Hírolvasó

Unix-like systems abound with ways to confuse new users, many of which have been present since long before Linux entered the scene. One consistent source of befuddlement is the "text file is busy" (ETXTBSY) error message that is delivered in response to an attempt to overwrite an executable image file. Linux is far less likely to deliver ETXTBSY results than it once was, but they do still happen on occasion. Recent work to simplify the mechanism behind ETXTBSY has raised a more fundamental question: does this error check have any value at all?

The Document Foundation has announced the latest release of LibreOffice: LibreOffice 7.2 Community, the new major release of the volunteer-supported free office suite for desktop productivity, is available from https://www.libreoffice.org/download. Based on the LibreOffice Technology platform for personal productivity on desktop, mobile and cloud, it provides a large number of interoperability improvements with Microsoft’s proprietary file formats. In addition, LibreOffice 7.2 Community offers numerous performance improvements in handling large files, opening certain DOCX and XLSX files, managing font caching, and opening presentations and drawings that contain large images. There are also drawing speed improvements when using the Skia back-end that was introduced with LibreOffice 7.1.

[...] LibreOffice 7.2 Community’s new features have been developed by 171 contributors: 70% of code commits are from 51 developers employed by three companies sitting in TDF’s Advisory Board – Collabora, Red Hat and allotropia – or other organizations (including The Document Foundation), and 30% are from 120 individual volunteers.

See the release notes for more information on the changes and new features in the LibreOffice 7.2.

Security updates have been issued by CentOS (exiv2, firefox, and thunderbird), Fedora (libsndfile, python-docx, and xscreensaver), openSUSE (haproxy), and SUSE (haproxy).

With the following commit, Theo de Raadt (deraadt@) moved -current to version 7.0-beta:

CVSROOT: /cvs Module name: src Changes by: deraadt@cvs.openbsd.org 2021/08/17 09:03:56 Modified files: sys/conf : newvers.sh etc/root : root.mail share/mk : sys.mk sys/arch/macppc/stand/tbxidata: bsd.tbxi usr.bin/signify: signify.1 Log message: 7.0-beta

Snapshots are (already) available for most platforms.

This serves as an excellent reminder to upgrade snapshots frequently, test both base and ports, and report problems [plus, of course, donate!].

The LWN.net Weekly Edition for August 19, 2021 is available.

As part of the ramp-up to the 2021 Linux Plumbers Conference, LWN editor Jonathan Corbet will be presenting a version of "The kernel report" at 9:00AM US/Mountain time (15:00 UTC) on Thursday, August 26. Registration for LPC is not required; all are welcome for an update on the state of kernel development and a perspective on 30 years of the Linux kernel. Please come for an interesting discussion and to help the LPC crew stress-test the 2021 infrastructure.

The talk will be happening at meet.lpc.events; the more the merrier.

Back in June, we looked at a change to Python annotations, which provide a way to associate metadata, such as type information, with functions. That change was planned for the upcoming Python 3.10 release, but was deferred due to questions about it and its impact on run-time uses of the feature. The Python steering council felt that more time was needed to consider all of the different aspects of the problem before deciding on the right approach; the feature freeze for Python 3.10 was only around two weeks off when the decision was announced on April 20. But now, there is most of a year before another feature freeze, which gives the council (and the greater Python development community) some time to discuss it at a more leisurely pace.

Stable kernels 5.13.12, 5.10.60, 5.4.142 have been released. As usual, there are important fixes and users should upgrade.

Security updates have been issued by Debian (haproxy), Fedora (c-ares, hivex, kernel, libtpms, newsflash, python-django, rust-gettext-rs, and rust-gettext-sys), openSUSE (c-ares and libsndfile), Scientific Linux (cloud-init, edk2, exiv2, firefox, kernel, kpatch-patch, microcode_ctl, sssd, and thunderbird), SUSE (c-ares, fetchmail, haproxy, kernel, libmspack, libsndfile, rubygem-puma, spice-vdagent, and webkit2gtk3), and Ubuntu (exiv2, haproxy, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, and linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.11, linux-oracle, linux-raspi).

The use of Transport Layer Security (TLS) encryption is ubiquitous on today's internet, though that has largely happened over the last 20 years or so; the first public version of its predecessor, Secure Sockets Layer (SSL), appeared in 1995. Before then, internet protocols were generally not encrypted, thus providing fertile ground for various types of "meddler-in-the-middle" (MitM) attacks. Later on, the STARTTLS command was added to some protocols as a backward-compatible way to add TLS support, but the mechanism has suffered from a number of flaws and vulnerabilities over the years. Some recent research, going by the name "NO STARTTLS", describes more, similar vulnerabilities and concludes that it is probably time to avoid using STARTTLS altogether.

These releases of Firefox 91.0.1 and Firefox ESR 91.0.1 fix two issues; one caused buttons on the tab bar to be resized and the other caused tabs from private windows to be visible in non-private windows. There is also a fix for a header splitting attack, and fixes for various stability issues.

Security updates have been issued by Fedora (firefox), openSUSE (cpio and rpm), Oracle (compat-exiv2-026, exiv2, firefox, kernel, kernel-container, qemu, sssd, and thunderbird), Red Hat (cloud-init, edk2, kernel, kpatch-patch, microcode_ctl, and sssd), and SUSE (cpio, firefox, and libcares2).

Version 2.33.0 of the Git source-code management system has been released.

As can be seen here, it turns out that this release does not have many end-user facing changes and new features, but a lot of fixes and internal improvements went into the codebase during this cycle. Also, preparation for a new merge strategy backend (can be used with "git merge -sort" today) is on its final stretch and we are hoping that it can become the default in the next release.

The Go blog has announced the release of version 1.17 of the Go programming language. The new version has some fairly small changes to the language, support for the Arm 64-bit architecture on Windows, along with other features, bug fixes, and more: This release brings additional improvements to the compiler, namely a new way of passing function arguments and results. This change has shown about a 5% performance improvement in Go programs and reduction in binary sizes of around 2% for amd64 platforms. Support for more platforms will come in future releases.

See the release notes for more information.

We are pleased to announce that the GPU/media/AI buffer management and interop Microconference has been accepted into the 2021 Linux Plumbers Conference. The Linux GPU subsystem has long had three major tenets:

• Kernel mediation, validation, submission, and scheduling of GPU jobs
• Implicit synchronisation between multiple user space accessors
• Open-source user space

Forthcoming hardware makes the former two difficult, if not impossible, to achieve. In order to give user space the fastest possible path to support modern complex workloads, forthcoming hardware is removing the notion of a small number of kernel-controlled job queues, replacing it with direct user space access to command queues to submit and control their own jobs.

This, and evolution in the Vulkan API, make it difficult to retain the existing implicit synchronization model, where the kernel tracks all access and ensures that the hardware executes jobs in the order of user space submission, so that multiple independent clients can reuse the same buffers without data hazards. As all of these changes impact both media and neural-network accelerators, this Linux Plumbers Conference microconference allows us to open the discussion past the graphics community and into the wider kernel community.

This year’s topics to be discussed include:

• Handling explicit synchronization without kernel mediation and awareness
• Supporting fence-value reads on multiple architectures in an efficient way
• User space API implications of buffer sharing without guaranteed job completion
• cgroup support and accounting for GPU memory allocation and time-sharing
  – API and long-term support implications for closed-source firmware

Come and join us in the discussion of keeping Linux a first class citizen
in the would of graphics and media.

We hope to see you there.

Even in the dog days of (northern-hemisphere) summer, the kernel community is a busy place. There are many developments that show up on your editor's radar, but which, for whatever reason, do not find their way into a full-length feature article. The time has come to catch up with a few of those topics; read on for updates on the realtime patch set, the effort to reinvent futexes, and the ntfs3 filesystem.

For those waiting to run Linux on Apple M1 hardware, the the August Asahi Linux progress report is out.

Instead, a much safer approach that has been used by projects such as Nouveau in the past is to record a log of the hardware accesses that the official drivers perform on a real system, without actually looking at the code. Nouveau accomplished this by using a Linux driver to intercept accesses by Nvidia’s official Linux driver. Of course, Apple’s M1 drivers are for macOS, not Linux. While we could implement the same approach with a custom patch to the open source core of the macOS kernel, we decided instead to go one level deeper and build a hypervisor that can run the entirety of macOS, unmodified, in a VM that transparently presents it the real M1 hardware.

Following the Debian "Bullseye" release is a new Skolelinux distribution for a school near you.

Debian Edu, also known as Skolelinux, is a Linux distribution based on Debian providing an out-of-the box environment of a completely configured school network. Immediately after installation, a school server running all services needed for a school network is set up just waiting for users and machines to be added via GOsa², a comfortable web interface.

Security updates have been issued by Arch Linux (c-ares, firefox, fossil, gitlab, jupyterlab, loki, lynx, opera, prosody, and vivaldi), Debian (amd64-microcode, exiv2, ffmpeg, thunderbird, and trafficserver), Fedora (libsndfile, rust-argh, rust-argh_derive, rust-argh_shared, rust-askalono-cli, rust-asyncgit, rust-bugreport, rust-crosstermion, rust-diskonaut, rust-dua-cli, rust-fancy-regex, rust-fedora-update-feedback, rust-filetreelist, rust-git-version, rust-git-version-macro, rust-gitui, rust-heatseeker, rust-jql, rust-pulldown-cmark, rust-sd, rust-shadow-rs, rust-skim, rust-textwrap, rust-tokei, rust-tui, rust-tui-react, rust-unicode-linebreak, rust-unicode-truncate, rust-urlencoding, rust-versions, rust-weezl, and zola), Mageia (dino, firefox, glibc, libvirt, mariadb, qtwebengine5, spice, sylpheed, claws-mail, and webkit2), openSUSE (grafana, kernel, libdnf, and openscad), Oracle (.NET 5.0, .NET Core 3.1, and virt:ol and virt-devel:rhel), Red Hat (compat-exiv2-026, exiv2, firefox, sssd, and thunderbird), SUSE (cpio and kernel), and Ubuntu (mariadb-10.3, mariadb-10.5).

The 5.14-rc6 kernel prepatch is out for testing. "Nothing particular stands out to me. Go test, we should be getting pretty close to done with this release..."