Welcome to LWN.net
LWN.net is a reader-supported news site dedicated to producing the best coverage from within the Linux and free software development communities. See the LWN FAQ for more information, and please consider subscribing to gain full access and support our activities.
[$] Giving Rust a chance for in-kernel codecs
Video playback is undeniably one of the most important features in modern consumer devices. Yet, surprisingly, users are by and large unaware of the intricate engineering involved in the compression and decompression of video data, with codecs being left to find a delicate balance between image quality, bandwidth, and power consumption. In response to constant performance pressure, video codecs have become complex and hardware implementations are now common, but programming these devices is becoming increasingly difficult and fraught with opportunities for exploitation. I hope to convey how Rust can help fix this problem.
[$] Support for the TSO memory model on Arm CPUs
At the CPU level, a memory model describes, among other things, the amount of freedom the processor has to reorder memory operations. If low-level code does not take the memory model into account, unpleasant surprises are likely to follow. Naturally, different CPUs offer different memory models, complicating the portability of certain types of concurrent software. To make life easier, some Arm CPUs offer the ability to emulate the x86 memory model, but efforts to make that feature available in the kernel are running into opposition.
[$] Python JIT stabilization
On April 11, Brandt Bucher posted PEP 744 ("JIT Compilation"), which summarizes the current state of Python's new copy-and-patch just-in-time (JIT) compiler. The JIT is currently experimental, but the PEP proposes some criteria for the circumstances under which it should become a non-experimental part of Python. The discussion of the PEP hasn't reached a conclusion, but several members of the community have already raised questions about how the JIT would fit into future iterations of the Python language.
[$] The state of realtime and embedded Linux
Linux, famously, appears in a wide range of systems. While servers and large data centers get a lot of the attention, and this year will always be the year of the Linux desktop, there is also a great deal of Linux to be found in realtime and embedded applications. Two talks held in the realtime and embedded tracks of the 2024 Open Source Summit North America provided listeners with an update on how Linux is doing in those areas. Work on realtime Linux appears to be nearing completion, while the embedded community is still pushing forward at full speed.
[$] LWN.net Weekly Edition for April 25, 2024
Posted Apr 25, 2024 1:21 UTC (Thu)The LWN.net Weekly Edition for April 25, 2024 is available.
Inside this week's LWN.net Weekly Edition
- Front: Dirk and Linus; Gentoo bans AI; Rust existential types; Rust in embedded kernels; WARN_ON(); Memory interleaving; Security-module stacking.
- Briefs: GitHub malware; Tille elected; Fedora 40; QEMU 9.0; Open Home Foundation; udev-hid-bpf; Firefox crash reporting; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
[$] Existential types in Rust
For several years, contributors to the Rust project have been working to improve support for asynchronous code. The benefits of these efforts are not confined to asynchronous code, however. Members of the Rust community have been working toward adding explicit existential types to Rust since 2017. Existential types are not a common feature of programming languages (something the RFC acknowledges), so the motivation for their inclusion might be somewhat obscure.
[$] A change in direction for security-module stacking?
The long-running effort to complete the work on stacking (or composing) the Linux security modules (LSMs) recently encountered a barrier—in the form of a "suggestion" to discontinue it from Linus Torvalds. His complaint revolved around the indirect function calls that are used to implement LSMs, but he also did not think much of the effort to switch away from those calls. While it does not appear that a major course-change is in store for LSMs, it is clear that Torvalds is not happy with the direction of that subsystem.
[$] Rust for embedded Linux kernels
The Rust programming language, it is hoped, will bring a new level of safety to the Linux kernel. At the moment, though, there are still a number of impediments to getting useful Rust code into the kernel. In the Embedded Open Source Summit track of the Open Source Summit North America, Fabien Parent provided an overview of his work aimed at improving the infrastructure needed to write the device drivers needed by embedded systems in Rust; there is still some work to be done.
[$] Linus and Dirk chat about AI, XZ, hardware, and more
One of the mainstays of the the Linux Foundation's Open Source Summit is the "fireside chat" (sans fire) between Linus Torvalds and Dirk Hohndel to discuss open source and Linux kernel topics of the day. On April 17, at Open Source Summit North America (OSSNA) in Seattle, Washington, they held with tradition and discussed a range of topics including proper whitespace parsing, security, and the current AI craze.
[$] Weighted memory interleaving and new system calls
Gregory Price recently posted a patch set that adds support for weighted memory interleaving — allowing a process's memory to be distributed between non-uniform memory access (NUMA) nodes in a more controlled way. According to his performance measurements, the patch set could provide a significant improvement for computers with network-attached memory. The patch set also introduces new system calls and paves the way for future extensions intended to give processes more control over their own memory.
Security updates for Friday
Security updates have been issued by Debian (knot-resolver, pdns-recursor, and putty), Fedora (xen), Mageia (editorconfig-core-c, glibc, mbedtls, webkit2, and wireshark), Oracle (buildah), Red Hat (buildah and yajl), Slackware (libarchive), SUSE (dcmtk, openCryptoki, php7, php74, php8, python-gunicorn, python-idna, qemu, and thunderbird), and Ubuntu (cryptojs, freerdp2, nghttp2, and zabbix).
Ubuntu 24.04 LTS (Noble Numbat) released
Version 24.04 LTS of the Ubuntu distribution is out.
This release continues Ubuntu's proud tradition of integrating the latest and greatest open source technologies into a high-quality, easy-to-use Linux distribution. The team has been hard at work through this cycle, together with the community and our partners, to introduce new features and fix bugs.
The list of changes and enhancements is long; click below for some details. More information can be found in the release notes; see also this page for a summary of security-related changes.
Security updates for Thursday
Security updates have been issued by Fedora (curl, filezilla, flatpak, kubernetes, libfilezilla, thunderbird, and xen), Oracle (go-toolset:ol8, kernel, libreswan, shim, and tigervnc), Red Hat (buildah, gnutls, libreswan, tigervnc, and unbound), SUSE (cockpit-wicked, nrpe, and python-idna), and Ubuntu (dnsmasq, freerdp2, linux-azure-6.5, and thunderbird).
GitHub comments used to distribute malware (BleepingComputer)
BleepingComputer reported on April 20 that some malware was being distributed via GitHub. Uploading files as part of a comment gives them a URL that appears to be associated with a repository, even if the comment is never posted.
A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy.
While most of the malware activity has been based around the Microsoft GitHub URLs, this "flaw" could be abused with any public repository on GitHub, allowing threat actors to create very convincing lures.
A new crash reporter for Firefox
On April 23, Mozilla announced that Firefox's crash reporter has been rewritten in Rust, allowing the project to address a backlog of issues.
Even though it is important to properly handle main process crashes, the crash reporter hasn't received significant development in a while (aside from development to ensure that crash reports and telemetry continue to reliably be delivered)! It has long been stuck in a local maximum of "good enough" and "scary to maintain": it features 3 individual GUI implementations (for Windows, GTK+ for Linux, and macOS), glue code abstracting a few things (mostly in C++, and Objective-C for macOS), a binary blob produced by obsoleted Apple development tools, and no test suite. Because of this, there is a backlog of features and improvements which haven't been acted on.
QEMU 9.0 released
Version 9.0 of
the QEMU emulator has been released. "This release contains 2700+
commits from 220 authors.
" The list of improvements is long; see the
announcement and the
changelog for details.
Security updates for Wednesday
Security updates have been issued by Fedora (abseil-cpp, chromium, filezilla, libfilezilla, and xorg-x11-server-Xwayland), Oracle (firefox, gnutls, golang, java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk, java-21-openjdk, kernel, libreswan, mod_http2, owO: thunderbird, and thunderbird), Red Hat (container-tools:rhel8, gnutls, grub2, kernel, kernel-rt, less, linux-firmware, opencryptoki, pcs, postgresql-jdbc, and thunderbird), Slackware (ruby), SUSE (kubernetes1.23, kubernetes1.24, and opensc), and Ubuntu (firefox, linux-azure, linux-lowlatency, linux-nvidia, and ruby-sanitize).
Fedora 40 released
The Fedora 40 distribution has been released. See the "what's new" pages for Fedora Workstation and Fedora KDE to learn more about the desktop spins, along with this LWN article, for more information.
Security updates for Tuesday
Security updates have been issued by Debian (glibc and samba), Fedora (chromium, cjson, mingw-python-idna, and pgadmin4), Mageia (kernel, kmod-xtables-addons, kmod-virtualbox, kernel-linus, and perl-Clipboard), Red Hat (go-toolset:rhel8, golang, java-11-openjdk, kpatch-patch, and shim), Slackware (freerdp), SUSE (apache-commons-configuration, glibc, jasper, polkit, and qemu), and Ubuntu (google-guest-agent, google-osconfig-agent, linux-lowlatency-hwe-6.5, pillow, and squid).
The Open Home Foundation launches
The Open Home Foundation has announced its existence as a home and support resource for free home-automation projects.
We created the Open Home Foundation to fight for the fundamental principles of privacy, choice, and sustainability for smart homes. And every person who lives in one.Ahead of today, we've transferred over 240 projects, standards, drivers, and libraries—Home Assistant, ESPHome, Zigpy, Piper, Improv Wi-Fi, Wyoming, and so many more—to the Open Home Foundation. This is all about looking into the future. We've done this to create a bulwark against surveillance capitalism, the risk of buyout, and open-source projects becoming abandonware. To an extent, this protection extends even against our future selves—so that smart home users can continue to benefit for years, if not decades. No matter what comes.