Welcome to LWN.net
LWN.net is a reader-supported news site dedicated to producing the best coverage from within the Linux and free software development communities. See the LWN FAQ for more information, and please consider subscribing to gain full access and support our activities.
[$] Kernel control-flow-integrity support comes to GCC
Control-flow integrity (CFI) is a set of techniques that make it more difficult for attackers to hijack indirect jumps to exploit a system. The Linux kernel has supported forward-edge CFI (which protects indirect function calls) since 2020, with the most recent implementation of the feature introduced in 2022. That version avoids the overhead introduced by the earlier approach by using a compiler flag (-fsanitize=kcfi) that is present in Clang but not in GCC. Now, Kees Cook has a patch set adding that support to GCC that looks likely to land in GCC 17.
[$] Modernizing swapping: the end of the swap map
The first installment in this series introduced several data structures in the kernel's swap subsystem and described work to replace some of those with a new "swap table" structure. The work did not stop there, though; there is more modernization of the swap subsystem queued for an upcoming development cycle, and even more for multiple kernel releases after that. Once that work is done, the swap subsystem will be both simpler and faster than it is now.
[$] LWN.net Weekly Edition for February 5, 2026
Posted Feb 5, 2026 0:12 UTC (Thu)The LWN.net Weekly Edition for February 5, 2026 is available.
Inside this week's LWN.net Weekly Edition
- Front: Sigil; Eurydice; Sub-schedulers for sched_ext; Swap table; Futex robust lists; Tyr.
- Briefs: openSUSE governance; Git 2.53.0; LibreOffice 26.2; Open Source Award; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
[$] API changes for the futex robust list
The robust futex kernel API is a way for a user-space program to ensure that the locks it holds are properly cleaned up when it exits. But the API suffers from a number of different problems, as André Almeida described in a session in the "Gaming on Linux" microconference at the 2025 Linux Plumbers Conference in Tokyo. He had some ideas for a new API that would solve many of those problems, which he wanted to discuss with attendees; there is a difficult-to-trigger race condition that he wanted to talk about too.
[$] Sigil simplifies creating and editing EPUBs
Creating an ebook in EPUB format is easy, for certain values of "easy". All one really needs is a text editor, a few command-line utilities; also needed is a working knowledge of XHTML, CSS, along with an understanding of the format's structure and required boilerplate. Creating a well-formatted and attractive ebook is a bit harder. However, it can be made easier with an application custom-made for the purpose. Sigil is an EPUB editor that provides the tooling authors and publishers may be looking for.
[$] The future for Tyr
The
team behind
Tyr started 2025 with little to show in our quest to
produce a Rust GPU driver for Arm Mali hardware, and by the end of the
year, we were able to play SuperTuxKart (a 3D open-source racing
game) at the Linux Plumbers Conference (LPC). Our prototype was a joint
effort between Arm, Collabora, and Google; it ran well for the duration
of the event, and the performance was more than adequate for players.
Thankfully, we picked up steam at precisely the right moment: Dave
Airlie just
announced in the Maintainers Summit that the DRM subsystem
is only "about a year away
" from disallowing new drivers written in C
and requiring the use of Rust. Now it is time to lay out a
possible roadmap for 2026 in order to upstream all of this work.
[$] Modernizing swapping: introducing the swap table
The kernel's swap subsystem is a complex and often unloved beast. It is also a critical component in the memory-management subsystem and has a significant impact on the performance of the system as a whole. At the 2025 Linux Storage, Filesystem, Memory-Management and BPF Summit, Kairui Song outlined a plan to simplify and optimize the kernel's swap code. A first installment of that work, written with help from Chris Li, was merged for the 6.18 release. This article will catch up with the 6.18 work, setting the stage for a future look at the changes that are yet to be merged.
[$] Compiling Rust to readable C with Eurydice
A few years ago, the only way to compile Rust code was using the rustc compiler with LLVM as a backend. Since then, several projects, including Mutabah's Rust Compiler (mrustc), GCC's Rust support (gccrs), rust_codegen_gcc, and Cranelift have made enormous progress on diversifying Rust's compiler implementations. The most recent such project, Eurydice, has a more ambitious goal: converting Rust code to clean C code. This is especially useful in high-assurance software, where existing verification and compliance tools expect C. Until such tools can be updated to work with Rust, Eurydice could provide a smoother transition for these projects, as well as a stepping-stone for environments that have a C compiler but no working Rust compiler. Eurydice has been used to compile some post-quantum-cryptography routines from Rust to C, for example.
[$] Sub-schedulers for sched_ext
The extensible scheduler class (sched_ext) allows the installation of a custom CPU scheduler built as a set of BPF programs. Its merging for the 6.12 kernel release moved the kernel away from the "one scheduler fits all" approach that had been taken until then; now any system can have its own scheduler optimized for its workloads. Within any given machine, though, it's still "one scheduler fits all"; only one scheduler can be loaded for the system as a whole. The sched_ext sub-scheduler patch series from Tejun Heo aims to change that situation by allowing multiple CPU schedulers to run on a single system.
LWN.net Weekly Edition for January 29, 2026
Posted Jan 29, 2026 1:01 UTC (Thu)The LWN.net Weekly Edition for January 29, 2026 is available.
Inside this week's LWN.net Weekly Edition
- Front: PostmarketOS; LKRG 1.0; Fedora elections; EROFS, NTFS, and XFS; Fedora and GPG 2.5; BPF kfuncs.
- Briefs: curl bounties; GPG security; Guix 1.5.0; ReactOS turns 30; glibc 2.43; Rust 1.93; Xfwl4; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
Offpunk 3.0 released
Version
3.0 of the Offpunk
offline-first, command-line web, Gemini, and
Gopher
browser has been released. Notable changes in this release include
integration of the unmerdify
library to "remove cruft
" from web sites, the xkcdpunk
standalone tool for viewing xkcd
comics in the terminal, and a cookies command to enable
browsing web sites (such as LWN.net) while being logged in.
Something wonderful happened on the road leading to 3.0: Offpunk became a true cooperative effort. Offpunk 3.0 is probably the first release that contains code I didn't review line-by-line. Unmerdify (by Vincent Jousse), all the translation infrastructure (by the always-present JMCS), and the community packaging effort are areas for which I barely touched the code.
So, before anything else, I want to thank all the people involved for sharing their energy and motivation. I'm very grateful for every contribution the project received. I'm also really happy to see "old names" replying from time to time on the mailing list. It makes me feel like there's an emerging Offpunk community where everybody can contribute at their own pace.
There were a lot of changes between 2.8 and 3.0, which probably means some new bugs and some regressions. We count on you, yes, you!, to report them and make 3.1 a lot more stable. It's as easy at typing "bugreport" in offpunk!
See the "Installing Offpunk" page to get started.
Debian's tag2upload considered stable
Sean Whitton has announced that Debian's tag2upload service is now out of beta and ready for use by Debian developers and maintainers.
During the beta we encountered only a few significant bugs. Now that we've fixed those, our rate of successful uploads is hovering around 95%. Failures are almost always due to packaging inconsistencies that older workflows don't detect, and therefore only need fixing once per package.
We don't think you need explicit approval from your co-maintainers anymore. Your upload workflows can be different to your teammates. They can be using dput, dgit or tag2upload.
LWN covered tag2upload in July 2024.
Security updates for Monday
Security updates have been issued by AlmaLinux (fontforge, kernel, and osbuild-composer), Debian (debian-security-support, sudo, wireshark, xrdp, and zabbix), Fedora (bind, bind-dyndb-ldap, chromium, k9s, libgit2, mingw-glib2, node-exporter, open-vm-tools, plantuml, xorgxrdp, and xrdp), Oracle (fence-agents, image-builder, kernel, libsoup3, and osbuild-composer), Red Hat (image-builder and osbuild-composer), Slackware (openssl and p11), SUSE (chromium, cockpit-354, cockpit-machines, cockpit-machines-346, cockpit-packages, cockpit-podman, cockpit-subscriptions, govulncheck-vulndb, kubernetes-old, libsnmp45-32bit, libxml2, localsearch, micropython, opencloud-server, python-django, python-djangorestframework, python-maturin, python311-Django, python311-wheel, python315, sqlite3, and xrdp), and Ubuntu (linux-fips, linux-aws-fips, linux-gcp-fips and python-pip).
The 6.19 kernel has been released
Linus has released the 6.19 kernel.
"No big surprises anywhere last week, so 6.19 is out as expected - just
as the US prepares to come to a complete standstill later today
watching the latest batch of televised commercials.
"
The most significant changes in 6.19 include initial support for Intel's linear address-space separation feature, support for Arm Memory system resource Partitioning And Monitoring, the listns() system call, a reworked restartable-sequences implementation, support for large block sizes in the ext4 filesystem, some networking changes for improved memory safety, the live update orchestrator, and much more. See the LWN merge-window summaries (part 1, part 2) and the KernelNewbies 6.19 page for details.
An in-kernel machine-learning library
For those wanting more machine learning in the kernel, Viacheslav Dubeyko has posted a new in-kernel library for that purpose.
What is the goal of using ML models in Linux kernel? The main goal is to employ ML models for elaboration of a logic of particular Linux kernel subsystem based on processing data or/and an efficient subsystem configuration based on internal state of subsystem. As a result, it needs: (1) collect data for training, (2) execute ML model training phase, (3) test trained ML model, (4) use ML model for executing the inference phase. The ML model inference can be used for recommendation of Linux kernel subsystem configuration or/and for injecting a synthesized subsystem logic into kernel space (for example, eBPF logic).
It is rigorously undocumented and there are no real users, so it's not entirely clear what the purpose is, but there are undoubtedly interesting things that could be done with it.
Six stable kernels for Friday
Greg Kroah-Hartman has released the 6.18.9, 6.12.69, 6.6.123, 6.1.162, 5.15.199, and 5.10.249 stable kernels. As always, each contains important fixes throughout the tree; users are advised to upgrade.
Ardour 9.0 released
The Ardour digital-audio-workstation (DAW) project has announced the release of version 9.0.
This is a major release for the project, seeing several substantive new features that users have asked for over a long period of time. Region FX, clip recording, a touch-sensitive GUI, pianoroll windows, clip editing and more, not to mention dozens of bug fixes, new MIDI binding maps, improved GUI performance on macOS (for most) ...We expect to get feedback on some of the major new features in this release, and plan to take that into account as we improve and refine them and the rest of Ardour going forward. We have no doubt that there will be both delight and disappointment with certain things - rather than assume that we don't know what we're doing, please leave us feedback on the forums so that Ardour gets better over time. Those of you new to our clip launching implementation might care to read up on the differences with Ableton Live.
In the coming weeks, we'll begin to sketch out what we have planned next for Ardour, in addition to responding to the feedback we get on this 9.0 release.
Linux from Scratch to drop System V versions
The Linux From Scratch (LFS) project provides step-by-step instructions on building a customized Linux system entirely from source. Historically, the project has provided separate System V and systemd editions, which gave users a choice of init systems. Bruce Dubbs has announced the project will no longer produce the System V version:
There are two reasons for this decision. The first reason is workload. No one working on LFS is paid. We rely completely on volunteers. In LFS there are 88 packages. In BLFS there are over 1000. The volume of changes from upstream is overwhelming the editors. In this release cycle that started on the 1st of September until now, there have been 70 commits to LFS and 1155 commits to BLFS (and counting). When making package updates, many packages need to be checked for both System V and systemd. When preparing for release, all packages need to be checked for each init system.
The second reason for dropping System V is that packages like GNOME and soon KDE's Plasma are building in requirements that require capabilities in systemd that are not in System V. This could potentially be worked around with another init system like OpenRC, but beyond the transition process it still does not address the ongoing workload problem.
[...] As a personal note, I do not like this decision. To me LFS is about learning how a system works. Understanding the boot process is a big part of that. systemd is about 1678 "C" files plus many data files. System V is "22" C files plus about 50 short bash scripts and data files. Yes, systemd provides a lot of capabilities, but we will be losing some things I consider important.
The next version, 13.0, is expected in March and will only focus on systemd.
Security updates for Friday
Security updates have been issued by AlmaLinux (freerdp, kernel, python3, and python3.12-wheel), Debian (alsa-lib, chromium, openjdk-25, phpunit, tomcat10, tomcat11, and tomcat9), Fedora (openqa, pgadmin4, phpunit10, phpunit11, phpunit12, phpunit8, phpunit9, and yarnpkg), Mageia (python-django), SUSE (alloy, cups, dpdk, expat, glib2, java-1_8_0-ibm, java-1_8_0-openj9, java-25-openjdk, kernel, libpainter0, libsoup, libxml2, openssl-3, python-filelock, python-wheel, python312-Django6, thunderbird, traefik2, udisks2, wireshark, and xen), and Ubuntu (glib2.0, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, python3.14, python3.13, python3.12, python3.11, python3.10, python3.9, python3.8, python3.7, python3.6, python3.5, python3.4, and tracker-miners).
Security updates for Thursday
Security updates have been issued by AlmaLinux (brotli, curl, kernel, python-wheel, and python3.12), Debian (containerd), Fedora (gnupg2, pgadmin4, phpunit10, phpunit11, phpunit12, phpunit8, phpunit9, and yarnpkg), Mageia (expat), Oracle (qemu-kvm and util-linux), Red Hat (kernel, kernel-rt, opentelemetry-collector, and python3.12-wheel), SUSE (abseil-cpp, dpdk, freerdp, glib2, ImageMagick, java-11-openj9, java-17-openj9, java-1_8_0-ibm, java-1_8_0-openj9, java-1_8_0-openjdk, java-21-openj9, kernel, libsoup, libsoup-3_0-0, openssl-3, patch, python-Django, rekor, rizin, udisks2, and xrdp), and Ubuntu (gh, linux, linux-aws, linux-azure, linux-azure-5.15, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-raspi, linux, linux-aws, linux-azure, linux-gcp, linux-oem-6.17, linux-oracle, linux-raspi, linux-realtime, linux, linux-gke, linux-gkeop, linux-hwe-6.8, linux-oracle, linux-oracle-6.8, linux-raspi, linux-fips, linux-aws-fips, linux-azure-fips, linux-gcp-fips, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-realtime, linux-intel-iot-realtime, and linux-realtime, linux-realtime-6.8, linux-raspi-realtime).