LWN.net

Followers of the linux-next integration tree may have noticed a significantaddition: initial support for writing device drivers in the Rust language.There is some documentation in Documentation/rust,while the code itself is in the rusttop-level directory. Appearance in linux-next generally implies readinessfor the upcoming merge window, but it is not clear if that is the casehere; this code has not seen a lot of wider review yet. It is, regardless,an important step toward the ability to write drivers in a safer language.

Security updates have been issued by CentOS (kernel and pki-core), Debian (shibboleth-sp, shibboleth-sp2, and squid3), openSUSE (libmysofa and privoxy), Oracle (bind), and Ubuntu (ruby2.3, ruby2.5, ruby2.7).

Memory management generally works at the level of pages, which typicallycontain 4,096 bytes but may be larger. The kernel, though, has extendedthe concept of pages to include compound pages, which are groups ofcontiguous single pages. That, in turn, has made the definition ofwhat a "page" is a bit fuzzy. Matthew Wilcox has been working since lastyear on a concept called "page folios" which is meant to bring the pictureback into focus; whether the memory-management community will accept itremains unclear, though.

Security updates have been issued by Debian (velocity-tools), Fedora (switchboard-plug-bluetooth), Mageia (discover, flatpak, and xmlgraphics-commons), openSUSE (chromium and python), Oracle (kernel, kernel-container, and pki-core), Red Hat (openvswitch2.11 and ovn2.11, python-django, qemu-kvm-rhev, and rubygem-em-http-request), and SUSE (crmsh, openssl1, and php53).

The LWN.net Weekly Edition for March 18, 2021 is available.

A number of different attacks against Linux systems rely on brute-forcetechniques using the fork()system call, so a new Linux security module (LSM), called "Brute", has been created todetect and thwart such attacks.Repeated fork() calls can be used for various types ofattacks, such as exploiting the StackClash vulnerability or Heartbleed-style flaws.Version 6 of the Brute patch set was recentlypostedand looks like it might be heading toward the mainline.

Stable kernels 5.11.7, 5.10.24, 5.4.106, 4.19.181, 4.14.226, 4.9.262, and 4.4.262 have been released. There areimportant fixes throughout the tree and users should upgrade.

Open-source projects have many non-technical needs as they grow. But,running a FOSS non-profit organization for supporting these projects is alot of work, as anyone involved in such an organization will attest. Thesedays, some software platforms, such as LFX from the Linux Foundationand Open Collective, are indevelopment to provide important services, such as crowdfunding, toprojects and other organizations. These platforms have the potential toimprove both the quality and range of services available to projects.

Security updates have been issued by Debian (shadow, tor, and velocity), Fedora (gsoap, qt5-qtsvg, and switchboard-plug-bluetooth), Mageia (batik, chromium-browser-stable, glibc, ksh, and microcode), openSUSE (389-ds, connman, freeradius-server, froxlor, openssl-1_0_0, openssl-1_1, postgresql12, and python-markdown2), Red Hat (bind, curl, kernel, nss and nss-softokn, perl, python, and tomcat), Scientific Linux (ipa, kernel, and pki-core), SUSE (glib2 and velocity), and Ubuntu (containerd).

Christian Schaller looksforward to the Fedora 34 release with a detailed write-up of thedesktop-oriented changes. "The big ticket item we have wanted toclose off on was Wayland, because while Wayland has been production readyfor most of us for a while, there was still some cases it didn’t cover aswell as X.org. The biggest of this was of course the lack of acceleratedXWayland support with the binary NVidia driver."

Security updates have been issued by Debian (tomcat8), Fedora (git), openSUSE (opera), Oracle (python), Red Hat (ipa, kernel, kernel-rt, kpatch-patch, and pki-core), SUSE (compat-openssl098 and python), and Ubuntu (glib2.0, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon, and openjpeg2).

There is a newmailing-list server running under the auspices of kernel.org that ismeant, over time, to address the problems that have been plaguingvger.kernel.org in recent times.

It is probably fair to say that most Linux developers never end up using chroot()in an application. This system call puts the calling process into a newview of the filesystem, with the passed-in directory as the rootdirectory. It can be used to isolate a process from the bulk of thefilesystem, though its security benefits are somewhat limited. Callingchroot() is a privileged operation but, if Mickaël Salaün has hisway with this patchset, that will not be true for much longer, in some situations atleast.

Security updates have been issued by Debian (ca-certificates, flatpak, golang-1.7, golang-1.8, mupdf, pygments, and tiff), Fedora (containerd, golang-github-containerd-cri, mingw-gdk-pixbuf, mingw-glib2, mingw-jasper, mingw-python-jinja2, mingw-python-pillow, mingw-python3, python-django, python-pillow, and python2-pillow), Mageia (git, mediainfo, netty, python-django, and quartz), openSUSE (crmsh, git, glib2, kernel-firmware, openldap2, stunnel, and wpa_supplicant), Oracle (qemu), Red Hat (openvswitch2.11, openvswitch2.13, pki-core, rh-nodejs10-nodejs, rh-nodejs12-nodejs, rh-nodejs14-nodejs, and wpa_supplicant), Slackware (kernel), SUSE (apache2, crmsh, glib2, s390-tools, and slurm_20_11 and pdsh), and Ubuntu (python2.7, python3.7, python3.8).

The third 5.12 kernel prepatch is out fortesting. "So rc3 is pretty big this time around, but that's entirelyartificial, and due to how I released rc2 early. So I'm not going to readanything more into this, 5.12 still seems to actually be on the smallerside overall."

In the first part of this series, I showed you the theory behindconcurrent memory models and how that theory can be applied tosimple loads and stores. However, loads and stores alone are nota practical tool for the building of higher-level synchronization primitivessuch as spinlocks, mutexes, and condition variables.Even though it is possible to synchronize two threads using thefull memory-barrier pattern that was introduced last week (Dekker'salgorithm), modern processors provide a way that iseasier, more generic, and faster—yes, all three of them—thecompare-and-swap operation.

Security updates have been issued by Debian (mupdf and pygments), Fedora (arm-none-eabi-newlib, nodejs, python3.10, and suricata), Mageia (ansible, ceph, firejail, glib2.0, gnuplot, libcaca, mumble, openssh, postgresql, python-cryptography, python-httplib2, python-yaml, roundcubemail, and ruby-mechanize), Scientific Linux (wpa_supplicant), Slackware (git), SUSE (crmsh, libsolv, libzypp, yast2-installation, zypper, openssl-1_0_0, python, and stunnel), and Ubuntu (pillow).

The Asahi Linux project, which is working to build a distribution forM1-based Apple systems, has published aprogress report for January and February. "Apple Silicon Macsboot in a completely different way from PCs. The way they work is more akinto embedded platforms (like Android phones, or, of course, iOS devices),but with quite a few bespoke mechanisms thrown in. However, Apple has takena few steps to make this boot process feel closer to that of an Intel Mac,so there has been a lot of confusion around how things actually work. Forexample, did you know that Apple Silicon Macs cannot boot from externalstorage at all, in the traditional sense? Or that the bootloader on AppleSilicon Macs cannot show a graphical user interface at all, and that the“Boot Picker” is in fact a full-screen macOS app, not part of thebootloader?"

The5.11.6,5.10.23,5.4.105,4.19.180,4.14.225,4.9.261, and4.4.261 stable kernels have all beenreleased, one day earlier than might have been expected. Each contains yetanother set of important fixes.

Many developers use SSH to access their systems, so it is not surprisingthat SSH servers are widely attacked. During the FOSDEM 2021 conference,Sanja Bonic and Janos Pasztor reported on their experiment using containers as a way to easily createSSH honeypots — fake servers that allow administrators to observe the actions ofattackers without risking a production system. Theconversational-style talk walked the audience through the process ofsetting up an SSH server to play the role of the honeypot, showed whatSSH attacks look like, and gave a number of suggestions on how toimprove the security of SSH servers.

Security updates have been issued by Debian (zeromq3), Oracle (dotnet, dotnet3.1, python3, and wpa_supplicant), and Red Hat (wpa_supplicant).

The LWN.net Weekly Edition for March 11, 2021 is available.

A potentially nasty vulnerability in the Gitdistributed revision-control system was disclosed on March 9. There are enoughqualifiers in the description of the vulnerability that it may appear to befairly narrowly focused—and it is. That may make it less worrisome, butit is not entirely clear. As with most vulnerabilities, it all depends on howthe software is being used and the environment in which it is running.

Exceptions inPython are a mechanism used to report errors (of an exceptional variety); programs can be and are written to expect and handlecertain types of exceptions using try and except. Butexceptions were originally meant to report a single error event and, thesedays, things are a tad more complicated than that. A recent PythonEnhancement Proposal (PEP) targets adding exception groups, as well as newsyntax to catch and handle the groups.

Security updates have been issued by Debian (kernel and privoxy), Fedora (libtpms, privoxy, and x11vnc), openSUSE (chromium), Red Hat (.NET 5.0, .NET Core, .NET Core 2.1, .NET Core 3.1, dotnet, and dotnet3.1), SUSE (git, kernel, openssl-1_1, and wpa_supplicant), and Ubuntu (git and openssh).

The Linux Foundation has announceda project called sigstore; its purpose isto protect against supply-chain attacks by signing (and verifying) releaseartifacts. "Very few open source projects cryptographically signsoftware release artifacts. This is largely due to the challenges softwaremaintainers face on key management, key compromise / revocation and thedistribution of public keys and artifact digests. In turn, users are leftto seek out which keys to trust and learn steps needed to validatesigning. Further problems exist in how digests and public keys aredistributed, often stored on websites susceptible to hacks or a README filesituated on a public git repository. sigstore seeks to solve these issuesby utilization of short lived ephemeral keys with a trust root leveragedfrom an open and auditable public transparency logs."

Several new versions of the Git source-code management system have beenreleased; they fix a vulnerability that could allow a hostile remoterepository to execute code locally during a clone operation. Only users with case-insensitive filesystems are affected, reducingthe set of possible targets considerably, but an update still seems like agood idea.

Linaro Ltd has announced the first GNU Toolchain integration build. "Every six months, Arm releases the official GNU Toolchain release for Arm architectures for the purpose of production. Linaro will bridge the gap between the official releases by delivering monthly integration builds which offer users a snapshot of the upstream build. Although not supported, having access to these builds will allow developers to test features from a pre-built binary as soon as it lands upstream. The builds will also enable companies to check their BSP (Board Support Package) release will work with newer toolchains without having to wait for an official release."

Greg Kroah-Hartman has released stable kernels 5.11.5, 5.10.22, and 5.4.104. They all contain important fixes andusers should upgrade.

Security updates have been issued by Fedora (firefox, kernel, kernel-headers, kernel-tools, libebml, and wpa_supplicant), openSUSE (mbedtls), Oracle (kernel, kernel-container, and screen), Red Hat (curl, kernel, kernel-rt, kpatch-patch, nss-softokn, python, and virt:rhel and virt-devel:rhel), Scientific Linux (screen), SUSE (389-ds, crmsh, openldap2, openssl-1_0_0, and wpa_supplicant), and Ubuntu (glib2.0, gnome-autoar, golang-1.10, golang-1.14, and libzstd).

The -rc kernels released by Linus Torvalds exist for a reason: after 10,000or so changes flow into the kernel over a two-week merge window, there willsurely be some bugs in need of squashing. The -rc kernels provide anopportunity for wider testing after all those patches have beenintegrated. Most of the time, -rc kernels (even the initial -rc1 releases)are surprisingly safe to run. Occasionally, though, something goes wrong,giving early testers reason to reconsider their life choices. The 5.12-rc1kernel, as it turns out, was one of those.

Security updates have been issued by Debian (activemq, libcaca, libupnp, mqtt-client, and xcftools), Fedora (ceph, mupdf, nagios, python-PyMuPDF, and zathura-pdf-mupdf), Mageia (cups, kernel, pngcheck, and python-pygments), openSUSE (bind, chromium, gnome-autoar, kernel, mbedtls, nodejs8, and thunderbird), and Red Hat (nodejs:10, nodejs:12, nodejs:14, screen, and virt:8.2 and virt-devel:8.2).

The NGI POINTER organization, whichis funded by the European Commission, has put out its second open callfor providing development/research funding; the first open callwas in April 2020. This time around, the organization is looking forindividuals or projects that are working on "changing the Internetand Web with European Values at its core". The goal is to"support promising bottom-up projects that are able to build, on topof state-of-the-art research, scalable protocols and tools to assist in thepractical transition or migration to new or updated technologies, whilstkeeping European Values at the core". Those interested may want tolook at some of the previously fundedprojects; more information can also be foundin the WorkProgramme [PDF].

The5.11.4,5.10.21,5.4.103,4.19.179,4.14.224,4.9.260, and4.4.260stable kernels have all been released; each contains yet another set ofimportant fixes.

Linus has released 5.12-rc2 a little soonerthan would normally be expected due to theproblems with 5.12-rc1. "Other than that it all looks prettynormal".

The first two articles in this series introduced four ways to order memoryaccesses: load-acquire and store-release operations in the first installment, read andwrite memory barriers in the second. The series continueswith an exploration of full memory barriers, why they are more expensive,and how they are used in the kernel.

Security updates have been issued by Fedora (389-ds-base, dogtag-pki, dpdk, freeipa, isync, openvswitch, pki-core, and screen), Mageia (bind, chromium-browser-stable, gnome-autoar, jasper, openldap, openssl and compat-openssl10, screen, webkit2, and xpdf), Oracle (grub2), Red Hat (java-1.7.1-ibm, java-1.8.0-ibm, nodejs:10, and nodejs:12), SUSE (freeradius-server), and Ubuntu (wpa).

Over the last couple of years, a lot of development effort has gone intotwo kernel subsystems:BPF andio_uring. The BPF virtual machine allowsprograms from user space to be safely run within the context of the kernel,while io_uring addresses the longstanding problem of running system callsasynchronously. As the two subsystems expand, it was inevitable that thetwo would eventually meet; the first encounter happened in mid-Februarywith this patchset from Pavel Begunkov adding the ability to run BPF programs fromwithin io_uring.

Linus Torvalds has sent out a note telling people not to install the recent5.12-rc1 development kernel; this is especially true for anybody runningwith swap files. "But I want everybody to be aware of because _if_it bites you, it bites you hard, and you can end up with a filesystem thatis essentially overwritten by random swap data. This is what we in theindustry call 'double ungood'." Additionally, he is askingmaintainers to not start branches from 5.12-rc1 to avoid future situations wherepeople land in the buggy code while bisecting problems.

Greg Kroah-Hartman has released the 5.11.3,5.10.20, 5.4.102, 4.19.178, 4.14.223, 4.9.259, and 4.4.259 stable kernels. These are generallyenormous updates, with important changes throughout the kernel tree; usersshould upgrade.

Security updates have been issued by Fedora (389-ds-base, dogtag-pki, freeipa, isync, pki-core, and screen), Mageia (firefox, kernel, kernel-linus, libtiff, nonfree-firmware, and thunderbird), Red Hat (bind and java-1.8.0-ibm), Scientific Linux (grub2), and SUSE (kernel-firmware, openldap2, postgresql12, and python-cryptography).

The LWN.net Weekly Edition for March 4, 2021 is available.

The Python lambdakeyword, which can be used to create small, anonymous functions, comes from the world of functionalprogramming, but is perhaps not the most beloved of Python features.In part, that may be because it is somewhat clunky to use, especially incomparison to the shorthand notation offered by other languages, such asJavaScript. That has led to some discussions on possible changes to lambda in Pythonmailing lists since mid-February.

OpenSSH 8.5 has been released. It includes fixes for a couple of potentialsecurity problems (one of which only applies to Solaris hosts); it alsoenables UpdateHostKeys by default, allowing hosts with insecurekeys to upgrade them without creating scary warnings for users. There area lot of other small changes; see the announcement for details.

Security updates have been issued by CentOS (bind), Debian (adminer, grub2, spip, and wpa), Mageia (openjpeg2, wpa_supplicant, and xterm), openSUSE (avahi, bind, firefox, ImageMagick, java-1_8_0-openjdk, nodejs10, and webkit2gtk3), Red Hat (container-tools:1.0, container-tools:2.0, grub2, and virt:rhel and virt-devel:rhel), SUSE (bind, gnome-autoar, grub2, and nodejs8), and Ubuntu (python2.7 and wpa).

For more than a decade, PulseAudiohas been serving the Linux desktop as its predominant audiomixing and routing daemon — and its audio API. Unfortunately,PulseAudio's internal architecture does not fit the growingsandboxed-applications use case, even though there have been attempts to amend that. PipeWire, a new daemon created (in part)out of these attempts, will replacePulseAudio in the upcoming Fedora 34 release. It is a comingtransition that deserves a look.

Security updates have been issued by Arch Linux (bind, intel-ucode, ipmitool, isync, openssl, python, python-cryptography, python-httplib2, salt, tar, and thrift), Fedora (ansible, salt, webkit2gtk3, and wpa_supplicant), Oracle (bind), Red Hat (bind, kernel, and kpatch-patch), Scientific Linux (bind), SUSE (firefox, gnome-autoar, java-1_8_0-ibm, java-1_8_0-openjdk, nodejs10, open-iscsi, perl-XML-Twig, python-cryptography, and thunderbird), and Ubuntu (bind9).

The 5.12 merge window closed with the release of 5.12-rc1on February 28; this released followed the normal schedule despite thefact that Linus Torvalds had been without power for the first six daysafter 5.11 came out. At that point, 10,886 non-merge changesets had foundtheir way into the mainline repository; about 2,000 of those showed upafter the first-half merge-window summarywas written. The pace of merging obviously slowed down, but there werestill a number of interesting features to be found in those patches.

Security updates have been issued by CentOS (firefox, ImageMagick, libexif, thunderbird, and xorg-x11-server), Debian (docker.io, python-aiohttp, and thunderbird), Fedora (chromium, firefox, kernel, and rygel), Mageia (nodejs, pix, and subversion), openSUSE (glibc, gnuplot, nodejs12, nodejs14, pcp, python-cryptography, qemu, and salt), Red Hat (bind and podman), and SUSE (csync2, glibc, java-1_8_0-ibm, nodejs12, nodejs14, python-Jinja2, and rpmlint).

William Woodruff has posted arant of sorts on the adoption of Rust by the Python Cryptographyproject, which was covered here inFebruary.