Linux Weekly News
[$] Automatic buffer selection for io_uring
The io_uring subsystem has, in the last
year, redefined how asynchronous I/O is done on Linux systems. As this
subsystem grows in both capability and users, though, it starts to run into
limitations in the types of operations that can be expressed. That is
driving a number of changes in how operations are programmed for io_uring.
One example is the mechanisms considered for carrying a file descriptor
between operations that was covered here in early March. Another has to
do with how I/O buffers are chosen for operations.
LMDE 4 “Debbie” released
The Linux Mint Debian Edition (LMDE) 4 has been released. "LMDE is a Linux Mint project which stands for 'Linux Mint Debian Edition'. Its goal is to ensure Linux Mint would be able to continue to deliver the same user experience, and how much work would be involved, if Ubuntu was ever to disappear. LMDE is also one of our development targets, to guarantee the software we develop is compatible outside of Ubuntu.
LMDE aims to be as similar as possible to Linux Mint, but without using Ubuntu. The package base is provided by Debian instead." It is based on Debian 10 ("Buster") with lots of new features, including many improvements from Linux Mint 19.3. More information can be found in the release notes.
Security updates for Friday
Security updates have been issued by Arch Linux (bluez and chromium), Debian (icu, rails, thunderbird, and twisted), Fedora (chromium and webkit2gtk3), Gentoo (bsdiff, cacti, clamav, fribidi, libgit2, pecl-imagick, phpmyadmin, pyyaml, and tomcat), openSUSE (wireshark), Oracle (firefox, icu, python-imaging, thunderbird, and zsh), Scientific Linux (thunderbird), SUSE (firefox, nghttp2, thunderbird, and tomcat), and Ubuntu (twisted).
Hacking the planet with Notcurses
Author Nick Black has written an extensive book on the creation of textual
user interfaces using the notcurses library; it's available under the Apache
license [PDF]. "Many people asked how such a thing was
useful. My usual response was that numerous devices don’t present a bitmap
interface, that X11 GUIs run remotely over SSH are effectively unusable,
that plenty of machines don’t have a GUI environment installed, that there
are obvious applications for large outdoor displays, and that Sixel isn’t
well-supported across different terminal emulators. It seems impossible in
an age of gigatransistor graphics cards, but the text environment still
presents perceivably less latency than most GUI toolkits."
[$] Working-set protection for anonymous pages
The kernel's memory-management subsystem goes to great lengths to keep the
pages that are actually in use in memory. But sometimes it gets things
wrong, leading to reduced performance or, in the worst cases, flat-out
thrashing. We may be about to see a significant improvement, though,
thanks to a
patch set from Joonsoo Kim changing how anonymous pages (those
containing data not backed by files on disk) are managed.
As it turns out, all that had to be done was to make use of some work that
already exists in related parts of the memory-management code.
Qubes Architecture Next Steps: The GUI Domain
Here's a
detailed blog post on how the Qubes distribution is working to isolate
the graphical interface from the rest of the system. "The upcoming
4.1 release changes this protocol to a more flexible form. It will no
longer use direct memory addresses, but an abstract mechanism in which the
qube has to explicitly allow access to a particular memory page. In our
current implementation — under Xen — we use the grant tables mechanism,
which provides a separate memory allocation API and allows working on
grants and not directly on memory pages. Other implementations will also be
possible: whether for another hypervisor (e.g. KVM) or for a completely
different architecture not based on shared memory (e.g. directly sending
frames to another machine)."
Security updates for Thursday
Security updates have been issued by Debian (gdal), Fedora (nethack), Mageia (okular, sleuthkit, and webkit2), openSUSE (salt), Oracle (icu, kernel, python-pip, python-virtualenv, and zsh), Red Hat (icu, python-imaging, thunderbird, and zsh), Scientific Linux (icu, python-imaging, and zsh), SUSE (postgresql10), and Ubuntu (apache2).
[$] LWN.net Weekly Edition for March 19, 2020
The LWN.net Weekly Edition for March 19, 2020 is available.
[$] Improving pretty-printing in Python
The python-ideas mailing list is typically used to discuss new features or
enhancements for the language; ideas that gain traction will get turned
into Python Enhancement Proposals (PEPs) and eventually make their way to
python-dev for wider consideration. Steve Jorgensen recently started
a discussion of just that sort; he was looking for a way to add
customization to the "pretty-print" module (pprint)
so that objects could change the way they are displayed. The subsequent
thread went in a few different directions that reflect the nature of the
mailing list—and the idea itself.
Ryabitsev: Introducing b4 and patch attestation
Konstantin Ryabitsev introduces
the "b4" tool for kernel development. Developers and LWN readers will
be familiar with b4 under its previous name: get-lore-mbox. "On top of that, b4 also
introduces support for cryptographic patch attestation, which makes it
possible to verify that patches (and their metadata) weren't modified in
transit between developers. This is still an experimental feature, but
initial tests have been pretty encouraging." See this article for early coverage of the
attestation feature.
DeVault: The reckless, infinite scope of web browsers
Drew DeVault complains
about the complexity of the web and the browsers that work with it.
"The major projects are open source, and usually when an open-source
project misbehaves, we’re able to to fork them to offer an alternative. But
even this is an impossible task where web browsers are concerned. The
number of W3C specifications grows at an average rate of 200 new specs per
year, or about 4 million words, or about one POSIX every 4 to 6 months. How
can a new team possibly keep up with this on top of implementing the
outrageous scope web browsers already have now?"
[$] Bringing encryption restrictions in through the back door
Legislation recently proposed in the US Senate is ostensibly meant to
combat "child sexual abuse material" (CSAM), but it does not actually do
much to combat that horrible problem. Its target, instead, is the encryption
of user communications, which the legislation—tellingly—never mentions.
The Eliminating
Abusive and Rampant Neglect of Interactive Technologies Act of 2020,
EARN IT for short, is an attempt to force online service providers
(e.g. Facebook, Google, etc.) to follow a set of "best practices"
determined by a commission, to combat the scourge of CSAM; the composition of
that commission makes it clear that end-to-end encryption will not be one
of those practices, but companies that do not follow the best practices will lose
liability protection for their users' actions. It is, in brief, an
attempt to force providers to either abandon true end-to-end encryption or
face ruinous lawsuits—all without "seeming" to be about encryption at all.
Stable kernel updates
Security updates for Wednesday
Security updates have been issued by Debian (libvncserver and twisted), Fedora (libxslt), Red Hat (kernel, kernel-rt, python-flask, python-pip, python-virtualenv, slirp4netns, tomcat, and zsh), Scientific Linux (kernel, python-pip, python-virtualenv, tomcat, and zsh), SUSE (apache2-mod_auth_openidc and skopeo), and Ubuntu (apport and dino-im).
Security updates for Tuesday
Security updates have been issued by Arch Linux (okular, thunderbird, and webkit2gtk), Debian (webkit2gtk), Fedora (php-horde-Horde-Form), Gentoo (libvorbis, nss, and proftpd), Oracle (firefox and kernel), Red Hat (kernel), Scientific Linux (firefox), SUSE (cni, cni-plugins, conmon, fuse-overlayfs, podman, librsvg, and ovmf), and Ubuntu (ceph, icu, linux, linux-aws, linux-kvm, linux-aws-5.0, linux-gcp, linux-gke-5.0, linux-oracle-5.0, linux-kvm, linux-oracle, linux-raspi2, linux-raspi2-5.3, linux-kvm, linux-raspi2, linux-snapdragon, and linux-lts-xenial, linux-aws).
[$] Filesystem-oriented flags: sad, messy and not going away
Over the last decade, the addition of a "flags"
argument to all new system calls, even if no flags are actually needed
at the
outset, has been widely adopted as a best practice. The result has
certainly been greater API extensibility, but we have also seen a proliferation of
various types of flags for related system calls. For calls related to
files and filesystems, in particular, the available flags have reached a
point where some calls will need as many as three arguments for them
rather than just one.
FSF: 2019 Free Software Awards
The Free Software Foundation has announced
the recipients of the 2019 Free Software Awards. A new category was added
this year; the Award for
Outstanding New Free Software Contributor went to Clarissa Lima Borges,
"a talented young Brazilian software engineering student whose
Outreachy internship work focused on usability testing for various GNOME
applications". The Project of social benefit
award went to Let's Encrypt, and the Award for the Advancement of
Free Software was given to Jim Meyering, "a prolific free software programmer, maintainer, and writer".
Stable kernel 4.19.110
Stable kernel 4.19.110 has been released. "This fixes a problem in 4.19.109 in the KVM subsystem. If you use KVM,
you are strongly encouraged to upgrade. If not, no big deal, you can
ignore this release."
Security updates for Monday
Security updates have been issued by Debian (graphicsmagick, qemu, and slurm-llnl), Fedora (ansible, couchdb, mediawiki, and python3-typed_ast), Gentoo (atftp, curl, file, gdb, git, gst-plugins-base, icu, libarchive, libgcrypt, libjpeg-turbo, libssh, libvirt, musl, nfdump, ppp, python, ruby-openid, runc, sqlite, squid, sudo, SVG Salamander, systemd, thunderbird, tiff, and webkit-gtk), Mageia (firefox, kernel, and thunderbird), openSUSE (firefox, librsvg, php7, and tomcat), Red Hat (firefox), Slackware (thunderbird), and SUSE (firefox, kernel, salt, and wireshark).
LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Webcím