Linux Weekly News

Alyssa Rosenzweig announces a milestone for support of Mali GPUs with free software:

The open source Panfrost driver for Mali GPUs now supports the new Valhall architecture with fully-conformant OpenGL ES 3.1 on Mali-G57, a Valhall GPU. The final Mesa patches are landing today, and the required kernel patches are queued for merge upstream.

The 5.19 merge window was closed with the 5.19-rc1 release on June 5 after the addition of 13,124 non-merge changesets to the mainline kernel. That makes this merge window another busy one, essentially matching the 13,204 changesets seen for 5.18. The approximately 8,500 changesets merged since our first 5.19 merge-window summary contain quite a bit of new functionality; read on for a summary of the most interesting changes that were pulled during the second half of this merge window.

Version 5.1 of the Tor-oriented Tails distribution has been released. It includes some improvements to the Tor connection assistant and to handling of captive-portals, but the most significant change is arguably the delayed fix to a severe security vulnerability that had sparked suggestions that some users, at least, should stop using Tails temporarily.

Greg Kroah-Hartman has announced the release of the 5.18.2, 5.17.13, 5.15.45, 5.10.120, 5.4.197, 4.19.246, 4.14.282, and 4.9.317 stable kernels. Each contains a set of important fixes, as usual; users of those series should upgrade.

In something of a grab-bag session, Josef Bacik led a discussion about various challenges that Linux kernel maintainers face, some of which lead to burnout. The session was originally going to be led by Darrick Wong, but he was unable to come to LSFMM, so Bacik gathered some of Wong's concerns and combined them with his own in a joint storage and filesystem session at the 2022 Linux Storage, Filesystem, Memory-management and BPF Summit (LSFMM). As part of the discussion, Bacik presented his view on what the role of a kernel maintainer should be, which seemed to resonate with those present.

Security updates have been issued by Debian (clamav, firefox-esr, pidgin, and thunderbird), Fedora (dotnet3.1, firefox, kernel, vim, and webkit2gtk3), Mageia (firefox/nss/nspr, gimp, logrotate, mariadb, thunderbird, trojita, webkit2, and webmin), Oracle (thunderbird), Red Hat (compat-openssl11, postgresql:10, postgresql:12, and thunderbird), Slackware (pidgin), and SUSE (openvpn).

Linus has released 5.19-rc1 and closed the merge window for this cycle. "Judging by the merge window, this release is going to be on the bigger side, but certainly not breaking any records, and nothing looks particularly odd or crazy."

Version 22.05 of the NixOS distribution is out. "NixOS is already known as the most up to date distribution and is the distribution with the most packages. This release saw 9345 new packages and 10666 updated packages". Significant changes include an update to version 2.8.0 of the Nix package manager with experimental support for flakes, GNOME 42, and many new services; see the release notes for details.

Opinions differ on the best way to disclose security vulnerabilities, but there is a general consensus in our community that vulnerabilities should, indeed, be made public at some point. What happens between the discovery of a vulnerability and its disclosure can be more controversial. A recent discussion on the handling of kernel vulnerabilities has led to change in the policies of the linux-distros mailing list — all based on the question of what constitutes "disclosure".

Security updates have been issued by Debian (cifs-utils, debian-security-support, and pypdf2), Fedora (fapolicyd, mariadb, openssl, and qt5-qtbase), Oracle (firefox, maven:3.5, maven:3.6, postgresql:10, postgresql:12, and postgresql:13), Red Hat (.NET 6.0, firefox, gzip, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, pcs, rsync, subversion, thunderbird, and zlib), Scientific Linux (thunderbird), Slackware (mozilla), SUSE (firefox, hdf5, suse-hpc, kernel-firmware, libarchive, patch, php8, and redis), and Ubuntu (cifs-utils and vim).

Mozilla has announced the release of a translation plugin for Firefox as part of the Project Bergamot initiative.

The ultimate goal of this consortium was to build a set of neural machine translation tools that would enable Mozilla to develop a website translation add-on that operates locally, i.e. the engines, language models and in-page translation algorithms would need to reside and be executed entirely in the user’s computer, so none of the data would be sent to the cloud, making it entirely private.

The kernel tries hard to keep memory available for its present and future needs. Should that effort fail, though, the tool of last resort is the dreaded out-of-memory (OOM) killer, which is tasked with killing processes on the system to free their memory and alleviate the problem. The results of invoking the OOM killer are never going to be good, but they can be distinctly worse if the wrong processes are chosen for an untimely end. As one might expect, the effort to properly choose the right processes is an ongoing effort. Most recently, Christian König has proposed a new mechanism to address a blind spot in the OOM killer's deliberations.

Francesco Mazzoli delves deeply into the kernel's implementation of pipes (and more) in an attempt to maximize the throughput of data.

The post was inspired by reading a highly optimized FizzBuzz program, which pushes output to a pipe at a rate of ~35GiB/s on my laptop. Our first goal will be to match that speed, explaining every step as we go along. We’ll also add an additional performance-improving measure, which is not needed in FizzBuzz since the bottleneck is actually computing the output, not IO, at least on my machine.

Security updates have been issued by Debian (firefox-esr), Fedora (thunderbird and vim), Red Hat (firefox, postgresql:10, postgresql:12, and postgresql:13), Scientific Linux (firefox and rsyslog), SUSE (hdf5, hdf5, suse-hpc, postgresql14, rubygem-yajl-ruby, and udisks2), and Ubuntu (imagemagick and influxdb).

The LWN.net Weekly Edition for June 2, 2022 is available.

Adding support for an in-kernel TLS handshake was the topic of a combined storage and filesystem session at the 2022 Linux Storage, Filesystem, Memory-management and BPF Summit (LSFMM). Chuck Lever and Hannes Reinecke led the discussion on ways to add that support; they are interested in order to provide TLS for network storage and filesystems. But there are likely other features, such as QUIC support, that could use an in-kernel TLS implementation.

The challenges of testing filesystems and the block layer were the topic of a combined storage and filesystem session led by Luis Chamberlain at the 2022 Linux Storage, Filesystem, Memory-management and BPF Summit (LSFMM). His goal is to reduce the amount of time it takes to test new features in those areas, but one of the problems that he has encountered is a lack of determinism in the test results. It is sometimes hard to distinguish problems in the kernel code from problems in the tests themselves.

If you are running Fedora 34, the time has come to move on; that distribution will reach the end of its support life on June 7. Users of Ubuntu 21.10 have a little longer, but that release loses support on July 14 and users should update to 22.04.

Security updates have been issued by Debian (libjpeg-turbo, webkit2gtk, and wpewebkit), Fedora (golang-github-opencontainers-runc, mingw-pcre2, python-jwt, python-ujson, and weechat), Oracle (nodejs:16 and rsyslog), Red Hat (container-tools:3.0, expat, fapolicyd, kernel, kernel-rt, kpatch-patch, mariadb:10.3, postgresql:12, rsyslog and rsyslog7, and zlib), Slackware (mozilla), SUSE (bind, dpdk, fribidi, hdf5, librelp, php74, postgresql12, and postgresql13), and Ubuntu (cups, linux-gcp-5.13, linux-oracle, linux-oracle-5.13, linux-gcp-5.4, linux-gkeop, linux-gkeop-5.4, linux-ibm-5.4, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, and webkit2gtk).

In a filesystem session at the 2022 Linux Storage, Filesystem, Memory-management and BPF Summit (LSFMM), Amir Goldstein led a discussion about the stable kernel trees. Those trees, and especially the long-term support (LTS) versions, are used as a basis for a variety of Linux-based products, but the kind of testing that is being done on them for filesystems is lacking. Part of the problem is that the tests target filesystem developers so they are not easily used by downstream consumers of the stable kernel trees.