Post Syndicated from corbet original https://lwn.net/Articles/988438/

Much of the early Rust code for the kernel has taken the form of
reimplementations of existing drivers as a proof of concept. One project,
though, is entirely new: the driver for Apple GPUs written by Asahi Lina.
This driver has shipped with Asahi
Linux for some time and, by many accounts, is stable, usable, and a
shining example of how Rust can be used in a complex kernel subsystem.
That driver remains outside of the mainline kernel, though, and merging
currently looks like a distant prospect. The reasons for that state of
affairs highlight some of the difficulties inherent in integrating a new
language (and its associated development style) into the Linux kernel.

Post Syndicated from corbet original https://lwn.net/Articles/988570/

Security updates have been issued by AlmaLinux (python3.12), Debian (calibre, exfatprogs, frr, git, libtommath, nbconvert, ruby-nokogiri, ruby-tzinfo, and webkit2gtk), Fedora (flatpak, lua-mpack, and python3.12), Red Hat (389-ds-base, 389-ds:1.4, buildah, fence-agents, gvisor-tap-vsock, httpd:2.4, kernel, kernel-rt, nodejs:18, orc, postgresql, postgresql:12, postgresql:13, postgresql:15, python-urllib3, python3.12, and skopeo), SUSE (389-ds, bubblewrap and flatpak, cacti, cacti-spine, curl, glib2, kernel-firmware, libqt5-qt3d, libqt5-qtquick3d, opera, python39, qemu, unbound, xen, and zziplib), and Ubuntu (ffmpeg, linux-raspi-5.4, and python-webob).

Post Syndicated from corbet original https://lwn.net/Articles/988184/

Linus has released 6.11-rc6 for testing.
“Things look pretty normal, although we have perhaps unusually many
filesystem fixes here, spread out over smb, xfs, bcachefs and netfs.“

Post Syndicated from corbet original https://lwn.net/Articles/987566/

Here is a piece of advice for anybody wanting an easy and frustration-free
life: do not run your own email system. While there numerous advantages to
keeping some control over your communications, there is also a long list of
things that can go wrong. A recent failure of spam filtering on the LWN
email system illustrated one of those ways, as well as shining a light on
how even a seemingly independent email system is tied to other services
across the net.

Post Syndicated from corbet original https://lwn.net/Articles/987850/

Back in 2021, the ElasticSearch search engine and Kibana visualization
platform were relicensed under the non-free
Server Side Public License (SSPL). Now, Elastic (the company owning those
projects) has announced
that those projects will also be distributable under the Affero GPL license.

We never stopped believing and behaving like an open source
community after we changed the license. But being able to use the
term Open Source, by using AGPL, an OSI approved license, removes
any questions, or fud, people might have.

Post Syndicated from corbet original https://lwn.net/Articles/987849/

Dave Airlie makes
an analogy between the stages of road building and those of adding Rust
to the Linux kernel.

For the wayfinders the process of interacting with maintainers is
frustrating and slow, and they don’t enjoy it as much as
wayfinding, and because they still only care about the hotel at the
end, when a maintainer gets into the details of their particular
intersection they don’t want to do anything but go stay in their
hotel.

The road will get built, it will get traffic on it. There will be
tunnels where we should have intersections, there will be bridges
that need to be built from both sides, but I do think it will get
built.

Post Syndicated from corbet original https://lwn.net/Articles/987847/

The venerable AnandTech site has announced
its closing after 27 years of technology-industry coverage.

Still, few things last forever, and the market for written tech
journalism is not what it once was – nor will it ever be again. So,
the time has come for AnandTech to wrap up its work, and let the
next generation of tech journalists take their place within the
zeitgeist.

The site will surely be missed.

Post Syndicated from corbet original https://lwn.net/Articles/987635/

Wedson Almeida Filho, one of the key developers driving the Rust for Linux project, has retired from the
project.

After almost 4 years, I find myself lacking the energy and
enthusiasm I once had to respond to some of the nontechnical
nonsense, so it’s best to leave it up to those who still have it
in them.

As an example of the sort of “nonsense” he referred to, he provided a link to the video from the
Rust for filesystems discussion at the 2024
Linux Storage, Filesystem, Memory-Management, and BPF Summit. His work was
fundamental to getting the project as far as it has come; he will be missed.

Post Syndicated from corbet original https://lwn.net/Articles/986853/

The LWN.net Weekly Edition for August 29, 2024 is available.

Post Syndicated from corbet original https://lwn.net/Articles/987465/

The Mono project was started in 2001 to develop a .NET environment for
Linux systems. Microsoft has owned that project since 2016, but has not
made a major release since 2019. The company has now announced that Mono is being
handed over to the WineHQ organization, which will maintain the repository going
forward. Microsoft, meanwhile, is steering users toward its “modern
fork” that it continues to maintain.

Post Syndicated from corbet original https://lwn.net/Articles/987393/

Security updates have been issued by AlmaLinux (nodejs:20), Debian (python3.11), Fedora (dotnet8.0), Red Hat (bind, krb5, libreoffice, linux-firmware, orc, orc:0.4.28, and orc:0.4.31), SUSE (mariadb and openssl-3), and Ubuntu (linux-aws-5.4).

Post Syndicated from corbet original https://lwn.net/Articles/987320/

The developers of the Pidgin chat program
have announced that
a malicious plugin had been listed on its third-party plugins list for over
one month. This plugin included a key logger and could capture
screenshots.

It went unnoticed at the time that the plugin was not providing any
source code and was only providing binaries for download. Going
forward, we will be requiring that all plugins that we link to have
an OSI Approved Open Source License and that some level of due
diligence has been done to verify that the plugin is safe for
users.

Post Syndicated from corbet original https://lwn.net/Articles/986892/

The genksyms tool has long been buried deeply within the kernel’s
build system; it is one of the two C-code parsers shipped with the kernel
(the other being the
horrifying kernel-doc script). It is a key part of how the
kernel’s module-loading infrastructure works. While genksyms has
quietly done its job for decades, that period may soon be coming to an end.
It would seem that genksyms is not up to the task of handling Rust
code, so Sami Tolvanen is proposing
a new tool to handle this task going forward.

Post Syndicated from corbet original https://lwn.net/Articles/987164/

The 6.11-rc5 kernel prepatch is out for
testing. “Other than the timing, there’s not a whole lot unusual
here. The diffstat looks fairly flat, which means ‘mostly pretty small
changes’.” Linus Torvalds added a
note that today marks the 33rd anniversary of the first Linux
announcement; “A third of a century. And it *still* isn’t ready“.

Post Syndicated from corbet original https://lwn.net/Articles/986906/

Version
24.8 of the LibreOffice office suite has been released. Changes
include the ability to filter identifying information from exported files,
easier creation of cross reference, better control over hyphenation, a
number of new spreadsheet functions, accessibility improvements, and more.

Post Syndicated from corbet original https://lwn.net/Articles/986844/

Matthew Garrett describes
the role of the Secure Boot Advanced Targeting mechanism and how it
played into the recent Windows upgrade problems.

So why is this suddenly relevant? SBAT was developed
collaboratively between the Linux community and Microsoft, and
Microsoft chose to push a Windows update that told systems not to
trust versions of grub with a security generation below a certain
level. This was because those versions of grub had genuine security
vulnerabilities that would allow an attacker to compromise the
Windows secure boot chain, and we’ve seen real world examples of
malware wanting to do that.

Post Syndicated from corbet original https://lwn.net/Articles/985783/

The LWN.net Weekly Edition for August 22, 2024 is available.

Post Syndicated from corbet original https://lwn.net/Articles/986174/

One tactic often used by attackers set on compromising a system is heap spraying; in
short, the attacker fills as much of the heap as possible with crafted data
in the hope of getting the target system to use that data in a bad way. If
heap spraying can be blocked, attackers will lose an important tool. The
kernel has some heap-spraying defenses now, including the dedicated bucket allocator merged for the
upcoming 6.11 release, but its author, Kees Cook, thinks that more can be
done.

Post Syndicated from corbet original https://lwn.net/Articles/986450/

Security updates have been issued by Debian (squid), Fedora (putty), Mageia (quictls), Oracle (bind, curl, python-setuptools, python3.11-setuptools, and python3.12-setuptools), Red Hat (kernel, kpatch-patch-4_18_0-305_120_1, kpatch-patch-4_18_0-372_87_1 and kpatch-patch-4_18_0-372_91_1, kpatch-patch-4_18_0-477_43_1, kpatch-patch-4_18_0-553, kpatch-patch-5_14_0-284_48_1 and kpatch-patch-5_14_0-284_52_1, kpatch-patch-5_14_0-427_13_1, and libreoffice), SUSE (cosign, dri3proto, presentproto, wayland-protocols, xwayland, freerdp, fwupdate, git, gnome-settings-daemon, hdf5, jasper, java-17-openjdk, java-1_8_0-ibm, java-1_8_0-openjdk, kernel, kernel-firmware, libaom, libqt5-qt3d, libqt5-qtquick3d, ntfs-3g_ntfsprogs, osc, python, python-aiohttp, python-azure-core, python-azure-storage-blob, python- azure-storage-queue, python-typing, python-typing_extensions, python-Jinja2, python-PyMySQL, python-requests, python-tqdm, python-WebOb, python3-sqlparse, python310, python311, qemu, sssd, thunderbird, tiff, unixODBC, uriparser, and wireshark), and Ubuntu (intel-microcode, linux-azure-5.4, and postgresql-12, postgresql-14, postgresql-16).

Post Syndicated from corbet original https://lwn.net/Articles/986167/

The Rust code being added to the kernel is documented using the usual rustdoc
conventions; that documentation is now available on kernel.org in
formatted form. There is also the linux-next version of
the documentation for Rust code that will land in the kernel soon.