LWN.net

Phoronix reportsthat the days of proprietary NVIDIA graphics drivers are coming to a close.

In a filesystem session at the 2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM), Ted Ts'o broughtup the subject of filesystems that get resized frequently and whether thedefault parameters for filesystem creation should change as a result. Itstems from a conversation that he had with XFS developer DarrickWong, who is experiencing some of the same challenges as ext4 in this area.He outlined the problem and how it comes about, then led the discussion onways to perhaps address it.

Out-of-memory (OOM) situations are dreaded by users, system administrators,and kernel developers alike. Usually, all that is known is that a lot ofmemory is being used somewhere and the system has run out, but the kernel provides little help toanybody trying to figure out where the memory has gone. In a memory-managementsession at the 2022Linux Storage, Filesystem, Memory-management and BPF Summit (LSFMM),Kent Overstreet asked what could be done to improve OOM reports and reducethe pain for all involved.

Over on the Python Software Foundation (PSF) blog, Alex Waygood has a report from this year's Python Language Summit. There are reports from each of the nine sessions, including "Python without the GIL", The 'Faster CPython' project: 3.12 and beyond", "F-Strings in the grammar", lightning talks, and more.

Memory protection keys are a CPU feature that allows additional accessrestrictions to be imposed on regions of memory and changed in a fast andefficient way. Support for protection keys in user space has been in thekernel for some time, but kernel-side protection (often called "protectionkeys supervisor" or PKS) remains unsupported — on x86, at least. At the 2022 LinuxStorage, Filesystem, Memory-management and BPF Summit (LSFMM), IraWeiny provided an update on the state of PKS and led a discussion on whatthe proper in-kernel API for PKS should be.

The Rust Blog warnsdevelopers of a malicious crate named rustdecimal, which wasevidently targeted at GitLab users who mistype rust_decimal.

Security updates have been issued by Debian (mutt), Fedora (blender, freerdp, kernel, kernel-headers, kernel-tools, mingw-freetype, and vim), Oracle (kernel and kernel-container), Red Hat (aspell, bind, bluez, c-ares, cairo and pixman, cockpit, compat-exiv2-026, container-tools:3.0, container-tools:rhel8, cpio, dovecot, exiv2, fapolicyd, fetchmail, flatpak, gfbgraph, gnome-shell, go-toolset:rhel8, grafana, grub2, httpd:2.4, keepalived, kernel, kernel-rt, libpq, libreoffice, libsndfile, libssh, libtiff, lynx, maven:3.5, maven:3.6, mod_auth_mellon, mod_auth_openidc:2.3, openssh, php:7.4, pki-core:10.6, postgresql:10, python-lxml, python27:2.7, python3, python38:3.8 python38-devel:3.8, python39:3.9 python39-devel:3.9, qt5-qtbase, qt5-qtsvg, rust-toolset:rhel8, samba, squid:4, udisks2, virt:rhel virt-devel:rhel, webkit2gtk3, xorg-x11-server xorg-x11-server-Xwayland, and zsh), SUSE (gzip and php-composer), and Ubuntu (busybox, cairo, cron, dnsmasq, libsndfile, and nss).

It would have been surprising indeed if the 2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM) did not include asession working toward solutions to the longstanding problems withget_user_pages(), an internal function that locks user-space pagesin memory for access by the kernel. The issue has, after all, come up numerous timesover the years. This year's event duly contained a session in the jointfilesystem and memory-management track, led by John Hubbard, with a focuson page pinning and how it interacts with filesystems.

In a combined filesystem and memory-management session at the 2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM), Paul McKenneygave an update onthe changes to the read-copy-update (RCU) subsystem that had been made overthe last several years. He started with a quick overview of what RCU isand why it exists at all. He did not go into anyreal depth, though, since many of the topics could take a 90-minute session of theirown, he said, but he did provide some descriptions of the work that has gone intoRCU recently.

The 2022 LinuxStorage, Filesystem, Memory-management and BPF Summit (LSFMM) was thefirst chance for Linux memory-management developers to gather in threeyears. In a session at the end of the first day led by maintainer AndrewMorton, those developers discussed the memory-management developmentprocess. While the overall governance will remain the same, there arenonetheless some significant changes in store for this subsystem.

The Fedora 36release is now available. Improvements include GNOME 42, Waylandsupport by default on systems with NVIDIA graphics, Podman 4.0,Ansible 5, the removal of support for legacy ifcfgconfiguration files, GCC 12, and more; see therelease notes for details.

Like much of the kernel, the memory-management subsystem is under-documented,and much of the documentation that does exist is less than fully current.At the 2022 LinuxStorage, Filesystem, Memory-management and BPF Summit (LSFMM), MikeRapoport ran a session on memory-management documentation and what can bedone to improve it. The result was a reinvigorated interest indocumentation, but only time will tell what actual improvements will comefrom that interest.

Security updates have been issued by Debian (kicad and qemu), Fedora (thunderbird), Oracle (expat), Red Hat (samba), Slackware (kernel), and SUSE (firefox, ldb, and rsyslog).

Lennart Poettering designshis ideal desktop operating system in great detail:

Robert McQueen describessome initiatives being taken by the GNOME Foundation to attract moreusers and developers to the platform.

The problem of negative dentries accumulating in the dentry cache in anunbounded manner, as we looked at back inApril, came up at the2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM).Negative dentries reflect failed file-name lookups, which are then cached,saving an expensive operation if the file name in question is looked upagain. There is no mechanism to proactively prune back those cacheentries, however, so the cache keeps growing until memory pressure finallycauses the system to forcibly evict some of them, which can make the systemunresponsive for a long time or even cause a soft lockup.

One of the memory-management subsystem's most important jobs is reclaimingunused (or little-used) memory so that it can be put to better use. When it comes toone of the core memory-management data structures — page tables — though,this subsystem often falls down on the job. At the 2022 Linux Storage,Filesystem, Memory-management and BPF Summit (LSFMM), David Hildenbrand led asession on the problems posed by the lack of page-table reclaim andexplored options for improving the situation.

Greg Kroah-Hartman has announced the release of the 5.17.6, 5.15.38, 5.10.114, and 5.4.192 stable kernels. As usual, thesecontain important fixes throughout the tree; users of those series should upgrade.

Security updates have been issued by CentOS (firefox and thunderbird), Debian (ecdsautils and libz-mingw-w64), Fedora (cifs-utils, firefox, galera, git, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-latest-openjdk, mariadb, maven-shared-utils, mingw-freetype, redis, and seamonkey), Mageia (dcraw, firefox, lighttpd, rsyslog, ruby-nokogiri, and thunderbird), Scientific Linux (thunderbird), SUSE (giflib, kernel, and libwmf), and Ubuntu (dbus and rsyslog).

The 5.18-rc6 kernel prepatch is out fortesting. "Please do go test it all out - because things may lookgood now, but continued testing is the only thing that will makesure."

The GCC project has made the first release of the GCC 12 series, GCC 12.1. As the announcement notes, this month is the 35th anniversary of the GCC 1.0 release. There are lots of changes and fixes in this release, including:

There are certain themes that recur regularly at the Linux Storage,Filesystem, Memory-Management, and BPF Summit; among the most reliable isthe scalability problems posed by the mmap_lock (formerlymmap_sem) lock. This topic has come up in (at least)2013,2018 (twice),and 2019. The 2022 event was noexception, with three consecutive sessions led by Liam Howlett, MichelLespinasse, and Suren Baghdasaryandedicated to the topic. There are improvements on the horizon, but the problemis far from solved.

Security updates have been issued by Debian (dpdk, mruby, openjdk-11, and smarty3), Oracle (thunderbird), Red Hat (thunderbird), SUSE (chromium, libvirt, python-Twisted, and tar), and Ubuntu (cron and jbig2dec).

"Hardware poisoning" is a mechanism for detecting and handling memoryerrors in a running system. When a particular range of memory ceases toremember correctly, it is "poisoned" and further accesses to it willgenerate errors. The kernel has had support forhardware poisoning for over a decade, but that doesn't mean it can't beimproved. At the 2022 Linux Storage,Filesystem, Memory-management and BPF Summit, Yang Shi discussed thechallenges of dealing with hardware poisoning when it affects memory usedfor the page cache.

Security updates have been issued by Debian (firefox-esr), Fedora (firefox, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-latest-openjdk, recutils, suricata, and zchunk), Oracle (firefox and kernel), Red Hat (firefox), Scientific Linux (firefox), Slackware (mozilla, openssl, and seamonkey), SUSE (apache2-mod_auth_mellon, libvirt, and pgadmin4), and Ubuntu (dpdk, mysql-5.7, networkd-dispatcher, openssl, openssl1.0, sqlite3, and twisted).

The LWN.net Weekly Edition for May 5, 2022 is available.

There is a lot of work going on right now on speeding up Python; KevinModzelewski gave a presentation at PyCon 2022 on some of thatwork. Much of it has implications for Python programmers in terms of howto best take advantage of these optimizations in their code. He gave anoverview of some of the projects, the kinds of optimizations being workedon, and provided some benchmarks to give a general idea of how much fastervarious Python implementations are getting—and which operations are most affected.

The folio project is not yet two years old,but it has already resulted in significant changes to the kernel's memory-management and filesystemlayers. While much work has been done, quite a bit remains. In theopening plenary session at the 2022 Linux Storage,Filesystem, Memory-management and BPF Summit, Matthew Wilcox providedan update on the folio transition and led a discussion on the work thatremains to be done.

Security updates have been issued by Debian (openjdk-17), Fedora (chromium and suricata), Oracle (mariadb:10.5), SUSE (amazon-ssm-agent, containerd, docker, java-11-openjdk, libcaca, libwmf, pcp, ruby2.5, rubygem-puma, webkit2gtk3, and xen), and Ubuntu (linux-raspi).

Version100.0 of the Firefox browser has been released. New features includevideo caption display on various proprietary sites, multiple-languagespelling checking, invisible scrollbars, and more.

Python's match statement, which provides a long-sought C-likeswitch statement—though it is far more than that—has now been part of thelanguage for more than six months. One of the authors of the series of PythonEnhancement Proposals (PEPs) that described the feature, Brandt Bucher, came to PyCon 2022 in Salt Lake City, Utah to talkabout the feature. He gave an overview of its history, some of its many-facetedabilities, a bit about how it was implemented, and some thoughts on itsfuture, in a presentation onApril 29, which was the first day of talks for the conference.

Version 4.7 of the SystemTap tracing system is out. "Enhancements to this release include: a new stap-profile-annotatetool, a new --sign-module module signing option, -d is now implied forprocesses specified with -c/-x".

Security updates have been issued by Debian (jackson-databind, kernel, openvpn, and twisted), Fedora (xz), Mageia (chromium-browser-stable and curl), Oracle (vim and xmlrpc-c), Red Hat (gzip), Slackware (libxml2), SUSE (git, python39, and subversion), and Ubuntu (libvirt and mysql-5.7, mysql-8.0).

The classic NUMA architecture is built around nodes, each of which containsa set of CPUs and some local memory; all nodes are more-or-less equal.Recently, though, "tiered-memory" NUMA systems have begun to appear; theseinclude CPU-less nodes that contain persistent memory rather than (faster,but more expensive) DRAM. One possible use for thatmemory is to hold less-frequently-used pages rather than forcing them outto a backing-store device. There is an interesting problem that emergesfrom this use case, though: how does the kernel manage the movement ofpages between faster and slower memory? Several recent patch sets havetaken differing approaches to the problem of rebalancing memory on thesesystems.

Richard Hughes announcesthe fwupd 1.8.0 release and notes that the associated Linux Vendor Firmware Service has now shippeda minimum of 50 million firmware updates.

Security updates have been issued by Debian (ffmpeg, ghostscript, libarchive, and tinyxml), Fedora (CuraEngine, epiphany, gzip, usd, vim, xen, and xz), Oracle (maven-shared-utils and qemu), Red Hat (gzip, python27-python and python27-python-pip, rh-maven36-maven-shared-utils, rh-python38-python, rh-python38-python-lxml, and rh-python38-python-pip, and zlib), Slackware (pidgin), SUSE (jasper, java-11-openjdk, libcaca, libslirp, mariadb, mutt, nodejs12, opera, and python-Twisted), and Ubuntu (libinput).

Drew DeVault has announcedthe existence of a new programming language called "Hare".

Nathan Willis tooka long look at the Open Source Initiative's 2022 board election andwasn't entirely pleased with what he saw.

The 5.18-rc5 kernel prepatch is out fortesting. "So if rc4 last week was tiny and smaller than usual, it seems to havebeen partly timing, and rc5 is now a bit larger than usual.But only a very tiny bit larger - certainly not outrageously so, andnot something that worries me."

The 5.15.37 and4.19.241stable kernel updates have been released; each contains a relatively smallnumber of important fixes.

TechRepublic has published aninterview with Fedora project leader Matthew Miller.

One of the changes merged for the 5.18 kernel was a specialized memory allocator for BPFprograms that have been loaded into the kernel. Since then, though, thisfeature has run into a fair amount of turbulence and will almost certainly be disabledin the final 5.18 release. This outcome is partly a result of bugs in theallocator itself, but this work also had the bad luck to trip some olderand deeper bugs within the kernel's memory-management subsystem.

Security updates have been issued by Fedora (dhcp, gzip, podman, rsync, and usd), Mageia (firefox/nss/rootcerts, kernel, kernel-linus, and thunderbird), Oracle (container-tools:2.0, container-tools:3.0, mariadb:10.3, and zlib), Red Hat (Red Hat OpenStack Platform 16.2 (python-twisted), xmlrpc-c, and zlib), SUSE (glib2, nodejs12, nodejs14, python-paramiko, python-pip, and python-requests), and Ubuntu (curl, ghostscript, libsdl1.2, libsdl2, mutt, networkd-dispatcher, and webkit2gtk).

There is a long and growing list of options for getting information out ofthe kernel but, in the real world, print statements still tend to be thetool of choice. The kernel's printk()function often comes up short, despite the fact that it provides a set ofkernel-specific features, so there has, for some time, been interest inbetter APIs for textual output from the kernel. The "printbuf"proposal from Kent Overstreet is one step in that direction, but willneed some changes to make it work well with features the kernel alreadyhas.

Security updates have been issued by Debian (chromium, golang-1.7, and golang-1.8), Fedora (bettercap, chisel, containerd, doctl, gobuster, golang-contrib-opencensus-resource, golang-github-appc-docker2aci, golang-github-appc-spec, golang-github-containerd-continuity, golang-github-containerd-stargz-snapshotter, golang-github-coredns-corefile-migration, golang-github-envoyproxy-protoc-gen-validate, golang-github-francoispqt-gojay, golang-github-gogo-googleapis, golang-github-gohugoio-testmodbuilder, golang-github-google-containerregistry, golang-github-google-slothfs, golang-github-googleapis-gnostic, golang-github-googlecloudplatform-cloudsql-proxy, golang-github-grpc-ecosystem-gateway-2, golang-github-haproxytech-client-native, golang-github-haproxytech-dataplaneapi, golang-github-instrumenta-kubeval, golang-github-intel-goresctrl, golang-github-oklog, golang-github-pact-foundation, golang-github-prometheus, golang-github-prometheus-alertmanager, golang-github-prometheus-node-exporter, golang-github-prometheus-tsdb, golang-github-redteampentesting-monsoon, golang-github-spf13-cobra, golang-github-xordataexchange-crypt, golang-gopkg-src-d-git-4, golang-k8s-apiextensions-apiserver, golang-k8s-code-generator, golang-k8s-kube-aggregator, golang-k8s-sample-apiserver, golang-k8s-sample-controller, golang-mongodb-mongo-driver, golang-storj-drpc, golang-x-perf, gopass, grpcurl, onionscan, shellz, shhgit, snowcrash, stb, thunderbird, and xq), Oracle (gzip, kernel, and polkit), Slackware (curl), SUSE (buildah, cifs-utils, firewalld, golang-github-prometheus-prometheus, libaom, and webkit2gtk3), and Ubuntu (nginx and thunderbird).

The LWN.net Weekly Edition for April 28, 2022 is available.

Running code from inside a cloned Git repository is potentially risky, butnormally just inspecting such a repository is considered to be safe. As arecent posting to the Git mailing list shows, however, there are stillrisks lurking inside these repositories; code that lives in them can betriggered in unexpected ways. In particular, malicious "bare" repositoriescan be added as a subdirectory of a repository; they can be configured to runcode whenever Git commands are executed there, which is something that canhappen in surprising ways. There is now an effortunderway to try to address the problem in Git, without breaking thelegitimate need for including bare repositories into a Git tree.

As was recently reported here, the Fedoraproject has been considering dropping support for legacy BIOS systems inupcoming releases. The idea was controversial at best, and the minutes from the April 26 FESCo meetingshow that it has been rejected, for now at least. The BIOS SIG will beasked for a new plan for BIOS support in Fedora.

Version 4.0 of the YoctoProject distribution builder is out. Changes include a move to the 5.15 kernel, reproducibility fixes, improvedoverlayfs support, numerous security updates, and a long list of new recipes.

The5.17.5,5.15.36,5.10.113,5.4.191,4.19.240,4.14.277, and4.9.312stable kernels have all been released, one day earlier than had originallybeen expected.As usual, each contains another set of important fixes.