lwn.net 피드 구독하기
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
업데이트: 17분 47초 지남

Videos from the GNU Tools Cauldron

토, 2018/10/06 - 1:01오전
The 2018 GNU Tools Cauldron was held in early September; videos of the talks from that event are now available. There is a wide range of discussions covering various aspects of the toolchain, including GCC, GDB, glibc, and more.

Security updates for Friday

금, 2018/10/05 - 11:09오후
Security updates have been issued by Debian (kernel), Fedora (lcms2, php-tcpdf, and udisks2), openSUSE (ImageMagick, libX11, openssl-1_0_0, openssl-1_1, and otrs), SUSE (kernel, php5, php53, php7, and python), and Ubuntu (apparmor and imagemagick).

Microsoft joins LOT Network, helping protect developers against patent assertions

금, 2018/10/05 - 9:44오전
Microsoft has announced that it has joined the LOT Network, which is an organization set up to help thwart patent trolls by licensing any member's patents to all members if they end up in the hands of a troll. "What does all of this mean for you if you’re a software developer or in the technology business? It means that Microsoft is taking another step to help stop patents from being asserted against you by companies running aggressive monetization campaigns. It also means that Microsoft is aligning with other industry leaders on this topic and committing to do more in the future to address IP risk. By joining the LOT network, we are committing to license our patents for free to other members if we ever transfer them to companies in the business of asserting patents. This pledge has immediate value to the nearly 300 members of the LOT community today, which covers approximately 1.35 million patents."

Stable kernels 4.18.12, 4.14.74, and 4.9.131 released

금, 2018/10/05 - 1:42오전

Greg Kroah-Hartman has announced the release of the 4.18.12, 4.14.74, and 4.9.131 stable kernels. As usual, they contain important fixes throughout the tree; users of those kernel series should upgrade.


[$] New AT_ flags for restricting pathname lookup

금, 2018/10/05 - 12:53오전
System calls like openat() have access to the entire filesystem — or, at least, that part of the filesystem that exists in the current mount namespace and which the caller has the permission to access. There are times, though, when it is desirable to reduce that access, usually for reasons of security; that has proved to be especially true in many container use cases. A new patch set from Aleksa Sarai has revived an old idea: provide a set of AT_ flags that can be used to control the scope of a given pathname lookup operation.

Security updates for Thursday

목, 2018/10/04 - 10:46오후
Security updates have been issued by Arch Linux (firefox and python-django), Debian (dnsmasq, firefox-esr, imagemagick, and linux-4.9), Fedora (haproxy), openSUSE (bitcoin, firefox, and texlive), SUSE (openslp), and Ubuntu (apache2).

[$] LWN.net Weekly Edition for October 4, 2018

목, 2018/10/04 - 9:45오전
The LWN.net Weekly Edition for October 4, 2018 is available.

[$] Freedesktop.org: its past and its future

목, 2018/10/04 - 4:39오전

At the 2018 X.Org Developers Conference (XDC) in A Coruña, Spain, Daniel Stone gave an update on the status of freedesktop.org, which serves multiple projects as a hosting site for code, mailing lists, specifications, and more. As its name would imply, it started out with a focus on free desktops and cross-desktop interoperability, but it lost that focus—along with its focus in general—along the way. He recapped the journey of fd.o (as it is often known) and unveiled some idea of where it may be headed in the future.


Security updates for Wednesday

목, 2018/10/04 - 12:16오전
Security updates have been issued by Fedora (elfutils), Gentoo (firefox), Red Hat (instack-undercloud, openstack-tripleo-heat-templates and openstack-nova), Slackware (mozilla), SUSE (ghostscript, ImageMagick, kernel, mgetty, qemu, and unzip), and Ubuntu (firefox, haproxy, kernel, liblouis, and webkit2gtk).

[$] Revenge of the modems

수, 2018/10/03 - 11:53오후

Back in the halcyon days of the previous century, those with a technical inclination often became overly acquainted with modems—not just the strange sounds they made when connecting, but the AT commands that were used to control them. While the AT command set is still in use (notably for GSM networks), it is generally hidden these days. But some security researchers have found that Android phones often make AT commands available via their USB ports, which is something that can potentially be exploited by rogue USB devices of various sorts.


[$] Device-to-device memory-transfer offload with P2PDMA

수, 2018/10/03 - 5:42오전
One of the most common tasks carried out by device drivers is setting up DMA operations for data transfers between main memory and the device. Often, data read into memory from one device will be immediately written, unchanged, to another device. Common examples include carrying the image between the camera and screen on a mobile phone, or downloading files to be saved on a disk. Those transfers have an impact on the CPU even if it does not use the data directly, due to higher memory use and effects like cache trashing. There are cases where it is possible to avoid usage of the system memory completely, though. A patch set (posted by Logan Gunthorpe with contributions by Christoph Hellwig and Steve Wise) has been in the works for some time that addresses this case for PCI devices using peer-to-peer (P2P) transfers, with a focus on offering an offload option for the NVMe fabrics target subsystem.

[$] XFS, LSM, and low-level management APIs

수, 2018/10/03 - 12:56오전
The Linux Security Module (LSM) subsystem allows security modules to hook into many low-level operations within the kernel; modules can use those hooks to examine each requested operation and decide whether it should be allowed to proceed or not. In theory, just about every low-level operation is covered by an LSM hook; in practice, there are some gaps. A discussion regarding one of those gaps — low-level ioctl() operations on XFS filesystems — has revealed a thorny problem and a significant difference of opinion on what the correct solution is.

Security updates for Tuesday

수, 2018/10/03 - 12:17오전
Security updates have been issued by Arch Linux (lib32-libxml2, libxml2, mosquitto, and ntp), Debian (kernel and strongswan), Fedora (firefox), openSUSE (zsh), Oracle (kernel), Red Hat (ceph-iscsi-cli), SUSE (openssl-1_0_0), and Ubuntu (kernel, linux, linux-aws, linux-gcp, linux-kvm, linux-oem, linux-raspi2, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-hwe, linux-gcp, linux-lts-trusty, linux-lts-xenial, linux-aws, and strongswan).

Stratis 1.0 released

화, 2018/10/02 - 9:23오전
Version 1.0 of the Stratis storage-management system (covered here in May) has been released. "After two years of development, Stratis 1.0 has stabilized its on-disk metadata format and command-line interface, and is ready for more widespread testing and evaluation by potential users." See the FAQ for more information.

Security updates for Monday

화, 2018/10/02 - 12:04오전
Security updates have been issued by Arch Linux (mediawiki), CentOS (389-ds-base, firefox, flatpak, kernel, mod_perl, nss, spice and spice-gtk, and spice-gtk and spice-server), Debian (389-ds-base, ghostscript, mosquitto, and python3.5), Fedora (ca-certificates, firefox, glusterfs, kernel-headers, kernel-tools, libxkbcommon, udisks2, and zchunk), Mageia (firefox), openSUSE (gd, gnutls, mgetty, openssl, and yast2-smt), Oracle (firefox and kernel), Scientific Linux (firefox), SUSE (libX11 and openssl-1_1), and Ubuntu (bind9 and ghostscript).

Kernel prepatch 4.19-rc6

월, 2018/10/01 - 12:35오전
The 4.19-rc6 kernel prepatch is out. "As always, please go test and report any problems. It all 'just works' on my systems, and I have not heard of any major outstanding issues as of this point in time."

Some weekend stable kernel updates

토, 2018/09/29 - 11:50오후
The stable-kernel machine continues to crank out updates: 4.18.11, 4.14.73, 4.9.130, and 4.4.159 are now available with another set of important fixes.

[$] OpenBSD's unveil()

토, 2018/09/29 - 5:26오전
One of the key aspects of hardening the user-space side of an operating system is to provide mechanisms for restricting which parts of the filesystem hierarchy a given process can access. Linux has a number of mechanisms of varying capability and complexity for this purpose, but other kernels have taken a different approach. Over the last few months, OpenBSD has inaugurated a new system call named unveil() for this type of hardening that differs significantly from the mechanisms found in Linux.

Nuitka 0.60 released

금, 2018/09/28 - 11:59오후
Nuitka is a compiler for the Python 2.7 and 3.7 languages; version 0.6.0 is now available. "This release adds massive improvements for optimization and a couple of bug fixes. It also indicates reaching the mile stone of doing actual type inference, even if only very limited." At this point, the claim is that all Python language features have been implemented, so the focus is shifting toward optimization.

Security updates for Friday

금, 2018/09/28 - 11:46오후
Security updates have been issued by Debian (libxml2 and python2.7), Fedora (hylafax+, lcms2, libbson, moodle, mozilla-noscript, visualboyadvance-m, and yum-utils), openSUSE (dom4j and php7), Oracle (firefox), Red Hat (firefox and qemu-kvm-rhev), SUSE (gnutls, kernel, openssl, smt, smt, yast2-smt, xorg-x11-libX11, and yast2-smt), and Ubuntu (mutt).