Linux Weekly News

The PHP language is widely used in solving some of the most interesting technical problems on the web. But for a language with widespread use, it is unique — or at least an outlier — in the way it's governed compared to other open-source projects. Unlike others, PHP governance has grown into something fairly democratic for a project its size, allowing almost anyone to bring an idea to the table. If it's popular enough, that idea can find its way into a future release. That is, of course, as long as there is a developer to put in the work to make it happen.

The FreeNAS distribution implements network-attached storage on top of the ZFS filesystem; it was reviewed here back in 2015. FreeNAS has always been based on FreeBSD, but now iXsystems, the company behind this system, has announced a new version, called TrueNAS SCALE, that will be based on Debian. "Linux is a key requirement to achieve some of the SCALE project goals". More information about those goals will evidently be forthcoming in the future.

In the kernel graphics world, there has been a longstanding "line in the sand" that disallows merging kernel drivers without a corresponding free-software user-space driver. The idea is that not having a way to test the full functionality means that the kernel developers cannot verify the proper functioning and security of the driver; changes to the kernel driver may lead to unforeseen (and untestable) problems on the user-space side. More recently, though, we have seen other types of devices with complex drivers, but no useful free user-space piece, that have been proposed for inclusion into the kernel; at least one was merged, but the tide has perhaps turned against those types of drivers at this point—or some of them, anyway.

Stable kernels 5.6.16, 5.4.44, 4.19.126, 4.14.183, 4.9.226, and 4.4.226 have been released. They all contain important fixes and users should upgrade.

Security updates have been issued by Fedora (java-11-openjdk, perl-Email-MIME, perl-Email-MIME-ContentType, and slurm), openSUSE (imapfilter, mailman, and python-rpyc), Red Hat (bind and firefox), SUSE (evolution-data-server, python, qemu, and w3m), and Ubuntu (python-django).

Devuan Beowulf 3.0.0 has been released. This version is based on Debian 10.4 Buster, with eudev and elogind to replace aspects of systemd. Optional alternatives runit and openrc are also available.

The 5.7 kernel was released on May 31. By all appearances this was a normal development cycle, unaffected by the troubles in the wider world. Still, there are things to be learned by looking at where the code came from this time around. Read on for LWN's traditional look at who contributed to 5.7, who supported that work, and the paths by which it got into the mainline.

Firefox 77.0 has been released. Among the new things in this release, LWN readers may be most interested in the new about:certificate page where you can view and manage web certificates. See the release notes for details.

Security updates have been issued by Arch Linux (ant, bind, freerdp, and unbound), CentOS (bind, freerdp, and git), Debian (python-httplib2), Fedora (ant, kernel, sqlite, and sympa), openSUSE (java-11-openjdk and qemu), Oracle (bind), Red Hat (freerdp), Scientific Linux (python-pip and python-virtualenv), Slackware (firefox), SUSE (qemu), and Ubuntu (Apache Ant, ca-certificates, flask, and freerdp2).

The FSGSBASE patch series is up to its thirteenth version as of late May. It enables some "new" instructions for the x86 architecture, opening the way for a number of significant performance improvements. One might think that such a patch series would be a shoo-in, but FSGSBASE has had a troubled history; meanwhile, the delays in getting it merged may have led to a number of users installing root holes on their Linux systems in the hope of improving security.

Security updates have been issued by Debian (bind9, dosfstools, gst-plugins-good0.10, gst-plugins-ugly0.10, json-c, php-horde, php-horde-gollem, salt, and sane-backends), Fedora (drupal7, marked, NetworkManager, and wireshark), Mageia (gdb, jasper, and json-c), openSUSE (freetds, jasper, libmspack, mariadb-connector-c, sysstat, and trousers), Red Hat (bind), Scientific Linux (bind and freerdp), and SUSE (file-roller and java-11-openjdk).

Linus has released the 5.7 kernel right on schedule. Headline features in 5.7 include x86 split-lock detection, thermal-pressure management, frequency invariance in the load-tracking code, coexistence between BPF and realtime preemption, support for BPF security hook programs (formerly called the KRSI security module), a new, Microsoft-blessed exFAT filesystem implementation, and more. The final patch to be merged was this one deprecating the long-standing 80-column limit for kernel source. See the KernelNewbies 5.7 page for lots of details.

The Linux deadline scheduler supports realtime systems where applications need to be sure of getting their work done within a specific period of time. It allocates CPU time to deadline tasks in such a way as to ensure that each task's specific timing constraints are met. However, the current implementation does not work well on asymmetric CPU configurations like Arm's big.LITTLE. Dietmar Eggemann recently posted a patch set to address this problem by adding the notion of CPU capacity to the deadline scheduler.

Security updates have been issued by Debian (libexif and tomcat8), Fedora (python38), openSUSE (libxslt), Oracle (git), Red Hat (bind, freerdp, and git), Scientific Linux (git), SUSE (qemu and tomcat), and Ubuntu (apt, json-c, kernel, linux, linux-raspi2, linux-raspi2-5.3, and openssl).

In traditional build tools like Make, targets and dependencies are always files. Imagine if you could specify an entire tree (directory) as a dependency: You could exhaustively specify a "build root" filesystem containing the toolchain used for building some target as a dependency of that target. Similarly, a rule that creates that build root would have the tree as its target. Using Merkle trees as first-class citizens in a build system gives great flexibility and many optimization opportunities. In this article, guest author David Röthlisberger explores this idea using OSTree, Ninja, and Python.

Security updates have been issued by Fedora (dovecot, dpdk, knot-resolver, and unbound), Mageia (ant, libexif, and php), SUSE (libmspack), and Ubuntu (php5, php7.0, php7.2, php7.3, php7.4 and unbound).

The LWN.net Weekly Edition for May 28, 2020 is available.

The Python Language Summit is an annual gathering for the developers of various Python implementations, though, this year, the gathering actually happened via videoconference—as with so many other conferences due to the pandemic. The invite-only gathering typically has numerous interesting sessions, as can be seen in the LWN coverage of the summit from 2015 to 2018, as well as in the 2019 summit coverage on the Python Software Foundation (PSF) blog. Those writeups were penned by A. Jesse Jiryu Davis, who reprised his role for this year's summit. In this article, I will summarize some of the sessions that caught my eye.

Kees Cook takes a look some changes improving security in Linux 5.5. Topics include restrict perf_event_open() from LSM, generic fast full refcount_t, linker script cleanup for exception tables, KASLR for 32-bit PowerPC, seccomp for RISC-V, and more.

We are living through interesting times that present challenges in a number of areas, including running a business. While we think of LWN primarily as a community resource, it is also a business that is not unaffected by the ongoing pandemic. It is, we figure, a good time for a status update, especially since we have some news to share.