[$] GitLab CI for the kernel
Working on the Linux kernel has always been unlike working on
many other software projects.
One particularly noticeable difference is the decentralized nature of the
kernel’s testing infrastructure. Projects such as
syzkaller, KernelCI,
or the kernel self tests
test the kernel in different ways. On February 28, Helen
Koike
[posted](https://lwn.net/ml/linux-kernel/20240228225527.1052240-1-helen.koi … ⌘ Read more
Eight new kernel updates
The
6.9.1,
6.8.10,
6.6.31,
6.1.91,
5.15.159,
5.10.217,
5.4.276, and
4.19.314 stable kernels have been released.
These versions include several important fixes; as usual, Greg Kroah-Hartman advises
users to update right away. ⌘ Read more
[$] An update and future plans for DAMON
The DAMON
subsystem was the subject of the first session in the memory-management
track at the Linux\
Storage, Filesystem, Memory Management, and BPF Summit. DAMON
maintainer SeongJae Park introduced the data-access monitoring
framework, which can generate snapshots of how memory is accessed, enabling
the detection of hot and cold regions of memory in both the virtual and
physical address spaces. The … ⌘ Read more
Security updates for Friday
Security updates have been issued by Fedora (chromium, firefox, and podman), Mageia (chromium-browser-stable, ghostscript, and java-1.8.0, java-11, java-17, java-latest), Red Hat (bind, Firefox, firefox, gnutls, httpd:2.4, and thunderbird), SUSE (glibc, opera, and python-Pillow), and Ubuntu (dotnet7, dotnet8, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4,
linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4,
linux-ibm, linux-ibm-5.4, linux-iot, linux-kv … ⌘ Read more
White paper: Vendor Kernels, Bugs and Stability
Ronnie Sahlberg, Jonathan Maple, and Jeremy Allison of CiQ have published
a white\
paper looking at the security-relevant bug fixes applied (or not
applied) to the RHEL 8.x kernel over time.
This means that over time, the security of the RHEL kernels get
worse and worse as more issues are discovered in the upstream code
and are potentially exploitable but fewer and fewer of the fixes
for these known bugs are back- … ⌘ Read more
[$] The first half of the 6.10 merge window
The merge window for the 6.10 kernel release opened on May 12; between
then and the time of this writing, 6,819 non-merge commits were pulled into
the mainline kernel for that release. Your editor has taken some time out
from LSFMM+BPF in an attempt to keep
up with the commit flood. Read on for an overview of the most significant
changes that were pulled in the early part of the 6.10 merge window. ⌘ Read more
Neovim 0.10 released
Version\
0.10 of the Vim-based text editor Neovim is now available. This release
includes a new default color scheme, enhanced support for rendering
multibyte characters, support for hyperlinks, system clipboard
synchronization, and more. Many features have been deprecated
in 0.10 and will be removed in future release. Neovim core contributor
Gregory And … ⌘ Read more
Security updates for Thursday
Security updates have been issued by AlmaLinux (.NET 7.0, .NET 8.0, and nodejs:20), Debian (chromium, firefox-esr, ghostscript, and libreoffice), Fedora (djvulibre, mingw-glib2, mingw-python-jinja2, and mingw-python-werkzeug), Oracle (.NET 7.0, .NET 8.0, kernel, and nodejs:18), Red Hat (nodejs:20), Slackware (gdk and git), SUSE (python), and Ubuntu (linux-hwe-5.15, linux-raspi). ⌘ Read more
[$] LWN.net Weekly Edition for May 16, 2024
The LWN.net Weekly Edition for May 16, 2024 is available. ⌘ Read more
Mozilla Foundation Welcomes Nabiha Syed as Executive Director
The Mozilla Foundation has announced
that its new executive director will be Nabiha Syed.
Syed is known for her mission-driven leadership, focused on
increasing transparency into the most powerful institutions in
society. She comes to Mozilla after leading The Markup, an
award-winning publication that challenges technology to serve the
public good, from its l … ⌘ Read more
Linux maintainers were infected for 2 years by SSH-dwelling backdoor
(ars technica)
Ars technica looks\
at a a\
recent report on the Ebury root kit, with a focus on the 2011 compromise of kernel.org, which may have
been more extensive than believed at the time.
In 2014, ESET re … ⌘ Read more
Firefox 126.0 released
Version\
126.0 of the Firefox browser is out. Changes include improvements to
the “copy link without site tracking” feature, support for zstd
compression, and a new tracking “feature”: “Telemetry was added to create
an aggregate count of searches by category to broadly inform search feature
development.” ⌘ Read more
[$] The state of the page in 2024
The advent of the folio structure to
describe groups of pages has been one of the most fundamental
transformations within the kernel in recent years. Since the folio
transition affects many subsystems, it is fitting that the subject was
covered at the beginning of the 2024 Linux Storage,\
Filesystem, Memory Management, and BPF Summit in a joint session of the
storage, filesystem, and memory-management tracks. Matthew W … ⌘ Read more
Security updates for Wednesday
Security updates have been issued by Mageia (sssd and tcpdump), Red Hat (.NET 7.0, .NET 8.0, expat, kernel, and kernel-rt), Slackware (mozilla), SUSE (kernel, postgresql15, postgresql16, python-arcomplete, python-Fabric, python-PyGithub, python- antlr4-python3-runtime, python-avro, python-chardet, python-distro, python- docker, python-fakeredis, python-fixedint, pyth, and python3), and Ubuntu (linux-bluefield). ⌘ Read more
Manjaro 24.0 released
Version 24.0
of the Arch-based Manjaro distribution is now available with
the 6.9 kernel, GNOME 46, Xfce 4.18, and an update to the
Pamac package
installer. This is also the project’s first release with KDE Plasma 6:
The Plasma edition comes with the latest Plasma 6.0 series and KDE
Gear 24.02. It brings exciting new improvements to your desktop.With Plasma 6, KDE’s tec … ⌘ Read more
[$] Portable LLMs with llamafile
Large language models (LLMs) have been the subject of much discussion and
scrutiny recently. Of particular interest to open-source enthusiasts are the
problems with running LLMs on one’s own hardware — especially when doing so
requires NVIDIA’s proprietary CUDA toolkit, which remains unavailable in many
environments.
Mozilla has developed
llamafile as a
potential solution to these problems. Llamafile can compile LLM weights
into portable, native executables … ⌘ Read more
Security updates for Tuesday
Security updates have been issued by Debian (glib2.0 and shim), Fedora (glib2, gnome-shell, tcpdump, tpm2-tools, tpm2-tss, and uriparser), Mageia (mutt), Oracle (git-lfs, glibc, kernel, kernel-container, nodejs:18, nodejs:20, and pcp), SUSE (apache2, opensc, openssl-1_1, openssl-3, perl, python-Pillow, python-pyOpenSSL, python-Werkzeug, SUSE Manager Client Tools Beta, tpm2-0-tss, and tpm2.0-tools), and Ubuntu (sqlparse and strongswan). ⌘ Read more
[$] Some 6.9 development statistics
The 6.9 kernel was released
on May 12 after a typical nine-week development cycle. Once again,
this is a major release containing a lot of changes and new features. Our
merge-window summaries ( part 1, part 2) covered those changes; now that
the development cycle is complete, the time has come to look at where all
that work cam … ⌘ Read more
[$] Managing expectations with a contributions and credit policy
Maintainers of open-source projects sometimes have disagreements with
contributors over how contributions are reviewed, modified, merged, and
credited. A written policy describing how contributions are handled can
help maintainers set reasonable expectations for potential contributors.
In turn, that can make the maintainer’s job easier because it can help
reduce a source of friction in the project. A guide to help create this
kind of policy for a project has recently bee … ⌘ Read more
Security updates for Monday
Security updates have been issued by AlmaLinux (nodejs:18 and shim), Debian (atril and chromium), Fedora (chromium, glib2, gnome-shell, mediawiki, php-wikimedia-cdb, php-wikimedia-utfnormal, stb, and tcpdump), Gentoo (Kubelet, PoDoFo, Rebar3, and thunderbird), Mageia (glibc and libnbd), Oracle (kernel), Red Hat (bind and dhcp and varnish), and SUSE (chromium, cpio, freerdp, giflib, gnutls, opera, python-Pillow, python-Werkzeug, tinyproxy, and tpm2-0-tss). ⌘ Read more
The 6.9 kernel is out
Linus has released the 6.9 kernel.
“So 6.9 is now out, and last week has looked quite stable (and the
whole release has felt pretty normal).”
Significant changes in this release include
the ability to create pidfds for individual
threads,
the BPF arena subsystem,
the BPF token security mechanism,
truncate() support in io_uring,
support … ⌘ Read more
[$] Debian dismisses AI-contributions policy
In April, the Gentoo Linux project banned the use of
generative AI/ML tools due to copyright, ethical, and quality
concerns. This means contributors cannot use tools like ChatGPT or GitHub Copilot to
creating content for the distribution such as code, documentation,
bug reports, forum posts. A proposal for Debian to adopt a similar
policy revealed a distinct lack of love for those kinds of tools,
though it would also seem few contributors support
banning … ⌘ Read more
Security updates for Friday
Security updates have been issued by AlmaLinux (container-tools:4.0, container-tools:rhel8, git-lfs, glibc, libxml2, nodejs:18, and nodejs:20), Debian (dav1d and libpgjava), Fedora (kernel and pypy), Red Hat (glibc and nodejs:16), SUSE (ffmpeg, ffmpeg-4, ghostscript, go1.21, go1.22, less, python-python-jose, python-Werkzeug, and sssd), and Ubuntu (fossil, glib2.0, and libspreadsheet-parsexlsx-perl). ⌘ Read more
[$] Another push for sched_ext
The extensible scheduler class (or “sched_ext”) is a comprehensive
framework that enables the implementation of CPU schedulers as a set of BPF
programs that can be loaded at run time. Despite having attracted a fair
amount of interest from the development community, sched_ext has run into
considerable opposition and seems far from acceptance into the mainline.
The posting by Tejun Heo of a new\
version of the sched_ext series at … ⌘ Read more
Security updates for Thursday
Security updates have been issued by AlmaLinux (ansible-core, avahi, bind, buildah, containernetworking-plugins, edk2, fence-agents, file, freeglut, freerdp, frr, git-lfs, gnutls, golang, grafana, grafana-pcp, gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, harfbuzz, httpd, ipa, libjpeg-turbo, libnbd, LibRaw, libreswan, libsndfile, libssh, libtiff, libvirt, libX11, libXpm, mingw components, mingw-glib2, mingw-pixman, mod_http2, mod_jk and mod_proxy_cluster, motif, mu … ⌘ Read more