Linux 6.1 (released last month) included what Linus Torvalds described as "initial Rust scaffolding," remembers this update from SD Times But now, "work has already been done since the 6.1 release to add more infrastructure for Rust in the kernel, though still none of the code interacts with any C code."

And there's still no actual Rust code in Linux: "You need to get all those things that can make sure that Rust can compile, and you can do the debugging and all these things," explained Joel Marcey, director of advocacy and operations for the Rust Foundation, "and make sure that the memory safety is there and all that sort of stuff. And that has to happen first before you can actually write any real code in Rust for the Linux kernel itself."

Marcey explained that Linux is going to be doing this inclusion very piecemeal, with lots of little integrations here and there over time so they can see how it is working. "I would imagine that over the next year, you're going to see more small incremental changes to the kernel with Rust, but as people are seeing that it's actually kind of working out, you'll be able to maybe, for example, write Linux drivers or whatever with Rust," said Marcey....

According to Bec Rumbul, executive director of the Rust Foundation, Rust being added to the kernel is an "enormous vote of confidence in the Rust programming language." She explained that in the past other languages have been planned to make it into the kernel and ended up not getting put in. "I think having someone with the kind of intellectual gravity of Linus Torvalds saying 'No, it's going in there,' that kind of says an awful lot about how reliable Rust already is and how much potential there is for the future as well," she said.

Rumbul believes that there will be an increased interest in the language, which is still relatively new (It first made its debut in 2010) compared to some of the other languages out there to choose from. "I suspect that because Rust is now in the kernel, and it's just being talked about much ... more widely, that it will seem like an attractive prospect to a lot of people that are looking to develop their skills and their knowledge," she said. Rumbul hopes people will also be inspired to participate in the language as contributors and maintainers, because those are some of the less popular roles within open source, but are extremely critical to the health of a language, she explained.
The Rust Foundation also launched a new security team in September to ensure best practices (including a dedicated security engineer). Their first initiative will be a security audit and threat modeling exercises. "We want to basically shore up," Rust operations director Marcey tells SD Times, "to ensure that Rust itself is actually as secure as we always say it is."

In this year's Stack Overflow Developer Survey, 86.73% of developers said they love Rust.

An anonymous reader quotes a report from ZDNet: Microsoft's Windows Subsystem for Linux (WSL) for running GNU/Linux environments on Windows 10 and Windows 11 has reached version 1.0.0 and is now generally available. Microsoft has been building WSL, including its own custom Linux kernel, for several years now. At first, WSL and WSL2 were an optional component within Windows, but last October Microsoft made the preview WSL available in the Microsoft Store as a separate app. The Store version could deliver users -- mostly developers and IT pros -- faster updates and features independently of updates to Windows.

As well as WSL shedding the "preview" label, Microsoft is making the WSL app from the Store the default for new users. As Microsoft noted last October at the release of Windows 11, the long term plan was to move WSL users to the Store version. However, Windows 11 still supported the "inbox version" of WSL while it continued developing the Store version. With this release, Microsoft is backporting WSL functionality to Windows 10 and 11 to make the Store version of WSL the default experience. The latest backport is available to "seekers" who click "Check for Updates" in Windows Settings, but in mid-December it will be pushed automatically to devices. The updates are available for Windows 10 version 21H1, 21H2, or 22H2, or on Windows 11 21H2 with all of the November updates applied.

Microsoft detailed a number of changes to commands now that the Store version of WSL is the default version, noting "wsl.exe --install will now automatically install the Store version of WSL, and will no longer enable the "Windows Subsystem for Linux" optional component, or install the WSL kernel or WSLg MSI packages as they are no longer needed." The virtual machine platform optional component will still be enabled, and by default Ubuntu will still be installed. One of the main new additions to WSL 1.0 is that users can opt in to support for systemd, the at-one-point maligned Linux system and service manager, which runs by default in several Linux distros, including Ubuntu and Debian. Also, Windows 10 users can use Linux GUI apps, a capability that was previously exclusive to Windows 11 users.

Fedora 37 is now officially released. From a report: Fedora 37 brings the GNOME 43 desktop to Fedora Workstation 37, updated toolchain components like Glibc 2.36 and LLVM 15 and Binutils 2.38, official support for the Raspberry Pi 4, retiring 32-bit ARMv7 support, Fedora CoreOS has been promoted to a Fedora Edition, Perl 5.36, Python 3.11, RPM 4.18, LXQt 1.1, and a wealth of other updated packages.

The Linux Foundation Europe (LF Europe) -- the recently launched European offshoot of the open source Linux Foundation -- today announced the launch of Project Sylva, which aims to create an open source telco cloud framework for European telcos and vendors. TechCrunch: This is the first project hosted by LF Europe and is a good example of what the organization is trying to achieve. The project aims to create a production-grade open source telco cloud stack and a common framework and reference implementation to "reduce fragmentation of the cloud infrastructure layer for telecommunication and edge services." Currently, five carriers (Telefonica, Telecom Italia, Orange, Vodafone and Deutsche Telekom) and two vendors (Ericsson and Nokia) are working on the project.

"There's a whole bunch of Linux Foundation networking projects already that have taken telecommunications into the open source era," Arpit Joshipura, the general manager for Networking, Edge and IoT at the Linux Foundation, told me. "All those projects are under what is called the [LF] Networking foundation. [â¦] So whatever that work is that is done by the telcos, Sylva is going to leverage and build on top of it with these European vendors to solve EU specific requirements. Those are security, energy, federated computing, edge and data trust." At the core of Sylva is a framework for a compute platform that can be agnostic to whether a workload is running on the telco access network, edge or in the core. The project aims to build a reference implementation, leveraging all of the work already being done by LF Networking, the Cloud Native Computing Foundation (the home of Kubernetes and other cloud-native infrastructure projects), LF Energy and others.

Thursday the Kudelski Group's cybersecurity division released "a tool for Linux that allows creation of multiple hidden volumes on a storage device in such a way that it is very difficult, even under forensic inspection, to prove the existence of such volumes."

"Each volume is encrypted with a different secret key, scrambled across the empty space of an underlying existing storage medium, and indistinguishable from random noise when not decrypted." Even if the presence of the Shufflecake software itself cannot be hidden — and hence the presence of secret volumes is suspected — the number of volumes is also hidden. This allows a user to create a hierarchy of plausible deniability, where "most hidden" secret volumes are buried under "less hidden" decoy volumes, whose passwords can be surrendered under pressure. In other words, a user can plausibly "lie" to a coercive adversary about the existence of hidden data, by providing a password that unlocks "decoy" data.

Every volume can be managed independently as a virtual block device, i.e. partitioned, formatted with any filesystem of choice, and mounted and dismounted like a normal disc. The whole system is very fast, with only a minor slowdown in I/O throughput compared to a bare LUKS-encrypted disk, and with negligible waste of memory and disc space.

You can consider Shufflecake a "spiritual successor" of tools such as Truecrypt and Veracrypt, but vastly improved. First of all, it works natively on Linux, it supports any filesystem of choice, and can manage up to 15 nested volumes per device, so to make deniability of the existence of these partitions really plausible.
"The reason why this is important versus "simple" disc encryption is best illustrated in the famous XKCD comic 538," quips Slashdot reader Gaglia (in the original submission. But the big announcement from Kudelski Security Research calls it "a tool aimed at helping people whose freedom of expression is threatened by repressive authorities or dangerous criminal organizations, in particular: whistleblowers, investigative journalists, and activists for human rights in oppressive regimes.

"Shufflecake is FLOSS (Free/Libre, Open Source Software). Source code in C is available and released under the GNU General Public License v3.0 or superior.... The current release is still a non-production-ready prototype, so we advise against using it for really sensitive operations. However, we believe that future work will sensibly improve both security and performance, hopefully offering a really useful tool to people who live in constant danger of being interrogated with coercive methods to reveal sensitive information.

"An ugly hack within the Linux kernel that has been in mainline for over three years has been called out," writes Phoronix's Michael Larabel. "Due to a buggy X.Org Server / xf86-video-modesetting DDX, the Linux kernel has been imposing different behavior on whether a process starts with 'X' and in turn disable the atomic mode-setting support." Linux security researcher and WireGuard creator, Jason Donenfeld, discovered the 'ugly code' within the kernel and commented on it via the kernel mailing list.

"The commit to this kernel with the 'X' first character check was made back in September 2019," notes Larabel. "The 'good' news is that since then on user-space side back in 2019 the xf86-video-modesetting code went ahead and disabled atomic support by default. So technically if running an updated X.Org stack within the past three years, this kernel hack isn't necessary anymore since user-space is just then avoiding the atomic API."

Slashdot reader Soul_Predator writes: Vanilla OS is Ubuntu on stock GNOME, with on-demand immutability and package selection freedom. It is currently a beta project, with a stable release planned for the next month.
"The first-time setup process is a breeze to experience," writes It's FOSS News, applauding how it lets uses choose and enable Flatpak/Snap/AppImage.

Overall, a package manager that installs applications utilizing a container, getting the ability to choose your package managers, on-demand immutability, and vanilla GNOME make it seem like a good deal to keep an eye on... I'd say it is a project that I believe a lot of users will appreciate.

You can download the ISO by joining its Discord channel for now. The ISO is not yet publicly available to all. Take a look at its documentation if you are curious. However, as per the roadmap, they plan to have a release candidate soon enough.

Do you have a laptop that's either "pretty old" or "weird in some other way"? Did it ship without Windows from the factory, or did you flash its firmware with coreboot? You could help the Linux kernel move its backlight code forward without abandoning quirky gear like yours. ArsTechnica: Hans de Goede, a longtime Linux developer and principal engineer at Red Hat, writes on his Livejournal about the need to test "a special group of laptops" to prevent their backlight controls from disappearing in Linux kernel 6.1. Old laptop tests are needed because de Goede is initiating some major changes to user-space backlight controls, something he has been working on since 2014. As detailed at Linux blog Phoronix, there are multiple issues with how Linux tries to address the wide variety of backlight schemes in displays, which de Goede laid out at the recent Linux Plumbers Conference. There can be multiple backlight devices operating a single display, leaving high-level controls to "guess which one will work." Brightness control requires root permissions at the moment. And "0" passed along as a backlight value remains a conundrum, as the engineer pointed out in 2014: Is that entirely off, or as low as the display can be lit?

Lennart Poettering's latest blog post proposes moving the Linux boot process into a "Brave New Trusted Boot World" of cryptographically signed Unified Kernel Images. From a report: Agent Poettering offers a mechanism for tightening up the security of the system startup process on Linux machines, using TPM 2.0 hardware. In brief, what he sees as the problem is that on hardware with Secure Boot enabled, while the boot process up to and including the kernel is signed, the next step, loading the initrd, is not. That's what he wants to fix.

"Linus Torvalds has backed the idea of possibly removing Intel 486 (i486) processor support from the Linux kernel," reports Phoronix: After the Linux kernel dropped i386 support a decade ago, i486 has been the minimum x86 processor support for the mainline Linux kernel. This latest attempt to kill off i486 support ultimately arose from Linus Torvalds himself with expressing the idea of possibly requiring x86 32-bit CPUs with "cmpxchg8b" support, which would mean Pentium CPUs and later:

Maybe we should just bite the bullet, and say that we only support x86-32 with 'cmpxchg8b' (ie Pentium and later).

Get rid of all the "emulate 64-bit atomics with cli/sti, knowing that nobody has SMP on those CPU's anyway", and implement a generic x86-32 xchg() setup using that try_cmpxchg64 loop.

I think most (all?) distros already enable X86_PAE anyway, which makes that X86_CMPXCHG64 be part of the base requirement.

Not that I'm convinced most distros even do 32-bit development anyway these days.... We got rid of i386 support back in 2012. Maybe it's time to get rid of i486 support in 2022?
Towards the end of his post, Torvalds makes the following observation about i486 systems. "At some point, people have them as museum pieces. They might as well run museum kernels. "

Joey Sneddon, reporting at OMG! Ubuntu: In September I tweeted a screenshot of something unexpected that has started to show up in the terminal when I ran system updates. It didn't enrage me at the time (and it kinda still doesn't) but I did find it a little ... Off. Now, if you're suitably tuned-in to the Linux newswire and/or an avid attendee of social media you'll probably heard about the drama in question. If you haven't, then allow me to... Yes, the furore is over an "ad" for Ubuntu Pro, Canonical's revamped support offering that replaces/augments Ubuntu Advantage (which has been around for many years) that appears in the terminal when managing system updates.

Other people are calling it an "ad" (hence quote marks). I prefer the term plug (which, it turns out, some people aren't familiar with; it means to mention something in order to promote it). For although this sentence is technically advertising something, in this case Ubuntu Pro, the offering itself is free for regular users (on up-to five devices). Thus, it's not like this is an "ad" that generates Canonical revenue. It's more akin to a public service announcement to raise awareness.

Linux kernel boss Linus Torvalds has released the first release candidate for version 6.1 of the project and added an appeal for developers to make his life easier by adding code earlier in the development cycle. The Register reports: "Let me just say that after I got my machine sorted out and caught up with the merge window, I was somewhat frustrated with various late pull requests. I've mentioned this before, but it's _really_ quite annoying to get quite a few pull requests in the last few days of the merge window."

He then offered further guidance on how kernel devs can do it right. "Yes, the merge window is two weeks, but that's very much to allow me time to look things over, not 'two weeks to hurriedly put together a branch that you send Linus on Friday of the second week'," he wrote. "The whole 'do an all-nighter to get the paper in the day before the deadline' is something that should have gone out the window after high school. Not for kernel development." His next line was: "You know who you are."

"Anyway, it's not the first time I've said this, I doubt it will be the last. But maybe more people could take it to heart, ok?" he added, before concluding his post with a slightly non-traditional call for testers to visit Linux's git tree because "The merge window may not be the biggest ever, but it's certainly big enough that the shortlog is much too big to post, and below is just my usual merge log." "For all the gory details, please refer to the git tree."

Mike Bouma (Slashdot reader #85,252) writes: Hyperion Entertainment is pleased to announce the immediate availability of a very substantial and comprehensive update of the Software Development Kit (SDK) for AmigaOS 4.1 54.16.

Also Linux: Kernel 6.0 for AmigaOne X1000/X5000 has been released and the biggest Amiga event of the year will be held upcoming weekend in Mönchengladbach, Germany: the Amiga37 event.

When a kernel developer asked Linus Torvalds if he'd missed a Git pull, Torvalds "revealed the request was still in his queue as 'I'm doing merges (very slowly) on my laptop, while waiting for new ECC memory DIMMs to arrive,'" reports The Register: Torvalds needs the DIMMs because over the last few days he experienced what he described as "some instability on my main desktop... with random memory corruption in user space resulting in my allmodconfig builds randomly failing with internal compiler errors etc."

The Linux boss's first thought was that a new kernel bug had caused the problem — which isn't good but sometimes happens. His instinct was wrong. "It was literally a DIMM going bad in my machine randomly after 2.5 years of it being perfectly stable," he wrote. "Go figure. Verified first by booting an old kernel, and then with memtest86+ overnight."

Torvalds appears to have been tracking delivery of the new DIMMs as he reported replacement memory was "out for delivery" and predicted it should arrive later on Sunday evening....

His post also mentions that his main PC was set up for error correction code memory (ECC memory), but "during the early days of COVID when there wasn't any ECC memory available at any sane prices. And then I never got around to fixing it, until I had to detect errors the hard way."

"I absolutely *detest* the crazy industry politics and bad vendors that have made ECC memory so 'special'," he added.

"Starting with the Ubuntu 16.04 edition and including the later LTS versions, Canonical will offer expanded security coverage for critical, high, and medium Common Vulnerabilities and Exposures (CVEs) to all of Ubuntu's open-source applications and toolchains for ten years," reports ZDNet.

"Yes, you read that right, you get security patches not just for the operating system, but for all of Ubuntu's open-source applications for a decade." Most of these are server programs, such as Ansible, Apache Tomcat, Drupal, Nagios, Redis, and WordPress. But, it also includes such developer essentials as Docker, Node.js, phpMyAdmin, Python 2, and Rust. Altogether, Canonical is supporting more than 23,000 packages. Indeed, it's now offering security for, as Mark Shuttleworth, Canonical's CEO, said, "Security coverage to every single package in the Ubuntu distribution."

Canonical isn't doing this on its own. It's offering free, improved security in partnership with the security management company Tenable. Robert Huber, Tenable's Chief Security Officer, said, "Ubuntu Pro offers security patch assurance for a broad spectrum of open-source software. Together, we give customers a foundation for trustworthy open source."

Beyond ordinary security, Canonical is backporting security fixes from newer application versions. This enables Ubuntu Pro users to use the Ubuntu release of their choice for long-term security without forced upgrades. Happy to keep using Ubuntu 20.04? No problem. You can run it until April 2030. Knock yourself out....

Users can obtain a free personal Ubuntu Pro subscription at ubuntu.com/pro for up to five machines. This free tier is for personal and small-scale commercial use.
Mark Shuttleworth, CEO of Ubuntu's parent company company Canonical, explains in a new video that Ubuntu "is now the world's most widely used Linux..."

"What makes most proud, though, is that we have found a way to make this available free of charge to anybody for their personal and for small-scale commercial use.... full commercial use for you, and any business you own, on up to five machines."