lwn.net

Security updates have been issued by Fedora (lldpad, pdns, and php), Mageia (flash-player-plugin, gdal, mutt, patch, php-pear-CAS, postgresql9.4|6, ruby-rack, and teeworlds), SUSE (kernel-rt, postgresql10, and squid), and Ubuntu (openjdk-7).

Android devices are based on the Linux kernel but, since the beginning, those devices have not run mainline kernels. The amount of out-of-tree code shipped on those devices has been seen as a problem for most of this time, and significant resources have been dedicated to reducing it. At the 2018 Linux Plumbers Conference, Sandeep Patil talked about this problem and what is being done to address it. The dream of running mainline kernels on Android devices has not yet been achieved, but it may be closer than many people think.

Red Hat has announced the release of RHEL 8 Beta. "Red Hat Enterprise Linux 8 Beta introduces the concept of Application Streams to deliver userspace packages more simply and with greater flexibility. Userspace components can now update more quickly than core operating system packages and without having to wait for the next major version of the operating system. Multiple versions of the same package, for example, an interpreted language or a database, can also be made available for installation via an application stream. This helps to deliver greater agility and user-customized versions of Red Hat Enterprise Linux without impacting the underlying stability of the platform or specific deployments."

Security updates have been issued by Fedora (kde-connect, mingw-SDL2_image, SDL2_image, and subscription-manager), Red Hat (flash-plugin), SUSE (openssh-openssl1, systemd, and thunderbird), and Ubuntu (kernel, linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2, linux, linux-aws, linux-gcp, linux-kvm, linux-raspi2, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-azure, linux-hwe, linux-azure, linux-gcp, linux-lts-trusty, linux-lts-xenial, linux-aws, postgresql-10, and python2.7).

The LWN.net Weekly Edition for November 15, 2018 is available.

In the first session of the Testing & Fuzzing microconference at the 2018 Linux Plumbers Conference (LPC), Kevin Hilman gave a report on the recently held Automated Testing Summit (ATS). Since the summit was an invitation-only gathering of 35 people, there were many at LPC who were not at ATS but had a keen interest in what was discussed. The summit came out of a realization that there is a lot of kernel testing going on in various places, but not a lot of collaboration between those efforts, Hilman said.

Device trees have become ubiquitous in recent years as a way of describing the hardware layout of non-discoverable systems, such as many ARM-based devices. The device-tree bindings define how a particular piece of hardware is described in a device tree. Drivers then implement those bindings. The device-tree documentation shows how to use the bindings to describe systems: which properties are available and which values they may have. In theory, the bindings, drivers and documentation should be consistent with each other. In practice, they are often not consistent and, even when they are, using those bindings correctly in actual device trees is not a trivial task. As a result, developers have been considering formal validation for device-tree files for years. Recently, Rob Herring proposed a move to a more structured documentation format for device-tree bindings using JSON Schema to allow automated validation.

The results of the 2018 election for members of the Linux Foundation's Technical Advisory Board have been posted; the members elected this time around are Chris Mason, Laura Abbott, Olof Johansson, Dan Williams, and Kees Cook. Abbott and Cook are new members to the board this time around. (The other TAB members are Ted Ts'o, Greg Kroah-Hartman, Jonathan Corbet, Tim Bird, and Steve Rostedt).

Stable kernels 4.19.2, 4.18.19, 4.14.81, and 4.9.137 have been released. They all contain a relatively large set of important fixes and users should upgrade.

Security updates have been issued by Arch Linux (powerdns and powerdns-recursor), Debian (ceph and spamassassin), Fedora (feh, flatpak, and xen), Red Hat (kernel, kernel-rt, openstack-cinder, python-cryptography, and Red Hat Single Sign-On 7.2.5), and Ubuntu (python2.7, python3.4, python3.5).

Debian supports many architectures and, even for those it does not officially support, there are Debian ports that try to fill in the gap. For most user applications, it is mostly a matter of getting GCC up and running for the architecture in question, then building all of the different packages that Debian provides. But for packages that need to be built with LLVM—applications or libraries that use Rust, for example—that simple recipe becomes more complicated. How much the lack of Rust support for an unofficial architecture should hold back the rest of the distribution was the subject of a somewhat acrimonious discussion recently.

Security updates have been issued by Debian (firmware-nonfree and imagemagick), Fedora (cabextract, icecast, and libmspack), openSUSE (icecast), Red Hat (httpd24), Slackware (libtiff), SUSE (apache-pdfbox, firefox, ImageMagick, and kernel), and Ubuntu (clamav, spamassassin, and systemd).

User-space developers may be accustomed to thinking of system calls as direct calls into the kernel. Indeed, the first edition of The C Programming Language described read() and write() as "a direct entry into the operating system". In truth, user-level "system calls" are just functions in the C library like any other. But what happens when the developers of the C library refuse to provide access to system calls they don't like? The result is an ongoing conflict that has recently flared up again; it shows some of the difficulties that can arise when the system as a whole has no ultimate designer and the developers are not talking to each other.

Security updates have been issued by Arch Linux (curl, lib32-curl, lib32-libcurl-compat, lib32-libcurl-gnutls, libcurl-compat, libcurl-gnutls, systemd, and thunderbird), Debian (ansible, ghostscript, qemu, thunderbird, and xen), Fedora (community-mysql, gettext, links, mysql-connector-java, xen, and zchunk), Gentoo (icecast, libde265, okular, pango, and PHProjekt), Mageia (ansible, audiofile, iniparser, libtiff, mercurial, opencc, and python-dulwich), openSUSE (accountsservice, apache2, audiofile, curl, libarchive, ntfs-3g_ntfsprogs, opensc, python, python-base, qemu, soundtouch, and systemd), Oracle (git, java-1.7.0-openjdk, java-11-openjdk, kernel, python-paramiko, thunderbird, and xorg-x11-server), Red Hat (rh-git29-git), Scientific Linux (thunderbird), SUSE (kernel), and Ubuntu (gettext and libmspack).

The 4.20-rc2 kernel prepatch is out for testing. "Fairly normal week, aside from me traveling".

The 4.18.18, 4.14.80, 4.9.136, 4.4.163, and 3.18.125 stable kernel updates have all been released; each contains a relatively large set of important fixes.

The 3.18.x updates may be about to come to an end, since it is not clear that anybody is using them. "And from what I can see in the 'real world', no one is actually updating devices that rely on 3.18.y to the newer kernel releases. So I think I'm going to stop maintaining this tree soon unless someone speaks up and says 'I am using it!''

Since the beginning, one part of the kernel-development task has been watching the mainline to see whether one's work had been merged. That is about to change with the advent of the pull-request tracker bot, which will inform maintainers when one of their pull requests has made it into the mainline. Konstantin Ryabitsev, who put this service together, plans to expand it to other trees once things have settled down.

As a general rule, the kernel is supposed to use the least amount of CPU time possible; any time taken by the kernel is not available for the applications the user actually wants to run. As a result, not a lot of thought has gone into optimizing the execution of kernel-side work requiring large amounts of CPU. But the kernel does occasionally have to take on CPU-intensive tasks, such as the initialization of the large amounts of memory found on current systems. The ktask subsystem posted by Daniel Jordan is an attempt to improve how the kernel handles such jobs.

Security updates have been issued by Debian (nginx), Fedora (icu, java-1.8.0-openjdk-aarch32, libgit2, php-pear-CAS, roundcubemail, and ruby), Gentoo (firefox, libX11, openssl, and python), openSUSE (thunderbird), Oracle (java-11-openjdk, kernel, and spice-server), Red Hat (java-1.8.0-ibm and thunderbird), Scientific Linux (spice-server), SUSE (curl, libepubgen, liblangtag, libmwaw, libnumbertext, libreoffice, libstaroffice, libwps, myspell-dictionaries, xmlsec1, libxkbcommon, openssh, and xorg-x11-server), and Ubuntu (pyopenssl).

It has been nearly 13 years since Jeff Garzik proclaimed that Linux was "proving its superiority in the area of crappy wireless (WiFi) support". Happily, the situation has improved somewhat since then, but that doesn't mean that things can't get better yet. During the Embedded Linux Conference portion of the 2018 Open Source Summit Europe, Marcel Holtmann described the work being done to create iwd, a new system for configuring and managing WiFi connections. If this project has its way, future users will have little room for complaint about how WiFi works on Linux systems.