feed2list will stop its service on 2019-01-01
Search and browse in Linux · Opensource
   search hits: 87
website LWN.net
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
feed text Security updates for Tuesday
Security updates have been issued by Debian (libapache-mod-jk and sleuthkit), Fedora (kernel, kernel-headers, mbedtls, php, php-symfony, php-symfony3, php-symfony4, and wireshark), openSUSE (pdns, pdns-recursor, and salt), Oracle (firefox and ghostscript), Red Hat (ansible, firefox, ghostscript, and kernel), Scientific Linux (firefox and ghostscript), and SUSE (ovmf).
text Another stable kernel
Greg Kroah-Hartman has released stable kernel 4.4.168. As usual, there are important fixes and users should upgrade.
text Padovan: A dream come true
Gustavo Padovan notes an important milestone in Linux graphics development: "The dream finally came true in 2018 with the release of the Google Pixel 3, the first Android phone running with the mainline graphics stack. A feat that was deemed impossible 10 years ago is now a reality thanks to a lot of hard work from the entire community."
text A 3.18 kernel update
Stable kernel 3.18.130 has been released with important fixes; users should upgrade.
text Security updates for Monday
Security updates have been issued by Debian (php5, poppler, and samba), Fedora (firefox, mbedtls, nbdkit, pdns-recursor, php, php-symfony, php-symfony3, and php-symfony4), Gentoo (CouchDB, scala, and spamassassin), Mageia (firefox, libwpd, nss, and thunderbird), openSUSE (Chromium, cups, ghostscript, kernel, openvswitch, phpMyAdmin, qemu, and tcpdump), Red Hat (RHGS WA), and SUSE (ansible, openldap2, openvswitch, qemu, and tcpdump).
text 4.20-rc7 and stable kernels
Linus has released 4.20-rc7, saying: "The plan remains the same: if everything continues normally, I'll release 4.20 just before christmas, and then just have a more leisurely merge window than normal."

On the stable side, 4.19.10, 4.14.89, and 4.9.146 are out with a new set of important fixes.

text [$] Relief for retpoline pain
Indirect function calls — calls to a function whose address is stored in a pointer variable — have never been blindingly fast, but the Spectre hardware vulnerabilities have made things far worse. The indirect branch predictor used to speed up indirect calls in the CPU can no longer be used, and performance has suffered accordingly. The "retpoline" mechanism was a brilliant hack that proved faster than the hardware-based solutions that were tried at the beginning. While retpolines took a lot of the pain out of Spectre mitigation, experience over the last year has made it clear that they still hurt. It is thus not surprising that developers have been looking for alternatives to retpolines; several of them have shown up on the kernel lists recently.
text Security updates for Friday
Security updates have been issued by CentOS (ghostscript, git, java-1.7.0-openjdk, java-11-openjdk, kernel, NetworkManager, python-paramiko, ruby, sos-collector, thunderbird, and xorg-x11-server), Debian (gcc-4.9), and SUSE (amanda, ntfs-3g_ntfsprogs, and tiff).
text [$] Linux in mixed-criticality systems
The Linux kernel is generally seen as a poor fit for safety-critical systems; it was never designed to provide realtime response guarantees or to be certifiable for such uses. But the systems that can be used in such settings lack the features needed to support complex applications. This problem is often solved by deploying a mix of computers running different operating systems. But what if you want to support a mixture of tasks, some safety-critical and some not, on the same system? At a talk given at LinuxLab 2018, Claudio Scordino described an effort to support this type of mixed-criticality system.
text A set of stable kernels
Greg Kroah-Hartman has released stable kernels 4.19.9, 4.14.88, 4.9.145, 4.4.167, and 3.18.129. They all contain important fixes and users should upgrade.
text Security updates for Thursday
Security updates have been issued by Debian (firefox-esr), Fedora (singularity), openSUSE (compat-openssl098, cups, firefox, mozilla-nss, and xen), and SUSE (cups, exiv2, ghostscript, and git).
The LWN.net Weekly Edition for December 13, 2018 is available.
text [$] DMA and get_user_pages()

In the RDMA microconference of the 2018 Linux Plumbers Conference (LPC), John Hubbard, Dan Williams, and Matthew Wilcox led a discussion on the problems surrounding get_user_pages() (and friends) and the interaction with DMA. It is not the first time the topic has come up, there was also a discussion about it at the Linux Storage, Filesystem, and Memory-Management Summit back in April. In a nutshell, the problem is that multiple parts of the kernel think they have responsibility for the same chunk of memory, but they do not coordinate their activities; as might be guessed, mayhem can sometimes ensue.

text The x32 subarchitecture may be removed
The x32 subarchitecture is a software variant of x86-64; it runs the processor in the 64-bit mode, but uses 32-bit pointers and arithmetic. The idea is to get the advantages of x86-64 without the extra memory usage that goes along with it. It seems, though, that x32 is not much appreciated; few distributions support it and the number of users appears to be small. So now Andy Lutomirski is proposing its eventual removal:

I propose that we make CONFIG_X86_X32 depend on BROKEN for a release or two and then remove all the code if no one complains. If anyone wants to re-add it, IMO they're welcome to do so, but they need to do it in a way that is maintainable.

If there are x32 users out there, now would be a good time for them to speak up.

text Security updates for Wednesday
Security updates have been issued by Arch Linux (chromium, firefox, lib32-openssl, lib32-openssl-1.0, openssl, openssl-1.0, texlive-bin, and wireshark-cli), Fedora (perl), openSUSE (pdns), Oracle (kernel), Red Hat (kernel), Slackware (mozilla), SUSE (kernel, postgresql10, qemu, and xen), and Ubuntu (firefox, freerdp, freerdp2, pixman, and poppler).