LWN.net

Exceptions inPython are a mechanism used to report errors (of an exceptional variety); programs can be and are written to expect and handlecertain types of exceptions using try and except. Butexceptions were originally meant to report a single error event and, thesedays, things are a tad more complicated than that. A recent PythonEnhancement Proposal (PEP) targets adding exception groups, as well as newsyntax to catch and handle the groups.

Security updates have been issued by Debian (kernel and privoxy), Fedora (libtpms, privoxy, and x11vnc), openSUSE (chromium), Red Hat (.NET 5.0, .NET Core, .NET Core 2.1, .NET Core 3.1, dotnet, and dotnet3.1), SUSE (git, kernel, openssl-1_1, and wpa_supplicant), and Ubuntu (git and openssh).

The Linux Foundation has announceda project called sigstore; its purpose isto protect against supply-chain attacks by signing (and verifying) releaseartifacts. "Very few open source projects cryptographically signsoftware release artifacts. This is largely due to the challenges softwaremaintainers face on key management, key compromise / revocation and thedistribution of public keys and artifact digests. In turn, users are leftto seek out which keys to trust and learn steps needed to validatesigning. Further problems exist in how digests and public keys aredistributed, often stored on websites susceptible to hacks or a README filesituated on a public git repository. sigstore seeks to solve these issuesby utilization of short lived ephemeral keys with a trust root leveragedfrom an open and auditable public transparency logs."

Several new versions of the Git source-code management system have beenreleased; they fix a vulnerability that could allow a hostile remoterepository to execute code locally during a clone operation. Only users with case-insensitive filesystems are affected, reducingthe set of possible targets considerably, but an update still seems like agood idea.

Linaro Ltd has announced the first GNU Toolchain integration build. "Every six months, Arm releases the official GNU Toolchain release for Arm architectures for the purpose of production. Linaro will bridge the gap between the official releases by delivering monthly integration builds which offer users a snapshot of the upstream build. Although not supported, having access to these builds will allow developers to test features from a pre-built binary as soon as it lands upstream. The builds will also enable companies to check their BSP (Board Support Package) release will work with newer toolchains without having to wait for an official release."

Greg Kroah-Hartman has released stable kernels 5.11.5, 5.10.22, and 5.4.104. They all contain important fixes andusers should upgrade.

Security updates have been issued by Fedora (firefox, kernel, kernel-headers, kernel-tools, libebml, and wpa_supplicant), openSUSE (mbedtls), Oracle (kernel, kernel-container, and screen), Red Hat (curl, kernel, kernel-rt, kpatch-patch, nss-softokn, python, and virt:rhel and virt-devel:rhel), Scientific Linux (screen), SUSE (389-ds, crmsh, openldap2, openssl-1_0_0, and wpa_supplicant), and Ubuntu (glib2.0, gnome-autoar, golang-1.10, golang-1.14, and libzstd).

The -rc kernels released by Linus Torvalds exist for a reason: after 10,000or so changes flow into the kernel over a two-week merge window, there willsurely be some bugs in need of squashing. The -rc kernels provide anopportunity for wider testing after all those patches have beenintegrated. Most of the time, -rc kernels (even the initial -rc1 releases)are surprisingly safe to run. Occasionally, though, something goes wrong,giving early testers reason to reconsider their life choices. The 5.12-rc1kernel, as it turns out, was one of those.

Security updates have been issued by Debian (activemq, libcaca, libupnp, mqtt-client, and xcftools), Fedora (ceph, mupdf, nagios, python-PyMuPDF, and zathura-pdf-mupdf), Mageia (cups, kernel, pngcheck, and python-pygments), openSUSE (bind, chromium, gnome-autoar, kernel, mbedtls, nodejs8, and thunderbird), and Red Hat (nodejs:10, nodejs:12, nodejs:14, screen, and virt:8.2 and virt-devel:8.2).

The NGI POINTER organization, whichis funded by the European Commission, has put out its second open callfor providing development/research funding; the first open callwas in April 2020. This time around, the organization is looking forindividuals or projects that are working on "changing the Internetand Web with European Values at its core". The goal is to"support promising bottom-up projects that are able to build, on topof state-of-the-art research, scalable protocols and tools to assist in thepractical transition or migration to new or updated technologies, whilstkeeping European Values at the core". Those interested may want tolook at some of the previously fundedprojects; more information can also be foundin the WorkProgramme [PDF].

The5.11.4,5.10.21,5.4.103,4.19.179,4.14.224,4.9.260, and4.4.260stable kernels have all been released; each contains yet another set ofimportant fixes.

Linus has released 5.12-rc2 a little soonerthan would normally be expected due to theproblems with 5.12-rc1. "Other than that it all looks prettynormal".

The first two articles in this series introduced four ways to order memoryaccesses: load-acquire and store-release operations in the first installment, read andwrite memory barriers in the second. The series continueswith an exploration of full memory barriers, why they are more expensive,and how they are used in the kernel.

Security updates have been issued by Fedora (389-ds-base, dogtag-pki, dpdk, freeipa, isync, openvswitch, pki-core, and screen), Mageia (bind, chromium-browser-stable, gnome-autoar, jasper, openldap, openssl and compat-openssl10, screen, webkit2, and xpdf), Oracle (grub2), Red Hat (java-1.7.1-ibm, java-1.8.0-ibm, nodejs:10, and nodejs:12), SUSE (freeradius-server), and Ubuntu (wpa).

Over the last couple of years, a lot of development effort has gone intotwo kernel subsystems:BPF andio_uring. The BPF virtual machine allowsprograms from user space to be safely run within the context of the kernel,while io_uring addresses the longstanding problem of running system callsasynchronously. As the two subsystems expand, it was inevitable that thetwo would eventually meet; the first encounter happened in mid-Februarywith this patchset from Pavel Begunkov adding the ability to run BPF programs fromwithin io_uring.

Linus Torvalds has sent out a note telling people not to install the recent5.12-rc1 development kernel; this is especially true for anybody runningwith swap files. "But I want everybody to be aware of because _if_it bites you, it bites you hard, and you can end up with a filesystem thatis essentially overwritten by random swap data. This is what we in theindustry call 'double ungood'." Additionally, he is askingmaintainers to not start branches from 5.12-rc1 to avoid future situations wherepeople land in the buggy code while bisecting problems.

Greg Kroah-Hartman has released the 5.11.3,5.10.20, 5.4.102, 4.19.178, 4.14.223, 4.9.259, and 4.4.259 stable kernels. These are generallyenormous updates, with important changes throughout the kernel tree; usersshould upgrade.

Security updates have been issued by Fedora (389-ds-base, dogtag-pki, freeipa, isync, pki-core, and screen), Mageia (firefox, kernel, kernel-linus, libtiff, nonfree-firmware, and thunderbird), Red Hat (bind and java-1.8.0-ibm), Scientific Linux (grub2), and SUSE (kernel-firmware, openldap2, postgresql12, and python-cryptography).

The LWN.net Weekly Edition for March 4, 2021 is available.

The Python lambdakeyword, which can be used to create small, anonymous functions, comes from the world of functionalprogramming, but is perhaps not the most beloved of Python features.In part, that may be because it is somewhat clunky to use, especially incomparison to the shorthand notation offered by other languages, such asJavaScript. That has led to some discussions on possible changes to lambda in Pythonmailing lists since mid-February.

OpenSSH 8.5 has been released. It includes fixes for a couple of potentialsecurity problems (one of which only applies to Solaris hosts); it alsoenables UpdateHostKeys by default, allowing hosts with insecurekeys to upgrade them without creating scary warnings for users. There area lot of other small changes; see the announcement for details.

Security updates have been issued by CentOS (bind), Debian (adminer, grub2, spip, and wpa), Mageia (openjpeg2, wpa_supplicant, and xterm), openSUSE (avahi, bind, firefox, ImageMagick, java-1_8_0-openjdk, nodejs10, and webkit2gtk3), Red Hat (container-tools:1.0, container-tools:2.0, grub2, and virt:rhel and virt-devel:rhel), SUSE (bind, gnome-autoar, grub2, and nodejs8), and Ubuntu (python2.7 and wpa).

For more than a decade, PulseAudiohas been serving the Linux desktop as its predominant audiomixing and routing daemon — and its audio API. Unfortunately,PulseAudio's internal architecture does not fit the growingsandboxed-applications use case, even though there have been attempts to amend that. PipeWire, a new daemon created (in part)out of these attempts, will replacePulseAudio in the upcoming Fedora 34 release. It is a comingtransition that deserves a look.

Security updates have been issued by Arch Linux (bind, intel-ucode, ipmitool, isync, openssl, python, python-cryptography, python-httplib2, salt, tar, and thrift), Fedora (ansible, salt, webkit2gtk3, and wpa_supplicant), Oracle (bind), Red Hat (bind, kernel, and kpatch-patch), Scientific Linux (bind), SUSE (firefox, gnome-autoar, java-1_8_0-ibm, java-1_8_0-openjdk, nodejs10, open-iscsi, perl-XML-Twig, python-cryptography, and thunderbird), and Ubuntu (bind9).

The 5.12 merge window closed with the release of 5.12-rc1on February 28; this released followed the normal schedule despite thefact that Linus Torvalds had been without power for the first six daysafter 5.11 came out. At that point, 10,886 non-merge changesets had foundtheir way into the mainline repository; about 2,000 of those showed upafter the first-half merge-window summarywas written. The pace of merging obviously slowed down, but there werestill a number of interesting features to be found in those patches.

Security updates have been issued by CentOS (firefox, ImageMagick, libexif, thunderbird, and xorg-x11-server), Debian (docker.io, python-aiohttp, and thunderbird), Fedora (chromium, firefox, kernel, and rygel), Mageia (nodejs, pix, and subversion), openSUSE (glibc, gnuplot, nodejs12, nodejs14, pcp, python-cryptography, qemu, and salt), Red Hat (bind and podman), and SUSE (csync2, glibc, java-1_8_0-ibm, nodejs12, nodejs14, python-Jinja2, and rpmlint).

William Woodruff has posted arant of sorts on the adoption of Rust by the Python Cryptographyproject, which was covered here inFebruary.

Version3.2.0 of the fish shell has been released. New features include undoand redo support (for command-line editing, not commands!) and a long listof incremental improvements; see the announcement for details. LWN last looked at the fish shell in September.

Linus Torvalds has released 5.12-rc1(codename now "Frozen wasteland") andclosed the merge window despite getting a late start due to bad weather:

The Mageia distribution has announcedthe release of Mageia 8. It comes with the usual array of newpackages, including a 5.10.16 kernel, Plasma 5.20.4,GNOME 3.38, Firefox 78, Chromium 88, LibreOffice 7.0.4.2, and more."ARM support has continued to develop, with both AArch64 and ARMv7now having all packages built and being close to primary architecturesnow. Support for Wi-Fi installation in the classical installer using WPA2encryption has been added, as well as improved support for newerfilesystems allowing installations on F2FS. Support for NILFS, XFS, exFATand Windows 10 NTFS has been improved to allow for better partitionmanagement. The Live installer has also had significant development. Boottimes have been greatly reduced with the use of Zstd compression andimproved hardware detection and the support for installing updates as afinal step of the installation has been added. Zstd compression has alsobeen applied to the rescue mode, allowing for faster startup, support forencrypted LVM/LUKS has also been added."

Mike West has posted a detailed explorationof what is really required to protect sensitive information in webapplications from speculative-execution exploits. "Spectre-likeside-channel attacks inexorably lead to a model in which active web content(JavaScript, WASM, probably CSS if we tried hard enough, and so on) canread any and all data which has entered the address space of the processwhich hosts it. While this has deep implications for user agentimplementations' internal hardening strategies (stack canaries, ASLR, etc),here we’ll remain focused on the core implication at the web platformlevel, which is both simple and profound: any data which flows into aprocess hosting a given origin is legible to that origin. We must designaccordingly."

The first article in this series providedan introduction to lockless algorithms and the happens beforerelationship that allows us to reason about them. The next step is to lookat the concept of a "data race" and the primitives that exist to preventdata races. We continue in that direction with a look at relaxed accesses, memorybarriers, and how they can be used to implement the kernel's seqcountmechanism.

Greg Kroah-Hartman has released the 5.11.2,5.10.19, and5.4.101 stable kernels. These all containa relatively small pile of important fixes; as usual, users should upgrade.

Version 1.0 of GNU poke is out."GNU poke (http://www.jemarch.net/poke) is an interactive, extensible editor for binary data. Not limited to editing basic entities such as bits and bytes, it provides a full-fledged procedural, interactive programming language designed to describe data structures and to operate on them."

Security updates have been issued by Debian (python-pysaml2 and redis), Fedora (buildah, containernetworking-plugins, containers-common, libmysofa, libpq, podman, postgresql, skopeo, xen, and xterm), openSUSE (nghttp2), Oracle (firefox and thunderbird), SUSE (glibc, ImageMagick, python-Jinja2, and salt), and Ubuntu (python2.7, python2.7, python3.4, python3.5, python3.6, python3.8, and tiff).

One of the under-the-hood changes in the Fedora 33 release was a switch tosystemd-resolved for the handling of DNS queries. This change shouldbe invisible to most users unless they start using one of the new featuresprovided by systemd-resolved. Recently, though, the Fedora project changedits default configuration for that service to eliminate fallback DNSservers — a change which is indeed visible to some users who have foundthemselves without domain-name resolution as a result.

Security updates have been issued by Arch Linux (ansible-base, keycloak, mumble, and postgresql), Debian (firefox-esr and nodejs), Fedora (dotnet3.1, dotnet5.0, keylime, php-horde-Horde-Text-Filter, radare2, scap-security-guide, and wireshark), openSUSE (postgresql, postgresql13 and python-djangorestframework), Red Hat (Ansible, firefox, and thunderbird), Scientific Linux (firefox and thunderbird), SUSE (php7, postgresql-jdbc, python-cryptography, rpmlint, and webkit2gtk3), and Ubuntu (dnsmasq, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon, linux-oem-5.10, linux-oem-5.6, screen, and xterm).

The LWN.net Weekly Edition for February 25, 2021 is available.

Two separate vulnerabilities led to the fast-tracked releaseof Python 3.9.2 and 3.8.8 on February 19, though source-onlyreleases of 3.7.10 and 3.6.13 came a few days earlier. Thevulnerabilities may be problematic for some Python users andworkloads; one could potentially lead to remote code execution. The otheris, arguably, not exactly a flaw in the Python standard library—it simplyalso follows an older standard—but it can lead to web cachepoisoning attacks.

Sergio Durigan Junior has announced the availability of a debuginfod server for Debiansystems. "In a nutshell, by using a debuginfod service you will not need toinstall debuginfo (a.k.a. dbgsym) files anymore; the symbols will beserved to GDB (or any other debuginfo consumer that supports debuginfod)over the network. Ultimately, this makes the debugging experience muchsmoother (I myself never remember the full URL of our debuginforepository when I need it)."

Security updates have been issued by openSUSE (firefox and tor), Oracle (stunnel and xterm), Red Hat (virt:8.2 and virt-devel:8.2 and xterm), SUSE (avahi, gnuplot, java-1_7_0-ibm, and pcp), and Ubuntu (openssl).

NumPy is a Python library that addsan array data type to the language, along with providing operatorsappropriate to working on arrays and matrices. By wrapping fast Fortran andC numerical routines, NumPy allows Python programmers to write performant code in what is normally a relatively slowlanguage. NumPy 1.20.0 wasannounced on January 30, in what its developers describe as the largestrelease in the history of the project. That makes for a good opportunity toshow a little bit about what NumPy is, how to use it, and to describe what's new in therelease.

The5.11.1,5.10.18,5.4.100,4.19.177,4.14.222,4.9.258, and4.4.258stable kernels have all been released; each contains another set ofimportant fixes.

The Firefox86.0 release is out. New features this time include picture-in-picturevideo and "totalcookie protection", which appears to be a way to allow third-partycookies while preserving some privacy.

Security updates have been issued by Arch Linux (connman, firejail, kernel, python-django, roundcubemail, and wpa_supplicant), Fedora (gdk-pixbuf2 and gdk-pixbuf2-xlib), openSUSE (python3 and tomcat), Scientific Linux (xterm), SUSE (postgresql12 and postgresql13), and Ubuntu (gdk-pixbuf, openldap, python-django, and qemu).

The beginning of the 5.12 merge window was delayed as the result of severeweather in the US Pacific Northwest. Once Linus Torvalds got going, though, hewasted little time; as of this writing, just over 8,600 non-mergechangesets have been pulled into the mainline repository for the 5.12release — over a period of about two days. As one might imagine, that workcontains a long list of significant changes.

Matthew Garrett recently posted apatch set enabling hibernation on systems that are running in the UEFIsecure-boot lockdown mode. This blog entry getsinto the details of how it all works. "When we encrypt material withthe TPM, we can ask it to record the PCR state. This is given back to us asmetadata accompanying the encrypted secret. Along with the metadata is anadditional signature created by the TPM, which can be used to prove thatthe metadata is both legitimate and associated with this specific encrypteddata. In our case, that means we know what the value of PCR 23 was when weencrypted the key. That means that if we simply extend PCR 23 with a knownvalue in-kernel before encrypting our key, we can look at the value of PCR23 in the metadata. If it matches, the key was encrypted by the kernel -userland can create its own key, but it has no way to extend PCR 23 to theappropriate value first. We now know that the key was generated by thekernel."

Version 19 ofthe Kodi "entertainment center" application is out with a long list of newfeatures.For audio and music lovers, there are significant improvements across theboard to metadata handling: library improvements, new tags, new displays,improvements to how Kodi handles release dates, album durations, multi-discsets, and more. There's a new, Matrix-inspired visualisation, there areimprovements to display when fetching files from a web server, and severalchanges to how audio decoder addons can pass information through to theKodi player.For video, most of the changes are more technical, and may depend on yourhardware: AV1 software decoding, HLG HDR and static HDR10 playback onWindows 10, static HDR10 and dynamic Dolby Vision HDR support on Android,and more OpenGL bicubic scalers.

Security updates have been issued by Debian (chromium, libzstd, openldap, openvswitch, screen, and wpa), Fedora (dotnet5.0, subversion, and wpa_supplicant), openSUSE (mumble, python-djangorestframework, and tor), Oracle (container-tools:ol8, kernel, nodejs:10, nodejs:12, nodejs:14, subversion:1.10, and xterm), Red Hat (stunnel and xterm), and SUSE (ImageMagick, java-1_8_0-openjdk, kernel, krb5-appl, python3, tomcat, and webkit2gtk3).

Lockless algorithms are of interest for the Linux kernel when traditionallocking primitives either cannot be used or are not performant enough.For this reason they come up every now and then on LWN; one of the lastmentions, which prompted me to write this article series, was last July.Topics that arise even more frequently are read-copy-update (RCU — thesearticles from 2007 are still highly relevant), reference counting, andways of wrapping lockless primitives into higher-level,more easily understood APIs. These articles will delve into the conceptsbehind lockless algorithms and how they are used in the kernel.