Language Selection

English French German Italian Portuguese Spanish


Syndicate content is a comprehensive source of news and opinions from and about the Linux community. This is the main feed, listing all articles which are posted to the site front page.
Updated: 3 hours 39 min ago

[$] Reducing the use of non-glibc allocators in Fedora

Wednesday 1st of August 2018 08:37:59 PM

Memory allocation for applications is a bit of a balancing act between various factors including CPU performance, memory efficiency, and how the memory is actually being allocated and deallocated by the application. Different programs may have diverse needs, but it is often the kind of workload that the application is expected to handle that determines which memory allocator performs best. That argues for a diversity of memory allocators (and allocation strategies) but, on the other hand, that complicates things for Linux distributions. As a result, Fedora is discussing ways to rein in the spread of allocators used by its packages.

OpenWrt 18.06.0 final

Wednesday 1st of August 2018 05:12:00 PM
The OpenWrt community has announced the first release of the OpenWrt 18.06 stable version series. "It incorporates over 4000 commits since branching the previous LEDE 17.01 release and has been under development for well over a year. With this release, the re-merged OpenWrt project attempts to define a baseline for future development based on the technological modernization and refined release processes done by the former LEDE project."

[$] Adding None-aware operators to Python?

Wednesday 1st of August 2018 03:42:55 PM

A PEP that has been around for a while, without being either accepted or rejected, was reintroduced recently on the python-ideas mailing list. PEP 505 ("None-aware operators") would provide some syntactic sugar, in the form of new operators, to handle cases where variables might be the special None value. It is a feature that other languages support, but has generally raised concerns about being "un-Pythonic" over the years. At this point, though, the Python project still needs to figure out how it will be governed—and how PEPs can be accepted or rejected.

Security updates for Wednesday

Wednesday 1st of August 2018 02:52:24 PM
Security updates have been issued by Debian (ruby2.3), Fedora (java-1.8.0-openjdk, java-openjdk, poppler, python-cryptography, and zziplib), Oracle (openslp), Red Hat (Red Hat Virtualization), and SUSE (kernel).

GNU C Library 2.28 released

Wednesday 1st of August 2018 12:52:59 PM
Version 2.28 of the GNU C Library is out. Changes include support for Intel's "Control-flow Enforcement Technology", Unicode 11.0.0 support, a wrapper for statx(), ISO C threads support, several security fixes, and more.

[$] OSCON's 20th anniversary and more

Wednesday 1st of August 2018 12:45:14 PM

The O'Reilly Open Source Conference (OSCON) returned to Portland, Oregon this July for the 20th convocation of this venerable gathering. While some of the program focused on retrospectives, there were also talks and tutorials on multiple technical topics and open-source community management. To give you a feel for the whole conference, we will explore it in a two-part article. This installment will cover a retrospective of open source and some presentations on releasing projects as open source at your organization. A second article will include a few of the technical topics at the conference.

[$] The Grumpy Editor's Python 3 experience

Tuesday 31st of July 2018 07:40:10 PM
LWN has been running articles for years to the effect that the end of Python 2 is nigh and that code should be ported to Python 3 immediately. So, naturally, one might expect that our own site code, written in Python, had been forward-ported long ago. Strangely enough, that didn't actually happen. It has mostly happened now, though. In the process of doing this work, your editor has noticed a few things that don't necessarily appear in the numerous porting guides circulating on the net.

The 4.18 kernel release will be delayed a week

Tuesday 31st of July 2018 07:39:41 PM
For those waiting on the edges of their seats for the release of the 4.18 kernel: it looks like Linus will be pushing it back one week (to August 12) in response to some late-discovered problems. "I _prefer_ just the regular cadence of releases, but when I have a reason to delay, I'll delay."

Security updates for Tuesday

Tuesday 31st of July 2018 03:05:50 PM
Security updates have been issued by Debian (network-manager-vpnc), Fedora (wireshark), Oracle (java-1.7.0-openjdk and yum-utils), Red Hat (chromium-browser, java-1.7.0-openjdk, memcached, qemu-kvm-rhev, and yum-utils), Scientific Linux (java-1.7.0-openjdk and yum-utils), Slackware (file and seamonkey), SUSE (gdk-pixbuf, libcgroup, libcgroup1, libvirt, and sssd), and Ubuntu (mysql-5.5 and mysql-5.5, mysql-5.7).

[$] A quick history of early-boot memory allocators

Monday 30th of July 2018 07:52:52 PM
One might think that memory allocation during system startup should not be difficult: almost all of memory is free, there is no concurrency, and there are no background tasks that will compete for memory. Even so, boot-time memory management is a tricky task. Physical memory is not necessarily contiguous, its extents change from system to system, and the detection of those extents may be not trivial. With NUMA things are even more complex because, in order to satisfy allocation locality, the exact memory topology must be determined. To cope with this, sophisticated mechanisms for memory management are required even during the earliest stages of the boot process.

Read on for a history of the evolution of the kernel's early-boot memory allocator, contributed by Mike Rapoport.

Security updates for Monday

Monday 30th of July 2018 02:31:58 PM
Security updates have been issued by Arch Linux (libextractor and wesnoth), Debian (ffmpeg, fuse, libidn, mercurial, openssl, policykit-1, tomcat7, tomcat8, wireshark, and wordpress), Fedora (java-1.8.0-openjdk, java-openjdk, libpng10, php, sox, and suricata), Gentoo (curl and znc), openSUSE (bouncycastle, Chromium, cinnamon, e2fsprogs, ImageMagick, kernel, libgcrypt, mercurial, openssh, openssl-1_0_0, openssl-1_1, python, qutebrowser, rubygem-sprockets, shadow, and xen), Slackware (kernel), and SUSE (java-10-openjdk, kernel, libgcrypt, libvirt, mutt, and xen).

Kernel prepatch 4.18-rc7

Sunday 29th of July 2018 10:16:21 PM
The 4.18-rc7 kernel prepatch is out for testing. "So unless something odd happens, this should be the last rc for 4.18".

Stone: Introducing GitLab

Sunday 29th of July 2018 10:09:23 PM
Daniel Stone reflects on the completion of's move to a GitLab-based infrastructure. "We’ve spent the past couple of years paying down our technical debt, and the community equivalent thereof. Our infrastructure is much less error-prone than it was: we’ve gone from fighting fires to being able to prepare the new GitLab infrastructure and spend time shepherding projects through it. Now that we have a fair few projects on GitLab and they’ve been able to serve themselves, we’ve been able to take some time for community issues."

Kuhn: In Memoriam: Gervase Markham

Sunday 29th of July 2018 10:00:18 PM
Bradley Kuhn notes with sadness the passing of Gervase Markham. "Gerv's time with us was too short. In response, I suggest that we look at his life and work and learn from his example. Gerv set aside his illness for as long as possible to continue good work in FLOSS. If he can do that, we can all be inspired by him to set aside virtually any problem to work hard, together, for important outcomes that are bigger than us all."

A set of weekend stable kernel updates

Saturday 28th of July 2018 08:32:26 PM
There is a new set of stable kernel updates available: 4.17.11, 4.14.59, 4.9.116, 4.4.145, and 3.18.117. Each contains another collection of important fixes.

[$] Teaching the OOM killer about control groups

Friday 27th of July 2018 10:03:06 PM
The kernel's out-of-memory (OOM) killer is summoned when the system runs short of free memory and is unable to proceed without killing one or more processes. As might be expected, the policy decisions around which processes should be targeted have engendered controversy for as long as the OOM killer has existed. The 4.19 development cycle is likely to include a new OOM-killer implementation that targets control groups rather than individual processes, but it turns out that there is significant disagreement over how the OOM killer and control groups should interact.

What Are Machine Learning Models Hiding? (Freedom to Tinker)

Friday 27th of July 2018 08:21:58 PM
Over on the Freedom to Tinker blog, Vitaly Shmatikov reports on some research he and others have been doing on machine-learning models—and what can be hidden inside them. "Federated learning, where models are crowd-sourced from hundreds or even millions of users, is an even juicier target. In a recent paper [PDF], we show that a single malicious participant in federated learning can completely replace the joint model with another one that has the same accuracy but also incorporates backdoor functionality. For example, it can intentionally misclassify images with certain features or suggest adversary-chosen words to complete certain sentences. When training ML [machine learning] models, it is not enough to ask if the model has learned its task well. Creators of ML models must ask what else their models have learned. Are they memorizing and leaking their training data? Are they discovering privacy-violating features that have nothing to do with their learning tasks? Are they hiding backdoor functionality? We need least-privilege ML models that learn only what they need for their task – and nothing more."

Remote Spectre exploits demonstrated

Friday 27th of July 2018 02:40:35 PM
This paper from four Graz University of Technology researchers [PDF] describes a mechanism they have developed to exploit the Spectre V1 vulnerability over the net, with no local code execution required. "We show that memory access latency, in general, can be reflected in the latency of network requests. Hence, we demonstrate that it is possible for an attacker to distinguish cache hits and misses on specific cache lines remotely, by measuring and averaging over a larger number of measurements. Based on this, we implemented the first access-driven remote cache attack, a remote variant of Evict+ Reload called Thrash+Reload. Our remote Thrash+Reload attack is a significant leap forward from previous remote cache timing attacks on cryptographic algorithms. We facilitate this technique to retrofit existing Spectre attacks to our network-based scenario. This NetSpectre variant is able to leak 15 bits per hour from a vulnerable target system." Other attacks described in the paper are able to achieve higher rates.

Security updates for Friday

Friday 27th of July 2018 02:05:35 PM
Security updates have been issued by CentOS (java-1.8.0-openjdk and thunderbird), Debian (busybox, chromium-browser, intel-microcode, mailman, and vim-syntastic), Fedora (NetworkManager-vpnc), SUSE (exempi, java-1_8_0-ibm, libofx, libsndfile, microcode_ctl, ntfs-3g, ovmf, rpm, util-linux, webkit2gtk3, and xen), and Ubuntu (clamav and evolution-data-server).

Financial woes for Slackware's Patrick Volkerding

Thursday 26th of July 2018 08:31:36 PM
Patrick Volkerding, who is the founder and benevolent dictator for life of the Slackware Linux distribution, posted a note at detailing some financial problems. It appears they mostly stem from a deal that he made with the Slackware Store that has gone badly awry. "Still not sure how to move forward, but I have some hope that the community might think that my work is and has been worth supporting. If at all possible I'd like to get away from replicating physical media which seems to be a lost cause. T-shirts? Well, maybe, but I don't see that providing a reasonable income either. I'm wondering how Patreon would do. It would at least be better than nothing, which is where I am now. Through all of this I have continued to work hard towards getting Slackware 15.0 released because I believe it will be by far the best release we've ever had, and because I'm dedicated to my work and the community that uses it. I've never really been in this for the money. " Note that there is at least one person out there soliciting Bitcoin who is not affiliated with Volkerding, in what looks like a scam of some sort; it is particularly sad because that is similar to what he alleges has happened with Slackware Store as well. No word, yet, on how to go about helping out. [Thanks to Ken Dawson for a heads-up about this.]

[Update: Volkerding has posted his PayPal link for donations.]

More in Tux Machines

A Look At The Windows vs. Linux Scaling Performance Up To 64 Threads With The AMD 2990WX

This past week we looked at the Windows 10 vs. Linux performance for AMD's just-launched Ryzen Threadripper 2990WX and given the interest from that then ran some Windows Server benchmarks to see if the performance of this 64-thread CPU would be more competitive to Linux. From those Windows vs. Linux tests there has been much speculation that the performance disparity is due to Windows scheduler being less optimized for high core/thread count processors and its NUMA awareness being less vetted than the Linux kernel. For getting a better idea, here are benchmarks of Windows Server 2019 preview versus Ubuntu Linux when testing varying thread/core counts for the AMD Threadripper 2990WX. Toggled via the BIOS was SMT as well as various CCX configurations and each step of the way comparing the Windows Server 2019 Build 17733 performance to that of Ubuntu 18.04 LTS with the Linux 4.18 kernel in various multi-threaded benchmarks supported under both operating systems. Read more

Kernel: RISC-V and Virtual Machine

  • RISC-V's Linux Kernel Support Is Getting Into Good Shape, Userspace Starting To Work
    The RISC-V open-source processor ISA support within the mainline kernel is getting into good shape, just a few releases after this new architecture port was originally added to the Linux Git tree. The RISC-V code for Linux 4.19 includes the ISA-mandated timers and first-level interrupt controllers, which are needed to actually get user-space up and running. Besides the RISC-V first-level interrupt controller, Linux 4.19 also adds support for SiFive's platform-level interrupt controller that interfaces with the actual devices.
  • A Hearty Batch Of KVM Updates Land In Linux 4.19
    There is a lot of new feature work for the Kernel-based Virtual Machine (KVM) within the Linux 4.19 kernel.

Kate/KTextEditor Picks Up Many Improvements To Enhance KDE Text Editing

Even with KDE's annual Akademy conference happening this past week in Vienna, KDE development has been going strong especially on the usability front. The Kate text editor and the KTextEditor component within KDE Frameworks 5 have been the largest benefactors of recent improvements. This KDE text editing code now has support for disabling syntax highlighting entirely if preferred. When using syntax highlighting, there have been many KTextEditor enhancements to improve the experience as well as improvements to the highlighting for a variety of languages from JavaScript to YAML to AppArmor files. Read more

KStars v2.9.8 released

KStars 2.9.8 is released for Windows, MacOS, and Linux. It is a hotfix release that contains bug fixes and stability improvements over the last release. Read more Also: KDE Itinerary - How did we get here?