All posts by corbet

Announcing the GNU Toolchain Infrastructure Project

Post Syndicated from corbet original

The backers of the GNU Toolchain Infrastructure Project, which was the
subject of an intense discussion at the GNU
Tools Cauldron, have finally posted
their plans

Linux Foundation IT services plans for the GNU Toolchain include
Git repositories, mailing lists, issue tracking, web sites, and
CI/CD, implemented with strong authentication, attestation, and
security posture. Utilizing the experience and infrastructure of
the LF IT team that is already used by the Linux kernel community
will provide the most effective solution and best experience for
the GNU Toolchain developer community.

ALP prototype ‘Les Droites’ is to be expected later this week (openSUSE News)

Post Syndicated from corbet original

The openSUSE News site is looking
to the imminent preview release of the openSUSE ALP

As far as “Les Droites” goes, users can look forward to a SLE Micro
like HostOS with self-healing abilities contributing to our
OS-as-a-Service/ZeroTouch story. The Big Idea is that the user
focuses on the application rather than the underlying host, which
manages, heals, and self-optimizes itself. Both Salt
(pre-installed) and Ansible will be available to simplify further

Users can look forward to Full Disk Encryption (FDE) with TPM
support by default on x86_64. Another part of the deliverables are
numerous containerized system components including yast2, podman,
k3s, cockpit, Display Manager (GDM), and KVM. All of which users
can experiment with, which are simply referred to as Workloads.

Bash 5.2 released

Post Syndicated from corbet original

Version 5.2 of the bash shell has been released.

The most notable new feature is the rewritten command substitution
parsing code, which calls the bison parser recursively. This
replaces the ad-hoc parsing used in previous versions, and allows
better syntax checking and catches syntax errors much earlier. The
shell attempts to do a much better job of parsing and expanding
array subscripts only once; this has visible effects in the `unset’
builtin, word expansions, conditional commands, and other builtins
that can assign variable values as a side effect.

Wuyts: Why async Rust

Post Syndicated from corbet original

Yoshua Wuyts gives an overview of async
and why it is interesting.

Conversations around “why async” often focus on performance – a
topic which is highly dependent on workloads, and results with
people wholly talking past each other. While performance is not a
bad reason to choose async Rust, we often we only notice
performance when we experience a lack of it. So I want to instead
on which features async Rust provides which aren’t present in
non-async Rust.

Security updates for Tuesday

Post Syndicated from corbet original

Security updates have been issued by Debian (dovecot and firefox-esr), Fedora (firefox and grafana), Red Hat (firefox and thunderbird), Slackware (dnsmasq and vim), SUSE (dpdk, firefox, kernel, libarchive, libcaca, mariadb, openvswitch, opera, permissions, podofo, snakeyaml, sqlite3, unzip, and vsftpd), and Ubuntu (expat, libvpx, linux-azure-fde, linux-oracle, squid, squid3, and webkit2gtk).

[$] Supporting CHERI capabilities in GCC and glibc

Post Syndicated from corbet original

is the product of a research program to extend common
CPU architectures
in a way that prevents many types of memory-related bugs (and
vulnerabilities). At the 2022 GNU Tools Cauldron,
Alex Coplan and Szabolcs Nagy described the work that has been done to
bring GCC and the GNU C Library (glibc) to this architecture. CHERI is a fundamentally
different approach to how memory is accessed, and supporting it properly is anything
but a trivial task.

[$] BPF for HID drivers

Post Syndicated from corbet original

The Human
Interface Device
(HID) standard dates back to the Windows 95 era.
It describes how devices like mice and keyboards present themselves to the
host computer, and has created a world where a single driver can handle a
wide variety of devices from multiple manufacturers. Or it would have, if
there weren’t actual device manufacturers involved. In the real world,
devices stretch and break the standard, each in its own special way. At
the 2022 Linux Plumbers Conference,
Benjamin Tissoires described how BPF can be used to simplify the
task of supporting HID devices.

Kernel prepatch 6.0-rc7

Post Syndicated from corbet original

The 6.0-rc7 kernel prepatch is out for

So I was thinking rc7 might end up larger than usual due to travel
hitting rc6, but it doesn’t really seem to have happened.

Yeah, maybe it’s marginally bigger than the historical average for
this time of the release cycle, but it definitely isn’t some
outlier, and it looks fairly normal. Which is all good, and makes
me think that the final release will happen right on schedule next
weekend, unless something unexpected happens. Knock wood.

[$] BPF as a safer kernel programming environment

Post Syndicated from corbet original

For better or worse, C is the lingua franca in the world of kernel
engineering. The core logic of the Linux kernel is written entirely in
C (with a bit of assembly), as are its drivers and modules. While C is
rightfully celebrated for
its powerful yet simple semantics, it is an older language that lacks
many of the features present in modern languages such as
Rust. The
BPF subsystem, on the other hand,
provides a programming environment that allows engineers to write
programs that can run safely in kernel space. At the 2022 Linux Plumbers
in Dublin, Ireland, Alexei Starovoitov presented an overview
of how BPF has evolved over the years to provide a new model for kernel

[$] Two visions for the future of

Post Syndicated from corbet original

Public hosting systems for free software have come and gone over the years
but one of them, Sourceware, has been
supporting the development of most of the GNU toolchain for nearly
25 years.
Recently, an application was made to bring
Sourceware under the umbrella of the Software Freedom Conservancy (SFC), at least for
fundraising purposes. It turns out that there is a separate initiative,
developed in secret until now, with a different vision for the future of
Sourceware. The 2022 GNU
Tools Cauldron
was the site of an intense discussion on how this
important community resource should be managed in the coming years.

GNOME 43 released

Post Syndicated from corbet original

Version 43 of the GNOME desktop environment has been released; see the release notes for details.

This latest GNOME release comes with improvements across the board,
ranging from a new quick settings menu, a redesigned Files app, and
hardware security integration. GNOME 43 continues the trend of
GNOME apps migrating from GTK 3 to GTK 4, and includes many other
smaller enhancements.

Security updates for Wednesday

Post Syndicated from corbet original

Security updates have been issued by Fedora (libconfuse, moodle, rizin, and thunderbird), Oracle (ELS kernel, gnupg2, ruby, and webkit2gtk3), Red Hat (booth, dbus-broker, gnupg2, kernel, kernel-rt, kpatch-patch, mysql, nodejs, nodejs-nodemon, ruby, and webkit2gtk3), Slackware (expat and mozilla), SUSE (kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container and vsftpd), and Ubuntu (bind9, ghostscript, linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-kvm, linux-lowlatency, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux, linux-aws, linux-aws-hwe, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, lnux-hwe, inux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux-hwe-5.15, linux-lowlatency-hwe-5.15, and mako).

Debian’s firmware vote

Post Syndicated from corbet original

The Debian project has begun voting on
changes to its approach to firmware needed to install a working
distribution. The original ballot option described in this article is still there, but this is
Debian so there are several others as well. Some of the additions include
changes to the Debian Social Contract that explicitly allow the shipping of
firmware needed to use Debian on hardware requiring that firmware.