Security updates have been issued by Debian (golang-websocket, kernel, postgresql-11, and thunderbird), Fedora (firefox, kernel, libreswan, libssh, tcpreplay, and thunderbird), SUSE (dcmtk, gradle, libraw, postgresql12, postgresql13, postgresql14, and postgresql15), and Ubuntu (firefox, nova, and thunderbird).
The second 6.4 kernel prepatch is out fortesting. "This being rc2, it's been a fairly calm week as people areonly starting to find any issues from the merge window, but it all looksfine."
The Linux CPU scheduler will let realtime tasks hog the CPU to theexclusion of everything else — except when it doesn't. At the 2023 OpenSource Summit North America, Joel Fernandes covered the problems withthe kernel's realtime throttling mechanism and a couple of potentialsolutions. As a bonus, since the room was unscheduled for the followingslot, attendees were treated to a spontaneous session onadaptive spinning in user space run by André Almeida.
Memory tiering is the practice of dividing physical memory into separatelevels according to its performance characteristics, then allocating thatmemory in a (hopefully) optimal manner for the workload the system isrunning. The subject came up repeatedly during the 2023 Linux Storage, Filesystem,Memory-Management and BPF Summit. One session, led by David Rientjes,focused directly on tiering and how it might be better supported by theLinux kernel.
Kyungsan Kim began his talk at the 2023Linux Storage, Filesystem, Memory-Management and BPF Summit with aclaim that the Compute Express Link (CXL) technology is leading tofundamental changes in computer architecture. The kernel will have torespond with changes of its own, including in its memory-management layer.Drawing on some experience gained at Samsung, Kim had a few suggestions onthe form those changes should take — suggestions that ran into somedisagreement from other memory-management developers.
In part one of the tale, Brandt Bucherlooked specifically at the CPython optimizations that went intoPython 3.11 as part of the Faster CPython project. More of that workwill be appearing in future Python versions, but on day two of PyCon 2023 in Salt Lake City, Utah,Mark Shannon provided an overall picture of CPython optimizations,including efforts made over the last decade or more, with an eye toward theother areas that have been optimized, such as the memory layout for theinternal C data structures of the interpreter. He also described someadditional optimization techniques that will be used in Python 3.12and beyond.
Security updates have been issued by Debian (postgresql-13 and webkit2gtk), Fedora (git), SUSE (helm and skopeo), and Ubuntu (cinder, nova, python-glance-store, and python-os-brick).
Mike Rapoport has put a considerable amount of effort into solving theproblem of direct-map fragmentation over the years; this has resulted inproposals like __GFP_UNMAPPED anda session at the 2022 Linux Storage,Filesystem, Memory-Management, and BPF Summit. Rapoport returned at the 2023 Summit to revisit this issue, but hestarted with a somewhat surprising spoiler.
Greg Kroah-Hartman has announced the release of the 6.3.2, 6.2.15,6.1.28, and 5.15.111 stable kernels. These all containimportant fixes throughout the kernel tree, as usual.
Storage technology may seem like a slow-moving area, but there is, instead,a lot of development activity happening there. An early session at the2023 Linux Storage, Filesystem,Memory-management and BPF Summit, led by Martin Petersen and Vincent Haché, updated the assembled group onthe latest changes to the storage landscape, with an emphasis on theCompute Express Link (CXL) 3.0 specification.
The MicroPython programming language implements a sizable subset of Python that can run on microcontrollers, thus bringing Python's easy-to-learn syntax, readability, and versatility to the embedded world. With its recent 1.20 release, MicroPython introduces a new package manager, reduces its code size, and adds supportfor many new boards, including the Raspberry PiPico W. The project has come a long way since its inception ten years ago, making it an easy-to-use tool for developing software forresource-constrained environments.
Version1.9 of the Julia language has been released. Notable changes includeimproved caching of native code, faster load times via a "packageextensions" mechanism, better memory-usage introspection, and more.
Security updates have been issued by Debian (emacs), Fedora (chromium, community-mysql, and LibRaw), Red Hat (nodejs nodejs-nodemon, nodejs:18, and webkit2gtk3), Slackware (mozilla), SUSE (amazon-ssm-agent, conmon, distribution, docker-distribution, google-cloud-sap-agent, ignition, kernel, ntp, prometheus-ha_cluster_exporter, protobuf-c, python-cryptography, runc, and shim), and Ubuntu (ceph, freetype, and node-css-what).
Two members of the FasterCPython team, which was put together at Microsoft at the behest of Guidovan Rossum to work on major performance improvements for CPython, cameto PyCon 2023 to report on what theteam has been working on—and its plans for the future. PEP 659 ("SpecializingAdaptive Interpreter") describes the foundation of the current work, someof whichhas already been released as part of Python 3.11. Brandt Bucher, whogave a popular talk on structural pattern matchingat last year's PyCon, was up first, with a talk on what "adaptive" and"specializing" mean in the context of Python, which we cover here in partone. Mark Shannon, whose proposed planfor performance improvements in 2020 was a major impetus for this work,presented on the past, present, and future of the Python performanceenhancements, which will be covered in part two.
Version113.0 of the Firefox browser is out. Changes include improvedpicture-in-picture support, blocking of third-party cookies in privatewindows, some accessibility improvements, and more. "A 13-year-oldfeature request was fulfilled and Firefox now supports files beingdrag-and-dropped directly from Microsoft Outlook".
Linus Torvalds released 6.4-rc1 and closed themerge window on May 7. By that time, 13,044 non-mergechangesets had found their way into the mainline repository for the 6.4release. A little over 5,000 of those changesets came in after our summary of the first half of the mergewindow was written. Those changes brought a long list of new featuresand capabilities to the kernel.
Version4.2 of the Yocto Project distribution builder has been released. Itfeatures improved Rust support, a number of BitBake enhancements, lots ofupdated software, and numerous security fixes.
Security updates have been issued by Debian (chromium, evolution, and odoo), Fedora (java-11-openjdk), Oracle (samba), Red Hat (libreswan and samba), Slackware (libssh), SUSE (amazon-ssm-agent, apache2-mod_auth_openidc, cmark, containerd, editorconfig-core-c, ffmpeg, go1.20, harfbuzz, helm, java-11-openjdk, java-1_8_0-ibm, liblouis, podman, and vim), and Ubuntu (linux-aws, linux-aws-hwe, linux-intel-iotg, and linux-oem-6.1).
The 2018 Linux Storage, Filesystem, and Memory-Management (LSFMM)conference included a session onget_user_pages(), an internal kernel interface that can, insome situations, be used in ways that will lead to data corruption orkernel crashes. As the 2023 LSFMM+BPF eventapproaches, this problem remains unsolved and is still the topic of ongoingdiscussion. This patchseries from Lorenzo Stoakes, which is another attempt at a partialsolution, is the latest focus point.
The Python packaging picture is generally a bit murky; there are lots ofdifferent stakeholders, with disparate wishes and needs, which all adds upto a fairly large set of multi-faceted problems. Back in the first threemonths of the year, we looked at variousdiscussions around packaging, some of which are still ongoing.A packagingsummit was held at PyCon 2023 to bring some of the participants of those discussions together in one room. One of its sessionswas on addinga namespaces feature to the Python PackageIndex (PyPI). It provides a look into some of thedifficulties that can arise, especially when trying to accommodate a long legacy of existingpractices, which is often a millstone around the neck of those trying tomake packaging improvements.
Version 3.21.0 of the Valgrindcode-analysis tool is out. Changes include better integration with the GDB debugger, better checks for non-portablerealloc() calls, and a number of other improvements.
The Guix project ("a transactionalpackage manager and an advanced distribution of the GNU system") has announceda milestone toward its goal of bootstrapping an entire distribution fromsource:
Security updates have been issued by Debian (libdatetime-timezone-perl and tzdata), Fedora (chromium), Red Hat (emacs and libwebp), Slackware (netatalk), and Ubuntu (php7.0).
No data structures found in the Linux kernel — at least, in any versionthat escaped from Linus Torvalds's development machine — are older than thebuffer head. Like many other legacies from the early days of Linux, bufferheads have been targeted for removal for years. They persist, though,despite the problems they present. Now, Christoph Hellwig has posted a patchseries that enables the building of a kernel without buffer heads — butthe cost of doing so at this point will be more than most want to pay.
Greg Kroah-Hartman has announced the 6.3.1,6.2.14, 6.1.27, and 5.15.110 stable kernels. They all contain afairly small collection of important fixes. Note that there is a reportof build problems in the wireguard subsystem for the 6.1.27 and 5.15.110kernels, so we may see updates for those fairly soon.
Version4.9 of the SystemTap tracing tool has been released. The headlinechanges this time include a new, Jupyter-based frontend and alanguage-server-protocol interface for name completion.
As of this writing, nearly 7,500 non-merge changesets have been pulled intothe mainline repository for the 6.4 kernel release. The 6.4 merge windowis thus clearly off and running, with a number of significant changesmerged already. Read on for a summary of the most significant pulledso far.
For those who are waiting for the upcoming Debian "bookworm" release, thedate hasnow been set: it's coming out on June 10. The full-freeze datefor the distribution will be May 24.
When the developers of the Linux security module (LSM) subsystem findthemselves disagreeing with other kernel developers, it tends to be becausethose other developers don't think to — or don't want to — add securityhooks to their shiny new subsystems. Sometimes, though, the addition ofnew hooks by non-LSM developers can also create some friction. AndriiNakryiko's posting of a pair ofBPF-related security hooks raised a couple of interesting questions,one of which spurred a fair amount of discussion, and one that did not.
Longtime Pythonista Ned Batchelder gave the first of four keynotes at PyCon's20th-anniversary edition, PyCon 2023, which was heldApril 19-27 in Salt Lake City, Utah. In fact, it is still being heldat the time of this writing; the sprints continue for four days after thethree days of main-conference talks. Batchelder presented his thoughts oncommunication, how it can often go awry for technical people, and how tomake it work better.
The6.2.13,6.1.26,5.15.109,5.10.179,5.4.242,4.19.282, and4.14.314stable kernels have all been released; each contains another set ofimportant fixes and updates.
Security updates have been issued by Fedora (chromium, lilypond, and lilypond-doc), Oracle (java-1.8.0-openjdk), Red Hat (emacs, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, kernel, kernel-rt, pesign, and virt:rhel, virt-devel:rhel), Scientific Linux (java-1.8.0-openjdk and java-11-openjdk), Slackware (git), SUSE (fwupd, git, helm, and runc), and Ubuntu (firefox, golang-1.18, linux-hwe-5.15, and openssl, openssl1.0).
Static-site generators are tools that generateHTML pages from source files, often written in Markdown oranother markup language. They have built-in templates and themes, which allowsdevelopers to create lightweight and secure web sites that can be easilymaintained using version control. One of these tools is Nikola, written in Python.
LWN.net