LWN.net

Security updates have been issued by CentOS (nettle, squid, and thunderbird), Debian (libebml, python-bleach, and python2.7), Fedora (batik, gnuchess, kernel-headers, kernel-tools, ruby, singularity, and xorg-x11-server), Mageia (clamav, kernel, kernel-linus, and python3), openSUSE (chromium, fluidsynth, opensc, python-bleach, and wpa_supplicant), Oracle (gnutls and nettle), Red Hat (dpdk, gnutls and nettle, mariadb:10.3 and mariadb-devel:10.3, and redhat-ds:11), and SUSE (kernel, qemu, and xen).

In the end, Linus decided to hold the 5.12 release for one more week andput out 5.12-rc8 instead. "Ok, so it's been _fairly_ calm this past week, but it hasn't been thekind of dead calm I would have taken to mean 'no rc8 necessary'.So here we are, with an extra rc to make sure things are all settleddown."

Version 12.0.0 of the LLVM compiler suite is out. This appears to be arelease with a lot of incremental improvements rather than large headlinefeatures; see the various sets of release notes in the announcement fordetails.

The Debian project has voted strongly toretain Jonathan Carter as the project leader. On that other littlenagging issue, the project has voted not toissue a statement regarding Richard Stallman's return to the FreeSoftware Foundation board of directors. This, too, was a relatively strongresult over the other options. Details can be found on the specific pagesfor the projectleader and generalresolution ballots.

Today's crop of stable kernels includes the following: 4.4.267, 4.9.267, 4.14.231, 4.19.188, 5.4.113, 5.10.31, and 5.11.15. As usual. they contain importantfixes throughout the tree; users of those series should upgrade.

One of the key resources that defines a process is its address space — theset of mappings that determines what any specific memory address meanswithin that process. An address space is normally privateto the process it belongs to, but there are situations where one processneeds to make changes to another process's memory; an interactive debuggerwould be one case in point. The ptrace()system call makes such changes possible, but it is slow and not always easyto use, so there has been a longstanding quest for better alternatives.One possibility, process_vm_exec()from Andrei Vagin, was recently posted for review.

Security updates have been issued by Debian (smarty3), Fedora (libpano13, python3.8, and seamonkey), Mageia (chromium-browser-stable, gstreamer1.0, thunderbird, and x11-server), Oracle (libldb and thunderbird), SUSE (grafana and system-user-grafana, kernel, and openldap2), and Ubuntu (linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.3, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-kvm, linux-oem-5.10, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-raspi2-5.3, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-lts-xenial, linux-oracle, linux-raspi2, linux-snapdragon, and linux-oem-5.6).

A new organization for maintainers and contributors to GNU tools, the GNU Assembly, has announced its existence."We’re excited to kick off the GNU Assembly and its web site! This place intends to be a collaboration platform for the developers of GNU packages who are all 'hacking for user freedom' and who share a vision for the umbrella project." It is an outgrowth of discussions on changes to GNU governance from a few years back, but its origins are even older than that. The organization is working on its governance model and invites those interested to its Assembly mailing list.

The Fedora project may have managed to shake off its reputation for delayedreleases in recent years, but that hasn't stopped the release date forFedora 34 from slippingone week to April 27. Modulo ahandful of bugs, though, this release is in its final form, so a lookat what is coming is warranted. Distribution releases, especially thosefor fast-moving community distributions, are a good point at which to catchup with the state of many free-software projects and where Linux is headedin general. Fedora 34 includes a lot of changes, including the GNOME 40 release but, for the mostpart, it looks like an exercise in continuity.

Security updates have been issued by Debian (xorg-server), Fedora (kernel), openSUSE (clamav, fluidsynth, python-bleach, spamassassin, and xorg-x11-server), Red Hat (gnutls and nettle, libldb, and thunderbird), Scientific Linux (thunderbird), SUSE (clamav, util-linux, and xorg-x11-server), and Ubuntu (network-manager and underscore).

The Google security blog has adetailed article on what a device driver written in Rust looks like."That is, we use Rust's ownership discipline when interacting with Ccode by handing the C portion ownership of a Rust object, allowing it tocall functions implemented in Rust, then eventually giving ownershipback. So as long as the C code is correct, the lifetime of Rust fileobjects work seamlessly as well, with the compiler enforcing correctlifetime management on the Rust side, for example: open cannot returnstack-allocated pointers or heap-allocated objects containing pointers tothe stack, ioctl/read/write cannot free (ormodify without synchronization) the contents of the object stored in filp->private_data, etc."

The LWN.net Weekly Edition for April 15, 2021 is available.

In early April, Fedora program manager Ben Cotton posteda proposal to use the distribution'sdebuginfodservers by default in Fedora 35. This feature would help developerswho are trying to debug or trace their programs using various tools, but who arelacking the source code and debugging symbols needed. The serverscan provide that data directly to the tools as needed, but there are somesecurity and privacy concerns to work through before turning the feature onby default.

The OpenStack cloud-infrastructure project has made its 23rd release, Wallaby. "The Wallaby release strengthens open infrastructure for cloud native applications with enhanced security and integration with other open source technologies. More than 17,000 code changes authored by over 800 contributors from 140 different organizations and 45 countries were merged into the release.In addition to delivering a wide range of improvements to the stable and reliable OpenStack core and its highly flexible project integration capabilities, Wallaby delivers security enhancements including fallback permissions and RBAC improvements in Ironic [bare-metal provisioning service], Glance [image service] and Manila [shared filesystems], and the community focused this cycle on migrating the RBAC policy format from JSON to YAML. Additionally, the Ironic project has extended functionality for UEFI (Unified Extensible Firmware Interface), including secure erase for NVME."

Stable kernels 5.11.14, 5.10.30, 5.4.112, and 4.19.187 have been released with importantfixes throughout the tree. Users should upgrade.

Security updates have been issued by CentOS (screen), Debian (clamav, courier-authlib, and tomcat9), Red Hat (thunderbird), SUSE (clamav, glibc, kernel, open-iscsi, opensc, spamassassin, thunderbird, wpa_supplicant, and xorg-x11-server), and Ubuntu (linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.8, linux-kvm, linux-oracle, linux-raspi, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon, linux-oem-5.10, linux-oem-5.6, nettle, and xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04).

The FreeBSD 13 release is out. It includes a lot of updated software, theremoval of a number of GNU tools (including the toolchain), and more, butnot WireGuard. See the releasenotes for the details.

There are times when developers and system administrators need to diagnoseproblems in running code. The program to be examined can be a user-spaceprocess, the kernel, or both. Two of the major tools available on Linux toperform this sort of analysis areSystemTap andbpftrace. SystemTap has been availablesince 2005, while bpftrace is a more recent contender that, to some,may appear tohave made SystemTap obsolete. However, SystemTap is still the preferredtool forsome real-world use cases.

Security updates have been issued by Debian (libpano13), Fedora (mosquitto and perl-Net-CIDR-Lite), Mageia (curl, mongodb, pdfbox, python-jinja2, rygel, spamassassin, tor, velocity, webkit2, and wireshark), openSUSE (umoci), Oracle (389-ds:1.4, kernel, and virt:ol and virt-devel:rhel), Red Hat (kernel and kpatch-patch), Slackware (dnsmasq and irssi), and SUSE (cifs-utils, rubygem-actionpack-4_2, and spamassassin).

While some parts of the core kernel reached a relatively stable "done"state years ago, others never really seem to be finished. One of thelatter variety is undoubtedly the kernel's implementation of spinlocks,which arbitrate access to data at the lowest levels of the kernel. Lockperformance can have a significant effect on the performance of the systemas a whole, so optimization work can pay back big dividends. Lest onethink that this work is finally done, the NUMA-awareqspinlock patch set shows how some more performance can be squeezed outof the kernel's spinlock implementation.

The Free Software Foundation has finally issueda statement on why the decision to return Richard Stallman to theorganization's board of directors was taken.

Security updates have been issued by CentOS (kernel and libldb), Debian (mediawiki, qemu, ruby-kramdown, and xen), Fedora (grub2, libldb, libopenmpt, python-pikepdf, python39, samba, squid, and webkit2gtk3), openSUSE (bcc, ceph, gssproxy, hostapd, isync, kernel, openexr, openSUSE KMPs, and tpm2-tss-engine), SUSE (fwupdate and wpa_supplicant), and Ubuntu (spamassassin).

The 5.12-rc7 kernel prepatch is out; it'srather larger than Linus would have liked."End result: I'm still waffling about the final 5.12 release. The factthat we have a big rc7 does make me think that I'll probably do an rc8this time around. But it ends up depending a bit on how the upcomingweek goes, and if things are deathly quiet, I may end up deciding thatan rc8 doesn't really make sense."

There is another set of stable kernel updates out:5.11.13,5.10.29,5.4.111,4.19.186,4.14.230,4.9.266, and4.4.266.Each contains another set of important fixes.

HPVM ("heterogeneous parallelvirtual machine") is a compiler for targets like GPUs and FPGAs based onLLVM; the 1.0 release is available now. "This release is a major addition to our first release (version 0.5),adding support for linear algebra tensor operations, Pytorch andKeras frontends, approximations for convolution operators, and anefficient and flexible framework for approximation tuning. Our novelapproximation-tuner automatically selects approximation knobs forindividual tensor operations and selects configurations that maximizea (configurable) performance objective."

The seccomp()mechanism allows the imposition of a filter program (expressed in "classic" BPF)that makes policy decisions on whether to allow each system call invoked by the targetprocess. The user-space notificationfeature further allows those decisions to be deferred to anotherprocess. As this recentpatch set from Sargun Dhillon shows, though, user-space notificationstill has some rough edges, especially when it comes to signals. Thispatch makes a simple change to try to address a rather complex problembrought to the fore by changes in the Go language's preemption model.

Security updates have been issued by Debian (lib3mf, php-pear, and python-django), Fedora (perl-Net-Netmask), openSUSE (flatpak, libostree, xdg-desktop-portal,, fwupd, fwupdate, and hostapd), Oracle (kernel, libldb, nettle, and squid), Red Hat (nettle), and SUSE (fwupdate, tpm2-tss-engine, and umoci).

Richard Stallman's return to the FreeSoftware Foundation's board of directors has provoked a flurry of responses, and many organizations inthe free-software community have expressed their unhappiness with thatappointment. In almost every case, the process leading up to thatexpression has been carried out behind closed doors. The Debian project,instead, is deciding what to do in a classic Debian way — holding a publicvote on a general resolution with a wide range of possible outcomes.

Security updates have been issued by Fedora (chromium, libldb, rpm, samba, and seamonkey), openSUSE (isync), Oracle (kernel), Red Hat (openssl and squid), SUSE (ceph, flatpak, libostree, xdg-desktop-portal, xdg-desktop-portal-gtk, fwupd, fwupdate, and openexr), and Ubuntu (curl, linux-lts-trusty, and lxml).

The LWN.net Weekly Edition for April 8, 2021 is available.

Five years ago, we looked at an effort toassist in the assignment of CommonVulnerabilities and Exposures (CVE) IDs, especially for open-sourceprojects.Developers in the free-software world have often found it difficult toobtain CVE IDs for the vulnerabilities that they find.The Distributed WeaknessFiling (DWF) project was meant to reduce the friction in theCVE-assignment process, but it never really got off the ground. In a blogpost, Josh Bressers said that DWF was hampered by trying to follow therules for CVEs. That has led to a plan to restart DWF, but this time without the"yoke of legacy CVE".

Projects, even of the open-source variety, sometimes have secrets that needto be maintained. They can range from things like signing keys, which are(or should be) securely stored away from the project's code, to credentialsand tokens for access to various web-based services, such as cloud-hosting services or thePython Package Index (PyPI). These credentialsare sometimesneeded by instances of the running code, and some others benefit from beingstored "near" the code, but these types of credentials are not meant tobe distributed outside of the project.They can sometimes mistakenly be added to a public repository, however, which isa slip that attackers are most definitely on the lookout for.The big repository-hosting services like GitHuband GitLab are well-placed to scan for these kinds of secrets beingcommitted to project repositories—and they do.

Stable kernels 5.11.12, 5.10.28, 5.4.110, 4.19.185, 4.14.229, 4.9.265, and 4.4.265 have been released with the usual setof important fixes. Users should upgrade.

Security updates have been issued by openSUSE (chromium), Oracle (flatpak and kernel), Red Hat (virt:8.3 and virt-devel:8.3), and SUSE (gssproxy and xen).

The Mozilla Hacks site has areport on the use of ThreadSanitizer to detect and fix data races inthe Firefox browser. "While benign data races do exist, we foundthat data races arevery easily misclassified as benign. The reasons for this are clear: It ishard to reason about what compilers can and will optimize, and confirmationfor certain 'benign' data races requires you to look at the assembler codethat the compiler finally produces. Needless to say, this procedure isoften much more time consuming than fixing the actual data race and alsonot future-proof. As a result, we decided that the ultimate goal should bea 'no data races' policy that declares even benign data races asundesirable due to their risk of misclassification, the required time forinvestigation and the potential risk from future compilers (with betteroptimizations) or future platforms (e.g. ARM)."

Security updates have been issued by Debian (chromium, netty, python-bleach, and python3.5), Fedora (libmediainfo, libzen, and mediainfo), Mageia (openssl), openSUSE (chromium), Red Hat (389-ds:1.4, flatpak, kernel, kernel-rt, kpatch-patch, libldb, and virt:rhel and virt-devel:rhel), and Ubuntu (python-django and ruby-rack).

Kees Cook has posted along list of security-related improvements that made it into the 5.9kernel release. "Sasha Levin, Andy Lutomirski, Chang S. Bae, AndiKleen, Tony Luck, Thomas Gleixner, and others landed the long-awaitedFSGSBASE series. This provides task switching performance improvementswhile keeping the kernel safe from modules accidentally (or maliciously)trying to use the features directly (which exposed an unprivileged directkernel access hole)."

Version3.2 of the Django web framework is out; it has been designated as along-term-support release. New features include automatic AppConfigdiscovery, functional indexes, pymemcache support, and more; see therelease notes for details.

The recent proposalfrom David Hildenbrand to remove support for the /dev/kmem specialfile has not sparked a lot of discussion. Perhaps that is because today'syoungsters, lacking an understanding of history, may be wonderingwhat that file is in the first place and, thus, be unclear on why it maymatter. Chances are that /dev/kmem will not be missed, but inpassing it takes away a venerable part of the Unix kernel interface.

Security updates have been issued by Debian (libxstream-java, php-nette, and smarty3), Fedora (curl, openssl, spamassassin, and webkit2gtk3), Mageia (ant, batik, kernel, kernel-linus, nodejs-chownr, nodejs-yargs-parser, python-bottle, and ruby-em-http-request), openSUSE (curl and OpenIPMI), and Red Hat (openssl).

The long saga of Oracle's copyright-infringement against Google, whichcopied much of the Java API for use in Android, has come to an end with thisruling [PDF] in favor of Google. "Google’s purpose was to create adifferent task-related system for a different computing environment(smartphones) and to create a platform—the Android platform—that would helpachieve and popularize that objective. The record demonstrates numerousways in which reimplementing an interface can further the development ofcomputer programs. Google’s purpose was therefore consistent with thatcreative progress that is the basic constitutional objective of copyrightitself."

The 5.12-rc6 kernel prepatch is out fortesting. "Well, if rc5 was bigger than usual, and I worried about what thatmeant for this release, rc6 is positively tiny.So I think it was just due to the usual random timing fluctuations,probably mainly networking updates (which were in rc5, but not inrc6). Which means that unless things change in the next two weeks, theschedule for this release is going to be the usual one."

One of the key tasks assigned to the memory-management subsystem is tooptimize the system's use of the available memory; that means pushing outpages containing unused data so that they can be put to better useelsewhere. Predicting which pages will be accessed in the near future is atricky task, and the kernel has evolved a number of mechanisms designed toimprove its chances of guessing right. But the kernel not only often getsit wrong, it also can expend a lot of CPU time to make the incorrectchoice. The multi-generationalLRU patch set posted by Yu Zhao is an attempt to improve thatsituation.

Security updates have been issued by Debian (busybox, ldb, openjpeg2, spamassassin, and underscore), Fedora (kernel, kernel-headers, and kernel-tools), Mageia (privoxy, python and python3, and rpm), openSUSE (ovmf, tar, and tomcat), SUSE (curl, firefox, OpenIPMI, and tomcat), and Ubuntu (openexr).

The process of hardening the kernel can benefit in a number of ways fromsupport by the compiler. In recent years, the Kernel Self Protection Project has broughtthis support from the grsecurity/PaXpatch set into the kernel in the form of GCCplugins; LWN looked into that process backin 2017. A recent discussion has highlighted the fact that the use ofGCC plugins brings disadvantages as well, and some developers would prefer to see those plugins replaced.

Security updates have been issued by Debian (underscore), Fedora (busybox, linux-firmware, and xmlgraphics-commons), Oracle (kernel and kernel-container), Slackware (curl and seamonkey), SUSE (firefox and opensc), and Ubuntu (spamassassin).

Version 18.1 ofLineageOS, the Android-based distribution once known as Cyanogen, isavailable. "With that said, we have been working extremely hardsince Android 11’s release last August to port our features to this newversion of Android. Thanks to our hard work adapting to Google’s fairlylarge changes in Android 10, we were able to rebase our changes ontoAndroid 11 much more efficiently. This led to a lot of time to spend oncool new features!" Some of those features include in improvedvoice recorder, a new calendar, a built-in backup mechanism, an improvedmusic player, and more.

A company called Xinuos has announced alawsuit against IBM and Red Hat that has a familiar echo to it."Xinuos alleges that the IBM and Red Hat conspiracy has harmed theopen-source community and specifically Xinuos’ OpenServer 10 product, whichis based on FreeBSD, an open-source UNIX-based operating system andalternative to Red Hat’s Linux-based open-source operating system,RHEL. 'By dominating the Unix/Linux server operating system market,competing open-source operating systems, like our FreeBSD-based OpenServer10, have been pushed out of the market.'" The fulltext of the suit [PDF] is available for those wanting the details.

The LWN.net Weekly Edition for April 1, 2021 is available.

The HPy project has beenaround for more than a year now; it is meant to provide an alternate C APIfor Python that allows extensions to the language to run, and run well, in moreenvironments. It first came to our attention in a reportof a talk at the 2020Python Language Summit (LWN coverage), but it goes back to some discussions that wereheld at EuroPython 2019. Thereare a number of ways that the existing C API holds back innovation forPython, but there are also some hugely important extensions (e.g. NumPy) that use it; any change to the APIneeds to take those into account.