The BPF verifier is an increasingly complex and security-critical piece of code. When the kinds of people who are apt to work on BPF see a situation like that, they naturally question whether it's possible to use formal verification to ensure that the implementation of the code in question is correct. Santosh Nagarakatte led the first of two extra-long sessions in the BPF track of the 2025 Linux Storage, Filesystem, Memory Management, and BPF Summit about his team's work formally verifying the BPF verifier with a custom tool called Agni.

Security updates have been issued by Fedora (dotnet9.0, dropbear, ghostscript, nbdkit, openssh, python-watchfiles, rpm-ostree, yelp, yelp-xsl, and zsync), Oracle (firefox and kernel), Red Hat (osbuild-composer), Slackware (aaa_glibc and mozilla), SUSE (chromedriver, open-vm-tools, postgresql14, python-cryptography, and thunderbird), and Ubuntu (linux-aws, linux-hwe-5.4, python, and sqlite3).

Mozilla has announced that it is shutting down Pocket, a bookmarking service acquired by Mozilla in 2017, this coming July. "Pocket has helped millions save articles and discover stories worth reading. But the way people use the web has evolved, so we're channeling our resources into projects that better match their browsing habits and online needs."

Our recent article on Home Assistant observed that the project emphasizes installations using its own Linux distribution or within containers. The project has now made that emphasis rather stronger with this announcement of the deprecation of the "core" and "supervised" installation modes, which allowed Home Assistant to be installed as an ordinary application on a Linux system.

These are advanced installation methods, with only a small percentage of the community opting to use them. If you are using these methods, you can continue to do so (you can even continue to update your system), but in six months time, you will no longer be supported, which I'll explain the impacts of in the next section. References to these installation methods will be removed from our documentation after our next release (2025.6).

Support for 32-bit Arm and x86 architectures has also been deprecated.

The Fedora Council has ruled on the Fedora Engineering Steering Council's (FESCo) decision last year to revoke Peter Robinson's provenpackager status. In a statement published to the fedora-devel-announce mailing list, the council has announced that it has overturned FESCo's decision:

FESCo didn't have a specific policy for dealing with a request to remove Proven Packager rights. In addition, the FESCo process was handled entirely in private. The contributor didn't receive a formal notification or warning from FESCo, and felt blindsided by the official decision when and how it was announced. The Fedora Council would like to extend our sincerest apology on behalf of the Fedora Project to them.

LWN covered the story in December 2024.

Testing filesystems is a frequent topic at the Linux Storage, Filesystem, Memory Management, and BPF Summit (LSFMM+BPF); the 2025 edition was no exception. Boris Burkov led a filesystem-track session to discuss stress-testing filesystems—and running those tests for lengthy periods. He reviewed what he has been doing when testing filesystems and wanted to gather ideas for what could be done to catch more bugs before the filesystems hit production.

Greg Kroah-Hartman has announced the release of the 6.14.8, 6.12.30, 6.6.92, 6.1.140, and 5.15.184 stable kernels. As usual, each contains a long list of important fixes throughout the kernel tree.

Security updates have been issued by AlmaLinux (kernel, kernel-rt, and webkit2gtk3), Fedora (mozilla-ublock-origin and sudo-rs), Oracle (.NET 8.0, compat-openssl10, grafana, osbuild-composer, redis:6, ruby:2.5, and webkit2gtk3), SUSE (dante, firefox-esr, gnuplot, govulncheck-vulndb, grype, postgresql13, postgresql14, postgresql15, postgresql16, postgresql17, python-tornado6, python314, thunderbird, ucode-intel, and xen), and Ubuntu (bind9, libfcgi-perl, linux-ibm-5.4, linux-oracle-5.4, postgresql-17, and Tomcat).

Inside this week's LWN.net Weekly Edition:

• Front: Home Assistant; Setuptools; Debian AI GR; DMA-mapping API; BPF CI; OSPM 2025
• Briefs: Go audit; Oniux; Asahi progress; Rust in FreeBSD; RHEL 10; Rust 1.87.0; RIP John L. Young; Quote; ...
• Announcements: Newsletters, conferences, security updates, patches, and more.

Shawn Webb has published a status report on work to provide basic support in FreeBSD for userland components written in Rust.

We introduced a new BSD makefile, located at share/mk/bsd.rust.mk, that enables building a Rust application during buildworld. As of this writing, we only support building and installing Rust applications. Supporting library crates is planned (we would like to be able to build/install library crates that expose an FFI, like for C/C++ compatibility). Normal library crates build and install just fine. Support for cdylib Rust library crates specifically is what's missing, but is desired and planned.

We do NOT currently support Rust in the kernel. Kernel support requires more work that we deemed out-of-scope for this initial proof-of-concept/work-in-progress patchset. We also do NOT support building multiple programs in the same BSD Makefile (like with bsd.progs.mk), though that is also a desired feature.

LWN covered a discussion about including Rust in the FreeBSD base system in August 2024.