Language Selection

English French German Italian Portuguese Spanish

Linux Kernel and Linux Foundation

Filed under
Linux
  • Linux's Crypto API Is Adopting Some Aspects Of Zinc, Opening Door To Mainline WireGuard

    Mainlining of the WireGuard secure VPN tunnel was being held up by its use of the new "Zinc" crypto API developed in conjunction with this network tech. But with obstacles in getting Zinc merged, WireGuard was going to be resorting to targeting the existing kernel crypto interfaces. Instead, however, it turns out the upstream Linux crypto developers were interested and willing to incorporate some elements of Zinc into the existing kernel crypto implementation.

    Back in September is when Jason Donenfeld decided porting WireGuard to the existing Linux crypto API was the best path forward for getting this secure networking functionality into the mainline kernel in a timely manner. But since then other upstream kernel developers working on the crypto subsystem ended up with patches incorporating some elements of Zinc's design.

  • zswap: use B-tree for search
    The current zswap implementation uses red-black trees to store
    entries and to perform lookups. Although this algorithm obviously
    has complexity of O(log N) it still takes a while to complete
    lookup (or, even more for replacement) of an entry, when the amount
    of entries is huge (100K+).
    
    B-trees are known to handle such cases more efficiently (i. e. also
    with O(log N) complexity but with way lower coefficient) so trying
    zswap with B-trees was worth a shot.
    
    The implementation of B-trees that is currently present in Linux
    kernel isn't really doing things in the best possible way (i. e. it
    has recursion) but the testing I've run still shows a very
    significant performance increase.
    
    The usage pattern of B-tree here is not exactly following the
    guidelines but it is due to the fact that pgoff_t may be both 32
    and 64 bits long.
    
    
  • Zswap Could See Better Performance Thanks To A B-Tree Search Implementation

    For those using Zswap as a compressed RAM cache for swapping on Linux systems, the performance could soon see a measurable improvement.

    Developer Vitaly Wool has posted a patch that switches the Zswap code from using red-black trees to a B-tree for searching. Particularly for when having to search a large number of entries, the B-trees implementation should do so much more efficiently.

  • AT&T Finally Opens Up dNOS "DANOS" Network Operating System Code

    One and a half years late, the "DANOS" (known formerly as "dNOS") network operating system is now open-source under the Linux Foundation.

    AT&T and the Linux Foundation originally announced their plan in early 2018 wish pushing for this network operating system to be used on more mobile infrastructure. At the time they expected it to happen in H2'2018, but finally on 15 November 2019 the goal came to fruition.

More in Tux Machines

today's howtos

Events: KVM Forum 2019 and "Bar Charts for Diversity"

  • A recap of KVM Forum 2019

    The 13th KVM Forum virtualization conference took place in Lyon, France in October 2019. One might think that development may have finished on the Kernel Virtual Machine (KVM) module that was merged in Linux 2.6.20 in 2007, but this year's conference underscored the amount of work still being done, particularly on side-channel attack mitigation, I/O device assignment with VFIO and mdev, footprint reduction with micro virtual machines (VMs), and with the ability to run VMs nested within VMs. Many talks also involved the virtual machine monitor (VMM) user-space programs that use the KVM kernel module—of which QEMU is the most widely used.

  • Enhancing KVM for guest protection and security

    A key tenet in KVM is to reuse as much Linux infrastructure as possible and focus specifically on processor virtualization. Back in 2007, this meant a smaller code base and less friction with the other kernel subsystems, especially when compared with other virtualization technologies such as Xen. This led to KVM being merged into the mainline with relative ease. But now, in the era of microarchitectural vulnerabilities, the priorities have shifted, and the KVM's reliance on other kernel subsystems can be a liability. For one thing, the host kernel widens the TCB (Trusted Computing Base) and makes for a larger attack surface. In addition, kernel data structures such as the direct memory map give Linux access to guest memory even when it is not strictly necessary and make it impossible to fully enforce the principle of least privilege. In his talk "Enhancing KVM for Guest Protection and Security" (slides [PDF]) presented at KVM Forum 2019, long-time KVM contributor Jun Nakajima explained this risk and suggested some strategies to mitigate it.

  • Bar charts for diversity

    At the Linux App Summit I gave an unconference talk titles Hey guys, this conference is for everyone. The “hey guys” part refers to excluding people from a talk or making them feel uncomfortable – you can do this unintentionally, and the take-away of the talk was that you, (yes, you) can be better. I illustrated this mostly with conversational distance, a favorite topic of mine that I can demonstrate easily on stage. There’s a lot of diversity in how far people stand away from strangers, while explaining something they care about. The talk wasn’t recorded, but I’ve put the slides up. Another side of diversity can be dealt with by statistics. Since I’m a mathematician, I have a big jar of peanuts and raisins in the kitchen. Late at night I head down to the kitchen and grab ten items from the jar. Darn, all of them are raisins. What are the odds!? Well, a lot depends on whether there are any peanuts in the jar at all; what percentage is peanuts; whether I’m actually picking things randomly or not. There’s a convenient tool that Katarina Behrens pointed me to, which can help figure this out. Even if there’s only a tiny fraction of peanuts in the jar, there’s an appreciable chance of getting one (e.g. change the percentage on that page to 5% and you’ll see).

Linux on the MAG1 8.9 inch mini-laptop (Ubuntu and Fedora)

The Magic Ben MAG1 mini-laptop is a 1.5 pound notebook computer that measures about 8.2″ x 5.8″ x 0.7″ and which features an 8.9 inch touchscreen display and an Intel Core m3-8100Y processor. As I noted in my MAG1 review, the little computer also has one of the best keyboards I’ve used on a laptop this small and a tiny, but responsive trackpad below the backlit keyboard. Available from GeekBuying for $630 and up, the MAG1 ships with Windows 10, but it’s also one of the most Linux-friendly mini-laptops I’ve tested to date. [...] I did not install either operating system to local storage, so I cannot comment on sleep, battery life, fingerprint authentication, or other features that you’d only be able to truly test by fully installing Ubuntu, Fedora, or another GNU/Linux-based operating system. But running from a liveUSB is a good way to kick the tires and see if there are any obvious pain points before installing an operating system, and for the most part the two operating systems I tested look good to go. Booting from a flash drive is also pretty easy. Once you’ve prepared a bootable drive using Rufus, UNetbootin, or a similar tool, just plug it into the computer’s USB port, hit the Esc key during startup to bring up the UEFI/SETUP utility. Read more Also: Top 10 technical skills that will get you hired in 2020

Android Leftovers