LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Updated: 2 days 16 hours ago
Monday 22nd of February 2021 03:25:40 PM
Matthew Garrett recently posted
a
patch set enabling hibernation on systems that are running in the UEFI
secure-boot lockdown mode.
This blog entry gets
into the details of how it all works. "When we encrypt material with
the TPM, we can ask it to record the PCR state. This is given back to us as
metadata accompanying the encrypted secret. Along with the metadata is an
additional signature created by the TPM, which can be used to prove that
the metadata is both legitimate and associated with this specific encrypted
data. In our case, that means we know what the value of PCR 23 was when we
encrypted the key. That means that if we simply extend PCR 23 with a known
value in-kernel before encrypting our key, we can look at the value of PCR
23 in the metadata. If it matches, the key was encrypted by the kernel -
userland can create its own key, but it has no way to extend PCR 23 to the
appropriate value first. We now know that the key was generated by the
kernel."
Monday 22nd of February 2021 03:11:36 PM
Version 19 of
the Kodi "entertainment center" application is out with a long list of new
features.
For audio and music lovers, there are significant improvements across the
board to metadata handling: library improvements, new tags, new displays,
improvements to how Kodi handles release dates, album durations, multi-disc
sets, and more. There's a new, Matrix-inspired visualisation, there are
improvements to display when fetching files from a web server, and several
changes to how audio decoder addons can pass information through to the
Kodi player.
For video, most of the changes are more technical, and may depend on your
hardware: AV1 software decoding, HLG HDR and static HDR10 playback on
Windows 10, static HDR10 and dynamic Dolby Vision HDR support on Android,
and more OpenGL bicubic scalers.
Monday 22nd of February 2021 02:41:37 PM
Security updates have been issued by Debian (chromium, libzstd, openldap, openvswitch, screen, and wpa), Fedora (dotnet5.0, subversion, and wpa_supplicant), openSUSE (mumble, python-djangorestframework, and tor), Oracle (container-tools:ol8, kernel, nodejs:10, nodejs:12, nodejs:14, subversion:1.10, and xterm), Red Hat (stunnel and xterm), and SUSE (ImageMagick, java-1_8_0-openjdk, kernel, krb5-appl, python3, tomcat, and webkit2gtk3).
Friday 19th of February 2021 06:33:32 PM
Lockless algorithms are of interest for the Linux kernel when traditional
locking primitives either cannot be used or are not performant enough.
For this reason they come up every now and then on LWN; one of the last
mentions, which prompted me to write this article series, was
last July.
Topics that arise even more frequently are read-copy-update (RCU —
these
articles from 2007 are still highly relevant),
reference counting, and
ways of wrapping lockless primitives into higher-level,
more easily understood APIs. These articles will delve into the concepts
behind lockless algorithms and how they are used in the kernel.
Friday 19th of February 2021 03:18:40 PM
Security updates have been issued by Debian (bind9, libbsd, openssl1.0, php-horde-text-filter, qemu, and unrar-free), Fedora (kiwix-desktop and libntlm), Mageia (coturn, mediawiki, privoxy, and veracrypt), openSUSE (buildah, libcontainers-common, podman), Oracle (kernel, nss, and perl), Red Hat (xterm), SUSE (java-1_7_1-ibm, php74, python-urllib3, and qemu), and Ubuntu (libjackson-json-java and shiro).
Thursday 18th of February 2021 03:20:32 PM
The
copy_file_range()
system call looks like a relatively straightforward feature; it allows
user space to ask the kernel to copy a range of data from one file to
another, hopefully applying some optimizations along the way. In truth,
this call has never been as generic as it seems, though some changes made
during 5.3 helped in that regard. When the developers of the Go language
ran into problems with copy_file_range(), there ensued a lengthy
discussion on how this system call should work and whether the kernel needs
to do more to make it useful.
Thursday 18th of February 2021 02:46:04 PM
Security updates have been issued by Debian (mumble, openssl, php7.3, and webkit2gtk), openSUSE (jasper, php7, and screen), SUSE (bind, php7, and php72), and Ubuntu (bind9, openssl, openssl1.0, and webkit2gtk).
Thursday 18th of February 2021 02:19:22 PM
The Google Security Blog carries
an
announcement of a heightened effort to reimplement security-critical
software in memory-safe languages. "The new Rust-based HTTP and TLS
backends for curl and now this new TLS library for Apache httpd are an
important starting point in this overall effort. These codebases sit at the
gateway to the internet and their security is critical in the protection of
data for millions of users worldwide."
Thursday 18th of February 2021 01:11:04 AM
The LWN.net Weekly Edition for February 18, 2021 is available.
Wednesday 17th of February 2021 08:22:23 PM
The venerable
locate
file-finding utility has long been available for Linux systems, though its
origins are in the BSD world. It is a generally useful tool, but does have
a cost beyond just the disk space it occupies in the filesystem; there is a
periodic daemon program (
updatedb)
that runs to keep the file-name database up to date. As a recent
debian-devel discussion shows, though, people have differing ideas of
just how important the tool is—and whether it should be part of the default installation of Debian.
Wednesday 17th of February 2021 03:18:55 PM
The
5.10.17 and
5.4.99
stable kernel updates have been released; they both contain another set of
important fixes.
Wednesday 17th of February 2021 02:53:37 PM
Security updates have been issued by Debian (openssl and ruby-mechanize), Fedora (chromium, jasper, roundcubemail, spice-vdagent, and webkit2gtk3), openSUSE (python-bottle), Oracle (dotnet, kernel, and kernel-container), Red Hat (redhat-ds:11, RHDM, and RHPAM), SUSE (jasper, kernel, and screen), and Ubuntu (thunderbird and wpa).
Wednesday 17th of February 2021 02:30:58 PM
Version 1.16 of the Go
language is available. New features include an
"embed" package, Apple Arm64
support, use of modules by default, and build-performance improvements; see
the release notes for details.
Tuesday 16th of February 2021 08:45:48 PM
On February 4, millions of browser tabs were
suddenly terminated. Not everyone was surprised; the dozen people who spent the last
four months waiting for this tragedy to occur watched in relief as
the
first in a rapid stream of
GitHub
comments began pouring in. The Great Suspender, a Chrome
extension that suspended inactive tabs,
with around two-million users, had been forcibly uninstalled because it contained
malware. This was a serious problem for users, in part due to the difficulty in
recovering the lost tabs, but the extension's malevolence had been
painfully obvious to anyone who cared to investigate it.
Tuesday 16th of February 2021 08:41:38 PM
Those of us who are watching the mainline kernel repository may have been
wondering why it appears that no pull requests for the 5.12 merge window
have yet been acted upon. The problem, it seems, is power outages caused
by the severe winter weather in the US Pacific northwest. Until that gets
resolved, which could take a few days, the 5.12 merge window is likely to
remain on hold.
Tuesday 16th of February 2021 04:17:40 PM
Security updates have been issued by Debian (spip), Mageia (chromium-browser, kernel, kernel-linus, and trojita), openSUSE (mumble and opera), Red Hat (container-tools:rhel8, java-1.8.0-ibm, kernel, kernel-rt, net-snmp, nodejs:10, nodejs:12, nodejs:14, nss, perl, python, and rh-nodejs10-nodejs), and SUSE (jasper, python-bottle, and python-urllib3).
Monday 15th of February 2021 07:48:14 PM
The 5.11 kernel was
released on February 14 — the most romantic
sort of Valentine's day gift one could hope for. This kernel saw the
merging of 14,340 changesets from 1,912 developers; it is certainly
not the busiest development cycle we have seen recently, but it still saw a
lot of activity. Read on for our traditional look at where the code merged
for 5.11 came from.
Monday 15th of February 2021 03:37:35 PM
Security updates have been issued by Debian (busybox, linux-4.19, openvswitch, subversion, unbound1.9, and xterm), Fedora (audacity, community-mysql, kernel, libzypp, mysql-connector-odbc, python-django, python3.10, and zypper), openSUSE (librepo, openvswitch, subversion, and wpa_supplicant), Red Hat (subversion:1.10), SUSE (kernel, openvswitch, perl-File-Path, and wpa_supplicant), and Ubuntu (postgresql-12).
Saturday 13th of February 2021 04:25:58 PM
The
5.10.16,
5.4.98,
and
4.19.176
stable kernel updates have been released; each contains another set of
important fixes.
Recent comments
38 min 18 sec ago
1 hour 24 min ago
1 hour 49 min ago
8 hours 27 min ago
8 hours 32 min ago
9 hours 23 min ago
10 hours 12 min ago
10 hours 36 min ago
10 hours 42 min ago
11 hours 2 min ago