Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 2 hours 14 min ago

After Years of Abusive E-mails, the Creator of Linux Steps Aside (The New Yorker)

Thursday 20th of September 2018 02:10:56 AM
A story in The New Yorker magazine may help explain some of the timing of the recent upheavals in kernel-land. Longtime followers of kernel development will find the article to be a mixed bag—over the top in spots, fairly accurate elsewhere. "Torvalds’s decision to step aside came after The New Yorker asked him a series of questions about his conduct for a story on complaints about his abusive behavior discouraging women from working as Linux-kernel programmers. In a response to The New Yorker, Torvalds said, 'I am very proud of the Linux code that I invented and the impact it has had on the world. I am not, however, always proud of my inability to communicate well with others—this is a lifelong struggle for me. To anyone whose feelings I have hurt, I am deeply sorry.'"

[$] LWN.net Weekly Edition for September 20, 2018

Thursday 20th of September 2018 12:30:38 AM
The LWN.net Weekly Edition for September 20, 2018 is available.

Stable kernel updates

Wednesday 19th of September 2018 10:14:48 PM
Stable kernels 4.18.9, 4.14.71, 4.9.128, and 4.4.157 have been released. They all contain the usual set of important fixes and users should upgrade.

[$] Project Treble

Wednesday 19th of September 2018 07:33:45 PM

Android's Project Treble is meant as a way to reduce the fragmentation in the Android ecosystem. It also makes porting Android 8 ("Oreo"—the first version to mandate Treble) more difficult, according to Fedor Tcymbal. He described the project and what it means for silicon and device vendors in a talk at Open Source Summit North America 2018 in Vancouver, Canada.

[$] Resource control at Facebook

Wednesday 19th of September 2018 04:39:48 PM

Facebook runs a lot of programs and it tries to pack as many as it can onto each machine. That means running close to—and sometimes beyond—the resource limits on any given machine. How the system reacts when, for example, memory is exhausted, makes a big difference in Facebook getting its work done. Tejun Heo came to 2018 Open Source Summit North America to describe the resource control work that has been done by the team he works on at Facebook.

Security updates for Wednesday

Wednesday 19th of September 2018 02:48:40 PM
Security updates have been issued by Debian (chromium-browser and libapache2-mod-perl2), Oracle (kernel), and Ubuntu (ghostscript, glib2.0, and php5).

LLVM 7.0.0 released

Wednesday 19th of September 2018 12:56:26 PM
Version 7.0.0 of the LLVM compiler suite is out. "It is the result of the community's work over the past six months, including: function multiversioning in Clang with the 'target' attribute for ELF-based x86/x86_64 targets, improved PCH support in clang-cl, preliminary DWARF v5 support, basic support for OpenMP 4.5 offloading to NVPTX, OpenCL C++ support, MSan, X-Ray and libFuzzer support for FreeBSD, early UBSan, X-Ray and libFuzzer support for OpenBSD, UBSan checks for implicit conversions, many long-tail compatibility issues fixed in lld which is now production ready for ELF, COFF and MinGW, new tools llvm-exegesis, llvm-mca and diagtool". The list of new features is long; see the overall release notes, the Clang release notes, the Clang tools release notes, and the LLD linker release notes for more information.

[$] Code, conflict, and conduct

Tuesday 18th of September 2018 09:15:45 PM
A couple of surprising things happened in the kernel community on September 16: Linus Torvalds announced that he was taking a break from kernel development to focus on improving his own behavior, and the longstanding "code of conflict" was replaced with a code of conduct based on the Contributor Covenant. Those two things did not quite come packaged as a set, but they are clearly not unrelated. It is a time of change for the kernel project; there will be challenges to overcome but, in the end, less may change than many expect or fear.

Security updates for Tuesday

Tuesday 18th of September 2018 03:09:27 PM
Security updates have been issued by Fedora (ghostscript, icu, nspr, nss, nss-softokn, nss-util, and okular), Red Hat (java-1.7.1-ibm, java-1.8.0-ibm, OpenStack Platform, openstack-neutron, and openstack-nova), and Ubuntu (clamav and php5, php7.0, php7.2).

PostgreSQL adopts a code of conduct

Tuesday 18th of September 2018 02:04:55 PM
The PostgreSQL community has, after an extended discussion, announced the adoption of a code of conduct "which is intended to ensure that PostgreSQL remains an open and enjoyable project for anyone to join and participate in".

Versity announces next generation open source archiving filesystem

Monday 17th of September 2018 11:15:08 PM
Versity Software has announced that it has released ScoutFS under GPLv2. "ScoutFS is the first GPL archiving file system ever released, creating an inherently safer and more user friendly option for storing archival data where accessibility over very large time scales, and the removal of vendor specific risk is a key consideration."

Security updates for Monday

Monday 17th of September 2018 02:46:07 PM
Security updates have been issued by Debian (discount, ghostscript, intel-microcode, mbedtls, thunderbird, and zutils), Fedora (ghostscript, java-1.8.0-openjdk-aarch32, kernel-headers, kernel-tools, libzypp, matrix-synapse, nspr, nss, nss-softokn, nss-util, zsh, and zypper), Mageia (kernel, kernel-linus, and kernel-tmb), openSUSE (chromium, curl, ffmpeg-4, GraphicsMagick, kernel, libzypp, zypper, okular, python3, spice-gtk, tomcat, and zsh), Oracle (kernel), Slackware (php), SUSE (curl, libzypp, zypper, and openssh-openssl1), and Ubuntu (curl and firefox).

Apache SpamAssassin 3.4.2 released

Monday 17th of September 2018 01:30:23 PM
SpamAssassin 3.4.2 is out, the first release from this spam-filtering project since 3.4.1 came out in April 2015. It fixes some remotely exploitable security issues, so SpamAssassin users probably want to update in the near future. "The exploit has been seen in the wild but not believe to have been purposefully part of a Denial of Service attempt.  We are concerned that there may be attempts to abuse the vulnerability in the future.  Therefore, we strongly recommend all users of these versions upgrade to Apache SpamAssassin 3.4.2 as soon as possible."

[$] Fedora reawakens the hibernation debate

Monday 17th of September 2018 12:52:20 PM
Behavioral changes can make desktop users grumpy; that is doubly true for changes that arrive without notice and possibly risk data loss. Such a situation recently arose in the Fedora 29 development branch in the form of a new "suspend-then-hibernate" feature. This feature will almost certainly be turned off before Fedora 29 reaches an official release, but the discussion and finger-pointing it inspired reveal some significant differences of opinion about how this kind of change should be managed.

Kernel prepatch 4.19-rc4; Linus taking a break

Sunday 16th of September 2018 10:06:03 PM
Linus has released 4.19-rc4 and made a set of announcements that should really be read in their entirety. "I actually think that 4.19 is looking fairly good, things have gotten to the 'calm' period of the release cycle, and I've talked to Greg to ask him if he'd mind finishing up 4.19 for me, so that I can take a break, and try to at least fix my own behavior."

Weekend stable kernel updates

Sunday 16th of September 2018 11:38:50 AM
The 4.18.8, 4.14.70, 4.9.127, and 4.4.156 stable kernels have been released. Each contains a relatively large set of important fixes and updates.

Lights, Camera, Open Source: Hollywood Turns to Linux for New Code Sharing Initiative (Linux Journal)

Friday 14th of September 2018 09:59:47 PM
Linux Journal covers the new Academy Software Foundation (ASWF), which is a project aimed at open-source collaboration in movie-making software that was started by the Academy of Motion Picture Arts and Sciences (AMPAS) and the Linux Foundation. "Still at the early stages, the ASWF has yet to develop any of its own projects, but there is interest in having them host a number of very popular projects, such as Industrial Light & Magic’s OpenEXR HDR image file format, color management solution OpenColorIO, and OPenVDB, which is used for working with those hard-to-handle objects like clouds and fluids. Along with promoting cooperation on the development of a more robust set of tools for the industry, one of the goals of the organization moving forward is to put out a shared licensing template that they hope will help smooth the tensions over licensing. It follows that with the growth of projects, navigating the politics over usage rights is bound to be a tricky task."

Security updates for Friday

Friday 14th of September 2018 02:01:36 PM
Security updates have been issued by CentOS (firefox), Fedora (firefox, openssh, pango, and zziplib), Mageia (flash-player-plugin and ntp), Oracle (kernel), Red Hat (flash-plugin), Slackware (ghostscript), SUSE (podman and spice-gtk), and Ubuntu (firefox).

The (awesome) economics of open source (Opensource.com)

Friday 14th of September 2018 12:11:33 AM
Over at Opensource.com, Red Hat's Michael Tiemann looks at open source from the perspective of the economic theories of Ronald Coase, who won the 1991 Nobel Prize for Economics. Those theories help explain why companies like Red Hat (and Cygnus Solutions, which Tiemann founded) have prospered even in the face of economic arguments about why they should not. "Successful open source software companies 'discover' markets where transaction costs far outweigh all other costs, outcompete the proprietary alternatives for all the good reasons that even the economic nay-sayers already concede (e.g., open source is simply a better development model to create and maintain higher-quality, more rapidly innovative software than the finite limits of proprietary software), and then—and this is the important bit—help clients achieve strategic objectives using open source as a platform for their own innovation. With open source, better/faster/cheaper by itself is available for the low, low price of zero dollars. As an open source company, we don't cry about that. Instead, we look at how open source might create a new inflection point that fundamentally changes the economics of existing markets or how it might create entirely new and more valuable markets."

The first /e/ beta is available

Thursday 13th of September 2018 08:07:47 PM
/e/ is Gaël Duval's project to build a privacy-oriented smartphone distribution; the first beta is now available with support for a number of devices. "At our current point of development, we have an '/e/' ROM in Beta stage: forked from LineageOS 14.1, it can be installed on several devices (read the list). The number of supported devices will grow over time, depending on more build servers and more contributors who can maintain or port to specific devices (contributors welcome). The ROM includes microG configured by default with Mozilla NLP so users can have geolocation functionality even when GPS signal is not available."

More in Tux Machines

Red Hat's "DevOps" Hype Again and Analysis of last Night's Financial Results

OSS Leftovers

  • Deutsche Telekom and Aricent Create Open Source Edge Software Framework
    Deutsche Telekom and Aricent today announced the creation of an Open Source, Low Latency Edge Compute Platform available to operators, to enable them to develop and launch 5G mobile applications and services faster. The cost-effective Edge platform is built for software-defined data centers (SDDC) and is decentralized, to accelerate the deployment of ultra-low latency applications. The joint solution will include a software framework with key capabilities for developers, delivered as a platform-as-a-service (PaaS) and will incorporate cloud-native Multi-access edge computing (MEC) technologies.
  • A Deeper Look at Sigma Prime's Lighthouse: An Open-Source Ethereum 2.0 Client
  • Notable moments in Firefox for Android UA string history
  • Dweb: Creating Decentralized Organizations with Aragon
    With Aragon, developers can create new apps, such as voting mechanisms, that use smart contracts to leverage decentralized governance and allow peers to control resources like funds, membership, and code repos. Aragon is built on Ethereum, which is a blockchain for smart contracts. Smart contracts are software that is executed in a trust-less and transparent way, without having to rely on a third-party server or any single point of failure. Aragon is at the intersection of social, app platform, and blockchain.
  • LLVM 7.0.0 released
  • Parabola GNU/Linux-libre: Boot problems with Linux-libre 4.18 on older CPUs
    Due to a known bug in upstream Linux 4.18, users with older multi-core x86 CPUs (Core 2 Duo and earlier?) may not correctly boot up with linux-libre 4.18 when using the default clocksource.
  • Visual Schematic Diffs in KiCAD Help Find Changes
    In the high(er)-end world of EDA tools like OrCAD and Altium there is a tight integration between the version control system and the design tools, with the VCS is sold as a product to improve the design workflow. But KiCAD doesn’t try to force a version control system on the user so it doesn’t really make sense to bake VCS related tools in directly. You can manage changes in KiCAD projects with git but as [jean-noël] notes reading Git’s textual description of changed X/Y coordinates and paths to library files is much more useful for a computer than for a human. It basically sucks to use. What you really need is a diff tool that can show the user what changed between two versions instead of describe it. And that’s what plotgitsch provides.

LWN's Latest (Today Outside Paywall) Articles About the Kernel, Linux

  • Toward better handling of hardware vulnerabilities
    From the kernel development community's point of view, hardware vulnerabilities are not much different from the software variety: either way, there is a bug that must be fixed in software. But hardware vendors tend to take a different view of things. This divergence has been reflected in the response to vulnerabilities like Meltdown and Spectre which was seen by many as being severely mismanaged. A recent discussion on the Kernel Summit discussion list has shed some more light on how things went wrong, and what the development community would like to see happen when the next hardware vulnerability comes around. The definitive story of the response to Meltdown and Spectre has not yet been written, but a fair amount of information has shown up in bits and pieces. Intel was first notified of the problem in July 2017, but didn't get around to telling anybody in the the Linux community about it until the end of October. When that disclosure happened, Intel did not allow the community to work together to fix it; instead each distributor (or other vendor) was mostly left on its own and not allowed to talk to the others. Only at the end of December, right before the disclosure (and the year-end holidays), were members of the community allowed to talk to each other. The results of this approach were many, and few were good. The developers charged with responding to these problems were isolated and under heavy stress for two months; they still have not been adequately thanked for the effort they put in. Many important stakeholders, including distributions like Debian and the "tier-two" cloud providers, were not informed at all prior to the general disclosure and found themselves scrambling. Different distributors shipped different fixes, many of which had to be massively revised before entry into the mainline kernel. When the dust settled, there was a lot of anger left simmering in its wake.
  • Writing network flow dissectors in BPF
    Network packet headers contain a great deal of information, but the kernel often only needs a subset of that information to be able to perform filtering or associate any given packet with a flow. The piece of code that follows the different layers of packet encapsulation to find the important data is called a flow dissector. In current Linux kernels, the flow dissector is written in C. A patch set has been proposed recently to implement it in BPF with the clear goal of improving security, flexibility, and maybe even performance.
  • Coscheduling: simultaneous scheduling in control groups
    The kernel's CPU scheduler must, as its primary task, determine which process should be executing in each of a system's processors at any given time. Making an optimal decision involves juggling a number of factors, including the priority (and scheduling classes) of the runnable processes, NUMA locality, cache locality, latency minimization, control-group policies, power management, overall fairness, and more. One might think that throwing another variable into the mix — and a complex one at that — would not be something anybody would want to attempt. The recent coscheduling patch set from Jan Schönherr does exactly that, though, by introducing the concept of processes that should be run simultaneously. The core idea behind coscheduling is the marking of one or more control groups as containing processes that should be run together. If one process in a coscheduled group is running on a specific set of CPUs (more on that below), only processes from that group will be allowed to run on those CPUs. This rule holds even to the point of forcing some of the CPUs to go idle if the given control group lacks runnable processes, regardless of whether processes outside the group are runnable. Why might one want to do such a thing? Schönherr lists four motivations for this work, the first of which is virtualization. That may indeed be the primary motivation, given that Schönherr is posting from an Amazon address, and Amazon is rumored to be running a virtualized workload or two. A virtual machine usually contains multiple processes that interact with each other; these machines will run more efficiently (and with lower latencies) if those processes can run simultaneously. Coscheduling would ensure that all of a virtual machine's processes are run together, maximizing locality and minimizing the latencies of the interactions between them.
  • Machine learning and stable kernels
    There are ways to get fixes into the stable kernel trees, but they require humans to identify which patches should go there. Sasha Levin and Julia Lawall have taken a different approach: use machine learning to distinguish patches that fix bugs from others. That way, all bug-fix patches could potentially make their way into the stable kernels. Levin and Lawall gave a talk describing their work at the 2018 Open Source Summit North America in Vancouver, Canada. Levin began with a quick introduction to the stable tree and how patches get into it. When a developer fixes a bug in a patch they can add a "stable tag" to the commit or send a mail to the stable mailing list; Greg Kroah-Hartman will then pick up the fix, evaluate it, and add it to the stable tree. But that means that the stable tree is only getting the fixes that are pointed out to the stable maintainers. No one has time to check all of the commits to the kernel for bug fixes but, in an ideal world, all of the bug fixes would go into the stable kernels. Missing out on some fixes means that the stable trees will have more security vulnerabilities because the fixes often close those holes—even if the fixer doesn't realize it.
  • Trying to get STACKLEAK into the kernel
    The STACKLEAK kernel security feature has been in the works for quite some time now, but has not, as yet, made its way into the mainline. That is not for lack of trying, as Alexander Popov has posted 15 separate versions of the patch set since May 2017. He described STACKLEAK and its tortuous path toward the mainline in a talk [YouTube video] at the 2018 Linux Security Summit. STACKLEAK is "an awesome security feature" that was originally developed by The PaX Team as part of the PaX/grsecurity patches. The last public version of the patch set was released in April 2017 for the 4.9 kernel. Popov set himself on the goal of getting STACKLEAK into the kernel shortly after that; he thanked both his employer (Positive Technologies) and his family for giving him working and free time to push STACKLEAK. The first step was to extract STACKLEAK from the more than 200K lines of code in the grsecurity/PaX patch set. He then "carefully learned" about the patch and what it does "bit by bit". He followed the usual path: post the patch, get feedback, update the patch based on the feedback, and then post it again. He has posted 15 versions and "it is still in progress", he said.

PostgreSQL 11: something for everyone

PostgreSQL 11 had its third beta release on August 9; a fourth beta (or possibly a release candidate) is scheduled for mid-September. While the final release of the relational database-management system (currently slated for late September) will have something new for many users, its development cycle was notable for being a period when the community hit its stride in two strategic areas: partitioning and parallelism. Partitioning and parallelism are touchstones for major relational database systems. Proprietary database vendors manage to extract a premium from a minority of users by upselling features in these areas. While PostgreSQL has had some of these "high-tier" items for many years (e.g., CREATE INDEX CONCURRENTLY, advanced replication functionality), the upcoming release expands the number considerably. I may be biased as a PostgreSQL major contributor and committer, but it seems to me that the belief that community-run database system projects are not competitive with their proprietary cousins when it comes to scaling enterprise workloads has become just about untenable. Read more