Welcome to LWN.net
LWN.net is a reader-supported news site dedicated to producing the best coverage from within the Linux and free software development communities. See the LWN FAQ for more information, and please consider subscribing to gain full access and support our activities.
[$] Indirect calls in BPF
Anton Protopopov kicked off the BPF track on the second day of the 2025 Linux Storage, Filesystem, Memory-Management, and BPF Summit with a discussion about permitting indirect calls in BPF. He also spoke about his continuing work on static keys, a topic which is related because the implementation of indirect jumps and static keys in the verifier use some of the same mechanisms for tracking indirect control-flow. Although some design work remains to be done, it may soon be possible to make indirect calls in BPF without any extra work compared to normal C.
[$] Owen Le Blanc: creator of the first Linux distribution
Ask a Linux enthusiast who created the Linux kernel, and odds are they will have no trouble naming Linus Torvalds—but many would be stumped if asked what the first Linux distribution was, and who created it. Some might guess Slackware, or its predecessor, Softlanding Linux System (SLS); both were arguably more influential but arrived just a bit later. The first honest-to-goodness distribution with a proper installer was MCC Interim Linux, created by Owen Le Blanc, released publicly in early 1992. I recently reached out to Le Blanc to learn more about his work on the distribution, what he has been doing since, and his thoughts on Linux in 2025.
[$] The problem of unnecessary readahead
The final session in the memory-management track of the 2025 Linux Storage, Filesystem, Memory-Management, and BPF Summit was a brief, last-minute addition run by Kalesh Singh. The kernel's readahead mechanism is generally good for performance; it ensures that data is present by the time an application gets around to asking for it. Sometimes, though, readahead can go a little too far.
[$] Tracepoints for the VFS?
Adding tracepoints to some kernel subsystems has been controversial—or disallowed—due to concerns about the user-space ABI that they might create. The virtual filesystem (VFS) layer has long been one of the subsystems that has not allowed any tracepoints, but that may be changing. At the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit (LSFMM+BPF), Ted Ts'o led a discussion about whether the ABI concerns are outweighed by the utility of tracepoints for the VFS.
[$] Memory controller performance improvements
The kernel's memory controller works within the control-group mechanism to enforce memory-usage limits on groups of processes. This component has often had performance problems, so there is continual interest in optimizing it. Shakeel Butt led a session during the memory-management track of the 2025 Linux Storage, Filesystem, Memory-Management, and BPF Summit to look at the current state of the memory controller and what can be done to reduce its overhead.
[$] LWN.net Weekly Edition for April 17, 2025
Posted Apr 17, 2025 1:00 UTC (Thu)The LWN.net Weekly Edition for April 17, 2025 is available.
Inside this week's LWN.net Weekly Edition
- Front: APT 3.0; Fedora 42; Lots more LSFMM+BPF coverage.
- Briefs: CVE funding; Yelp vulnerability; Fedora 42; Manjaro 25.0; GCC 15; Pinta 3.0; Quotes; ...
- Announcements: Newsletters, conferences, security updates, patches, and more.
[$] What's new in APT 3.0
Debian's Advanced Package Tool (APT) is the suite of utilities that handle package management on Debian and Debian-derived operating systems. APT recently received a major upgrade to 3.0 just in time for inclusion in Debian 13 ("trixie"), which is planned for release sometime in 2025. The version bump is warranted; the latest APT has user-interface improvements, switches to Sequoia to verify package signatures, and includes solver3—a new solver that is designed to improve how it evaluates and resolves package dependencies.
[$] Parallel directory operations
Allowing directories to be modified in parallel was the topic of Jeff Layton's filesystem-track session at the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit (LSFMM+BPF). There are certain use cases, including for the NFS and Lustre filesystems, as mentioned in a patch set referenced in the topic proposal, where contention in creating multiple files in a directory is causing noticeable performance problems. In some testing, Layton has found that the inode read-write semaphore (i_rwsem) for the directory is serializing operations; he wanted to discuss alternatives.
[$] Taking BPF programs beyond one-million instructions
The BPF verifier is not magic; it cannot solve the halting problem. Therefore, it has to err on the side of assuming that a program will run too long if it cannot prove that the program will not. The ultimate check on the size of a BPF program is the one-million-instruction limit — the verifier will refuse to process more than one-million instructions, no matter what a BPF program does. Alexei Starovoitov gave a talk at the 2025 Linux Storage, Filesystem, Memory-Management, and BPF Summit about that limit, why correctly written BPF programs shouldn't hit it, and how to make the user experience of large BPF programs better in the future.
[$] Improvements for the contiguous memory allocator
As a system runs, its memory becomes fragmented; it does not take long before the allocation of large, physically contiguous memory ranges becomes difficult or impossible. The contiguous memory allocator (CMA) is a kernel subsystem that attempts to address this problem, but it has never worked as well as some would like. Two sessions in the memory-management track at the 2025 Linux Storage, Filesystem, Memory-Management, and BPF Summit looked at how CMA can be improved; the first looked at providing guaranteed allocations, while the second addressed some inefficiencies in CMA.
RISC-V images for Fedora Linux 42
The Fedora Project's RISC-V special-interest group (SIG) has announced the availability of Fedora Linux 42 images for supported RISC-V boards, as well as QEMU and container images. The SIG is working toward making RISC-V a primary architecture for Fedora, and has made significant progress in the past year.
Our upstreaming work continues apace, and we want to acknowledge that none of this progress would be possible without the incredible collaboration from maintainers across the Fedora Project and beyond. Thank you to everyone who reviewed, accepted, merged, and built our patches. Your support makes this architecture possible.
We're also excited about just how many packages build cleanly without special treatment or overlay repositories that need to be cared for. RISC-V is becoming just another architecture, and that's exactly how it should be.
Template strings accepted for Python 3.14
The Python Steering Council accepted PEP 750 ("Template Strings") on April 10. LWN covered the discussion around the proposal, including the substantial revisions to the idea that were needed for it to be accepted. Template strings (t-strings) are a new kind of string that produces structured data instead of a raw string, allowing library authors to build their own custom template-handling logic. Since the approval happened before the cutoff for new features (May 6), support for template strings will be included in Python 3.14, scheduled for October 2025.
Security updates for Monday
Security updates have been issued by Debian (erlang, fig2dev, shadow, wget, and zabbix), Fedora (chromium, jupyterlab, llama-cpp, prometheus-podman-exporter, python-notebook, python-pydantic-core, rpki-client, rust-adblock, rust-cookie_store, rust-gitui, rust-gstreamer, rust-icu_collections, rust-icu_locid, rust-icu_locid_transform, rust-icu_locid_transform_data, rust-icu_normalizer, rust-icu_normalizer_data, rust-icu_properties, rust-icu_properties_data, rust-icu_provider, rust-icu_provider_macros, rust-idna, rust-idna_adapter, rust-litemap, rust-ron, rust-sequoia-openpgp, rust-sequoia-openpgp1, rust-tinystr, rust-url, rust-utf16_iter, rust-version-ranges, rust-write16, rust-writeable, rust-zerovec, rust-zip, uv, and webkitgtk), Slackware (libxml2 and zsh), SUSE (argocd-cli, chromium, coredns, ffmpeg-6, and firefox), and Ubuntu (imagemagick).
Kernel prepatch 6.15-rc3
The 6.15-rc3 kernel prepatch is out for
testing. "There's absolutely nothing of huge note here as far as I can
tell. Just a fair number of small fixes all over the place
".
Three stable kernels
The 6.14.3, 6.13.12, and 6.12.24 stable kernel updates have been released; each contains another set of important fixes. Note that the 6.13.x series ends with 6.13.12.
EU OS: A European Proposal for a Public Sector Linux Desktop (The New Stack)
The New Stack looks at EU OS, an attempt to create a desktop system for the European public sector.
EU OS is not a brand-new Linux distribution in the traditional sense. Instead, it is a proof-of-concept built atop Fedora's immutable KDE Plasma spin (Kinoite). EU OS takes a layered approach to customization. The project's vision is to provide a standard, adaptable Linux base that can be extended with national, regional or sector-specific customizations, making it suitable for a wide range of European public sector needs.
Security updates for Friday
Security updates have been issued by Debian (graphicsmagick and libapache2-mod-auth-openidc), Fedora (giflib, mod_auth_openidc, mysql8.0, perl, perl-Devel-Cover, perl-PAR-Packer, perl-String-Compare-ConstantTime, rust-openssl, rust-openssl-sys, trunk, and workrave), Mageia (chromium-browser-stable and rust), Oracle (java-1.8.0-openjdk, java-17-openjdk, java-21-openjdk, kernel, libreoffice, and webkit2gtk3), Red Hat (gvisor-tap-vsock), SUSE (containerd, docker, docker-stable, forgejo, GraphicsMagick, libmozjs-115-0, perl-32bit, poppler, subfinder, and thunderbird), and Ubuntu (erlang and ruby2.3, ruby2.5).
Ubuntu 25.04 released
Version 25.04 ("Plucky Puffin") of the Ubuntu Linux distribution has been released. This release includes Linux 6.14, GNOME 48, APT 3.0, and introduces a Arm64 desktop ISO to install Ubuntu Desktop on Arm64 systems. This is an interim release, with support through January 2026. See the release notes for a detailed list of new features and changes.
Tor Browser 14.5 released
Version 14.5 of the Tor Browser has been released. Notable features in this release include the addition of Connection Assist for the Android version of the Tor Browser, and language support for Belarusian, Bulgarian, and Portuguese for all versions of the browser.
Should Tor Browser fail to establish a direct connection to the Tor network, Connection Assist will offer to find and try bridges for you. But before this feature could be made available on Android, we had to embark on a multi-year effort to refactor our tor integration across each platform first. This project has now reached an important milestone, and we're proud to announce the release of Connection Assist for Android today.
See the full changelog for all changes in this release, and the issues page for known problems.
Security updates for Thursday
Security updates have been issued by Debian (chromium and libapache2-mod-auth-openidc), Oracle (expat, freetype, glibc, grub2, gvisor-tap-vsock, and kernel), Red Hat (grub2 and webkit2gtk3), and SUSE (apache2-mod_auth_openidc, cosign, gitoxide, govulncheck-vulndb, GraphicsMagick, haproxy, hauler, mozjs52, oci-cli, pam, perl-Data-Entropy, poppler, python-lxml-doc, python311-aiohttp, rekor, rubygem-rexml, and webkit2gtk3).