Language Selection

English French German Italian Portuguese Spanish

LWN Kernel Articles: 4.20/5.0 Merge, Jiri Kosina, Arnd Bergmann and Greg Kroah-Hartman

Filed under
Linux
  • 4.20/5.0 Merge window part 1

    Linus Torvalds has returned as the keeper of the mainline kernel repository, and the merge window for the next release which, depending on his mood, could be called either 4.20 or 5.0, is well underway. As of this writing, 5,735 non-merge changesets have been pulled for this release; experience suggests that we are thus at roughly the halfway point.

  • Improving the handling of embargoed hardware-security bugs

    Jiri Kosina kicked off a session on hardware vulnerabilities at the 2018 Kernel Maintainers Summit by noting that there are few complaints about how the kernel community deals with security issues in general. That does not hold for Meltdown and Spectre which, he said, had been "completely mishandled". The subsequent handling of the L1TF vulnerability suggests that some lessons have been learned, but there is still plenty of room for improvement in how hardware vulnerabilities are handled in general.

    There are a number of reasons why the handling of Meltdown and Spectre went bad, he said, starting with the fact that the hardware vendors simply did not know how to do it right. They didn't think that the normal security contact (security@kernel.org) could be used, since there was no non-disclosure agreement (NDA) in place there. Perhaps what is needed is the creation of such an agreement or, as was discussed in September, a "gentleman's agreement" that would serve the same role.

  • Removing support for old hardware from the kernel

    The kernel supports a wide range of hardware. Or, at least, the kernel contains drivers for a lot of hardware, but the hardware for which many of those drivers was written is old and, perhaps, no longer in actual use. Some of those drivers would certainly no longer work even if the hardware could be found. These drivers provide no value, but they are still an ongoing maintenance burden; it would be better to simply remove them from the kernel. But identifying which drivers can go is not as easy as one might think. Arnd Bergmann led an inconclusive session on this topic at the 2018 Kernel Maintainers Summit.

    Bergmann started by noting (to applause) that he recently removed support for eight processor architectures from the kernel. It was, he said, a lot of work to track down the right people to talk to before removing that code. In almost every case, the outgoing architectures were replaced — by their creators — by Arm-based systems. There probably are not any more architectures that can go anytime soon; Thomas Gleixner's suggestion that x86 should be next failed to win the support of the group.

  • The proper use of EXPORT_SYMBOL_GPL()

    The kernel, in theory, puts strict limits on which functions and data structures are available to loadable kernel modules; only those that have been explicitly exported with EXPORT_SYMBOL() or EXPORT_SYMBOL_GPL() are accessible. In the case of EXPORT_SYMBOL_GPL(), only modules that declare a GPL-compatible license will be able to see the symbol. There have been questions about when EXPORT_SYMBOL_GPL() should be used for almost as long as it has existed. The latest attempt to answer those questions was a session run by Greg Kroah-Hartman at the 2018 Kernel Maintainers Summit; that session offered little in the way of general guidance, but it did address one specific case.

More in Tux Machines

OSS Leftovers

  • DAV1D v0.1 AV1 Video Decoder Released
    Out today is DAV1D as the first official (v0.1) release of this leading open-source AV1 video decoder. This release was decided since its quality is good enough for use, covers all AV1 specs and features, and is quite fast on desktop class hardware and improving for mobile SoCs.
  • PikcioChain plans for open-source MainNet in roadmap update
    France-based PikcioChain, a platform designed to handle and monetize personal data, has announced changes to its development roadmap as it looks towards the launch of its standalone MainNet and block explorer in the first quarter of 2019.
  • New Blockstream Bitcoin Block Explorer Announces The Release Of Its Open Source Code Esplora
    Blockstream has just announced a release of Esplora, its open source software. This is the software that keeps the website and network running. This new release follows on the heels of its block explorer that was released in November to the public. The company released the block explorer, and after making sure it was successful, released the code behind that block explorer. This way, developers can easily create their block explorers, build add-ons and extensions as well as contribute to Blockstream.info.
  • Will Concerns Break Open Source Containers?
    Open source containers, which isolate applications from the host system, appear to be gaining traction with IT professionals in the U.S. defense community. But for all their benefits, security remains a notable Achilles’ heel for a couple of reasons. First, containers are still fairly nascent, and many administrators are not yet completely familiar with their capabilities. It’s difficult to secure something you don’t completely understand. Second, containers are designed in a way that hampers visibility. This lack of visibility can make securing containers extremely taxing.
  • Huawei, RoboSense join group pushing open-source autonomous driving technology
    Telecommunications equipment giant Huawei Technologies, its semiconductor subsidiary HiSilicon and RoboSense, a maker of lidar sensors used in driverless cars, have become the first Chinese companies to help establish an international non-profit group that supports open-source autonomous driving projects. The three firms are among the more than 20 founding members of the Autoware Foundation, which aims to promote collaboration between corporate and academic research efforts in autonomous driving technology, according to a statement from the group on Monday. The foundation is an outgrowth of Autoware.AI, an open-source autonomous driving platform that was started by Nagoya University associate professor Shinpei Kato in 2015.
  • 40 top Linux and open source conferences in 2019
    Every year Opensource.com editors, writers, and readers attend open source-related conference and events hosted around the world. As we started planning our 2019 schedules, we rounded up a few top picks for the year. Which conferences do you plan to attend in 2019? If you don't see your conference on this list, be sure to tell us about it in the comments and add it to our community conference calendar. (And for more events to attend, check out The Enterprisers Project list of business leadership conferences worth exploring in 2019.)
  • Adding graphics to the Windows System for Linux [Ed: CBS is still employing loads of Microsoft boosters like Simon Bisson, to whom "Linux" is just something for Microsoft to swallow]/
  • Kong launches its fully managed API platform [Ed: Typical openwashing of APIs, even using the term "open source" where it clearly does not belong]g
  • How Shared, Open Data Can Help Us Better Overcome Disasters
    WHEN A MASSIVE earthquake and tsunami hit the eastern coast of Japan on March 11, 2011, the Fukushima Daiichi Nuclear Power Plant failed, leaking radioactive material into the atmosphere and water. People around the country as well as others with family and friends in Japan were, understandably, concerned about radiation levels—but there was no easy way for them to get that information. I was part of a small group of volunteers who came together to start a nonprofit organization, Safecast, to design, build, and deploy Geiger counters and a website that would eventually make more than 100 million measurements of radiation levels available to the public. We started in Japan, of course, but eventually people around the world joined the movement, creating an open global data set. The key to success was the mobile, easy to operate, high-quality but lower-cost kit that the Safecast team developed, which people could buy and build to collect data that they might then share on the Safecast website.

Security: Updates, Ransomware, and DNS Blame Misplaced

  • Security updates for Tuesday
  • Ransomware still dominates the global threat landscape
     

    Ransomware attacks continues as the main world’s main security threat and the most profitable form of malware, but a new global report indicates that despite “copious” numbers of infections daily there’s emerging signs the threat is no longer growing.  

  • Someone messed with Linux.org's DNS to deface the website's homepage [Ed: That's not "deface"' but more like redirect and it's not the site's DNS system but something upstream, another company that's at fault]
    SO IMAGINE YOU REALLY LOVE OPEN SOURCE; you've poured yourself a glass of claret from a wine box and have settled into a night of perusing Linux.org. You feel a tingle of excitement as you type in the URL - you're old skool - but that sours to despair as you see a defaced website greet your eyes. Yep, it looks like someone managed to get into the Linux.org website's domain name service (DNS) settings and point the domain to another server that served up a defaced webpage, which depending on when you may have accessed it, greeted visitors with racial slurs, an obscene picture and a protest against the revised Linux kernel developer code of conduct.

Tails 3.11 and Tor Transparency (Financials)

The Year 2018 in Open Hardware and MIT's 3D Printer

  • The Year 2018 in Open Hardware
    2018 saw several open hardware projects reach fruition. Where the open hardware movement goes from here, remains to be seen. 2018 was not “The Year of Open Hardware,” any more than it was the fabled “Year of the Linux Desktop.” All the same, 2018 was a year in which open hardware projects started to move from fundraising and project development to product releases. Many of these open products were traditional hardware, but 2018 also saw the release of innovative tech in the form of new and useful gadgets. In the background, open hardware hangs on to traditional niches. These niches occur at the intersection of altruism, hobbyists, academia, and the market, to say nothing of crowdfunding and the relative affordability of 3D printing. A prime example of this intersection is the development of prosthetics. Much of the modern work in open hardware began almost a decade ago with the Yale OpenHand project. At the same time, sites like Hackaday.io offer kits and specifications for hobbyists, while the e-NABLE site has become a place for exchanging ideas for everyone from tinkerers to working professionals in the field. As a result, open hardware technology in the field of prosthetics has grown to rival traditional manufacturers in a handful of years. This niche is a natural one for open hardware not only because of the freely available resources, but for simple economics. Traditionally manufactured prosthetic hands begin at about $30,000, far beyond the budgets of many potential customers. By contrast, an open hardware-based company like the UK based Open Bionics can design a cosmetically-pleasing hand for $200, which is still a large sum in impoverished areas, but far more obtainable. A non-profit called Social Hardware estimates that a need for prosthetic hands in India alone numbers 26,000 and hopes to help meet the demand by offering a development kit on which enthusiasts can learn and later donate their results to those who need them.
  • This MIT Developed 3D Printer Is 10 Times Faster Than Modern 3D Printers
    3D printers have become more and more useful in the mass production of complex products that are cheaper and stronger. However, the only issue with 3D printing is its slow speed. These desktop 3D printers can print only one product at a time and only one thin layer at a making.
  • Accelerating 3-D printing
    Imagine a world in which objects could be fabricated in minutes and customized to the task at hand. An inventor with an idea for a new product could develop a prototype for testing while on a coffee break. A company could mass-produce parts and products, even complex ones, without being tied down to part-specific tooling and machines that can’t be moved. A surgeon could get a bespoke replacement knee for a patient without leaving the operating theater. And a repair person could identify a faulty part and fabricate a new one on site — no need to go to a warehouse to get something out of inventory.