Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 1 hour 27 min ago

[$] Automatic buffer selection for io_uring

Friday 20th of March 2020 03:05:28 PM
The io_uring subsystem has, in the last year, redefined how asynchronous I/O is done on Linux systems. As this subsystem grows in both capability and users, though, it starts to run into limitations in the types of operations that can be expressed. That is driving a number of changes in how operations are programmed for io_uring. One example is the mechanisms considered for carrying a file descriptor between operations that was covered here in early March. Another has to do with how I/O buffers are chosen for operations.

LMDE 4 “Debbie” released

Friday 20th of March 2020 02:25:13 PM
The Linux Mint Debian Edition (LMDE) 4 has been released. "LMDE is a Linux Mint project which stands for 'Linux Mint Debian Edition'. Its goal is to ensure Linux Mint would be able to continue to deliver the same user experience, and how much work would be involved, if Ubuntu was ever to disappear. LMDE is also one of our development targets, to guarantee the software we develop is compatible outside of Ubuntu. LMDE aims to be as similar as possible to Linux Mint, but without using Ubuntu. The package base is provided by Debian instead." It is based on Debian 10 ("Buster") with lots of new features, including many improvements from Linux Mint 19.3. More information can be found in the release notes.

Security updates for Friday

Friday 20th of March 2020 01:49:24 PM
Security updates have been issued by Arch Linux (bluez and chromium), Debian (icu, rails, thunderbird, and twisted), Fedora (chromium and webkit2gtk3), Gentoo (bsdiff, cacti, clamav, fribidi, libgit2, pecl-imagick, phpmyadmin, pyyaml, and tomcat), openSUSE (wireshark), Oracle (firefox, icu, python-imaging, thunderbird, and zsh), Scientific Linux (thunderbird), SUSE (firefox, nghttp2, thunderbird, and tomcat), and Ubuntu (twisted).

Hacking the planet with Notcurses

Thursday 19th of March 2020 06:38:40 PM
Author Nick Black has written an extensive book on the creation of textual user interfaces using the notcurses library; it's available under the Apache license [PDF]. "Many people asked how such a thing was useful. My usual response was that numerous devices don’t present a bitmap interface, that X11 GUIs run remotely over SSH are effectively unusable, that plenty of machines don’t have a GUI environment installed, that there are obvious applications for large outdoor displays, and that Sixel isn’t well-supported across different terminal emulators. It seems impossible in an age of gigatransistor graphics cards, but the text environment still presents perceivably less latency than most GUI toolkits."

[$] Working-set protection for anonymous pages

Thursday 19th of March 2020 03:36:22 PM
The kernel's memory-management subsystem goes to great lengths to keep the pages that are actually in use in memory. But sometimes it gets things wrong, leading to reduced performance or, in the worst cases, flat-out thrashing. We may be about to see a significant improvement, though, thanks to a patch set from Joonsoo Kim changing how anonymous pages (those containing data not backed by files on disk) are managed. As it turns out, all that had to be done was to make use of some work that already exists in related parts of the memory-management code.

Qubes Architecture Next Steps: The GUI Domain

Thursday 19th of March 2020 02:30:10 PM
Here's a detailed blog post on how the Qubes distribution is working to isolate the graphical interface from the rest of the system. "The upcoming 4.1 release changes this protocol to a more flexible form. It will no longer use direct memory addresses, but an abstract mechanism in which the qube has to explicitly allow access to a particular memory page. In our current implementation — under Xen — we use the grant tables mechanism, which provides a separate memory allocation API and allows working on grants and not directly on memory pages. Other implementations will also be possible: whether for another hypervisor (e.g. KVM) or for a completely different architecture not based on shared memory (e.g. directly sending frames to another machine)."

Security updates for Thursday

Thursday 19th of March 2020 01:49:46 PM
Security updates have been issued by Debian (gdal), Fedora (nethack), Mageia (okular, sleuthkit, and webkit2), openSUSE (salt), Oracle (icu, kernel, python-pip, python-virtualenv, and zsh), Red Hat (icu, python-imaging, thunderbird, and zsh), Scientific Linux (icu, python-imaging, and zsh), SUSE (postgresql10), and Ubuntu (apache2).

[$] LWN.net Weekly Edition for March 19, 2020

Thursday 19th of March 2020 12:37:33 AM
The LWN.net Weekly Edition for March 19, 2020 is available.

[$] Improving pretty-printing in Python

Wednesday 18th of March 2020 10:52:22 PM
The python-ideas mailing list is typically used to discuss new features or enhancements for the language; ideas that gain traction will get turned into Python Enhancement Proposals (PEPs) and eventually make their way to python-dev for wider consideration. Steve Jorgensen recently started a discussion of just that sort; he was looking for a way to add customization to the "pretty-print" module (pprint) so that objects could change the way they are displayed. The subsequent thread went in a few different directions that reflect the nature of the mailing list—and the idea itself.

Ryabitsev: Introducing b4 and patch attestation

Wednesday 18th of March 2020 04:24:17 PM
Konstantin Ryabitsev introduces the "b4" tool for kernel development. Developers and LWN readers will be familiar with b4 under its previous name: get-lore-mbox. "On top of that, b4 also introduces support for cryptographic patch attestation, which makes it possible to verify that patches (and their metadata) weren't modified in transit between developers. This is still an experimental feature, but initial tests have been pretty encouraging." See this article for early coverage of the attestation feature.

DeVault: The reckless, infinite scope of web browsers

Wednesday 18th of March 2020 03:16:44 PM
Drew DeVault complains about the complexity of the web and the browsers that work with it. "The major projects are open source, and usually when an open-source project misbehaves, we’re able to to fork them to offer an alternative. But even this is an impossible task where web browsers are concerned. The number of W3C specifications grows at an average rate of 200 new specs per year, or about 4 million words, or about one POSIX every 4 to 6 months. How can a new team possibly keep up with this on top of implementing the outrageous scope web browsers already have now?"

[$] Bringing encryption restrictions in through the back door

Wednesday 18th of March 2020 03:04:45 PM
Legislation recently proposed in the US Senate is ostensibly meant to combat "child sexual abuse material" (CSAM), but it does not actually do much to combat that horrible problem. Its target, instead, is the encryption of user communications, which the legislation—tellingly—never mentions. The Eliminating Abusive and Rampant Neglect of Interactive Technologies Act of 2020, EARN IT for short, is an attempt to force online service providers (e.g. Facebook, Google, etc.) to follow a set of "best practices" determined by a commission, to combat the scourge of CSAM; the composition of that commission makes it clear that end-to-end encryption will not be one of those practices, but companies that do not follow the best practices will lose liability protection for their users' actions. It is, in brief, an attempt to force providers to either abandon true end-to-end encryption or face ruinous lawsuits—all without "seeming" to be about encryption at all.

Stable kernel updates

Wednesday 18th of March 2020 02:49:32 PM
Stable kernels 5.5.10, 5.4.26, and 4.19.111 have been released with important fixes. Users of those series should upgrade.

Security updates for Wednesday

Wednesday 18th of March 2020 02:43:31 PM
Security updates have been issued by Debian (libvncserver and twisted), Fedora (libxslt), Red Hat (kernel, kernel-rt, python-flask, python-pip, python-virtualenv, slirp4netns, tomcat, and zsh), Scientific Linux (kernel, python-pip, python-virtualenv, tomcat, and zsh), SUSE (apache2-mod_auth_openidc and skopeo), and Ubuntu (apport and dino-im).

More in Tux Machines

Tauon Music Box – Modern Streamlined Music Player for Linux Desktop

Touan Music Box is a modern, comfortable and streamlined music player for the playback of your music collection. The software is written in Python, and uses GStreamer or optionally BASS Audio Library for playback. Read more

Programming Leftovers

  • DevOps Tools: Why We Don't Need More CI/CD Suites
  • How to install the Go language on Linux

    Go is one programming language that's on the rise. In fact, according to Popularity of Programming Languages, Go is at No. 14 and steadily climbing up the ranks. Go is used specifically for distributed systems and highly-scalable network servers and has replaced C++ and Java in Google's software stack. Chances are, you'll be using Go sometime soon. For those who develop on Linux, you can't just install it from the standard repositories. So how do you install this popular programming language on the open source operating system? Fear not, I'm going to show you.

  • What if? Revision control systems did not have merge

    A fun design exercise is to take an established system or process and introduce some major change into it, such as adding a completely new constraint. Then take this new state of things, run with it and see what happens. In this case let's see how one might design a revision control system where merging is prohibited.

  • What you need to know about hash functions

    There is a tool in the security practitioner's repertoire that's helpful for everyone to understand, regardless of what they do with computers: cryptographic hash functions. That may sound mysterious, technical, and maybe even boring, but I have a concise explanation of what hashes are and why they matter to you. A cryptographic hash function, such as SHA-256 or MD5, takes as input a set of binary data (typically as bytes) and gives output that is hopefully unique for each set of possible inputs. The length of the output—"the hash"—for any particular hash function is typically the same for any pattern of inputs (for SHA-256, it is 32 bytes or 256 bits—the clue's in the name). The important thing is this: It should be computationally implausible (cryptographers hate the word impossible) to work backward from the output hash to the input. This is why they are sometimes referred to as one-way hash functions. But what are hash functions used for? And why is the property of being unique so important?

  • GStreamer 1.17.2 unstable development release

    The GStreamer team is pleased to announce the second development release in the unstable 1.17 release series. The unstable 1.17 release series adds new features on top of the current stable 1.16 series and is part of the API and ABI-stable 1.x release series of the GStreamer multimedia framework. The unstable 1.17 release series is for testing and development purposes in the lead-up to the stable 1.18 series which is scheduled for release in a few weeks time. Any newly-added API can still change until that point, although it is rare for that to happen. Full release notes will be provided in the near future, highlighting all the new features, bugfixes, performance optimizations and other important changes. The autotools build has been dropped entirely for this release, so it's finally all Meson from here on.

  • Qt Design Studio - Sketch Bridge Tutorial Part 1

    Welcome to this Qt Design Studio Sketch Bridge Tutorial, to follow along with this you will need the commercial Qt Design Studio 1.5 Package and Sketch Bridge, macOS and Sketch installed (I'm using 66.1). With this tutorial I want to show you how to build up a sketch project that creates a clean export and import into Qt Design Studio (which i will refer to as qds for the rest of the tutorial), uses symbols and instances for proper componentization and goes back and forth from Sketch to qds in iterative loops building up a more complex scene from simple building blocks. I'll also cover some of the most common issues i come across from other users and the tips and tricks I've developed while working with the Bridge Plugin. I think it's important before we start to clarify that although Sketch allows designers to achieve their design concepts in a flexible and open ended manner, in order to have a pixel perfect design built around developer friendly components in qds, it is very important to structure and prepare your project in a certain manner, and although that is not overly complex to learn it does take some time and knowledge to do it well. My hope is this tutorial will provide you with the necessary experience to bring your designs much closer to this point. With this caveat out the way let's dive right in and start designing. [...] Now we have the default background state for the button let’s create the other two states we want to use for this tutorial, a hover and pressed state. We can do this by duplicating our original rectangle, renaming the layers and then putting them side by side for now so we can see the design changes in parallel, to make this a bit easier we can drag the symbol width out so we can fit our buttons side by side, we will be resizing this after we are done with the design.

  • Excellent Free Tutorials to Learn Solidity

    Solidity is an object-oriented, high-level language for implementing smart contracts. Solidity lets you program on Ethereum, a blockchain-based virtual machine that allows the creation and execution of smart contracts, without requiring centralized or trusted parties. Solidity is statically typed, supports inheritance, libraries and complex user-defined types among other features. With Solidity you can create contracts for uses such as voting, crowdfunding, blind auctions, and multi-signature wallets. Solidity was influenced by C++, Python and JavaScript. Like objects in OOP, each contract contains state variables, functions, and common data types. Contract-specific features include modifier (guard) clauses, event notifiers for listeners, and custom global variables.

Linux kernel coders propose inclusive terminology coding guidelines, note: 'Arguments about why people should not be offended do not scale'

In the light of the 2020 "global reckoning on race relations" the Linux kernel developers have stepped up with proposed new inclusive terminology guidelines for their coding community. The proposal came from Intel principal engineer Dan Williams and won support from other Linux maintainers including Chris Mason and Greg Kroah-Hartman. Words to be avoided include "slave", with suggested substitutions such as secondary, subordinate, replica or follower, and "blacklist", for which the replacements could be blocklist or denylist. The proposal has allowed for exceptions when maintaining a userspace API or when updating a code for a specification that mandates those terms. The existing Linux kernel coding style, described here, and has made no mention of inclusive language. The proposal is to add a new document, to be called Linux kernel inclusive technology, which will give the rationale for the changes. Referencing the fact that "the African slave trade was a brutal system of human misery deployed at global scale," the document has acknowledged that "word choice decisions in a modern software project does next to nothing to compensate for that legacy." Read more

Games: SpringRTS, OneShot and OpenXR

  • Playing SpringRTS games on Linux gets easier with Flatpak

    SpringRTS, the free and open source game engine for playing various real-time strategy games is now even easier to get running on Linux. If you've never heard of SpringRTS: it originally started to bring the classic Total Annihilation into proper 3D and since has expanded over years to become a full game engine with all sorts of games made for it. The developers recently announced a new official Flatpak package up on Flathub, enabling users across many different Linux distributions to easily grab the official SpringLobby and keep it nicely up to date. SpringLobby is the official UI for playing online and offline, plus it has a built-in feature to download missing content while trying to play with others.

  • Unique puzzle-adventure 'OneShot' now has a Linux build on itch

    If you've been itching to play the surreal puzzle adventure OneShot since it arrived on itch.io, we've got good news for you. While OneShot is not exactly a new game being originally released in 2016, it only gained Linux support last year in April 2019. Back in March 2020, the developer then went further and released it onto game store itch.io but it was missing the Linux build. It became part of the massive itch.io charity bundle that happened recently, so I've no doubt plenty of you who picked it up didn't even realise you owned it. Thankfully, on June 19 the developer added the standalone Linux build too so you can go ahead and play it on Linux.

  • Khronos Group open sources the OpenXR Conformance Test Suite for VR & AR

    In another important step forwards for free and open standards, plus the future of Virtual Reality and Augmented Reality, the Khronos Group have open sourced their OpenXR testing suite. What is OpenXR? It's an open standard for Augmented Reality (AR) and Virtual Reality (VR), collectively known as XR. It's picking up wide industry adoption, and hopefully means developers won't have to repeatedly rewrite code as they can support a single standard across platforms—something vitally important for the future of XR. It's gotten to the point where even Valve have decided to go all-in with OpenXR in their SteamVR.

  • OpenXR Conformance Tests Open-Sourced

    The Khronos Group today continued with their relatively recent trend of the past few years of open-sourcing their conformance tests. The OpenXR conformance tests are now open-source. The Conformance Test Suite for this industry-standard for AR/VR is now available as open-source under an Apache 2.0 license. This makes it easier for those developing OpenXR implementations to test against this publicly available set of tests, including the likes of the open-source Monado OpenXR runtime.