The LWN.net Weekly Edition for August 6, 2020 is available.
Mozilla Security Blog entry describes the new redirect-tracking
protections soon to be provided by the Firefox browser. “ETP 2.0
clears cookies and site data from tracking sites every 24 hours, except for
those you regularly interact with. We’ll be rolling ETP 2.0 out to all
Firefox users over the course of the next few weeks.”
Version 7.0 of the LibreOffice office suite is out. It brings a long list
of new features, including: “support for OpenDocument Format (ODF) 1.3; Skia graphics engine and Vulkan
GPU-based acceleration for better performance; and carefully improved
compatibility with DOCX, XLSX and PPTX files“. The plan to create a
differentiated “enterprise edition” that was discussed in July has been deferred and is not
part of this release.
Linus Torvalds released
the 5.8 kernel on August 2, concluding another nine-week
development cycle. By the time the work was done, 16,306 non-merge
changesets had been pulled into the mainline repository for this release.
That happens to be a record, beating the previous record holder (4.9,
released in December 2016) by 92 changesets. It was, in other words,
a busy development cycle. It’s time for our traditional look into where
that work came from to see what might be learned.
Linus has released the 5.8 kernel.
“So I considered making an rc8 all the way to the last minute, but
decided it’s not just worth waiting another week when there aren’t any big
looming worries around.” Headline features in this release include:
branch target identification and shadow call
stacks for the arm64 architecture,
the BPF iterator mechanism,
inline encryption support in the block
the CAP_PERFMON and CAP_BPF capabilities,
a generalized kernel event-notification
the KCSAN data-race detector, and more.
As always, see the
KernelNewbies 5.8 page for more information.
On its face, the netgpu
patch set appears to add a useful feature: the ability to copy network
data directly between a network adapter and a GPU without moving it through
the host CPU. This patch set has quickly become an example of how not to get
work into the kernel, though; it has no chance of being merged in anything
like its current form and has created a backlash designed to keep modules
like it from ever working in mainline kernels. It all comes down to one
fundamental mistake: basing kernel work on a proprietary kernel module.
Systemd 246 has been released. There is an incredibly long list of new
features, many of which have to do with support for encrypted and signed
disk volumes. “Various command line parameters and configuration file settings that
configure key or certificate files now optionally take paths to
AF_UNIX sockets in the file system. If configured that way a stream
connection is made to the socket and the required data read from
it. This is a simple and natural extension to the existing regular
file logic, and permits other software to provide keys or
certificates via simple IPC services, for example when unencrypted
storage on disk is not desired.”
Several vulnerabilities have been disclosed in the GRUB2 bootloader; they
enable the circumvention of the UEFI secure boot mechanism and the
persistent installation of hostile software. Fixing the problem is not just
a matter of getting a new GRUB2 installation, unfortunately.
“It is important to note that updating the exploitable
binaries does not in fact mitigate the CVE, since an attacker could
bring an old, exploitable, signed copy of a grub binary onto a system
with whatever kernel they wished to load. In order to mitigate, the
UEFI Revocation List (dbx) must be updated on a system. Once the UEFI
Revocation List is updated on a system, it will no longer boot
binaries that pre-date these fixes. This includes old install media.”
Version 5.0 of the GNU nano text editor is out; it contains a number of
improvements to the editing experience. “With –indicator (or -q or 'set indicator') nano will show a kind
of scrollbar on the righthand side of the screen to indicate where
in the buffer the viewport is located and how much it covers.”
Time, as some have said, is nature’s way of keeping everything from
happening at once. In today’s highly concurrent computers, though, time
turns out not to be enough to keep events in order; that task falls to an
extensive set of locking primitives and, below those, the formalized view
of memory known as the Linux kernel memory model. It takes a special kind
of mind to really understand the memory model, though; kernel developers
lacking that particular superpower are likely to make mistakes when working
in areas where the memory model comes into play. Working at that level is
increasingly necessary for performance purposes, though; a recent
conversation points out ways in which the kernel could make that kind of
work easier for ordinary kernel developers.
As Alex McDonald notes in this
support request, Google has recently banned the old Usenet groups
comp.lang.forth and comp.lang.lisp from the Google Groups system.
“Of specific concern is the archive. These are some of the oldest
groups on Usenet, and the depth & breadth of the historical material that
has just disappeared from the internet, on two seminal programming
languages, is huge and highly damaging. These are the history and
collective memories of two communities that are being expunged, and it’s
not great, since there is no other comprehensive archive after Google’s
purchase of Dejanews around 20 years ago.”
Perhaps Google can be convinced to restore the content, but it also seems
that some of this material could benefit from a more stable archive.
The 5.8-rc7 kernel prepatch is out for
testing; Linus is unsure about whether things are slowing down enough or
not. “But it *might* mean that an rc8 is called for. It’s not like rc7 is
*big* big. We’ve had bigger rc7’s. Both 5.3 and 5.5 had bigger rc7’s,
but only 5.3 ended up with an rc8.
Put another way: it could still go either way. We’ll see how this
upcoming week goes.”
Version 3.7 of the Bison parser generator is out. The biggest new feature
would appear to be the generation of “counterexamples” for conflicts —
examples of strings that could be parsed in multiple ways. There is also
better support for reproducible builds, documentation links in warnings,
7.0.0 of the digiKam photo editing and management application is out.
This release adds support for a number of new raw formats, support for
Apple’s HEIF format, and a new mosaic plugin. The headline feature,
though, appears to be completely reworked face detection: “The new
code, based on recent Deep Neural Network features from the OpenCV library,
uses neuronal networks with pre-learned data models dedicated for the Face
Management. No learning stage is required to perform face detection and
recognition. We have saved coding time, run-time speed, and a improved the
success rate which reaches 97% of true positives. Another advantage is that
it is able to detect non-human faces, such as those of dogs.”
Christian Brauner has posted a
novella-length description of the seccomp notifier mechanism and the
problems it is meant to solve.
“So from the section above it should be clear that seccomp provides a
few desirable properties that make it a natural candidate to look at to help
solve our mknod(2) and mount(2) problem. Since seccomp intercepts syscalls
early in the syscall path it already gives us a hook into the syscall path
of a given task. What is missing though is a way to bring another task
such as the LXD container manager into the picture. Somehow we need to
modify seccomp in a way that makes it possible for a container manager to
not just be informed when a task inside the container performs a syscall it
wants to be informed about but also how can to make it possible to block
the task until the container manager instructs the kernel to allow it to
There are many people in the world who cannot make full use of their
computers without some sort of accessibility support. Developers, though,
have a tendency not to think about accessibility issues themselves; they
don’t (usually) need those features and cannot normally even see them. In
a talk at the 2020
GUADEC virtual conference, Emmanuele Bassi discussed the need for
accessibility features, their history in GNOME, and his effort to rethink
about how GNOME supports assistive technology.
The memory protection keys feature was
added to the 4.6 kernel in 2016; it allows user space to group pages into
“protection domains” that can have their access restricted independently of
the normal page protections. There is no equivalent feature for kernel
space; access to memory in the kernel’s portion of the address space is
controlled exclusively by the page protections. That situation maybe about
to change, though, as a result of the protection
keys supervisor (PKS) patch set posted by Ira Weiny (with many patches
written by Fenghua Yu).