lwn.net 피드 구독하기
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
업데이트: 2시간 35분 지남

[$] Avoiding page reference-count overflows

화, 2019/04/16 - 9:49오전
The 5.1-rc5 announcement mentioned "changes all over" and highlighted a number of the areas that had been touched. One thing that was not mentioned there was the addition of four patches fixing a security-related issue in the core memory-management subsystem. The vulnerability is sufficiently difficult to exploit that almost nobody should feel the need to rush out a kernel update, but it is still interesting to look at as a demonstration of how things can go wrong.

An eBPF overview series from Collabora

화, 2019/04/16 - 5:38오전
Adrian Ratiu is posting a series of articles on the Collabora blog digging into the kernel's eBPF subsystem. The first two parts are available now: an introduction and a look at the virtual machine. "eBPF is a RISC register machine with a total of 11 64-bit registers, a program counter and a 512 byte fixed-size stack. 9 registers are general purpouse read-write, one is a read-only stack pointer and the program counter is implicit, i.e. we can only jump to a certain offset from it. The VM registers are always 64-bit wide (even when running inside a 32-bit ARM processor kernel!) and support 32-bit subregister addressing if the most significant 32 bits are zeroed - this will be very useful in part 4 when cross-compiling and running eBPF programs on embedded devices."

Stable kernel updates

화, 2019/04/16 - 4:10오전
Stable kernels 5.0.7, 4.19.34, 4.14.111, and 4.9.168 were actually released last week, but the email wasn't sent. As usual they all contain important fixes and users should upgrade.

Security updates for Monday

화, 2019/04/16 - 12:02오전
Security updates have been issued by Debian (graphicsmagick, jasper, and libssh2), Fedora (kernel, kernel-headers, kernel-tools, nodejs-simple-markdown, and php), openSUSE (netpbm and xen), and SUSE (audiofile, firefox, java-1_7_0-openjdk, libvirt, openssh, and systemd).

Kernel prepatch 5.1-rc5

월, 2019/04/15 - 11:02오후
The 5.1-rc5 kernel prepatch is out for testing. "Nothing in here makes me feel uncomfortable about this release cycle so far. Knock wood."

[$] Expedited memory reclaim from killed processes

토, 2019/04/13 - 7:26오전
Running out of memory puts a Linux system into a difficult situation; in the worst cases, there is often no way out other than killing one or more processes to reclaim their memory. This killing may be done by the kernel itself or, on systems like Android, by a user-space out-of-memory (OOM) killer process. Killing a process is almost certain to make somebody unhappy; the kernel should at least try to use that process's memory expeditiously so that, with luck, no other processes must die. That does not always happen, though, in current kernels. This patch set from Suren Baghdasaryan aims to improve the situation, but the solution that results in the end may take a different form.

Emacs 26.2 released

토, 2019/04/13 - 4:38오전
Version 26.2 of the Emacs editor is out. The headline features include the ability to build modules outside of the source tree, Unicode 11 compliance, and the long-awaited ability to compress an entire directory full of files with a single keystroke.

Security updates for Friday

토, 2019/04/13 - 12:05오전
Security updates have been issued by CentOS (freerdp, kernel, openssh, and python), Fedora (checkstyle), openSUSE (bluez, file, kernel, and libarchive), SUSE (apache2, curl, ghostscript, libvirt, openssh, and systemd), and Ubuntu (rssh).

[$] Counting corporate beans

금, 2019/04/12 - 11:47오전
Some things simply take time. When your editor restarted the search for a free accounting system, he had truly hoped to be done by now. But life gets busy, and accounting systems are remarkably prone to falling off the list of things one wants to deal with in any given day. On the other hand, accounting can return to that list quickly whenever LWN's proprietary accounting software does something particularly obnoxious. This turns out to be one of those times, so your editor set out to determine whether beancount could do the job.

Security updates for Thursday

금, 2019/04/12 - 12:33오전
Security updates have been issued by Arch Linux (apache, evolution, gnutls, and thunderbird), Debian (wpa), Gentoo (git), Mageia (dovecot, flash-player-plugin, gpac, gpsd, imagemagick, koji, libssh2, libvirt, mariadb, ming, mumble, ntp, python, python3, squirrelmail, and wget), openSUSE (apache2), Red Hat (httpd24-httpd and httpd24-mod_auth_mellon), SUSE (libqt5-qtbase, openldap2, tar, and xmltooling), and Ubuntu (ruby1.9.1, ruby2.0, ruby2.3, ruby2.5 and wpa).

[$] LWN.net Weekly Edition for April 11, 2019

목, 2019/04/11 - 8:51오전
The LWN.net Weekly Edition for April 11, 2019 is available.

[$] A backdoor in a popular Ruby gem

목, 2019/04/11 - 2:56오전

Finding ways to put backdoors into various programming-language package repositories (e.g. npm, PyPI, and now RubyGems) seems like it is becoming a new Olympic sport or something. Every time you turn around, there is a report of a new backdoor. It is now apparently Ruby's turn, with a new report of a remote-execution backdoor being inserted, briefly, into a popular gem that is installed by some sites using the Ruby on Rails web-application framework.


Security updates for Wednesday

목, 2019/04/11 - 12:01오전
Security updates have been issued by Debian (samba and spip), openSUSE (samba), Red Hat (flash-plugin), Scientific Linux (kernel and openssh), SUSE (clamav and xen), and Ubuntu (apache2).

Microsoft research: A fork() in the road

수, 2019/04/10 - 9:39오후
Here's a research paper from Andrew Baumann, Jonathan Appavoo, Orran Krieger, and Timothy Roscoe at Microsoft Research arguing that the fork() system call is a fundamental design mistake. "As the designers and implementers of operating systems, we should acknowledge that fork’s continued existence as a first-class OS primitive holds back systems research, and deprecate it. As educators, we should teach fork as a historical artifact, and not the first process creation mechanism students encounter." The discussion of better alternatives is limited, though.


[$] Positional-only parameters for Python

수, 2019/04/10 - 2:05오후

Arguments can be passed to Python functions by position or by keyword—generally both. There are times when API designers may wish to restrict some function parameters to only be passed by position, which is harder than some think it should be in pure Python. That has led to a PEP that is meant to make the situation better, but opponents say it doesn't really do that; it simply replaces one obscure mechanism with another. The PEP was assigned a fairly well-known "BDFL delegate" (former BDFL Guido van Rossum), who has accepted it, presumably for Python 3.8.


[$] Managing sysctl knobs with BPF

수, 2019/04/10 - 2:50오전
"Sysctl" is the kernel's mechanism for exposing tunable parameters to user space. Every sysctl knob is presented as a virtual file in a hierarchy under /proc/sys; current values can be queried by reading those files, and a suitably privileged user can change a value by writing to its associated file. What happens, though, when a system administrator would like to limit access to sysctl, even for privileged users? Currently there is no solution to this problem other than blocking access to /proc entirely. That may change, though, if this patch set from Andrey Ignatov makes its way into the mainline.

Security updates for Tuesday

화, 2019/04/09 - 11:31오후
Security updates have been issued by Debian (poppler, proftpd-dfsg, suricata, and systemd), Fedora (kernel, kernel-headers, kernel-tools, and wget), Gentoo (clamav, emerge-delta-webrsync, and mailman), openSUSE (bash), Red Hat (kernel and openssh), Scientific Linux (python), SUSE (gnuplot, libtcnative-1-0, and sqlite3), and Ubuntu (clamav, lua5.3, openjdk-7, samba, systemd, and wget).

[$] Making slab-allocated objects movable

화, 2019/04/09 - 12:06오전
Memory fragmentation is a constant problem for memory-management subsystems. Over the years, considerable effort has been put into reducing fragmentation in the Linux kernel, but almost all of that work has been focused on memory management at the page level. The slab allocators, which (mostly) manage memory in chunks of less than the page size, have seen less attention, but fragmentation at this level can create problems throughout the system. The slab movable objects patch set posted by Tobin Harding is an attempt to improve this situation by making it possible for the kernel to actively defragment slab pages by moving objects around.

Security updates for Monday

월, 2019/04/08 - 11:35오후
Security updates have been issued by Debian (roundup, samba, tryton-server, and wget), Fedora (evolution-data-server, evolution-ews, glpi, ntp, poppler, pspp, and wget), Mageia (advancecomp, cfitsio, firefox, ghostscript, gnutls, libjpeg, libpng, ocaml, python-yaml, ruby-ox, SDL12, and thunderbird), openSUSE (adcli, sssd, go1.11, liblouis, nodejs6, openssl, ovmf, sqlite3, sysstat, thunderbird, tiff, and znc), Red Hat (chromium-browser and python), Slackware (httpd, openjpeg, and wget), SUSE (bash, clamav, dovecot22, kernel, php53, SDL, and xen), and Ubuntu (clamav and samba).

Major Browsers to Prevent Disabling of Click Tracking Privacy Risk (BleepingComputer)

월, 2019/04/08 - 11:18오후
BleepingComputer reports that browser developers are removing the ability to disable "ping=" click tracking. "Google Chrome also enables this tracking feature by default, but in the current Chrome 73 version it includes a 'Hyperlink auditing' flag that can be used to disable it from the chrome://flags URL. In the Chrome 74 Beta and Chrome 75 Canary builds, though, this flag has been removed and there is no way to disable hyperlink auditing." Firefox still allows this "feature" to be disabled (and disables it by default).