Hírolvasó

Version 1.16 of the Go language is available. New features include an "embed" package, Apple Arm64 support, use of modules by default, and build-performance improvements; see the release notes for details.

On February 4, millions of browser tabs were suddenly terminated. Not everyone was surprised; the dozen people who spent the last four months waiting for this tragedy to occur watched in relief as the first in a rapid stream of GitHub comments began pouring in. The Great Suspender, a Chrome extension that suspended inactive tabs, with around two-million users, had been forcibly uninstalled because it contained malware. This was a serious problem for users, in part due to the difficulty in recovering the lost tabs, but the extension's malevolence had been painfully obvious to anyone who cared to investigate it.

Those of us who are watching the mainline kernel repository may have been wondering why it appears that no pull requests for the 5.12 merge window have yet been acted upon. The problem, it seems, is power outages caused by the severe winter weather in the US Pacific northwest. Until that gets resolved, which could take a few days, the 5.12 merge window is likely to remain on hold.

Security updates have been issued by Debian (spip), Mageia (chromium-browser, kernel, kernel-linus, and trojita), openSUSE (mumble and opera), Red Hat (container-tools:rhel8, java-1.8.0-ibm, kernel, kernel-rt, net-snmp, nodejs:10, nodejs:12, nodejs:14, nss, perl, python, and rh-nodejs10-nodejs), and SUSE (jasper, python-bottle, and python-urllib3).

The 5.11 kernel was released on February 14 — the most romantic sort of Valentine's day gift one could hope for. This kernel saw the merging of 14,340 changesets from 1,912 developers; it is certainly not the busiest development cycle we have seen recently, but it still saw a lot of activity. Read on for our traditional look at where the code merged for 5.11 came from.

Security updates have been issued by Debian (busybox, linux-4.19, openvswitch, subversion, unbound1.9, and xterm), Fedora (audacity, community-mysql, kernel, libzypp, mysql-connector-odbc, python-django, python3.10, and zypper), openSUSE (librepo, openvswitch, subversion, and wpa_supplicant), Red Hat (subversion:1.10), SUSE (kernel, openvswitch, perl-File-Path, and wpa_supplicant), and Ubuntu (postgresql-12).

Linus has released the 5.11 kernel, as expected. "I know it's Valentine's Day here in the US - maybe give this release a good testing before you go back and play with development kernels. All right? Because I'm sure your SO will understand." Headline features in 5.11 include Intel SGX support, a new system-call interception mechanism, the seccomp() constant-action bitmap optimization, the internal kmap_local() API, the epoll_pwait2() system call, and much more. See the LWN merge-window articles (part 1, part 2) and the (under development) KernelNewbies 5.11 page for more information.

The 5.10.16, 5.4.98, and 4.19.176 stable kernel updates have been released; each contains another set of important fixes.

Recent noteworthy things commited to -current and not previously reported include:

• [2021-01-26] Patrick Wildt (patrick@) continues work [with help from Mark Kettenis (kettenis@)] on supporting the Apple M1.
• [2021-02-06] Solène Rapenne (solene@) blogged about using 2FA with TOTP.
• [2021-02-08] Stefan Sperling (stsp@) added a RAID1C (raid1 + crypto) softraid(8) discipline.
• [2021-02-09] Patrick Wildt (patrick@) added lldb(1) (for amd64 and arm64 platforms).
• [2021-02-09] maxburst feature removed from tcp_output by Jan Klemkov (jan@)
  [2021-02-09] PF_LOCK() activated by Patrick Wildt (patrick@)
  [2021-02-10] Vitaliy Makkoveev (mvs@) moved UNIX domain sockets out of the kernel lock
  
• [2021-02-11] Jonathan Gray (jsg@) upgraded libdrm to version 2.4.104, with changes to the relevant devices (see FAQ).
• [2021-02-12] Otto Moerbeek (otto@) has requested testing/review of a patch enhancing malloc(3) "junking".

All in all, this looks promising for the upcoming OpenBSD 6.9 release!

A brief post on the Gentoo site is in memory of Kent "kent\n" Frederic. "Kent was an active member of the Gentoo community for many years. He tirelessly managed Gentoo’s Perl support, and was active in the Rust project as well as in many other corners. We all remember him as an enthusiastic, bright person, with lots of eye for detail and constant willingness to help out and improve things. On behalf of the world-wide Gentoo community, our heartfelt condolences go out to his family and friends."

Seen from outside, the internals of the Linux kernel appear to be stable, especially in subsystems like the memory-management subsystem. However, from time to time, developers need to replace an internal interface to solve a longstanding problem. One such issue is contention on the lock used to protect essential memory-management structures, including the page tables and virtual memory areas (VMAs). Liam Howlett and Matthew Wilcox have been developing a new data structure, called a "maple tree", to replace the data structures currently used for VMAs. This potentially big change in internal kernel structures has been recently posted for a review in a massive patch set.

Security updates have been issued by Arch Linux (ansible, chromium, cups, docker, firefox, gitlab, glibc, helm, lib32-glibc, minio, nextcloud, opendoas, opera, php, php7, privoxy, python-django, python-jinja, python2-jinja, thunderbird, vivaldi, and wireshark-cli), Fedora (jasper, linux-firmware, php, python-cryptography, spice-vdagent, subversion, and thunderbird), Mageia (gssproxy and phpldapadmin), openSUSE (chromium, containerd, docker, docker-runc,, librepo, nextcloud, and privoxy), SUSE (containerd, docker, docker-runc, golang-github-docker-libnetwork, kernel, openvswitch, and wpa_supplicant), and Ubuntu (wpa).

Given the large set of system calls implemented by the Linux kernel, it would not be surprising for most people to be unfamiliar with a few of them. Not everybody needs to know the details of setresgid(), modify_ldt(), or lookup_dcookie(), after all. But even developers who have a wide understanding of the Linux system-call set may be surprised by kcmp(), which is not enabled by default in the kernel build. It would seem, though, that the word has gotten out, leading to an effort to make kcmp() more widely available.

Security updates have been issued by Debian (firejail and netty), Fedora (java-1.8.0-openjdk, java-11-openjdk, rubygem-mechanize, and xpdf), Mageia (gstreamer1.0-plugins-bad, nethack, and perl-Email-MIME and perl-Email-MIME-ContentType), openSUSE (firejail, java-11-openjdk, python, and rclone), Red Hat (dotnet, dotnet3.1, dotnet5.0, and rh-nodejs12-nodejs), SUSE (firefox, kernel, python, python36, and subversion), and Ubuntu (gnome-autoar, junit4, openvswitch, postsrsd, and sqlite3).

Version 1.50.0 of the Rust language has been released. "For this release, we have improved array indexing, expanded safe access to union fields, and added to the standard library."

The LWN.net Weekly Edition for February 11, 2021 is available.

There is always a certain amount of tension between the goals of those using older, less-popular architectures and the goals of projects targeting more mainstream users and systems. In many ways, our community has been spoiled by the number of architectures supported by GCC, but a lot of new software is not being written in C—and existing software is migrating away from it. The Rust language is often the choice these days for both new and existing code bases, but it is built with LLVM, which supports fewer architectures than GCC supports—and Linux runs on. So the question that arises is how much these older, non-Rusty architectures should be able to hold back future development; the answer, in several places now, has been "not much".

The world wide web is truly a wondrous invention, but it is not without flaws. There are massive privacy woes that stem from its standards and implementation; it is also so fiendishly complex that few can truly grok all of its expanse. That complexity affords enormous flexibility, for good or ill. Those who are looking for a simpler way to exchange information—or hearken back to web prehistory—may find the Gemini project worth a look.