Hírolvasó

Over on the Red Hat Developer site, David Malcolm has an article about improvements in GCC 15, specifically focusing on the diagnostic information that the compiler emits. This includes ASCII art with a "⚠️" warning emoji to display the execution path when it detects a problem (like an infinite loop in one of his examples), better C++ template errors, machine-readable diagnostics using Static Analysis Results Interchange Format (SARIF), better messages regarding C23 compatibility since that is the default C version for GCC 15, and more. Since the changes are focused on messages, there is the inevitable color-scheme update as well: GCC will use color when emitting its text messages on stderr at a suitably modern terminal, using a few colors that seem to work well in a number of different terminal themes—but the exact rules for choosing which color to use for each aspect of the output have been rather arbitrary.

For GCC 15, I've gone through C and C++'s errors, looking for places where two different things in the source are being contrasted, such as type mismatches. These diagnostics now use color to visually highlight and distinguish the differences.

Compute Express Link (CXL) memory is not like the ordinary RAM that one might install into a computer; it can come and go at any time and is often not present when the kernel is booting. That complicates the management of this memory. During the memory-management track of the 2025 Linux Storage, Filesystem, Memory-Management, and BPF Summit, Gregory Price ran a session on the challenges posed by CXL and how they might be addressed.

Greg Kroah-Hartman has announced the release of eight stable kernels: 6.14.2, 6.13.11, 6.12.23, 6.6.87, 6.1.134, 5.15.180, 5.10.236, and 5.4.292. These all contain a large assortment of important kernel fixes throughout the tree.

The Data Access MONitor (DAMON) subsystem provides access to detailed memory-management statistics, along with a set of tools for implementing policies based on those statistics. An update on DAMON by its primary author, SeongJae Park, has been a fixture of the Linux Storage, Filesystem, Memory-Management, and BPF Summit for some years. The 2025 Summit was no exception; Park led two sessions on recent and future DAMON developments, and how DAMON might evolve to facilitate a more access-aware memory-management subsystem in the future.

Security updates have been issued by AlmaLinux (tomcat and webkit2gtk3), Debian (chromium), Fedora (ghostscript), Mageia (atop, docker-containerd, and xz), Red Hat (go-toolset:rhel8), SUSE (apache2-mod_auth_openidc, apparmor, etcd, expat, firefox, kernel, libmozjs-128-0, and libpoppler-cpp2), and Ubuntu (dino-im, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-fips, linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips, opensc, and poppler).

Az Európai Bizottság közzétette az unió AI-szektorban való versenyképességét irányzó akciótervét.

Az indiai gyárakban teljes kapacitással dolgoznak a gyártósorok, miközben a Fehér Ház továbbra is Amerikába költöztetné a gyártást.

A Brian Eno által szerzett rövidke indítóhang az amerikai nemzet hangtörténetének része lett.

Az Anthropic egyre közelebb és közelebb lép az OpenAI-hoz.

Az Apple nőtt a legnagyobb mértékben, a dobogós helyezettek sorrendje változatlan.

A konferencia immár kilencedik alkalommal érkezik a megszokott időben, május második felében.

The OpenSSH project has announced their latest release, OpenSSH 10.0.

The announcement and release notes read:

OpenSSH 10.0/10.0p1 (2025-04-09) OpenSSH 10.0 was released on 2025-04-09. It is available from the mirrors listed at https://www.openssh.com/. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: https://www.openssh.com/donations.html Potentially-incompatible changes -------------------------------- * This release removes support for the weak DSA signature algorithm, completing the deprecation process that began in 2015 (when DSA was disabled by default) and repeatedly warned over the last 12 months.

Read more…

Inside this week's LWN.net Weekly Edition:

• Front: Debian project leader election; 6.15 Merge window; Lots of LSFMM coverage; Joplin.
• Briefs: Firefox hardening; OpenSSH 10.0; Supply chain security; FreeDOS 1.4; OpenSSL 3.5.0; Rust 1.86.0; Quotes; ...
• Announcements: Newsletters, conferences, security updates, patches, and more.

Tom Schuster, Frederik Braun, and Christoph Kerschbaumer have published an article on the Firefox Security team's Attack & Defense blog that explains recent work to harden Firefox's frontend code.

We have rewritten over 600 JavaScript event handlers to mitigate XSS and other injection attacks in the main Firefox user interface. This mitigation will ship in Firefox 138. However, blocking the execution of scripts in the parent process is not the end - we will expand this technique to other contexts in the near future. There is still more work to do as the UI requires JavaScript APIs with a high level of privileges. However: We still eliminated a whole class of attacks, significantly raising the bar for attackers to exploit Firefox.

In a combined storage and filesystem track session at the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit, John Garry continued the theme of "untorn" (or atomic) writes that started in the previous session. It was also an update on where things have gone for untorn writes since his session at last year's summit. Beyond that, he looked at some of the plans and challenges for the feature in the future.

Four candidates have stepped up to run in the 2025 Debian Project Leader (DPL) election. Andreas Tille, who is in his first term as DPL, is running again. Sruthi Chandran, Gianfranco Costamagna, and Julian Andres Klode are the other candidates running for a chance to serve a term as DPL. The campaigning phase ended on April 5, and Debian members began voting on April 6. Voting ends on April 19. This year, the campaign period has been lively and sometimes contentious, touching on problems with Debian team delegations and finances.

The 6.15 merge window saw the inclusion of a new type of lock for BPF programs: a resilient queued spinlock that Kumar Kartikeya Dwivedi has been working on for some time. Eventually, he hopes to convert all of the spinlocks currently used in the BPF subsystem to his new lock. He gave a remote presentation about the design of the lock at the 2025 Linux Storage, Filesystem, Memory-Management, and BPF summit.

Tiered-memory systems feature multiple types of memory with varying performance characteristics; on such systems, good performance depends on keeping the most frequently used data in the fastest memory. Identifying that data and placing it properly is a challenge that has kept developers busy for years. Bharata Rao, presenting remotely during a memory-management-track session at the 2025 Linux Storage, Filesystem, Memory-Management, and BPF Summit, led a discussion on a potential solution he has recently posted; Raghavendra K T was also named on the session proposal. It seems likely, based on the discussion, that developers working in this area will not run out of problems anytime soon.

The kernel samepage merging (KSM) subsystem works by finding pages in memory with the same contents, then replacing the duplicated copies with a single, shared copy. KSM can improve memory utilization in a system, but has some problems as well. In two memory-management-track sessions at the 2025 Linux Storage, Filesystem, Memory-Management, and BPF Summit, Mathieu Desnoyers and Sourav Panda proposed improvements to KSM to make it work better for specific use cases.