lwn.net

Linus has released 5.3-rc1 and closed the merge window for this development cycle. "Anyway, despite the rocky start, and the big size, things mostly smoothed out towards the end of the merge window. And there's a lot to like in 5.3".

Greg Kroah-Hartman has announced the release of the 5.2.2, 5.1.19, 4.19.60, 4.14.134, 4.9.186, and 4.4.186 stable kernels. As usual, they contain fixes throughout the kernel tree; users should upgrade.

Documentation, said Riona MacNamara at the beginning of her Open Source Summit Japan 2019 talk, is the superpower that we can use to energize users and developers; it is an important part of the creation of a vibrant and inclusive community. While there are a number of roadblocks that can impede participation in a development community, many of those can be addressed with better documentation. The talk was a call for all projects to think about what they are trying to accomplish and to ensure that their documentation is helping to get there.

Security updates have been issued by Debian (bzip2), Fedora (freetds, kernel, kernel-headers, and knot-resolver), openSUSE (bubblewrap, fence-agents, kernel, libqb, libu2f-host, pam_u2f, and tomcat), Oracle (vim), SUSE (kernel, LibreOffice, libxml2, and tomcat), and Ubuntu (libmspack and squid, squid3).

Over on his blog, Kees Cook runs through the security changes that came in Linux 5.2. "While the SLUB and SLAB allocator freelists have been randomized for a while now, the overarching page allocator itself wasn’t. This meant that anything doing allocation outside of the kmem_cache/kmalloc() would have deterministic placement in memory. This is bad both for security and for some cache management cases. Dan Williams implemented this randomization under CONFIG_SHUFFLE_PAGE_ALLOCATOR now, which provides additional uncertainty to memory layouts, though at a rather low granularity of 4MB (see SHUFFLE_ORDER). Also note that this feature needs to be enabled at boot time with page_alloc.shuffle=1 unless you have direct-mapped memory-side-cache (you can check the state at /sys/module/page_alloc/parameters/shuffle)."

At the 2019 Linux Storage, Filesystem, and Memory-Management Summit (LSFMM) Brendan Gregg gave a keynote on BPF observability that included a kernel issue he had debugged on Netflix production servers using bpftrace. In this article, he provides a crash course on bpftrace for kernel developers—to help them more easily analyze their code.

Subscribers can read on for a look at kernel analysis using bpftrace from the upcoming weekly edition.

Security updates have been issued by Arch Linux (chromium, firefox, and squid), CentOS (thunderbird and vim), Debian (libonig), SUSE (firefox, glibc, kernel, libxslt, and tomcat), and Ubuntu (libreoffice and thunderbird).

The LWN.net Weekly Edition for July 18, 2019 is available.

The Python 3.8 beta cycle is already underway, with Python 3.8.0b1 released on June 4, followed by the second beta on July 4. That means that Python 3.8 is feature complete at this point, which makes it a good time to see what will be part of it when the final release is made. That is currently scheduled for October, so users don't have that long to wait to start using those new features.

A question about the future of package distribution is at the heart of a disagreement about the snap plugin for the GNOME Software application in Fedora. In a Fedora devel mailing list thread, Richard Hughes raised multiple issues about the plugin and the direction that he sees Canonical taking with snaps for Ubuntu. He plans to remove support for the plugin for GNOME Software in Fedora 31.

Security updates have been issued by Debian (libreoffice), Red Hat (thunderbird), SUSE (ardana and crowbar, firefox, libgcrypt, and xrdp), and Ubuntu (nss, squid3, and wavpack).

Security updates have been issued by Fedora (expat and radare2), Oracle (thunderbird), Red Hat (389-ds-base, keepalived, libssh2, perl, and vim), Scientific Linux (thunderbird), SUSE (bzip2, kernel, podofo, systemd, webkit2gtk3, and xrdp), and Ubuntu (bash, nss, redis, squid, squid3, and Zipios).

The LXD team has announced the release of LXD 3.15. "One big highlight is the transition to the dqlite 1.0 branch which will bring us more performance and reliability, both for our cluster users and for standalone installations. This rework moves a lot of the low-level database/replication logic to dedicated C libraries and significantly reduces the amount of back and forth going on between C and Go."

Our increasingly aggressive modern compilers produce increasingly surprising code optimizations. Some of these optimizations might be especially surprising to developers who assume that each plain C-language load or store will always result in an assembly-language load or store. Although this article is written for Linux kernel developers, many of these scenarios also apply to other concurrent code bases, keeping in mind that "concurrent code bases" also includes single-threaded code bases that use interrupts or signals.

Security updates have been issued by CentOS (firefox), Debian (libspring-java, ruby-mini-magick, and thunderbird), Fedora (fossil, python-django, snapd-glib, and thunderbird), openSUSE (helm and monitoring-plugins), Red Hat (cyrus-imapd, thunderbird, and vim), Scientific Linux (vim), Slackware (bzip2), SUSE (bubblewrap, bzip2, expat, glib2, kernel, php7, python3, and tomcat), and Ubuntu (exiv2, firefox, and flightcrew).

Greg Kroah-Hartman has announced the release of the 5.2.1, 5.1.18, and 4.19.59 stable kernels. As is usual, they contain important fixes throughout the tree; users of those series should upgrade.

As of this writing, exactly 6,666 non-merge changesets have been pulled into the mainline repository for the 5.3 development cycle. The merge window has thus just begun, there is still quite a bit in the way of interesting changes to look at. Read on for a list of what has been merged so far.

Fedora Magazine has posted an introduction to the Silverblue distribution. "One of the main benefits is security. The base operating system is mounted as read-only, and thus cannot be modified by malicious software. The only way to alter the system is through the rpm-ostree utility. Another benefit is robustness. It’s nearly impossible for a regular user to get the OS to the state when it doesn’t boot or doesn’t work properly after accidentally or unintentionally removing some system library."

Security updates have been issued by CentOS (dbus), Debian (firefox-esr, python3.4, and redis), Mageia (ffmpeg), Oracle (firefox, libvirt, and qemu), Red Hat (firefox and virt:8.0.0), Scientific Linux (firefox), and SUSE (kernel).

When it comes to new filesystems for Linux, patience is certainly a virtue. Btrfs took years to mature and, according to some, still isn't ready yet. Tux3 has kept users waiting since at least 2008; as of 2018 its developer still said that it was progressing. By these measures, bcachefs is a relative youngster, having been first announced a mere four years ago. Development of this next-generation filesystem continues, and bcachefs developer Kent Overstreet recently proclaimed his desire to "get this sucker merged", but there are some obstacles to overcome still.