Linux Weekly News

Once upon a time, computers just had one type memory, so memory within a given system was interchangeable. The arrival of non-uniform memory access (NUMA) systems complicated the situation significantly; now some memory was faster to access than the rest, and memory-management algorithms had to adapt or performance would suffer. But NUMA was just the start; today's tiered-memory systems, which may include several tiers of memory with different performance characteristics, are adding new challenges. A couple of relevant patch sets currently under review help to illustrate the types of problems that will have to be solved.

Here's an update on recent KDE application development on KDE.news:

KStars is probably the most feature-rich free astronomy software around and the 3.5.9 release adds some exciting new features. HiPS (Hierarchical Progressive Surveys) is a technology that provides progressive high resolution images of the sky at different zoom levels. KStars fully supports online HiPS where data is downloaded from online servers and cached to be displayed on the Sky Map.

Miguel Ojeda has posted an update on the Rust-for-Linux project.

This second year since the RFC we are looking forward to several milestones which hopefully we will achieve:

• More users or use cases inside the kernel, including example drivers – this is pretty important to get merged into the kernel.
• Splitting the kernel crate and managing dependencies to allow better development.
• Extending the current integration of the kernel documentation, testing and other tools.
• Getting more subsystem maintainers, companies and researchers involved.
• Seeing most of the remaining Rust features stabilized.
• Possibly being able to start compiling the Rust code in the kernel with GCC.
• And, of course, getting merged into the mainline kernel, which should make everything else easier!

Security updates have been issued by Debian (openssl), Fedora (dotnet6.0, mediawiki, and python2.7), Mageia (389-ds-base, chromium-browser-stable, exo, and libtiff), Oracle (httpd:2.4 and microcode_ctl), SUSE (dbus-broker, drbd, kernel, liblouis, mariadb, openssl, openssl-1_1, openSUSE kernel modules, oracleasm, php7, php72, python39, salt, and wdiff), and Ubuntu (linux, linux-hwe, mozjs91, and vim).

The 5.19-rc4 kernel prepatch is out for testing.

So we've had a couple of fairly small rc releases, and here we finally start to see an uptick in commits in rc4. Not what I really want to see in the middle of the release cycle, but not entirely surprising considering how quiet it's been so far.

The 5.18.7, 5.15.50, 5.10.125, 5.4.201, 4.19.249, 4.14.285, and 4.9.320 stable updates have all been released. The 5.x updates are relatively small, but the 4.x updates contain a fair number of backported random-number-generator improvements along with the usual fixes.

Update: Due to an io_uring problem reported by Greg Thelen in 5.10.125, which was quickly fixed by Jens Axboe, 5.10.126 was released less than 24 hours later.

The network filesystem (NFS) protocol has been with us for nearly 40 years. While defined initially as a stateless protocol, NFS implementations have always had to manage state, and that need has been increasingly built into the protocol over successive revisions. The early days of NFS were discussed, with a focus on state management, in the first part of this series. This article completes the job with a look at the evolution of NFS since, approximately, the beginning of this millennium.

Security updates have been issued by Fedora (ntfs-3g and ntfs-3g-system-compression), SUSE (389-ds, chafa, containerd, mariadb, php74, python3, salt, and xen), and Ubuntu (apache2).

Drew DeVault takes issue with GitHub's "Copilot" offering and the licensing issues that it raises:

GitHub’s Copilot is trained on software governed by these terms, and it fails to uphold them, and enables customers to accidentally fail to uphold these terms themselves. Some argue about the risks of a “copyleft surprise”, wherein someone incorporates a GPL licensed work into their product and is surprised to find that they are obligated to release their product under the terms of the GPL as well. Copilot institutionalizes this risk and any user who wishes to use it to develop non-free software would be well-advised not to do so, else they may find themselves legally liable to uphold these terms, perhaps ultimately being required to release their works under the terms of a license which is undesirable for their goals.

Chances are that many people will disagree with DeVault's reasoning, but this is an issue that merits some discussion still.

The news has been proclaimed loudly and often: the SHA-1 hash algorithm is terminally broken and should not be used in any situation where security matters. Among other things, this news gave some impetus to the longstanding effort to support a more robust hash algorithm in the Git source-code management system. As time has passed, though, that work seems to have slowed to a stop, leaving some users wondering when, if ever, Git will support a hash algorithm other than SHA-1.

Security updates have been issued by Debian (chromium, firejail, and request-tracker4), Fedora (ghex, golang-github-emicklei-restful, and openssl1.1), Oracle (postgresql), Scientific Linux (postgresql), Slackware (openssl), SUSE (salt and tor), and Ubuntu (apache2 and squid, squid3).

The LWN.net Weekly Edition for June 23, 2022 is available.

Mark Wielaard writes about improvements at Sourceware, the site that holds the repository for many projects in the GNU toolchain and beyond.

Although email based git workflows are great for real patch discussions, they do not always make tracking the state of patches easy. Just like our other services, such as bugzilla, mailinglists and git repos, we like to provide zero maintenance infrastructure for tracking and automation of patches and testing. So we are trying to consolidate around a shared buildbot for (test) automation and patchwork for tracking the state of contributions.

In a keynote at PyCon 2022 in Salt Lake City, Utah, Peter Wang introduced another entrant in the field of in-browser Python interpreters. The Python community has long sought a way to be able to write Python—instead of JavaScript—to run in web browsers, and there have been various efforts to do so over the years. Wang announced PyScript as a new framework, built atop one of those earlier projects, to allow Python scripting directly within the browser; those programs have access to much of the existing Python ecosystem as well as being able to interact with the browser document object model (DOM) directly. In addition, he gave some rather eye-opening demonstrations as part of the talk.

The 5.18.6, 5.15.49, 5.10.124, and 5.4.200 stable kernel updates have been released; each contains another set of important fixes.

Security updates have been issued by Debian (exo and ntfs-3g), Fedora (collectd, golang-github-cli-gh, grub2, qemu, and xen), Red Hat (httpd:2.4, kernel, and postgresql), SUSE (drbd, fwupdate, neomutt, and trivy), and Ubuntu (apache2, openssl, openssl1.0, and qemu).

In the final filesystem session at the 2022 Linux Storage, Filesystem, Memory-management and BPF Summit (LSFMM), David Howells led a discussion on a filesystem optimization that is causing various kinds of problems. Extent-based filesystems have data structures that sometimes do not reflect the holes that exist in files. Reads from holes in sparse files (i.e. files with holes) must return zeroes, but filesystems are not obligated to maintain knowledge of the holes beyond that, which leads to the problems.

This concludes our coverage of LSFMM 2022.

Security updates have been issued by Debian (tzdata), Oracle (cups), and SUSE (atheme, golang-github-prometheus-alertmanager, golang-github-prometheus-node_exporter, node_exporter, python36, release-notes-susemanager, release-notes-susemanager-proxy, SUSE Manager 4.1.15 Release Notes, SUSE Manager Client Tools, and SUSE Manager Server 4.2).

This Meta blog post by Johannes Weiner and Dan Schatzberg describes a set of memory-management changes used there that they call "transparent memory offloading".

Transparent Memory Offloading (TMO) is Meta’s solution for heterogeneous data center environments. It introduces a new Linux kernel mechanism that measures the lost work due to resource shortage across CPU, memory, and I/O in real time. Guided by this information and without any prior application knowledge, TMO automatically adjusts the amount of memory to offload to a heterogeneous device, such as compressed memory or an SSD.

The article doesn't say where to find the relevant code, not all of which is in the mainline kernel (and some of which runs in user space).

I recently had cause to reflect on the changes to the NFS (Network File System) protocol over the years and found that it was a story worth telling. It would be easy for such a story to become swamped by the details, as there are many of those, but one idea does stand out from the rest. The earliest version of NFS has been described as a "stateless" protocol, a term I still hear used occasionally. Much of the story of NFS follows the growth in the acknowledgment of, and support for, state. This article looks at the evolution of NFS (and its handling of state) during the early part of its life; a second installment will bring the story up to the present.