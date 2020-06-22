Kernel: LWN Articles, LPC Town Hall and More 5.8 Merge window, part 2 By the time Linus Torvalds released 5.8-rc1 and closed the merge window for this development cycle, 14,206 non-merge changesets had been pulled into the repository for 5.8. That is more work than was pulled for the entire 5.7 cycle; clearly development work on the kernel has not (yet) slowed down in response to events in the wider world. The nearly 6,700 changes pulled since the previous summary include huge numbers of fixes and internal cleanups, but there were a number of significant features added as well.

Rethinking bpfilter and user-mode helpers Bpfilter is yet another in-kernel packet-filtering system; like netfilter and nftables, it exists for the creation of firewalls and related infrastructure. Rather than try to provide all of the filtering primitives that a user might want, bpfilter simply allows the loading of BPF programs to inspect and accept (or reject) packets. In theory, the benefits of bpfilter could be huge. It replaces a lot of firewalling code in the kernel, has the potential to be significantly faster than either of the other two mechanisms, and should be more flexible as well. It is not unreasonable to expect that something like bpfilter could eventually displace the other firewall subsystems and become the standard solution on Linux systems. For that to happen, though, the bpfilter developers would still have to do a lot more work. Beyond filling out the filtering functionality itself, they would need to find a way to avoid breaking the untold millions of systems out there that are currently using netfilter. Administrators of those systems have a lot of time invested in the creation of their firewall configurations and would not take kindly to the idea that they have to learn BPF and start over. Without seamless compatibility, bpfilter cannot take netfilter's place. The solution that the bpfilter developers chose was to reimplement the netfilter user-space API, so that the existing tools and configurations would continue to work. Internally to the kernel, though, netfilter rules would be translated into BPF programs, which would then be attached in the appropriate places. That solution should provide the best of all worlds: a shiny new packet-filtering subsystem with no changes required of users. The only problem with this idea is that compiling netfilter rules to BPF is not a small job; it would be a large chunk of code running in the kernel that would have to be prepared for any kind of weirdness that user space might present to it. The memory footprint of that code would not be welcome, and making sure that it was secure would be a difficult task that would likely end up generating a fair number of CVE entries before it was done.

DMA-BUF cache handling: Off the DMA API map (part 2) Part 1 of this series, covered some background on ION, DMA-BUF heaps, the DMA API, and the concept of "ownership" when it comes to handling CPU-cache maintenance, finally ending on a conventional DMA API view of how DMA-BUF cache handling should be done. The article concluded with a discussion of why the traditional DMA APIs can perform poorly on contemporary systems. This article completes the series with an exploration of some of the approaches that DMA-BUF exporters can use to avoid unnecessary cache operations along with some rough proposals for how we might improve things. The first part left off with the DMA API's viewpoint that the ownership of a DMA-BUF is transferred to the device domain with a call to dma_buf_map_attachment() and transfers back to the CPU with dma_buf_unmap_attachment(); cache-maintenance operations are done on each call. This sequence provides correctness with regard to CPU-cache handling but, for buffer pipelines that involve many devices where the CPU doesn't actually touch the buffer, these cache operations on each map and unmap call add up and can cause dramatic performance problems.

Google Posts Patches So The Linux Kernel Can Be LTO-Optimized By Clang A Google engineer has posted patches for review so that the mainline Linux kernel can be built with Link-Time Optimizations (LTO) by the LLVM Clang code compiler. Years ago Intel developers had sent out patches for LTO support for the Linux kernel but Linus Torvalds was ultimately unconvinced by it. That was back in 2014 when trying to squeeze more performance out of the Linux kernel. LTO patches for the Linux kernel are brought up every so often but at last check still no material progress in getting it mainlined.

Intel P-State Getting Energy Efficiency Knob, EPB Knob Change Intel's P-State CPU frequency scaling driver for Linux systems has been seeing a number of refinements lately including some major changes like shifting towards the "Schedutil" scheduler utilization governor by default. Further tuning with new/changed knobs is also on the way for giving users more control over their CPU power / performance preferences.

Loaded terms in free software The FSF has often refused to talk with news organizations (including LWN) without an advance promise that at least some of its word-use proscriptions would be followed in any resulting article. The loss of coverage resulting from that condition is, seemingly, considered a price worth paying in order to keep distance from perceived illegitimate use of loaded terms. In the wider community, terms like "master" and "slave" have been the source of discomfort for some time; some projects have moved away from those terms in recent years. Current events — and not just in the U.S. — have raised awareness and greatly accelerated efforts in this direction. The topic has recently come up in the kernel community, which has also been discussing a proposal to replace "blacklist" and "whitelist" with "denylist" and "allowlist". This discussion is not just limited to the kernel, though. The Git community is debating renaming the default "master" branch to something else — a change that is already being made at major Git-hosting companies and which is almost certain to be adopted. Similar discussions are being held in the Ansible community, the curl project, the Go language community, the OpenSSL project, the PHP community, and beyond. The Python community mostly eliminated these terms in 2018. Needless to say, there has been opposition to these changes. Some of it comes from the usual spontaneous sock-puppet accounts that proliferate around this kind of discussion — but not all of it. Opponents make the point that words with the same spelling have different meanings in English, and that a slave device has nothing to do with an enslaved human. Making these changes, they argue, distorts the language, creates endless code churn, and confuses users in support of a sort of political correctness that does little, if anything, to address the actual problem of systemic racism. There is also a slippery-slope argument that can be heard; will one get into trouble for claiming to have mastered a difficult subject or listing one's master's degree on a resume? What should the kernel's position be on red-black trees? Also: Ian Jackson: Renaming the primary git branch to "trunk"