Vue lecture

Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.

[$] How free software hijacked Philip Hazel's life

Philip Hazel was 51 when he began the Exim message transfer agent (MTA) project in 1995, which led to the Perl-Compatible Regular Expressions (PRCE) project in 1998. At 80, he's maintained PCRE, and its successor PCRE2, for more than 27 years. For those doing the math, that's a year longer than LWN has been in publication. Exim maintenance was handed off around the time of his retirement in 2007. Now, he is ready to hand off PCRE2 as well, if a successor can be found.

Mate 1.28 released

Version 1.28 of the MATE Desktop has been released.

MATE 1.28 has made significant strides in updating the codebase, including the removal of deprecated libraries and ensuring compatibility with the latest GTK versions. One of the most notable improvements is the enhanced support for Wayland, bringing us closer to a fully native MATE-Wayland experience. Several components have been updated to work seamlessly with Wayland, ensuring a more integrated and responsive desktop environment.

See the announcement for a full list of improvements and bug fixes.

Libgcrypt 1.11.0 released

Version 1.11.0 of Libgcrypt, a general-purpose library of cryptographic building blocks, has been released by the GnuPG project:

This release starts a new stable branch of Libgcrypt with full API and ABI compatibility to the 1.10 series. Over the last years Jussi Kivilinna put again a lot of work into speeding up the algorithms for many commonly used CPUs. Niibe-san implemented new APIs and algorithms and also integrated quantum-resistant encryption algorithms.

[$] Capturing stack traces asynchronously with BPF

Andrii Nakryiko led a session at the 2024 Linux Storage, Filesystem, Memory Management, and BPF Summit giving a look into the APIs for capturing stack traces using BPF, and how the APIs could be made more useful. BPF programs can capture the current stack trace of a running process, including the portion in the kernel during execution of a system call, which can be useful for diagnosing performance problems, among other things. But there are substantial problems with the existing API.

[$] How kernel CVE numbers are assigned

It has been four months since Greg Kroah-Hartman and MITRE announced that the Linux kernel project had become its own CVE Numbering Authority (CNA). Since then, the Linux CNA Team has developed workflows and mechanisms to help manage the various tasks associated with this challenge. There does however, appear to be a lack of understanding among community members of the processes and rules the team have been working within. The principal aim of this article, written by a member of the Linux kernel CNA team, is to clarify how the team works and how kernel CVE numbers are assigned.

Security updates for Wednesday

Security updates have been issued by AlmaLinux (container-tools, firefox, and flatpak), Debian (composer, roundcube, and thunderbird), Fedora (kitty and webkitgtk), Oracle (container-tools and flatpak), Red Hat (flatpak and java-1.8.0-ibm), SUSE (gdcm, gdk-pixbuf, libarchive, libzypp, zypper, ntfs-3g_ntfsprogs, openssl-1_1, openssl-3, podman, python-Werkzeug, and thunderbird), and Ubuntu (git, linux-hwe-6.5, mariadb, mariadb-10.6, and thunderbird).

[$] Adding a JIT compiler to CPython

One of the big-ticket items for the upcoming Python 3.13 release is an experimental just-in-time (JIT) compiler for the language; the other is, of course, the removal of the global interpreter lock (GIL), which is also an experiment. Brandt Bucher is a member of the Faster CPython project, which is working on making the reference implementation of the language faster via a variety of techniques. Last year at PyCon, he gave a talk about the specializing adaptive interpreter; at PyCon 2024 in Pittsburgh, he described the work he and others have been doing to add a copy-and-patch JIT compiler to CPython.

[$] BPF tracing performance

On the final day of the 2024 Linux Storage, Filesystem, Memory Management, and BPF Summit, the BPF track opened with a series of sessions on improving the performance and flexibility of probes and other performance-monitoring tools, in the kernel and in user space. Jiri Olsa led two sessions about different aspects of probes: making the API for BPF programs attached to a probe more flexible, and making user-space probes more efficient.

Plasma 6.1 released

Version 6.1 of the Plasma desktop environment has been released.

Plasma 6 hits its stride with version 6.1. While Plasma 6.0 was all about getting the migration to the underlying Qt 6 frameworks correct (and what a massive job that was), 6.1 is where developers start implementing the features that will take you desktop to a new level.

Enhancements include better remote-desktop support, improved customization, persistent apps, smoother animation under Wayland, and more; see the changelog for the full list.

Security updates for Tuesday

Security updates have been issued by Debian (php7.3), Fedora (galera, ghostscript, and mariadb), Mageia (cups, iperf, and libndp), Oracle (firefox and flatpak), Red Hat (container-tools:rhel8, Firefox, firefox, and flatpak), SUSE (booth, bouncycastle, firefox, ghostscript, less, libaom, openssl-1_1, openssl-3, podman, python-Authlib, python-requests, python-Werkzeug, webkit2gtk3, and xdg-desktop-portal), and Ubuntu (ghostscript, ruby-rack, ruby2.7, ruby3.0, ruby3.1, ruby3.2, and sssd).

[$] Static keys for BPF

The kernel has a lot of code paths that are normally disabled: debugging print statements, tracepoints, etc. To support these efficiently, there is a common mechanism called static keys that provides a way to enable or disable a code path at run time, with effectively no overhead for disabled branches. BPF programs have not been able to take advantage of static keys so far, because they aren't compiled into the kernel. Now, it looks like BPF may be getting support for a similar mechanism — and the design could also provide one of the components needed to support jump tables, another missing feature. Anton Protopovov presented his plans to add static keys to BPF at the 2024 Linux Storage, Filesystem, Memory Management, and BPF Summit.

PostmarketOS v24.06 released

PostmarketOS is an Alpine Linux derivative distribution aimed at mobile devices; the v24.06 release claims support for over 250 devices, though the level of that support varies widely. "This release is geared mainly towards Linux enthusiasts. We are working hard on stability improvements and automated testing, but if you expect Android or iOS levels of polish, then this is not for you yet." Changes include an upgrade to Alpine Linux 3.20, newer GNOME and KDE versions, and more.

[$] Nested bottom-half locking for realtime kernels

Software-interrupt handlers (also called "bottom halves") have a long history in the Linux kernel; for much of that history, developers have wished that they could go away. One of their unfortunate characteristics is that they can add unexpected latency to the execution of unrelated processes; this problem is felt especially acutely in the realtime-preemption community. The solution adopted there has created problems of its own, though; in response Sebastian Andrzej Siewior is proposing a new locking mechanism for realtime builds of the kernel that may have benefits for non-realtime users as well.

Security updates for Monday

Security updates have been issued by AlmaLinux (389-ds-base, buildah, c-ares, cockpit, containernetworking-plugins, fence-agents, gdk-pixbuf2, gvisor-tap-vsock, libreoffice, podman, python-idna, rpm-ostree, and ruby), Debian (atril, chromium, ffmpeg, libndp, libvpx, nano, plasma-workspace, pymongo, roundcube, sendmail, and thunderbird), Fedora (booth and thunderbird), Mageia (aom, atril, libvpx, nano, nss, firefox, and vte), Red Hat (linux-firmware), SUSE (bind, booth, mariadb, openssl-1_1, php7, php8, and webkit2gtk3), and Ubuntu (linux-azure, linux-azure-fde, linux-azure, linux-gke, and linux-nvidia-6.5).

Reports from the Python Language Summit

The Python Software Foundation has published a set of reports from the 2024 Python Language summit. Topics covered include version numbering, the limited C API, a new default read-eval-print loop, and Python's security model in light of the XZ backdoor:

For multiple reasons like being able to fix bugs and single-maintainer modules, CPython doesn't require reviewers on the pull requests of core developers. This can lead to "unilateral action", meaning that a change is introduced into CPython without the review of someone besides the author. Other situations like release managers backporting fixes to other branches without review are common.

Schaller: Fedora Workstation development update – AI edition

Christian Schaller writes about AI and GPU-related features that are in flight and planned for Fedora 41.

Milan Crha has been working together with Alan Day and Jakub Steiner to come up with a streamlined user experience in GNOME Software to let you install the binary NVIDIA driver and provide you with an integrated graphical user interface help to sign the kernel module for use with secure boot. This is a bit different than what we for instance are doing in RHEL, where we are working with NVIDIA to provide pre-signed kernel modules, but that is a lot harder to do in Fedora due to the rapidly updating kernel versions and which most Fedora users appreciate as a big plus. So instead what we are for opting in Fedora is as I said to make it simple for you to self-sign the kernel module for use with secure boot. We are currently looking at when we can make this feature available, but no later than Fedora Workstation 41 for sure.

New Human Interface Guidelines for KDE

KDE developer Nate Graham has announced a new set of KDE Human Interface Guidelines (HIG) for the KDE project. Graham says that the goals for the new HIGs were to reflect how KDE designs software today, make the content 100% actionable, improve navigation, and to improve the guidelines so people feel comfortable contributing:

Like any rewrite, there are bound to be rough edges and omissions compared to the old version. Maybe I missed a piece of useful information in the old HIG that had been buried somewhere but retained some value. Maybe there's low-hanging fruit for improvement. Help out by contributing!
❌