LWN.net

Security updates have been issued by Debian (abcm2ps and chromium), Fedora (cacti, cacti-spine, and fribidi), and Mageia (crun, docker-containerd, libarchive, mediawiki, and ruby).

The 5.18-rc3 kernel prepatch is out fortesting. "It's Sunday afternoon, and you all know what that means. It's time foranother release candidate.(Yes, yes, it's also Easter Sunday, but priorities, people!)"

Anybody who might be considering acquiring a "Freedom Phone" might want to havea look at MatthewGarrett's analysis first.

Version 9.1 of the GNU coreutils package has been released with lots ofsmall tweaks and improvements. "ls no longer colors files withcapabilities by default, as file-based capabilities are very rarely used,and lookup increases processing per file by about 30%. It's best to usegetcap [-r] to identify files with capabilities."

Your editor has a certain tendency to accumulate books, to the point thatthey crowd everything else out of the house. There is a lot to be said forbooks: a physical book has auser interface that has been optimized over centuries, and one can have areasonably high degree of certainty that any given book will still work afew decades from now. Neither of those can be said for electronic books,but they do have the advantages of taking less shelf space and being moreportable. So electronic books are part of the reading menu, whichnaturally leads to the search for a free reader for those books; KOReader turns out to be an interestingalternative.

Greg Kroah-Hartman has announced the release of the 5.4.189 and 4.19.238 stable kernels. As usual, theycontain important fixes throughout the tree and users should upgrade.

Security updates have been issued by Debian (fribidi and python-django), Fedora (postgresql-jdbc, stargz-snapshotter, and thunderbird), Slackware (git, gzip, and xz), and SUSE (kernel, SDL2, and tomcat).

Support for developing in the Rustlanguage is headed toward the kernel, though just when itwill land in the mainline is yet to be determined. The Rust patches areprogressing, though, and beginning to attract attention from beyond thekernel community. When two languages — and two different developmentcommunities — come together, the result can be a sort of cultural clash.Some early signs of that are appearing with regard to Rust in the kernel;if the resulting impedance mismatches can be worked out, the result couldbe a better development environment for everybody involved.

Security updates have been issued by Debian (lrzip), Fedora (community-mysql, expat, firefox, kernel, mingw-openjpeg2, nss, and openjpeg2), Mageia (ceph, subversion, and webkit2), openSUSE (chromium), Oracle (httpd:2.4), Red Hat (kpatch-patch), Slackware (ruby), SUSE (kernel and netatalk), and Ubuntu (gzip and xz-utils).

SUSE has begun todiscuss its plans for the next version of SUSE Linux Enterprise on theopenSUSE lists. It appears that there will be some significant changes.

The LWN.net Weekly Edition for April 14, 2022 is available.

Using strings with contents that are supplied by users can be fraught withperil; SQL injection is a well-known technique for attacking applicationsthat stems from that, for example. Generally, database frameworks andlibraries provide mechanisms that seek to lead programmers toward doing TheRight Thing, with parameterized queries and the like, but they cannotenforce that—inventive developers will seemingly always find ways to injectuser input into places it should not go. A recently adopted PythonEnhancement Proposal (PEP) provides a way to enforce the use of strings that are untainted by user input, but it uses the optional typing featuresof the language to do so; those wanting to take advantage of it will needto be running a type-checking program.

The 5.17.3,5.16.20,5.15.34, and5.10.111 stable kernel updates have beenreleased after a relatively quick review cycle. Each contains a relativelylarge set of important fixes. Note that 5.16.20 is the final update in the5.16.x series.

Security updates have been issued by Arch Linux (gzip, python-django, and xz), Debian (chromium, subversion, and zabbix), Red Hat (expat, kernel, and thunderbird), SUSE (go1.16, go1.17, kernel, libexif, libsolv, libzypp, zypper, opensc, subversion, thunderbird, and xz), and Ubuntu (git, linux-bluefield, nginx, and subversion).

Version 6.3 of the Qtgraphics library has been released. "Qt 6.3 also comes with a decentset of new functionality. A total of 250 user stories and tasksimplementing new functionality have been completed for 6.3. Those are ofcourse too many to list individually, and if you want to have all thedetails, have a look at our newfeatures page and our Release Notes."

Git maintainer Junio C Hamano has announced therelease of v2.35.2, along with multiple other Git versions("v2.30.3, v2.31.2, v2.32.1, v2.33.2, and v2.34.2"), to fix a security problem that can happen on multi-usermachines (CVE-2022-24765).This GitHub blogpost has more details, though the GitHub service itself is notvulnerable. The description in the announcement seems a bitWindows-centric, but Linux multi-user systems are apparently vulnerable as well:

When last we looked in on the proposedtrusted_for() system call, which would allow user-space interpretersand other tools to ask the kernel whether a file is "trusted" for execution, itlooked like it was on-track for the mainline. That was back inOctober 2020; the patch has been updated multiple times since then,made its way into linux-next, and a pullrequest was made by Mickaël Salaün for the 5.18 merge window. Butit seems that there will be more to the story of getting this functionalityinto the kernel, as Linus Torvalds declined to pull trusted_for(),at least partly because he did not like the name, but there were otherreasons as well. While he is not opposedto the functionality it would provide, he also had strong feelings that anew system callwas not the right approach.

David Malcolm has posted anupdate on the state of static analysis in GCC 12.

The 4.9.310 stable kernel update has beenreleased; the changes consist mostly of backported Spectre mitigation patches.

Security updates have been issued by Debian (thunderbird and usbguard), Fedora (containerd, firefox, golang-github-containerd-imgcrypt, nss, and vim), Oracle (firefox, kernel, kernel-container, and thunderbird), Red Hat (thunderbird), Scientific Linux (thunderbird), SUSE (libexif, mozilla-nss, mysql-connector-java, and qemu), and Ubuntu (libarchive and python-django).

Filesystems and the virtual filesystem layer are in the business ofmanaging files that actually exist, but the Linux "dentry cache", whichremembers the results of file-name lookups, also keeps track of files thatdon't exist. This cache of "negative dentries" plays an importantrole in the overall performance of the system but, if it is allowed to growtoo large, its role can become negative in its own right. As the 2022 Linux Storage, Filesystem,and Memory-Management Summit (LSFMM) approaches, the subject of negativedentries has come up yet again; whether one can be positive about theprospects for a resolution this time around remains unclear.

The second 5.18 kernel prepatch is out fortesting. "Things look fairly normal here, although it's early in therelease cycle so it's a bit hard to say for sure. But at least it's notlooking particularly odd, and we have fixes all over."

Security updates have been issued by Debian (gzip, libxml2, minidlna, openjpeg2, thunderbird, webkit2gtk, wpewebkit, xen, and xz-utils), Fedora (crun, unrealircd, and vim), Mageia (389-ds-base, busybox, flatpak, fribidi, gdal, python-paramiko, and usbredir), openSUSE (opera and seamonkey), Oracle (kernel and kernel-container), Red Hat (firefox), Scientific Linux (firefox), Slackware (libarchive), SUSE (389-ds, libsolv, libzypp, zypper, and python), and Ubuntu (python-django and tcpdump).

OpenSSH 9.0 has been released. It is claimed to be primarily a bug-fixrelease, but it also switches to a new, quantum-computer-proof key-exchangeprotocol by default and includes a number of sftp changes, some ofwhich may create some compatibility issues (described in the announcement)with scp.

The readahead code in the Linux kernel is nominally responsible forreading data that has not yet been explicitly requested from storage,with the idea that it might be needed soon. The code is stable, functional, widelyused, and uncontroversial, so it is reasonable to expect the code to be ofhigh quality, and largely this is true. Recently, I found the need todocument this code, which naturally shone a rather different light onit. This work revealed minor problems with functionality and significantproblems with naming.

The 5.17.2, 5.16.19, 5.15.33, and 5.10.110 stable kernels have been released.These post-merge-window updates have a larger than usual set offixes, throughout the tree. Users of those series should upgrade.

Security updates have been issued by Arch Linux (libtiff), Debian (chromium), Fedora (buildah and chromium), openSUSE (firefox), SUSE (firefox, libsolv, libzypp, and openjpeg2), and Ubuntu (firefox and python-oslo.utils).

Version1.60.0 of the Rust language is available. Changes includecoverage-testing improvements, the return of incremental compilation, andchanges to the Instant type:

Cloud computing is a wonderful thing; it allows efficient use of computingsystems and makes virtual machines instantly available at the click of amouse or API call. But cloud computing can also be problematic; thesecurity of virtual machines is dependent on the security of thehost system. In most deployed systems, a host computer can dig through itsguests' memory at will; users running guest systems have to just hope thatdoesn't happen. There are a number of solutions to that problem underdevelopment, including thisKVM guest-private memory patch set by Chao Peng andothers, but some open questions remain.

Security updates have been issued by Arch Linux (bind), Debian (firefox-esr), Fedora (fribidi, gdal, and mingw-gdal), openSUSE (pdns-recursor and SDL2), Oracle (kernel), Slackware (mozilla), SUSE (glibc and openvpn-openssl1), and Ubuntu (fribidi and linux-azure-5.13, linux-oracle-5.13).

The LWN.net Weekly Edition for April 7, 2022 is available.

Running a command like lsof,which lists the open files on the system along with information about theprocess that has each file open, takes a lot of system calls, mostly to read asmall amount of information from many /proc files. Providing anew interface to collect those calls together into a single (or, at least,fewer) system calls is the target of Miklos Szeredi's getvalues()RFC patch that was posted on March 22. While the proposal doesnot look like it is going far, at least in its current form, it did sparksome discussion of the need—or lack thereof—for a way to reduce this kindof overhead, as well as to explore some alternative ways to get there via code thatalready exists in the kernel.

Version 28.1 of theEmacs editor has been released. The announcement says little about what'sin this release, but there are a lot of details in the NEWS file.Significant changes include native compilation of ELisp files, support forrunning the editor in a seccomp() sandbox, improved emoji support,and much more. Wayland support did notmake it into this release, but is already merged for version 29.

Security updates have been issued by Arch Linux (rizin), Fedora (fish, gdal, mingw-fribidi, mingw-gdal, mingw-openexr, mingw-python-pillow, mingw-python3, and python-pillow), Mageia (chromium-browser-stable), Oracle (Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel and kernel), Red Hat (kernel, kernel-rt, and Red Hat OpenStack Platform 16.2 (python-waitress)), Scientific Linux (kernel), Slackware (mozilla), SUSE (mozilla-nss), and Ubuntu (h2database).

The addition of the "/usr merge" feature has been something of longstanding messin the Debian world. It seems like a relatively innocuous change, whichis in keeping with the practice of most other distributions at this point; it effectivelyeliminates the top-level /bin, /sbin, and /lib*directories in order to move their contents to the corresponding locationsunder /usr. But ever since we first covered the feature introduction forDebian—more than six years ago—it has a been a recurring series ofheadaches within that community. Recent events have seemingly simplyprolonged the pain, though perhaps the end is in sight.

The Rust language team has put up ablog entry describing the plans for the language over the next coupleof years or so.

Version99.0 of the Firefox browser has been released. "The Linuxsandbox has been strengthened: processes exposed to web content no longerhave access to the X Window system (X11)".

Kees Cook catchesup with the security-related changes in the 5.10 kernel, released atthe end of 2020.

Version 5.0 LTS of the LXD container-management system has been released.This is a long-term-support release, which will be supported into 2027.New features include disk and USB hotplug support, the ability to startwith degraded networking, and more; see thisforum post for more information.

Security updates have been issued by Arch Linux (polkit, postgresql, and zlib), openSUSE (389-ds and opera), Red Hat (kpatch-patch), SUSE (389-ds and util-linux), and Ubuntu (waitress).

On his blog, Stefan Behnel writes about the 20th anniversary of Cython, which is a compiler for Python extensions written in C, for wrapping C libraries in order to provide Python bindings for them, and for embedding Python into other applications. It is used by NumPy, scikit-learn (and other scikit-* extensions), pandas, and more.

Version 4.1.0 of the Claws Mail email client is out. New features includetext zooming in the message view, improvements to a number of preferences,a "keyword warner" plugin to give a warning before sending a messagecontaining any (user-defined) keywords, and more.

Linus Torvalds released the 5.18-rc1 kernel prepatch onApril 3, after having pulled 13,207 non-merge changesets into themainline repository. This merge window has thus not only been turbulent, with a significant number of regressions and refused pullrequests, it has also been relatively busy. Just over 9,000 of thosechangesets were pulled after the first 5.18merge window summary was written; the time has come to catch up withthe remainder of changes merged for this development cycle.

Security updates have been issued by Debian (asterisk, qemu, and zlib), Fedora (389-ds-base, ghc-cmark-gfm, ghc-hakyll, gitit, libkiwix, openssl, pandoc, pandoc-citeproc, patat, phoronix-test-suite, seamonkey, and skopeo), Mageia (libtiff, openjpeg2, and php-smarty), openSUSE (python), Oracle (httpd), Red Hat (httpd), and SUSE (libreoffice, python, and python36).

Linus has released 5.18-rc1 and closed themerge window for the 5.18 release. "In fact, at least in purecommits, this has been a bigger merge window than we've had in sometime. But let's hope it's all smooth sailing this release." In theend, 13,207 non-merge changesets were merged during this merge window.

The 4.14.275 stable kernel update has beenreleased; it seems to consist mostly of backports of a set of arm64 Spectremitigations.

On his blog, Antoni Boucher updates the status of rustc_codegen_gcc, which "is a GCC codegen for rustc, meaning that it can be loaded by the existing rustc frontend, but benefits from GCC by having more architectures supported and having access to GCC’s optimizations". A significant milestone has been reached: "the GCC codegen has made enough progress to be able to compile rustc itself". For the Rust programming language, rustc is the standard compiler, so this work will eventually allow programs to be built for a number of architectures that are not supported by rustc. He also made progress beyond just building the compiler as he "was able to compile rustc using the GCC codegen and use the resulting rustc to compile a Hello World".

In theory, direct memory access (DMA) operations are simple to understand;a device transfers data directly to or from a memory buffer managed by theCPU. Almost all contemporary devices perform DMA, since it would not bepossible to obtain the needed performance without it. Like so many things,DMA turns out to be a bit more complicated in practice. That complexityled to an erroneous patch, intended to improve security, breaking DMA forsome devices in 5.17 and some stable kernels.

Security updates have been issued by Debian (wireshark), Fedora (389-ds-base), Mageia (golang, wavpack, and zlib), openSUSE (yaml-cpp), SUSE (expat and yaml-cpp), and Ubuntu (linux, linux-aws, linux-kvm, linux-lts-xenial, linux-aws-5.4, linux-azure, linux-gcp, linux-gcp-5.13, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-aws-hwe, linux-gcp-4.15, linux-oracle, linux-intel-5.13, and tomcat9).

"Control-flow integrity" (CFI) is a set of technologies intended to preventan attacker from redirecting a program's control flow and taking it over.One of theapproaches taken by CFI is called "indirect branch tracking" (IBT); itspurpose is to prevent an attacker from causing an indirect branch (afunction call via a pointer variable, for example) to go to an unintendedplace. IBT for Intel processors has been under development for some time;after an abrupt turn, support for protecting the kernel with IBT has beenmerged for the upcoming 5.18 release.