1 hónap 3 hét óta
Shawn Webb has published a status
report on work to provide basic support in FreeBSD for userland components
written in Rust.
We introduced a new BSD makefile, located at
share/mk/bsd.rust.mk,
that enables building a Rust application during buildworld. As of this
writing, we only support building and installing Rust
applications. Supporting library crates is planned (we would like to
be able to build/install library crates that expose an FFI, like for
C/C++ compatibility). Normal library crates build and install just
fine. Support for cdylib Rust library crates specifically is what's
missing, but is desired and planned.
We do NOT currently support Rust in the kernel. Kernel support
requires more work that we deemed out-of-scope for this initial
proof-of-concept/work-in-progress patchset. We also do NOT support
building multiple programs in the same BSD Makefile (like with
bsd.progs.mk), though that is also a desired feature.
LWN covered a
discussion about including Rust in the FreeBSD base system in August
2024.
jzb
1 hónap 3 hét óta
In late March,
version 78.0.1 of
Setuptools — an important
Python packaging tool — was released. It was scarcely half an hour before
the first bug
report came in, and it quickly became clear that the change was far
more disruptive than anticipated. Within only about five hours
78.0.2 was
published to roll back the change, and multiple discussions were
started about how to limit the damage caused by future breaking
changes. Nevertheless, many users still felt the response was
inadequate. Some previous Setuptools releases have also caused problems on a smaller but still notable scale, and hopefully the developers will be more cautious going forward. But there are also lessons here for the developers of Python package installers, ordinary Python developers and end users, and even Linux distribution maintainers.
jake
1 hónap 3 hét óta
Security updates have been issued by AlmaLinux (.NET 8.0, avahi, buildah, compat-openssl10, compat-openssl11, expat, firefox, gimp, git, grafana, libsoup, libxslt, mod_auth_openidc, nginx, nodejs:22, osbuild-composer, php, redis, redis:7, skopeo, thunderbird, vim, webkit2gtk3, xterm, and yelp), Arch Linux (dropbear, freetype2, go, nodejs, nodejs-lts-iron, nodejs-lts-jod, python-django, webkit2gtk, webkit2gtk-4.1, webkitgtk-6.0, and wpewebkit), Debian (mongo-c-driver), Fedora (openssh, perl-Mojolicious, thunderbird, yelp, and yelp-xsl), Red Hat (firefox, java-1.8.0-openjdk, java-11-openjdk with Extended Lifecycle Support, java-21-ibm-semeru-certified-jdk, java-21-openjdk, kernel, libxslt, ruby, ruby:3.1, ruby:3.3, unbound, and webkit2gtk3), SUSE (glib2, grub2, kernel, libwebp, openssh, and s390-tools), and Ubuntu (linux, linux-azure, linux-azure-6.11, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-oem-6.11, linux-raspi, linux-realtime, linux-azure, linux-azure-5.15, linux-nvidia-tegra, linux-azure, linux-azure-6.8, linux-oem-6.8, linux-azure, linux-kvm, linux-azure-fips, linux-azure-nvidia, linux-gcp, linux-gcp-6.8, linux-gkeop, linux-gke, linux-intel-iot-realtime, linux-realtime, linux-raspi-realtime, mariadb-10.6, and postgresql-12, postgresql-14, postgresql-16).
jzb
1 hónap 3 hét óta
Ihor Solodrai has been working on the BPF subsystem's continuous-integration
(CI) testing for the last six months. At the 2025 Linux Storage, Filesystem,
Memory-Management, and BPF Summit, he remotely shared
an update on his work, and solicited feedback on how the tests could be further
improved. Much of the work he's done has been specific to the BPF subsystem, but
some is more generic and could potentially be of use to other subsystems. He
also shared some general lessons learned from working on the BPF CI tests.
daroc
1 hónap 3 hét óta
Despite careful planning and months of warning, Debian developer Mo
Zhou has acknowledged that the project needs more time to grapple with
the questions around AI models and the Debian Free Software Guidelines
(DFSG). For now, he has withdrawn his proposed General Resolution (GR)
that would have required the original training data for AI models to
be released in order to be considered DFSG-compliant—though the
debates on the topic continue.
jzb
1 hónap 3 hét óta
Red Hat has announced
the release of Red Hat Enterprise Linux (RHEL) 10. A blog post
accompanying the release provides details on some of the more notable
features, such as encrypted DNS, a developer preview of RHEL 10
for RISC-V,
and image
mode for RHEL using bootc.
Image mode for RHEL lets you deploy your OS as a bootc image to your
hardware, virtual machine or cloud, and then layer your app on top of
it. That's a far less complex operation than traditional packaged
deployments, and it gives developers and image maintainers a common
experience and total control over their environment.
RHEL 10 includes the 6.12.0 kernel, GCC 14.2, GNU
Binutils 2.41, GNU C Library (glibc) 2.39, Python 3.12,
Perl 5.40, and more. See the release
notes for a full list of changes. LWN covered
CentOS Stream 10 in December, which provided an early look
at what would be in the RHEL 10 release.
jzb
1 hónap 3 hét óta
Security updates have been issued by Debian (firefox-esr, openjdk-11, openjdk-17, and wireless-regdb), Fedora (iputils, open-vm-tools, sfnt2woff-zopfli, and woff), Red Hat (postgresql:12), SUSE (apache2-mod_auth_openidc, brltty, helm, python-maturin, and rubygem-rack), and Ubuntu (linux-azure-fips).
corbet
1 hónap 3 hét óta
Roland Shoemaker has published a blog post about a
recent security audit of the cryptography packages shipped as part of
the Go standard library. The audit, performed by the Trail of Bits security firm,
uncovered one low-severity vulnerability in the legacy Go+BoringCrypto
integration, as well as a handful of informational findings.
During the review, there were a number of questions about our
cgo-based Go+BoringCrypto integration, which provides a FIPS 140-2
compliant cryptography mode for internal usage at Google. The
Go+BoringCrypto code is not supported by the Go team for external use,
but has been critical for Google's internal usage of Go.
The Trail of Bits team found one vulnerability and one non-security relevant bug,
both of which were results of the manual memory management required to
interact with a C library. Since the Go team does not support usage of
this code outside of Google, we have chosen not to issue a CVE or Go
vulnerability database entry for this issue, but we fixed it in the Go 1.25 development
tree.
The entire report is available
as a PDF for those who enjoy a little light security reading.
jzb
1 hónap 3 hét óta
The seventh edition of the
Power Management and Scheduling
in the Linux Kernel (known as "OSPM") Summit took place on March 18-20,
2025. It was organized by Juri Lelli, Frauke Jäger, Tommaso Cucinotta, and
Lorenzo Pieralisi, and was hosted by Linutronix at Alte Fabrik,
Uhldingen-Mühlhofen, Germany. The event was sponsored by Linutronix, Arm,
and the Scuola Superiore Sant'Anna in Pisa.
corbet
1 hónap 3 hét óta
Security updates have been issued by Debian (dropbear, firefox-esr, intel-microcode, net-tools, openafs, thunderbird, and xrdp), Fedora (chromium, micropython, syslog-ng, webkitgtk, and xen), Mageia (dropbear and openssh), Oracle (.NET 9.0, kernel, libjpeg-turbo, and yelp and yelp-xsl), Red Hat (compat-openssl11, git-lfs, grafana, kernel, and osbuild and osbuild-composer), Slackware (mozilla), SUSE (cargo-c, gimp, iputils-20240905, kernel, libraw, microcode_ctl, openssh, pnpm, python311-cramjam, python311-httptools, python311-jwcrypto, python311-loguru, python311-mechanize, python311-nltk, python311-oauthlib, python311-py7zr, python311-pycapnp, python311-pyspnego, python311-pywayland, python311-suds, python311-treq, python311-ujson, python311-waitress, ruby3.4-rubygem-actionmailer, ruby3.4-rubygem-actiontext, ruby3.4-rubygem-activerecord, ruby3.4-rubygem-activestorage, ruby3.4-rubygem-fluentd, ruby3.4-rubygem-globalid, ruby3.4-rubygem-jquery-rails, ruby3.4-rubygem-kramdown, ruby3.4-rubygem-loofah, ruby3.4-rubygem-multi_xml, ruby3.4-rubygem-puma, ruby3.4-rubygem-rails, ruby3.4-rubygem-rails-html-sanitizer, ruby3.4-rubygem-sprockets, ruby3.4-rubygem-web-console, ruby3.4-rubygem-websocket-extensions, ucode-intel-20250512, and valkey), and Ubuntu (dotnet8, dotnet9, linux, linux-aws, linux-aws-6.8, linux-ibm, linux-lowlatency,
linux-lowlatency-hwe-6.8, linux-oracle, linux, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-oracle, linux, linux-gkeop, linux-ibm, linux-ibm-5.15, linux-intel-iotg,
linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia,
linux-oracle, linux-oracle-5.15, linux-fips, linux-gcp, linux-gcp-5.15, linux-gcp-fips, linux-gke, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-realtime, and linux-xilinx-zynqmp).
corbet
1 hónap 3 hét óta
The
6.15-rc7 kernel prepatch is out for
testing. "So while I wish we hadn't had some of the excitement of last
week, on the whole it all still looks pretty solid, and unless something
strange happens I'll do the final 6.15 release next weekend."
corbet
1 hónap 3 hét óta
corbet
1 hónap 3 hét óta
The
first article in this series provided
an overview of
Home Assistant,
its community, and its capabilities. It was deliberately short on
descriptions of interesting things that can be done with Home Assistant,
though — the reasons why one might actually want to use this program. In
this closing article, we'll look at how Home Assistant was used to solve
some real problems.
corbet
1 hónap 3 hét óta
The Asahi Linux
project, which supports Linux on Apple Silicon Macs, has published a
progress report ahead of the 6.15 kernel's release.
We are pleased to announce that our graphics driver userspace API
(uAPI) has been merged into the Linux kernel. This major milestone
allows us to finally enable OpenGL, OpenCL and Vulkan support for
Apple Silicon in upstream Mesa. This is the only time a graphics
driver's uAPI has been merged into the kernel independent of the
driver itself, which was kindly allowed by the kernel graphics
subsystem (DRM) maintainers to facilitate upstream Mesa enablement
while the required Rust abstractions make their way upstream. We are
grateful for this one-off exception, made possible with close
collaboration with the kernel community.
jzb
1 hónap 3 hét óta
Security updates have been issued by AlmaLinux (.NET 8.0, .NET 9.0, kernel, kernel-rt, redis:6, and yelp and yelp-xsl), Debian (chromium), Red Hat (compat-openssl11, kernel, and thunderbird), and SUSE (nbdkit, open-vm-tools, and rustup).
jzb
1 hónap 4 hét óta
The Electronic Frontier Foundation has posted a somewhat belated
memorial
for John Young, the founder of Cryptome.
John was one of the early, under-recognized heroes of the digital
age. He not only saw the promise of digital technology to help
democratize access to information, he brought that idea into being
and nurtured it for many years. We will miss him and his
unswerving commitment to the public's right to know.
corbet
1 hónap 4 hét óta
To commemorate the tenth anniversary of the 1.0 release
of the Rust language,
version
1.87.0 was announced live today at the 10 Years of Rust
celebration in Utrecht, Netherlands. Notable changes
include the addition of anonymous pipes to the standard library and
the ability for inline assembly (asm!) to jump to labeled
blocks within Rust code.
jzb
1 hónap 4 hét óta
Leon Romanovsky began his session at the 2025 Linux Storage, Filesystem,
Memory Management, and BPF Summit (LSFMM+BPF) by explaining that the improved DMA-mapping API that he has been
working on is a group effort. He, Chaitanya Kulkarni, Christoph Hellwig,
Jason Gunthorpe, and others are proposing to modernize the API and to
"make it more suitable for current kernels". He told the assembled
storage and filesystem developers that the progress on the proposal has
stalled, but that it was the basis for further work in various areas, so he
hoped to find a way to move forward with it.
jake
1 hónap 4 hét óta
The Tor project has announced
the oniux utility which provides Tor network isolation, using Linux
namespaces, for third-party applications.
Namespaces are a powerful feature that gives us the ability to
isolate Tor network access of an arbitrary application. We put each
application in a network namespace that doesn't provide access to
system-wide network interfaces (such as eth0), and instead provides a
custom network interface onion0.
This allows us to isolate an arbitrary application over Tor in the
most secure way possible software-wise, namely by relying on a
security primitive offered by the operating system kernel. Unlike
SOCKS, the application cannot accidentally leak data by failing to
make some connection via the configured SOCKS, which may happen due to
a mistake by the developer.
The Tor project cautions that oniux is considered experimental as
the software it depends on, such as Arti and
onionmasq,
are still new.
jzb
1 hónap 4 hét óta
Security updates have been issued by Debian (open-vm-tools), Fedora (dnsdist), Gentoo (Node.js and Tracker miners), Red Hat (kernel and xdg-utils), SUSE (audiofile, go1.22-openssl, go1.24, grub2, kernel-devel, openssl-1_1, openssl-3, and python311-Django), and Ubuntu (ruby-rack).
jake
Ellenőrizve
13 perc 39 másodperc ago
LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Feliratkozás a következőre: Linux Weekly News hírcsatorna