[$] Formalizing f-strings
Python’s formatted strings, or “f-strings”, came relatively late to the
language, but have become a popular feature. F-strings allow a compact
representation for the common task of interpolating program data into
strings, often in order to output them in some fashion. Some
restrictions were placed on f-strings to simplify the implementation of
them, but those restrictions are not really needed anymore and, in
fact, are complicating the CPython parser. That has led to a Python
Enhancement Proposal (PEP) to for … ⌘ Read more
PEP 703: Making the Python global interpreter lock optional
In late 2021, LWN covered a plan to
eliminate the Python global interpreter lock (GIL), thus improving the
language’s thread-level concurrency. This plan has now been codified as PEP 703, which includes
an extensive discussion of the changes that would be made.
The global interpreter lock will remain the default for CPython
builds and python.org downloads. A new build configuration flag,
–witho … ⌘ Read more
Security updates for Tuesday
Security updates have been issued by Debian (libtasn1-6), Fedora (nautilus), Oracle (kernel, kernel-container, nodejs:14, tigervnc, and xorg-x11-server), Red Hat (grub2, nodejs:14, tigervnc, and xorg-x11-server), Scientific Linux (tigervnc and xorg-x11-server), SUSE (systemd), and Ubuntu (firefox, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure, w3m, and webkit2gtk). ⌘ Read more
[$] Memory-management short topics: page-table sharing and working sets
The kernel’s memory-management developers have been busy before and during
the holidays; the result is a number of patch sets making significant
changes to that subsystem. It is time for a quick look at three of those
projects. Two of them aim to increase the sharing of page tables between
processes, while the third takes advantage of the multi-generational LRU to create a better
picture of what a process’s working set actually … ⌘ Read more
Security updates for Monday
Security updates have been issued by Fedora (python2.7), SUSE (ca-certificates-mozilla, libksba, and ovmf), and Ubuntu (linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-gke,
linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm,
linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15,
linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm,
linux-oracle, linux-raspi2, linux-snapdragon, linu … ⌘ Read more
Kernel prepatch 6.2-rc3
Linus has released 6.2-rc3 for testing.
“Here we are, another week done, and things are starting to look a lot
more normal after that very quiet holiday week that made rc2 so very
small”. ⌘ Read more
Three stable kernels; 4.9 at an end
The
6.1.4,
6.0.18, and
4.9.337
stable kernel updates have been released; each contains another set of
important fixes.
Greg Kroah-Hartman has also let it be known
that 4.9.337 is the end of the line for the 4.9 kernel, which was released
just over six years ago. “This kernel is now END-OF-LIFE and you should move to 4.14.y at t … ⌘ Read more
[$] A vDSO implementation of getrandom()
Most developers probably do not see the generation of random numbers as
being a performance bottleneck for their programs, but there are seemingly
exceptions. Over the last few years, Jason Donenfeld has brought a new
level of energy to the development of the kernel’s random-number generator;
he is now directing his efforts toward improving performance for user space
with this patch\
series that provides an implementati … ⌘ Read more
Security updates for Friday
Security updates have been issued by Debian (libetpan and smarty3), SUSE (libksba, rpmlint-mini, tcl, and xrdp), and Ubuntu (curl, firefox, and linux-oem-5.14). ⌘ Read more
Hutterer: X servers no longer allow byte-swapped clients
Peter Hutterer writes
about the disabling of support for byte-swapped clients in the X.org server
and the reasons why this was done.
These days, encountering a Big Endian host is increasingly niche,
letting it run an X client that connects to your local
little-endian X server is even more niche. I think the only
regular real-world use-case for this is running X clients on an
s390x, co … ⌘ Read more
[$] Per-extent encrypted keys for fscrypt
The kernel’s fscrypt\
subsystem enables filesystems to store files and
directories in encrypted form, protecting them against offline attacks. A
few filesystems support encryption with fscrypt currently, but Btrfs is an
exception, despite a number of attempts to add this feature. The problem
is that, as so often seems to be the case, Btrfs works differently and does
not fit well with one of the key assumptions in the design of fscrypt. With [ … ⌘ Read more
Security updates for Thursday
Security updates have been issued by Fedora (binwalk), Oracle (kernel and webkit2gtk3), Red Hat (webkit2gtk3), Slackware (vim), and Ubuntu (libksba and nautilus). ⌘ Read more
[$] LWN.net Weekly Edition for January 5, 2023
The LWN.net Weekly Edition for January 5, 2023 is available. ⌘ Read more
[$] Adding system calls for Linux security modules
The Linux security module (LSM) subsystem has long had limitations on
which modules could be combined in a given running kernel. Some parts of
the problem have been solved over the years—”smaller” LSMs can be combined
at will with a single, more complex LSM—but combining (or “stacking”)
SELinux with, say, Smack or AppArmor has never been possible. Back in
October, we looked at the most recent
attempt to add that ability, which resulted in patches to … ⌘ Read more
Yet another three stable kernel updates
The
6.1.3,
6.0.17, and
5.10.162
stable kernel updates have been released. Each contains a moderate set of
important fixes. ⌘ Read more
Security updates for Wednesday
Security updates have been issued by Red Hat (webkit2gtk3), SUSE (rmt-server), and Ubuntu (freeradius). ⌘ Read more
[$] Supporting unified kernel images for Fedora
The Fedora community is currently discussing a proposal to start supporting
a unified\
kernel image (UKI) for the distribution; these images would combine
several pieces that are generally separate today (e.g. initrd, kernel, and
kernel
command line). There are a number of
advantages to such a kernel image, at least for some kinds of systems, but
there is worry from some about where the endpoint of th … ⌘ Read more
Security updates for Tuesday
Security updates have been issued by Oracle (bcel), SUSE (ca-certificates-mozilla, glibc, minetest, multimon-ng, nautilus, ovmf, python-Django, samba, saphanabootstrap-formula, and xrdp), and Ubuntu (usbredir). ⌘ Read more
[$] Welcome to 2023
Yet another new year is upon us, and that can only mean one thing: the time
has come for your editor to look into his crystal ball and make some
predictions for what 2023 will hold. Said crystal ball is known to suffer
from speculative-execution problems and parity errors, but it’s the best
that LWN’s budget will afford. Read on for a highly unreliable look at
what’s to come. ⌘ Read more
20 Years of DistroWatch
DistroWatch Weekly celebrates its\
1000th issue and 20 years of publication.
How much material is in two decades of Weekly editions? It’s in the
ballpark of 2,500 articles or approximately 5,600,000 words. It’s
an overview of a few thousand news announcements, more than 13,000
screenshots, over 6,500 stable open source operating system
releases summarized, and more than 2,800 torrents seeded. We’ve
published answers to over 470 questions fro … ⌘ Read more
Nightly PyTorch builds compromised
Anybody who installed a nightly release from the PyTorch machine-learning library between
December 25 and 30 will\
want to uninstall it immediately:
At around 4:40pm GMT on December 30 (Friday), we learned about a
malicious dependency package (torchtriton) that was uploaded to the
Python Package Index (PyPI) code repository with the same package
name as the one we ship on the PyTorch nightly package index. … ⌘ Read more
Security updates for Monday
Security updates have been issued by Debian (cacti, emacs, exuberant-ctags, libjettison-java, mplayer, node-loader-utils, node-xmldom, openvswitch, ruby-image-processing, webkit2gtk, wpewebkit, and xorg-server), Fedora (OpenImageIO, systemd, w3m, and webkit2gtk3), Mageia (curl, freeradius, libksba, libtar, python-ujson, sogo, thunderbird, and webkit2), Red Hat (bcel), and SUSE (ffmpeg, ffmpeg-4, mbedtls, opera, saphanabootstrap-formula, sbd, vlc, and webkit2gtk3). ⌘ Read more
Kernel prepatch 6.2-rc2
The second 6.2 kernel prepatch is out for
testing — but there isn’t a lot there.
So the week started so slow due to the holidays that I thought I
might not have any reason to do an rc2 at all, but by the end of
the week I did end up getting a smattering of pull requests, so
here we are. It’s tiny, even smaller than usual for an rc2, and
honestly, I’d expect that trend to continue for rc3. ⌘ Read more
Vanilla OS 22.10 released
Vanilla OS is a new, Ubuntu-based
distribution with an immutable(ish) core and a focus on containers. Version\
22.10, the first stable release, is out.
Vanilla OS is not an ordinary Linux distribution, it is a project
that sets itself many goals and is not afraid to put itself out
there, proudly displaying its unique technologies such as the Apx
sub-system, its own automatic update system, and ABRoot
tra … ⌘ Read more
LineageOS 20 released
Version 20 of the
Android-based LineageOS distribution has been released.
We have been working extremely hard since Android 13’s release last
October to port our features to this new version of Android. Thanks
to our hard work adapting to Google’s largely UI-based changes in
Android 12, and Android 13’s dead-simple device bring-up
requirements, we were able to rebase our changes onto Android 13
much more efficiently. This led to a lot of time to spend on co … ⌘ Read more
Three stable kernel updates
The
6.1.2,
6.0.16, and
5.15.86
stable kernel updates have been released. As is typical for the first
post-rc1 updates, each of these contains a huge number of important fixes. ⌘ Read more
Security updates for Friday
Security updates have been issued by Debian (libcommons-net-java), Fedora (python3.6), and SUSE (conmon, polkit-default-privs, thunderbird, and webkit2gtk3). ⌘ Read more
Security updates for Thursday
Security updates have been issued by Debian (multipath-tools), Fedora (containerd and trafficserver), Gentoo (libksba and openssh), and SUSE (webkit2gtk3). ⌘ Read more
Security updates for Wednesday
Security updates have been issued by Fedora (curl) and SUSE (curl, freeradius-server, sqlite3, systemd, and vim). ⌘ Read more