Language Selection

English French German Italian Portuguese Spanish

Linux 5.10-rc1

Filed under
Linux

Two weeks have passed, and the merge window is over. I've tagged and
pushed out 5.10-rc1, and everything looks fairly normal.

This looks to be a bigger release than I expected, and while the merge
window is smaller than the one for 5.8 was, it's not a *lot* smaller.
And 5.8 was our biggest release ever.

I'm not entirely sure whether this is just a general upward trend (we
did seem to plateau for a while there), or just a fluke, or perhaps
due to 5.9 dragging out an extra week. We will see, I guess.

That said, things seem to have gone fairly smoothly. I don't see any
huge red flags, and the merge window didn't cause any unusual issues
for me. Famous last words..

The most interesting - to me - change here is Christoph's setf_fs()
removal (it got merged through Al Viro, as you can see in my mergelog
below).  It's not a _huge_ change, but it's interesting because the
whole model of set_fs() to specify whether a userspace copy actually
goes to user space or kernel space goes back to pretty much the
original release of Linux, and while the name is entirely historic (it
hasn't used the %fs segment register in a long time), the concept has
remained. Until now.

We still do have "set_fs()" around, and not every architecture has
been converted to the new world order, but x86, powerpc, s390 and
RISC-V have had the address space overrides removed, and all the core
work is done. Other architectures will hopefully get converted away
from that very historic model too, but it might take a while to get
rid of it all.

Anyway, to most people that all shouldn't matter at all, and it's
mainly a small historical footnote that 5.10 no longer relies on the
whole set_fs() model. Most of the actual changes are - as usual -
driver updates, but there are changes all over. I think the merge log
below gives some kind of flavor of what's been going on on a high
level, but if you're interested in the details go look at the git
tree. As mentioned, it's a big merge window, with  almost 14k commits
(*) by closer to 1700 people.

Please go test,

                  Linus

(*) closer to 15k commits if you count merges.

Read more

Also: Linux 5.10-rc1 Released With New Hardware Support, Security Additions

Now in LWN

Two more

  • Linus Torvalds Announces First Linux Kernel 5.10 Release Candidate

    As expected, Linus Torvalds announced the first Release Candidate (RC) of the upcoming Linux 5.10 kernel series, which looks to be yet another big release with almost 14k commits, but not as big as Linux kernel 5.8 was. However, Linus Torvalds assures us that the merge window didn’t cause any unusual issues and things went “fairly smoothly.”

    The most interesting change in Linux kernel 5.10 appears to be the removal of setf_fs() function, which was used to set the FS segment register of an x86 processor. For now, it was only removed from the x86, PowerPC, s390, and RISC-V architectures, with the rest to follow soon.

  • Linux 5.10 finally ditches decades-old tool that caused security bugs

    Linus Torvalds has kicked off yet another development cycle for the Linux kernel, announcing the release of 5.10-rc1, and this time with an historical twist. The new version of the kernel effectively marks the end of a decade-old feature that has long been made redundant after it was found to cause security bugs.

    With the closing of the two-week-long merge window, which precedes the release of every new iteration of the Linux kernel, Torvalds shared his reflections on the Linux kernel mailing list, maintaining that "things seem to have gone fairly smoothly".

Linux 5.10 rc1 Released as Long Term Support Kernel

  • Linux 5.10 rc1 Released as Long Term Support Kernel - debugpoint.com

    This is the first release candidate for Kernel 5.10 and we expect more RCs until the final release in December.

    Linux Kernel 5.10 brings mostly driver updates and as usual, processor supports, performance improvements across storage, and networking modules.

    This Rc1 concludes the Merge window for this release. It adds around 14k commints.

Linus Torvalds hails 'historic' Linux 5.10...

  • Linus Torvalds hails 'historic' Linux 5.10 for ditching defunct addressing artefact

    Linus Torvalds has given the world the first release candidate of version 5.10 of the Linux kernel and called out what he's labelled an historic change – the removal of an addressing tool that appears to have been around for nearly 30 years, sparked a nasty bug a decade ago but has since been made redundant by chipmakers.

    That scheme is called set_fs() and allows the Linux kernel to override address spaces, which was a handy thing to do with Intel's 286 and 386 CPUs.

    As Torvalds explained in his weekly kernel update, set_fs() controls "whether a userspace copy actually goes to user space or kernel space". That matters because, as was detailed in 2010 in CVE-2010-4258, it could be used to "overwrite arbitrary kernel memory locations, and gain privileges".

More news coverage

  • Linux 5.10 is a bigger kernel release than expected and sees the removal of setf_fs()

    With first release candidate of version 5.10 of the Linux kernel now available, Linus Torvalds says that it "looks to be a bigger release" than he expected.

    Linux kernel 5.10-rc1 includes 14-15,000 merge commits -- depending on how you count them -- Torvalds notes in his weekly update to the Linux community. He shares the news that, for him, the most interesting change in this release is the removal of the setf_fs() addressing tool.

  • Linux 5.10 will deliver 'historic' upgrade

    The creator of Linux has hailed the "historic" launch of the latest update as one of the most important in the software's history.

    Linus Torvalds said that the release of Linux 5.10 was, "a bigger release than I expected", and could surpass version 5.8 to be the biggest software launch for the company yet.

    The launch looks to make the open-source software platform more powerful and easier to use than ever before, offering a number of new additions, upgrades and features for users across the globe.

Torvalds hails the removal of a relic from Linux’s early days

  • Torvalds hails the removal of a relic from Linux’s early days

    Set_fs() has been the source of various security problems over the years. Jonathan Corbet, a kernel contributor and editor of Linux news site LWN, published an article in 2017 titled ‘A farewell to set_fs()?’ in which he highlighted some of the aforementioned issues.

    “Set_fs() is clearly the sort of interface that can easily create severe security bugs,” Corbet wrote. “It is also a tempting shortcut that tends to find its way into code of questionable quality such as out-of-tree drivers.”

    The function has been part of Linux since around 1991 and enabled the kernel to override address spaces. In 2010, the National Institute of Standards and Technology detailed how it could be used to “overwrite arbitrary kernel memory locations and gain privileges”.

    That particular bug was fixed in 2010 but set_fs() has continued to be a concern and many within the community have called for its removal for many years. However, there’s a lack of developers willing to do such deep infrastructural changes.

    Other notable changes in the release include support for NVIDIA Orin SoCs designed for autonomous cars, improved support for the Broadcom BCM2711 chip used in the Raspberry Pi 4, support for upcoming Arm-based CPUs and GPUs, a fix for the ‘Year 2038 Problem’, virtualisation tweaks, and ending support for PowerPC 601 CPUs.

Linux 5.10 Released: Bigger Kernel Release Than Expected

  • Linux 5.10 Released: Bigger Kernel Release Than Expected

    Linus Torvalds this week announced the first release candidate of version 5.10 of the Linux kernel (Linux 5.10-rcl), a release that also marks the end of the feature merge window for this EOY 2020 kernel. Version 5.10 should debut as stable by mid-December. This kernel will then be maintained under the Linux long-term support (LTS) program.

    "This looks to be a bigger release than I expected," Torvalds said on the Linux kernel mailing list, "and while the merge window is smaller than the one for 5.8 was, it's not a lot smaller.
    And 5.8 was our biggest release ever."

    The merging window is a key part of the new kernel release process. Up to 1,000 patches are submitted by the developer community and merged every day into the mainline repository managed by Torvalds. A review process ensures that each patch implements a desirable change.

    Linux 5.9 to 5.10-rc1 added about 704k lines of new code and approximately 419k lines were deleted. By comparison, Linux 5.8 to 5.9-rc1 had 727k lines added and 270k deletions, and 5.7 to 5.8-rc1 had 973k lines added and 429k deletions (that was largest ever).

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Programming Leftovers

  • C: sigprocmask Function Usage

    You may have heard about socket programming in C. One of the socket functions is the “sigprocmask” function. This function has been usually utilized in the code to inspect or alter the signal mask of the calling function. The signal mask is a term used for a group of signals that are presently blocked and cannot be conveyed for the calling function. Such kind of signal is known as “Blocked Signals.” You can say that a process can still receive the blocked signals, but it will not be used until they are unblocked and released, i.e., raised. Until then, it will be pending. Therefore, within today’s guide, we will be discussing the use of the sigprocmask function in C programming. Let’s have a start. After the Ubuntu 20.04 successful login, you need to launch the shell of the Ubuntu 20.04 system first after the login. So, try out the “Ctrl+Alt+T” shortcut simply on the desktop screen. It will launch the terminal shell for you in some seconds. Make sure to update your system using the apt package of your system. After that, you have to execute the “touch” instruction along with the file name you want to generate, i.e., to create the C file via the shell. This newly created file can be found in the “home” folder of your system’s file explorer. You can try opening it with the “text” editor to create code in it. Another way to open it in the shell is using the “GNU Nano” editor using the “nano” keyword with a file name as demonstrated beneath.

  • C: sigaction function usage

    A sigaction() is a function that allows to call/observe or examine a specific action associated with a particular signal. It is thought to consider a signal and sigaction function on the same page. But in reality, it has not occurred. The signal() function does not block other signals when the current handler’s execution is under process. At the same time, the sigaction function can block other signals until the current handler has returned.

  • delegation of authority from the systems programming perspective – Ariadne's Space

    As I have been griping on Twitter lately, about how I dislike the design of modern UNIX operating systems, an interesting conversation about object capabilities came up with the author of musl-libc. This conversation caused me to realize that systems programmers don’t really have a understanding of object capabilities, and how they can be used to achieve environments that are aligned with the principle of least authority. In general, I think this is largely because we’ve failed to effectively disseminate the research output in this area to the software engineering community at large — for various reasons, people complete their distributed systems degrees and go to work in decentralized finance, as unfortunately, Coinbase pays better. An unfortunate reality is that the security properties guaranteed by Web3 platforms are built around object capabilities, by necessity – the output of a transaction, which then gets consumed for another transaction, is a form of object capability. And while Web3 is largely a planet-incinerating Ponzi scheme run by grifters, object capabilities are a useful concept for building practical security into real-world systems. Most literature on this topic try to describe these concepts in the framing of, say, driving a car: by default, nobody has permission to drive a given car, so it is compliant with the principle of least authority, meanwhile the car’s key can interface with the ignition, and allow the car to be driven. In this example, the car’s key is an object capability: it is an opaque object, that can be used to acquire the right to drive the car. Afterwards, they usually go on to describe the various aspects of their system without actually discussing why anybody would want this.

  • Pip Install: Install and Remove Python Packages
  • A dog-cat-horse-turtle problem

    Sometimes the text-processing problems posted on Stack Exchange have so many solutions, it's hard to decide which is best. A problem like that was posted in the "Unix & Linux" section in December 2021...

Istio / Announcing Istio 1.12.2

This release fixes the security vulnerability described in our January 18th post, ISTIO-SECURITY-2022-001 as well as a few minor bug fixes to improve robustness. This release note describes what’s different between Istio 1.12.1 and Istio 1.12.2. Read more Also: ISTIO-SECURITY-2022-001

Android Leftovers

Redis vs. MongoDB: What you need to know

Databases are garnering a lot of popularity every day and are used by many organizations for a wide variety of use cases. Many organizations are employing innovative techniques to handle their data storage. These companies often shift between databases to optimize their storage and data mapping according to their business needs. Companies with growing data requirements utilize databases with dynamic functionalities. However, deciding which database is perfect for each of these companies can be very subjective. When it comes to database management, choosing between Redis and MongoDB can be relatively challenging. Read more