LWN.net

[$] LWN.net Weekly Edition for June 5, 2025

corbet — Thu, 05 Jun 2025 01:11:25 +0000

Inside this week's LWN.net Weekly Edition:

Front: OpenH264 in Fedora; Wallabag; Safety certification; 6.16 Merge window; Bounce buffering; Hardening repository problems; Device-initiated I/O; Faster networking; OSPM 2025; Free software in science.
Briefs: Kea vulnerabilities; Alpine Linux 3.22.0; Fedora strategy; Quotes; ...
Announcements: Newsletters, conferences, security updates, patches, and more.

[$] Device-initiated I/O

jake — Wed, 04 Jun 2025 17:39:05 +0000

Peer-to-peer DMA (P2PDMA) has been part of the kernel since the 4.20 release in 2018; it provides a framework that allows devices to transfer data between themselves directly, without using system RAM for the transfer. At the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit (LSFMM+BPF), Stephen Bates led a combined storage, filesystems, and memory-management session on device-initiated I/O, which is perhaps what P2PDMA is evolving toward. Two years ago, he led a session on P2PDMA at the summit; this year's session was a brief update on P2PDMA with a look at where it may be heading.

Strategy 2028 update (Fedora Community Blog)

jzb — Wed, 04 Jun 2025 14:54:06 +0000

Outgoing Fedora Project Leader Matthew Miller has posted an update on Fedora's high-level plan through 2028:

[Fedora] Council members identified potential Initiatives that we believe are important to work on next. We came up with a list of thirteen — which is way more than we can handle at once. We previously set a limit of four Initiatives at a time. We decided to keep to that rule, and are planning to launch four initiatives in the next months

The initiatives are: making Fedora releases block on accessibility issues, experimenting with a "GitOps" workflow for packaging, migrating from Pagure to Forgejo, and "making sure Fedora Linux is ready for people who want to work on machine learning and AI development".

[$] Two sessions on faster networking

daroc — Wed, 04 Jun 2025 14:21:46 +0000

Cong Wang and Daniel Borkmann each led session at the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit about their respective plans to speed up networking in the Linux kernel. Both sessions described ways to remove unnecessary operations in the networking stack, but they focused on different areas. Wang spoke about using BPF to speed up socket operations, while Borkmann spoke about eliminating the overhead of networking operations on virtual machines.

[$] The importance of free software to science

jake — Wed, 04 Jun 2025 14:16:09 +0000

Free software plays a critical role in science, both in research and in disseminating it. Aspects of software freedom are directly relevant to simulation, analysis, document preparation and preservation, security, reproducibility, and usability. Free software brings practical and specific advantages, beyond just its ideological roots, to science, while proprietary software comes with equally specific risks. As a practicing scientist, I would like to help others—scientists or not—see the benefits from free software in science.

Eight stable kernels released

jzb — Wed, 04 Jun 2025 13:24:25 +0000

Greg Kroah-Hartman has announced the release of the 6.15.1, 6.14.10, 6.12.32, 6.6.93, 6.1.141, 5.15.185, 5.10.238, and 5.4.294 stable kernels. As usual, each contains a set of important fixes.

Security updates for Wednesday

jzb — Wed, 04 Jun 2025 13:13:30 +0000

Security updates have been issued by AlmaLinux (git, krb5, perl-CPAN, and rsync), Debian (tcpdf), Fedora (libmodsecurity, lua-http, microcode_ctl, and nextcloud), Red Hat (osbuild-composer), SUSE (389-ds, avahi, ca-certificates-mozilla, docker, expat, freetype2, glib2, gnuplot, gnutls, golang-github-teddysun-v2ray-plugin, golang-github-v2fly-v2ray-core, govulncheck-vulndb, helm, iperf, kernel, kernel-livepatch-MICRO-6-0_Update_2, kernel-livepatch-MICRO-6-0_Update_4, krb5, libarchive, libsoup, libsoup2, libtasn1, libX11, libxml2, libxslt, orc, podman, python-Jinja2, python-requests, python3-setuptools, python310, python311, python39, rubygem-rack, sslh, SUSE Manager Client Tools, SUSE Manager Client Tools and Salt Bundle, ucode-intel, util-linux, and wget), and Ubuntu (libvpx, linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-gkeop, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-nvidia-tegra, linux-oracle, linux, linux-aws, linux-kvm, linux-aws, linux-lts-xenial, linux-aws-fips, linux-azure-fips, linux-fips, linux-gcp-fips, linux-aws-fips, linux-gcp-fips, linux-azure-fde, linux-fips, and linux-intel-iot-realtime, linux-realtime).

[$] Safety certification for open-source systems

daroc — Tue, 03 Jun 2025 14:41:20 +0000

This year's Linaro Connect in Lisbon, Portugal featured a number of talks about the use of open-source components in safety-critical systems. Kate Stewart gave a keynote on the topic on the first day of the conference. In it, she highlighted several projects that have been working to pursue safety certification and spoke about the importance of being able to trace software's origins to safety. In a talk on the second day, Roberto Bagnara shared his experience with working on one of those projects, the Xen hypervisor, to conform to a formal set of rules for safety-critical code.

Security updates for Tuesday

corbet — Tue, 03 Jun 2025 13:14:51 +0000

Security updates have been issued by AlmaLinux (varnish), Debian (asterisk and roundcube), Fedora (systemd), Mageia (golang), Red Hat (ghostscript, perl-CPAN, python36:3.6, and rsync), SUSE (govulncheck-vulndb, libsoup-2_4-1, and postgresql, postgresql16, postgresql17), and Ubuntu (mariadb, open-vm-tools, php-twig, and python-tornado).

Alpine Linux 3.22.0 released

jzb — Mon, 02 Jun 2025 17:05:52 +0000

Version 3.22.0 of the Alpine Linux distribution has been released. Notable changes in this release include the removal of the X11 session for KDE Plasma, a switch to systemd-efistub, and experimental support for user services with the OpenRC init system. See the release notes for a detailed list of changes.

[$] Hardening fixes lead to hard questions

corbet — Mon, 02 Jun 2025 16:55:11 +0000

Kees Cook's "hardening fixes" pull request for the 6.16 merge window looked like a straightforward exercise; it only contained four commits. So just about everybody was surprised when it resulted in Cook being temporarily blocked from his kernel.org account among fears of malicious activity. When the dust settled, though, the red alert was canceled. It turns out, surprisingly, that Git is a tool with which one can inflict substantial self-harm in a moment of inattention.

[$] OpenH264 induces headaches for Fedora

jzb — Mon, 02 Jun 2025 15:57:23 +0000

Software patents and workarounds for them are, once again, causing headaches for open-source projects and users. This time around, Fedora users have been vulnerable to a serious flaw in the OpenH264 library for months—not for want of a fix, but because of the Rube Goldberg machine methodology of distributing the library to Fedora users. The software is open source under a two-clause BSD license; the RPMs are built and signed by Fedora, but the final product is distributed by Cisco, so the company can pick up the tab for license fees. Unfortunately, a breakdown in the process of handing RPMs to Cisco for distribution has left Fedora users vulnerable, and inaction on Fedora's part has left users unaware that they are at risk.

Security updates for Monday

jake — Mon, 02 Jun 2025 13:39:33 +0000

Security updates have been issued by Debian (espeak-ng, kitty, kmail-account-wizard, krb5, libreoffice, libvpx, net-tools, python-flask-cors, symfony, tcpdf, thunderbird, and twitter-bootstrap3), Fedora (chromium, dropbear, firefox, gstreamer1-plugins-bad-free, python-tornado, systemd, and thunderbird), Mageia (coreutils, deluge, glib2.0, and redis), Oracle (firefox, kernel, and systemd), Red Hat (firefox, kernel, kernel-rt, varnish, varnish:6, and zlib), SUSE (bind, curl, dnsdist, docker, ffmpeg-7, firefox, glibc, golang-github-prometheus-alertmanager, govulncheck-vulndb, icinga2, iputils, java-11-openjdk, java-1_8_0-ibm, kea, kernel, libopenssl-3-devel, libsoup, libxml2, nodejs-electron, open-vm-tools, openbao, perl-Net-Dropbox-API, pluto, poppler, postgresql14, postgresql15, postgresql16, postgresql17, python312-setuptools, runc, s390-tools, skopeo, sqlite3, thunderbird, and unbound), and Ubuntu (apport and libphp-adodb).

[$] Reports from OSPM 2025, day three

corbet — Fri, 30 May 2025 18:18:44 +0000

The seventh edition of the Power Management and Scheduling in the Linux Kernel Summit (known as "OSPM") took place on March 18-20, 2025. Topics discussed on the third (and final) day include proxy execution, energy-aware scheduling, the deadline scheduler, and an evaluation of the kernel's EEVDF scheduler.

[$] Out of Pocket and into the wallabag

jzb — Fri, 30 May 2025 12:52:06 +0000

Mozilla has decided to throw in the towel on Pocket, a social-bookmarking service that it acquired in 2017. This has left many users scrambling for a replacement for Pocket before its shutdown in July. One possible option is wallabag, a self-hostable, MIT-licensed project for saving web content for later reading. It can import saved data from services like Pocket, share content on the web, export to various formats, and more. Even better, it puts users in control of their data long-term.