NLnet announces funding for 42 FOSS projects
the projects that have received funding from its https://nlnet.nl/news/2024/20240601-call.html
for grant proposals from the Next
Generation Internet (NGI) Zero Commons Fund.
The selected projects all contribute, one way or another, to the
mission of the Commons Fund: reclaiming the public nature of the
internet. For example, there are people working on interesting open
hardware projects such as the tablet https://nlnet.nl/project/MNT-Reform-Touch/
and the Solar
FemtoTX motherboard — a collaborative effort to create an
ultra-low power motherboard that can run on solar power. https://nlnet.nl/project/LLM2FPGA/
aims to enable
running open source LLMs locally on programmable chips ("FPGAs") using
a fully open-source toolchain. https://nlnet.nl/project/bcachefs-crypto-API/
readies itself as the next generation filesystem for Linux, improving
performance, scalability and reliability when compared to legacy
filesystems.
In all, 42 projects have been selected for the NGI grants which are
between €5,000 and €50,000. See the announcement for the
full list of selected projects, and the https://nlnet.nl/project/current.html
page
for other recent projects funded by NLnet.
[$] VFS write barriers
In the filesystem track at the 2025 Linux Storage, Filesystem, Memory
Management, and BPF Summit (LSFMM+BPF), Amir Goldstein wanted to resume
discussing
a feature that he had briefly introduced at the end of a https://lwn.net/Articles/932415/
: filesystem "write
barriers". The idea is to have an operation that would wait for any
in-flight https://www.man7.org/linux/man-pages/man2/write.2.html
system calls, but not block any new write() calls as bigger
hammers, such as freezing the filesystem,
would do. His prototype implementation is used by a hierarchical
storage management (HSM) system to create a crash-consistent
change log, but there may be other use cases to consider. He wanted
to discuss implementation options and the possibility of providing an
API for user-space applications.
Security updates for Wednesday
Security updates have been issued by AlmaLinux (bluez, expat, and postgresql:12), Fedora (chromium, golang, LibRaw, moodle, openiked, ruby, and trafficserver), Red Hat (bluez, expat, gnutls, libtasn1, libxslt, mod_auth_openidc, mod_auth_openidc:2.3, ruby:3.1, thunderbird, and xmlrpc-c), and Ubuntu (linux, linux-aws, linux-gcp, linux-hwe-6.11, linux-lowlatency, linux-lowlatency-hwe-6.11, linux-oem-6.11, linux-oracle, linux-raspi, linux-realtime, linux-azure, linux-azure-6.11, linux-gcp-6.8, and matrix-synapse).
[$] Code signing for BPF programs
The Linux kernel can be configured so that
kernel modules must be signed or
otherwise authenticated to be loaded
into the kernel. Some BPF developers want that to be an option for BPF programs
as well — after all, if those are going to run as part of the kernel,
they should be subject to the same code-signing requirements. Blaise Boscaccy
and Cong Wang presented two different visions for how BPF code signing could
work at the 2025 Linux Storage, Filesystem, Memory-Management, and BPF Summit.
[$] DMA addresses for UIO
The Userspace
I/O (UIO) subsystem was first https://git.kernel.org/linus/beafc54c4e2f
by
Hans J. Koch for the 2.6.32 release in 2007. Its purpose is to facilitate
the writing of drivers (mostly) in user space; to that end, it provides
access to a number of resources that user-space code normally cannot touch.
One piece that is missing, though, is DMA addresses. A proposal to
fill that gap from Bastien Curutchet is running into some opposition,
though.
[$] LWN.net Weekly Edition for April 17, 2025
Inside this week's LWN.net Weekly Edition:
https://lwn.net/Articles/1017012/
: APT 3.0; Fedora 42; Lots more LSFMM+BPF coverage.
https://lwn.net/Articles/1017014/
: CVE funding; Yelp vulnerability; Fedora 42; Manjaro 25.0; GCC 15; Pinta 3.0; Quotes; ...
https://lwn.net/Articles/1017015/
: Newsletters, conferences, security updates, patches, and more.
[$] Inlining kfuncs into BPF programs
Eduard Zingerman presented a daring proposal that "makes sense if you think
about it a bit" at the 2025 Linux Storage, Filesystem,
Memory-Management, and BPF Summit. He wants to inline
performance-sensitive kernel functions
into the BPF programs that call them. His
prototype does not yet address all of the design problems inherent in that idea,
but it did spark a lengthy discussion about the feasibility of his proposal.
Kernel prepatch 6.15-rc1
Linus has https://lwn.net/Articles/1016576/
and closed the
merge window for this release. "As expected, this was one of the bigger
merge windows, almost certainly just because we had some pent-up
development due to the previous releases being impacted by the holiday
season. That said, while it's bigger than normal, it's not some kind of
record-breaking thing.". In the end, 12.633 non-merge changesets were
pulled into the mainline during this merge window.
[$] Catching up with calibre
Saying that https://calibre-ebook.com/
is
ebook-management software undersells the application by a fair
margin. Calibre is an open-source Swiss Army knife for ebooks that can
be used for everything from creating ebooks, converting ebooks from
obscure formats to modern formats like EPUB, to serving up an ebook
library over the web. The most recent major release, https://calibre-ebook.com/new-in/seventeen
,
brings a better text-to-speech engine, a tool for creating audio
overlays when authoring ebooks, support for profiles in the ebook
viewer, and more.
[$] The state of the page in 2025
The https://lwn.net/Articles/849538/
is one of the most
fundamental kernel changes ever made; it can be thought of as being similar
to replacing the foundation of a building while it remains open for
business. So it is not surprising that, for some years, the annual Linux
Storage, Filesystem, Memory-Management, and BPF Summit has included a
session on the state of this transition. The 2025 Summit was no exception,
with Matthew Wilcox updating the group on what has been accomplished, what
remains to be done, and where some of the significant problems are.
Security updates for Wednesday
Security updates have been issued by Debian (nginx and ruby-rack), Fedora (expat and libxslt), Mageia (bluez, dcmtk, ffmpeg, and radare2), Red Hat (container-tools:rhel8, gvisor-tap-vsock, kernel, kernel-rt, libreoffice, and podman), SUSE (buildah, forgejo, gitleaks, google-guest-agent, google-osconfig-agent, govulncheck-vulndb, grafana, helm, libxslt, php8, python-gunicorn, and python-Jinja2), and Ubuntu (freerdp2 and varnish).
GNOME 48 released
("Bengaluru")
has been released. As usual, this release includes a number of new
features and enhancements including support for shortcuts in the https://orca.gnome.org/
screen reader on Wayland, new fonts, addition of image editing to
, and more.
GNOME 48 includes a number of notable performance improvements. The
most significant of these is the introduction of dynamic triple
buffering. This change has undergone significant review and testing
over a period of five years and improves the perceived smoothness of
changes on screen, with fewer skipped frames and more fluid
animations. This has been achieved by enhancing the concurrency
capabilities of Mutter, the GNOME display manager, and is particularly
effective at handling sudden bursts of activity.
The GNOME 48 release also adds new applications to the https://circle.gnome.org/
collection,
such as https://apps.gnome.org/DrumMachine/
and the https://apps.gnome.org/Iotas/
note-taking
application. See "What's new
for developers" a rundown of improvements for developers in
GNOME 48.
Git 2.49.0 released
2.49.0 of the Git source-code management system has been
released. This release comprises 460 non-merge commits since 2.48.0,
with contributions from 89 people, including 24 new
contributors. There is a long list of improvements and bug fixes; see
the highlights
blog from GitHub's Taylor Blau for some of the more interesting
features.
Four more stable kernel updates
Greg Kroah-Hartman has announced the release of four more stable kernels:
https://lwn.net/Articles/1013396/
,
https://lwn.net/Articles/1013397/
,
https://lwn.net/Articles/1013398/
, and
https://lwn.net/Articles/1013399/
.
Unlike a normal release, Kroah-Hartman did not call for all users to
update their kernels. Specifically, the 6.6.81 kernel is currently broken on
i386 systems, and users should wait for 6.6.82.
Ubuntu 25.04 (Plucky Puffin) progress
Matthieu Clemenceau has https://discourse.ubuntu.com/t/ubuntu-foundations-25-04-plucky-puffin-progress/56635
a status update on Ubuntu 25.04 (Plucky Puffin) development to the Ubuntu
Discourse forum. This includes updates on Ubuntu's adoption
of Dracut as an alternative to initramfs-tools, a move to
a single ISO for arm64 devices rather than device-specific images, and
reverting the planned O3 optimization flags for Plucky Puffin.
Earlier in this cycle, we announced
plans to enable the O3 optimization level for all Ubuntu packages
by default. As part of this effort, we conducted extensive
benchmarking, which revealed that while some workloads saw
improvements, overall system performance slightly declined, and binary
sizes increased. Given these results, we are likely to revert this
change soon.
The beta for Ubuntu 25.04 is https://discourse.ubuntu.com/t/plucky-puffin-release-schedule/36461
for March 27, with the final release scheduled on April 17.
FerretDB 2.0 released
2.0.0 of https://www.ferretdb.com/
has been
https://blog.ferretdb.io/ferretdb-v2-ga-open-source-mongodb-alternative-ready-for-production/
. FerretDB
is an open-source alternative to MongoDB, which https://lwn.net/Articles/768670/
to a non-open
license in 2018, built on top of https://www.postgresql.org/
. This release
utilizes the https://github.com/microsoft/documentdb?tab=readme-ov-file#introduction
PostgreSQL extension for better performance, adds vector
search, and https://docs.ferretdb.io/guides/replication/
.
Xen 4.20 released
the release of Xen 4.20. This release adds support for
AMD Zen 5 CPUs, improved compliance with the https://en.wikipedia.org/wiki/MISRA_C
C standard,
work on PCI-passthrough on Arm, and more. Xen 4.20 also removes
support for Xeon
Phi CPUs, which were https://www.techpowerup.com/246237/intel-is-giving-up-on-xeon-phi-eight-more-models-declared-end-of-life
in 2018. See the feature
list and release
notes for more information.
Thunderbird Desktop 136.0 released
136.0 of the Thunderbird Desktop mail client has been
released. The release includes a quick toggle for adapting messages to
dark mode, and a new "Appearance" setting to control message threading
and sorting order globally, as well as a number of bug fixes. See the
advisory for a full list of security vulnerabilities addressed in
Thunderbird 136.0.
Linux from Scratch version 12.3 released
12.3 of Linux From
Scratch (LFS) has been released, along with Beyond Linux
From Scratch (BLFS) 12.3. LFS provides step-by-step instructions
on building a customized Linux system entirely from source, and BLFS
helps to extend an LFS installation into a more usable system. Notable
changes in this release include toolchain updates to GNU Binutils
2.44, GNU C Library (glibc) 2.41, and Linux 6.13.2. The https://www.linuxfromscratch.org/lfs/view/12.3/chapter01/changelog.html
has a full list of changes since the previous stable release.
Security updates for Wednesday
Security updates have been issued by Debian (libreoffice), Fedora (exim and fscrypt), Red Hat (kernel), Slackware (mozilla), SUSE (docker, firefox, and podman), and Ubuntu (linux, linux-lowlatency, linux-lowlatency-hwe-5.15, linux, linux-lowlatency, linux-lowlatency-hwe-6.8, linux, linux-oem-6.11, linux-aws, linux-aws-6.8, linux-oracle, linux-oracle-6.8, linux-raspi, linux-aws, linux-gcp, linux-hwe-6.11, linux-oracle, linux-raspi, linux-realtime, linux-aws, linux-gkeop, linux-ibm, linux-intel-iotg, linux-intel-iotg-5.15, linux-oracle, linux-oracle-5.15, linux-raspi, and linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop).