LWN.net

Adding support for an in-kernel TLShandshake was the topic of a combined storage and filesystem session at the2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM). Chuck Lever andHannes Reinecke led the discussion on ways to add that support; they areinterested in order to provide TLS for network storage and filesystems.But there are likely other features, such as QUIC support, that could use an in-kernel TLS implementation.

The challenges of testing filesystems and the block layer were the topic of acombined storage and filesystem session led by Luis Chamberlain at the2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM). His goal is toreduce the amount of time it takes to test new features in those areas, butone of the problems that he has encountered is a lack of determinism in thetest results. It is sometimes hard to distinguish problems in the kernelcode from problems in the tests themselves.

If you are running Fedora 34, the time has come to move on; thatdistribution will reach the end of its supportlife on June 7. Users of Ubuntu 21.10 have a little longer, butthat release loses support on July 14 andusers should update to 22.04.

Security updates have been issued by Debian (libjpeg-turbo, webkit2gtk, and wpewebkit), Fedora (golang-github-opencontainers-runc, mingw-pcre2, python-jwt, python-ujson, and weechat), Oracle (nodejs:16 and rsyslog), Red Hat (container-tools:3.0, expat, fapolicyd, kernel, kernel-rt, kpatch-patch, mariadb:10.3, postgresql:12, rsyslog and rsyslog7, and zlib), Slackware (mozilla), SUSE (bind, dpdk, fribidi, hdf5, librelp, php74, postgresql12, and postgresql13), and Ubuntu (cups, linux-gcp-5.13, linux-oracle, linux-oracle-5.13, linux-gcp-5.4, linux-gkeop, linux-gkeop-5.4, linux-ibm-5.4, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, and webkit2gtk).

In a filesystem session at the 2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM), Amir Goldsteinled a discussion about the stable kernel trees. Those trees, andespecially the long-term support (LTS) versions, are used as a basis for avariety of Linux-based products, but the kind of testing that is being doneon them for filesystems is lacking. Part of the problem is that the teststarget filesystem developers so they are not easily used by downstreamconsumers of the stable kernel trees.

Security updates have been issued by Debian (haproxy, libdbi-perl, pjproject, spip, and trafficserver), Oracle (firefox, kernel, kernel-container, libvirt libvirt-python, and thunderbird), Red Hat (maven:3.5, maven:3.6, nodejs:16, postgresql, postgresql:10, and rsyslog), SUSE (gimp, helm-mirror, ImageMagick, mailman, openstack-neutron, pcmanfm, pcre2, postgresql10, and tiff), and Ubuntu (dpkg and freetype).

The ID-mapped mounts feature was added toLinux in 5.12, but the general idea behind it goes back a fair bitfurther. There are a number of different situations where the user andgroup IDs for files on disk do not match the current human (or process) user of thosefiles, so ID-mapped mounts provide a way to resolve that problem—withoutchanging the files on disk. The developer of the feature, ChristianBrauner, led a discussion at the 2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM) on ID-mapped mounts.

Our introduction to Linux audio and MIDIplugin APIs ended with a mention ofthe Clever Audio Plugin(CLAP) but did not get into the details. CLAP is an MIT-licensed API fordeveloping audio and MIDI plugins that, its developers feel, has thepotential to improve the audio-software situation on Linux. The time hasnow come to get to those details and look at the state of CLAP and where itis headed.

The 5.18.1, 5.17.12, 5.15.44, and 5.10.119 stable kernels have been released.As usual, they contain important fixes; users of those series should upgrade.

Version 5.36.0 of the Perl language is out. "Perl 5.36.0 representsapproximately a year of development since Perl 5.34.0 and containsapproximately 250,000 lines of changes across 2,000 files from 82authors." Changes include the enabling of function signatures,Unicode 14.0 support, experimental iteration over multiple values, and alot more; see therelease notes for the full list.

Security updates have been issued by Debian (modsecurity-apache, pngcheck, rsyslog, and smarty3), Fedora (firefox, golang-github-opencontainers-runc, gron, kernel, kernel-headers, kernel-tools, logrotate, mingw-pcre2, and rubygem-git), Mageia (admesh, chromium-browser-stable, golang, kernel, kernel-linus, and pidgin), Red Hat (firefox, openvswitch2.13, openvswitch2.15, openvswitch2.16, rsyslog, and thunderbird), SUSE (bind, curl, opera, pcp, postgresql12, and postgresql14), and Ubuntu (gnupg2 and ntfs-3g).

Paul McKenney writesabout why read-copy-update coverage is not universal in the kernel, thehazards that can result from that, and what is being done to improve thesituation.

As of this writing, just under 4,600 non-merge changesets have been pulledinto the mainline repository for the 5.19 development cycle. The 5.19merge window is clearly well underway. The changes pulled so far cover anumber of areas, including the core kernel, architecture support, networking,security, and virtualization; read on for highlights from the first part ofthis merge window.

Security updates have been issued by Debian (atftp, cups, neutron, and zipios++), Fedora (clash, moodle, python-jwt, and thunderbird), Red Hat (thunderbird), Slackware (cups), SUSE (go1.17, libredwg, opera, seamonkey, and varnish), and Ubuntu (libxv, ncurses, openssl, and subversion).

AlmaLinux 9, based on RHEL 9, has been released. Four architectures are supported, so ISO files are available for x86_64, Arm64, PowerPC, and IBM Z.

The normal rule of kernel development is that the creation of user-spaceregressions is not allowed; a patch that breaks a previously workingapplication must be either fixed or reverted. There are exceptions,though, including a5.10 patch that has been turning up regressions ever since. The storythat emerges here shows what can happen when the goals of stability,avoiding security problems, and code cleanup run into conflict.

The Perl Steering Council has posted ablog entry on its plans for the language and when Perl 7 might bereleased.

Security updates have been issued by Debian (chromium, dpkg, filezilla, irssi, puma, and python-django), Fedora (firefox, ignition, and pcre2), Mageia (cockpit, firefox/thunderbird, openldap, supertux, unrar, and vim), Oracle (firefox and thunderbird), Red Hat (rh-varnish6-varnish), SUSE (cups, fribidi, kernel-firmware, redis, and wpa_supplicant), and Ubuntu (dpkg, logrotate, and subversion).

The LWN.net Weekly Edition for May 26, 2022 is available.

Right on the heels of his previous filesystemsession at the2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM), Steve French leda session on temporary files and their interaction with networkfilesystems.The problem is that creating temporary files is not always atomic, so he wasproposing changing that, which would eliminate a possible race conditionand be more efficient for network filesystems.Since the temporary-file discussion did not fill the 30-minute slot, however, French tookthe opportunity to discuss some attributes he would like to see get added for thestatx()system call.

Steve French led a discussion on change notifications for networkfilesystems in a session at the2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM). He is part ofthe Samba team and noted that both Windows and macOS clients get notifiedof new and changed files in a shared directory immediately, while on Linux that does not happen. Hewanted to explore what it would take to add that functionality.

The Linux Foundation has posted an "Open SourceSoftware Security Mobilization Plan" that aims to address a number ofperceived security problems with the expenditure of nearly$140 million over two years.

Here's anupdate from F-Droid regarding upcoming changes to its build anddistribution infrastructure.

The5.17.10,5.15.42,5.10.118,5.4.196,4.19.245,4.14.281, and4.9.316stable kernel updates have all been released; each contains another set ofimportant fixes.Update: the 5.17.11 and 5.15.43 updates followed immediatelythereafter with a single MPTCP networking fix.

Security updates have been issued by Debian (lrzip and puma), Fedora (plantuml and plib), Oracle (kernel and kernel-container), Red Hat (firefox, kernel, kpatch-patch, subversion:1.14, and thunderbird), Scientific Linux (firefox and thunderbird), SUSE (kernel-firmware, libxml2, pcre2, and postgresql13), and Ubuntu (accountsservice, postgresql-10, postgresql-12, postgresql-13, postgresql-14, and rsyslog).

On the second day of the2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM), Goldwyn Rodriguesled a combined filesystem and memory-management session on saving memory whenreading files that share extents. That kind of sharing can occur withcopy-on-write (COW) filesystems, reflinks, snapshots, and other featuresof that sort. When reading those files, memory is wasted because multiplecopies of the same data is stored in the page cache, so he wanted toexplore adding a cachespecifically to handle that.

ThisGoogle blog entry looks at some zero-day Android exploits that weredetected and makes it clear what the stakes are.

In a fast-paced talk at PyCon 2022 in Salt Lake City,Utah, Pablo Galindo Salgado described some changes he and others have madeto the error reporting for CPython 3.10. He painted a picture of arather baffling set of syntax errors reported by earlier interpreterversions and how they have improved. This work is not done by any means,he said, and encouraged attendees to get involved in making error reportingeven better in future Python versions.

Security updates have been issued by Debian (firefox-esr and openldap), Fedora (curl), Oracle (kernel and kernel-container), Red Hat (maven:3.5), SUSE (cacti, cacti-spine, firefox, go1.18, openldap2, python-requests, rsyslog, and slurm_20_11), and Ubuntu (firefox, htmldoc, libpng, libxfixes, libxrender, thunderbird, and vim).

Version3.16.0 of the Alpine Linux distribution has been released. Significantchanges include a switch to tmpfs for the /tmp directory, thesplitting out of a number of NetworkManager plugins into separate packages,the removal of Python 2, and a lot of updated packages; see therelease notes for more information.

The 5.18 kernel was releasedon May 22 after a nine-week development cycle. That can only meanthat the time has come to look at some of the statistics behind thisrelease, which was one of the busiest in a while. Read on for a look atthe 5.18 kernel, where the code in this release came from, and how it foundits way into the mainline.

Systemd 251 is out. The list of changes includes an increase of theminimum kernel version to 4.15, use of C11 to build the program, increased use of filesystem ID mapping, and many other things;see the announcement for all the details.

Security updates have been issued by Debian (admesh, condor, firefox-esr, libpgjava, libxml2, rsyslog, and thunderbird), Fedora (dotnet6.0, libarchive, php-openpsa-universalfeedcreator, thunderbird, and vim), Mageia (ffmpeg, kernel, kernel-linus, microcode, netatalk, nvidia-current, nvidia390, opencontainers-runc, postgresql, and ruby-nokogiri), Slackware (mariadb and mozilla), and SUSE (curl, firefox, libarchive, librecad, libxls, openldap2, php7, and postgresql10).

Linus has released the 5.18 kernel."No unexpected nasty surprises this last week, so here we go with the5.18 release right on schedule." Some of the headline changes inthis release includethe DAMOS memory-management interface,a number of random-number-generator improvements,the Intel software-defined silicon driver,strict memcpy() bounds checking,a switch to the C11 standard, and more. Also, the Reiserfs filesystem has beendeprecated and the last vestiges of a.outsupport have been removed.See the LWN merge-window summaries (part 1, part 2) and the KernelNewbies 5.18 pagefor more details.

For readers who want to follow our article stream on Mastodon, LWN now(finally) has a presence in the Fosstodon community; you can find us at@LWN@fosstodon.org.

The final session in the memory-management track at the 2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM) was run remotelyby James Gowans and David Woodhouse. It was titled "user-space control ofmemory mappings", with a subtitle of "letting guest memory and statesurvive kexec". Some options were discussed, but the real work is clearlyyet to be done.

As the memory-management track at the 2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM) neared itsconclusion, Mike Kravetz ran a session remotely to talk about pagesharing with hugetlbfs, which is a special filesystem that provides accessto huge pages. (See this article seriesfor lots of information about hugetlbfs). Hugetlbfs can help to reducepage-table overhead when pages are shared between large numbers ofprocesses, but there is a problem that he is trying to find a solution for.

The numerous correctness problemswith the kernel's get_user_pages() functionality have been a fixture at the LinuxStorage, Filesystem, Memory-management and BPF Summit (LSFMM) for someyears. The 2022 eventdid not break that tradition. The first-day discussion on page pinning was covered here.On the final day, in the memory-managementtrack, David Hildenbrand led a session on the current status ofget_user_pages() and its interaction with copy-on-write (COW)memory.

Security updates have been issued by CentOS (kernel), Debian (ark, openldap, and thunderbird), Fedora (freetype and vim), Oracle (.NET 5.0, .NET 6.0, .NET Core 3.1, container-tools:3.0, glibc, kernel, rsync, and subversion:1.10), Scientific Linux (kernel), SUSE (dcraw, firefox, glib2, ImageMagick, kernel-firmware, libxml2, libyajl, php7, ucode-intel, and unrar), and Ubuntu (openldap).

Version1.61.0 of the Rust language has been released. Changes this timearound include more flexibility in main-program exit codes, a number of newfeatures for const functions, a number of newly stabilized APIs, and more.

Control groups are a useful system-management feature, but they can alsoconsume a lot of resources, especially if they hang around on the systemafter they have been deleted. Roman Gushchin described the problems that can result at the2019 Linux Storage, Filesystem, Memory-management and BPF Summit (LSFMM);he returned during the 2022 LSFMM to revisitthe issue, especially as it relates to the memory controller. Progress hasbeen made, but the problem is not yet solved.

During the final day of the 2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM), attention in thememory-management track turned once again to the challenges posed by theupcoming Compute Express Link (CXL) technology. Two sessions looked atdifferent problems posed by CXL memory, which can come and go over theoperation of the system. CXL offers a lot of flexibility, but changes willbe needed for the kernel to be able to take advantage of it.

Andrew 'bunnie' Huang has posted an extensive review ofthe Rust language derived from the experience of writing "over100k lines" of code.

Security updates have been issued by Fedora (microcode_ctl, rubygem-nokogiri, and vim), Mageia (htmldoc, python-django, and python-oslo-utils), Red Hat (container-tools:2.0, kernel, kernel-rt, kpatch-patch, and pcs), SUSE (ardana-barbican, grafana, openstack-barbican, openstack-cinder, openstack-heat-gbp, openstack-horizon-plugin-gbp-ui, openstack-ironic, openstack-keystone, openstack-neutron-gbp, python-lxml, release-notes-suse-openstack-cloud, autotrace, curl, firefox, libslirp, php7, poppler, slurm_20_11, and ucode-intel), and Ubuntu (bind9, gnome-control-center, and libxrandr).

The LWN.net Weekly Edition for May 19, 2022 is available.

LWN does its best to provide comprehensive coverage of the free-softwaredevelopment community, but there is far more going on than our small staffcan handle. When expressed that way, this problem suggests an obvioussolution: make the staff bigger. Thus, LWN is looking to hire awriter/editor.

In a combined filesystem and storage session at the 2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM), Chuck Leverwanted to discuss the need for a permanent, globally unique ID for network filesystems. He was joined by Hannes Reinecke who has worked on theproblem for NVMe storage devices; Lever said something along thoselines is needed for NFSv4. He was hoping to find a solution during thesession, though it would seem that the solution may lie in user space—anddocumentation.

OpenSUSE Leap Micro is a new distribution, described as "anultra-reliable, lightweight operating system built for containerized andvirtualized workloads". The initial release (5.2) isnow available. More information can be found in the5.2 release notes.

A longstanding problem with Btrfs subvolumesand duplicate inode numbers was the topic of a late-breaking filesystem sessionat the2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM). The problem hadcropped up in the bcachefs session butJosef Bacik deferred that discussion to this just-created session, which he led. Theproblem is not limited to Btrfs, though, since filesystem snapshots forother filesystems canhave similar kinds of problems.

The5.17.9,5.15.41,5.10.117,5.4.195,4.19.244,4.14.280, and4.9.315stable kernel updates have all been released; each contains another set ofimportant fixes.