Post Syndicated from corbet original https://lwn.net/Articles/1031201/
Inside this week’s LWN.net Weekly Edition:
Post Syndicated from corbet original https://lwn.net/Articles/1030842/
Priority inversion comes about when a low-priority task holds a resource
that is also needed by a high-priority task, preventing the latter from
running. This problem is made much worse if the low-priority task is
unable to gain access to the CPU and, as a result, cannot complete its work
and free the resources it holds. Proxy execution is a potential solution
to this problem, but it is a complex solution that has been under
development for several years; LWN first looked
at it in 2020. The 6.17 kernel is likely to contain an important step
forward for this long-running project.
Post Syndicated from corbet original https://lwn.net/Articles/1031813/
Version 2.42 of the GNU
C Library has been released. Changes include the addition of a number of
new math functions, support for arbitrary baud rates in the
termios.h interface, support for SFrame-based stack tracing
(described in this article), support for
memory guard pages, and a handful of
security fixes.
Post Syndicated from corbet original https://lwn.net/Articles/1031812/
Security updates have been issued by AlmaLinux (freerdp, git-lfs, golang-github-openprinting-ipp-usb, grafana, grafana-pcp, icu, ipa, iputils, krb5, libvpx, nodejs:22, osbuild-composer, perl, python-tornado, qt6-qtbase, sqlite, unbound, valkey, wireshark, and yggdrasil), Debian (libfastjson and php8.2), Fedora (glibc), Oracle (firefox, icu, perl, and unbound), Red Hat (389-ds-base, glib2, icu, libtpms, redis:6, redis:7, and yelp), SUSE (boost, forgejo-longterm, java-11-openj9, java-17-openj9, java-1_8_0-openj9, kernel, nginx, and salt), and Ubuntu (linux-xilinx-zynqmp, openjdk-8, openjdk-lts, poppler, and sqlite3).
Post Syndicated from corbet original https://lwn.net/Articles/1031161/
The 6.16 development cycle was another busy one, with 14,639 non-merge
changesets pulled into the mainline — just 18 commits short of the
total for 6.15. The 6.16 release happened
on July 27, as expected. Also as expected, LWN has put together its
traditional look at where the code for this release came from.
Post Syndicated from corbet original https://lwn.net/Articles/1031536/
The good folks at Linode still have not managed to fix whatever broke in
their data center, so we are running on an emergency backup server. Things
seem to be working, but the occasional glitch is to be expected. Please
accept our apologies for the extended downtime!
Post Syndicated from corbet original https://lwn.net/Articles/1031534/
Linus has released the 6.16 kernel:
It’s Sunday afternoon, and the release cycle has come to an end. Last
week was nice and calm, and there were no big show-stopper surprises
to keep us from the regular schedule, so I’ve tagged and pushed out
6.16 as planned.
Headline changes in this release include
enabling five-level page tables by default
on x86 systems,
a number of core-dump changes including
the ability to send core dumps to a socket,
the ability to create
pipes in io_uring,
atomic-write support in the XFS
filesystem,
the elimination of block-layer bounce
buffering,
a new DMA-mapping API,
an option to block file descriptors passed
in via Unix-domain sockets,
and more.
See the LWN merge-window summaries (part 1,
part 2) and the KernelNewbies 6.16 page for
more information.
Post Syndicated from corbet original https://lwn.net/Articles/1030004/
People tend to put a lot of trust into their phones. Those devices have
access to no end of sensitive data about our lives — our movements,
finances, communications, and more — so phones belonging to even relatively
low-profile people can be high-value targets. Android devices run free
software, at least at some levels, so it should be possible to ensure that
they are working in their owners’ interests. Off-the-shelf Android
installations tend to fall short of that goal. The GrapheneOS Android rebuild is an attempt
to improve on that situation.
Post Syndicated from corbet original https://lwn.net/Articles/1030295/
Inside this week’s LWN.net Weekly Edition:
Post Syndicated from corbet original https://lwn.net/Articles/1031106/
Michael Prokop has posted a
lengthy list of changes coming in the Debian “trixie” release, due in
early August. “As usual with major upgrades, there are some things to
“
be aware of, and hereby I’m starting my public notes on trixie that might
be worth for other folks. My focus is primarily on server systems and
looking at things from a sysadmin perspective.
Post Syndicated from corbet original https://lwn.net/Articles/1030971/
Version
141.0 of the Firefox browser it out. Changes include “a local AI
” that can perform tab grouping, unit conversions in the address
model
bar, and a change that many of us will find welcome: “On Linux, Firefox
“.
uses less memory and no longer requires a forced restart after an update
has been applied by a package manager
Post Syndicated from corbet original https://lwn.net/Articles/1030935/
Google has announced
the existence of OSS Rebuild, an infrastructure for the creation and
verification of reproducible builds of software projects.
Our aim with OSS Rebuild is to empower the security community to
deeply understand and control their supply chains by making package
consumption as transparent as using a source repository. Our
rebuild platform unlocks this transparency by utilizing a
declarative build process, build instrumentation, and network
monitoring capabilities which, within the SLSA Build framework,
produces fine-grained, durable, trustworthy security metadata. […]Our vision extends beyond any single ecosystem: We are committed to
bringing supply chain transparency and security to all open source
software development. Our initial support for the PyPI (Python),
npm (JS/TS), and Crates.io (Rust) package registries—providing
rebuild provenance for many of their most popular packages—is just
the beginning of our journey.
Post Syndicated from corbet original https://lwn.net/Articles/1029851/
The QUIC transport-layer network protocol is not exactly new; it was first
covered here in 2013. Despite carrying a
significant part of the traffic on the Internet, QUIC has been anything but
quick when it comes to getting support into the Linux kernel. The pace
might be picking up, though; Xin Long has posted the first set of
patches intended to provide mainline support for this protocol.
Post Syndicated from corbet original https://lwn.net/Articles/1030930/
Security updates have been issued by AlmaLinux (tomcat9), Debian (djvulibre, libcommons-fileupload-java, libowasp-esapi-java, and tomcat9), Fedora (cef, dpkg, mingw-gdk-pixbuf, and mingw-python3), Gentoo (Roundcube), Oracle (avahi, cloud-init, fence-agents, git, kernel, and valkey), Red Hat (wireshark), SUSE (afterburn, apache2, busybox, java-21-openjdk, kernel, kernel-livepatch-MICRO-6-0-RT_Update_10, lemon, libexslt0, libgcrypt, libxml2-2, php8, postgresql17, python, python-oslo.utils, python311, python312, python313, and sudo), and Ubuntu (drupal7, erlang, fdkaac, gobgp, jq, linux-aws, linux-aws-6.8, linux-gke, linux-gkeop, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oracle, linux-oracle-6.8, linux-kvm, linux-oracle, and ruby-nokogiri).
Post Syndicated from corbet original https://lwn.net/Articles/1030656/
Linus has released 6.16-rc7 for testing.
Nothing really stands out – the biggest patches in here are for
some documentation and self-tests or tooling, not actual kernel
code changes.
So unlike the week before, it all feels very trivial and I think
we’re in good shape. Knock wood,
Post Syndicated from corbet original https://lwn.net/Articles/1030603/
The Arch Linux project has sent out an
advisory warning that a set of malicious packages, containing a remote
access trojan, were uploaded to the Arch User Repository (AUR). The
affected packages were librewolf-fix-bin, firefox-patch-bin, and
zen-browser-patched-bin. “We strongly encourage users that may have
“
installed one of these packages to remove them from their system and to
take the necessary measures in order to ensure they were not
compromised.
Post Syndicated from corbet original https://lwn.net/Articles/1030563/
Intel has announced the
abrupt end of its Clear Linux cloud-oriented distribution:
After years of innovation and community collaboration, we’re ending
support for Clear Linux OS. Effective immediately, Intel will no
longer provide security patches, updates, or maintenance for Clear
Linux OS, and the Clear Linux OS GitHub repository will be archived
in read-only mode. So, if you’re currently using Clear Linux OS, we
strongly recommend planning your migration to another actively
maintained Linux distribution as soon as possible to ensure ongoing
security and stability.
Post Syndicated from corbet original https://lwn.net/Articles/1030343/
Version 12.0 of
the Forgejo software forge has been released. Changes include a number of
user-interface improvements, a mechanism to keep forks in sync with their
upstream, and more; see the release
notes for the full list.
Post Syndicated from corbet original https://lwn.net/Articles/1029093/
Decades after its creation, the Linux CPU scheduler remains an area
of active development; it is difficult to find a time slice to cover every
interesting scheduler change. In an attempt to catch up, the time has come
to round-robin through a few patches that have been circulating recently.
The work at hand focuses on a new attempt at time-slice extension, the
creation of a deadline server for sched_ext tasks, and keeping tasks on
isolated CPUs from being surprised by LRU batching.