Linux Weekly News

The LWN.net Weekly Edition for December 9, 2021 is available.

Feature deprecations are often controversial, but many projects find it necessary, or desirable, to lose some of the baggage that has accreted over time. A mid-November request to get rid of three Python standard library modules provides a case in point. It was initially greeted as a good idea since the modules had been officially deprecated starting with Python 3.6; there are better ways to accomplish their tasks now. But, of course, removing a module breaks any project that uses it, at least without the project making some, perhaps even trivial, changes. The cost of that is not insignificant, and the value in doing so is not always clear, which led to higher-level conversation about deprecations.

Stable kernels 5.15.7, 5.10.84, 5.4.164, 4.19.220, 4.14.257, 4.9.292, and 4.4.294 have been released. They all contain important fixes and users of those series should upgrade.

Security updates have been issued by Debian (nss), Fedora (rubygem-rmagick), openSUSE (xen), Red Hat (firefox and nss), SUSE (kernel and xen), and Ubuntu (mailman and nss).

The Linux random-number generator (RNG) seems to attract an outsized amount of attention (and work) for what is, or seemingly should be, a fairly small component of the kernel. In part that is because random numbers, and their quality, are extremely important to a number of security protections, from unpredictable IP-packet sequence numbers to cryptographic keys. A recent post of version 43 of the Linux Random Number Generator (LRNG) by Stephan Müller is not likely to go any further than its predecessors, but the discussion around it may lead to support for a feature that some distributions need.

Firefox 95.0 is now available. With this version the RLBox sandboxing technology is enabled on all platforms, as is the Site Isolation security architecture, which protects against side-channel attacks.

Firefox ESR 91.4.0 is also available with various security fixes.

Security updates have been issued by CentOS (nss), Debian (roundcube and runc), openSUSE (aaa_base, brotli, clamav, glib-networking, gmp, go1.16, hiredis, kernel, mozilla-nss, nodejs12, nodejs14, openexr, openssh, php7, python-Babel, ruby2.5, speex, wireshark, and xen), Oracle (kernel and nss), Red Hat (kpatch-patch, nss, rpm, and thunderbird), SUSE (brotli, clamav, glib-networking, gmp, kernel, mariadb, mozilla-nss, nodejs12, nodejs14, openssh, php7, python-Babel, and wireshark), and Ubuntu (busybox, mariadb-10.3, mariadb-10.5, python-django, and samba).

For those who would like to catch up on what the Linux Foundation has been doing, the 2021 annual report is available as an 87-page PDF file.

In 2021, The Linux Foundation continued to see organizations embrace open collaboration and open source principles, accelerating new innovations, approaches, and best practices. As a community, we made significant progress in the areas of cloud-native computing, 5G networking, software supply chain security, 3D gaming, and a host of new industry and social initiatives.

Reference counts are a commonly used mechanism for tracking the life cycle of objects in a computing system. As long as every user of an object correctly maintains its references by incrementing and decrementing the reference count, that object will persist for as long as it is needed and will be properly destroyed once the last user is done. The "correctly" in that sentence is important, though; things do not work as well in the presence of reference-counting errors. Networking developer Eric Dumazet is working on a reference-count tracking system that could prove useful for finding these errors in the networking subsystem and, someday, throughout the kernel.

Security updates have been issued by Arch Linux (isync, lib32-nss, nss, opera, and vivaldi), Debian (gerbv and xen), Fedora (autotrace, chafa, converseen, digikam, dmtx-utils, dvdauthor, eom, kxstitch, libsndfile, nss, pfstools, php-pecl-imagick, psiconv, q, R-magick, rss-glx, rubygem-rmagick, seamonkey, skopeo, synfig, synfigstudio, vdr-scraper2vdr, vdr-skinelchihd, vdr-skinnopacity, vdr-tvguide, vim, vips, and WindowMaker), Mageia (golang, kernel, kernel-linus, mariadb, and vim), openSUSE (aaa_base, python-Pygments, singularity, and tor), Red Hat (nss), Slackware (mozilla), SUSE (aaa_base, kernel, openssh, php74, and xen), and Ubuntu (libmodbus, lrzip, samba, and uriparser).

The fourth 5.16 kernel prepatch is out for testing. "Nothing looks all that scary, although I certainly hope the kvm side will calm down".

The CentOS blog has announced the release of CentOS Stream 9: CentOS Stream is a continuous-delivery distribution providing each point-release of Red Hat Enterprise Linux (RHEL). Before a package is formally introduced to CentOS Stream, it undergoes a battery of tests and checks—both automated and manual—to ensure it meets the stringent standards for inclusion in RHEL. Updates posted to Stream are identical to those posted to the unreleased minor version of RHEL. The aim? For CentOS Stream to be as fundamentally stable as RHEL itself.

To achieve this stability, each major release of Stream starts from a stable release of Fedora Linux—In CentOS Stream 9, this begins with Fedora 34, which is the same code base from which RHEL 9 is built. As updated packages pass testing and meet standards for stability, they are pushed into CentOS Stream as well as the nightly build of RHEL.

It is natural, when looking at the kernel development process, to focus on patches that find their way to acceptance and become a part of future kernels. But there can be value in looking at work that doesn't clear the bar; in failing, these patches often reveal things about the kernel and the community that creates it. Such is the case with the proof-of-concept namespacefs patch series recently posted by Yordan Karadzhov. One should not expect to see namespacefs in a future kernel but, in failing, this work showed a real use case and why it is hard to satisfy that use case in the kernel.

Security updates have been issued by CentOS (krb5 and mailman), Debian (gmp and librecad), Fedora (php-symfony4 and wireshark), Mageia (bluez, busybox, docker-containerd, gfbgraph, hivex, nss, perl/perl-Encode, and udisks2/libblockdev), openSUSE (permissions), Oracle (mailman and mailman:2.1), Red Hat (mailman, mailman:2.1, and nss), Scientific Linux (mailman and nss), and SUSE (nodejs14).

Writing (correct) concurrent code that uses locking to avoid race conditions is difficult enough. When the objective is to use lockless algorithms, relying on memory barriers instead of locks to eliminate locking overhead, the problem becomes harder still. Bugs are easy to create and hard to find in this type of code. There may be some help on the way, though, in the form of this patch set from Marco Elver that enhances the Kernel Concurrency Sanitizer (KCSAN) with the ability to detect some types of missing memory barriers.

Version 1.57.0 of the Rust language is out. "Rust 1.57 brings panic! to const contexts, adds support for custom profiles to Cargo, and stabilizes fallible reservation APIs."

Over on the Project Zero blog, Tavis Ormandy has a lengthy postmortem on a vulnerability that he found in the Network Security Services (NSS) cryptography library. The vulnerability is a bog-standard buffer overflow that has existed in the library since 2012 despite various kinds of static analysis, testing, and fuzzing that Mozilla and others have applied to it over the years. He found it with a new fuzzing technique: To solve this problem, I’ve been experimenting with monitoring the call stack during execution.

The naive implementation is too slow to be practical, but after a lot of optimization I had come up with a library that was fast enough to be integrated into coverage-guided fuzzing, and was testing how it performed with NSS and other libraries.

[...] The fuzzer I was using is able to isolate and extract interesting new ASN.1 OIDs, SEQUENCEs, INTEGERs, and so on. Once extracted, it can then randomly combine or insert them into template data. This isn’t really a new idea, but is a new implementation. I'm planning to open source this code in the future.

Security updates have been issued by CentOS (kernel, openssh, and rpm), Debian (nss), Fedora (seamonkey), Mageia (glibc), openSUSE (go1.16, go1.17, kernel, mariadb, netcdf, openexr, poppler, python-Pygments, python-sqlparse, ruby2.5, speex, and webkit2gtk3), Oracle (nss), Red Hat (nss), SUSE (clamav, glibc, gmp, go1.16, go1.17, kernel, mariadb, netcdf, OpenEXR, openexr, openssh, poppler, python-Pygments, python-sqlparse, ruby2.1, ruby2.5, speex, webkit2gtk3, and xen), and Ubuntu (nss and thunderbird).

The LWN.net Weekly Edition for December 2, 2021 is available.

A seemingly straightforward question aimed at candidates for the in-progress Fedora elections led to a discussion on the Fedora devel mailing list that branched into a few different directions. The question was related to a struggle that the distribution has had before: whether using non-free Git forges is appropriate. One of the differences this time, though, is that the focus is on where source-git (or src-git) repositories will be hosted, which is a separate question from where the dist-git repository lives.