lwn.net

Version 10 of the AlmaLinux OS distribution has been released.

The goal of AlmaLinux OS is to support our community, and AlmaLinux OS 10 is the best example of that yet. With an unwavering eye on maintaining compatibility with Red Hat Enterprise Linux (RHEL), we have made small improvements to AlmaLinux OS 10 that target specific sections of our userbase.

See the release notes for details.

Srinivas Narayana led a remote session about extending Agni to prove the correctness of the BPF verifier's handling of different execution paths as part of the Linux Storage, Filesystem, Memory Management, and BPF Summit. The problem of ensuring the correctness of path exploration is much more difficult than the problem of ensuring the correctness of arithmetic operations (which was the subject of the previous session), however. Narayana's plan to tackle the problem makes use of a mixture of specialized techniques — and may need some assistance from the BPF developers to make it feasible at all.

Cory Doctorow wears many hats: digital activist, science-fiction author, journalist, and more. He has also written many books, both fiction and non-fiction, runs the Pluralistic blog, is a visiting professor, and is an advisor to the Electronic Frontier Foundation (EFF); his Chokepoint Capitalism co-author, Rebecca Giblin, gave a 2023 keynote in Australia that we covered. Doctorow gave a rousing keynote on the state of the "enshitternet"—today's internet—to kick off the recently held PyCon US 2025 in Pittsburgh, Pennsylvania.

Version 25.05 of the NixOS distribution has been released. Changes include support for the COSMIC desktop environment (reviewed here in August), GNOME 48, a 6.12 kernel, and many new modules; see the release notes for details. (Thanks to Pavel Roskin).

Security updates have been issued by AlmaLinux (gstreamer1-plugins-bad-free, libsoup, and python-tornado), Debian (libavif and pgbouncer), Red Hat (gstreamer1-plugins-bad-free, mingw-freetype and spice-client-win, and webkit2gtk3), SUSE (firefox, govulncheck-vulndb, and python310-setuptools), and Ubuntu (flask, intel-microcode, openjdk-17-crac, tika, and Tomcat).

The 6.14 kernel development cycle only brought in 11,003 non-merge changesets, making it the slowest cycle since 4.0, which was released in 2015. The 6.15 kernel, instead, brought in 14,612 changesets, making it the busiest release since 6.7, released at the beginning of 2024. The kernel development process, in other words, is back up to full speed. The 6.15 release happened on May 25, so the time has come for the obligatory look at where the changes in this release came from.

Security updates have been issued by AlmaLinux (389-ds-base, ghostscript, grafana, kernel, and osbuild-composer), Debian (intel-microcode, kernel, libphp-adodb, and openssl), Fedora (dotnet8.0, ghostscript, iputils, nbdkit, open-vm-tools, thunderbird, and vyper), Mageia (chromium-browser-stable, glibc, iputils, microcode, nodejs, and zsync), Oracle (.NET 8.0, .NET 9.0, 389-ds-base, avahi, buildah, compat-openssl11, expat, firefox, ghostscript, gimp, git, grafana, gvisor-tap-vsock, libsoup, libxslt, mod_auth_openidc, nginx, nodejs:20, osbuild-composer, podman, skopeo, thunderbird, vim, webkit2gtk3, xdg-utils, xterm, and yelp), Red Hat (kernel, kernel-rt, libsoup, libsoup3, python-tornado, and ruby), Slackware (ffmpeg), SUSE (audiofile, firefox, glibc, govulncheck-vulndb, grafana, kernel, kind, kubo, libecpg6, postgresql13, postgresql14, python-Django, python-setuptools, python-tornado6, python311-Flask, python311-tornado6, python313, python36-setuptools, thunderbird, transfig, and xen), and Ubuntu (glib2.0, linux-bluefield, linux-ibm, linux-raspi, and openjdk-21-crac).

Linus has released the 6.15 kernel, as expected.

So this was delayed by a couple of hours because of a last-minute bug report resulting in one new feature being disabled at the eleventh hour, but 6.15 is out there now.

Significant changes in 6.15 include smarter timer-ID assignment to make checkpoint/restore operations more reliable, the ability to read status information from a pidfd after the process in question has been reaped, the PIDFD_SELF special pidfd value, nested ID-mapped mounts, zero-copy network-data reception via io_uring, The ability to read epoll events via io_uring, resilient queued spinlocks for BPF programs, guard-page enhancements allowing them to be placed in file-backed memory areas and for user space to detect their presence, the once-controversial fwctl subsystem, the optional sealing of some system mappings, and much more.

See the LWN merge-window summaries (part 1, part 2) and the in-progress KernelNewbies 6.15 page for more information.