All posts by daroc

[$] Canceling asynchronous Rust

Post Syndicated from daroc original https://lwn.net/Articles/1036924/

Asynchronous Rust code has what Rain Paharia calls a “universal cancellation
protocol
“, meaning that any asynchronous code can be interrupted in the same
way. They claim
that this is both a useful feature when used deliberately, and a source of
errors when done by accident. They presented
about this problem at

RustConf 2025
, offering a handful of techniques to avoid introducing bugs into
asynchronous Rust code.

[$] Comparing Rust to Carbon

Post Syndicated from daroc original https://lwn.net/Articles/1036912/

Safe, ergonomic interoperability between Rust and C/C++ was a popular topic at

RustConf 2025
in Seattle, Washington. Chandler Carruth gave a presentation
about the different approaches to interoperability in Rust and

Carbon
, the
experimental “(C++)++” language.
His ultimate conclusion was that
while Rust’s ability to interface with other languages is expanding over time,
it wouldn’t offer a complete solution to C++ interoperability anytime soon — and so there is room for
Carbon to take a different approach to incrementally upgrading existing C++ projects.
His

slides
are available for readers wishing to study his example code in more
detail.

[$] Fighting human trafficking with self-contained applications

Post Syndicated from daroc original https://lwn.net/Articles/1036916/

Brooke Deuson is the developer behind

Trafficking Free Tomorrow
, a nonprofit organization that
produces free software to help law enforcement combat human trafficking. She is
a survivor of human trafficking herself.
She spoke at RustConf 2025 about her
mission, and why she chose to write her anti-trafficking software in Rust.
Interestingly, it has nothing to do with Rust’s lifetime-analysis-based memory-safety —
instead, her choice was motivated by the difficulty she faces getting police
departments to actually use her software. The fact that Rust is statically
linked and capable of cross compilation by default makes deploying Rust software
in those environments easier.

Security updates for Friday

Post Syndicated from daroc original https://lwn.net/Articles/1037919/

Security updates have been issued by Debian (cups, imagemagick, libcpanel-json-xs-perl, and libjson-xs-perl), Fedora (checkpointctl, chromium, civetweb, glycin, kernel, libssh, ruff, rust-secret-service, snapshot, and uv), Mageia (curl), Red Hat (kernel), SUSE (cups, curl, perl-Cpanel-JSON-XS, regionServiceClientConfigAzure, regionServiceClientConfigEC2, regionServiceClientConfigGCE, trivy, and xen), and Ubuntu (cups, node-cipher-base, and qemu).

[$] How many ways are there to configure the Linux kernel?

Post Syndicated from daroc original https://lwn.net/Articles/1034811/

There are a large number of ways to configure the 6.16
Linux kernel. It has 32,468 different configuration options on x86_64,
and a comparable number for other platforms. Exploring the ways the kernel can
be configured is sufficiently difficult that it requires specialized tools.
These show the

number of possible configurations
that options can be combined in has
6,550 digits. How has that number changed over the history of the kernel, and
what does it mean for testing?

[$] Tracking trust with Rust in the kernel

Post Syndicated from daroc original https://lwn.net/Articles/1034603/

The Linux kernel has to handle many different sources of data that should not
be trusted: user space, network connections, and removable storage, to name a
few. The kernel has to remain secure even if one of these sends garbled (or
malicious) data. Benno Lossin has been working on an API for kernel Rust code
that makes it harder to accidentally make decisions based on data from user space. That work
is now on its

fourth revision
, and Lossin has asked kernel developers to experiment with
it and see where problems remain, making this a good time to look at the proposed API.

Announcing the Rust Innovation Lab

Post Syndicated from daroc original https://lwn.net/Articles/1035169/

During the opening of RustConf 2025 in Seattle, Washington,
the Rust Foundation announced

a new initiative
to provide financial and administrative support to open-source Rust projects. The first project to benefit from the new Rust Innovation Lab is

Rustls
, an implementation of TLS in Rust. The foundation welcomes inquiries from other projects. Dr. Rebecca Rumbul, Executive Director of the Rust Foundation said:

Rustls is hopefully the first of many really good […] projects that will find a home in the foundation.

Security updates for Friday

Post Syndicated from daroc original https://lwn.net/Articles/1035724/

Security updates have been issued by AlmaLinux (aide, fence-agents, firefox, kernel-rt, python-cryptography, and thunderbird), Debian (golang-github-gin-contrib-cors, libxml2, and udisks2), Fedora (chromium), Oracle (postgresql16, postgresql:16, python3.11, and thunderbird), Red Hat (lz4 and mpfr), SUSE (chromium, docker, dpkg, firefox, gdk-pixbuf, git, git, git-lfs, obs-scm-bridge, python-PyYAML, gnutls, kernel, libarchive, libxml2, net-tools, netty, perl-Crypt-CBC, polkit, postgresql14, postgresql15, sqlite3, thunderbird, tomcat10, and udisks2), and Ubuntu (linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gkeop,
linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-intel-iotg-5.15,
linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia,
linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-nvidia-tegra-igx,
linux-oracle, linux-raspi, linux-xilinx-zynqmp, linux, linux-aws, linux-aws-6.14, linux-gcp, linux-hwe-6.14, linux-raspi,
linux-realtime, linux-realtime-6.14, linux, linux-aws, linux-aws-6.8, linux-gcp, linux-lowlatency,
linux-lowlatency-hwe-6.8, linux-oracle, linux-oracle-6.8, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-azure, linux-fips, linux-fips, linux-aws-fips, linux-gcp-fips, linux-gke, linux-hwe-6.8, linux-nvidia, linux-nvidia-6.8,
linux-nvidia-lowlatency, linux-raspi, linux-gke, linux-kvm, linux-oem-6.14, linux-realtime, linux-intel-iot-realtime, linux-realtime, linux-raspi-realtime, openldap, and udisks2).

[$] Linux’s missing CRL infrastructure

Post Syndicated from daroc original https://lwn.net/Articles/1033809/

In July 2024,

Let’s Encrypt
, the nonprofit TLS certificate authority (CA),

announced

that it would be ending support for the

online certificate status protocol

(OCSP), which is used to determine when a server’s signing certificate has been
revoked. This prevents a compromised key from being used to impersonate a web
server.
The organization cited privacy concerns, and recommended that people
rely on

certificate revocation lists
(CRLs)
instead. On August 6, Let’s Encrypt
followed through and disabled its OCSP service. This poses a
problem for Linux systems that must now rely on CRLs because, unlike on other
operating systems, there is no standardized way for Linux programs to share a
CRL cache.

Security updates for Friday

Post Syndicated from daroc original https://lwn.net/Articles/1034755/

Security updates have been issued by AlmaLinux (tomcat), Debian (squid), Fedora (matrix-synapse, rust-slab, socat, and webkitgtk), SUSE (firefox-esr, gdk-pixbuf, gdk-pixbuf-devel, govulncheck-vulndb, rust-keylime, and wicked2nm), and Ubuntu (linux-nvidia, linux-oracle, linux-oracle-6.8, php7.0, php7.2, php7.4, python3.13, python3.12, python3.11, python3.10, python3.9, python3.8, python3.7, python3.6, python3.5, python3.4, and ruby-webrick).

Zig version 0.15.1

Post Syndicated from daroc original https://lwn.net/Articles/1034583/

The Zig project has
announced version 0.15.1 of the language. The release, much like the
last one, includes incremental progress toward the goal of completely dropping LLVM and improving compile time, as well as a handful of breaking changes as the language team wrestles with past API design. The biggest change this time around is to the standard library Reader and Writer interfaces, which have been completely rearranged in the name of performance and reducing unneeded copies.

All existing std.io readers and writers are deprecated in favor of the newly provided std.Io.Reader and std.Io.Writer which are non-generic and have the buffer above the vtable – in other words the buffer is in the interface, not the implementation. This means that although Reader and Writer are no longer generic, they are still transparent to optimization; all of the interface functions have a concrete hot path operating on the buffer, and only make vtable calls when the buffer is full.

These changes are extremely breaking. I am sorry for that, but I have carefully examined the situation and acquired confidence that this is the direction that Zig needs to go. I hope you will strap in your seatbelt and come along for the ride; it will be worth it.

[$] The Koka programming language

Post Syndicated from daroc original https://lwn.net/Articles/1033050/

Statically typed programming languages can help catch mismatches between the kinds of
values a program is intended to manipulate, and the values it actually manipulates.
While there have been many bytes spent on discussions of whether this is worth
the effort, some programming language designers believe that the type checking
in current languages
does not go far enough.

Koka
, an
experimental functional programming language, extends its type system
with an

effect system
that tracks the side-effects a program will have in the
course of producing a value.

Security updates for Friday

Post Syndicated from daroc original https://lwn.net/Articles/1033901/

Security updates have been issued by AlmaLinux (kernel and webkit2gtk3), Debian (aide and postgresql-13), Fedora (libtiff, mupdf, and pandoc), SUSE (cairo, chromium, gstreamer-plugins-base, ImageMagick, iputils, kubernetes1.23, kubernetes1.26, matrix-synapse, Mesa, pgadmin4, python3, qemu, and rz-pm), and Ubuntu (aide).

[$] Possible paths for signing BPF programs

Post Syndicated from daroc original https://lwn.net/Articles/1031854/

BPF programs are loaded directly into the kernel.
Even though the verifier protects the kernel from certain kinds of
misbehavior in BPF programs, some people are still justifiably concerned about
adding unsigned code to their kernel. A fully correct BPF program can still be
used to expose sensitive data, for example.
To remedy this, Blaise Boscaccy and KP Singh
have both shared patch sets that add ways to verify cryptographic
signatures of BPF programs, allowing users to configure their kernels to load
only pre-approved BPF programs. This work follows on from the

discussion
at the
Linux Storage, Filesystem, Memory-Management, and BPF Summit (LSFMM+BPF)
in April and Boscaccy’s

earlier proposal
of a Linux Security Module (LSM) to accomplish the same goal.
There are
still some fundamental disagreements over the best approach to signing BPF
programs, however.

Security updates for Friday

Post Syndicated from daroc original https://lwn.net/Articles/1033009/

Security updates have been issued by AlmaLinux (gdk-pixbuf2, glibc, kernel, kernel-rt, libxml2, and opentelemetry-collector), Fedora (firefox, mingw-opencv, moby-engine, varnish, webkitgtk, xen, and yarnpkg), Oracle (firefox, gdk-pixbuf2, glibc, kernel, libblockdev, libxml2, python-requests, python3.12-setuptools, and qt5-qt3d), Red Hat (libxml2, pcs, and sudo), and SUSE (agama, chromium, dpkg, ghostscript, iperf, kubo, libIex-3_3-32, libpoppler-cpp2, libsoup, libtiff-devel-32bit, nginx, python-urllib3, ruby2.5, tgt, traefik, and traefik2).

[$] The NNCPNET email network

Post Syndicated from daroc original https://lwn.net/Articles/1031208/

Running a modern mail server is a

complicated business
. In part, this
complication is caused by the series of incrementally developed practices
designed to combat the huge flood of spam that dominates modern email
communication. An unfortunate side effect is that it prevents people from
running their own mail servers, concentrating people on a few big providers.

NNCPNET
is a suite of software written by John Goerzen based on the

node-to-node copy
(NNCP)
protocol that aims to make running one’s own mail servers as easy as it once
was. While the default configurations communicates only with other
NNCPNET servers, there is a public relay that connects the system to the broader
internet mail ecosystem.