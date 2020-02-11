Language Selection

Kernel: Linux Plumbers Conference Talk, 5.6 Development Cycle and Cavium OCTEON Driver Support For Linux

Linux
  • Accelerating netfilter with hardware offload, part 2

    As network interfaces get faster, the amount of CPU time available to process each packet becomes correspondingly smaller. The good news is that many tasks, including packet filtering, can be offloaded to the hardware itself. The bad news is that the Linux kernel required quite a bit of work to be able to take advantage of that capability. The first article in this series provided an overview of how hardware-based packet filtering can work and the support for this feature that already existed in the kernel. This series now concludes with a detailed look at how offloaded packet filtering works in the netfilter subsystem and how administrators can make use of it.

    The offload capability was added by a patch set from Pablo Neira Ayuso, merged in the kernel 5.3 release and updated thereafter. The goal of the patch set was to add support for offloading a subset of the netfilter rules in a typical configuration, thus bypassing the kernel's generic packet-handling code for packets filtered by the offloaded rules. It is not currently possible to offload all of the rules, as that would require additional support from the underlying hardware and in the netfilter code. The use case and some of the internals are mentioned in Neira's slides [PDF] from the 2019 Linux Plumbers Conference.

  • The 5.6 merge window opens

    As of this writing, 4,726 non-merge changesets have been pulled into the mainline repository for the 5.6 development cycle. That is a relatively slow start by contemporary kernel standards, but it still is enough to bring a number of new features, some of which have been pending for years, into the mainline. Read on for a summary of the changes pulled in the early part of the 5.6 merge window.

  • Cavium OCTEON Driver Support For Linux Is Coming Back From The Dead

    It looks like the Cavium/Marvell OCTEON MIPS-based processor support is being restored for Linux systems after some of its drivers were briefly removed.

    For the current Linux 5.6 cycle, some OCTEON drivers were dropped. Those drivers had been living in the kernel's staging area but fell into disrepair and with no one at the time taking over the maintenance burden, they were removed for Linux 5.6 as part of cleaning up the staging area.

Graphics: Mesa, Nouveau, RADV and Intel Blackhole Render

  • Mesa Developers Discuss LTO'ing + PGO'ing Builds For Greater Performance

    Making use of Link-Time Optimizations (LTO) and Profile Guided Optimizations (PGO) is currently being talked about by Mesa developers for their release builds in potentially squeezing out better performance. Dieter Nützel shared that when using LTO and PGO compiler optimizations on Mesa, he's able to get RadeonSI's binary size 40% smaller and 16~20% faster for this OpenGL driver. Link-time optimizations are about as the name implies running optimization passes during the linker phase when able to analyze the to-be-produced binary in full rather than the individual object files in order to allow for more inter-procedural optimizations on the whole program.

  • Open-Source Nouveau Extended To Support The GeForce 16 Series With Hardware Acceleration

    With the big Linux 5.6 kernel on the open-source NVIDIA "Nouveau" driver side there is finally accelerated support for the GeForce RTX 2000 "Turing" graphics cards (when paired with binary-only microcode). With that initial cut support is no GeForce 16 series Turing support, but that is now on-deck for Linux 5.7. While the GeForce 16 series is Turing based and just without the RTX cores, firmware/microcode differences and other subtle changes were needed to the Nouveau kernel driver for enabling its open-source hardware accelerated support.

  • Radeon "sisched" Scheduler Is Made Obsolete By RADV's ACO Back-End

    It's been years since last hearing anything about sisched as the SI machine instruction scheduler that started out for the RadeonSI OpenGL driver and was ultimately supported by the RADV Vulkan driver too. Years ago, SISCHED helped offer better open-source AMD Radeon Linux gaming performance but those days are over. The scheduler was made part of the AMDGPU LLVM back-end and that sisched code hasn't seen any new work in ages. Now with Valve's ACO taking off so well since its mainlining in Mesa 19.3 as an alternative to the AMDGPU LLVM back-end, it pretty much nails the coffin on SISCHED.

  • Intel Blackhole Render Support Lands In Mesa 20.1

    Intel Blackhole Render support was finally merged today for the new Intel "Iris" Gallium3D OpenGL driver default, the older i965 driver for pre-Broadwell hardware, and also the Mesa state tracker for Gallium3D drivers. Proposed back in 2018 was the Intel blackhole render extension for OpenGL / GLES as an extension to disable all rendering operations emitted to the GPU through OpenGL rendering commands but without affecting OpenGL pipeline operations.

Security: Patches, Hack the Box, and Secure Encrypted Virtualization

  • Security updates for Thursday

    Security updates have been issued by Arch Linux (dovecot, firefox, ksh, and webkit2gtk), Debian (firefox-esr and openjdk-8), Mageia (exiv2, flash-player-plugin, python-waitress, and vim and neovim), openSUSE (pcp and rubygem-rack), Oracle (kernel), Red Hat (sudo), and Slackware (libarchive).

  • Hack the Box (HTB) machines walkthrough series — Wall

    HTB is an excellent platform that hosts machines belonging to multiple OSes. It also has some other challenges as well. Individuals have to solve the puzzle (simple enumeration plus pentest) in order to log into the platform and download the VPN pack to connect to the machines hosted on the HTB platform.

  • New Patches: AMD Live Migration Support For VMs With Secure Encrypted Virtualization<

    Beyond the Linux kernel patches presented earlier this week for AMD SEV-ES "Encrypted State" support, another Linux patch series out overnight provides another improvement to Secure Encrypted Virtualization with AMD EPYC server processors. The newest open-source SEV work to report on this week is live migration support when making use of AMD Secure Encrypted Virtualization. Currently VMs can't be live migrated when making use of this hardware-backed encryption support of virtual machines, but a new patch series enables QEMU/KVM live migration to now work in the presence of SEV.

Fedora Council November 2019 meeting: Councily business

The Fedora Council’s primary responsibility is to identify the short-, medium-, and long-term goals of the Fedora community and to organize and enable the project to best achieve them. Our mechanism for handling medium-term goals is the Fedora Objectives process. We spent some time reviewing this process and the associated Objective Lead roles. Although Objectives were invented to help bring visibility and clarity to big project initiatives, we know there is still a communications gap: most of the community doesn’t know exactly what it means for something to be an Objective, and many people don’t know what the current Objectives even are. Plus, being an Objective Lead is extra work — what’s the benefit? And why are Objective Leads given Council seats rather than just asked to report in periodically? We asked the Objective leads how they felt about it. Overall, they found it beneficial to have a seat on the Council. It helps make the work of the Objective more visible and lends credibility to resource requests. The act of writing and submitting an Objective proposal made them organize their thoughts, goals, and plans in a way that’s more easily understood by others. Read more Also: Peter Czanik: Insider 2020-02: Portability; secure logging; Mac support; RPM;

Rhythmbox 3.4.4 Adds ListenBrainz Plugin, New App Icon

A new version of Rhythmbox, Ubuntu’s default music player app, is available. Rhythmbox 3.4.4 is a small update to this venerable player and was released back in January (but I’ve only just heard about it). As Rhythmbox is no longer the default GNOME music player (a role now filled by the rather anaemic GNOME Music app) this player hasn’t seen much major development for some time. But it’s not abandoned, as this update, the fourth bug fix update in the 3.4.x series, shows. So what’s new? Read more

