The Wayback Machine - https://web.archive.org/web/20210201220931/https://lwn.net/
| |
Subscribe / Log in / New account

Welcome to LWN.net

LWN.net is a reader-supported news site dedicated to producing the best coverage from within the Linux and free software development communities. See the LWN FAQ for more information, and please consider subscribing to gain full access and support our activities.

[$] Finding real-world kernel subsystems

[Kernel] Posted Feb 1, 2021 17:13 UTC (Mon) by corbet

The kernel development community talks often about subsystems and subsystem maintainers, but it is less than entirely clear about what a "subsystem" is in the first place. People wanting to understand how kernel development works could benefit from a clearer idea of what actually comprises a subsystem within the kernel. In an attempt to better understand how kernel development works, Pia Eichinger and her colleagues spent a lot of time looking for the actual boundaries; Eichinger presented that work at the 2021 linux.conf.au online gathering.

Full Story (comments: none)

[$] Tackling the monopoly problem

[Front] Posted Jan 29, 2021 16:52 UTC (Fri) by corbet

There was a time when people who were exploring computational technology saw it as the path toward decentralization and freedom worldwide. What we have ended up with, instead, is a world that is increasingly centralized, subject to surveillance, and unfree. How did that come to be? In a keynote at the online 2021 linux.conf.au event, Cory Doctorow gave his view of this problem and named its source: monopoly.

Full Story (comments: 13)

[$] Wayland support (and more) for Emacs

[Development] Posted Jan 28, 2021 16:03 UTC (Thu) by corbet

Jeffrey Walsh started off his 2021 linux.conf.au presentation with a statement that, while 2020 was not the greatest year ever, there were still some good things that happened; one of those was the Emacs 27.1 release. This major update brought a number of welcome new features, but also led to yet another discussion on the future of Emacs. With that starting point, Walsh launched into a fast-moving look at the history of Emacs, why users still care about it, what changes are coming, and (especially) what was involved in moving Emacs away from the X window system and making it work with the Wayland compositor.

Full Story (comments: 14)

[$] LWN.net Weekly Edition for January 28, 2021

Posted Jan 28, 2021 1:50 UTC (Thu)

The LWN.net Weekly Edition for January 28, 2021 is available.

Inside this week's LWN.net Weekly Edition

  • Front: Browser wars; Elastic's "openness"; Cached file-name lookups; ZONE_MOVABLE; Python in Fedora.
  • Briefs: Linux on M1; Firefox 85; 2021 in libre graphics; pip 21.0; Quotes; ...
  • Announcements: Newsletters; conferences; security updates; kernel patches; ...
Read more

[$] A year of Python in Fedora

[Development] Posted Jan 27, 2021 21:38 UTC (Wed) by jake

Distribution developers do a lot of work to keep a language ecosystem working well within the distribution. It is relatively thankless work that normally only becomes visible when there is a problem or complaint. But Miro Hrončok recently put together a look back at what the Fedora Python team did during 2020. While it is, obviously, Fedora-specific, it provides something of a look inside at the kinds of things that distribution teams work on.

Full Story (comments: 10)

[$] Elastic promises "open"—delivers proprietary

[Front] Posted Jan 27, 2021 17:11 UTC (Wed) by jake

Open-source software is famously able to be used by anyone for any purpose; those are some of the keystones of the open source definition. But some companies that run open-source projects are increasingly unhappy that others are reaping some of the profits from those projects. That has led to various efforts of "license reform" meant to try to capture those profits. So far, those efforts have just led to non-open-source licenses, thus projects that are no longer open source. We are seeing that play out yet again with Elastic's mid-January announcement that it was changing the license on some of its projects.

Full Story (comments: 86)

[$] The endless browser wars

[Development] Posted Jan 25, 2021 17:45 UTC (Mon) by corbet

The term "browser wars" typically refers to Microsoft's attempts to dominate the World Wide Web with its Internet Explorer browser in the 1990s. That effort was thwarted by antitrust efforts and the rise of the free browser now known as Firefox; ever since, the web has been defined by free software. Or so some may have thought. In the 2020s, the browser wars continue with the growing dominance of Chrome and, it would seem, the imminent removal of Chromium from many Linux distributions.

Full Story (comments: 57)

[$] Preserving the mobility of ZONE_MOVABLE

[Kernel] Posted Jan 22, 2021 18:08 UTC (Fri) by corbet

Memory fragmentation has long been a problem for Linux systems, to the point that, for years, finding even two physically contiguous pages was an uncertain affair. That said, the situation has improved considerably in the last decade or so thanks to a number of changes implemented by the memory-management developers. One of those changes is the creation of "movable" memory zones where pages can be relocated if need be. All that work is for nothing, though, if somebody comes along and pins down a page in one of these movable zones. This patch set from Pavel Tatashin seeks to prevent that from happening, but may risk creating problems elsewhere.

Full Story (comments: 5)

[$] Avoiding blocking file-name lookups

[Kernel] Posted Jan 21, 2021 15:56 UTC (Thu) by corbet

As a general rule, when one attempts to open a file with a system call like openat2(), the expectation is that the call will not return until the job is done. But there are times where the desire to open the file is conditional on being able to open it immediately, without blocking. Linux has never supported that mode well, but that may be about to change with this patch set from Jens Axboe.

Full Story (comments: 8)

LWN.net Weekly Edition for January 21, 2021

Posted Jan 21, 2021 0:58 UTC (Thu)

The LWN.net Weekly Edition for January 21, 2021 is available.

Inside this week's LWN.net Weekly Edition

  • Front: Debian on modern hardware; MAINTAINERS; Fast commits for ext4; Resource limits; SciPy.
  • Briefs: Debian Kubernetes packaging; No-cost RHEL; Elasticsearch license change; Wine 6; Quotes; ...
  • Announcements: Newsletters; conferences; security updates; kernel patches; ...
Read more

Security updates for Monday

[Security] Posted Feb 1, 2021 15:39 UTC (Mon) by ris

Security updates have been issued by Arch Linux (home-assistant, libgcrypt, libvirt, and mutt), Debian (ffmpeg, kernel, libonig, libsdl2, mariadb-10.1, and thunderbird), Fedora (chromium, firefox, jasper, libebml, mingw-python3, netpbm, opensmtpd, thunderbird, and xen), Gentoo (firefox and thunderbird), Mageia (db53, dnsmasq, kernel, kernel-linus, and php-pear), openSUSE (go1.14, go1.15, messagelib, nodejs8, segv_handler, and thunderbird), Oracle (firefox, kernel, and thunderbird), Red Hat (flatpak), SUSE (firefox and rubygem-nokogiri), and Ubuntu (mysql-5.7, mysql-8.0 and python-django).

Full Story (comments: none)

Kernel prepatch 5.11-rc6

[Kernel] Posted Feb 1, 2021 0:43 UTC (Mon) by corbet

The 5.11-rc6 kernel prepatch is out for testing. "Things look a little calmer than last week, and over-all very average for rc6. So - like always this late in the release schedule - I'd certainly have liked things to be even calmer, but nothing here really stands out."

Comments (1 posted)

Yet another set of stable kernel updates

[Kernel] Posted Jan 31, 2021 0:10 UTC (Sun) by corbet

The stable-kernel machine has produced another set of updates: 5.10.12, 5.4.94, 4.19.172, 4.14.218, 4.9.254, and 4.4.254. Each contains a relatively small set of important fixes.

Comments (none posted)

Critical security problem in Libgcrypt 1.9.0

[Security] Posted Jan 29, 2021 16:40 UTC (Fri) by jake

The GNU Privacy Guard (GnuPG or GPG) project has announced a critical security bug in Libgcrypt version 1.9.0 released January 19. "Libgcrypt is a general purpose library of cryptographic building blocks. It is originally based on code used by GnuPG. It does not provide any implementation of OpenPGP or other protocols. Thorough understanding of applied cryptography is required to use Libgcrypt." Version 1.9.1 has been released to address the problem and all users of 1.9.0 should update immediately. It is a heap buffer overflow, but no version of GnuPG uses the 1.9 series yet. "Exploiting this bug is simple and thus immediate action for 1.9.0 users is required. A CVE-id has not yet been assigned. We track this bug at https://dev.gnupg.org/T5275. The 1.9.0 tarballs on our FTP server have been renamed so that scripts won't be able to get this version anymore."

Full Story (comments: 21)

Malcolm: Static analysis updates in GCC 11

[Development] Posted Jan 29, 2021 15:51 UTC (Fri) by corbet

David Malcolm describes the progress in the GCC static analyzer for the upcoming GCC 11 release. "In GCC 10, I added the new -fanalyzer option, a static analysis pass for identifying various problems at compile-time, rather than at runtime. The initial implementation was aimed at early adopters, who found a few bugs, including a security vulnerability: CVE-2020-1967. Bernd Edlinger, who discovered the issue, had to wade through many false positives accompanying the real issue. Other users also managed to get the analyzer to crash on their code. I’ve been rewriting the analyzer to address these issues in the next major release, GCC 11. In this article, I describe the steps I’m taking to reduce the number of false positives and make this static analysis tool more robust."

Comments (1 posted)

Security updates for Friday

[Security] Posted Jan 29, 2021 14:42 UTC (Fri) by jake

Security updates have been issued by Arch Linux (dnsmasq, erlang, flatpak, go, gobby, gptfdisk, jenkins, kernel, linux-hardened, linux-lts, linux-zen, lldpd, openvswitch, podofo, virtualbox, and vlc), Fedora (erlang, firefox, nss, and seamonkey), Gentoo (imagemagick, nsd, and vlc), openSUSE (chromium and python-autobahn), Oracle (firefox and thunderbird), Red Hat (thunderbird), Scientific Linux (thunderbird), SUSE (firefox, jackson-databind, and thunderbird), and Ubuntu (libxstream-java).

Full Story (comments: none)

Security updates for Thursday

[Security] Posted Jan 28, 2021 14:44 UTC (Thu) by jake

Security updates have been issued by Debian (ansible, firefox-esr, and slurm-llnl), Fedora (firefox, nss, php-pear, seamonkey, and thunderbird), Gentoo (phpmyadmin and telegram-desktop), openSUSE (chromium and python-autobahn), Oracle (firefox and sudo), Red Hat (firefox), Scientific Linux (firefox), and Ubuntu (ceph, kernel, linux, linux-lts-xenial, linux-aws, linux-aws-5.4, linux-azure, linux-gcp, linux-kvm, linux-oracle, linux-raspi, linux-aws, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, and tcmu).

Full Story (comments: none)

An unpleasant sudo vulnerability

[Security] Posted Jan 28, 2021 0:15 UTC (Thu) by corbet

It would appear that "sudo" has a buffer-overflow vulnerability that allows any local user to gain root privileges, whether or not they are in the sudoers file. It has been there since 2011. See this advisory for details, but perhaps run an update first.

Comments (55 posted)

Three stable kernels

[Kernel] Posted Jan 27, 2021 16:01 UTC (Wed) by ris

Stable kernels 5.10.11, 5.4.93, and 4.19.171 have been released. They contain important fixes and users should upgrade.

Comments (none posted)

Security updates for Wednesday

[Security] Posted Jan 27, 2021 15:55 UTC (Wed) by ris

Security updates have been issued by Arch Linux (sudo), CentOS (sudo), Debian (sudo), Fedora (kernel, php-pear, and sudo), Gentoo (cacti, mutt, and sudo), Mageia (sudo), openSUSE (sudo), Oracle (sudo), Red Hat (sudo), Scientific Linux (sudo), Slackware (sudo), SUSE (go1.14, go1.15, nodejs8, and sudo), and Ubuntu (libsndfile and sudo).

Full Story (comments: none)

--> More news items


Copyright © 2021, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds