LWN.net

While GUADEC, the GNOME community's annual conference, has always been heldin Europe (or online-only) since it began in 2000, this year's editionwas held in North America, specifically in Guadalajara, México,July 20-25. Rob McQueen gave a talk on the first day of theconference about providing solutions that bring some level of digitalsafety andautonomy to users—and how GNOME can help make that happen. McQueen is the CEO of the Endless OSFoundation, which is an organization geared toward those goals; he was alsorecently reelected as the president of the GNOME Foundation board of directors.

Daniel Vetter offers someadvice for developers of locking schemes in the kernel.

Nicholas Nethercote marksthe 20th anniversary of the Valgrind 1.0 release.

Security updates have been issued by Debian (kernel and openjdk-17), Fedora (ceph, lua, and moodle), Oracle (java-1.8.0-openjdk), Red Hat (grafana), SUSE (git, kernel, libxml2, nodejs16, and squid), and Ubuntu (imagemagick, protobuf-c, and vim).

Docker has transformed the waymany people develop and deploy software. It wasn't the firstimplementation of containers on Linux, but Docker's ideas about howcontainers should be structured and managed were different from itspredecessors. Those ideas matured into industry standards, and anecosystem of software has grown around them. Docker continues to be amajor player in the ecosystem, but it is no longer the only whale in thesea — Red Hat has also done a lot of work oncontainer tools, and alternative implementations arenow available for many of Docker's offerings.

Security updates have been issued by Debian (spip), Mageia (libtiff and logrotate), Oracle (java-1.8.0-openjdk and java-11-openjdk), SUSE (gpg2, logrotate, and phpPgAdmin), and Ubuntu (python-bottle).

The CreativeCommons CC0 license is essentially a public-domain declaration (or asclose as is possible in jurisdictions that lack a public domain). TheFedora project has allowed the distribution of code under this license,but, as announcedby Richard Fontana, that policy is changing and CC0 will no longer beallowed for code:

A 64-bit pointer can address a lot of memory — far more than just about anyapplication could ever need. As a result, there are bits within that pointer thatare not really needed to address memory, and which might be put to otherneeds. Storing a few bits of metadata within a pointer is a common enoughuse case that multiple architectures are adding support for it at thehardware level. Intel is no exception; support for its "Linear AddressMasking" (LAM) feature has been slowly making its way toward the mainlinekernel.

Security updates have been issued by Debian (chromium, djangorestframework, gsasl, and openjdk-11), Fedora (giflib, openssl, python-ujson, and xen), Mageia (virtualbox), SUSE (git, gpg2, java-1_7_1-ibm, java-1_8_0-ibm, java-1_8_0-openjdk, mozilla-nspr, mozilla-nss, mozilla-nss, python-M2Crypto, and s390-tools), and Ubuntu (php8.1).

The Debian project, Debian.ch, and Software in the Public Interest recentlyfiled a WIPO action to take control of the "debian.community" domain name,which has been used by Daniel Pocock to attackthe Debian project and its members. Red Hat had made a similar attempt to take control ofWeMakeFedora.org earlier this year, but that attempt failed. The Debianaction succeeded, though; on July 19, WIPO decidedin favor of the action and ordered the domain name transferred.That domain name can no longer be used, but the attacks seem certain tocontinue.

The 5.19-rc8 kernel prepatch is out fortesting. "There's nothing really surprising in here - a few smaller fixups forthe retbleed mess as expected, and the usual random one-linerselsewhere."

The5.18.14 and5.15.57stable kernels have been released; these consist almost entirely of theRetbleed hardware-vulnerability mitigations.The 5.10.133update will be next to get those fixes; it is in the review process and isdue on July 25.[Update: 5.10.133 has been released.]

"Retbleed"is the name given to a class of speculative-execution vulnerabilitiesinvolving return instructions. Mitigations for Retbleed have found theirway into the mainline kernel but, as of this writing, some remainingproblems have kept them from the stable update releases. MitigatingRetbleed can impede performance severely, especially on some Intelprocessors. Thomas Gleixner and Peter Zijlstra think they have found a betterway that bypasses the existing mitigations and misleads the processor'sspeculative-execution mechanisms instead.

Security updates have been issued by Fedora (gnupg2, oci-seccomp-bpf-hook, suricata, and vim), Oracle (java-11-openjdk), Slackware (net), and SUSE (kernel, nodejs16, rubygem-rack, and webkit2gtk3).

The 5.15.56, 5.10.132, 5.4.207, 4.19.253, 4.14,289, and 4.9.324 stable kernels have been released.The 5.18.13 stable kernel has been delayed due to some problems found during review; 5.18.13-rc3is out for review and is due on July 23. Note that none of thesekernels has mitigations for the Retbleedvulnerabilities; those are still in the works for the stable kernels.Update: Seemingly a day early, 5.18.13 was released on July 22.

The intersection of free software and trademark law has not always beensmooth. Free-software licenses have little to say about trademarks but,sometimes, trademark licenses can appear to take away some of the freedomsthat free-software licenses grant. The Firefox browser has often been the focal point for trademark-relatedcontroversy; happily, those problems appear to be in the past now. Instead,the increasing popularity of the Rustlanguage is drawing attention to its trademark policies.

Security updates have been issued by Mageia (kernel and kernel-linus), SUSE (dovecot23), and Ubuntu (freetype, libxml-security-java, and linux-oem-5.17).

The LWN.net Weekly Edition for July 21, 2022 is available.

It was not all that long ago that Python began its experiment withreplacing one of its mailing lists with a forum on its Discourse discussion site. Overtime, the Discourse instance has become more and more popular within thePython community. It would seem that another mailing list will soon besubsumed within Discourse as the Python steering council is planning toeffectively retire the venerable python-dev mailing list soon.

Martin Heinz encourages Pythondevelopers to move on to a number of newer modules.

Security updates have been issued by Fedora (golang-github-gosexy-gettext, golang-github-hub, oci-seccomp-bpf-hook, and popub), Oracle (kernel and kernel-container), SUSE (python2-numpy), and Ubuntu (check-mk and pyjwt).

Google has released Cirq1.0 for developers working with leading-edge computers:

It is not uncommon for users to want to run a program targeted to oneoperating system on another type of system. With the increasing prevalence ofsmartphones, Android has become the world's most widely used operatingsystem. So users may want to run Android apps on Linux systems in orderto get access to a game or other app that is not available in aLinux version or to develop mobile apps on their desktop system.The Waydroid project provides a way to run thoseapps on Linux, which means they can run on a variety of devices, includingLinux-based smartphones like the PinePhone.

From Berkeley comes thesad news of the passing of Tom Lord, a longtime free-software developerand the original author of GNU arch. He will bemissed.

Security updates have been issued by Fedora (buildah), SUSE (dovecot23 and nodejs12), and Ubuntu (harfbuzz, libhttp-daemon-perl, tiff, and webkit2gtk).

The Ubuntu 21.10 ("Impish Indri") release is no longer supported as ofJuly 14; users who are on that version will want to look intoupgrading soon.

One of the key selling points of the BPF subsystem is that loading a BPFprogram is safe: the BPF verifier ensures that the program cannot hurt thekernel before allowing the load to occur. That guarantee is perhapslosing some of its force as more capabilities are made available to BPF programs but, even so, it may be abit surprising to see thisproposal from Artem Savkov adding a BPF helper that is explicitly designed tocrash the system. If this patch set is merged in something resembling itscurrent form, it will be the harbinger of a new era where BPF programs are,in some situations at least, allowed to be overtly destructive.

Ariadne Conill exploresways to make the Unix cat utility more efficient onLinux.

Security updates have been issued by Debian (mat2 and xen), Fedora (butane, caddy, clash, direnv, geoipupdate, gitjacker, golang-bug-serial-1, golang-github-a8m-envsubst, golang-github-apache-beam-2, golang-github-aws-lambda, golang-github-cespare-xxhash, golang-github-chromedp, golang-github-cloudflare, golang-github-cloudflare-redoctober, golang-github-cockroachdb-pebble, golang-github-cucumber-godog, golang-github-dreamacro-shadowsocks2, golang-github-dustinkirkland-petname, golang-github-etcd-io-gofail, golang-github-facebookincubator-contest, golang-github-facebookincubator-dhcplb, golang-github-facebookincubator-go2chef, golang-github-facebookincubator-ntp, golang-github-facebookincubator-nvdtools, golang-github-goccy-yaml, golang-github-gojuno-minimock, golang-github-google-wire, golang-github-hexdigest-gowrap, golang-github-intel-goresctrl, golang-github-j-keck-arping, golang-github-jamesclonk-vultr, golang-github-liamg-scout, golang-github-liamg-tml, golang-github-mattn-colorable, golang-github-mdlayher-ethernet, golang-github-moby-buildkit, golang-github-mock, golang-github-niklasfasching-org, golang-github-nxadm-tail, golang-github-path-network-mmproxy, golang-github-rakyll-statik, golang-github-shopify-toxiproxy, golang-github-shulhan-bindata, golang-github-skynetservices-skydns, golang-github-sophaskins-efs2tar, golang-github-spf13-cobra, golang-github-spyzhov-ajson, golang-github-task, golang-github-temoto-robotstxt, golang-github-theoapp-theo-agent, golang-github-tinylib-msgp, golang-github-tklauser-numcpus, golang-github-valyala-fasthttp, golang-google-protobuf, golang-honnef-tools, golang-k8s-kube-openapi, golang-k8s-pod-security-admission, golang-k8s-sample-cli-plugin, golang-mvdan-sh-3, golang-storj-drpc, golang-x-tools, gopass, harfbuzz, hcloud, manifest-tool, moby-engine, mqttcli, nex, php-laminas-diactoros2, podman-tui, seamonkey, snapd, tinygo, vgrep, vultr, vultr-cli, weldr-client, xen, and yubihsm-connector), Mageia (golang and java), Oracle (grub2, kernel, kernel-container, and squid), and SUSE (crash, kernel, nodejs12, nodejs14, and nodejs16).

The 5.19-rc7 kernel prepatch is out fortesting.

A page-table entry (PTE) is relatively small, requiring just eight bytes to refer to a4096-byte page on most systems. It thus does not seem like a worrisomelevel of overhead, and little effort has been made over the kernel'shistory to reduce page-table memory consumption. Those eight bytes canhurt, though, if they are replicated across a sufficiently large set ofprocesses. The msharefspatch set from Khalid Aziz is a revised attempt to address thatproblem, but it is proving to be a hard sell in the memory-managementcommunity.

Security updates have been issued by Debian (webkit2gtk and wpewebkit), Fedora (curl, kernel, openssl1.1, php, subversion, xorg-x11-server, and xorg-x11-server-Xwayland), Oracle (grub2), SUSE (gnutls, kernel, logrotate, oracleasm, p11-kit, and python-PyJWT), and Ubuntu (libhttp-daemon-perl and python2.7, python3.10, python3.4, python3.5, python3.6, python3.8, python3.9).

The stable kernel updates that were due on July 14 have been delayed forseveral days, according to GregKroah-Hartman, due to problems that have come up with the Retbleedmitigation patches.

Version9.0 of Rocky Linux, a Red Hat Enterprise Linux clone, has beenreleased. There are a lot of changes, of course; see the release notesfor an overview.

Justine Tunney has created animplementation of the OpenBSD pledge() system call for Linux.

The MIT Technology Review has posted anarticle on a program within the US Defense Advanced Research ProjectsAgency to identify threats to open-source code.

The BPF subsystem allowsprogrammers to write programs that can run safely in kernel space. Allmemory accesses and function calls in BPF programs are statically checkedfor safety using the in-kernel verifier, whichanalyzes programs in their entirety before allowing them to be loaded.While this allows the kernel to safely run BPF programs, it heavilyrestricts what those programs are able to do. Among theseconstraints is a rule that programs cannot store pointers into BPF maps foruse (such as dereferencing them or passing them to the kernel inkfunc and BPF helper invocations) at alater time. Apatch set byKumar Kartikeya Dwivedi adds this capability to BPF.

Security updates have been issued by Debian (request-tracker4), Fedora (kernel and vim), Mageia (gerbv, gnupg2, pgadmin4, and python-coookiecutter), Slackware (xorg), SUSE (cifs-utils, gmp, gnutls, libnettle, kernel, libsolv, libzypp, zypper, logrotate, openssl-1_1, opera, squid, and virglrenderer), and Ubuntu (ca-certificates, git, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gke, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-kvm, linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-ibm, linux-kvm, linux-lowlatency, linux-oracle, linux-aws, linux-oem-5.14, and vim).

The LWN.net Weekly Edition for July 14, 2022 is available.

Over the last five decades or so, free and open-source software (FOSS) hasgone from an almost unknown quantity available to only the most technically savvy to underpinning muchof the infrastructure we rely on today. Much like software itself, FOSS is"eating the world". But that has changed—is changing—the role of themaintainers of all of that code; when "critical" infrastructure uses codefrom a FOSS project, suddenly, and perhaps without warning, that codeitself becomes critical. But many maintainers of that software arevolunteers who did not set out to become beholden to the needs of largecompanies and organizations when they released their code, they were justscratching their itch—now lots of others are clamoring for theirs to bescratched as well.

Security updates have been issued by Fedora (xen), Mageia (x11-server), SUSE (chromium, kernel, pcre, pcre2, squid, and xorg-x11-server), and Ubuntu (gnupg, gnupg2, uriparser, xorg-server, xorg-server-hwe-16.04, and xorg-server, xorg-server-hwe-18.04, xwayland).

Back in April, there was an interesting discussion on the python-ideasmailing list that started as a query about adding support for customliterals, a la C++, but branched off from there. Custom literals arefrequently used for handling units and unit conversion in C++, so thePython discussion fairly quickly focused on that use case. While ideas about apossible feature were batted about, it does not seem like anything that isbeing pursued in earnest, at least at this point. But some of the facetsof the problem are, perhaps surprisingly, more complex than might be guessed.

Some researchers at ETH Zurich have disclosed anew set of speculative-execution vulnerabilities known as "Retbleed". Inshort, the retpoline defenses added when Spectre was initially disclosedturn out to be insufficient on x86 machines because return instructions,too, can be speculatively executed.

The5.18.11,5.15.54,5.10.130,5.4.205,4.19.252,4.14.288, and4.9.323stable kernel updates have been released; each contains another set ofimportant fixes.

Matthew Garrett grumbles about anapparent Microsoft policy change making it harder to boot Linux on somesystems.

Security updates have been issued by Debian (chromium), Mageia (openssl and webkit2), Slackware (seamonkey), SUSE (crash, curl, freerdp, ignition, libnbd, and python3), and Ubuntu (dovecot and python-ldap).

The GCC steering committee has approvedthe contribution of the Rust frontend to the compiler suite. "We lookforward to including a preliminary, beta version of GCC Rust in GCC 13 as anon-default language".

Once upon a time, a simple stack overflow was enough to mount acode-injection attack on a running system. In modern systems, though,stacks are not executable and, as a result, simple overflow-based attacksare no longer possible. In response, attackers have shifted tocontrol-flow attacks that make use of the code already present in thetarget system. Hardware vendors have added a number of features intended tothwart control-flow attacks; some of these features have better supportthan others in the Linux kernel.

Version 6.0 of thecalibre ebook management system is out.

On his blog, Armin Ronacher comments about a recent security key giveaway by the Python Package Index (PyPI) to provide two-factor authentication (2FA) tokens to the maintainers of the "critical" projects on the index. While (eventually) requiring maintainers to use 2FA before being able to update PyPI packages is reasonable, Ronacher worries about where the idea might lead: