Hírolvasó

Linus has released the 5.7 kernel right on schedule. Headline features in 5.7 include x86 split-lock detection, thermal-pressure management, frequency invariance in the load-tracking code, coexistence between BPF and realtime preemption, support for BPF security hook programs (formerly called the KRSI security module), a new, Microsoft-blessed exFAT filesystem implementation, and more. The final patch to be merged was this one deprecating the long-standing 80-column limit for kernel source. See the KernelNewbies 5.7 page for lots of details.

The Linux deadline scheduler supports realtime systems where applications need to be sure of getting their work done within a specific period of time. It allocates CPU time to deadline tasks in such a way as to ensure that each task's specific timing constraints are met. However, the current implementation does not work well on asymmetric CPU configurations like Arm's big.LITTLE. Dietmar Eggemann recently posted a patch set to address this problem by adding the notion of CPU capacity to the deadline scheduler.

Security updates have been issued by Debian (libexif and tomcat8), Fedora (python38), openSUSE (libxslt), Oracle (git), Red Hat (bind, freerdp, and git), Scientific Linux (git), SUSE (qemu and tomcat), and Ubuntu (apt, json-c, kernel, linux, linux-raspi2, linux-raspi2-5.3, and openssl).

In traditional build tools like Make, targets and dependencies are always files. Imagine if you could specify an entire tree (directory) as a dependency: You could exhaustively specify a "build root" filesystem containing the toolchain used for building some target as a dependency of that target. Similarly, a rule that creates that build root would have the tree as its target. Using Merkle trees as first-class citizens in a build system gives great flexibility and many optimization opportunities. In this article, guest author David Röthlisberger explores this idea using OSTree, Ninja, and Python.

Security updates have been issued by Fedora (dovecot, dpdk, knot-resolver, and unbound), Mageia (ant, libexif, and php), SUSE (libmspack), and Ubuntu (php5, php7.0, php7.2, php7.3, php7.4 and unbound).

Otto Moerbeek (otto@) posted to misc@ a useful summary of the state of play of FFS2 in the 6.7 release (and, to some extent, -current).

In his mail, Otto clarifies some things about the latest release:

• In OpenBSD 6.7, ffs2 is the default for new filesystems during install (with some exceptions).
• In OpenBSD 6.7, if you create a new filesystem manually (using newfs(8)) you will still get an FFS1 filesystem unless you force -O2 or if the filesystem will be larger than 1 TB.

Read more…

The LWN.net Weekly Edition for May 28, 2020 is available.

The Python Language Summit is an annual gathering for the developers of various Python implementations, though, this year, the gathering actually happened via videoconference—as with so many other conferences due to the pandemic. The invite-only gathering typically has numerous interesting sessions, as can be seen in the LWN coverage of the summit from 2015 to 2018, as well as in the 2019 summit coverage on the Python Software Foundation (PSF) blog. Those writeups were penned by A. Jesse Jiryu Davis, who reprised his role for this year's summit. In this article, I will summarize some of the sessions that caught my eye.

Kees Cook takes a look some changes improving security in Linux 5.5. Topics include restrict perf_event_open() from LSM, generic fast full refcount_t, linker script cleanup for exception tables, KASLR for 32-bit PowerPC, seccomp for RISC-V, and more.

We are living through interesting times that present challenges in a number of areas, including running a business. While we think of LWN primarily as a community resource, it is also a business that is not unaffected by the ongoing pandemic. It is, we figure, a good time for a status update, especially since we have some news to share.

Stable kernels 5.6.15, 5.4.43, 4.19.125, 4.14.182, 4.9.225, and 4.4.225 have been released. They all contain important fixes and users should upgrade.

The OpenSSH 8.3 release is out. This primarily a bug-fix release with a handful of minor new features. It does, however, carry a prominent notice that ssh-rsa signature algorithm will be disabled in "a near-future release". The announcement includes information on how to determine whether hosts you care about are affected.

Security updates have been issued by Debian (drupal7 and unbound), Fedora (libEMF and transmission), Mageia (dojo, log4net, nginx, nodejs-set-value, sleuthkit, and transmission), Red Hat (rh-maven35-jackson-databind), SUSE (dpdk and mariadb-connector-c), and Ubuntu (thunderbird).

Here's a detailed blog entry from Dan Carpenter on adding improved lock checking to the smatch static-analysis tool. "When Smatch gained the ability to do cross function analysis in 2010, I knew that I had to re-write the locking check to take advantage of the new cross function analysis feature. When you combine cross function analysis with top of the line flow analysis available and in depth knowledge of kernel locks then the result is the Ultimate Locking Check! Unfortunately, I have a tendency towards procrastination and it took me a decade to get around to it, but it is done now. This blog will step through how the locking analysis works."

The Go programming language comes with tools for writing and running tests: the standard library's testing package, and the go test command to run test suites. Like the language itself, Go's philosophy for writing tests is minimalist: use the lightweight testing package along with helper functions written in plain Go. The idea is that tests are just code, and since a Go developer already knows how to write Go using its abstractions and types, there's no need to learn a quirky domain-specific language for writing tests.

Security updates have been issued by Debian (sqlite3), Fedora (libarchive and netdata), openSUSE (dom4j, dovecot23, gcc9, and memcached), Red Hat (devtoolset-9-gcc, httpd24-httpd and httpd24-mod_md, ipmitool, kernel, kpatch-patch, openvswitch, openvswitch2.11, openvswitch2.13, rh-haproxy18-haproxy, and ruby), and SUSE (freetds, jasper, libxslt, and sysstat).

Version 017 of the decidedly non-traditional GoboLinux distribution has been released. "This release introduces a simplified model for recipe management and contribution that's fully integrated with the Compile build tool. The recipe tree is now a plain Git repository managed via GitHub cloned into your /Data/Compile/Recipes directory and used by the GoboLinux Compile tool directly."