Post Syndicated from corbet original https://lwn.net/Articles/1039784/

The GNU Tools Cauldron is almost entirely focused on user-space tools, but
kernel developers need a solid toolchain too. In what appears to be a
developing tradition (started in 2024),
some kernel developers attended the 2025 Cauldron for the
second year in a row to discuss their needs with the assembled toolchain
developers. Topics covered in this year’s gathering include Rust, better
BPF type
format (BTF) support, SFrame, and more.

Post Syndicated from corbet original https://lwn.net/Articles/1039529/

Inside this week’s LWN.net Weekly Edition:

• Front: Fedora and AI; Linting kernel Rust; openSUSE Leap 16; mmap() file operation; 6.17 statistics; dirlock.
• Briefs: Bcachefs removal; Alpine /usr merge; F-Droid; Fedora AI policy; OpenSUSE Leap 16; PostgreSQL 18; Radicle 1.5.0; Quotes; …
• Announcements: Newsletters, conferences, security updates, patches, and more.

Post Syndicated from corbet original https://lwn.net/Articles/1040323/

The openSUSE
Leap 16 release is now available.

This major version update of our fixed-release community-Linux
distribution has a fresh software stack and introduces an unmatched
maintenance- and security-support cycle, a new installer and
simplified migration options.

See our look at this release for more
information.

Post Syndicated from corbet original https://lwn.net/Articles/1040152/

Security updates have been issued by Debian (python-internetarchive and tiff), Fedora (nextcloud), Oracle (kernel, openssh, and squid), Red Hat (kernel, kernel-rt, and ncurses), SUSE (afterburn and chromium), and Ubuntu (open-vm-tools, ruby-rack, and tiff).

Post Syndicated from corbet original https://lwn.net/Articles/1040120/

After marking bcachefs “externally maintained” in 6.17, Linus Torvalds has
removed
it entirely for 6.18. “It’s now a DKMS module, making the in-kernel
code stale, so remove it to avoid any version confusion.“

Post Syndicated from corbet original https://lwn.net/Articles/1038358/

The 6.17 development cycle ended on September 28 with the release
of the 6.17 kernel. This cycle brought in 13,089 non-merge changesets, a
slowdown from its predecessor but still within the normal bounds for recent
kernels. The time has come for a look at where those changes came from,
with a bit of a side trip into bug statistics.

Post Syndicated from corbet original https://lwn.net/Articles/1039904/

The F-Droid project has posted an
urgent message regarding Google’s plan to require developer
registration to install apps on Android devices.

The F-Droid project cannot require that developers register their
apps through Google, but at the same time, we cannot “take over”
the application identifiers for the open-source apps we distribute,
as that would effectively seize exclusive distribution rights to
those applications.

If it were to be put into effect, the developer registration decree
will end the F-Droid project and other free/open-source app
distribution sources as we know them today, and the world will be
deprived of the safety and security of the catalog of thousands of
apps that can be trusted and verified by any and all. F-Droid’s
myriad users will be left adrift, with no means to install — or
even update their existing installed — applications.

Post Syndicated from corbet original https://lwn.net/Articles/1038266/

Linus Torvalds has released the 6.17 kernel. He notes that the shortlog for the changes since -rc7 are pretty tame:

It’s not exciting, which is all good. I think the
biggest patch in there is some locking fixes for some bluetooth races
that could cause use-after-free situations. Whee – that’s about as
exciting as it gets.

Other than that, there’ the usual driver fixlets (GPU and networking
dominate as usual, but “dominate” is still pretty small), there’s some
minor random other driver updates, some filesystem noise, and core
kernel and mm.

And some selftest updates.

Significant features in this release include
better control over x86 Spectre
mitigations,
live patching support on 64-bit Arm platforms,
a number of pidfd
improvements,
the removal of special support for
uniprocessor systems,
initial support for proxy execution,
experimental large-folio support in the Btrfs filesystem,
the file_getattr()
and file_setattr() system calls, and
support for the DualPI2
congestion-control protocol.

See the LWN merge-window summaries
(part 1, part 2) for more information.
In addition, KernelNewbies has a look at the changes that went into 6.17.

Post Syndicated from corbet original https://lwn.net/Articles/1038715/

The file_operations
structure in the kernel is a set of function pointers implementing, as the
name would suggest, operations on files. A subsystem that manages objects
which can be represented by a file descriptor will provide a
file_operations structure providing implementations of the various
operations that a user of the file descriptor may want to carry out. The
mmap() method, in particular, is invoked when user space calls the
mmap()
system call to map the object behind a file descriptor into its address
space. That method, though, is currently on its way out in a multi-release
process that started in 6.17.

Post Syndicated from corbet original https://lwn.net/Articles/1039603/

The Fedora project has posted a
proposal for a policy regarding the use of AI tools when developing for
the distribution.

You are responsible for your contributions. AI-generated
content must be treated as a suggestion, not as final code or
text. It is your responsibility to review, test, and understand
everything you submit. Submitting unverified or low-quality
machine-generated content (sometimes called “AI slop”) creates an
unfair review burden on the community and is not an acceptable
contribution.

Post Syndicated from corbet original https://lwn.net/Articles/1038643/

Inside this week’s LWN.net Weekly Edition:

• Front: Debian stable bug; Canceling async Rust; CHERI Linux; Time-slice extension; Multikernel; Revocable references; Blender 4.5.
• Briefs: Bluefin LTS; RPM 6.0.0; Tails 7.0; Rust 1.90.0; Infrastructure costs; Quotes; …
• Announcements: Newsletters, conferences, security updates, patches, and more.

Post Syndicated from corbet original https://lwn.net/Articles/1038523/

Computers were once relatively static devices; if a peripheral was present
at boot, it was unlikely to disappear while the system was operating.
Those days are far behind us, though; devices can come and go at any time,
often with no notice. That impermanence can create challenges for kernel
code, which may not be expecting resources it is managing to make an abrupt
exit. The revocable
resource management patch set from Tzung-Bi Shih is meant to help with
the creation of more robust — and more secure — kernel subsystems in a
dynamic world.

Post Syndicated from corbet original https://lwn.net/Articles/1038976/

Linus has released 6.17-rc7 for testing.
“Let’s keep the testing going, and we’ll have the final 6.17 in a
week“.

Post Syndicated from corbet original https://lwn.net/Articles/1038847/

The Linux kernel generally wants to be in charge of the system as a whole;
it runs on all of the available CPUs and controls access to them globally.
Cong Wang has just come forward with a different
approach: allowing each CPU to run its own kernel. The patch set is in
an early form, but it gives a hint for what might be possible.

Post Syndicated from corbet original https://lwn.net/Articles/1038235/

Time-slice extension is a proposed scheduler feature that would allow a
user-space process to request to not be preempted for a short period while
it executes a critical section. It is an idea that has been circulating
for years, but efforts to implement it became
more serious in February of this year. The latest developer to make an
attempt at time-slice extension is Thomas Gleixner, who has posted a new patch set
with a reworked API. Chances are good that this implementation is close to
what will actually be adopted by the kernel.

Post Syndicated from corbet original https://lwn.net/Articles/1038649/

Version
1.90.0 of the Rust language has been released. Changes include
switching to the LLD linker by default,
the addition of support for workspace publishing to cargo, and the
usual set of stabilized APIs.

Post Syndicated from corbet original https://lwn.net/Articles/1037644/

Inside this week’s LWN.net Weekly Edition:

• Front: Fighting human trafficking; End of 10; Link tags; Healthy subsystem communities; New kernel tools; Rust and Carbon; Typst.
• Briefs: Brief news items from throughout the community.
• Announcements: Newsletters, conferences, security updates, patches, and more.

Post Syndicated from corbet original https://lwn.net/Articles/1038487/

Version 49 of the GNOME desktop
environment has been released. Changes include new default video
(Showtime) and PDF-viewing (Papers) applications, a number of calendar
improvements, and updates to the Web, Maps, and Software applications.

Post Syndicated from corbet original https://lwn.net/Articles/1038345/

Version
143.0 of the Firefox browser has been released. Changes include the
ability to pin tabs by dragging them to the edge, previews in the camera
permissions dialog, improved fingerprinting protection, and (optional)
automatic deletion of files downloaded in private browsing mode.

Post Syndicated from corbet original https://lwn.net/Articles/1038326/

The Socket.dev blog describes
this week’s attack on JavaScript packages in the npm repository.

A malicious update to @ctrl/tinycolor (2.2M weekly
downloads) was detected on npm as part of a broader supply chain
attack that impacted more than 40 packages spanning multiple
maintainers.

The compromised versions include a function
(NpmModule.updatePackage) that downloads a package
tarball, modifies package.json, injects a local script
(bundle.js), repacks the archive, and republishes it,
enabling automatic trojanization of downstream packages.