LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
업데이트: 2시간 37분 지남
8시간 42분 지남
The kernel's slab allocator is charged with providing small objects on
demand; its performance and reliability are crucial for the functioning of
the system as a whole. At the 2025 Linux Storage, Filesystem,
Memory-Management, and BPF Summit, two adjacent sessions in the
memory-management track dug into current work on the slab allocator. The
first focused on the new sheaves feature, while the second discussed a set
of allocation functions that are safe to call in any context.
9시간 8분 지남
From the LibreQoS site comes
the sad
news that Dave Täht has passed away. Among many other things, he bears
a lot of credit for our networks functioning as well as they do. "We're
incredibly grateful to have Dave as our friend, mentor, and as someone who
continuously inspired us – showing us that we could do better for each
other in the world, and leverage technology to make that happen. He will be
dearly missed".
Searching through LWN's archives will turn up many references to his work
fixing WiFi, improving queue management, tackling bufferbloat, and more. Farewell,
Dave, we hope the music is good wherever you are.
(Thanks to Jon Masters for the heads-up).
화, 2025/04/01 - 11:32오후
As he has in some previous editions of the Linux Storage, Filesystem,
Memory-Management, and BPF Summit (LSFMM+BPF), Fred Knight gave an update
on the status of various storage standards this year. In it, he looked at
changes to the
NVM Express (NVMe)
standards in some detail. He also updated attendees on the fairly small
changes that have come to the SCSI (
T10)
and ATA (
T13) standards over the last few
years.
화, 2025/04/01 - 11:00오후
The kernel's
kexec
mechanism allows one kernel to directly boot a new one; it can be
thought of as a sort of kernel equivalent to the
execve()
system call. Kexec has a number of uses, including booting a special kernel
to perform dumps after a crash. Normally, one does not expect user-space
processes to survive booting into a new kernel, but that has not stopped
developers from trying to implement that ability. Mike Rapoport ran a
memory-management-track session at the 2025 Linux Storage, Filesystem,
Memory-Management, and BPF Summit to discuss one piece of that problem:
enabling the contents of memory to persist across a kexec handover so that
the new kernel can pick up where the old one left off.
화, 2025/04/01 - 10:58오후
Version
137.0 of the Firefox browser has been released. Changes include the
rollout of
tab
groups, a number of search-bar changes, and the ability to add signatures
to PDF files.
화, 2025/04/01 - 10:54오후
Security updates have been issued by AlmaLinux (freetype, grub2, kernel, kernel-rt, and python-jinja2), Debian (freetype, linux-6.1, suricata, tzdata, and varnish), Fedora (mingw-libxslt and qgis), Mageia (elfutils, mercurial, and zvbi), Oracle (grafana, kernel, libxslt, nginx:1.22, and postgresql:12), Red Hat (opentelemetry-collector), SUSE (corosync, opera, and restic), and Ubuntu (aom, libtar, mariadb, ovn, php7.4, php8.1, php8.3, rabbitmq-server, and webkit2gtk).
화, 2025/04/01 - 7:26오전
The virtual memory area (VMA), represented by
struct
vm_area_struct, is one of the core abstractions of the kernel's
memory-management subsystem; a VMA represents a portion of a process's
address space with the same characteristics. A memory-mapped file will be
represented by (at least) one VMA, as will the process's stack or a region
of anonymous memory. Efficiently managing VMAs and the logic around them
is crucial for good performance overall. Lorenzo Stoakes focused on one
specific problem area: the merging of anonymous VMAs, during the
memory-management track at the 2025 Linux Storage, Filesystem,
Memory-Management, and BPF Summit.
화, 2025/04/01 - 12:07오전
Migration is the act of moving data from one location in physical
memory to another. The kernel may migrate pages for many reasons,
including defragmentation, improving NUMA locality, moving data to or from
memory hosted on a peripheral device, or freeing a range of
memory for other uses. Given the importance of migration to the
memory-management subsystem, there is a lot of interest in improving its
performance and removing impediments to its success. Several sessions in
the memory-management track of the 2025 Linux Storage, Filesystem,
Memory-Management, and BPF Summit were dedicated to this topic.
월, 2025/03/31 - 11:04오후
The effort to ensure that open-source software is reproducible has been
gathering steam over the years, and gaining traction with major Linux
distributions. Debian, for example, has been working toward reproducible
builds for more than a decade; it can now
produce official
live CDs of the current stable release that are
reproducible. Fedora started on the path much later, but it has
progressed far enough that the project is now considering a change
proposal for the Fedora 43 development cycle, expected to be
released in October, with a goal of
making 99% of Fedora's package builds reproducible. So far, reaction
to the proposal seems favorable and focused primarily on how to
achieve the goal—with minimal pain for packagers—rather than whether to attempt it.
월, 2025/03/31 - 10:58오후
Security updates have been issued by Debian (amd64-microcode, flatpak, intel-microcode, libdata-entropy-perl, librabbitmq, and vim), Fedora (augeas, containerd, crosswords-puzzle-sets-xword-dl, libssh2, libxml2, nodejs-nodemon, and webkitgtk), Red Hat (libreoffice and python-jinja2), SUSE (389-ds, apparmor, corosync, docker, docker-stable, erlang26, exim, ffmpeg-4, govulncheck-vulndb, istioctl, matrix-synapse, mercurial, openvpn, python3, rke2, and skopeo), and Ubuntu (ansible, linux, linux-hwe-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4,
linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp, linux-azure-fips, linux-gcp-fips, linux-fips, linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-realtime, linux-intel-iot-realtime, linux-xilinx-zynqmp, opensc, and ruby-doorkeeper).
토, 2025/03/29 - 11:57오후
Greg Kroah-Hartman announced the release of four stable kernels on March 28: 6.13.9, 6.12.21, 6.6.85, and 6.1.132. Users are advised to upgrade.
토, 2025/03/29 - 5:17오전
KDE contributor David Edmundson has published
a blog post about improving KDE Plasma's login experience by
replacing SDDM
with a new Plasma Login Manager.
It's worth stressing nothing is official or set in stone yet,
whilst it has come up in previous Plasma online meetings and in the
2023 Akademy. I'm posting this whilst starting a more official
discussion on the plasma-devel mailing list.
Oliver Beard and I have made a new mutli-process greeter, that uses
the same startup mechanism as the desktop session. It doesn't have all
the features that we propose at the start of the blog, but an
architecture where features and services can be slowly and safely
added.
That discussion is here
for those who would like to follow along. The prototype is currently
in two repositories: plasma-login
for the frontend work, and plasma-login-manager,
which is a fork of SDDM.
토, 2025/03/29 - 1:31오전
In a keynote on the final day of
SCALE 22x, Denver
Gingerich said that he wanted to talk "a little bit about a router and
also the big picture around that router". Gingerich is the director of
compliance at the
Software Freedom
Conservancy (SFC), which is the organization behind the
OpenWrt One router that
LWN
looked at back in November. The
router is, of course, based on firmware from the
OpenWrt project, which got its
start because of GPL-enforcement activities and is a member project at the SFC.
토, 2025/03/29 - 12:08오전
As of this writing, 6,653 non-merge changesets have been pulled into the
mainline kernel repository for the 6.15 release. This merge window is thus
well underway. A number of significant changes have been merged so far;
read on for our summary of the first half of the 6.15 merge window.
금, 2025/03/28 - 10:10오후
Security updates have been issued by Debian (mercurial and opensaml), Fedora (augeas, mingw-libxslt, and nodejs-nodemon), Mageia (chromium-browser-stable), Red Hat (grafana, kernel, kernel-rt, opentelemetry-collector, and podman), SUSE (apache-commons-vfs2, python3, and python36), and Ubuntu (ghostscript, linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-gkeop,
linux-ibm, linux-intel-iotg, linux-lowlatency, linux-lowlatency-hwe-5.15,
linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi, linux, linux-aws, linux-azure, linux-gcp, linux-hwe-6.11, linux-oracle,
linux-realtime, linux, linux-aws, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop,
linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia,
linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oracle, linux-oracle-6.8, linux-aws-5.15, linux-kvm, linux-azure, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.11, linux-oem-6.11, linux-oem-6.8, linux-realtime, smarty, and snakeyaml).
금, 2025/03/28 - 5:51오전
Ubuntu 23.10 and 24.04 LTS introduced a feature using AppArmor to
restrict access to user namespaces. Qualys has reported
three ways to bypass AppArmor's restrictions and enable local users to
gain full administrative capabilities within a user namespace. Ubuntu
has followed up with a post
that explains the namespace-restriction feature in detail, and says
these bypasses do not constitute security vulnerabilities.
While a superficial observation of the application of user namespaces may indicate privileged (root level) access, this is a fictitious state that is operating as expected, with access control still mapped to the real (root namespace) user's permissions. As such, these bypasses do not enable more access than what the default Linux kernel
unprivileged user namespace feature allows in most Linux
distributions. They do, however, demonstrate limitations that we are
looking to address in order to strengthen existing protections against
as-of-yet-unknown Linux kernel vulnerabilities.
LWN covered Ubuntu 24.04 LTS last May.
금, 2025/03/28 - 4:38오전
One recurring criticism of Rust has been that the language has no official specification. This is a barrier to adoption in some safety-conscious organizations, as well as to writing alternate language implementations. Now, the Rust project has
announced
that it will be adopting the
Ferrocene Language Specification (FLS) developed by
Ferrous Systems and maintaining it as part of the core project. While this may not satisfy die-hard standardization-process enthusiasts, it's a step toward removing another barrier to using Rust in safety-critical systems.
It's in that light that we're pleased to announce that we'll be adopting the FLS into the Rust Project as part of our ongoing specification efforts. This adoption is being made possible by the gracious donation of the FLS by Ferrous Systems. We're grateful to them for the work they've done in assembling the FLS, in making it fit for qualification purposes, in promoting its use and the use of Rust generally in safety-critical industries, and now, for working with us to take the next step and to bring the FLS into the Project.
금, 2025/03/28 - 12:56오전
Arthur Cohen has posted a massive series of patches in four parts
(
part 1,
part 2,
part 3,
part 4)
upstreaming all of the recent work on the GCC Rust front end. These
changes include the Polonius borrow checker, the foreign-function
interface, inline assembly support, if-let statement handling,
multiple built-in derive macros, for loops, and more.
목, 2025/03/27 - 10:43오후
The 2024 Linux Storage, Filesystem, Memory-Management, and BPF Summit
included
a tense session on the use of Rust
code in the kernel's filesystem layer. The Rust topic returned in 2025 in
a session run by Andreas Hindborg, with a scope that also covered the
storage and memory-management layers. A lot of progress has been made, and
the discussion was less adversarial this year, but there are still process
issues that need to be worked out.
목, 2025/03/27 - 10:03오후
Security updates have been issued by Arch Linux (exim), Debian (exim4, ghostscript, and libcap2), Red Hat (container-tools:rhel8), SUSE (apache-commons-vfs2, argocd-cli, azure-cli-core, buildah, chromedriver, docker-stable, ed25519-java, kernel, kubernetes1.29-apiserver, kubernetes1.30-apiserver, kubernetes1.32-apiserver, libmbedcrypto7, microcode_ctl, php7, podman, proftpd, tomcat10, and webkit2gtk3), and Ubuntu (containerd, exim4, mariadb, opensaml, and org-mode).
페이지