Post Syndicated from corbet original https://lwn.net/Articles/848615/rss

The
5.11.4,
5.10.21,
5.4.103,
4.19.179,
4.14.224,
4.9.260, and
4.4.260
stable kernels have all been released; each contains yet another set of
important fixes.

Post Syndicated from corbet original https://lwn.net/Articles/848576/rss

Linus has released 5.12-rc2 a little sooner
than would normally be expected due to the
problems with 5.12-rc1. “Other than that it all looks pretty
normal“.

Post Syndicated from corbet original https://lwn.net/Articles/847481/rss

The first two articles in this series introduced four ways to order memory
accesses: load-acquire and store-release operations in the first installment, read and
write memory barriers in the second. The series continues
with an exploration of full memory barriers, why they are more expensive,
and how they are used in the kernel.

Post Syndicated from corbet original https://lwn.net/Articles/847951/rss

Over the last couple of years, a lot of development effort has gone into
two kernel subsystems:
BPF and
io_uring. The BPF virtual machine allows
programs from user space to be safely run within the context of the kernel,
while io_uring addresses the longstanding problem of running system calls
asynchronously. As the two subsystems expand, it was inevitable that the
two would eventually meet; the first encounter happened in mid-February
with this patch
set from Pavel Begunkov adding the ability to run BPF programs from
within io_uring.

Post Syndicated from corbet original https://lwn.net/Articles/848265/rss

Linus Torvalds has sent out a note telling people not to install the recent
5.12-rc1 development kernel; this is especially true for anybody running
with swap files. “But I want everybody to be aware of because _if_
it bites you, it bites you hard, and you can end up with a filesystem that
is essentially overwritten by random swap data. This is what we in the
industry call ‘double ungood’.” Additionally, he is asking
maintainers to not start branches from 5.12-rc1 to avoid future situations where
people land in the buggy code while bisecting problems.

Post Syndicated from corbet original https://lwn.net/Articles/847386/rss

The LWN.net Weekly Edition for March 4, 2021 is available.

Post Syndicated from corbet original https://lwn.net/Articles/848048/rss

OpenSSH 8.5 has been released. It includes fixes for a couple of potential
security problems (one of which only applies to Solaris hosts); it also
enables UpdateHostKeys by default, allowing hosts with insecure
keys to upgrade them without creating scary warnings for users. There are
a lot of other small changes; see the announcement for details.

Post Syndicated from corbet original https://lwn.net/Articles/847451/rss

The 5.12 merge window closed with the release of 5.12-rc1
on February 28; this released followed the normal schedule despite the
fact that Linus Torvalds had been without power for the first six days
after 5.11 came out. At that point, 10,886 non-merge changesets had found
their way into the mainline repository; about 2,000 of those showed up
after the first-half merge-window summary
was written. The pace of merging obviously slowed down, but there were
still a number of interesting features to be found in those patches.

Post Syndicated from corbet original https://lwn.net/Articles/847736/rss

William Woodruff has posted a
rant of sorts on the adoption of Rust by the Python Cryptography
project, which was covered here in
February.

What’s the point of this spiel? It’s precisely what happened to
pyca/cryptography: nobody asked them whether it was a good idea to
try to run their code on HPPA, much less System/390; some packagers
just went ahead and did it, and are frustrated that it no longer
works. People just assumed that it would, because there is still a
norm that everything flows from C, and that any host with a
halfway-functional C compiler should have the entire open source
ecosystem at its disposal.

Post Syndicated from corbet original https://lwn.net/Articles/847735/rss

Version
3.2.0 of the fish shell has been released. New features include undo
and redo support (for command-line editing, not commands!) and a long list
of incremental improvements; see the announcement for details. LWN last looked at the fish shell in September.

Post Syndicated from corbet original https://lwn.net/Articles/847707/rss

Linus Torvalds has released 5.12-rc1
(codename now “Frozen wasteland”) and
closed the merge window despite getting a late start due to bad weather:

So I was actually without electricity for six days of the merge
window, and was seriously considering just extending the merge
window to get everything done.

As you can tell, I didn’t do that. To a large part because people
were actually very good about sending in their pull requests, so by
the time I finally got power back, everything was nicely lined up
and I got things merged up ok.

But partly this is also because 5.12 is a smaller release than some
previous ones.

Post Syndicated from corbet original https://lwn.net/Articles/847613/rss

Mike West has posted a detailed exploration
of what is really required to protect sensitive information in web
applications from speculative-execution exploits. “Spectre-like
side-channel attacks inexorably lead to a model in which active web content
(JavaScript, WASM, probably CSS if we tried hard enough, and so on) can
read any and all data which has entered the address space of the process
which hosts it. While this has deep implications for user agent
implementations’ internal hardening strategies (stack canaries, ASLR, etc),
here we’ll remain focused on the core implication at the web platform
level, which is both simple and profound: any data which flows into a
process hosting a given origin is legible to that origin. We must design
accordingly.”

Post Syndicated from corbet original https://lwn.net/Articles/846700/rss

The first article in this series provided
an introduction to lockless algorithms and the happens before
relationship that allows us to reason about them. The next step is to look
at the concept of a “data race” and the primitives that exist to prevent
data races. We continue in that direction with a look at relaxed accesses, memory
barriers, and how they can be used to implement the kernel’s seqcount
mechanism.

Post Syndicated from corbet original https://lwn.net/Articles/847586/rss

Version 1.0 of GNU poke is out.
“GNU poke (http://www.jemarch.net/poke) is an interactive, extensible
editor for binary data. Not limited to editing basic entities such
as bits and bytes, it provides a full-fledged procedural,
interactive programming language designed to describe data
structures and to operate on them.”

Post Syndicated from corbet original https://lwn.net/Articles/847257/rss

One of the under-the-hood changes in the Fedora 33 release was a switch to
systemd-resolved for the handling of DNS queries. This change should
be invisible to most users unless they start using one of the new features
provided by systemd-resolved. Recently, though, the Fedora project changed
its default configuration for that service to eliminate fallback DNS
servers — a change which is indeed visible to some users who have found
themselves without domain-name resolution as a result.

Post Syndicated from corbet original https://lwn.net/Articles/846635/rss

The LWN.net Weekly Edition for February 25, 2021 is available.

Post Syndicated from corbet original https://lwn.net/Articles/847256/rss

Sergio Durigan Junior has announced the availability of a debuginfod server for Debian
systems. “In a nutshell, by using a debuginfod service you will not need to
install debuginfo (a.k.a. dbgsym) files anymore; the symbols will be
served to GDB (or any other debuginfo consumer that supports debuginfod)
over the network. Ultimately, this makes the debugging experience much
smoother (I myself never remember the full URL of our debuginfo
repository when I need it).”

Post Syndicated from corbet original https://lwn.net/Articles/847240/rss

Security updates have been issued by openSUSE (firefox and tor), Oracle (stunnel and xterm), Red Hat (virt:8.2 and virt-devel:8.2 and xterm), SUSE (avahi, gnuplot, java-1_7_0-ibm, and pcp), and Ubuntu (openssl).

Post Syndicated from corbet original https://lwn.net/Articles/847156/rss

The
5.11.1,
5.10.18,
5.4.100,
4.19.177,
4.14.222,
4.9.258, and
4.4.258
stable kernels have all been released; each contains another set of
important fixes.

Post Syndicated from corbet original https://lwn.net/Articles/847163/rss

The Firefox
86.0 release is out. New features this time include picture-in-picture
video and “total
cookie protection“, which appears to be a way to allow third-party
cookies while preserving some privacy.