Welcome to LWN.net
LWN.net is a reader-supported news site dedicated to producing the best coverage from within the Linux and free software development communities. See the LWN FAQ for more information, and please consider subscribing to gain full access and support our activities.
[$] Aeon: openSUSE for lazy developers
The openSUSE project recently announced
the second release candidate (RC2) of its Aeon Desktop, formerly known
as MicroOS Desktop GNOME. Aside from the new coat of naming paint,
Aeon breaks ground in a few other ways by dabbling with technologies not found in other openSUSE releases. The goal for Aeon is to provide
automated system updates using snapshots that can be applied
atomically, removing the burden of system maintenance for
"lazy developers
" who want to focus on their work rather than desktop
administration. System-tinkerers need not apply.
[$] Simplifying the BPF verifier
The BPF verifier is a complex program. This has the unfortunate effect of making it simultaneously more difficult for contributors to work on, and more likely to harbor unknown bugs. Shung-Hsi Yu had two concrete proposals for how to simplify the verifier to make it easier to maintain that he presented at the 2024 Linux Storage, Filesystem, Memory Management, and BPF Summit. Yu proposed changing how the verifier tracks partially known values and cleaning up the interface to hide the details of the value-tracker's internal representation.
[$] Improving control-flow integrity for Linux on RISC-V
Redirecting execution flow is a common malware technique that can be used to compromise operating systems. To protect from such attacks, the chip makers of leading architectures like x86 and arm64 have implemented control-flow-integrity (CFI) extensions, though they need system software support to function. At the Linux Security Summit North America, RISC-V kernel developer Deepak Gupta described the CFI protections for that architecture and invited community input on the kernel support for them.
[$] LWN.net Weekly Edition for June 13, 2024
Posted Jun 13, 2024 1:26 UTC (Thu)The LWN.net Weekly Edition for June 13, 2024 is available.
Inside this week's LWN.net Weekly Edition
- Front: Life after CentOS 7; Ladybird; Generic ring buffer; P4TC; Memory sealing in glibc; LSFMM+BPF coverage.
- Briefs: nftables exploit; sched_ext; OpenSUSE Leap 15.6; PSF election; perl v5.40.0; systemd 256; Firefox 127.0; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
[$] Elevating CentOS 7 to a new life
CentOS Linux 7 was first released in July 2014, and is due to go end-of-life (EOL) on June 30. By now, anyone who pays attention to such things is aware that Red Hat pulled the plug on CentOS Linux in late 2020 to be replaced by CentOS Stream instead. CentOS Linux 8 support was wound down at the end of 2021 rather than in 2029 as originally stated. CentOS Linux 7 was allowed to serve out its full lifespan—but that EOL is approaching rapidly and there's no direct upgrade path. Users and organizations looking for a lifeline might want to consider AlmaLinux's ELevate utility, which allows CentOS users to migrate to alternate enterprise Linux (EL) operating systems.
[$] Memory sealing for the GNU C Library
The mseal() system call allows a process to prevent any future changes to portions of its address space (thus "sealing" them); it was patterned after the mimmutable() system call in OpenBSD. mseal() generated a lot of discussion, but it was finally merged for the upcoming 6.10 kernel release. While mseal() was initially aimed at securing the Chrome browser, the hope was that it would be useful elsewhere; as a step toward realizing that hope, Adhemerval Zanella has posted a patch series adding support for — and use of — mseal() to the GNU C library (glibc).
[$] Securing BPF programs before and after verification
BPF is in a unique position in terms of security. It runs in a privileged context, within the kernel, and can have access to many sensitive details of the kernel's operation. At the same time, unlike kernel modules, BPF programs aren't signed. Additionally, the mechanisms behind BPF present challenges to implementing signing or other security features. Three nearly back-to-back sessions at the 2024 Linux Storage, Filesystem, Memory Management, and BPF Summit addressed some of the potential security problems.
[$] Dropping the page cache for filesystems
VFS maintainer Christian Brauner led a discussion about the possibility of selectively dropping the contents of the page cache for a filesystem in a session at the 2024 Linux Storage, Filesystem, Memory Management, and BPF Summit. As he described in his topic proposal, the use case that started him down this path comes from GNOME, which wants to be able to safely suspend access to an encrypted home directory. While it is known to kernel developers, it is surprising to others that reads from encrypted filesystems that have been suspended will succeed if the data to be read still exists in the page cache.
[$] P4TC hits a brick wall
P4, short for "Programming Protocol-independent Packet Processors", is a programming language aimed at networking devices; it is useful for the configuration of firewalls and complicated routing architectures. Since a lot of advanced networking is done with Linux systems, it stands to reason that there would be value in supporting P4 and, indeed, an implementation of P4 in the kernel's traffic-control subsystem was first posted by Jamal Hadi Salim at the beginning of 2023. After nearly 18 months, though, this feature has not been merged, and the chances of that happening would appear to be getting worse.
[$] Ladybird browser spreads its wings
Ladybird is an open-source project aimed at building an independent web browser, rather than yet another browser based on Chrome. It is written in C++ and licensed under a two-clause BSD license. The effort began as part of the SerenityOS project, but developer Andreas Kling announced on June 3 that he was "forking" Ladybird as a separate project and stepping away from SerenityOS to focus his attention on the browser completely. Ladybird is not ready to replace Firefox or Chrome for regular use, but it is showing great promise.
Reports from the Python Language Summit
The Python Software Foundation has published a set of reports from the 2024 Python Language summit. Topics covered include version numbering, the limited C API, a new default read-eval-print loop, and Python's security model in light of the XZ backdoor:
For multiple reasons like being able to fix bugs and single-maintainer modules, CPython doesn't require reviewers on the pull requests of core developers. This can lead to "unilateral action", meaning that a change is introduced into CPython without the review of someone besides the author. Other situations like release managers backporting fixes to other branches without review are common.
Schaller: Fedora Workstation development update – AI edition
Christian Schaller writes about AI and GPU-related features that are in flight and planned for Fedora 41.
Milan Crha has been working together with Alan Day and Jakub Steiner to come up with a streamlined user experience in GNOME Software to let you install the binary NVIDIA driver and provide you with an integrated graphical user interface help to sign the kernel module for use with secure boot. This is a bit different than what we for instance are doing in RHEL, where we are working with NVIDIA to provide pre-signed kernel modules, but that is a lot harder to do in Fedora due to the rapidly updating kernel versions and which most Fedora users appreciate as a big plus. So instead what we are for opting in Fedora is as I said to make it simple for you to self-sign the kernel module for use with secure boot. We are currently looking at when we can make this feature available, but no later than Fedora Workstation 41 for sure.
New Human Interface Guidelines for KDE
KDE developer Nate Graham has announced a new set of KDE Human Interface Guidelines (HIG) for the KDE project. Graham says that the goals for the new HIGs were to reflect how KDE designs software today, make the content 100% actionable, improve navigation, and to improve the guidelines so people feel comfortable contributing:
Like any rewrite, there are bound to be rough edges and omissions compared to the old version. Maybe I missed a piece of useful information in the old HIG that had been buried somewhere but retained some value. Maybe there's low-hanging fruit for improvement. Help out by contributing!
Driving forward in Android drivers (Project Zero)
This Project Zero article looks at the exploitation of a few Android driver bugs in great detail.
As it becomes more difficult to find 0-days in core Android, third-party Linux kernel drivers continue to become a more and more attractive target for attackers. While the bulk of present-day detected ITW [in-the-wild] Android exploitation targets GPU drivers, it's equally important that other third-party drivers are encouraged towards the same security standards.
Security updates for Friday
Security updates have been issued by CentOS (389-ds-base, bind, bind-dyndb-ldap, and dhcp, firefox, glibc, ipa, less, libreoffice, and thunderbird), Debian (cups), Fedora (chromium and cyrus-imapd), Mageia (golang and poppler), Oracle (bind, bind-dyndb-ldap, and dhcp, gvisor-tap-vsock, python-idna, and ruby), Red Hat (dnsmasq and expat), SUSE (libaom, php8, podman, python-pymongo, python-scikit-learn, and tiff), and Ubuntu (h2database and vte2.91).
Rust 1.79.0 released
Version 1.79.0 of the Rust language has been released. Changes this time include inline const expressions, the "associated item bounds syntax", and more.
Security updates for Thursday
Security updates have been issued by Debian (firefox-esr), Fedora (nginx-mod-modsecurity, php, and tomcat), Mageia (strongswan), Oracle (389-ds-base, buildah, c-ares, cockpit, containernetworking-plugins, fence-agents, firefox, gdk-pixbuf2, idm:DL1, ipa, kernel, libreoffice, podman, rpm-ostree, and thunderbird), Red Hat (dnsmasq and nghttp2), Slackware (mozilla), SUSE (curl, firefox, kernel, kernel-firmware-nvidia-gspx-G06, nvidia-open- driver-G06-signed, openssl-3, and python-Pillow), and Ubuntu (libmatio, libndp, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp, linux-oem-6.5, and virtuoso-opensource).
Cockpit project releases Cockpit Files plugin
The Cockpit project has announced the first release of Cockpit Files, a plugin for Cockpit that allows file management on your server via a web browser:
Cockpit Files was initially started by Google Summer of Code (GSoC) student Mahmoud Hamdy and is now under active development by the Cockpit team. The goal is to replace the functionality of the cockpit-navigator plugin from 45Drives and include automated testing per commit, a standard PatternFly-based interface, and consistency with the rest of Cockpit.
Development builds for Fedora are available via a Copr repository, and packages are expected for Arch, Debian, and Fedora. LWN covered the Cockpit project in March.
Nominations are open for the PSF Board election
The Python Software Foundation (PSF) has announced that nominations are open for the PSF Board election through June 25:
Who runs for the board? People who care about the Python community, who want to see it flourish and grow, and also have a few hours a month to attend regular meetings, serve on committees, participate in conversations, and promote the Python community.
The PSF has a video about serving on the board for those who might be interested. PSF members can nominate themselves or another member. Candidates will be announced on June 27. Voting begins on July 2 and will end on July 16.
systemd 256 released
Systemd 256 has been released. As usual, the list of changes is long; see this article for an overview, or the announcement for all the details.