.19).

Systemd 253 has been released. As always, the list of changes isextensive. Support for version-1 control groups and separate /usrsystems is going away later this year. There is a new tool for workingwith unifiedkernel images, a number of new unit-file options have been added, andmuch more; click below for the full list.

When LWN looked at the composefs filesystemin December, we reported that there had been "little response" to thepatches. That is no longer the case. Whether composefs (or something likeit) should be merged has become the subject of an extended debate; at itscore, the discussion is over just how Linux should support certain types ofcontainer workloads.

Security updates have been issued by Debian (firefox-esr), Fedora (community-mysql, edk2, firefox, and git), Slackware (curl and git), SUSE (apache2-mod_security2, aws-efs-utils, bind, curl, git, ImageMagick, java-11-openjdk, java-17-openjdk, java-1_8_0-openjdk, kernel, libksba, and mozilla-nss), and Ubuntu (golang-golang-x-text, golang-x-text, linux-aws, linux-aws-5.15, linux-azure-fde, linux-gcp, linux-gcp-5.15, linux-intel-iotg, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-oracle-5.4, linux-gke, linux-gke-5.15, nss, and xorg-server, xorg-server-hwe-16.04).

The LWN.net Weekly Edition for February 16, 2023 is available.

From the moon landing to the James Webb Space Telescope and many otherscientific missions, software is critical for the US National Aeronautics and Space Administration(NASA). Sharing information has also been in the DNA of the spaceagency from the beginning. As a result, NASA also contributes to andreleases open-source software and open data. In a keynote at FOSDEM 2023, Science Data Officer Steve Crawford talked about NASA andopen-source software, including the challenges NASA has faced in using opensource and the agency's recent initiatives to lower barriers.

The 5.10.168 stable kernel update hasfinally emerged from the review process and been released; it contains yetanother set of important fixes.

Jens Axboe has posted adetailed guide to improving the performance of networking applicationswith io_uring.

Canonical has announcedthe general availability of a realtime variant of its distribution.

Version110.0 of the Firefox browser has been released. Significant newfeatures include the ability to import bookmarks from the Opera and Vivaldibrowsers and GPU sandboxing on Windows systems.

Security updates have been issued by Debian (gnutls28 and haproxy), Fedora (syslog-ng), Mageia (apr-util, chromium-browser-stable, editorconfig-core-c, ffmpeg, libzen, phpmyadmin, tpm2-tss, and webkit2), Oracle (kernel and kernel-container), Slackware (mozilla and php), SUSE (git, haproxy, kernel, nodejs18, phpMyAdmin, and timescaledb), and Ubuntu (APR-util, git, and haproxy).

Many people, when they are installing a Linux distribution for a singlepurpose such as running containers, would prefer an install-and-forgettype of deployment. At FOSDEM 2023 in Brussels, severalprojects of this minimal Linux distribution type were presented. FedoraCoreOS, Ubuntu Core, openSUSE MicroOS, and Bottlerocket OSall tackle this problem in their own way. The talks at FOSDEM gave aninteresting overview of how these projects differ in their approaches.