Welcome to LWN.net [LWN.net]
source link: https://lwn.net/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Welcome to LWN.net
LWN.net is a reader-supported news site dedicated to producing the best coverage from within the Linux and free software development communities. See the LWN FAQ for more information, and please consider subscribing to gain full access and support our activities.
The LWN.net Weekly Edition for December 10, 2020 is available.
Inside this week's LWN.net Weekly Edition
- Front: General-purpose computing; Fedora's editions; Stable-kernel regressions; 32-bit Linux; DMEMFS.
- Briefs: GitHub's security report; CentOS Stream; Bash 5.1; Qt 6; LF and Mozilla annual reports; Quotes; ...
- Announcements: Newsletters; conferences; security updates; kernel patches; ...
Security updates have been issued by Debian (golang-golang-x-net-dev, python-certbot, and xorg-server), Fedora (resteasy, scap-security-guide, and vips), openSUSE (chromium, python, and rpmlint), SUSE (kernel), and Ubuntu (aptdaemon, curl, gdk-pixbuf, lxml, and openssl, openssl1.0).
There can be no doubt that general-purpose computing has been a boon to the world. The ability to run different kinds of programs, from various sources, including bought from companies, written from scratch, and, well, built from source, is something that we take for granted on many—most—of the computing devices that we own. But that model seems to be increasingly disappearing in many kinds of devices, including personal computers, as a recent kerfluffle in the Apple world helps to demonstrate.
GNU Autoconf 2.70 is out. "Noteworthy changes include support for the 2011 revisions of the C and C++ standards, support for reproducible builds, improved support for cross-compilation, improved compatibility with current compilers and shell utilities, more efficient generated shell code, and many bug fixes." See this article for more information on what has been happening with Autoconf.
Fedora has long had Workstation and Server editions and, back in August, added an edition for Internet of Things (IoT) devices. Those editions target different use cases for the distribution, as does the CoreOS "spin" (or "emerging edition"), which targets cloud and Kubernetes deployments. A proposal to elevate Fedora CoreOS to a full edition as part of Fedora 34 was recently discussed on the Fedora devel mailing list. As part of that, what it means for a distribution to be part of Fedora was discussed as well.
One of the kernel's primary jobs is to manage the memory installed in the system. Over the years, though, there have been various reasons for removing a portion of the system's memory from the kernel's view. One of the latest can be seen in a mechanism called DMEMFS, which is being proposed as a way to get around some inefficiency in how the kernel keeps track of RAM.
Security updates have been issued by Debian (minidlna, openssl, and trafficserver), Mageia (oniguruma, php-pear, python, python3, and x11vnc), openSUSE (minidlna), Oracle (kernel and net-snmp), Red Hat (kernel, mariadb-galera, microcode_ctl, and net-snmp), Slackware (seamonkey), SUSE (thunderbird and xen), and Ubuntu (xorg-server).
The news for processors and system-on-chip (SoC) products these days is all about 64-bit cores powering the latest computers and smartphones, so it's easy to be misled into thinking that all 32-bit technology is obsolete. That quickly leads to the idea of removing support for 32-bit hardware, which would clearly make life easier for kernel developers in a number of ways.
At the same time, a majority of embedded systems shipped today do use 32-bit processors, so a valid question is if this will ever change, or if 32-bit will continue to be the best choice for devices that do not require significant resources.
Red Hat has announced an end to the CentOS distribution as we know it. CentOS will be replaced by "CentOS Stream", which looks like a sort of beta test for changes going into Red Hat Enterprise Linux. Support for CentOS 7 will continue as scheduled, but support for CentOS 8 will go away at the end of 2021. "When CentOS Linux 8 (the rebuild of RHEL8) ends, your best option will be to migrate to CentOS Stream 8, which is a small delta from CentOS Linux 8, and has regular updates like traditional CentOS Linux releases. If you are using CentOS Linux 8 in a production environment, and are concerned that CentOS Stream will not meet your needs, we encourage you to contact Red Hat about options."
More information can be found in this FAQ. "CentOS Stream will be getting fixes and features ahead of RHEL. Generally speaking, we expect CentOS Stream to have fewer bugs and more runtime features than RHEL until those packages make it into the RHEL release."
Update: see also this blog post from Chris Wright.
Ever since the stable-update process was created, there have been questions about which patches are suitable for inclusion in those updates; usually, these discussions are driven by people who think that the criteria should be more restrictive. A regression in the XFS filesystem that found its way into the 5.9.9 stable update briefly rekindled this discussion. In one sense, there was little new ground covered in this iteration, but there was an interesting point raised about the relationship between stable updates and the mainline kernel -rc releases.
Version 6.0 of the Qt interface framework is available. "Qt 6.0 is a starting point for the next generation of Qt. It is not yet as feature-complete as 5.15, but we will fill the gaps within the months to come. We've done a lot of important work in laying out the foundations of the next version of Qt. Many of those changes might not be immediately visible, but I firmly believe they will help keep Qt competitive in the years to come." Changes include moving to C++17, the completion of the Unicode transition, a move away from OpenGL to a new internal rendering interface, additional 3D capabilities, and more.
The LWN.net Weekly Edition for December 3, 2020 is available.
Inside this week's LWN.net Weekly Edition
- Front: Python pattern matching; Mutt; ID-mapped filesystems; epoll_pwait2(), close_range(), and encoded I/O; Asymmetric Arm systems; Protecting virtual machines.
- Briefs: Let's Encrypt certs; Hardware security; Heap quarantine; Guix 1.2; Perl governance; PHP 8; Rust 1.48; Quotes; ...
- Announcements: Newsletters; conferences; security updates; kernel patches; ...
Mozilla has released its annual report: "Every year in the spirit of openness upon which Mozilla was founded, we share publicly the ways we have protected, fought for and helped advance the internet in service of the people who rely on it every day. We outline how our organization is meeting the challenges of online life through an annual report: the State of Mozilla.
This year we’ve changed the format of our report to focus on how we are using our organization’s strength and resources on two fronts: Fighting for People and Building for the Future. This report highlights the impact of our work in 2020 and is accompanied by our most recently filed financials which cover 2019.
As the State of Mozilla outlines, Mozilla works to make the promise of a better internet a reality. We can’t and we don’t do it alone. There are myriad ways anyone can join this effort through actions big and small, starting with getting better educated on what’s at stake; pushing companies to operate more transparently and in the interest of communities and people, not just profits; testing new products; and choosing technology made by companies who share your vision for a healthier internet."
A way to specify multiply branched conditionals in the Python language—akin to the C switch statement—has been a longtime feature request. Over the years, various proposals have been mooted, but none has ever crossed the finish line and made it into the language. A highly ambitious proposal that would solve the multi-branch-conditional problem (and quite a bit more) has been discussed—dissected, perhaps—in the Python community over the last six months or so. We have covered some of the discussion in August and September, but the ground has shifted once again so it is time to see where things stand.
Bash 5.1 is out. "This release fixes several outstanding bugs in bash-5.0 and introduces several new features. The most significant change is a return to the bash-4.4 behavior of not performing pathname expansion on a word that contains backslashes but does not contain any unquoted globbing special characters. This comes after a long POSIX discussion that resulted in a change to the standard. There are several changes regarding trap handling while reading from the terminal (e.g, for `read' and `select'.) There are a number of bug fixes, including several bugs that caused the shell to crash."
The readline library used in bash 5.1 has also been updated to version 8.1. "There are more improvements in the programming interface and new user-visible variables and bindable commands. There are a several new public API functions, but there should be no incompatible changes to existing APIs."
As an ever-growing number of workloads are being moved to the cloud, CPU vendors have begun to roll out purpose-built hardware features to isolate virtual machines (VMs) from potentially hostile parties. These processor features, and their extensions, enable the notion of "secure VMs" (or "confidential VMs") — where a VM's "sensitive state" needs to be protected from untrusted entities. Drawing from his experience contributing to the secure VM implementation for the s390 architecture, Janosch Frank described the challenges involved in a talk at the 2020 (virtual) KVM Forum. Though the implementations across CPU vendors may vary, there are many shared problems, which opens up possibilities for collaboration.
Security updates have been issued by Arch Linux (ceph, gitea, matrix-synapse, musl, mutt, neomutt, opensc, and webkit2gtk), Debian (debian-security-support, openldap, salt, xen, and xorg-server), Fedora (fossil, pdfresurrect, tcpdump, thunderbird, and xorg-x11-server), Gentoo (chromium, firefox, mariadb, pam, postgresql, seamonkey, thunderbird, and xorg-server), Mageia (mutt, pdfresurrect, privoxy, and thunderbird), openSUSE (chromium, java-1_8_0-openjdk, kernel, minidlna, neomutt, opera, pngcheck, python, python-cryptography, python-pip, python-setuptools, python3, rclone, thunderbird, xen, and xorg-x11-server), Red Hat (ksh and net-snmp), and SUSE (crowbar-openstack, grafana, influxdb, python-urllib3, fontforge, mariadb, mutt, postgresql12, python-cryptography, and xen).
The Arm processor architecture has pushed the boundaries in a number of ways, some of which have required significant kernel changes in response. For example, the big.LITTLE architecture placed fast (but power-hungry) and slower (but more power-efficient) CPUs in the same system-on-chip (SoC); significant scheduler changes were needed for Linux to be able to properly distribute tasks on such systems. For all their quirkiness, big.LITTLE systems still feature CPUs that are in some sense identical: they can all run any task in the system. What is the scheduler to do, though, if confronted with a system where that is no longer true?
Linus has released 5.10-rc7 for testing; he seems happy with how it is coming together. "So unless something odd and bad happens next week, we'll have a final 5.10 release next weekend, and then we'll get the bulk of the merge window for 5.11 over and done with before the holiday season starts."
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK