Welcome to LWN.net
LWN.net is a reader-supported news site dedicated to producing the best coverage from within the Linux and free software development communities. See the LWN FAQ for more information, and please consider subscribing to gain full access and support our activities.
[$] The phaseout of the mmap() file operation
The file_operations structure in the kernel is a set of function pointers implementing, as the name would suggest, operations on files. A subsystem that manages objects which can be represented by a file descriptor will provide a file_operations structure providing implementations of the various operations that a user of the file descriptor may want to carry out. The mmap() method, in particular, is invoked when user space calls the mmap() system call to map the object behind a file descriptor into its address space. That method, though, is currently on its way out in a multi-release process that started in 6.17.
[$] LWN.net Weekly Edition for September 25, 2025
Posted Sep 25, 2025 2:01 UTC (Thu)The LWN.net Weekly Edition for September 25, 2025 is available.
Inside this week's LWN.net Weekly Edition
- Front: Debian stable bug; Canceling async Rust; CHERI Linux; Time-slice extension; Multikernel; Revocable references; Blender 4.5.
- Briefs: Bluefin LTS; RPM 6.0.0; Tails 7.0; Rust 1.90.0; Infrastructure costs; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
[$] Canceling asynchronous Rust
Asynchronous Rust code has what Rain Paharia calls a "universal cancellation protocol
", meaning that any asynchronous code can be interrupted in the same way. They claim that this is both a useful feature when used deliberately, and a source of errors when done by accident. They presented about this problem at RustConf 2025, offering a handful of techniques to avoid introducing bugs into asynchronous Rust code.
[$] CHERI with a Linux on top
The Capability Hardware Enhanced RISC Instructions (CHERI) project is a rethinking of computer architecture in order to improve system security. Carl Shaw gave a presentation at Linux Security Summit Europe (LSS EU) about CHERI and the efforts to get Linux running on it. He introduced capabilities, which are a mechanism for access control, and outlined their history, which goes back many decades at this point, then looked more specifically at the CHERI project and what it will take to apply the security constraints of capabilities to an operating system like Linux.
[$] An unstable Debian stable update
A bug in a recent release of systemd's network manager caused headaches for people managing systems that have a virtual LAN (VLAN) interface on a bridge; something one might want to do, for example, when configuring network interfaces for virtual machines. The bug affected several Debian users when upgrading the systemd package from v257.7-1 to v257.8-1. The updated package is part of the Debian 13.1 release, and the bug has snared enough users to cause a minor stir—due in no small part to the maintainer's response as much as the bug itself.
[$] Revocable references for transient devices
Computers were once relatively static devices; if a peripheral was present at boot, it was unlikely to disappear while the system was operating. Those days are far behind us, though; devices can come and go at any time, often with no notice. That impermanence can create challenges for kernel code, which may not be expecting resources it is managing to make an abrupt exit. The revocable resource management patch set from Tzung-Bi Shih is meant to help with the creation of more robust — and more secure — kernel subsystems in a dynamic world.
[$] Multiple kernels on a single system
The Linux kernel generally wants to be in charge of the system as a whole; it runs on all of the available CPUs and controls access to them globally. Cong Wang has just come forward with a different approach: allowing each CPU to run its own kernel. The patch set is in an early form, but it gives a hint for what might be possible.
[$] Blender 4.5 brings big changes
Blender 4.5 LTS was released on July 15, 2025, and will be supported through 2027. This is the last feature release of the 3D graphics-creation suite's 4.x series; it includes quality-of-life improvements, including work to bring the Vulkan backend up to par with the default OpenGL backend. With 4.5 released, Blender developers are turning their attention toward Blender 5.0, planned for release later this year. It will introduce substantial changes, particularly in the Geometry Nodes system, a central feature of Blender's procedural workflows.
[$] Extending the time-slice-extension discussion
Time-slice extension is a proposed scheduler feature that would allow a user-space process to request to not be preempted for a short period while it executes a critical section. It is an idea that has been circulating for years, but efforts to implement it became more serious in February of this year. The latest developer to make an attempt at time-slice extension is Thomas Gleixner, who has posted a new patch set with a reworked API. Chances are good that this implementation is close to what will actually be adopted by the kernel.
LWN.net Weekly Edition for September 18, 2025
Posted Sep 18, 2025 0:06 UTC (Thu)The LWN.net Weekly Edition for September 18, 2025 is available.
Inside this week's LWN.net Weekly Edition
- Front: Fighting human trafficking; End of 10; Link tags; Healthy subsystem communities; New kernel tools; Rust and Carbon; Typst.
- Briefs: Brief news items from throughout the community.
- Announcements: Newsletters, conferences, security updates, patches, and more.
Fedora considers an AI-tool policy
The Fedora project has posted a proposal for a policy regarding the use of AI tools when developing for the distribution.
You are responsible for your contributions. AI-generated content must be treated as a suggestion, not as final code or text. It is your responsibility to review, test, and understand everything you submit. Submitting unverified or low-quality machine-generated content (sometimes called "AI slop") creates an unfair review burden on the community and is not an acceptable contribution.
Four stable kernels released
The 6.16.9, 6.12.49, 6.6.108, and 6.1.154 stable kernels have been released. As usual, they all contain important fixes throughout the kernel tree.
Security updates for Thursday
Security updates have been issued by AlmaLinux (grub2 and kernel), Debian (chromium and libxslt), Fedora (chromium, expat, libssh, and webkitgtk), Oracle (avahi, firefox, ImageMagick, kernel, libtpms, and mysql), Red Hat (kernel), SUSE (bird3, expat, kernel, and tiff), and Ubuntu (dpkg, gnuplot, linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-raspi, linux-riscv-5.15, linux-xilinx-zynqmp, linux, linux-aws, linux-gcp, linux-gcp-6.14, linux-oracle, linux-realtime, linux-riscv, linux-riscv-6.14, linux-aws-fips, linux-fips, linux-gcp-fips, linux-azure, linux-azure-fips, linux-ibm, linux-ibm-6.8, linux-intel-iot-realtime, linux-realtime, linux-oem-6.14, linux-oracle-5.15, linux-realtime-6.14, and python-eventlet).
PostgreSQL 18 released
Version 18 of the PostgreSQL database has been released. Notable improvements in this release include "skip scan" lookups for multicolumn B-tree indexes, virtual generated columns, better text processing, oauth authentication, and a new asynchronous I/O (AIO) subsystem to improve performance:
AIO lets PostgreSQL issue multiple I/O requests concurrently instead of waiting for each to finish in sequence. This expands existing readahead and improves overall throughput. AIO operations supported in PostgreSQL 18 include sequential scans, bitmap heap scans, and vacuum. Benchmarking has demonstrated performance gains of up to 3x in certain scenarios.
There are, of course, many other improvements and changes; see the release notes for full details.
Security updates for Wednesday
Security updates have been issued by AlmaLinux (kernel and kernel-rt), Fedora (expat), Red Hat (kernel and multiple packages), SUSE (avahi, busybox, busybox-links, kernel, sevctl, tcpreplay, thunderbird, and tor), and Ubuntu (isc-kea, linux, linux-aws, linux-gcp, linux-gke, linux-gkeop, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-aws-6.8, linux-gcp-6.8, linux-aws-fips, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-realtime, python-pip, and rabbitmq-server).
Open Infrastructure is Not Free: A Joint Statement on Sustainable Stewardship
The Open Source Security Foundation (OpenSSF) has put together a joint statement from many of the public package repositories for various languages about the need for assistance in maintaining these commons. Services such as PyPI for Python, crates.io for Rust, and many others are working together to try to find ways to sustain these services in the face of challenges from "automated CI systems, large-scale dependency scanners, and ephemeral container builds
" all downloading enormous amounts of package data, coupled with the rise of generative and agentic AI "driving a further explosion of machine-driven, often wasteful automated usage, compounding the existing challenges
". It is not a crisis, yet, they say, but it is headed in that direction.
Despite serving billions (perhaps even trillions) of downloads each month (largely driven by commercial-scale consumption), many of these services are funded by a small group of benefactors. Sometimes they are supported by commercial vendors, such as Sonatype (Maven Central), GitHub (npm) or Microsoft (NuGet). At other times, they are supported by nonprofit foundations that rely on grants, donations, and sponsorships to cover their maintenance, operation, and staffing.Regardless of the operating model, the pattern remains the same: a small number of organizations absorb the majority of infrastructure costs, while the overwhelming majority of large-scale users, including commercial entities that generate demand and extract economic value, consume these services without contributing to their sustainability.
Security updates for Tuesday
Security updates have been issued by Debian (corosync and kernel), Fedora (checkpointctl, chromium, curl, and perl-Catalyst-Authentication-Credential-HTTP), SUSE (firefox, frr, kernel, rustup, vim, and wireshark), and Ubuntu (glibc and pam).
RPM 6.0.0 released
Version 6.0.0 of the RPM Package Manager has been released. Notable changes in this release include support for multiple OpenPGP signatures per package, the ability to update previously installed PGP keys, as well as support for RPM v4 and v6 packages. See the release notes for full details.
Security updates for Monday
Security updates have been issued by Debian (ffmpeg, jetty12, jetty9, jq, and pam), Fedora (curl, libssh, podman-tui, and prometheus-podman-exporter), Oracle (firefox, gnutls, kernel, and thunderbird), and SUSE (bluez, cairo, chromium, cmake, cups, firefox, frr, govulncheck-vulndb, kernel, kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t, mariadb, mybatis, ognl, python-h2, and rke2).
Kernel prepatch 6.17-rc7
Linus has released 6.17-rc7 for testing. "Let's keep the testing going, and we'll have the final 6.17 in a week
".