Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 4 hours 39 min ago

[$] Supporting shared TLB contexts

Tuesday 28th of March 2017 07:57:14 PM
A processor's translation lookaside buffer (TLB) caches the mappings from virtual to physical addresses. Looking up virtual addresses is expensive, so good performance often depends on making the best use of the TLB. In the memory-management track of the 2017 Linux Storage, Filesystem, and Memory-Management Summit, Mike Kravetz described a SPARC processor feature that can improve TLB performance and explored ways in which that feature could be supported.

Kubernetes 1.6 released

Tuesday 28th of March 2017 07:53:42 PM
Version 1.6 of the Kubernetes orchestration system is available. "In this release the community’s focus is on scale and automation, to help you deploy multiple workloads to multiple users on a cluster. We are announcing that 5,000 node clusters are supported. We moved dynamic storage provisioning to stable. Role-based access control (RBAC), kubefed, kubeadm, and several scheduling features are moving to beta. We have also added intelligent defaults throughout to enable greater automation out of the box."

Google's new open-source site

Tuesday 28th of March 2017 06:17:37 PM
Google has announced the launch of opensource.google.com. "Today, we’re launching opensource.google.com, a new website for Google Open Source that ties together all of our initiatives with information on how we use, release, and support open source. This new site showcases the breadth and depth of our love for open source. It will contain the expected things: our programs, organizations we support, and a comprehensive list of open source projects we've released. But it also contains something unexpected: a look under the hood at how we "do" open source."

[$] Huge pages in the ext4 filesystem

Tuesday 28th of March 2017 03:38:48 PM
When the transparent huge page feature was added to the kernel, it only supported anonymous (non-file-backed) memory. In 2016, support for huge pages in the page cache was added, but only the tmpfs filesystem was supported. There is interest in expanding support to other filesystems, since, for some workloads, the performance improvement can be significant. Kirill Shutemov led the only session that combined just the filesystem and memory-management tracks at the 2017 Linux Storage, Filesystem, and Memory-Management Summit in a discussion of adding huge-page support to the ext4 filesystem.

Security updates for Tuesday

Tuesday 28th of March 2017 02:27:53 PM
Security updates have been issued by Debian (eject, gst-plugins-bad1.0, gst-plugins-base1.0, gst-plugins-good1.0, gst-plugins-ugly1.0, gstreamer1.0, php5, and tiff), Fedora (kernel), Gentoo (curl, deluge, libtasn1, and xen-tools), Mageia (mbedtls, putty, and roundcubemail), openSUSE (dbus-1, gegl, mxml, open-vm-tools, partclone, qbittorrent, tcpreplay, and xtrabackup), and Ubuntu (eject, gst-plugins-base0.10, gst-plugins-base1.0, and gst-plugins-good0.10, gst-plugins-good1.0).

[$] The future of DAX

Monday 27th of March 2017 11:01:01 PM
DAX is the mechanism that enables direct access to files stored in persistent memory arrays without the need to copy the data through the page cache. At the 2017 Linux Storage, Filesystem, and Memory-Management Summit, Ross Zwisler led a plenary session on the future of DAX. Development in this area offers a number of interesting trade-offs between data safety and enabling the highest performance.

DragonFly BSD 4.8

Monday 27th of March 2017 09:20:46 PM
DragonFly BSD 4.8 has been released. "DragonFly version 4.8 brings EFI boot support in the installer, further speed improvements in the kernel, a new NVMe driver, a new eMMC driver, and Intel video driver updates." DragonFly is an independent BSD variant, perhaps best known for the HAMMER filesystem.

SecureDrop and Alexandre Oliva are 2016 Free Software Awards winners

Monday 27th of March 2017 03:38:17 PM
The Free Software Foundation has announced the winners of the 2016 Free Software Awards. The Award for Projects of Social Benefit went to SecureDrop and the Award for the Advancement of Free Software went to Alexandre Oliva. "SecureDrop is an anonymous whistleblowing platform used by major news organizations and maintained by Freedom of the Press Foundation. Originally written by the late Aaron Swartz with assistance from Kevin Poulsen and James Dolan, the free software platform was designed to facilitate private and anonymous conversations and secure document transfer between journalists and sensitive sources."

Stable kernel updates

Monday 27th of March 2017 03:16:47 PM
Stable kernels 4.10.6, 4.9.18, and 4.4.57 have been released. All of them contain important fixes and users should upgrade.

Security updates for Monday

Monday 27th of March 2017 03:11:46 PM
Security updates have been issued by Debian (apt-cacher, jbig2dec, libplist, python3.2, tnef, and xrdp), Fedora (firefox, mbedtls, and sane-backends), Mageia (flash-player-plugin, freetype2, glibc, kernel, kernel-linus, kernel-tmb, libquicktime, libwmf, and tnef), and Ubuntu (thunderbird).

Kernel prepatch 4.11-rc4

Sunday 26th of March 2017 09:57:22 PM
The 4.11-rc4 kernel prepatch is out for testing. "So on the whole things look fine. There's changes all over, and in mostly the usual proportions. Some core kernel code shows up in the diffstat slightly more than it usually does - we had an audit fix and a bpf hashmap fix, but on the whole it all looks very regular."

[$] Sharing pages between mappings

Sunday 26th of March 2017 03:39:33 PM
In the memory-management subsystem, the term "mapping" refers to the connection between pages in memory and their backing store — the file that represents them on disk. One of the fundamental assumptions in the kernel is that a given page in the page cache belongs to exactly one mapping. But, as Miklos Szeredi explained in a plenary session at the 2017 Linux Storage, Filesystem, and Memory-Management Summit, there are situations where it would be desirable to associate the same page with multiple mappings. Achieving this goal may not be easy, though.

Click below (subscribers only) for continuing coverage from LSFMM 2017

Eudyptula Challenge Status report

Friday 24th of March 2017 06:49:52 PM
The Eudyptula Challenge is a series of programming exercises for the Linux kernel. It starts from a very basic "Hello world" kernel module, moves up in complexity to getting patches accepted into the main kernel. The challenge will be closed to new participants in a few months, when 20,000 people have signed up. LWN covered the Eudyptula Challenge in May 2014, when it was fairly new. At this time over 19,000 people have signed up and only 149 have finished.

Security updates for Friday

Friday 24th of March 2017 03:23:10 PM
Security updates have been issued by Arch Linux (libpurple), Debian (audiofile, cgiemail, and imagemagick), Fedora (cloud-init, empathy, and mupdf), Mageia (firefox and thunderbird), Scientific Linux (icoutils and openjpeg), Slackware (mcabber and samba), and Ubuntu (eglibc).

Relicensing OpenSSL

Friday 24th of March 2017 11:27:42 AM
Back in 2015, the OpenSSL project announced its intent to move away from its rather quirky license. Now it has announced that the change is moving forward. "After careful review, consultation with other projects, and input from the Core Infrastructure Initiative and legal counsel from the SFLC, the OpenSSL team decided to relicense the code under the widely-used ASLv2." It is worth noting that this change and the way it is being pursued are not universally popular, in the OpenBSD camp, at least.

Agocs: Boosting performance with shader binary caching in Qt 5.9

Thursday 23rd of March 2017 04:49:18 PM
Laszlo Agocs takes a look at improvements to the basic OpenGL enablers that form the foundation of Qt Quick and the optional OpenGL-based rendering path of QPainter in Qt 5.9. "As explained here, such shader programs will attempt to cache the program binaries on disk using GL_ARB_get_program_binary or the standard equivalents in OpenGL ES 3.0. When no support is provided by the driver, the behavior is equivalent to the non-cached case. The files are stored in the global or per-process cache location, whichever is writable. The result is a nice boost in performance when a program is created with the same shader sources next time."

Security updates for Thursday

Thursday 23rd of March 2017 03:13:00 PM
Security updates have been issued by Debian (audiofile, jhead, libxslt, samba, suricata, and wordpress), Fedora (openslp), Mageia (icoutils, kdelibs4, and virtualbox), Oracle (icoutils and openjpeg), Red Hat (icoutils and openjpeg), and Ubuntu (audiofile, git, and samba).

[$] LWN.net Weekly Edition for March 23, 2017

Thursday 23rd of March 2017 12:59:15 AM
The LWN.net Weekly Edition for March 23, 2017 is available.

GitLab 9.0 Released with Subgroups and Deploy Boards

Wednesday 22nd of March 2017 07:43:02 PM
GitLab 9.0 has been released with many new features and improvements. "In the last several releases, GitLab has transformed how development teams get from idea to production. In just a few minutes, you can deploy GitLab to a container scheduler, add CI/CD with auto deployed review apps, utilize ChatOps, and analyze your cycle time. With 9.0 you can now watch your deploys with deploy boards and monitor application performance with Prometheus."

NTPsec Project announces 0.9.7

Wednesday 22nd of March 2017 06:10:04 PM
The NTPsec Project has announced the 0.9.7 release of NTPsec, with assistance from the Mozilla Foundation's "Secure Open Source" initiative. NTPsec is an implementation of the Network Time Protocol (NTP). "NTPsec 0.9.7 incorporates significant improvements in security, accuracy, precision, visualization, and usability, with assistance, contributions, and audits provided by infosec researchers and other technical contributors. For this release, the NTPsec Project worked particularly closely with the Mozilla Foundation's "Secure Open Source" initiative, who funded an infosec audit, and with Cure53.de, who provided the audit."

More in Tux Machines

New Emojis Come, Celtx Goes Away

Development News

Security Leftovers

  • How To Improve The Linux System’s Security Using Firejail
    As you already know, Linux kernel is secure by default. But, it doesn’t mean that the softwares on the Linux system are completely secure. Say for example, there is a possibility that any add-ons on your web browser may cause some serious security issues. While doing financial transactions over internet, some key logger may be active in browser which you are not aware of. Even though, we can’t completely give the bullet-proof security to our Linux box, we still can add an extra pinch of security using an application called Firejail. It is a security utility which can sandbox any such application and let it to run in a controlled environment. To put this simply, Firejail is a SUID (Set owner User ID up on execution) program that reduces the risk of security breaches by restricting the running environment of untrusted applications.
  • “Httpd and Relayd Mastery” off to copyedit
  • Kalyna Block Cipher

Containers vs. Zones vs. Jails vs. VMs

  • Setting the Record Straight: containers vs. Zones vs. Jails vs. VMs
    I’m tired of having the same conversation over and over again with people so I figured I would put it into a blog post. Many people ask me if I have tried or what I think of Solaris Zones / BSD Jails. The answer is simply: I have tried them and I definitely like them. The conversation then heads towards them telling me how Zones and Jails are far superior to containers and that I should basically just give up with Linux containers and use VMs. Which to be honest is a bit forward to someone who has spent a large portion of her career working with containers and trying to make containers more secure. Here is what I tell them:
  • [Old] Hadoop Has Failed Us, Tech Experts Say

    The Hadoop community has so far failed to account for the poor performance and high complexity of Hadoop, Johnson says. “The Hadoop ecosystem is still basically in the hands of a small number of experts,” he says. “If you have that power and you’ve learned know how to use these tools and you’re programmer, then this thing is super powerful. But there aren’t a lot of those people. I’ve read all these things how we need another million data scientists in the world, which I think means our tools aren’t very good.”