Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Tuesday, 22 Oct 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

  • 07/07/2019 - 5:40pm
    JamieCull
  • 04/07/2019 - 7:09pm
    ksanaj
  • 18/07/2018 - 6:58am
    arindam1989
  • 14/08/2017 - 5:04pm
    2daygeek
  • 11/07/2017 - 9:36am
    itsfoss
  • 04/05/2017 - 11:58am
    Variscite
  • 09/04/2017 - 4:47pm
    mwilmoth
  • 11/01/2017 - 12:02am
    tishacrayt
  • 11/01/2017 - 12:01am
    lashayduva
  • 10/01/2017 - 11:56pm
    neilheaney

Graphics: Libdrm, AMDGPU, AR/VR and Gallium3D

Filed under
Graphics/Benchmarks
  • Libdrm 2.4.100 Released With Bits For Intel Elkhart Lake, Tiger Lake Graphics

    AMD open-source developer Marek Olšák on Wednesday released libdrm 2.4.100 as the newest feature update to this Mesa DRM library.

    On the AMD front there are a number of RAS tests added, a new amdgpu_cs_query_reset_state2 interface, and other expanded AMDGPU test coverage.

  • AMDGPU GFX9+ Format Modifiers Being Worked On For Better DCC Handling

    RADV Vulkan driver developer Bas Nieuwenhuizen of Google has ventured into kernel space in working on format modifiers support for Vega/GFX9 and newer.

    This DRM format modifiers support for GFX9+ is being worked on for helping to evaluate when delta color compression (DCC) can be used and any other requirements around that DCC handling. Bas explained, "This is particularly useful to determine if we can use DCC, and whether we need an extra display compatible DCC metadata plane."

  • Free software support for virtual and augmented reality

    A talk at the recent X.Org Developers Conference in Montréal, Canada looked at support for "XR" in free software. XR is an umbrella term that includes both virtual reality (VR) and augmented reality (AR). In the talk, Joey Ferwerda and Christoph Haag from Collabora gave an overview of XR and the Monado project that provides support for those types of applications.

    Ferwerda started by defining the term "HMD", which predates VR and AR. It is a head-mounted display, which basically means "taking a screen and some sensors and duct-taping it to your face". All of the devices that are being used for XR are HMDs. They typically include some kind of tracking system to determine the position and orientation of the HMD itself. Multiple different technologies, including inertial measurement units (IMUs), photodiodes, lasers, and cameras, are used to do the tracking depending on the device and its use case.

    AR is intended to augment the real world with extra information; the user sees the real world around them, but various kinds of status and additional data is tagged to objects or locations in their view of the world. AR is a rather over-hyped technology these days, he said. The general idea is that users would wear glasses that would augment their view in some fashion, but, unfortunately, what most people think of as AR is Pokémon Go.

    VR uses two screens, one for each eye, to create a 3D world that the user inhabits and can interact with in some fashion. Instead of seeing the real world, the user sees a completely separate world. There are two words that are often used to describe the feel of VR, he said: "presence" and "immersion". That means users are aware of themselves as being part of the VR environment.

    XR encompasses both. Ferwerda said that he is not really sure what the "X" stands for; he has heard "cross reality" and "mixed reality" for XR. Haag said that "extended reality" was another definition that he had heard.

  • Intel Now Aiming For Gallium3D OpenGL Default For Mesa 20.0

    For the better part of two years now Intel has been working on this new "Iris" Gallium3D driver for supporting Broadwell "Gen8" graphics and newer as the eventual replacement to their long-standing i965 classic driver. With Tiger Lake "Gen12" Xe graphics, it's in fact Iris Gallium3D only. In our testing of Broadwell through the *lakes, this Gallium3D driver has been working out terrific on Mesa 19.2 stable and Mesa 19.3 development. But it looks like Intel is going to play it safe and punt the default change-over to next quarter's Mesa 20.0 cycle.

Embedded system cross-development with Ubuntu Core

Filed under
Ubuntu

There are fundamental differences between developing general-purpose software applications and making software for embedded systems. Embedded systems software runs on resource-constrained hardware, in contrast to general-purpose server or client applications that run on more capable hardware. For this reason, embedded system software is not directly developed on the electronic board it will run on – referred to as the target. It is rather developed on a computer – the host – that has a higher computational capacity than the target board.

Read more

LibreOffice: LibreOffice 6.2.8, FOSDEM 2020 and LibreOffice Conference 2019

Filed under
LibO
  • LibreOffice 6.2.8 is available, the last release of the 6.2 family

    The Document Foundation announces LibreOffice 6.2.8, the last minor release of the LibreOffice 6.2 family. All users of LibreOffice 6.2.x versions should update immediately for enhanced security, and be prepared to upgrade to LibreOffice 6.3.4 as soon as it becomes available in December.

    For enterprise class deployments, TDF strongly recommends sourcing LibreOffice from one of the ecosystem partners to get long-term supported releases, dedicated assistance, custom new features and bug fixes, and other benefits. Also, the work done by ecosystem partners flows back into the LibreOffice project, benefiting everyone.

    LibreOffice’s individual users are helped by a global community of volunteers: https://www.libreoffice.org/get-help/community-support/. On the website and the wiki there are guides, manuals, tutorials and HowTos. Donations help us to make all of these resources available.

    LibreOffice users are invited to join the community at https://ask.libreoffice.org, where they can get and provide user-to-user support. While TDF can not provide commercial level support, there are guides, manuals, tutorials and HowTos on the website and the wiki. Your donations help us make these available.

  • LibreOffice 6.2.8 Arrives as the Last in the Series, Prepare for LibreOffice 6.3

    The Document Foundation released today the eight and final maintenance update for the LibreOffice 6.2 open-source and cross-platform office suite series.

    LibreOffice 6.2.8 is here one and a half months after the release of LibreOffice 6.2.7, which was announced in early September alongside the first point release of the latest LibreOffice 6.3 series. This maintenance release brings a total of 26 bug fixes and improvements across various components, as detailed here and here.

    While the LibreOffice 6.2 office suite series is still recommended for enterprise deployments, unfortunately it will reach end of life next month on November 30th. As such, the Document Foundation recommends all enterprise users to update to LibreOffice 6.2.8 immediately for enhanced security, and start preparing to upgrade to LibreOffice 6.3.

  • FOSDEM 2020: Open Document Editors DevRoom Call for Papers

    FOSDEM is one of the largest gatherings of Free Software contributors in the world and happens each year in Brussels (Belgium) at the ULB Campus Solbosch. In 2020, it will be held on Saturday, February 1, and Sunday, February 2.

    The Open Document Editors (OFE) DevRoom is scheduled for Saturday, February 1, from 10:30AM to 7PM. Physical room has not yet been assigned by FOSDEM. The shared devroom gives all project in this area a chance to present ODF related developments and innovations.

    We are now inviting proposals for talks about Open Document Editors or the ODF document format, on topics such as code, extensions, localization, QA, UX, tools and adoption related cases. This is a unique opportunity to show new ideas and developments to a wide technical audience.

  • Eight videos from the auditorium at LibreOffice Conference 2019

    In September we had the LibreOffice Conference 2019 in Almeria, Spain. We’re uploading videos from the presentations that took place, so here’s a new batch! First up is “Janitor of Sanity” with Stephan Bergmann...

SUSE/OpenSUSE Leftovers

Filed under
SUSE
  • Plasma, Applications, Frameworks arrive in Latest Tumbleweed Snapshot

    The most recent snapshot, 20191014, updated several packages around KDE’s projects. Plasma 5.17.0 arrived in the snapshot and there are some extraordinary changes to the new version. The release announcement says this new version is as lightweight and thrifty with resources as ever before. The start-up scripts were converted from a slower Bash to a faster C++ and now run asynchronously, which means it can run several tasks simultaneously, instead of having to run them one after another. Improvements to the widget editing User Experience were made and the Night Color feature became available, which subtly changes the hue and brightness of the elements on the screen when it gets dark; this diminishes glare and makes it more relaxing to the eyes. The same snapshot brought KDE Applications 19.08.2 and the second version of the 19.08 release improved High-DPI support in Konsole and other applications; there were many bugs fixes as well and KMail can once again save messages directly to remote folders. There was more KDE packages arriving in Tumbleweed with the update of KDE Frameworks 5.63.0; KIO, Kirigami and KTextEditor had the most bug fixes in frameworks latest release. The Tumbleweed snapshot had several other software packages updated like the file system utilities package e2fsprogs 1.45.4, which addressed Common Vulnerabilities and Exposures CVE-2019-5094 where an attacker would have been able to corrupt a ext4 partition. The 3.6.10 version of gnutls added support for deterministic Elliptic Curve Digital Signature Algorithm (ECDSA) / Digital Signature Algorithm (DSA). Text editor Nano updated to version 4.5 and offers a new ‘tabgives’ command allowing users to specify per syntax whatthe key should produce. The php7 7.3.10 version modified some patches and fixed some bugs. With all these changes, the snapshot is trending at a stable rating of 95, according to the Tumbleweed snapshot reviewer.

  • Multi-cloud Management: Stratos and Kubernetes

    At the recent Cloud Foundry Summit EU in the Netherlands, Neil MacDougall and Troy Topnik of SUSE presented a talk demonstrating and describing the work that SUSE has done to extend the Stratos management interface to include support for Kubernetes and Helm. They talked about how SUSE has used the Stratos extension mechanism to add new endpoint types for Kubernetes and Helm and we showed some of the features that SUSE has been developing. They wrapped things up by talking about where SUSE is headed next in extending Stratos beyond Cloud Foundry into a Multi-cloud Management interface.

Linux Foundation on Spying Giants Branded 'Confidential' and Banks Framed as "Open FinTech"

Filed under
OSS
  • Confidential Computing Consortium Establishes Formation with Founding Members and Open Governance Structure

    The Confidential Computing Consortium, a Linux Foundation project and community dedicated to defining and accelerating the adoption of confidential computing, today announced the formalization of its organization with founding premiere members Alibaba, Arm, Google Cloud, Huawei, Intel, Microsoft and Red Hat. General members include Baidu, ByteDance, decentriq, Fortanix, Kindite, Oasis Labs, Swisscom, Tencent and VMware.

    The intent to form the Confidential Computing Consortium was announced at Open Source Summit in San Diego earlier this year. The organization aims to address data in use, enabling encrypted data to be processed in memory without exposing it to the rest of the system, reducing exposure to sensitive data and providing greater control and transparency for users. This is among the very first industry-wide initiatives to address data in use, as current security approaches largely focus on data at rest or data in transit. The focus of the Confidential Computing Consortium is especially important as companies move more of their workloads to span multiple environments, from on premises to public cloud and to the edge.

  • Confidential Computing Consortium Establishes Formation with Founding Members and Open Governance Structure – Member Comments
  • Open FinTech Forum Brings Together Technologists and Business Executives to Accelerate Development in Finance Sector

    The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the speakers and program for Open FinTech Forum taking place December 9, 2019 at the Convene Conference Center in New York. To register, please visit: https://events19.linuxfoundation.org/events/open-fintech-forum-2019/register/

    Open FinTech Forum is where financial services IT decision makers come to learn about the open technologies driving digital transformation – technologies like AI, blockchain and more – and how to best utilize an open source strategy and implementation to enable new products, services and capabilities; increase IT efficiencies; establish and strengthen internal license compliance programs; and attract top-level talent and train existing talent on the latest disruptive technologies.

    “Open FinTech Forum brings the open source communities that support financial services together with CIOs, IT managers and developers working in the heart of finance,” said Angela Brown, General Manager of Events at The Linux Foundation. “We’re looking forward to showcasing the industry’s emerging and established open technologies fueling this space.”

Games: KeeperRL, 3 Minutes to Midnight, Shadow of Mordor

Filed under
Gaming
  • Roguelike dungeon simulator 'KeeperRL' expands modding and adds Steam Workshop support

    Sometimes you just want to be an evil wizard, build a dungeon and look after some imps. KeeperRL lets you do just that and it just had a big new update with much better modding support.

    With the introduction of Steam Workshop support, mods and retired dungeons can now be shared to it to allow others to easily download and try them out. As for the rest of the modding support lots more can now be tweaked. Items, building info, Z-level width, creature names and so on can be changed with mods now and creatures can also drop custom items.

  • The comedy adventure game 3 Minutes to Midnight is on Kickstarter with Linux support

    Scarecrow Studio are now crowdfunding to finish up their very colourful comedy adventure game 3 Minutes to Midnight.

    The Kickstarter campaign is now live, with a funding goal of €50,000 they need to reach by November 8. They've already amassed support with over €38,000 so it's likely it will be fully funded.

    Taking inspiration from the classics like The Secret of Monkey Island, Day of the Tentacle, and Sam & Max Hit the Road (where have I heard this before?), Scarecrow Studio said 3 Minutes to Midnight will take the point and click gameplay, blend in some humour and high-definition art with an intuitive interface and a "compelling mystery" to solve. They also say it has the "largest script in point-and-click history" and "over 1000 interactable objects" so they're setting the bar for themselves pretty damn high.

  • The Linux port of Shadow of Mordor from Feral Interactive has gained a Vulkan Beta, a massive difference

    This is quite a surprise! Early yesterday we were notified that Middle-earth: Shadow of Mordor, which Feral Interactive ported to Linux in 2015 has gained a Vulkan Beta.

    Since companies rarely make much money from older ports like this, it's quite fantastic to see it being given some love. Especially like this, giving it a big boost with a much newer graphics API. This is not long after Feral Interactive confirmed the Linux release date for Shadow of the Tomb Raider Definitive Edition and also announced Total War Saga: TROY for Linux too.

Proprietary Software and Security Issues

Filed under
OS
  • cPanel, Plesk or DirectAdmin: Analysis and Comparison

    Every OS differs in user interface, security, functionality, usability and pricing, and the final decision should be based on personal needs and expectations. cPanel, Plesk and DirectAdmin all offer a number of great services, functions and tools for successful and efficient VPS management and because of their differences, individual demands can be met, and situations resolved.

  • Netflix won’t ‘shy away from taking bold swings’ as streaming competition heats up

    This increase in subscriber growth this quarter came from an affluence of original content, including Stranger Things’ third season, which saw 64 million accounts watch the newest season in the first four weeks, according to the company. Netflix recently signed co-creators Matt and Ross Duffer to an overall deal with the streaming service, which will see them produce more TV shows and films for Netflix.

  • House panel pushes forward election security legislation

    The panel marked up and approved the SHIELD Act, which takes aim at foreign election interference by requiring U.S. campaigns to report “illicit offers” of election assistance from foreign governments or individuals to both the FBI and the Federal Election Commission (FEC).

    The legislation also takes steps to ensure that political advertisements on social media are subject to the same stricter rules as ads on television or radio.

  • New Voting Machines Will Be Used For Nov. 5 Municipal Elections

    The new system which cost the state about $52 million replaces the 15-year-old one previously used. Charleston County Board of Elections and Registration Director Joseph Debney said while the new system may not be more efficient, it offers more transparency than the previous one. Replacement provides the state with a dependable system for years to come and will greatly enhance the security of the election process. Having a paper record of each voter’s ballot will add an additional layer of security as it allows for audits of paper ballots to verify vote totals.

    The system works using a Ballot-Marking Device (BMD) that helps voters mark a paper ballot more accurately and efficiently. A voter’s choices are presented on a touch screen similar to the old voting machines. The BMD allows the voter to mark the choices on-screen and when the voter is done, prints the selections on paper ballots which then are either hand counted or counted using an optical scanner/tabulator, the second machine.

  • Chhattisgarh dumps EVMs, back to ballot paper

    Chhattisgarh would perhaps be the first state in the country to do away with EVMs in favour of ballot paper in the local body polls.

  • Andhra Pradesh Elections: Complaints of EVM glitches [sic] in nearly 50 booths

    Talking to reporters, the Chief Minister referred to technical glitches in EVMs and said he was demanding that ballot papers be re-introduced. "No developed country is using EVMs as they are prone to manipulation. We have hence been demanding that we revert to the ballot paper system," Naidu said.

  • Chhattisgarh may return to paper ballots for local bodies polls

    In a report submitted on Tuesday, cabinet sub-committee constituted by the Baghel government has recommended the use of paper ballots instead of EVMs in the upcoming urban local body elections.

    The recommendations by the cabinet sub-committee would be referred to the state cabinet headed by CM Baghel for approval.

  • Microsoft unveils two open-source projects for building cloud and edge applications [Ed: Microsoft: our 'clown computing' with NSA back doors is all proprietary software but to trap your work and your data we are openwashing the tools to put them there]

    The new projects include the Open Application Model, which is a specification for building cloud-native apps on Kubernetes, and Dapr, a portable event-driven runtime for building microservices-based apps that can run in the cloud and on edge devices.

  • Top Linux antivirus software

    The last several years have seen a startling increase in malware that targets Linux. Some estimates suggest that Linux malware account for more than a third of the known attacks. In 2019, for example, new Linux-specific attacks included the Silex worm, GoLang malware, the Zombieload side-channel attack, the Hiddenwasp Trojan, the EvilGnome spyware and Lilocked ransomware. The volume and severity of attacks against Linux are clearly on the rise.

    While Linux has some advantages when it comes to security, the Linux kernel is certainly not devoid of security vulnerabilities nor is it immune to attack. The worst thing you can do is to sit back and assume that Linux systems are safe simply because a larger number of desktops are running Windows.

    Tools are available to defend Linux systems from many types of attack, and quite a few of these are free and open source. These are some of the best tools that you can get for free or at modest cost.

Calamares Plans for Debian 11

Filed under
Debian

Before Debian 9 was released, I was preparing a release for a derivative of Debian that was a bit different than other Debian systems I’ve prepared for redistribution before. This was targeted at end-users, some of whom might have used Ubuntu before, but otherwise had no Debian related experience. I needed to find a way to make Debian really easy for them to install. Several options were explored, and I found that Calamares did a great job of making it easy for typical users to get up and running fast.

After Debian 9 was released, I learned that other Debian derivatives were also using Calamares or planning to do so. It started to make sense to package Calamares in Debian so that we don’t do duplicate work in all these projects. On its own, Calamares isn’t very useful, if you ran the pure upstream version in Debian it would crash before it starts to install anything. This is because Calamares needs some configuration and helpers depending on the distribution. Most notably in Debian’s case, this means setting the location of the squashfs image we want to copy over, and some scripts to either install grub-pc or grub-efi depending on how we boot. Since I already did most of the work to figure all of this out, I created a package called calamares-settings-debian, which contains enough configuration to install Debian using Calamares so that derivatives can easily copy and adapt it to their own calamares-settings-* packages for use in their systems.

Read more

Microsoft admits Android is the best operating system for mobile devices

Filed under
Android
Microsoft

At an event at Microsoft’s flagship store in London, Panos Panay, the chief product officer for the Microsoft Devices group, admitted that the company is using Android in its upcoming Surface Duo phone because, quite simply, the “best OS for this product is Android”.

It’s a noteworthy admission, as Google’s Android mobile operating system is one of Microsoft’s biggest rivals. In the past, the company has tried – and failed – to take on Android with its own operating system for mobile devices: Windows Mobile.

We’ve picked all the best 2-in-1 laptops of 2019
Black Friday laptop deals 2019: how to find the best laptop deals
How to buy a laptop on Black Friday and Cyber Monday

While Windows 10 Mobile is no more, it must have been tempting for Microsoft to revive the OS for its upcoming dual-screen handset, so it’s commendable that it has gone for the much more popular Android operating system – while being so frank about its reasons.

On one hand, it seems like Microsoft has acknowledged just how hard it is to compete with Android – which is currently the most-used operating system on the planet – a title Microsoft’s own Windows OS used to have. The failure of Windows 10 Mobile, and the Windows phones that ran the software, was likely a humbling experience that the company is in no rush to repeat.

Read more

Canonical releases Ubuntu Linux 19.10 Eoan Ermine with GNOME 3.34, light theme, and Raspberry Pi 4 support

Filed under
Ubuntu

Thank God for Linux. No, seriously, regardless of your beliefs, you should be thankful that we have the Linux kernel to provide us with a free alternative to Windows 10. Lately, Microsoft's operating system has been plagued by buggy updates, causing some Windows users to lose faith in it. Hell, even Dona Sarkar -- the now-former leader of the Windows Insider program -- has been relieved of her duties and transitioned to a new role within the company (read into that what you will).

While these are indeed dark times for Windows, Linux remains that shining beacon of light. When Windows becomes unbearable, you can simply use Chrome OS, Android, Fedora, Manjaro, or some other Linux distribution. Today, following the beta period, one of the best and most popular Linux-based desktop operating systems reaches a major milestone -- you can now download Ubuntu 19.10! Code-named "Eoan Ermine" (yes, I know, it's a terrible name), the distro is better and faster then ever.

Read more

Which Raspberry Pi OS should you use?

Filed under
OS
Linux

There are a wide range of different Raspberry Pi OS packages available and choosing the correct one for your hardware, application or project is not always easy. Here we compliled a list of popular operating systems for the Raspberry Pi range of single board computers, providing a quick insight into what you can expect from each and how you can use it to build a variety of different applications from games emulators. To fully functional desktop replacements using the powerful Raspberry Pi 4 mini PC, as well as as few more specialist Raspberry Pi OSes. Instructional videos are also included detailing how to install and setup the various OSes, allowing you to quickly choose which Raspberry Pi OS is best for your project.

If you are starting out with the Raspberry Pi and class yourself as a beginner then the NOOBS Raspberry Pi OS is a great place to start. A number of online stores sell affordable SD cards pre-installed with NOOBS, ready to use straight away. Although if you have any spare SD cards lying around you can also download the NOOBS distribution directly from the Raspberry Pi Foundation website.

Read more

Canonical Outs Linux Kernel Security Update for Ubuntu 19.04 to Patch 9 Flaws

Filed under
Linux
Security
Ubuntu

The new security update for Ubuntu 19.04 is here to patch a total of seven security flaws affecting the Linux 5.0 kernel used by the operating system, including an issue (CVE-2019-15902) discovered by Brad Spengler which could allow a local attacker to expose sensitive information as a Spectre mitigation was improperly implemented in the ptrace susbsystem.

It also fixes several flaws (CVE-2019-14814, CVE-2019-14815, CVE-2019-14816) discovered by Wen Huang in the Marvell Wi-Fi device driver, which could allow local attacker to cause a denial of service or execute arbitrary code, as well as a flaw (CVE-2019-15504) discovered by Hui Peng and Mathias Payer in the 91x Wi-Fi driver, allowing a physically proximate attacker to crash the system.

Read more

Measuring the business value of open source communities

Filed under
OSS

It is still the early days of building a platform for bringing together these disparate data sources. The CHAOSS core of Augur and GrimoireLab currently supports over two dozen sources, and I’m excited to see what lies ahead for this project.

As the CHAOSS frameworks mature, I’m optimistic that teams and projects that implement these types of measurement will be able to make better real-world decisions that result in healthier and more productive software development lifecycles.

Read more

Ubuntu 19.10: What’s New? [Video]

Filed under
Ubuntu

Yes, I dusted off my old Canon T2i and pointed it at my trusty (if currently rather dusty) Ubuntu laptop to showcase the core changes and improvements that are on offer in the ‘Eoan Ermine’ (just don’t ask me how to pronounce the name).

In 3 minutes and 31 seconds (exactly) you’ll learn all that’s new, nascent and notable in this, the latest Ubuntu release. From the experimental ZFS install option to easy app folder creation, and the new ‘lighter’ Ubuntu GNOME Shell theme.

Read more

Happy 15th Birthday, Ubuntu!

Filed under
Ubuntu

Ubuntu has come a long way since its ‘Warty Warthog’ days. The distro is by far the most popular Linux flavor in the market right now. According to W3Techs.com, Ubuntu leads the pack with 37.4% of the market, while Debian is a close second at 21.2%.

This is a far cry from the 8.9% popularity that Ubuntu garnered when W3Techs.com first began tracking such data in January 2010. Ubuntu was the 5th most popular Linux distro back then, behind Debian, CentOS, Red Hat, and Fedora, respectively.

Not only is Ubuntu the favorite of many users, but it is also now in the workplace as well, World-wide. Many companies and individuals choose Ubuntu as their distro of choice. The top users of Ubuntu reside in the United States. However, there are also a significant number of Ubuntu users in the United Kingdom, Germany, Canada, India, and the Netherlands.

Since its birth almost 14 years ago, Ubuntu has spawned many successful forks such as Linux Mint, elementary OS, Zorin OS, Pop!_OS, and KDE neon. This list does not even include some of Ubuntu’s derivatives, including Lubuntu, Kubuntu, Xubuntu, Ubuntu MATE, and Ubuntu Budgie.

Read more

LWN on Kernel: pidfd, printk and security

Filed under
Linux
  • Adding the pidfd abstraction to the kernel

    One of the many changes in the 5.4 kernel is the completion (insofar as anything in the kernel is truly complete) of the pidfd API. Getting that work done has been "a wild ride so far", according to its author Christian Brauner during a session at the 2019 Kernel Recipes conference. He went on to describe the history of this work and some lessons for others interested in adding major new APIs to the Linux kernel.
    A pidfd, he began, is a file descriptor that refers to a process — or, more correctly, to a process's thread-group leader. There do not appear to be any use cases for pidfds that refer to an individual thread for now; such a feature could be added in the future if the need arises. Pidfds are stable (they always refer to the same process) and private to the owner of the file descriptor. Internally to the kernel, a pidfd refers to the pid structure for the target process. Other options (such as struct task_struct) were available, but that structure is too big to pin down indefinitely (which can be necessary, since a pidfd can be held open indefinitely).

    Why did the kernel need pidfds? The main driving force was the problem of process-ID (PID) recycling. A process ID is an integer, drawn from a (small by default) pool; when a process exits, its ID will eventually be recycled and assigned to an entirely unrelated process. This leads to a number of security issues when process-management applications don't notice in time that a process ID has been reused; he put up a list of CVE numbers (visible in his slides [SlideShare]) for vulnerabilities resulting from PID reuse. There have been macOS exploits as well. It is, he said, a real issue.

    Beyond that, Unix has long had a problem supporting libraries that need to create invisible helper processes. These processes, being subprocesses of the main application, can end up sending signals to that application or showing up in wait() calls, creating confusion. Pidfds are designed to allow the creation of this kind of hidden process, solving a persistent, difficult problem. They are also useful for process-management applications that want to delegate the handling of specific processes to a non-parent process; the Android low-memory killer daemon (LMKD) and systemd are a couple of examples. Pidfds can be transferred to other processes by the usual means, making this kind of delegation possible.

    Brauner said that a file-descriptor-based abstraction was chosen because it has been done before on other operating systems and shown to work. Dealing with file descriptors is a common pattern in Unix applications.

    There are, he said, quite a few user-space applications and libraries that are interested in using pidfds. They include D-Bus, Qt, systemd, checkpoint-restore in user space (CRIU), LMKD, bpftrace, and the Rust "mio" library.

  • Why printk() is so complicated (and how to fix it)

    The kernel's printk() function seems like it should be relatively simple; all it does is format a string and output it to the kernel logs. That simplicity hides a lot of underlying complexity, though, and that complexity is why kernel developers are still unhappy with printk() after 28 years. At the 2019 Linux Plumbers Conference, John Ogness explained where the complexity in printk() comes from and what is being done to improve the situation.
    The core problem, Ogness began, comes from the fact that kernel code must be able to call printk() from any context. Calls from atomic context prevent it from blocking; calls from non-maskable interrupts (NMIs) can even rule out the use of spinlocks. At the same time, output from printk() is crucial when the kernel runs into trouble; developers do not want to lose any printed messages even if the kernel is crashing or hanging. Those messages should appear on console devices, which may be attached to serial ports, graphic adapters, or network connections. Meanwhile, printk() cannot interfere with the normal operation of the system.

    In other words, he summarized, printk() is seemingly simple and definitely ubiquitous, but it has to be wired deeply into the system.

  • What to do about CVE numbers

    Common Vulnerability and Exposure (CVE) numbers have been used for many years as a way of uniquely identifying software vulnerabilities. It has become increasingly clear in recent years that there are problems with CVE numbers, though, and increasing numbers of vulnerabilities are not being assigned CVE numbers at all. At the 2019 Kernel Recipes event, Greg Kroah-Hartman delivered a "40-minute rant with an unsatisfactory conclusion" on CVE numbers and how the situation might be improved. The conclusion may be "unsatisfactory", but it seems destined to stir up some discussion regardless.
    CVE numbers, Kroah-Hartman began, were meant to be a single identifier for vulnerabilities. They are a string that one can "throw into a security bulletin and feel happy". CVE numbers were an improvement over what came before; it used to be impossible to effectively track bugs. This was especially true for the "embedded library in our product has an issue" situation. In other words, he said, CVE numbers are good for zlib, which is embedded in almost every product and has been a source of security bugs for the last fifteen years.

    Since CVE numbers are unique, somebody has to hand them out; there are now about 110 organizations that can do so. These include both companies and countries, he said, but not the kernel community, which has nobody handling that task. There also needs to be a unifying database behind these numbers; that is the National Vulnerability Database (NVD). The NVD provides a searchable database of vulnerabilities and assigns a score to each; it is updated slowly, when it is updated at all. The word "national" is interesting, he said; it really means "United States". Naturally, there is now a CNNVD maintained in China as well; it has more stuff and responds more quickly, but once an entry lands there it is never updated.

Work on and concerns about libinput in Linux

Filed under
Linux
  • An update on the input stack

    The input stack for Linux is an essential part of interacting with our systems, but it is also an area that is lacking in terms of developers. There has been progress over the last few years, however; Peter Hutterer from Red Hat came to the 2019 X.Org Developers Conference to talk about some of the work that has been done. He gave a status report on the input stack that covered development work that is going on now as well as things that have been completed in the last two years or so. Overall, things are looking pretty good for input on Linux, though the "bus factor" for the stack is alarmingly low.

    High-resolution mouse scrolling

    High-resolution mouse-wheel scrolling should be arriving in the next month or two, he said. It allows for a different event stream that provides more precision on the movement of the mouse wheel on capable devices. Instead of one event per 15-20° of movement, the mouse will send two or four events in that span. Two new event types were added to the 5.0 kernel (REL_WHEEL_HI_RES and REL_HWHEEL_HI_RES) to support the feature. The old and new event streams may not correlate exactly, so they probably should not be used together, he cautioned.

    Likewise, libinput has added a new event type (LIBINPUT_EVENT_POINTER_AXIS_WHEEL) for high-resolution scrolling; it should be handled with its own event stream as with the kernel events. That code is sitting on a branch; it works but it has not been merged into the master yet. For Wayland, a new event type was also added in a now-familiar pattern. He pointed to a mailing list post where all the gory details of high-resolution scrolling for Wayland was explained.

  • A Vast Majority Of Linux's Input Improvements Are Developed By One Individual

    While there is an ever increasing number of open-source developers focusing on the Linux graphics stack with the GPU drivers and related infrastructure, it's quite a different story when it comes to the Linux input side. It's basically one developer that has been working on the Linux input improvements for the past number of years.

    [...]

    As he has pointed out, should anything ever happen to him the libinput library would be in bad shape. While there have been 76 contributors in total to libinput in the past two years, only 24 of them have had more than one commit while only six contributors have had more than five commits. One would just need around 50 commits to become the second-from-the-top contributor to the project.

Syndicate content

More in Tux Machines

Events: CopyleftConf, Oggcamp and FOSDEM

  • CopyleftConf 2020

    A week before Software Freedom Conservancy had announced the CopyleftConf 2020. The conference is going to take place on 3 February 2020, Monday, in Brussels, Belgium. The first edition of CopyleftConf took place in February 2019. One can have a look at the videos here The organizers do plan it after Fosdem.

  • The fight to get home from Oggcamp 2019

    I’d heard that parking in Manchester was not only a nightmare and that you would have to sell your children into slavery to pay the parking fee for a few hours so with that in mind I decided to use the train. Now to get to Manchester by car from my house takes around an hour and a half so long as you stick within the speed limit. My train was set to eat two and a half hours from my lifes timeline, but I felt it was a small price to pay given I was only going to do one day of a two-day event. My journey to Oggcamp started at 6.55 am the train took me to Birmingham New Street, where I was due to change for the onward train to Manchester, on the way up to Birmingham, we stopped at Wolverhampton train station. My connection was on-time, and I made myself as comfortable as possible in my reserved seat. To my horror, a rather large gentleman poured himself into the seat next to me and mine if truth be told. We set off heading back the way we came and just for the fun of it and to wind me up a little our first stop was, yes, you guessed it, Wolverhampton train station. I could see the next two hours were going to be a bundle of joy as I tried to look at my phone while feeling that I was confined in an invisible straight jacket if only that were the extent of my problems. Mr Creosote decided that after consuming his breakfast which he had brought on board, it was now time to have a little sleep. “What’s wrong with that?” I hear you ask. Mr Creosote promptly started to snore like farmer Giles’s prized Gloucestershire Old Spot pig. Two hours later, frazzled we arrived in Manchester Mr Creosote had been kind enough to wake up in Macclesfield just enough time for my bladder to fill to bursting along with my fit to burst brain after all that snoring. Oh, and I forgot to mention the lad opposite who while sat underneath a sign saying “Please be considerate to those around you” played videos of South Park amongst other things at full volume on his phone. Never heard of headphones arsehole?

  • FOSDEM 2020 IoT Devroom Call for Proposals

    FOSDEM (Free & Open-source Software Developers’ European Meeting) takes place every year in Brussels, Belgium on the first weekend of February.

Graphics: Vulkan and Mesa

  • RLSL Allows Running A Subset Of Rust On Vulkan/SPIR-V Enabled GPUs

    There was a recent Khronos meet-up in Munich where Maik Klein of Embark Studios talked about their work on bringing a sub-set of the Rust programming language to Vulkan (SPIR-V) enabled GPUs. RLSL is the project being worked on by the Swedish game studio for opening up Rustlang use for GPUs to benefit from the language's same design advantages, provide a unified front-end, and being able to leverage the existing Rust ecosystem with the likes of Cargo/crates.

  • Raspberry Pi 4's V3D Driver Lands OpenGL ES 3.1 Bits In Mesa 19.3-devel

    The Broadcom "V3D" Gallium3D driver that is most notably used by the new Raspberry Pi 4 boards now is effectively at OpenGL ES 3.1 support within the newest Mesa 19.3 code. We've known that Igalia has been ironing out OpenGL ES 3.1 for V3D after taking over the work from Eric Anholt who left Broadcom earlier this year to go work for Google. Merged this past week was the OpenGL compute shader bits as the main blocker that prevented the V3D open-source Gallium3D driver from exposing GLES 3.1. Following that was a memory violation fix and then explicitly exposing OpenGL ES Shading Language 3.1. That merge request does note that a few more fixes are still needed before V3D will officially pass all of the OpenGL ES 3.1 conformance tests, but at least Mesa 19.3's code is good enough along to enable the support.

today's howtos

Ubuntu: AMD Support, NVIDIA GPU Operator and More

  • Ubuntu 19.10 Doesn't Ship With AMD Navi / Radeon RX 5700 Support Working, But Easy To Enable

    While last week's release of Ubuntu 19.10 "Eoan Ermine" is new enough for Radeon RX 5700 series support with the Linux 5.3 kernel and Mesa 19.2, it doesn't actually work out-of-the-box for these Navi graphics cards. While the principal driver components of the Linux kernel and Mesa3D (for RadeonSI OpenGL and RADV Vulkan) are new enough with Navi support, Ubuntu 19.10's support isn't rounded out because its linux-firmware package isn't new enough for containing the necessary Navi firmware binaries required for the open-source driver usage. So if booting a clean Ubuntu 19.10 install with Radeon RX 5700, you are likely to just see a blank screen.

  • NVIDIA GPU Operator – Simplifying AI/ML Deployments on the Canonical Platform

    Leveraging Kubernetes for AI deployments is becoming increasingly popular. Chances are if your business is involved in AI/ML with Kubernetes you are using tools like Kubeflow to reduce complexity, costs and deployment time. Or, you may be missing out! With AI/ML being the tech topics of the world, GPUs play a critical role in the space. NVIDIA, a prominent player in the GPU space is one of the top choices for most stakeholders in the field. Nvidia takes their commitment to the space a step ahead with the launch of the GPU Operator open-source project at Mobile World Congress LA.

  • Ubuntu Weekly Newsletter Issue 601

    Welcome to the Ubuntu Weekly Newsletter, Issue 601 for the week of October 13th – 19th, 2019.