lwn.net

The LWN.net Weekly Edition for June 30, 2022 is available.

On the first day of the 2022 Linux Security Summit North America (LSSNA) in Austin, Texas, Stéphane Graber and Christian Brauner gave a presentation on using system-call interception for container security purposes. The idea is to allow unprivileged containers, those without elevated privileges on the host, to still accomplish their tasks, some of which require privileges. A fair amount of work has been done to make this viable, but there is still more to do.

CODE 22.05 has been released; this is the "developer edition" of the Collabora Online offering formerly known as LibreOffice Online.

CODE 22.05 is preceding the next major release of our long-term supported business suite Collabora Online. This free developer version includes all features and enhancements that will be available in our enterprise version, expected later in July. The CODE releases allow every interested user to learn and test new features on an early stage.

New features include support for external grammar checkers, the ability to have 16,000 columns in a spreadsheet (which is evidently useful to somebody), sparkline plots, support for WebP graphics, and more.

Philip Herron has posted an update on the status of the GCC front-end compiler for the Rust language.

For some context, my current project plan brings us to November 2022 where we (unexpected events permitting) should be able to support valid Rust code targeting Rustc version ~1.40 and reuse libcore, liballoc and libstd. This date does not account for the borrow checker feature and the proc macro crate, which we have a plan to implement, but this will be a further six-month project.

The 5.18.8, 5.15.51, 5.10.127, and 5.4.202 stable kernel updates have been released; each contains another set of important fixes.

Version 102 of the Thunderbird email client has been released.

It features refreshed icons, color folders, and quality-of-life upgrades like the redesigned message header. It ushers in a brand new Address Book to bring you closer than ever to the people you communicate with. Plus useful new tools to help you manage your data, navigate the app faster, and boost your productivity. We’re even bringing Matrix to the party.

Security updates have been issued by Debian (blender, libsndfile, and maven-shared-utils), Fedora (openssl), Red Hat (389-ds-base, kernel, kernel-rt, kpatch-patch, and python-virtualenv), Scientific Linux (389-ds-base, kernel, python, and python-virtualenv), and Slackware (curl, mozilla, and openssl).

Version 9.0 of the Vim text editor has been released. The biggest change would appear to be the addition of the "Vim9 Script" language for editor customization:

The main goal of Vim9 script is to drastically improve performance. This is accomplished by compiling commands into instructions that can be efficiently executed. An increase in execution speed of 10 to 100 times can be expected. A secondary goal is to avoid Vim-specific constructs and get closer to commonly used programming languages, such as JavaScript, TypeScript and Java.

In something of an Open Source Summit tradition, Linus Torvalds and Dirk Hohndel sit down for a discussion on various topics related to open source and, of course, the Linux kernel. Open Source Summit North America (OSSNA) 2022 in Austin, Texas was no exception, as they reprised their keynote on the first day of the conference. The headline-grabbing part of the chat was Torvalds's declaration that Rust for Linux might get merged as soon as the next merge window, which opens in just a few weeks, but there was plenty more of interest there.

Version 102.0 of the Firefox browser is out. Changes include the ability to disable the panel that otherwise materializes on every download and the stripping of certain query parameters in extended tracking protection mode. The stripping will be the default for private browsing in the next release.

Security updates have been issued by Debian (nodejs and squid), Fedora (uboot-tools), Red Hat (kernel-rt, kpatch-patch, and python), SUSE (drbd, openssl-1_0_0, oracleasm, and rubygem-rack), and Ubuntu (curl).

Version 2.37.0 of the Git source-code management system has been released. Highlights include a new object-pruning mechanism called "cruft packs", full integration of the sparse index, and more; see this GitHub blog post for more information.

Once upon a time, computers just had one type memory, so memory within a given system was interchangeable. The arrival of non-uniform memory access (NUMA) systems complicated the situation significantly; now some memory was faster to access than the rest, and memory-management algorithms had to adapt or performance would suffer. But NUMA was just the start; today's tiered-memory systems, which may include several tiers of memory with different performance characteristics, are adding new challenges. A couple of relevant patch sets currently under review help to illustrate the types of problems that will have to be solved.

Here's an update on recent KDE application development on KDE.news:

KStars is probably the most feature-rich free astronomy software around and the 3.5.9 release adds some exciting new features. HiPS (Hierarchical Progressive Surveys) is a technology that provides progressive high resolution images of the sky at different zoom levels. KStars fully supports online HiPS where data is downloaded from online servers and cached to be displayed on the Sky Map.

Miguel Ojeda has posted an update on the Rust-for-Linux project.

This second year since the RFC we are looking forward to several milestones which hopefully we will achieve:

• More users or use cases inside the kernel, including example drivers – this is pretty important to get merged into the kernel.
• Splitting the kernel crate and managing dependencies to allow better development.
• Extending the current integration of the kernel documentation, testing and other tools.
• Getting more subsystem maintainers, companies and researchers involved.
• Seeing most of the remaining Rust features stabilized.
• Possibly being able to start compiling the Rust code in the kernel with GCC.
• And, of course, getting merged into the mainline kernel, which should make everything else easier!

Security updates have been issued by Debian (openssl), Fedora (dotnet6.0, mediawiki, and python2.7), Mageia (389-ds-base, chromium-browser-stable, exo, and libtiff), Oracle (httpd:2.4 and microcode_ctl), SUSE (dbus-broker, drbd, kernel, liblouis, mariadb, openssl, openssl-1_1, openSUSE kernel modules, oracleasm, php7, php72, python39, salt, and wdiff), and Ubuntu (linux, linux-hwe, mozjs91, and vim).

The 5.19-rc4 kernel prepatch is out for testing.

So we've had a couple of fairly small rc releases, and here we finally start to see an uptick in commits in rc4. Not what I really want to see in the middle of the release cycle, but not entirely surprising considering how quiet it's been so far.

The 5.18.7, 5.15.50, 5.10.125, 5.4.201, 4.19.249, 4.14.285, and 4.9.320 stable updates have all been released. The 5.x updates are relatively small, but the 4.x updates contain a fair number of backported random-number-generator improvements along with the usual fixes.

The network filesystem (NFS) protocol has been with us for nearly 40 years. While defined initially as a stateless protocol, NFS implementations have always had to manage state, and that need has been increasingly built into the protocol over successive revisions. The early days of NFS were discussed, with a focus on state management, in the first part of this series. This article completes the job with a look at the evolution of NFS since, approximately, the beginning of this millennium.

Security updates have been issued by Fedora (ntfs-3g and ntfs-3g-system-compression), SUSE (389-ds, chafa, containerd, mariadb, php74, python3, salt, and xen), and Ubuntu (apache2).