Language Selection

English French German Italian Portuguese Spanish

Latest of LWN (Paywall Expired)

Filed under
Development
GNU
Linux
  • Python 3, ASCII, and UTF-8

    The dreaded UnicodeDecodeError exception is one of the signature "features" of Python 3. It is raised when the language encounters a byte sequence that it cannot decode into a string; strictly treating strings differently from arrays of byte values was something that came with Python 3. Two Python Enhancement Proposals (PEPs) bound for Python 3.7 look toward reducing those errors (and the related UnicodeEncodeError) for environments where they are prevalent—and often unexpected.

    Two related problems are being addressed by PEP 538 ("Coercing the legacy C locale to a UTF-8 based locale") and PEP 540 ("Add a new UTF-8 Mode"). The problems stem from the fact that locales are often incorrectly specified and that the default locale (the "POSIX" or "C" locale) specifies an ASCII encoding, which is often not what users actually want. Over time, more and more programs and developers are using UTF-8 and are expecting things to "just work".

  • Shrinking the kernel with link-time garbage collection

    One of the keys to fitting the Linux kernel into a small system is to remove any code that is not needed. The kernel's configuration system allows that to be done on a large scale, but it still results in the building of a kernel containing many smaller chunks of unused code and data. With a bit of work, though, the compiler and linker can be made to work together to garbage-collect much of that unused code and recover the wasted space for more important uses.
    This is the first article of a series discussing various methods of reducing the si

  • The current state of kernel page-table isolation

    At the end of October, the KAISER patch set was unveiled; this work separates the page tables used by the kernel from those belonging to user space in an attempt to address x86 processor bugs that can disclose the layout of the kernel to an attacker. Those patches have seen significant work in the weeks since their debut, but they appear to be approaching a final state. It seems like an appropriate time for another look.
    This work has since been renamed to "kernel page-table isolation" or KPTI, but the objective remains the same: split the page tables, which are currently shared between user and kernel space, into two sets of tables, one for each side. This is a fundamental change to how the kernel's memory management works and is the sort of thing that one would ordinarily expect to see debated for years, especially given its associated performance impact. KPTI remains on the fast track, though. A set of preparatory patches was merged into the mainline after the 4.15-rc4 release — when only important fixes would ordinarily be allowed — and the rest seems destined for the 4.16 merge window. Many of the core kernel developers have clearly put a lot of time into this work, and Linus Torvalds is expecting it to be backported to the long-term stable kernels.

    KPTI, in other words, has all the markings of a security patch being readied under pressure from a deadline. Just in case there are any smug ARM-based readers out there, it's worth noting that there is an equivalent patch set for arm64 in the works.

  • Containers without Docker at Red Hat

    The Docker (now Moby) project has done a lot to popularize containers in recent years. Along the way, though, it has generated concerns about its concentration of functionality into a single, monolithic system under the control of a single daemon running with root privileges: dockerd. Those concerns were reflected in a talk by Dan Walsh, head of the container team at Red Hat, at KubeCon + CloudNativeCon. Walsh spoke about the work the container team is doing to replace Docker with a set of smaller, interoperable components. His rallying cry is "no big fat daemons" as he finds them to be contrary to the venerated Unix philosophy.

  • Demystifying container runtimes

    As we briefly mentioned in our overview article about KubeCon + CloudNativeCon, there are multiple container "runtimes", which are programs that can create and execute containers that are typically fetched from online images. That space is slowly reaching maturity both in terms of standards and implementation: Docker's containerd 1.0 was released during KubeCon, CRI-O 1.0 was released a few months ago, and rkt is also still in the game. With all of those runtimes, it may be a confusing time for those looking at deploying their own container-based system or Kubernetes cluster from scratch. This article will try to explain what container runtimes are, what they do, how they compare with each other, and how to choose the right one. It also provides a primer on container specifications and standards.

  • HarfBuzz brings professional typography to the desktop

    By their nature, low-level libraries go mostly unnoticed by users and even some programmers. Usually, they are only noticed when something goes wrong. However, HarfBuzz deserves to be an exception. Not only does the adoption of HarfBuzz mean that free software's ability to convert Unicode characters to a font's specific glyphs is as advanced as any proprietary equivalent, but its increasing use means that professional typography can now be done from the Linux desktop as easily as at a print shop.

    "HarfBuzz" is a transliteration of the Persian for "open type." Partly, the name reflects that it is designed for use with OpenType, the dominant format for font files. Equally, though, it reflects the fact that the library's beginnings lie in the wish of Behdad Esfahbod, HarfBuzz's lead developer, to render Persian texts correctly on a computer.

    "I grew up in a print shop," Esfahbod explained during a telephone interview. "My father was a printer, and his father was a printer. When I was nine, they got a PC, so my brother and I started learning programming on it." In university, Esfahbod tried to add support for Unicode, the industry standard for encoding text, to Microsoft Explorer 5. "We wanted to support Persian on the web," he said. "But the rendering was so bad, and we couldn't fix that, so we started hacking on Mozilla, which back then was Netscape."

    Esfahbod's early interest in rendering Persian was the start of a fifteen-year effort to bring professional typography to every Unicode-supported script (writing system). It was an effort that led through working on the GNOME desktop for Red Hat to working on Firefox development at Mozilla and Chrome development at Google, with Esfahbod always moving on amiably to wherever he could devote the most time to perfecting HarfBuzz. The first general release was reached in 2015, and Esfahbod continues to work on related font technologies to this day.

More in Tux Machines

Red Hat: Interview, Releases, Events, Compliance and Finance

Linux Foundation Expansion and Linux Development

  • Deutsche Telekom signs up as platinum member of Linux Foundation Networking
    Deutsche Telekom has doubled down on its commitment to using open source by signing up as a platinum member of Linux Foundation Networking. Earlier this year, the Linux Foundation put some of its open source communities, including the Open Network Automation Platform (ONAP), under the Linux Foundation Networking (LFN) brand in order to foster cross-project collaboration. Mainly thanks to ONAP, the LNF projects currently enable close to 70% of all the world's global mobile subscribers.
  • Deutsche Telekom Joins The Linux Foundation, Deepens Investment in Open Source Networking
  • Samsung Galaxy S Support With The Linux 4.19 Kernel
    Just in case you have your hands still on the Samsung Galaxy S or Galaxy S 4G that were released back in 2010 as once high-end Android smartphones, they have DeviceTree support with the upcoming Linux 4.19 kernel cycle. The DeviceTree additions are currently staged ahead of the Linux 4.19 kernel for these S5Pv210 Aries based smartphones. With this code in place for Linux 4.19, the Galaxy S should at least see working mainline support for storage, PMIC, RTC, fuel gauge, keys, USB, and WiFi working in order.
  • Using the Best CPU Available on Asymmetric Systems
    This is the type of situation with a patch where it might look like a lack of opposition could let it sail into the kernel tree, but really, it just hasn't been thoroughly examined by Linux bigwigs yet. Once the various contributors have gotten the patch as good as they can get it without deeper feedback, they'll probably send it up the ladder for inclusion in the main source tree. At that point, the security folks will jump all over it, looking for ways that a malicious user might force processes all onto only one particular CPU (essentially mounting a denial-of-service attack) or some such thing. Even if the patch survives that scrutiny, one of the other big-time kernel people, or even Linus Torvalds, could reject the patch on the grounds that it should represent a solution for large-scale systems as well as small. Either way, something like Dietmar and Quentin's patch will be desirable in the kernel, because it's always good to take advantages of the full range of abilities of a system. And nowadays, a lot of devices are coming out with asymmetric CPUs and other quirks that never were part of earlier general-purpose systems. So, there's definitely a lot to be gained in seeing this sort of patch go into the tree.

Games: Risin' Goat, CorsixTH, Hegemone Pass, Unreal Engine

Software: Remote Access, EncryptPad, Aria2 WebUI, Qbs

  • Best Linux remote desktop clients of 2018
    This article has been fully updated, and was provided to TechRadar by Linux Format, the number one magazine to boost your knowledge on Linux, open source developments, distro releases and much more. It appeared in issue 220, published February 2017. Subscribe to the print or digital version of Linux Format here. SSH has been the staple remote access tool for system administrators from day one. Admins use SSH to mount remote directories, backup remote servers, spring-clean remote databases, and even forward X11 connections. The popularity of single-board computers, such as the Raspberry Pi, has introduced SSH into the parlance of everyday desktop users as well. While SSH is useful for securely accessing one-off applications, it’s usually overkill, especially if you aren’t concerned about the network’s security. There are times when you need to remotely access the complete desktop session rather than just a single application. You may want to guide the person on the other end through installing software or want to tweak settings on a Windows machine from the comfort of your Linux desktop yourself.
  • EncryptPad: Encrypted Text Editor For Your Secrets
    EncryptPad is a simple, free and open source text editor that encrypts saved text files and allows protecting them with passwords, key files, or both. It's available on Windows, macOS, and Linux. The application comes with a GUI as well as a command line interface, and it also offers a tool for encrypting and decrypting binary files.
  • Aria2 WebUI: Clean Web Frontend for aria2
    Aria2 WebUI is an open source web frontend for aria2. The software bills itself as the finest interface to interact with aria2. That’s a lofty goal considering the competition from the likes of uGet Download Manager (which offers an aria2 plugin). Aria2 WebUI started as part of the GSOC program 2012. But a lot has changed since the software’s creation under that initiative. While the pace of development has lessened considerably in recent years, the software has not been abandoned.
  • qbs 1.12 released
    We are happy to announce version 1.12.0 of the Qbs build tool. [...] All command descriptions now list the product name to which the generated artifact belongs. This is particularly helpful for larger projects where several products contain files of the same name, or even use the same source file. The vcs module no longer requires a repository to create the header file. If the project is not in a repository, then the VCS_REPO_STATE macro will evaluate to a placeholder string. It is now possible to generate Makefiles from Qbs projects. While it is unlikely that complex Qbs projects are completely representable in the Makefile format, this feature might still be helpful for debugging purposes.