Welcome to LWN.net
LWN.net is a reader-supported news site dedicated to producing the best coverage from within the Linux and free software development communities. See the LWN FAQ for more information, and please consider subscribing to gain full access and support our activities.
[$] listmount() and statmount()
Years ago, the list of mounted filesystems on a Unix or Linux machine was relatively short and static. Adding a filesystem, which typically involved buying a new drive, happened rarely. In contrast, contemporary systems with a large number of containers can have a long and dynamic list of mounted filesystems. As was discussed at the 2023 LSFMM+BPF Summit, the Linux kernel's mechanism for providing information about mounted filesystems has not kept up with this change, leading to system-management headaches. Now, two new system calls proposed by Miklos Szeredi look set to provide some much-needed pain relief.
[$] The push to save Itanium
It is (relatively) easy to add code to the kernel; it tends to be much harder to remove that code later. The most recent example of this dynamic can be seen in the story of the ia64 ("Itanium") architecture, support for which was removed during the 6.7 merge window. That removal has left a small group of dedicated ia64 users unhappy and clinging to a faint hope that this support could return in a year's time.
[$] LWN.net Weekly Edition for November 9, 2023
Posted Nov 9, 2023 0:06 UTC (Thu)The LWN.net Weekly Edition for November 9, 2023 is available.
Inside this week's LWN.net Weekly Edition
- Front: Patches on linux-kernel; Guest-first memory; 6.7 Merge window; BPF network device; Python C API.
- Briefs: Openwall sponsorship; Fedora 39; OpenELA; Ubuntu Core Desktop; Gawk 5.3; Home Assistant 2023.11; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
[$] Reducing patch postings to linux-kernel
The linux-kernel mailing list famously gets an enormous amount of email on a daily basis; the volume is so high that various email providers try to rate-limit it, which can lead to huge backlogs on the sending side and, of course, delayed mail. Part of the reason there is so much traffic is that nearly every patch gets copied to the mailing list, even when it may be unnecessary to do so. A proposed change would start shunting some of that patch email aside and, as might be guessed, has both supporters and detractors, but the discussion does highlight some of the different ways the mailing list is used by kernel developers.
[$] Progress in wrangling the Python C API
There has been a lot of action for the Python C API in the last month or so—much of it organizational in nature. As predicted in our late September article on using the "limited" C API in the standard library, the core developer sprint in October was the scene of some discussions about the API and the plans for it. Out of those discussions have come two PEPs, one of which describes the API, its purposes, strengths, and weaknesses, while the other would establish a C API working group to coordinate and oversee the development and maintenance of it.
[$] The BPF-programmable network device
Containers and virtual machines on Linux communicate with the world via virtual network devices. This arrangement makes the full power of the Linux networking stack available, but it imposes the full overhead of that stack as well. Often, the routing of this networking traffic can be handled with relatively simple logic; the BPF-programmable network device, which was merged for the 6.7 kernel release, makes it possible to avoid expensive network processing, in at least some cases.
[$] The first half of the 6.7 merge window
As of this writing, 9,842 non-merge changesets have found their way into the mainline repository since the 6.7 merge window opened. Nearly a third of those consist of the entire bcachefs development history but, even discounting that, there has been a lot of material landing for the next release. Read on for a summary of the most interesting changes pulled so far in this development cycle.
[$] Guest-first memory for KVM
One of the core objectives of any confidential-computing implementation is to protect a guest system's memory from access by actors outside of the guest itself. The host computer and hypervisor are part of the group that is to be excluded from such access; indeed, they are often seen as threat in their own right. Hardware vendors have added features like memory encryption to make memory inaccessible to the host, but such features can be difficult to use and are not available on all CPUs, so there is ongoing interest in software-only solutions that can improve confidentiality. The guest-first memory patch set, posted by Sean Christopherson and containing work by several developers, looks poised to bring some software-based protection to an upcoming kernel release.
LWN.net Weekly Edition for November 2, 2023
Posted Nov 2, 2023 0:05 UTC (Thu)The LWN.net Weekly Edition for November 2, 2023 is available.
Inside this week's LWN.net Weekly Edition
- Front: Implicit keyword arguments in Python; String handling in the kernel; Deferred scheduling; 6.6 Development statistics; Rust in the kernel; Help wanted.
- Briefs: Removing OpenBSD syscall(); Linux 6.6; Why ACPI?; Kernel maintainership talk; C++ safety; Quote; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
Help wanted at LWN
LWN.net is looking to hire a full-time writer/editor to help us keep the news flowing and to expand our content in areas of interest to our readers. We are certain that the person we need is out there somewhere, and are counting on help from LWN readers to find them. Read on for details on who we are looking for and how we see them fitting in here.
A documentary on the development of eBPF
For folks with an interest in how extended BPF came to be and a half-hour to spare, the announcement has gone out of a new film called "eBPF: Unlocking the kernel", released at the KubeCon+CloudNativeCon event. The documentary is available on YouTube.
GNOME supported by the Sovereign Tech Fund
The GNOME Foundation has announced the receipt of a €1 million award from the German Sovereign Tech Fund. The funding will support work on accessibility, privacy, hardware support, and more.
Security updates for Friday
Security updates have been issued by Fedora (community-mysql, matrix-synapse, and xorg-x11-server-Xwayland), Mageia (squid and vim), Oracle (dnsmasq, python3, squid, squid:4, and xorg-x11-server), Red Hat (fence-agents, insights-client, kernel, kpatch-patch, mariadb:10.5, python3, squid, squid:4, tigervnc, and xorg-x11-server), Scientific Linux (bind, firefox, java-1.8.0-openjdk, java-11-openjdk, kernel, libssh2, python-reportlab, python3, squid, thunderbird, and xorg-x11-server), SUSE (go1.21), and Ubuntu (linux-gke and linux-iot).
Security updates for Thursday
Security updates have been issued by Debian (cacti and chromium), Fedora (CuraEngine, podman, and rubygem-rmagick), Mageia (gnome-shell, openssl, and zlib), SUSE (salt), and Ubuntu (xrdp).
The 2023 TAB election deadline is approaching
The reminder has gone out: the deadline for nominations for the Linux Foundation Technical Advisory Board is November 13. If you are interested in representing the kernel community on the TAB, now is the time to put together a self-nomination and get onto the ballot.
A pile of stable kernel updates
The 6.6.1, 6.5.11, 6.1.62, 5.4.260, 4.19.298, and 4.14.329 stable kernel updates have all been released, each contains another set of important fixes.
Note that 5.15.138 and 5.10.200 ended up going into a second round of review; they can be expected in the near future.
Update: 5.15.138 and 5.10.200 are now available as well.
Chamberlain v. Home Assistant
The developers of Home Assistant, which has recently been covered here, have announced that they will be removing support for Chamberlain and Liftmaster garage-door openers after being locked out by the company.
Because we cannot continue to work around Chamberlain Group if they keep blocking access to third parties, the MyQ integration will be removed from Home Assistant in the upcoming 2023.12 release on December 6, 2023. We are very disappointed that it has come to this and sincerely hope that Chamberlain Group is willing to reconsider its position.
Longtime readers may remember that Chamberlain tried to use the DMCA to block the use of third-party remotes nearly 20 years ago.
Canonical reveals more details about Ubuntu Core Desktop (Register)
The Register attended a talk about Ubuntu's upcoming Core Desktop immutable distribution.
We suspect that Core Desktop might yet be the tool that validates Canonical's Snap format and helps to overcome some of the resistance it faces. Snap's single-file distribution format is simple and enables transactional installation – including, critically, rollback – without a fancy filesystem underneath, or elaborate distribution methods such as libostree.
Security updates for Wednesday
Security updates have been issued by Debian (python-urllib3 and tang), Fedora (chromium, mlpack, open-vm-tools, and salt), Red Hat (avahi, binutils, buildah, c-ares, cloud-init, containernetworking-plugins, cups, curl, dnsmasq, edk2, flatpak, frr, gdb, ghostscript, glib2, gmp, grafana, haproxy, httpd, mod_http2, java-21-openjdk, kernel, krb5, libfastjson, liblouis, libmicrohttpd, libpq, libqb, librabbitmq, LibRaw, libreoffice, libreswan, libssh, libtiff, libvirt, libX11, linux-firmware, mod_auth_openidc, ncurses, nghttp2, opensc, pcs, perl-CPAN, perl-HTTP-Tiny, podman, procps-ng, protobuf-c, python-cryptography, python-pip, python-tornado, python-wheel, python3.11, python3.11-pip, python3.9, qemu-kvm, qt5 stack, runc, samba, samba, evolution-mapi, openchange, shadow-utils, skopeo, squid, sysstat, tang, tomcat, toolbox, tpm2-tss, webkit2gtk3, wireshark, xorg-x11-server, xorg-x11-server-Xwayland, and yajl), Slackware (sudo), SUSE (squid), and Ubuntu (python-urllib3).
Sponsorship for the Openwall lists
Alexander "Solar Designer" Peslyak, the longtime maintainer of the oss-security and linux-distros mailing lists, has announced that this work has gained a sponsor:
After 15+ years of being a 100% volunteer effort, Openwall's maintenance of oss-security and (linux-)distros is finally sponsored by the OpenSSF, a project of the Linux Foundation. This sponsorship does not provide the Linux Foundation with the ability to set policies for community resources managed by Openwall. I am grateful for the support, which will help ensure continued operation of these resources on a new level while retaining independence.
As part of this arrangement, Peslyak is now producing statistics on vulnerability handling; the first set for 2023 has been posted.