lwn.net

Linux has released the 5.9-rc1 kernel prepatch and closed the merge window for this development cycle. "This merge window felt a lot more normal than 5.8, and all the stats confirm that it seems to be the usual size." In the end, 12,866 non-merge changesets were pulled for 5.9-rc1, as compared to 14,206 for 5.8-rc1.

While PHP does not come with built-in debugging or profiling, an open-source project has existed almost as long as PHP to provide that functionality: Xdebug. Created and maintained by PHP core developer Derick Rethans, it offers remote debugging, stack traces, profiling, and more. It is a project that anyone doing PHP development would benefit from using.

Security updates have been issued by Debian (squid3), Fedora (lilypond and python3), openSUSE (xen), SUSE (libreoffice, libvirt, webkit2gtk3, xen, and xerces-c), and Ubuntu (apache2).

Shortly before the release of the 5.8 kernel, a brief patch to a pseudo-random-number generator (PRNG) used by the networking stack was quietly applied to the kernel. As is the norm for such things, the changelog gave no indication that a security vulnerability had been fixed, but that turns out indeed to be the case. The resulting controversy had little to do with the original vulnerability, though, and everything to do with how cryptographic security is managed in the kernel. Figuring prominently in the discussion was the question of whether theoretical security can undermine security in the real world.

On the Jupyter blog, Chris Holdgraf announces a rewrite of the Jupyter Book project. LWN looked at Jupyter and its interactive notebooks for Python and other languages back in 2018; Jupyter Book extends the notebook idea. "Jupyter Book is an open source project for building beautiful, publication-quality books, websites, and documents from source material that contains computational content. With this post, we’re happy to announce that Jupyter Book has been re-written from the ground up, making it easier to install, faster to use, and able to create more complex publishing content in your books. It is now supported by the Executable Book Project, an open community that builds open source tools for interactive and executable documents in the Jupyter ecosystem and beyond."

For those who are into the details: here is a step-by-step guide through the process of decompressing an Arm kernel and getting ready to boot from Linus Walleij. "Next the decompression code sets up a page table, if it is possible to fit one over the whole uncompressed+compressed kernel image. The page table is not for virtual memory, but for enabling cache, which is then turned on. The decompression will for natural reasons be much faster if we can use cache."

Version 5.1.0 of the QEMU processor emulator is out. "This release contains 2500+ commits from 235 authors." Enhancements consist mostly of additional hardware emulation, of course, but it doesn't stop there; see the changelog for lots of details.

Security updates have been issued by Debian (linux-4.19, linux-latest-4.19, and openjdk-8) and Fedora (ark and hylafax+).

The LWN.net Weekly Edition for August 13, 2020 is available.

In this two-part series, we will be implementing a simple RSS reader for LWN using the UI toolkit Flutter. The project recently announced version 1.20 of the toolkit on August 5. Flutter is a BSD-licensed UI development platform written in Dart that is backed by Canonical as a new way to develop desktop applications targeting Linux. Part one will cover some of the basics of the project and Flutter, with part two building on that work to focus on building a full interactive UI for the application.

Security updates have been issued by Debian (dovecot and roundcube), Fedora (python36), Gentoo (chromium), openSUSE (ark, firefox, go1.13, java-11-openjdk, libX11, wireshark, and xen), Red Hat (bind and kernel), SUSE (libreoffice and python36), and Ubuntu (dovecot and software-properties).

The Linux kernel has never lacked for synchronization primitives and locking mechanisms, so one might justifiably wonder why there might be a need to add another one. The addition of local locks to 5.8 provides an answer to that question. These locks, which have their origin in the realtime (PREEMPT_RT) tree, were created to solve some realtime-specific problems, but they also bring some much-needed structure to a common locking pattern used in non-realtime kernels as well.

Mitchell Baker writes about changes at Mozilla, headlined by the laying-off of 250 people. "Recognizing that the old model where everything was free has consequences, means we must explore a range of different business opportunities and alternate value exchanges. How can we lead towards business models that honor and protect people while creating opportunities for our business to thrive? How can we, or others who want a better internet, or those who feel like a different balance should exist between social and public benefit and private profit offer an alternative?"

Security updates have been issued by Debian (firmware-nonfree, golang-github-seccomp-libseccomp-golang, and ruby-kramdown), Fedora (kernel, libmetalink, and nodejs), openSUSE (go1.13, perl-XML-Twig, and thunderbird), Oracle (kernel, libvncserver, and thunderbird), Red Hat (kernel-rt and python-paunch and openstack-tripleo-heat-templates), SUSE (dpdk, google-compute-engine, libX11, webkit2gtk3, xen, and xorg-x11-libX11), and Ubuntu (nss and samba).

Greg Kroah-Hartman has released the 5.8.1, 5.7.15, 5.4.58, and 4.19.139 stable kernels. As usual, these contain lots of important fixes throughout the tree; users should upgrade.

Version 27.1 of the Emacs editor is out. New features include support for arbitrary-sized integers, HarfBuzz support, improved drawing with Cairo, and the obligatory new JSON parser.

Nick McKeown kicked off the virtual Netdev 0x14 conference with a talk on extending the programmability of networking equipment well beyond where it is today. His vision is of an end-to-end system with programmable pieces at every level. Getting there will require collaboration between the developers of the networking stacks on endpoint operating systems as well as those of switches, routers, and other backbone equipment. The keynote was held on July 28, a little over two weeks before the seven days of talks, workshops, and tutorials for Netdev, which begins on August 13.

Security updates have been issued by Debian (pillow, ruby-kramdown, wpa, and xrdp), Fedora (ark and rpki-client), Gentoo (apache, ark, global, gthumb, and iproute2), openSUSE (chromium, grub2, java-11-openjdk, libX11, and opera), Red Hat (bind, chromium-browser, java-1.7.1-ibm, java-1.8.0-ibm, and libvncserver), SUSE (LibVNCServer, perl-XML-Twig, thunderbird, and xen), and Ubuntu (samba).

For those who are wondering about the state of the proposed Perl 7 fork and the role of the newly formed Perl Steering Committee, Ricardo Signes has put together a detailed explanation that is worth a read. "You should not expect to see a stream of unjustified dictates issuing forth from some secret body on high. You should expect to see perl5-porters operating as it generally did: with proposals coming to the list, getting discussion, and then being thumbed up or down by the project manager. This is what has been happening for years, already. Some proposals were already discussed by the project manager and some were not. If you eliminated any named mailing list for doing this, it would still happen. The PSC is a means to say that there is a default group for such discussions. If you were wondering, its initial membership was formed from 'the people who came to or were invited to the Perl Core Summit' over the last few years."

As of this writing, just over 3,900 non-merge changesets have been pulled into the mainline repository for the 5.9 kernel development cycle. While this merge window has just begun, there is already a significant set of new features to point out.