Linux Weekly News

The LWN.net Weekly Edition for August 8, 2024 is available.

Mozilla has announced that Puppeteer, a browser automation and testing library, now has first-class support for Firefox using the WebDriver BiDi protocol. Puppeteer can be used to drive headless browser instances, and is commonly used for automated end-to-end web-site tests.

Whilst the features offered by Puppeteer won't be a surprise, bringing support to multiple browsers has been a significant undertaking. The Firefox support is not based on a Firefox-specific automation protocol, but on WebDriver BiDi, a cross browser protocol that's undergoing standardization at the W3C, and currently has implementation in both Gecko and Chromium. This use of a cross-browser protocol should make it much easier to support many different browsers going forward.

The desire for the ability to checkpoint a process — to record its state in a form that can be restarted at a future time — on Linux is almost as old as Linux itself. See, for example, this announcement of a checkpoint project that appeared in LWN in 1998. While working solutions exist, they can be somewhat fragile and difficult to use; it is not surprising that some people are interested in finding a better alternative. A current effort goes by the name CRIB, for Checkpoint/Restore in (naturally) BPF. It is far from clear that CRIB will replace the existing solutions, but it is an interesting look at a different way of solving the problem.

There are lots of places in the kernel where an EINVAL can be returned to user space, but it is often unclear what the actual underlying problem is because the errno error codes are too generic. That is the problem that Miklos Szeredi wanted to discuss in a filesystem session that he led remotely at the 2024 Linux Storage, Filesystem, Memory Management, and BPF Summit. He would like to help those who are trying to debug problems trace where in the kernel a particular error code is being generated.

Security updates have been issued by Debian (firefox-esr, openjdk-17, and wpa), Gentoo (aiohttp, Bitcoin, Cairo, Go, json-c, Levenshtein, libXpm, nghttp2, PostgreSQL, and Redis), Red Hat (kernel, kernel-rt, python-setuptools, python-urllib3, python3.11-setuptools, and wget), Slackware (mozilla), SUSE (bind, curl, docker, ffmpeg, ffmpeg-4, kernel, kernel-firmware, libnbd, patch, shadow, and thunderbird), and Ubuntu (python-django and wpa).

CircuitPython is an open-source implementation of the Python programming language for microcontroller boards. The project, which is sponsored by Adafruit Industries, is designed with new programmers in mind, but it also has many features that may be of interest to more-experienced developers. The recent 9.1.0 release adds a few minor features, but it follows just a few months after CircuitPython 9.0.0, which brings some more significant changes, including improved graphics and USB support.

Version 129.0 of the Firefox browser has been released. Changes include some improvements to the reader mode, tab previews, and use of HTTPS by default.

Security updates have been issued by Debian (libreoffice), Gentoo (containerd and firefox), Red Hat (httpd), SUSE (ca-certificates-mozilla, ksh, openssl-3-livepatches, podman, python-Twisted, and skopeo), and Ubuntu (imagemagick).

David Howells wanted to discuss changing the way filesystem code handles the ability to interrupt or kill operations, in order to fix some longstanding problems with network (and other) filesystems, in a session at the 2024 Linux Storage, Filesystem, Memory Management, and BPF Summit. As noted in his session proposal, some filesystems may be expecting to not be interruptible, but are calling code can take locks and mutexes that are interruptible (or killable), which are effectively changing the state of the task incorrectly. He would like to find a solution for that problem.

The Business Source License (BUSL) is a source-available license that "converts" to an open-source license after a period of time. In theory, this means that a few years after a version of a product is released under the BUSL, it becomes open source and is fair game for Linux distributions to package along with regular open-source projects. In practice, the license throws a few curveballs that require special consideration and caution, as the Fedora Project recently discussed.

Version 2.43 of the GNU Binutils package is out. Changes include some improvements to the assembler and the linker, better support for hardware event counters in the Gprofng profiler, and more.

Security updates have been issued by Debian (openjdk-11), Fedora (bind, bind-dyndb-ldap, chromium, ffmpeg, hostapd, trafficserver, and wpa_supplicant), and Ubuntu (curl and linux-oem-6.5).

Linus has released 6.11-rc2 for testing. "Hopefully we've gotten rid of the bulk of the silly noise here in rc2, and not added too much new noise, so that we can get on with the process of finding more meaningful issues."

The 6.10.3, 6.6.44, and 6.1.103 stable kernel updates have all been released. As usual, they contain important fixes throughout the tree. Users of those kernels should upgrade.

There is ongoing discussion about the ethics and effectiveness of telemetry following some recent LWN articles that touched on Thunderbird's use of opt-out telemetry and planned metrics in Fedora. The Internet Security Research Group (ISRG), the nonprofit behind Let's Encrypt, has a potential solution to the problem of how to collect and aggregate telemetry without violating users' privacy. The scheme is based on a draft protocol being standardized with the Internet Engineering Task Force (IETF), and has an open-source implementation available.

Security updates have been issued by Fedora (chromium), SUSE (docker and patch), and Ubuntu (bind9, gross, linux-azure, linux-azure-4.15, linux-lowlatency-hwe-6.5, and tomcat8, tomcat9).

The Sovereign Tech Fund (STF) has announced a fellowship program to support "the dedicated individuals who keep our digital infrastructure running":

Over the past two years, STF has successfully contracted over 40 FOSS projects, enhancing their technical sustainability through targeted milestones. However, the activities of maintainers, who often work on multiple FOSS projects, are hard to quantify for funding applications, as the demands and challenges vary and can change quickly. This is where the fellowship for maintainers comes into play.

According to the fellowship page the STF plans to fund five fellowships, beginning in the fourth quarter of this year, for a period of 12 months.

Like many projects written in C, the kernel makes extensive use of the C preprocessor; indeed, the kernel's use is rather more extensive than most. The preprocessor famously has a number of sharp edges associated with it. One might not normally think of increased compilation time as one of them, though. It turns out that some changes to a couple of conceptually simple preprocessor macros — min() and max() — led to some truly pathological, but hidden, behavior where those macros were used.

We have received the sad news that Dr. Mel Chua has passed away. Mel was probably best known in the free-software community as a contributor to the Fedora Project in its early days. The Fedora Community blog honored Mel recently after she had moved to hospice care with tributes from several Fedorans. Stephen Jacobs wrote:

I can't find the words to express how much of a positive impact Mel has had on my work, our shared work, my family, the experiences of my students, and the world of FOSS writ large. Nor can I find the words to convey just how much I will miss her.

Mel will be greatly missed.

Security updates have been issued by Debian (chromium), Fedora (kernel, obs-cef, and xen), Mageia (emacs), Oracle (freeradius, freeradius:3.0, and kernel), Red Hat (emacs, httpd, and kpatch-patch-4_18_0-305_120_1), Slackware (curl), SUSE (apache2, cockpit-wicked, glibc, gnutls, gvfs, less, nghttp2, opensc, python-idna, python-requests, qemu, rpm, tpm2-0-tss, tpm2.0-tools, and unbound), and Ubuntu (clickhouse, exim4, libcommons-collections3-java, linux, linux-aws, linux-kvm, linux-lts-xenial, mysql-8.0, openssl, php-cas, prometheus-alertmanager, and snapd).