Language Selection

English French German Italian Portuguese Spanish

Kernel Changes Draw Concern

Filed under
Linux

Members of the open-source community are expressing concern over rapid feature changes in the Linux 2.6 kernel, which they say are too focused on the desktop and could make the kernel too large.

Sam Greenblatt, a senior vice president at Computer Associates International Inc., in Islandia, N.Y., said that while the kernel is evolving for the desktop, server and embedded markets, more and more technology is being included, and the kernel is "getting fatter. We are not interested in the game drivers and music drivers that are being added to the kernel. We are interested in a more stable kernel."

Morton, who works for Open Source Development Labs Inc., in Beaverton, Ore., said there is no formal road map for an enterprise Linux feature set since the development of those technologies rests largely with vendors such as Red Hat Inc., IBM, Novell Inc. and CA.

"We are pumping feature changes into the kernel at an enormous rate," said Andrew Morton, the current maintainer of the Linux 2.6 kernel.

Still, Morton took issue with Greenblatt's contention, saying that most new features are optional and that their use is at the discretion of organizations compiling their builds of the kernel.

Morton said new features should continue to be added to the stable 2.6 tree rather than forming a new 2.7 development tree.

Critics of the development process point to growing competition among vendors to get code for new features accepted. But Morton maintains that the competition is healthy because it helps top-level kernel developers understand what subfeatures are required and what other users need.

On the enterprise front, Morton said he expects to merge code from Cambridge University's Computer Laboratories' Xen virtualization technology into the Linux kernel within the next few months. Xen "does the right thing technically," unlike other technologies, which are mainly workarounds for the fact that the operating system is not appropriately licensed, Morton said.

But CA's Greenblatt disagreed, saying that other virtualization technologies, such as one from VMware Inc., in Palo Alto, Calif., currently fill the virtualization role.

"We would be happy to see a true hypervisor [an application that allows multiple operating systems to run concurrently on the same physical server]. We think [Xen] is great innovation, but its concept of virtualization is still not to the point that we want to see in there," Greenblatt said.

Ian Pratt, a Xen project leader at Cambridge University, in England, said that Xen is indeed a true hypervisor.

"It runs on the bare metal and provides protected virtual environments for guest operating systems running on top of it," Pratt said. "Because of the paravirtualized approach, where we make some modifications to the guest operating systems, we've been able to allow the hypervisor and Linux to work in a more cooperative fashion."

On the issue of adding more clustering technology to the kernel, Morton said he hopes that clustering teams are working on factoring out common components for a merge into the mainline kernel.

InfiniBand, a channel-based, switch-fabric architecture from Topspin Communications Inc., in Mountain View, Calif., which was acquired last week by Cisco Systems Inc. , has already been moved into the kernel, Morton said, adding that the other InfiniBand stakeholders "seemed fine" with that decision.

Pratt said the Xen team is working with InfiniBand vendors to ensure that InfiniBand channels can be extended into guest operating systems running over Xen in an efficient yet fully protected manner.

Source.

More in Tux Machines

Security Leftovers

  • Security updates for Tuesday
  • Initial Retpoline Support Added To LLVM For Spectre v2 Mitigation
    The LLVM code has been merged to mainline for the Retpoline x86 mitigation technique for Spectre Variant 2. This will be back-ported to LLVM 6.0 and also LLVM 5.0 with an immediate point release expected to get this patched compiler out in the wild. The compiler-side work -- similar to GCC's Retpoline code -- is to avoid generating code where an indirect branch could have its prediction poisoned by a rogue actor. The Retpoline support uses indirect calls in a non-speculatable way.
  • Teen Hacker Who Social Engineered His Way Into Top-Level US Government Officials' Accounts Pleads Guilty To Ten Charges
    The teenage hacker who tore CIA director John Brennan a new AOL-hole is awaiting sentencing in the UK. Kane Gamble, the apparent founder of hacker collective Crackas With Attitude, was able to access classified documents Brennan has forwarded to his personal email account by posing as a Verizon tech. Social engineering is still the best hacking tool. It's something anyone anywhere can do. If you do it well, a whole host of supposedly-secured information can be had, thanks to multiple entities relying on the same personal identifiers to "verify" the social engineer they're talking to is the person who owns accounts they're granting access to. Despite claiming he was motivated by American injustices perpetrated around the world (Palestine is namechecked in the teen's multiple mini-manifestos), a lot of what Gamble participated in was plain, old fashioned harassment.
  • The Guardian view on cyberwar: an urgent problem [Ed: Lists several attacks by Microsoft Windows (but names neither)]
    The first known, and perhaps the most successful of these, was the joint US/Israeli Stuxnet attack on the Iranian nuclear programme in 2009. Since then there has been increasing evidence of attacks of this sort by Russia – against Estonia in 2009, and then against Ukraine, where tens of thousands of attacks on everything from power supplies to voting machines have opened an under-reported front in an under-reported war. Across the Baltic, the Swedish government has just announced a beefed-up programme of civil defence, of which the most substantial part will be an attempt to protect its software and networks from attacks. Meanwhile, North Korean state hackers are blamed by western intelligence services for the WannaCry ransomware attacks which last year shut down several NHS hospitals in the UK. Persistent reports suggest the US has interfered in this way with North Korea’s nuclear missile programme.
  • Reproducible Builds: Weekly report #143
  • Don’t Install Meltdown And Spectre Patches, Intel Warns It Would Increase System Reebots
  • On that Spectre mitigations discussion
    By now, almost everybody has probably seen the press coverage of Linus Torvalds's remarks about one of the patches addressing Spectre variant 2. Less noted, but much more informative, is David Woodhouse's response on why those patches are the way they are.

Tails 3.5 Anonymous OS Released to Mitigate Spectre Vulnerability for AMD CPUs

Tails, the open-source Linux-based operating system designed to protect user's privacy while surfing the Internet, also known as Anonymous OS, was updated today to version 3.5. Coming only two weeks after the Tails 3.4 release, which included patches for the Meltdown and Spectre security vulnerabilities publicly disclosed earlier this month, today's Tails 3.5 update is here to bump the Linux kernel to version 4.14.13 and include the microcode firmware for AMD CPUs to mitigate the Spectre flaw. Read more

Graphics: Freedreno, Gallium3D, AMDGPU, RadeonSI, Mesa

  • Code Aurora Working On Adreno 6xx Support For Freedreno
    The Qualcomm-aligned Code Aurora is working on supporting the latest-generation Adreno A6xx graphics hardware with the open-source Freedreno+MSM driver stack.
  • Work Revised On Adding SPIR-V Support To Clover Gallium3D
    Last May we reported on a Nouveau developer adding SPIR-V support to Gallium3D's OpenCL state tracker. Finally the better part of one year later, Pierre Moreau is ready with the second version of these patches to accept this IR associated with Vulkan / OpenCL 2.1+ within Clover.
  • Trying Out DRM-Next For Linux 4.16 With AMDGPU On Polaris & Vega
    I have spent some time this weekend trying out the DRM-Next code slated for inclusion in Linux 4.16 when its merge window opens next week. The DRM-Next state of the AMDGPU driver appears to be in good shape, at least for the RX 580 and RX Vega cards used for my initial testing.
  • RadeonSI NIR Back-End Picks Up Support For More OpenGL Extensions
    It was just a few days ago that Valve Linux developer Timothy Arceri enabled GLSL 4.50 support for RadeonSI's NIR back-end after previously taking care of tessellation shaders and other requirements. Now he has taken to implementing some other extensions in RadeonSI's NIR code-path.
  • mesa 18.0-0-rc1
    The first release candidate for Mesa 18.0.0 is now available. The plan is to have one release candidate every Friday, until the anticipated final release on 9th February 2018. The expectation is that the 17.3 branch will remain alive with bi-weekly releases until the 18.0.1 release. NOTE: Building the SWR with LLVM 3.9 is currently not possible. Please use newer LLVM version until the issue is resolved. Here are the people which helped shape the current release.
  • Mesa 18.0 Now Under Feature Freeze With 18.0-RC1 Premiere
    Feature development on Mesa 18.0 has now ended with the release today of 18.0-RC1 following the code-base being branched. Emil Velikov of Collabora just announced the availability of Mesa 18.0-RC1. As usual, he's planning on weekly release candidates until the 18.0.0 stable release is ready to ship. Velikov tentatively expects to ship Mesa 18.0.0 around 9 February, but as we know from past releases, it might end up slipping by some days.

Using Dual 4K Monitors Stacked With GNOME

The setup for my main production system that is still on Fedora Workstation 26 with GNOME Shell 3.24.3 has been working out fine. The two displays are the ASUS MG28UQ monitors that work out well on their own and do work with AMDGPU FreeSync on Linux. A GeForce GTX 1050 Ti is enough to power the dual 3840 x 2160 displays for desktop tasks mostly limited to many terminals, Firefox, Chrome, Thunderbird, and other GNOME desktop applications. Certainly that lower-end Pascal GPU isn't fast enough for 4K gaming, but it's not like I have the time for any gaming and for a purely desktop system it's working out fine paired with the 387.34 proprietary driver on Fedora 26 paired with Linux 4.14. Read more