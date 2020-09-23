Language Selection

English French German Italian Portuguese Spanish

LWN on Linux and Linux Foundation Bits

Submitted by Rianne Schestowitz on Thursday 24th of September 2020 05:23:12 AM Filed under
Linux
  • Modernizing the tasklet API

    Tasklets offer a deferred-execution method in the Linux kernel; they have been available since the 2.3 development series. They allow interrupt handlers to schedule further work to be executed as soon as possible after the handler itself. The tasklet API has its shortcomings, but it has stayed in place while other deferred-execution methods, including workqueues, have been introduced. Recently, Kees Cook posted a security-inspired patch set (also including work from Romain Perier) to improve the tasklet API. This change is uncontroversial, but it provoked a discussion that might lead to the removal of the tasklet API in the (not so distant) future.

    The need for tasklets and other deferred execution mechanisms comes from the way the kernel handles interrupts. An interrupt is (usually) caused by some hardware event; when it happens, the execution of the current task is suspended and the interrupt handler takes the CPU. Before the introduction of threaded interrupts, the interrupt handler had to perform the minimum necessary operations (like accessing the hardware registers to silence the interrupt) and then call an appropriate deferred-work mechanism to take care of just about everything else that needed to be done. Threaded interrupts, yet another import from the realtime preemption work, move the handler to a kernel thread that is scheduled in the usual way; this feature was merged for the 2.6.30 kernel, by which time tasklets were well established.

    An interrupt handler will schedule a tasklet when there is some work to be done at a later time. The kernel then runs the tasklet when possible, typically when the interrupt handler finishes, or the task returns to the user space. The tasklet callback runs in atomic context, inside a software interrupt, meaning that it cannot sleep or access user-space data, so not all work can be done in a tasklet handler. Also, the kernel only allows one instance of any given tasklet to be running at any given time; multiple different tasklet callbacks can run in parallel. Those limitations of tasklets are not present in more recent deferred work mechanisms like workqueues. But still, the current kernel contains more than a hundred users of tasklets.

    Cook's patch set changes the parameter type for the tasklet's callback. In current kernels, they take an unsigned long value that is specified when the tasklet is initialized. This is different from other kernel mechanisms with callbacks; the preferred way in current kernels is to use a pointer to a type-specific structure. The change Cook proposes goes in that direction by passing the tasklet context (struct tasklet_struct) to the callback. The goal behind this work is to avoid a number of problems, including a need to cast from the unsigned int to a different type (without proper type checking) in the callback. The change allows the removal of the (now) redundant data field from the tasklet structure. Finally, this change mitigates the possible buffer overflow attacks that could overwrite the callback pointer and the data field. This is likely one of the primary objectives, as the work was first posted (in 2019) on the kernel-hardening mailing list.

  • Android kernel notes from LPC 2020

    Todd Kjos started things off by introducing the Android Generic Kernel Image (GKI) effort, which is aimed at reducing Android's kernel-fragmentation problem in general. It is the next step for the Android Common Kernel, which is based on the mainline long-term support (LTS) releases with a number of patches added on top. These patches vary from Android-specific, out-of-tree features to fixes cherry-picked from mainline releases. The end result is that the Android Common Kernel diverges somewhat from the LTS releases on which it is based.

    From there, things get worse. Vendors pick up this kernel and apply their own changes — often significant, core-kernel changes — to create a vendor kernel. The original-equipment manufacturers begin with that kernel when creating a device based on the vendor's chips, but then add changes of their own to create the OEM kernel that is shipped with a device to the consumer. The end result of all this patching is that every device has its own kernel, meaning that there are thousands of different "Android" kernels in use.

    There are a lot of costs to this arrangement, Kjos said. Fragmentation makes it harder to ensure that all devices are running current kernels — or even that they get security updates. New platform releases require a new kernel, which raises the cost of upgrading an existing device to a new Android version. Fixes applied by vendors and OEMs often do not make it back into the mainline, making things worse for everybody.

    The Android developers would like to fix this fragmentation problem; the path toward that goal involves providing a single generic kernel in binary form (the GKI) that all devices would use. Any vendor-specific or device-specific code that is not in the mainline kernel will need to be shipped in the form of kernel modules to be loaded into the GKI. That means that Android is explicitly encouraging vendor modules, Kjos said; the result is a cleaner kernel without the sorts of core-kernel modifications that ship on many devices now.

    This policy has already resulted in more vendors actively working to upstream their code. That code often does not take the form that mainline developers would like to see; some of it is just patches exporting symbols. That has created some tension in the development community, he said.

  • Vibrant Networking, Edge Open Source Development On Full Display at Open Networking & Edge Summit

    The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today marked significant progress in the open networking and edge spaces. In advance of the Open Networking and Edge Summit happening September 28-30, Linux Foundation umbrella projects LF Edge and LF Networking demonstrate recent achievements highlighting trends that set the stage for next-generation technology.

  • Vibrant Networking, Edge Open Source Development On Full Display at Open Networking & Edge Summit

    The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today marked significant progress in the open networking and edge spaces. In advance of the Open Networking and Edge Summit happening September 28-30, Linux Foundation umbrella projects LF Edge and LF Networking demonstrate recent achievements highlighting trends that set the stage for next-generation technology.

    [...]

    “We are thrilled to announce a number of milestones across our networking and edge projects, which will be on virtual display at ONES next week,” said Arpit Joshipura, general manager, Networking, Edge and IOT, at the Linux Foundation. “Indicative of what’s coming next, our communities are laying the groundwork for markets like cloud native, 5G, and edge to explode in terms of open deployments.”

»

More in Tux Machines

today's howtos

IBM/Red Hat/Fedora Leftovers

  • Fedora 34 Aims To Further Enhance Security But Will Lose Runtime Disabling Of SELinux

    Currently on Fedora the Security Enhanced Linux (SELinux) functionality that's there by default can be disabled at run-time via the /etc/selinux/config but moving forward with Fedora 34 they are looking at removing that support and focusing just on disabling via selinux=0 at the kernel boot time in order to provide greater security. At present on Fedora, those wanting to forego the security safeguards can either pass selinux=0 as the kernel command line option to disable the support at boot time or by disabling it within the /etc/selinux/config file that in turn disables the support at run-time.

  • Getting started with the Red Hat Insights policies capability

    Many customers I talk to have gotten a lot of value out of Red Hat Insights, which allows Red Hat Enterprise Linux (RHEL) customers to proactively identify and remediate risks in their RHEL environments. These risks can include items related to security and compliance, performance, availability, and stability. However, one common request I’ve heard is that customers would like a way to add their own internal checks that are specific to their environment into Insights. This type of functionality is now available with the Policies capability in Red Hat Insights, which allows customers to define their own policies which are evaluated when Insights data is uploaded from RHEL hosts. If any of the policies are evaluated to match, an email or webhook action can be triggered.

  • IBM Z Day 2020: A record-shattering event!

    Thank you, one and all, for making IBM Z Day 2020 such a huge success!

  • Red Hat, Samsung Join Hands To Deliver 5G Networking Solution

    Red Hat has teamed up with Samsung to deliver an open source networking solution built on Red Hat OpenShift. The solution will integrate with Samsung’s key networking applications and is aimed at helping service providers make 5G a reality across use cases. [...] Containerized network functions (CNFs) and virtualized network functions (VNFs) provide a path to transformation for modern telcos. As such, Samsung has achieved Red Hat’s vendor validated VNF Certification and plans to have full CNF Certification.

Graphics: Zink, Navi, Disman and CUDA

  • Mike Blumenkrantz: Will It Blend

    For the past few days, I’ve been trying to fix a troublesome bug. Specifically, the Unigine Heaven benchmark wasn’t drawing most textures in color, and this was hampering my ability to make further claims about zink being the fastest graphics driver in the history of software since it’s not very impressive to be posting side-by-side screenshots that look like garbage even if the FPS counter in the corner is higher. [...] The Magic Of Dual Blending It turns out that the Heaven benchmark is buggy and expects the D3D semantics for dual blending, which is why mesa knows this and informs drivers that they need to enable workarounds if they have the need. [...] In short, D3D expects to blend two outputs based on their locations, but in Vulkan and OpenGL, the blending is based on index. So here, I’ve just changed the location of gl_FragData[1] to match gl_FragData[0] and then incremented the index, because Fragment outputs identified with an Index of zero are directed to the first input of the blending unit associated with the corresponding Location. Outputs identified with an Index of one are directed to the second input of the corresponding blending unit.

  • New Linux kernel update may have tipped AMD's hand by leaking Big Navi specs

    Nvidia may have all the headlines with the GeForce RTX 3090 making the rounds in benchmarks, but AMD might swoop in to steal the show next month. Thanks to a sharp-eyed Reddit user, we may have gotten a sneak peek at AMD’s act. Reddit user u/stblr dug through a recent version of Radeon Open Compute (ROCm), version 3.8, includes firmware for AMD’s upcoming GPUs, codenamed Sienna Cichlid and Navy Flounder. Sienna Cichlid is also known as Navi 21 (or Big Navi), and Navy Flounder denotes either Navi 22 or 23. The code in the update confirms that Sienna Cichlid (Big Navi) will have 80 CUs and a 256-bit memory bus, while Navy Flounder will have 40 CUs and a 192-bit memory bus.

  • Disman Continues Taking Shape As Display Management Library For X11/Wayland

    Disman is the display management library forked from LibKScreen as part of KWinFT. Last week at XDC2020 an update was provided on this Qt/C++ library for display management. KDE developer Roman Gilg presented on Disman at the 2020 X.Org Developers' Conference along with KDisplay as a GUI front-end interfacing with this library. Disman is capable of properly configuring multiple displays and working across different X11 windowing systems as well as compositors. Under Wayland, Disman supports the likes of wlr_output_management_unstable_v1, kwinft_output_management_unstable_v1, KDE's output management protocol, and D-Bus interfaces around it. This allows Disman to work seamlessly on X11 with RandR and under Wayland by the likes of KDE's KWin, the KWinFT fork, and also WLROOTS-based compositors.

  • NVIDIA CUDA 11.1 Released With RTX 30 Series Support, Better Compatibility Across Versions

    NVIDIA has released version 11.1 of their CUDA toolkit that now supports the GeForce RTX 30 "Ampere" series graphics cards. CUDA 11.0 released back in July brought initial Ampere GPU support while CUDA 11.1 today formally supports the Ampere consumer GPUs in the RTX 30 series. Once we receive samples of the new GPUs we'll be putting the new CUDA release through its paces under Linux with the RTX 3070/3080/3090 series. [...] CUDA 11.1 also brings a new PTX compiler static library, version 7.1 of the Parallel Thread Execution (PTX) ISA, support for Fedora 32 and Debian 10.3, new unified programming models, hardware-accelerated sparse texture support, multi-threaded launch to different CUDA streams, improvements to CUDA Graphs, and various other enhancements. GCC 10.0 and Clang 10.0 are also now supported as host compilers.

Mozilla: Rust, Firefox 80/81, Golden Era of Computing and Firefox Nightly

More on Tux Machines: AboutGalleryForumBlogsSearchNewsRSS Feed

Part of Bytes Media ● Sister sites below.

TechBytes Techrights button

Powered by Drupal, an open source content management system

Content available under CC-BY-SA CC

© by original authors

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal 6