Vue lecture
The PostgreSQL community mourns Simon Riggs
Simon was responsible for many of the enterprise features we find in PostgreSQL today, including point in time recovery, hot standby, and synchronous replication. He was the founder of 2ndQuadrant which employed many of the PostgreSQL developers, later becoming part of EDB where he worked as a Postgres Fellow until his retirement. He was responsible for the UK PostgreSQL conferences for many years until he passed that responsibility to PostgreSQL Europe last year.
[$] The rest of the 6.9 merge window
Emacs 29.3 released
Emacs 29.3 is an emergency bugfix release; it includes no new features except a small number of changes intended to resolve security vulnerabilities uncovered in Emacs 29.2.
Those vulnerabilities mostly have to do with executing untrusted Lisp code; see the NEWS file for a bit more information.
[$] Hardening the kernel against heap-spraying attacks
Rust 1.77.0 released
Perl 5.39.9 released
Redis is no longer free software
Under the new license, cloud service providers hosting Redis offerings will no longer be permitted to use the source code of Redis free of charge. For example, cloud service providers will be able to deliver Redis 7.4 only after agreeing to licensing terms with Redis, the maintainers of the Redis code.
Distributors like Fedora are already looking at removing Redis as a consequence. (Thanks to Emmanuel Seyman).
The "Nova" driver for NVIDIA chipsets
We just started to work on Nova, a Rust-based GSP-only driver for Nvidia GPUs. Nova, in the long term, is intended to serve as the successor of Nouveau for GSP-firmware-based GPUs.With Nova we see the chance to significantly decrease the complexity of the driver compared to Nouveau for mainly two reasons. First, Nouveau's historic architecture, especially around nvif/nvkm, is rather complicated and inflexible and requires major rework to solve certain problems (such as locking hierarchy in VMM / MMU code for VM_BIND currently being solved with a workaround) and second, with a GSP-only driver there is no need to maintain compatibility with pre-GSP code.
Besides that, we also want to take the chance to contribute to the Rust efforts in the kernel and benefit from from more memory safety offered by the Rust programming language.
Given that the effort has just begun, it will be a while before this driver shows up in a distribution release.
[$] LWN.net Weekly Edition for March 21, 2024
GNOME 46 released
GNOME 46 is code-named 'Kathmandu', in recognition of the amazing work done by the organizers of GNOME.Asia 2023." Significant changes include a new global search feature, enhancements to the Files app, improved remote login support, and more.
Firefox 124.0 released
Security updates for Tuesday
Man Yue Mo: Gaining kernel code execution on an MTE-enabled Pixel 8
So, by using the GPU to access physical addresses directly, I'm able to completely bypass the protection that MTE offers. Ultimately, there is no memory safe code in the code that manages memory accesses. At some point, physical addresses will have to be used directly to access memory.
[$] Toward a real "too small to fail" rule
[$] The first half of the 6.9 merge window
[$] LWN.net Weekly Edition for March 14, 2024
[$] A new filesystem for pidfds
Today's hardware vulnerability: register file data sampling
RFDS may allow a malicious actor to infer data values previously used in floating point registers, vector registers, or integer registers. RFDS does not provide the ability to choose which data is inferred
Only Atom cores are affected, but those cores can be found inside a number of processors. See this documentation commit for more information.