LWN.net

Greg Kroah-Hartman has released the 6.3.7,6.1.33, 5.15.116, 5.10.183, 5.4.246, 4.19.285, and 4.14.317 stable kernels. As usual, theycontain many important fixes throughout the tree; users of those seriesshould upgrade.

Security updates have been issued by Debian (jupyter-core, openssl, and ruby2.5), Fedora (firefox), Mageia (libreoffice, openssl, and python-flask), Red Hat (python and python3), Slackware (mozilla, php8, and python3), SUSE (java-1_8_0-ibm, libcares2, mariadb, and python36), and Ubuntu (linux, linux-aws, linux-kvm, linux-lts-xenial, linux-gke, linux-intel-iotg, linux-raspi, linux-xilinx-zynqmp, and mozjs102).

The kernel is an increasingly dynamic body of code, where new executabletext can show up at any time. Currently, the task of allocating memory fornew kernel code falls on the subsystem that first brought the ability toload code into a running kernel: the module loader. This patchset from Mike Rapoport looks to move the responsibility for theseallocations to a new "JIT allocator", addressing a number of rough edges inthe process.

Security updates have been issued by Debian (chromium, firefox-esr, and ruby2.5), Fedora (curl, dbus, pypy, pypy3.8, pypy3.9, python3.10, and python3.8), Red Hat (python and python-flask), Scientific Linux (emacs), SUSE (firefox, google-cloud-sap-agent, libwebp, opensc, openssl, openssl-3, openssl1, python-sqlparse, python310, and supportutils), and Ubuntu (libxml2, netatalk, and sysstat).

The LWN.net Weekly Edition for June 8, 2023 is available.

Gao Xiang gave an overview of the Extended Read-Only FileSystem (EROFS) in a filesystem session at the2023 Linux Storage, Filesystem,Memory-Management and BPF Summit. EROFS was addedto Linux 5.4 in 2019 and has been increasingly used inplaces beyond its roots as a filesystem for Android and embedded devices.Container images based on EROFS are being used in many places these days, for example.

At the end of our February article aboutthe debate around the composefs read-only,integrity-protected filesystem, it was predicted that the topic would come up at the2023 Linux Storage, Filesystem,Memory-Management and BPF Summit. That happened on the second day ofthe summit whenAlexander Larsson led a session on composefs. While the mailing-listdiscussion was somewhat contentious, the session was less so, since overlayfs canbe made to fit the needs of the composefs use cases. It turnsout that an entirely newfilesystem is not really needed.

Version15.5 of the openSUSE Leap distribution has been released. This is notintended as a feature release, but brings updated versions of manypackages. The project has also announcedthat there will be one more 15.x release before that series ends and usershave to migrate to whatever its successor will be.

Security updates have been issued by Debian (c-ares), Fedora (curl and firefox), Oracle (cups-filters, kernel, and webkit2gtk3), Red Hat (emacs and kpatch-patch), Slackware (mozilla), SUSE (kernel and openssl-1_0_0), and Ubuntu (firefox and libreoffice).

Margaret Mitchell, a researcher focused on the intersection of machinelearning and ethics, was the morning keynote speaker on the third day of PyCon 2023. She spoke about herjourney into machine learning and how the Python language has beeninstrumental in it. It was a timely and thought-provoking talk that lookedbeyond the machine-learning hype to consider the bigger picture.

Security updates have been issued by Debian (linux-5.10), Red Hat (cups-filters, curl, kernel, kernel-rt, kpatch-patch, and webkit2gtk3), SUSE (apache-commons-fileupload, openstack-heat, openstack-swift, python-Werkzeug, and openstack-heat, python-Werkzeug), and Ubuntu (frr, go, libraw, libssh, nghttp2, python2.7, python3.10, python3.11, python3.5, python3.6, python3.8, and xfce4-settings).

At the2023 Linux Storage, Filesystem,Memory-Management and BPF Summit, Luis Chamberlain led a plenarysession on kernel support for block sizes larger than 4KB. There areassumptions in the current kernel that the block size used by a block-layerdevice is less than or equal to the system's page size—both are usually 4KBtoday. But there have been efforts over the years to remove thatrestriction; that work may be heading toward fruition, in part because ofthe folio efforts of late, though there arestill lots of areas that need attention.

The 6.3.6, 6.1.32, 5.15.115, 5.10.182, and 5.4.245 stable kernels have been released.They contain a relatively small number of important fixes throughout thekernel tree.

Developers learning the Unix (or POSIX in general) system-call set willquickly encounter file descriptors, which are used to represent open filesand more. Developers also tend to learn early on that the first three filedescriptors are special, with file descriptor zero being the standard inputstream, one being standard output, and two being standard error. Thekernel, though, does not normally attach any specific meaning to a givendescriptor number, so it was somewhat surprising when a recent BPF patchseries attempted to attach a special meaning to zero when used as a filedescriptor.

Security updates have been issued by Debian (chromium, cpio, mariadb-10.3, nbconvert, sofia-sip, and wireshark), Fedora (ImageMagick, mingw-python-requests, openssl, python3.6, texlive-base, and webkitgtk), Red Hat (apr-util, git, gnutls, kernel, kernel-rt, and kpatch-patch), Slackware (cups and ntp), and Ubuntu (linux-azure-fde, linux-azure-fde-5.15 and perl).

Linus has released 6.4-rc5 for testing.

Red Hat's Matthias Clasen has letit be known that LibreOffice will be dropped from a future Red HatEnterprise Linux release, and the future of its support in Fedora isunclear as well.

As the 2023 Linux Storage, Filesystem,Memory-Management and BPF Summit neared its conclusion, two sessionswere held in the memory-management track on process-oriented topics. MikeRapoport ran a session on memory-management documentation (or the lackthereof), while Andrew Morton talked about the state of the subsystem'sdevelopment process in general. Both sessions were relatively brief and didnot foreshadow substantial changes to come.

Security updates have been issued by Debian (cups and netatalk), SUSE (cups, ImageMagick, installation-images, libvirt, openvswitch, and qemu), and Ubuntu (avahi, cups, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-snapdragon, linux, linux-aws, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-aws-5.4, linux-bluefield, linux-intel-iotg, and linux-intel-iotg-5.15).

Version1.70.0 of the Rust language is out. Changes include enabling the"sparse" protocol for Cargo, a couple of new types for the initializationof shared data, and more. "You should see substantially improvedperformance when fetching information from the crates.io index."

Like most other distributions, the Debian project decided to end theseparation between the root and /usr filesystems years ago.Unlike most others, though, Debian is still working on the implementationof this decision. The upcoming Debian 12 ("bookworm") release willfeature a merged /usr in most respects, but there are a couple ofnagging issues that threaten to stretch this transition out for some timeyet.

A new version of NixOS, which is a Linuxdistribution based on the Nix packagemanager, has been released: NixOS 23.05is now available. The releasenotes list numerous updates, including Nix 2.13, Linux 6.1,glibc 2.37, Cinnamon 5.6, GNOME 44, and KDE Plasma 5.27.

Security updates have been issued by Debian (libwebp, openssl, sssd, and texlive-bin), Fedora (bitcoin-core, editorconfig, edk2, mod_auth_openidc, pypy, pypy3.9, python3.10, and python3.8), Red Hat (kernel, openssl, pcs, pki-core:10.6, and qatzip), SUSE (chromium, ImageMagick, openssl-1_1, and tiff), and Ubuntu (cups, libvirt, and linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-gkeop, linux-hwe-5.15, linux-hwe-5.19, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi).

The LWN.net Weekly Edition for June 1, 2023 is available.

The code-tagging mechanism proposed lastyear by Suren Baghdasaryan and Kent Overstreet has been the subject of anumber of (sometimes tense) discussions. That conversation came to thememory-management track at the 2023 LinuxStorage, Filesystem, Memory-Management and BPF Summit, where itsdevelopers (Baghdasaryan attending in-person and Overstreet remotely) triedto convince the attendees that its benefits justify its cost.

David Malcolm writesabout a number of new features that have been added to the staticanalyzer in the GCC 13 release.

Security updates have been issued by Debian (connman and kamailio), Fedora (texlive-base), Mageia (cups-filters, postgresql, qtbase5, tcpreplay, tomcat, and vim), Slackware (openssl), SUSE (amazon-ssm-agent, cni, cni-plugins, compat-openssl098, installation-images, libaom, openssl, openssl-1_0_0, openssl-1_1, terraform, terraform-provider-helm, tiff, tomcat, and wireshark), and Ubuntu (batik, flask, linux-oem-5.17, linux-oem-6.0, linux-oem-6.1, linux-oracle, linux-oracle-5.4, mozjs102, nanopb, openssl, openssl1.0, snapd, and texlive-bin).

The6.3.5,6.1.31,5.15.114,5.10.181,5.4.244,4.19.284, and4.14.316stable kernels have all been released; each contains another set ofimportant fixes.

Martin Petersen and John Garry led a session at the2023 Linux Storage, Filesystem,Memory-Management and BPF Summit on work they have been doing toimplement atomic block writes of various sizes for SCSI and NVMe. The idea is to support devices that can guarantee atomic operations forsizes larger than their block size. It isan attempt to "find common ground" between the two standards, Petersen said, because the twohave slightly different semantics, depending on the device type, anddifferent restrictions, which has made for an "interesting project". It hasbeen a challenge to find an abstraction layer that can work with the "fivedifferent variants of SCSI and NVMe implementations that may or may not be out there".

Security updates have been issued by Debian (libssh and sssd), Fedora (microcode_ctl and python3.6), Gentoo (cgal, firefox firefox-bin, openimageio, squashfs-tools, thunderbird thunderbird-bin, tiff, tomcat, webkit-gtk, and xorg-server xwayland), SUSE (c-ares and go1.18-openssl), and Ubuntu (Jhead, node-hawk, node-nth-check, and perl).

The Rust community has experienced some turbulence in response to thecancellation of a keynote talk at the upcoming RustConf event. TheRust project leadership has now put out a blog postapologizing for and explaining its role in the event, describing its"decision-making and communication processes" as the primary causeof the failure.

Thanks to an LWN comment from "engla", we have learned that the videos from the recently completed 2023 Linux Storage, Filesystem,Memory-Management and BPF Summit are now available on YouTube. LWN sat in on many of the talks, of course, and we are still chugging along on our coverage of the conference.

Version 1.9 of Julia, which is anopen-source programming language popular in scientific computing, was releasedin early May. There are a number of interesting new features this timearound, including more work addressing thestartup-time complaints and a number of improvements to the package system.Beyond that, there are a few interesting features from the Julia 1.8 releaseto catch up on.

Aseries of blog posts from the 2023 Python Language Summit has beenposted; topics covered include the C API, the global interpreter lock,the standard library, and a talk on burnout from Guido van Rossum:

Certain topics return predictably to development conferences every year,usually because developers are still struggling to find a viable solutionto a specific problem. One such topic is the lack of scalability in thekernel's page-fault-handling code, so it was no surprise to see thisproblem on the agenda for the 2023 LinuxStorage, Filesystem, Memory-Management and BPF Summit. Matthew Wilcoxled a session in the memory-management track to discuss the state ofpage-fault handling and what can be done to improve it further.

Security updates have been issued by Debian (docker-registry, gpac, libraw, libreoffice, rainloop, and sysstat), Fedora (bottles, c-ares, edk2, libssh, microcode_ctl, python-vkbasalt-cli, rust-buffered-reader, rust-nettle, rust-nettle-sys, rust-rpm-sequoia, rust-sequoia-keyring-linter, rust-sequoia-octopus-librnp, rust-sequoia-openpgp, rust-sequoia-policy-config, rust-sequoia-sop, rust-sequoia-sq, rust-sequoia-sqv, rust-sequoia-wot, and xen), SUSE (opera), and Ubuntu (Jhead, linuxptp, and sudo).

Niels Provos reflectson 25 years of experience with Bcrypt and ponders the future of passwordsecurity in a ;login article.

The 6.4-rc4 kernel prepatch is out fortesting, a few hours earlier than usual. "Other than that timingchange, things look fairly normal".

"I/O hints" for storage devices, which are meant to improve performance bygiving the devices extra information about the nature of the I/O, have a long history withLinux. But the codefor write hints was "ripped out last year", according to a message from TedTs'o proposing a discussion about new optimizations for cloud-storage devices.That discussion took place in acombined storage and filesystem session at the2023 Linux Storage, Filesystem,Memory-Management and BPF Summit. In it, Ts'o proposed that the Linuxcommunity define its own set of hints rather than just following along with thehints in the standards—which have largely been ignored by the vendors inany case.

The "vmap area" is a range of kernel address space used when the kernelneeds to virtually map a range of memory; among other things, memoryallocations obtained from vmalloc() and loadable modules areplaced there. At the 2023 Linux Storage,Filesystem, Memory-Management and BPF Summit, Uladzislau Rezki,presenting remotely, explained a performance problem related to the vmap area and discussedpossible solutions.

The kernel's memory-management subsystem is optimized for the sharing ofresources to the greatest extent possible. But, as Pasha Tatashin pointedout during a memory-management session at the 2023 Linux Storage, Filesystem,Memory-Management and BPF Summit, a lot of memory has a single ownerand will never be shared. He presented some ideas for optimizing themanagement of that memory to a somewhat skeptical crowd.

Security updates have been issued by Debian (sniproxy), Fedora (c-ares), Oracle (apr-util, curl, emacs, git, go-toolset and golang, go-toolset:ol8, gssntlmssp, libreswan, mysql:8.0, thunderbird, and webkit2gtk3), Red Hat (go-toolset-1.19 and go-toolset-1.19-golang and go-toolset:rhel8), Slackware (ntfs), SUSE (rmt-server), and Ubuntu (linux-raspi, linux-raspi-5.4 and python-django).

Over on the Collabora blog, Marius Vlad looks at the Weston 12.0 release. Weston is the reference compositor for the Wayland project. The highlights include two new backends and support for multiple scanout devices, along with "multiple fixes and internal changes that would further facilitate integration of functionality like color management or the ability to load up multiple backends at the same time".

Issues around zoned storage for filesystems was the topic of a combinedstorage and filesystem session at 2023 Linux Storage, Filesystem,Memory-Management and BPF Summit led byBart Van Assche, Viacheslav A. Dubeyko, and Naohiro Aota. Zoned storage began with theadvent of shingledmagnetic recording (SMR) devices, but is now implemented by NVMe zonednamespaces (ZNS) as well.SMR devices can have multiple zones with differentcharacteristics, with some zones that can only be written in sequentialorder, while other, conventional zones can be written in any order. Thetalk was focused on filesystems using the sequential type of zonessince the conventional zones are already well-supported in Linux and itsfilesystems.

The conversion to folios is intended to,among other things, make it easy for the kernel to manage chunks of memoryin a number of different sizes. So far, though, that flexibility is notbeing used in the kernel's handling of anonymous pages. At the 2023 Linux Storage, Filesystem,Memory-Management and BPF Summit, Yu Zhao and Yang Shi ran a session inthe memory-management track aimed at charting a path toward support foranonymous pages in a variety of sizes.

Security updates have been issued by Debian (python2.7), Fedora (maradns), Red Hat (devtoolset-12-binutils, go-toolset and golang, httpd24-httpd, jenkins and jenkins-2-plugins, rh-ruby27-ruby, and sudo), Scientific Linux (git), Slackware (texlive), SUSE (cups-filters, poppler, texlive, distribution, golang-github-vpenso-prometheus_slurm_exporter, kubernetes1.18, kubernetes1.23, openvswitch, rmt-server, and ucode-intel), and Ubuntu (ca-certificates, calamares-settings-ubuntu, Jhead, libhtml-stripscripts-perl, and postgresql-10, postgresql-12, postgresql-14, postgresql-15).

The LWN.net Weekly Edition for May 25, 2023 is available.

It is, it seems, a week of Python Package Index (PyPI) news. On the PyPI blog, Director of Infrastructure at the Python Software Foundation (PSF), Ee Durbin, has posted an admirably detailed description of the organization's response to three subpoenas it received for PyPI user information in March and April. The requests for information were quite broad and the PSF did produce the requested material (to the extent possible), which involved five PyPI user accounts, under the advice of counsel.

Greg Kroah-Hartman has released the 6.3.4,6.1.30, and 5.15.113 stable kernels. They each contain alarge group of important fixes throughout the kernel tree.

Amir Goldstein kicked off a session on monitoring mounts at the2023 Linux Storage, Filesystem,Memory-Management and BPF Summit. In particular, there are problemswhen trying to efficiently monitor "a very large number of mounts in amount namespace"; some user-space programs need an accurate view of themount tree without having to constantly parse /proc/mounts or thelike. There are a number of questions to be answered, including what the API should look like and what entity should be watchedin order to get notifications of new mount operations.