Language Selection

English French German Italian Portuguese Spanish

New LWN Kernel (Linux) Articles, Paywall Just Removed

Filed under
Linux
  • Some unreliable predictions for 2019

    Kernel development will become more formal. One of the things that has traditionally attracted a certain type of developer to kernel work is the fact that many of the normal rules don't apply. Kernel development often requires working with high levels of complexity, combined with the ups and downs of dealing with real-world hardware; in that setting, pulling together any sort of solution can be an accomplishment. The result is a sort of cowboy culture that emphasizes working solutions over formal designs.

    The increasing level of complexity in the kernel and in the hardware it drives has made that approach less tenable over the years. The kernel community has responded in a number of ways, including better documentation and better testing. One real harbinger of the future, though, may be the work that has been quietly happening to develop a formal memory-ordering model that makes it possible to reason about concurrency and ensure that kernel code is correct. If the kernel is going to continue to scale, this kind of approach will have to spread to other areas. There will be grumbling, since adding formality may slow the pace of development. But, with luck, it should also slow the issuance of urgent bug fixes and security updates.

    More kernel APIs will be created for BPF programs rather than exported as traditional system calls; we are heading toward a world where a significant amount of kernel functionality is only available via BPF. The result will be a significant increase in flexibility and efficiency, but some growing pains should also be expected. The BPF API sees even less review than other kernel interfaces, and the community's record with the latter is decidedly less than perfect. This may be the year when we realize that we haven't yet figured out how to provide such low-level access to the kernel in ways that can be supported indefinitely.

    Somebody will attempt to test the kernel community's code of conduct and its enforcement processes in the coming year. The community will handle that test without trouble, though, just as it has been handling the constant stream of trolling emails attempting to stir up strife. At the end of the year, the code of conduct will look pretty much the way it does now: a set of expectations that helps to improve behavior in the community, but not a big deal in general.

  • Some 4.20 development statistics

    This year's holiday gifts will include the 4.20 kernel; that can only mean that it is time for another look at where the code going into this release has come from. This development cycle was typically busy and brought a lot of new code into the kernel. There are some new faces showing up in the statistics this time around, but not a lot of surprises otherwise.
    As of this writing, 13,856 non-merge changesets have found their way into the mainline repository for the 4.20 release; they were contributed by 1,743 developers. That makes 4.20 the busiest cycle since 4.15, but only by a little bit; both numbers are essentially in line with recent release history. Of those 1,743 developers, 283 were first-time contributors this time around.

  • What's coming in the next kernel release (part 1)

    When the 4.20 kernel was released on December 23, Linus Torvalds indicated that he would try to keep to the normal merge window schedule despite the presence of the holidays in the middle of it. Thus far, he seems to be trying to live up to that; just over 8,700 changesets have been merged for the next release, which seems likely to be called 5.0. A number of long-awaited features are finally landing in the kernel with this release.

  • Live patching for CPU vulnerabilities

    The kernel's live-patching (KLP) mechanism can apply a wide variety of fixes to a running kernel but, at a first glance, the sort of highly intrusive changes needed to address vulnerabilities like Meltdown or L1TF would not seem like likely candidates for live patches. The most notable obstacles are the required modifications of global semantics on a running system, as well as the need for live patching the kernel's entry code. However, we at the SUSE live patching team started working on proof-of-concept live patches for these vulnerabilities as a fun project and have been able to overcome these hurdles. The techniques we developed are generic and might become handy again when fixing future vulnerabilities.
    For completeness, it should be noted that these two demo live patches have been implemented for kGraft, but kGraft is conceptually equivalent to KLP.

    At the heart of the Meltdown vulnerability is the CPU speculating past the access rights encoded in the page table entries (PTEs) and thereby enabling malicious user-space programs to extract data from any kernel mapping. The kernel page-table isolation (KPTI) mechanism blocks such attacks by switching to stripped-down "shadow" page tables whenever the kernel returns to user space. These mirror the mappings from the lower, user-space half of the address space, but lack almost anything from the kernel region except for the bare minimum needed to reenter the kernel and switch back to the fully populated page tables. The difficulty, from a live-patching perspective, is to keep the retroactively introduced shadow page tables consistent with their fully populated counterparts at all times. Furthermore, the entry code has to be made to switch back and forth between the full and shadow page table at kernel entries and exits, but that is outside of the scope of what is live patchable with KLP.

    For the L1TF vulnerability, recall that each PTE has a _PAGE_PRESENT bit that, when clear, causes page faults upon accesses to the corresponding virtual memory region. The PTE bits designated for storing a page's frame number are architecturally ignored in this case. The Linux kernel swapping implementation exploits this by marking the PTEs corresponding to swapped-out pages as non-present and reusing the physical address part to store the page's swap slot number. Unfortunately, CPUs vulnerable to L1TF do not always ignore the contents of these "swap PTEs", but can instead speculatively misinterpret the swap slot identifiers as physical addresses. These swap slot identifiers, being index-like in nature, tend to alias with valid physical page-frame numbers, so this speculation allows for extraction of the corresponding memory contents. The Linux kernel mitigation is to avoid this aliasing by bit-wise inverting certain parts of the swap PTEs. Unfortunately, this change of representation is again something which is not safely applicable to a running system with KLP's consistency guarantees alone.

  • Improving idle behavior in tickless systems

    Most processors spend a great deal of their time doing nothing, waiting for devices and timer interrupts. In these cases, they can switch to idle modes that shut down parts of their internal circuitry, especially stopping certain clocks. This lowers power consumption significantly and avoids draining device batteries. There are usually a number of idle modes available; the deeper the mode is, the less power the processor needs. The tradeoff is that the cost of switching to and from deeper modes is higher; it takes more time and the content of some caches is also lost. In the Linux kernel, the cpuidle subsystem has the task of predicting which choice will be the most appropriate. Recently, Rafael Wysocki proposed a new governor for systems with tickless operation enabled that is expected to be more accurate than the existing menu governor.

More in Tux Machines

End of LibrePlanet 2019

  • Questioning and Finding Purpose
    This is copied over from my spiritual blog. I'm nervous doing that, especially at a point when I'm more vulnerable than usual in the Debian community. Still, this is who I am, and I want to be proud of that rather than hide it. And Debian and the free software community are about far more than just the programs we write. So hear goes: The Libreplanet opening keynote had me in tears. It was a talk by Dr. Tarek Loubani. He described his work as an emergency physician in Gaza and how 3d printers and open hardware are helping save lives. They didn't have enough stethoscopes; that was one of the critical needs. So, they imported a 3d printer, used that to print another 3d printer, and then began iterative designs of 3d-printable stethoscopes. By the time they were done, they had a device that performed as well or better than than a commercially available model. What was amazing is that the residents of Gaza could print their own; this didn't introduce dependencies on some external organization. Instead, open/free hardware was used to help give people a sense of dignity, control of some part of their lives, and the ability to better save those who depended on them. Even more basic supplies were unavailable. The lack of tourniquets caused the death of some significant fraction of casualties in the 2014 war. The same solution—3d-printed tourniquets had an even more dramatic result. Dr. Loubani talked about how he felt powerless to change the world around him. He talked about how he felt like an insignificant ant.
  • LibrePlanet Day 2: Welcoming everyone to the world of free software
    One of the most important questions that free software is facing in the year 2019 is: how do we make the world of free software accessible to broader audiences? Vast numbers of people are using software every day -- how do we relate our message to something that is important to them, and then welcome them into our community? In order to achieve our mission, we need to invite people and get them to use, create, and proliferate ethical software, until it replaces until all technology is free. Many of the best talks at LibrePlanet 2019 echoed a message for the free software community to focus on building a culture that's respectful and encouraging for new people, respecting a wide variety of personalities and values. The first way to get people invested in the culture of free software is to make it fun, and that was the focus of the morning keynote, "Freedom is fun!", delivered by free software veteran Bdale Garbee. A prominent name in the free software world for decades, Bdale talked about how he has a habit of turning all of his hobbies into free software projects, starting with model rockets.

Python Programming: PyPy 7.1 and More

  • PyPy v7.1 released; now uses utf-8 internally for unicode strings
    The interpreters are based on much the same codebase, thus the double release. This release, coming fast on the heels of 7.0 in February, finally merges the internal refactoring of unicode representation as UTF-8. Removing the conversions from strings to unicode internally lead to a nice speed bump. We merged the utf-8 changes to the py3.5 branch (Python3.5.3) but will concentrate on 3.6 going forward. We also improved the ability to use the buffer protocol with ctype structures and arrays.
  • PyPy 7.1 As The Well Known Alternative Python Implementation
    Last month brought the release of PyPy 7.0 as the JIT-ed performance-optimized Python implementation. PyPy 7.0 brought alpha Python 3.6 support, an updated CFFI module, and other enhancements. Out now is PyPy 7.1 as its successor.
  • Python’s “else” clause for loops
  • EuroPython 2019: Presenting our conference logo for Basel
    The logo is inspired by graphical elements from the Basel Jean Tinguely Museum and Basel Rhine Swimming. It was again created by our designer Jessica Peña Moro from Simétriko, who had already helped us in previous years with the conference design.

15 Useful And Best Media Server Software For Linux

There is no doubt that Linux is multi-purpose operating systems. It has gone far from being the operating systems for system administrators or for the programmers. You can use it for many purpose. In this post, We will talk about some of the best Media server software for Linux so that you can turn your Linux to media server instantly. Read more

Video/Audio: Manjaro 18.0.4 KDE, Linux Action News, Linux Gaming News Punch and GNU World Order

  • Manjaro 18.0.4 KDE Through
    In this video, we look at Manjaro 18.0.4. Enjoy!
  • Linux Action News 98
    Is Linux gaming really being saved by Google's Stadia platform? We discuss the details and possibilities. Plus good news for KDE Connect users, Intel begins work on next-generation open source video drivers, and much more.
  • Linux Gaming News Punch - Episode 5
    The Linux Gaming News Punch - Episode 5 is here once again! Another week, another ton of news and so here's your bite-sized take at a few interesting topics for those struggling to keep up. As usual, it has a video to give your eyes as well as your ears a feast or just the plain audio to listen to on the go.
  • gnuWorldOrder_13x13