Ticket sales for Kernel Recipes 2025 are now open! The conference will take place from September 22 to 24, 2025, in Paris. The agenda is still in the works, but you can already check out the list of speakers and a few of the topics online.

https://kernel-recipes.org/en/2025/

If you're a student, we’re offering a 50% discount—just get in touch with us!

See you in september!

A bunch of new stable kernels is out. With them, the #Linux 6.14.y stable series is now end-of-life – shortly after the merge window of 6.16 closed.

This thus happened a bit earlier than we are used to, but will be the new normal. To quote @gregkh from https://lore.kernel.org/all/2025061030-latticed-capacity-dc94@gregkh/:

'"Note this is the LAST 6.14.y release. This kernel branch is now end-of-life. Please move to the 6.15.y kernel branch at this time.

If you notice, this has happened a bit more "early" than previous end-of-life announcements. Normally, after -rc1 is out there is a TON of stable patches happening due to the changes that come into the merge-window that were marked for stable backports but didn't get into Linus's release before -final. As some people have objected to this large influx being added to a stable kernel that is just about to go end-of-life, let's try marking this end-of-life a bit earlier to see how it goes.

It might also spur maintainers/developers to get fixes into -final a bit more as well :)"'

#kernel #LinuxKernel

Long and fun interview with me on the Wookash Podcast just got published: https://www.youtube.com/watch?v=-1-OjxPJZcs

My seat name tag for the EU CRA meeting today...

Q: "Why have you suddenly been reworking coredumping, Christian?"
A: "Because I'm a clown and also I had it with all the CVEs because we provide a **** API for userspace."

So now that @torvalds merged the pidfs and initial coredump work things are already better but I have more work there.

In other news, there's two new CVEs in userpace that should be gone completely by installing a pidfd into the umh or by using the coredump socket.

[1]: https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt

[2]: https://blog.qualys.com/vulnerabilities-threat-research/2025/05/29/qualys-tru-discovers-two-local-information-disclosure-vulnerabilities-in-apport-and-systemd-coredump-cve-2025-5054-and-cve-2025-4598

ER2025 is over, and thanks to all of our sponsors it was a big success!
https://embedded-recipes.org/2025/blog/wrap/

The slides & videos are now available on the Speakers page
of the website: https://embedded-recipes.org/2025/speakers/

Please don’t hesitate to send us your feedback, critiques,
suggestions and rants. We’d want to hear what you thought of the
location, the venue, the food, the talks, the workshops, the evening
event, or anything else you want to share with us.

Please write us at: embedded-recipes@baylibre.com

This is a great interview with @gregkh on corporate involvement in the #Linux kernel and #opensource. He goes in depth on justifying working upstream and how it made him a better engineer.

https://youtu.be/DZzFG_zhFnY?si=HWHmpsOtwXATUm5v

COBOL c:

Another podcast interview with me from a few weeks ago:
https://www.youtube.com/watch?v=DZzFG_zhFnY
that focuses a lot on the corporate interaction and involvement in open source projects.

#LLMs are not a knowledge base!

Stop spreading misinformation!

They are statistical models that _simulate_ knowledge!

We, as a #society, really have to pay attention to the words and #language we're using.

But I guess, when talking about LLMs, details are not really important, are they!? Oh, such beautiful irony!

#LLM #SALAMI

"If all these big companies are shouting from the rooftops that AI is up to production code the money relies on, then zero open source contributions of substance is a glaring absence."

(Original title: If AI is so good at coding … where are the open source contributions?)

https://pivot-to-ai.com/2025/05/13/if-ai-is-so-good-at-coding-where-are-the-open-source-contributions/

@embeddedrecipes has just kicked off!

New organizers are running the show this year — big thanks to BayLibre for picking up the torch and keeping the spirit of Recipes alive: small-scale, sharing, and real exchange.

You can follow the conference live!

https://www.youtube.com/live/U5L8XHkP-lI?feature=shared

The 2025 edition of @embeddedrecipes starts with @gregkh
https://www.youtube.com/live/U5L8XHkP-lI?si=h5-X2I97Rnb1hey8
#er2025 #embeddedrecipes

Long but cheering+ practical from @bert_hubert

https://berthub.eu/articles/posts/a-coherent-non-us-cloud-strategy/

"Europe has ample compute capacity and skills.... the carrot won’t be enough to make Europe sovereign again. We must have our own technology under our own control, but we must also make sure that it gets used"

Sasha's "AUTOSEL" logic has been revamped and published so that now you too, can dig in the Linux kernel commit logs to find patches that developers and maintainers forgot to tag to be backported to stable kernels:

The announcement:
https://lore.kernel.org/all/aBj_SEgFTXfrPVuj@lappy/

And the code itself:
https://git.sr.ht/~sashal/autosel

Good programming is 99% sweat and 1% coffee.

— anonymous

#programming

Psst, hey: HACKERS ARE NOT TECH BROS. The vast majority of hackers never become tech bros. The ethics of hacking runs completely counter to that of tech bros.

Hackers make hardware do things they weren’t intended to do. They circumvent barriers. They string together contraptions that repurpose old stuff to do new things. Hackers aren’t that interested in money; they’re more interested in showing off their skills. They love to learn and make demos and create and share free tech that other hackers then build upon. All they want is acknoweledgement and the respect of their peers.

Tech bros are parasites. They’re greedy bastards who love to erect barriers between people and tech. They extract, addict, monetize. They turn everything fun and useful into a transaction, a dopamine trap, a subscription, a surveillance tool, an advertising outlet, and a vector to extract money from labor and suppliers.

Please don’t get them mixed up.

#hackers #hacking #techbros

This ordinary Tuesday? Two. Two AI slop security reports arrived to #curl. So far.

"Findings by static analyzers in Fedora 43" == "nonsense findings that someone wants someone else to wade through to weed out the obvious false-positives in their broken 'security' tool"

Someone needs to seriously reconsider this.

And yes, the tool is obviously broken, I looked at the first 3 "issues" found and just laughed, thinking this was a joke, but it seemed to actually be real, which is sad on so many levels...

{sigh}

And for those curious, here’s the current stats for kernel CVEs reserved/assigned/rejected since we started just over a year ago:

 Year	Reserved	Assigned	Rejected	 A+R		Total
  2019:	  47		   2		   1		   3		  50
  2020:	  36		  14		   0		  14		  50
  2021:	  20		 728		  23		 751		 771
  2022:	  20		1098		  16		1114		1134
  2023:	  20		 493		  28		 521		 541
  2024:	  20		3067		  84		3151		3171
  2025:	1837		 384		  12		 396		2233
 Total:	2000		5786		 164		5950		7950