Post Syndicated from corbet original https://lwn.net/Articles/972473/

The 6.9-rc7 kernel prepatch is out for
testing. “The stats for 6.9 continue to look very normal, and nothing
looks particularly alarming.“

Post Syndicated from corbet original https://lwn.net/Articles/972081/

Kernel developers are encouraged to send their changes in small batches as
a way of making life easier for reviewers. So when a longtime developer
and maintainer hits the list with a 437-patch series touching 859 files,
eyebrows are certain to head skyward. Specifically, this series
from Jens Axboe is cleaning up one of the core abstractions that has
been part of the Linux kernel almost since the beginning; authors of device
drivers (among others) will have to take note.

Post Syndicated from corbet original https://lwn.net/Articles/971825/

In Unix-like systems, an open file descriptor carries the right to access
the opened object in specific ways. As a general rule, that file
descriptor does not enable access to any other objects. The
recently merged BPF token feature runs
counter to this practice by creating file descriptors that carry specific
BPF-related access rights. A similar but different approach to
capability-carrying file descriptors, in the form of directory file
descriptors that include their own credentials, is currently under
consideration in the kernel community.

Post Syndicated from corbet original https://lwn.net/Articles/972191/

Version
1.78.0 of the Rust language has been released. Changes include a new
mechanism for diagnostic attributes, changes to how assertions around
unsafe blocks are handled, and more.

Rust now supports a #[diagnostic] attribute namespace to
influence compiler error messages. These are treated as hints which
the compiler is not required to use, and it is also not an error to
provide a diagnostic that the compiler doesn’t recognize. This
flexibility allows source code to provide diagnostics even when
they’re not supported by all compilers, whether those are different
versions or entirely different implementations.

Post Syndicated from corbet original https://lwn.net/Articles/971785/

Version
5.0 of the Yocto Project
distribution builder has been released. The list of new features is long;
see the
release notes for the details.

Post Syndicated from corbet original https://lwn.net/Articles/971745/

This
Mastodon stream from Lennart Poettering describes a sudo
replacement — called run0 — that will be part of the upcoming
systemd 256 release. It takes a rather different approach to the execution
of privileged commands, avoiding the use of setuid (which he calls “SUID”)
permissions entirely.

So, in my ideal world, we’d have an OS entirely without SUID. Let’s
throw out the concept of SUID on the dump of UNIX’ bad ideas. An
execution context for privileged code that is half under the
control of unprivileged code and that needs careful manual clean-up
is just not how security engineering should be done in 2024
anymore.

Post Syndicated from corbet original https://lwn.net/Articles/971742/

Version 2.45.0 of the Git
source-code management system has been released. Changes include a new
list command for git reflog, a couple of new
configuration variables for git diff, the ability to drop
redundant commits while cherry-picking, a number of performance
improvements, and more.

Post Syndicated from corbet original https://lwn.net/Articles/971740/

Security updates have been issued by Debian (org-mode), Oracle (shim and tigervnc), Red Hat (ansible-core, avahi, buildah, container-tools:4.0, containernetworking-plugins, edk2, exfatprogs, fence-agents, file, freeglut, freerdp, frr, grub2, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, harfbuzz, httpd, ipa, kernel, libjpeg-turbo, libnbd, LibRaw, libsndfile, libssh, libtiff, libvirt, libX11, libXpm, mingw components, mingw-glib2, mingw-pixman, mod_http2, mod_jk and mod_proxy_cluster, motif, mutt, openssl and openssl-fips-provider, osbuild and osbuild-composer, pam, pcp, pcs, perl, pmix, podman, python-jinja2, python3.11, python3.11-cryptography, python3.11-urllib3, qemu-kvm, qt5-qtbase, runc, skopeo, squashfs-tools, systemd, tcpdump, tigervnc, toolbox, traceroute, webkit2gtk3, wpa_supplicant, xorg-x11-server, xorg-x11-server-Xwayland, and zziplib), SUSE (docker, ffmpeg, ffmpeg-4, frr, and kernel), and Ubuntu (anope, freerdp3, and php7.0, php7.2, php7.4, php8.1).

Post Syndicated from corbet original https://lwn.net/Articles/971436/

Robert McQueen has posted a message
from the GNOME Foundation board describing the current financial
situation, plans to improve it, and an increase in the size of the board.

The Foundation has a reserves policy which specifies a minimum
amount of money we have to keep in our accounts. This is so that if
there is a significant interruption to our usual income, we can
preserve our core operations while we work on new funding
sources. We’ve now “hit the buffers” of this reserves policy,
meaning the Board can’t approve any more deficit budgets – to keep
spending at the same level we must increase our income.

Post Syndicated from corbet original https://lwn.net/Articles/971414/

The 6.9-rc6 kernel prepatch is out for
testing.

Things continue to look pretty normal, and nothing here really
stands out. The biggest single change that stands out in the
diffstat is literally a documentation update, everything else looks
pretty small and spread out.

Post Syndicated from corbet original https://lwn.net/Articles/971361/

The
6.8.8,
6.6.29,
6.1.88, and
5.15.157
stable kernels have been released; each contains another set of important
fixes.

Post Syndicated from corbet original https://lwn.net/Articles/970565/

Video playback is undeniably one of the most important features in modern
consumer devices. Yet, surprisingly, users are by and large unaware of the
intricate engineering involved in the compression and decompression of
video data, with codecs being left to find a delicate balance between image
quality, bandwidth, and power consumption. In response to constant
performance pressure, video codecs have become complex and hardware
implementations are now common, but programming these devices is becoming
increasingly difficult and fraught with opportunities for exploitation. I
hope to convey how Rust can help fix this problem.

Post Syndicated from corbet original https://lwn.net/Articles/970907/

At the CPU level, a memory model describes, among other things, the amount
of freedom the processor has to reorder memory operations. If low-level
code does not take the memory model into account, unpleasant surprises are
likely to follow. Naturally, different CPUs offer different memory models,
complicating the portability of certain types of concurrent software. To
make life easier, some Arm CPUs offer the ability to emulate the x86 memory
model, but efforts to make that feature available in the kernel are running
into opposition.

Post Syndicated from corbet original https://lwn.net/Articles/971175/

Version 24.04 LTS of the Ubuntu distribution is out.

This release continues Ubuntu’s proud tradition of integrating the
latest and greatest open source technologies into a high-quality,
easy-to-use Linux distribution. The team has been hard at work
through this cycle, together with the community and our partners,
to introduce new features and fix bugs.

The list of changes and enhancements is long; click below for some details.
More information can be found in the
release notes; see also this
page for a summary of security-related changes.

Post Syndicated from corbet original https://lwn.net/Articles/970555/

Linux, famously, appears in a wide range of systems. While servers and
large data centers get a lot of the attention, and this year will always be
the year of the Linux desktop, there is also a great deal of Linux to be
found in realtime and embedded applications. Two talks held in the
realtime and embedded tracks of the 2024 Open
Source Summit North America provided listeners with an update on how
Linux is doing in those areas. Work on realtime Linux appears to be nearing
completion, while the embedded community is still pushing forward at full
speed.

Post Syndicated from corbet original https://lwn.net/Articles/970328/

The LWN.net Weekly Edition for April 25, 2024 is available.

Post Syndicated from corbet original https://lwn.net/Articles/971007/

Version 9.0 of
the QEMU emulator has been released. “This release contains 2700+
commits from 220 authors.” The list of improvements is long; see the
announcement and the
changelog for details.

Post Syndicated from corbet original https://lwn.net/Articles/970893/

The Fedora 40 distribution has been
released. See the “what’s new” pages for Fedora
Workstation and Fedora
KDE to learn more about the desktop spins, along with this LWN article, for more information.

Post Syndicated from corbet original https://lwn.net/Articles/970216/

The Rust programming language, it is hoped, will bring a new level of
safety to the Linux kernel. At the moment, though, there are still a
number of impediments to getting useful Rust code into the kernel. In the
Embedded Open Source Summit track of the Open
Source Summit North America, Fabien Parent provided an overview of his
work aimed at improving the infrastructure needed to write the device
drivers needed by embedded systems in Rust; there is still some work to be
done.

Post Syndicated from corbet original https://lwn.net/Articles/970889/

Security updates have been issued by Debian (glibc and samba), Fedora (chromium, cjson, mingw-python-idna, and pgadmin4), Mageia (kernel, kmod-xtables-addons, kmod-virtualbox, kernel-linus, and perl-Clipboard), Red Hat (go-toolset:rhel8, golang, java-11-openjdk, kpatch-patch, and shim), Slackware (freerdp), SUSE (apache-commons-configuration, glibc, jasper, polkit, and qemu), and Ubuntu (google-guest-agent, google-osconfig-agent, linux-lowlatency-hwe-6.5, pillow, and squid).