LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for October 11, 2007Linux in consumer electronicsLinux is embedded in a huge number of different devices, but the high-profile gadgets – the Nokia N800 and OpenMoko phone for example – get all the attention. Those gadgets use Linux as a selling point and a differentiator, trying to appeal to developers and power users who can customize the devices to do exactly what they want. Meanwhile, the vast majority of embedded Linux devices are running it quietly. For those systems, Linux provides a stable platform, with support for a large number of architectures and devices, that just works. Consumer electronics makers are turning to Linux in a big way. Sony provides an eye-opening list of their devices that run Linux, which covers a wide spectrum of the products that Sony makes; things like digital cameras, video cameras, televisions, audio gear, and professional video equipment. Other companies also have Linux web pages, none quite like the one that Sony provides, and the Consumer Electronics Linux Forum (CELF) has started gathering links to those sites on their embedded Linux wiki. Linux provides a number of advantages for embedded developers, the most obvious is its price. Commercial embedded operating systems typically charge royalties on a per-device basis, which can be a significant factor, especially for low-end devices. For high-end devices, especially professional grade equipment, the cost of the OS is much less of an issue, but the Linux feature set and hardware support still make it an attractive choice. One of the advantages that Linux provides is virtual memory – commercial embedded operating systems often rely on a flat memory layout. Virtual memory has a number of useful benefits: process isolation, shared code segments, as well as the ability to overcommit memory. Tim Bird, Sony kernel hacker and architecture group chair for CELF, puts it this way:
[...] one of the important reasons for using Linux
is its support for virtual memory. There is one product where
the amount of RAM allocated for an application is 10MB, but the
application couldn't fit in this. By using Linux, and
over-committing memory, the OS, libs and the application and
its data were able to fit into the RAM budget. Obviously,
Linux itself and the support programs and libs (primarily
busybox and glibc) must be as trim as possible in order to
make this work. So Sony is always concerned about kernel
and program size.
Another area of importance to the embedded world is the variety of hardware supported by Linux. Not only is there support for many of the CPU architectures used in embedded devices, but there are drivers for all kinds of peripherals that might be used in the design. If a driver does not exist for the specific peripheral device being used, there is probably a driver for something similar that can be used as a template for a new driver. Alternatively, the Linux Driver Project – which we covered last week – is willing to write the driver given some information about how the device operates. Support for multiple network protocols, different bus architectures, and various peripheral connections (USB, Firewire, etc.) are also very important, depending on the intent of the device. Because the Linux community is large, and growing, it can support many more options than the commercial embedded OS vendors can. In addition, as the development staff at a consumer electronics company come up to speed on Linux, it will make sense to use it in more devices. This will lead to more supported devices, CPUs, bus architectures, network protocols, and so on. The added features of Linux do come with a cost, which Bird refers to, of larger kernels and libraries. The linux-tiny project is an effort to reduce the size of the kernel, so-called kernel bloat, for embedded and small systems, which has been pretty well received by kernel hackers. It is a testament to the Linux developers that it already runs on everything from mainframes to mobile phones; it is a rare OS indeed that will make the effort to scale over that wide a range, with the inherent tensions between the needs of the various constituencies. It probably isn't possible to get a shell prompt on your television or video camera, as these devices aren't meant to be user serviceable, at least at the OS level. User modifications or updates to the code may well be difficult or impossible as well. For devices that are not connected to the internet, which is presumably the case for the majority of them, this is probably a non-issue. Presumably the device manufacturers have ways of upgrading if bugs or security flaws are discovered, but those would be handled by service centers or the like. Those who are opposed to the "Tivo-ization" of the kernel will be less than pleased, but most kernel hackers seem willing to have it used that way, so long as the code is made available. We will be seeing Linux in more places as time goes on as it is proving a robust solution for all kinds of applications. Perhaps you stare at Linux all day, hacking on code, working on graphics, or running a word processor, it is quite possible that you may also be staring at Linux at night, inside the television in your living room.
Interview with Google's Chris DiBonaChris DiBona started using free software on his home PC when he was at college, and for the same reason that Linus wrote Linux: because he couldn't get on the machines in the computer lab. Later, DiBona joined VA Linux, which sold open source-based hardware systems, and ended up as one of the editors on Slashdot. After an ill-fated attempt to start a game company, he joined Google in August 2004, and is Open Source Programs Manager there. He explains to Glyn Moody why open source is good for Google's business – and its soul. What platform was Google running on when it started at Stanford?
We have this picture that circulates, Google's first quote datacenter unquote: it's a jokey thing - you see things like disc drives housed in Legos. That was mostly Linux, but it also had a couple of Sun workstations – it was Stanford, so Suns were everywhere. But by the time that we became a real company it was pretty much Linux through and through for the operating system.
Was that a conscious decision, or did it just happen?
We were all engineers, and it was a very natural thing to say: well, this stuff just works, let's use it. It wasn't so much a religious as a practical decision.
To what extent did that early use of GNU/Linux drive the uptake of other open source programs?
I think that it was really healthy because when we consider creating new services and products we're not afraid of considering the open source options. Open source gets exactly the kind of treatment that it deserves here. What's funny about Google, though, is it's not open source versus proprietary, so much as it's open source versus let's create it ourselves.
[PULL QUOTE:
You can do all the things that you can do to your own code to open source: you can ship it, you don't have to pay any money or anything, you can fix any bugs, you can have a new feature. These all sound like trivial things, but you can do them all without getting permission, without having to check with anybody, without having to go to your legal team. Once the code's in your company, people are going to be able to use it like their own. And that's incredibly powerful.
END QUOTE]
What's the advantage for Google in choosing open source rather than writing it yourself?
The thing about open source, it's kind of like it is yours. You can do all the things that you can do to your own code to open source: you can ship it, you don't have to pay any money or anything, you can fix any bugs, you can have a new feature. These all sound like trivial things, but you can do them all without getting permission, without having to check with anybody, without having to go to your legal team. Once the code's in your company, people are going to be able to use it like their own. And that's incredibly powerful.
Considering that Google does an insane amount of software development, if we had to have some of the restrictions that heavily proprietary [code] would present us, we couldn't develop at the speed that we do. What open source does Google use?
We've been real clear that we use Linux, and that we use MySQL. We actually don't use the Apache web server very much at all, although when we buy companies, usually they're running Apache, so there's this transition period where they're running Apache. But the real strength for open source software at Google is actually not anything beyond Linux and MySQL so much as the libraries themselves.
The OpenSSL stuff is super important; as a company, the last thing you want to be doing is creating cryptography software. It saves us a lot of work, but more importantly, it's mature code. It's a very bad idea to use new cryptography code, because it hasn't been proven, it hasn't been attacked. What were you tasked with doing when you joined?
I was hired at Google because they decided they needed an open source person, quote unquote, and they didn't really know what that meant yet. They wanted somebody to look after their use of open source, and also, uniquely, they wanted somebody whose job it was to ensure that open source itself was healthy. We broke that down into three main parts: helping out people who were making code; creating new people to create open source code; and releasing open source code ourselves.
The bread and butter of the [open source] group [is that] we make sure that Google continues to use open source in a very healthy way, in line with the licenses, and [that] we're able to interact with the outside world and open source developers very efficiently. There are literally hundreds of Google engineers who are patching and sending in bug reports, sending in bug fixes, all the time. Where did the idea of taking on key hackers like Andrew Morton, Jeremy Allison and Guido van Rossum come from?
I think it was organic more than anything else. Google has been very public in the fact that we have three primary languages, and that's C++, Java and Python. So as part of that we try to bring on staff people who are the world leaders in those projects - Josh Bloch and Neil Gafter for Java, Guido on Python, Ian Lance Taylor and Matt Austern. We do that because having those people on staff, those projects can continue to move forward, and that's good for us; and also our use of the projects informs the directions sometimes where these projects can go.
So, seeing Linux in an environment like Google informs the direction of Linux in a lot of ways, because you get to see it in an extremely high-load, high-availability environment that you don't really see that often, and you see it on commodity hardware here. So that's really good for the outside world that Andrew [Morton] gets to see that, and that Andrew can really code whatever he wants. What's the deal for them in terms of time to work on their projects?
Contracts per employee are very different. What we've done in general in the company is that any Googler can use their 20% time on open source software, and we administer that work here in our group. Andrew Morton and Jeremy Allison are really interesting because they came in with a pre-established duty to their software, and we want to make sure that the code they release is considered above board and beyond reproach. So folks like that, we go a little bit extra, and we say: OK, what do you actually need to be able to continue to patch and be comfortable working here?
What it comes down to is we have incredible policies in place to allow Googlers to patch out, and release code, and that serves everybody in the company, and not just the stars – the open source stars I should say – we're all stars. How did the Summer of Code scheme came about?
It's funny. Greg Stein and I had presented code.google.com to the [Google] founders, and Larry Page said: Listen, I want you to do me a favor. I want you to go and find all the computer science students who aren't coding over the summer, and I want you to make sure they code. Would you do that for me? I was kind of dumbstruck. I was like, Well, I'll try. And so I came up with Summer of Code as a way of doing it.
I knew that I personally couldn't interact with that many people, but I knew that the open source movement was very good at dealing with lots of people and code. So I contacted some of my friends, on different projects, and we spun it up And how has that evolved?
This year we had a sync-up period, so once a student's application was accepted, there was actually a long period of time, almost two months, where they could get used to their organization, and sort of understand how they do things, how they can commit code. And that was incredibly useful – not because they had extra time to code, but just because this community-bonding period is really important.
It also made the midterm judging period more efficient. So with Summer of Code, we've got initial application acceptance, a midterm and a final [judgment], where the organizations say if the student is actually doing what they said they were going to do, or if they just dropped off the face of the earth. It made those judgments way clearer. It didn't really change the failure rate all that much, it just made it faster. What's the success rate?
I think we failed 19% of our students this year, so 81% success.
What does this scheme achieve for Google?
We really do take advantage of literally many hundreds of libraries, and hundreds of projects, and so we get a direct benefit that code is being written for projects that are important to us. One of the things that does happen is open source developers come here, and sometimes they stop working on open source. And we see it as being incumbent on us to replace those that we take. Also it's good to take students to show them what the real world of computer science is like.
Another side benefit is that because of Summer of Code, Google now knows all the people working on all these software projects, on which it depends. That's incredibly useful to us. Every once in a while we'll come out with a new API and there'll be some projects in the open source world that might be useful in either using that API or being a customer. You can just call them up and say, Hey guys, it's Google, we're you're pal, and let them just check it out. And then there's a small benefit to recruiting, too. It would be hard to justify the $5 million that we spent this year for any one of them, but you put them all together and it seems to make a lot of sense. Also, we do want to give back – we do take a lot of code. What about for the projects – what are the advantages for them?
There's two things that happen. There's the code that they get, often very, very useful; there's the students themselves - they get new developers from this. Even though a lot students go back to school and you don't hear from them again, a bunch of them stick around and keep on coding.
But more importantly, if you look at organizations that have done Summer of Code, something happens to them, they become suddenly really professional in bringing people into their project. And this is a huge benefit for them, because these projects are able to be healthy and to grow. One of the most significant open source releases from Google is Gears. Could you say a little about what it is, and why you decided to open source it?
Gears is an open source browser extension that enables developers to build web applications that can work offline. We knew that we could just release a plugin and make it good for our apps, but with open source other people can use it and feel safe to use it, and know that people can't just abandon the technology, because they have it too. It's a very powerful message that a lot of people don't always get, but it's a big deal. A lot of people have software toolkits now, but what it comes down to is ours is really popular because everyone has it, the same reason why we use open source code.
Another side of the Gears thing that's really important is that Google can't port it to more than, say, three or four browsers. But there are enthusiast communities who want that stuff, or have an alternative browser that isn't supported directly by us, and they can do it themselves. Which licenses do you prefer to use?
We generally release under the Apache license. We've also released under BSD, GPL, LGPL, CPL, MPL.
How do you choose?
Usually just whatever is best for the software - where the code is going, who we want to have use the code. For instance, we released our signaling specification for voice calls in Google Talk, and we wanted that to be able to used by both GAIM and by Adium on a Macintosh, and so that was one of the few times when we actually did a dual license, which was BSD and LGPL. That was also released as a Jabber enhancement proposal. We try not to be too religious about this stuff, and that's one of the reasons why we pick Apache: it is very friendly for both open source and for proprietary software.
There's been some discussion about whether Google should give back more of the code derived from open source that it uses internally to power its web services: what's your view?
A lot of people assume we use code in ways that we don't actually. We are releasing a ton of patches into the Linux kernel, so I'm really happy we're way beyond what we need to do there, and that's also true of things like OpenSSL. I have to tell you I can't get that worked up about this issue, I wish I could. We're doing so much more than the licenses have required now for so many years, that this argument kind of falls on deaf ears.
What people are really saying is: Why don't Google release more code? And I think that's a valid thing to say. I think it's kind of important they want to see Google release more code, and I agree with them. So what open source code will we see coming from Google in the future?
I know that we're getting into it in a bigger way - I'm not at liberty to talk about it. There is more coming. But even if we just did what we've got today, which is enable Google engineers to release code whenever practical, that would be a pretty great and healthy thing.
What do you see as the long-term importance of open source for Google?
I think that open source has a very important role in our culture. As we grow the company, I want to make sure that the ideals that make Google so very appealing to me, continue, because I think it keeps Google in a lot of ways good, and healthy, and pure. I know that sounds really strange, and idealistic, but that's OK. So the more open source that we use in the company, the more open source people that we attract, and the more open source code that we release, I think that it's really good for Google spiritually.
Glyn Moody writes about open source at opendotdotdot.
Memory part 3: Virtual Memory[Editor's note: this the third installment of Ulrich Drepper's "What every programmer should know about memory" document; this section talks about virtual memory, and TLB performance in particular. Those who have not read part 1 and part 2 may wish to do so now. As always, please send typo reports and the like to lwn@lwn.net rather than posting them as comments here.]
4 Virtual MemoryThe virtual memory subsystem of a processor implements the virtual address spaces provided to each process. This makes each process think it is alone in the system. The list of advantages of virtual memory are described in detail elsewhere so they will not be repeated here. Instead this section concentrates on the actual implementation details of the virtual memory subsystem and the associated costs. A virtual address space is implemented by the Memory Management Unit (MMU) of the CPU. The OS has to fill out the page table data structures, but most CPUs do the rest of the work themselves. This is actually a pretty complicated mechanism; the best way to understand it is to introduce the data structures used to describe the virtual address space. The input to the address translation performed by the MMU is a virtual address. There are usually few—if any—restrictions on its value. Virtual addresses are 32-bit values on 32-bit systems, and 64-bit values on 64-bit systems. On some systems, for instance x86 and x86-64, the addresses used actually involve another level of indirection: these architectures use segments which simply cause an offset to be added to every logical address. We can ignore this part of address generation, it is trivial and not something that programmers have to care about with respect to performance of memory handling. {Segment limits on x86 are performance-relevant but that is another story.}
4.1 Simplest Address TranslationThe interesting part is the translation of the virtual address to a physical address. The MMU can remap addresses on a page-by-page basis. Just as when addressing cache lines, the virtual address is split into distinct parts. These parts are used to index into various tables which are used in the construction of the final physical address. For the simplest model we have only one level of tables.
Figure 4.1 shows how the different parts of the virtual address are used. A top part is used to select an entry in a Page Directory; each entry in that directory can be individually set by the OS. The page directory entry determines the address of a physical memory page; more than one entry in the page directory can point to the same physical address. The complete physical address of the memory cell is determined by combining the page address from the page directory with the low bits from the virtual address. The page directory entry also contains some additional information about the page such as access permissions. The data structure for the page directory is stored in memory. The OS has to allocate contiguous physical memory and store the base address of this memory region in a special register. The appropriate bits of the virtual address are then used as an index into the page directory, which is actually an array of directory entries. For a concrete example, this is the layout used for 4MB pages on x86 machines. The Offset part of the virtual address is 22 bits in size, enough to address every byte in a 4MB page. The remaining 10 bits of the virtual address select one of the 1024 entries in the page directory. Each entry contains a 10 bit base address of a 4MB page which is combined with the offset to form a complete 32 bit address.
4.2 Multi-Level Page Tables4MB pages are not the norm, they would waste a lot of memory since many operations an OS has to perform require alignment to memory pages. With 4kB pages (the norm on 32-bit machines and, still, often on 64-bit machines), the Offset part of the virtual address is only 12 bits in size. This leaves 20 bits as the selector of the page directory. A table with 220 entries is not practical. Even if each entry would be only 4 bytes the table would be 4MB in size. With each process potentially having its own distinct page directory much of the physical memory of the system would be tied up for these page directories. The solution is to use multiple levels of page tables. These can then represent a sparse huge page directory where regions which are not actually used do not require allocated memory. The representation is therefore much more compact, making it possible to have the page tables for many processes in memory without impacting performance too much. Today the most complicated page table structures comprise four levels. Figure 4.2 shows the schematics of such an implementation.
The virtual address is, in this example, split into at least five parts. Four of these parts are indexes into the various directories. The level 4 directory is referenced using a special-purpose register in the CPU. The content of the level 4 to level 2 directories is a reference to next lower level directory. If a directory entry is marked empty it obviously need not point to any lower directory. This way the page table tree can be sparse and compact. The entries of the level 1 directory are, just like in Figure 4.1, partial physical addresses, plus auxiliary data like access permissions. To determine the physical address corresponding to a virtual address the processor first determines the address of the highest level directory. This address is usually stored in a register. Then the CPU takes the index part of the virtual address corresponding to this directory and uses that index to pick the appropriate entry. This entry is the address of the next directory, which is indexed using the next part of the virtual address. This process continues until it reaches the level 1 directory, at which point the value of the directory entry is the high part of the physical address. The physical address is completed by adding the page offset bits from the virtual address. This process is called page tree walking. Some processors (like x86 and x86-64) perform this operation in hardware, others need assistance from the OS. Each process running on the system might need its own page table tree. It is possible to partially share trees but this is rather the exception. It is therefore good for performance and scalability if the memory needed by the page table trees is as small as possible. The ideal case for this is to place the used memory close together in the virtual address space; the actual physical addresses used do not matter. A small program might get by with using just one directory at each of levels 2, 3, and 4 and a few level 1 directories. On x86-64 with 4kB pages and 512 entries per directory this allows the addressing of 2MB with a total of 4 directories (one for each level). 1GB of contiguous memory can be addressed with one directory for levels 2 to 4 and 512 directories for level 1. Assuming all memory can be allocated contiguously is too simplistic, though. For flexibility reasons the stack and the heap area of a process are, in most cases, allocated at pretty much opposite ends of the address space. This allows either area to grow as much as possible if needed. This means that there are most likely two level 2 directories needed and correspondingly more lower level directories. But even this does not always match current practice. For security reasons the various parts of an executable (code, data, heap, stack, DSOs, aka shared libraries) are mapped at randomized addresses [nonselsec]. The randomization extends to the relative position of the various parts; that implies that the various memory regions in use in a process are widespread throughout the virtual address space. By applying some limits to the number of bits of the address which are randomized the range can be restricted, but it certainly, in most cases, will not allow a process to run with just one or two directories for levels 2 and 3. If performance is really much more important than security, randomization can be turned off. The OS will then usually at least load all DSOs contiguously in virtual memory.
4.3 Optimizing Page Table AccessAll the data structures for the page tables are kept in the main memory; this is where the OS constructs and updates the tables. Upon creation of a process or a change of a page table the CPU is notified. The page tables are used to resolve every virtual address into a physical address using the page table walk described above. More to the point: at least one directory for each level is used in the process of resolving a virtual address. This requires up to four memory accesses (for a single access by the running process) which is slow. It is possible to treat these directory table entries as normal data and cache them in L1d, L2, etc., but this would still be far too slow. From the earliest days of virtual memory, CPU designers have used a different optimization. A simple computation can show that only keeping the directory table entries in the L1d and higher cache would lead to horrible performance. Each absolute address computation would require a number of L1d accesses corresponding to the page table depth. These accesses cannot be parallelized since they depend on the previous lookup's result. This alone would, on a machine with four page table levels, require at the very least 12 cycles. Add to that the probability of an L1d miss and the result is nothing the instruction pipeline can hide. The additional L1d accesses also steal precious bandwidth to the cache. So, instead of just caching the directory table entries, the complete computation of the address of the physical page is cached. For the same reason that code and data caches work, such a cached address computation is effective. Since the page offset part of the virtual address does not play any part in the computation of the physical page address, only the rest of the virtual address is used as the tag for the cache. Depending on the page size this means hundreds or thousands of instructions or data objects share the same tag and therefore same physical address prefix. The cache into which the computed values are stored is called the Translation Look-Aside Buffer (TLB). It is usually a small cache since it has to be extremely fast. Modern CPUs provide multi-level TLB caches, just as for the other caches; the higher-level caches are larger and slower. The small size of the L1TLB is often made up for by making the cache fully associative, with an LRU eviction policy. Recently, this cache has been growing in size and, in the process, was changed to be set associative. As a result, it might not be the oldest entry which gets evicted and replaced whenever a new entry has to be added. As noted above, the tag used to access the TLB is a part of the virtual address. If the tag has a match in the cache, the final physical address is computed by adding the page offset from the virtual address to the cached value. This is a very fast process; it has to be since the physical address must be available for every instruction using absolute addresses and, in some cases, for L2 look-ups which use the physical address as the key. If the TLB lookup misses the processor has to perform a page table walk; this can be quite costly. Prefetching code or data through software or hardware could implicitly prefetch entries for the TLB if the address is on another page. This cannot be allowed for hardware prefetching because the hardware could initiate page table walks that are invalid. Programmers therefore cannot rely on hardware prefetching to prefetch TLB entries. It has to be done explicitly using prefetch instructions. TLBs, just like data and instruction caches, can appear in multiple levels. Just as for the data cache, the TLB usually appears in two flavors: an instruction TLB (ITLB) and a data TLB (DTLB). Higher-level TLBs such as the L2TLB are usually unified, as is the case with the other caches.
4.3.1 Caveats Of Using A TLB The TLB is a processor-core global resource. All threads and processes executed on the processor core use the same TLB. Since the translation of virtual to physical addresses depends on which page table tree is installed, the CPU cannot blindly reuse the cached entries if the page table is changed. Each process has a different page table tree (but not the threads in the same process) as does the kernel and the VMM (hypervisor) if present. It is also possible that the address space layout of a process changes. There are two ways to deal with this problem:
In the first case the TLB is flushed whenever a context switch is performed. Since, in most OSes, a switch from one thread/process to another one requires executing some kernel code, TLB flushes are restricted to entering and leaving the kernel address space. On virtualized systems it also happens when the kernel has to call the VMM and on the way back. If the kernel and/or VMM does not have to use virtual addresses, or can reuse the same virtual addresses as the process or kernel which made the system/VMM call, the TLB only has to be flushed if, upon leaving the kernel or VMM, the processor resumes execution of a different process or kernel. Flushing the TLB is effective but expensive. When executing a system call, for instance, the kernel code might be restricted to a few thousand instructions which touch, perhaps, a handful of new pages (or one huge page, as is the case for Linux on some architectures). This work would replace only as many TLB entries as pages are touched. For Intel's Core2 architecture with its 128 ITLB and 256 DTLB entries, a full flush would mean that more than 100 and 200 entries (respectively) would be flushed unnecessarily. When the system call returns to the same process, all those flushed TLB entries could be used again, but they will be gone. The same is true for often-used code in the kernel or VMM. On each entry into the kernel the TLB has to be filled from scratch even though the page tables for the kernel and VMM usually do not change and, therefore, TLB entries could, in theory, be preserved for a very long time. This also explains why the TLB caches in today's processors are not bigger: programs most likely will not run long enough to fill all these entries.
This fact, of course, did not escape the CPU architects. One possibility to optimize the cache flushes is to individually invalidate TLB entries. For instance, if the kernel code and data falls into a specific address range, only the pages falling into this address range have to evicted from the TLB. This only requires comparing tags and, therefore, is not very expensive. This method is also useful in case a part of the address space is changed, for instance, through a call to munmap. A much better solution is to extend the tag used for the TLB access. If, in addition to the part of the virtual address, a unique identifier for each page table tree (i.e., a process's address space) is added, the TLB does not have to be completely flushed at all. The kernel, VMM, and the individual processes all can have unique identifiers. The only issue with this scheme is that the number of bits available for the TLB tag is severely limited, while the number of address spaces is not. This means some identifier reuse is necessary. When this happens the TLB has to be partially flushed (if this is possible). All entries with the reused identifier must be flushed but this is, hopefully, a much smaller set.
This extended TLB tagging is of general advantage when multiple processes are running on the system. If the memory use (and hence TLB entry use) of each of the runnable processes is limited, there is a good chance the most recently used TLB entries for a process are still in the TLB when it gets scheduled again. But there are two additional advantages:
Some processors have, for some time, implemented these extended tags. AMD introduced a 1-bit tag extension with the Pacifica virtualization extensions. This 1-bit Address Space ID (ASID) is, in the context of virtualization, used to distinguish the VMM's address space from that of the guest domains. This allows the OS to avoid flushing the guest's TLB entries every time the VMM is entered (for instance, to handle a page fault) or the VMM's TLB entries when control returns to the guest. The architecture will allow the use of more bits in the future. Other mainstream processors will likely follow suit and support this feature.
4.3.2 Influencing TLB Performance There are a couple of factors which influence TLB performance. The first is the size of the pages. Obviously, the larger a page is, the more instructions or data objects will fit into it. So a larger page size reduces the overall number of address translations which are needed, meaning that fewer entries in the TLB cache are needed. Most architectures allow the use of multiple different page sizes; some sizes can be used concurrently. For instance, the x86/x86-64 processors have a normal page size of 4kB but they can also use 4MB and 2MB pages respectively. IA-64 and PowerPC allow sizes like 64kB as the base page size. The use of large page sizes brings some problems with it, though. The memory regions used for the large pages must be contiguous in physical memory. If the unit size for the administration of physical memory is raised to the size of the virtual memory pages, the amount of wasted memory will grow. All kinds of memory operations (like loading executables) require alignment to page boundaries. This means, on average, that each mapping wastes half the page size in physical memory for each mapping. This waste can easily add up; it thus puts an upper limit on the reasonable unit size for physical memory allocation. It is certainly not practical to increase the unit size to 2MB to accommodate large pages on x86-64. This is just too large a size. But this in turn means that each large page has to be comprised of many smaller pages. And these small pages have to be contiguous in physical memory. Allocating 2MB of contiguous physical memory with a unit page size of 4kB can be challenging. It requires finding a free area with 512 contiguous pages. This can be extremely difficult (or impossible) after the system runs for a while and physical memory becomes fragmented. On Linux it is therefore necessary to pre-allocate these big pages at system start time using the special hugetlbfs filesystem. A fixed number of physical pages are reserved for exclusive use as big virtual pages. This ties down resources which might not always be used. It also is a limited pool; increasing it normally means restarting the system. Still, huge pages are the way to go in situations where performance is a premium, resources are plenty, and cumbersome setup is not a big deterrent. Database servers are an example. Increasing the minimum virtual page size (as opposed to optional big pages) has its problems, too. Memory mapping operations (loading applications, for example) must conform to these page sizes. No smaller mappings are possible. The location of the various parts of an executable have, for most architectures, a fixed relationship. If the page size is increased beyond what has been taken into account when the executable or DSO was built, the load operation cannot be performed. It is important to keep this limitation in mind. Figure 4.3 shows how the alignment requirements of an ELF binary can be determined. It is encoded in the ELF program header.
$ eu-readelf -l /bin/ls Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align ... LOAD 0x000000 0x0000000000400000 0x0000000000400000 0x0132ac 0x0132ac R E 0x200000 LOAD 0x0132b0 0x00000000006132b0 0x00000000006132b0 0x001a71 0x001a71 RW 0x200000 ... Figure 4.3: ELF Program Header Indicating Alignment Requirements In this example, an x86-64 binary, the value is 0x200000 = 2,097,152 = 2MB which corresponds to the maximum page size supported by the processor. There is a second effect of using larger page sizes: the number of levels of the page table tree is reduced. Since the part of the virtual address corresponding to the page offset increases, there are not that many bits left which need to be handled through page directories. This means that, in case of a TLB miss, the amount of work which has to be done is reduced. Beyond using large page sizes, it is possible to reduce the number of TLB entries needed by moving data which is used at the same time to fewer pages. This is similar to some optimizations for cache use we talked about above. Only now the alignment required is large. Given that the number of TLB entries is quite small this can be an important optimization.
4.4 Impact Of VirtualizationVirtualization of OS images will become more and more prevalent; this means another layer of memory handling is added to the picture. Virtualization of processes (basically jails) or OS containers do not fall into this category since only one OS is involved. Technologies like Xen or KVM enable—with or without help from the processor—the execution of independent OS images. In these situations there is one piece of software alone which directly controls access to the physical memory.
In the case of Xen (see Figure 4.4) the Xen VMM is that piece of software. The VMM does not implement many of the other hardware controls itself, though. Unlike VMMs on other, earlier systems (and the first release of the Xen VMM) the hardware outside of memory and processors is controlled by the privileged Dom0 domain. Currently, this is basically the same kernel as the unprivileged DomU kernels and, as far as memory handling is concerned, they do not differ. Important here is that the VMM hands out physical memory to the Dom0 and DomU kernels which, themselves, then implement the usual memory handling as if they were running directly on a processor. To implement the separation of the domains which is required for the virtualization to be complete, the memory handling in the Dom0 and DomU kernels does not have unrestricted access to physical memory. The VMM does not hand out memory by giving out individual physical pages and letting the guest OSes handle the addressing; this would not provide any protection against faulty or rogue guest domains. Instead, the VMM creates its own page table tree for each guest domain and hands out memory using these data structures. The good thing is that access to the administrative information of the page table tree can be controlled. If the code does not have appropriate privileges it cannot do anything. This access control is exploited in the virtualization Xen provides, regardless of whether para- or hardware (aka full) virtualization is used. The guest domains construct their page table trees for each process in a way which is intentionally quite similar for para- and hardware virtualization. Whenever the guest OS modifies its page tables the VMM is invoked. The VMM then uses the updated information in the guest domain to update its own shadow page tables. These are the page tables which are actually used by the hardware. Obviously, this process is quite expensive: each modification of the page table tree requires an invocation of the VMM. While changes to the memory mapping are not cheap without virtualization they become even more expensive now. The additional costs can be really large, considering that the changes from the guest OS to the VMM and back themselves are already quite expensive. This is why the processors are starting to have additional functionality to avoid the creation of shadow page tables. This is good not only because of speed concerns but it also reduces memory consumption by the VMM. Intel has Extended Page Tables (EPTs) and AMD calls it Nested Page Tables (NPTs). Basically both technologies have the page tables of the guest OSes produce virtual physical addresses. These addresses must then be further translated, using the per-domain EPT/NPT trees, into actual physical addresses. This will allow memory handling at almost the speed of the no-virtualization case since most VMM entries for memory handling are removed. It also reduces the memory use of the VMM since now only one page table tree for each domain (as opposed to process) has to be maintained. The results of the additional address translation steps are also stored in the TLB. That means the TLB does not store the virtual physical address but, instead, the complete result of the lookup. It was already explained that AMD's Pacifica extension introduced the ASID to avoid TLB flushes on each entry. The number of bits for the ASID is one in the initial release of the processor extensions; this is just enough to differentiate VMM and guest OS. Intel has virtual processor IDs (VPIDs) which serve the same purpose, only there are more of them. But the VPID is fixed for each guest domain and therefore it cannot be used to mark separate processes and avoid TLB flushes at that level, too. The amount of work needed for each address space modification is one problem with virtualized OSes. There is another problem inherent in VMM-based virtualization, though: there is no way around having two layers of memory handling. But memory handling is hard (especially when taking complications like NUMA into account, see Section 5). The Xen approach of using a separate VMM makes optimal (or even good) handling hard since all the complications of a memory management implementation, including “trivial” things like discovery of memory regions, must be duplicated in the VMM. The OSes have fully-fledged and optimized implementations; one really wants to avoid duplicating them.
This is why carrying the VMM/Dom0 model to its conclusion is such an attractive alternative. Figure 4.5 shows how the KVM Linux kernel extensions try to solve the problem. There is no separate VMM running directly on the hardware and controlling all the guests; instead, a normal Linux kernel takes over this functionality. This means the complete and sophisticated memory handling functionality in the Linux kernel is used to manage the memory of the system. Guest domains run alongside the normal user-level processes in what the creators call “guest mode”. The virtualization functionality, para- or full virtualization, is controlled by another user-level process, the KVM VMM. This is just another process which happens to control a guest domain using the special KVM device the kernel implements. The benefit of this model over the separate VMM of the Xen model is that, even though there are still two memory handlers at work when guest OSes are used, there only needs to be one implementation, that in the Linux kernel. It is not necessary to duplicate the same functionality in another piece of code like the Xen VMM. This leads to less work, fewer bugs, and, perhaps, less friction where the two memory handlers touch since the memory handler in a Linux guest makes the same assumptions as the memory handler in the outer Linux kernel which runs on the bare hardware. Overall, programmers must be aware that, with virtualization used, the cost of memory operations is even higher than without virtualization. Any optimization which reduces this work will pay off even more in virtualized environments. Processor designers will, over time, reduce the difference more and more through technologies like EPT and NPT but it will never completely go away.
Security Home routers and security flawsA message to Bugtraq about vulnerabilities in the British Telecom (BT) Home Hub this week had a familiar ring to it. We covered a cautionary posting about these kinds of problems in May, now we have a report of easily exploited flaws in a home router that is widely deployed in the UK. Unfortunately, we will probably have to cover the problem again, as these devices are becoming ubiquitous, while the manufacturers and distributors are, seemingly, leaving the security testing to their users. The Home Hub is a standard Thompson/Alcatel DSL router, branded and distributed by BT, that provides VoIP and digital television in addition to internet access. It also has Wi-Fi connectivity which can provide shared access to the neighborhood via the Fon network. Overall, it sounds like a nice device, providing multiple useful features, but it evidently can be completely taken over ("owned") rather easily. The exact details of the exploits used are not revealed, but the video linked from the discoverer's website shows web access to the router's administration screen after luring the victim into following a malicious link. The description of the flaws found read like a laundry list of web application flaws: cross-site scripting, cross-site request forgery, and authentication bypass. Though the router runs Linux, presumably the flaws are specific to the application software or configuration of the router; at least no more widespread vulnerability was reported. Full access to the router configuration allows for a mind-boggling number of malicious uses. As is pointed out in the posting, one could steal VoIP credentials, reroute VoIP calls for eavesdropping, steal the WEP keys, change the DNS to point to a server under the attacker's control in order to steal credentials, etc. Most of these would be completely undetectable in normal use and the owner might go a long time before noticing that the settings had changed – if they can even log in anymore. According to the website, BT has responded and is investigating the flaws, presumably some kind of update will be forthcoming. Home routers are particularly sensitive targets, precisely because of the undetectable nature of the attack. If the attacker is careful enough not to interrupt normal functioning, the owner will have no reason to check the configuration. These kinds of problems are not restricted to routers or embedded networking devices, of course, but they do make tempting targets. Because of that, and the difficulty of ensuring that all customers get a critical security update, vendors of these products and the internet providers that push them need to test very carefully. Someone other than the developers should be tasked with strenuous penetration testing on a device like this, before it gets in the hands of customers. Updating the devices in the field pose a number of problems; the obvious solution is to do it automatically, without customer intervention. But, as iPhone unlockers recently found out, that can lead to unwanted "upgrades". It is an uneasy balancing act – customers will need to trust the device providers to only update for bugs or security holes, while the providers will need to earn that trust by not breaking functionality the customer relies upon. Otherwise, folks will figure out ways to disable the auto-update functionality, completely defeating the purpose. This particular incident seems not to exploit any particular Linux problem, but we might not be so lucky the next time. It would be a tragedy to see Linux linked with an in-the-wild exploit of a vulnerable device. An unknown exploit (a so-called "zero day") would be bad enough, but a known kernel bug that did not get properly updated would be a far worse black eye.
Brief items Gathering 'Storm' Superworm Poses Grave Threat to PC Nets (Wired)Bruce Schneier worries about the Storm worm on Wired. "Rather than having all hosts communicate to a central server or set of servers, Storm uses a peer-to-peer network for C2. This makes the Storm botnet much harder to disable. The most common way to disable a botnet is to shut down the centralized control point. Storm doesn't have a centralized control point, and thus can't be shut down that way."
New vulnerabilities debian-goodies: privilege escalation
gforge: cross-site scripting
imagemagick: multiple vulnerabilities
opal: denial of service
pwlib: denial of service
ruby: insufficient SSL certificate validation
tk: arbitrary code execution via malformed GIF
util-linux: privilege escalation
x11: xfs font server overflows
xen: privilege escalation
Updated vulnerabilities acroread: multiple vulnerabilities
apache2: information disclosure
apache: multiple vulnerabilities
apache: cross-site scripting
httpd: denial of service, cross-site scripting
avahi: denial of service
bochs: buffer overflow
bugzilla: multiple vulnerabilities
cacti: denial of service
centericq: buffer overflows
clamav: denial of service
clamav: multiple vulnerabilities
cpio: arbitrary code execution
vixie-cron: privilege escalation
cscope: buffer overflows
cscope: buffer overflows
cups: denial of service
gpdf: integer overflow
dovecot: privilege escalation
dovecot: directory traversal
eggdrop: stack-based buffer overflow
elinks: remote data sniffing
elinks: code execution
elinks: arbitrary file access
evolution: format string error
evolution-data-server: malicious server arbitrary code execution
pop mail man-in-the-middle attacks
fetchmail: denial of service
file: integer overflow
firebird: buffer overflow
firefox: multiple vulnerabilities
firefox, thunderbird, seamonkey: multiple vulnerabilities
flac123: arbitrary code execution
freetype: arbitrary code execution
freetype: integer overflows
gallery2: multiple unspecified vulnerabilities
gcc: file overwrite vulnerability
gd: buffer overflow
gd: multiple vulnerabilities
gd: denial of service
gedit: format string vulnerability
gimp: multiple vulnerabilities
openssh: inappropriate use of trusted cookies
grip: buffer overflow
gzip: multiple vulnerabilities
horde-kronolith: local file inclusion
ImageMagick: integer overflows
jasper: denial of service
java: multiple vulnerabilities
java-1.5.0-sun: multiple vulnerabilities
JRockit: multiple vulnerabilities
kdebase: several vulnerabilities
kdebase: kdm passwordless login vulnerability
kdelibs: kate backup file permission leak
kernel: denial of service
kernel: denial of service
kernel: denial of service
kernel: out-of-bounds access
kernel: multiple vulnerabilities
kernel: denial of service
kernel: denial of service
kernel: ALSA returns incorrect write size
kernel: denial of service
kernel: denial of service
kernel: denial of service by memory consumption
kernel: denial of service
kernel: several vulnerabilities
kernel: signal handling flaw on PPC
kernel: several vulnerabilities
kernel: denial of service
kernel: denial of service
kernel: multiple vulnerabilities
kernel: several vulnerabilities
krb5: multiple vulnerabilities
krb5: uninitialized pointers
krb5: local privilege escalation
krb5: buffer overflow, uninitialized pointer
krb5: multiple vulnerabilities
ktorrent: incorrect validation
kvirc: remote arbitrary code execution
lftp: shell command execution
libarchive: pax extension header vulnerabilities
libexif: integer overflow
libmodplug: boundary errors
libphp-phpmailer: command execution
libpng: denial of service
libpng: buffer overflow
libpng: heap based buffer overflow
libsndfile: heap-based buffer overflow
libtiff: buffer overflow
libvorbis: multiple memory corruption flaws
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
lighttpd: buffer overflow
lighttpd: denial of service
lookup-el: insecure temporary file
lynx: arbitrary command execution
mapserver: multiple cross-site scripting vulnerabilities
mod_jk: proxy bypass
moin: arbitrary JavaScript execution
moodle: cross-site scripting
mplayer: buffer overflow
mplayer: heap-based buffer overflow
mydns: buffer overflows
mysql: denial of service
mysql: format string bug
MySQL: privilege violations
mysql: multiple vulnerabilities
MySQL: logging bypass
nbd: arbitrary code execution
ncompress: buffer underflow
nginx: cross site scripting
OpenOffice.org: arbitrary code execution
openoffice.org: arbitrary code execution via TIFF images
OpenSSH: denial of service
openssh: remote denial of service
openssl: off-by-one error
openssl: private key attack
opera: multiple vulnerabilities
pam: privilege escalation
perl-Net-DNS: predictable id sequence
php: multiple vulnerabilities
php: several vulnerabilities
php: multiple vulnerabilities
php: buffer overflows
phpbb2: missing input sanitizing
phpbb2: multiple vulnerabilities
phpmyadmin: multiple vulnerabilities
phpPgAdmin: cross-site scripting
pidgin: denial of service
postgresql: several vulnerabilities
proftpd: authentication bypass
pulseaudio: denial of service
python: information disclosure
qemu: multiple vulnerabilities
qgit: arbitrary code execution
qt: arbitrary code execution
qt: buffer overflow
quagga: denial of service
quake: buffer overflow
redhat-cluster-suite: denial of service
rsync: off-by-one errors
samba: incorrect group assignment
slocate: information disclosure
star: directory traversal vulnerability
streamripper: buffer overflow
Sun JDK/JRE: multiple vulnerabilities
sylpheed: format string vulnerability
sysstat: insecure temporary files
t1lib: buffer overflow
tar: symlink path traversal vulnerability
tcpdump: integer overflow
tcpdump: denial of service
tcp-wrappers: unauthorized access
terminal: arbitrary code execution
tetex: buffer overflow
tomcat: directory traversal
tomcat: cross-site scripting
tomcat: multiple vulnerabilities
vim: arbitrary code execution
vixie-cron: weak permissions may cause errors
vlc: several vulnerabilities
wireshark: multiple vulnerabilities
XFree86 X.org: integer overflows
xine-lib: arbitrary code execution
xine-lib: buffer overflow
xmms: BMP handling vulnerability
X.org: temp file vulnerability
xorg-server: local privilege escalation
xterm: local user unauthorized access
Page editor: Jake Edge Kernel development Brief items Kernel release statusThe current stable 2.6 release is 2.6.23, released, finally, on October 9. For those just tuning in, 2.6.23 includes the CFS CPU scheduler, the fallocate() system call, a new generic SCSI driver, some memory fragmentation avoidance work, SMP guest support in KVM, the UIO user-space driver framework, Lguest, and much more. See the KernelNewbies 2.6.23 page for vast amounts of information or the long-format changelog for the full list of changesets in 2.6.23.The 2.6.22.10 stable update was released on October 10 with about one dozen fixes. For older kernels: 2.6.16.54 was released on October 7 with a handful of changes, mostly in the MD subsystem. 2.6.16.55-rc1, released on the same day, has fixes for several security issues.
Kernel development news Quotes of the week
I don't know how long you've been watching, but no attempt to get
an LSM upstream has escaped exaggerated criticism from certain
factions. Only someone who wants to get cut to metaphorical ribbons
would submit a little LSM.
-- Casey Schaufler
I'm more than twice as effective as Viagra.
-- Dave Jones
PF_CANThe Controller Area Network (CAN) specification describes a networking stack aimed at a specific environment: embedded, realtime controller networks. At the physical layer, it uses a differential serial technology which is intended to be highly resistant to electrical noise. The higher-level protocols use short datagrams (eight bytes maximum payload) and extensive checksumming to minimize the effect of errors. The protocols are simple in the extreme, placing the smallest possible demand on embedded controllers. CAN will be found in relatively small and hostile environments - inside automobiles, for example. So it makes sense that an automobile manufacturer - not the sort of company known for leading-edge Linux kernel development - is working to get a CAN implementation into the mainline kernel.There have been CAN implementations on Linux before, though none have made their way into the mainline. Most of them, however, have taken the easy way out: make a CAN controller look more-or-less like a serial port and implement the protocols at the application level. This approach works, but it loses the advantages of having a networking stack around. Any CAN application which wants to take advantage of queueing, quality-of-service controls, the familiar socket API, etc. must implement that functionality itself. All of this may soon change, though, as the PF_CAN protocol family patches posted by Urs Thuermann, Oliver Hartkopp, and several others, matures. As would be expected, these patches add a new PF_CAN protocol family which can be passed to the socket() system call. From there, sockets can be bound, read from, and written to in all the usual ways. Basic raw sockets can be used to send and receive datagrams on the (broadcast) bus. There is a mechanism for adding filters so that only datagrams of interest are received on a given interface. The PF_CAN implementation also comes with network drivers for a number of CAN interfaces. All told, it looks about as one would expect for a new network protocol family within the kernel. With this code in place, applications using CAN look almost like any other network-based Linux application. What caught your editor's eye with this patch set was the fact that it is being posted by some developers at Volkswagen. It is not uncommon to see Linux used in any number of embedded applications, and it is not surprising to see companies extending Linux in ways which make it more useful for their purposes - the ability to do so is one of the reasons for using Linux in the first place. But it is rather less common to see companies whose core competence is far from kernel hacking try to contribute changes back to the mainline. So your editor dropped Mr. Thuermann a note asking a few questions about this work. It turns out that creating network-based CAN support for Linux has been a long task:
Quite a few CAN programmers come from a micro-controller background
and have difficulties understanding our network oriented approach.
On the other hand, network oriented people often find some designs
in PF_CAN strange, where CAN makes it difficult (i.e. no addresses,
not really layered) to have it look like other networking
protocols. Therefore, it has taken us more than one year of
discussion on the socketcan mailing list to achieve and agree on
the current design.
The resulting patch set is just now getting close to its culmination; Urs would like to encourage anybody who is interested in how the CAN implementation has been designed to look at the documentation and the mailing list archives before jumping in. The next question that tends to come to mind is something along the lines of "how do I get root access on my VW?" It turns out that the combination of Linux and CAN is not - yet - being shipped in any of VW's cars. It is heavily used in a number of research projects, though; Urs mentioned potential applications in user interfaces, "infotainment," navigation systems, car-to-car communications, and more. CAN is also used to communicate with onboard systems from external diagnostic and monitoring systems. Whether Linux/CAN-based systems will ever find their way into production vehicles from VW remains to be seen. As Urs put it:
Let's wait and see if this becomes true :-) But I wouldn't bet on
it. If you see the source disk in the glove box of your newly
purchased car, that'd be really cool.
Regardless of what one manufacturer decides to use, though, it seems clear that there should be plenty of potential users for a CAN implementation which is properly built into Linux. Handheld gadgets are only a subset of the embedded application space; many complex embedded systems will need this sort of simple, resilient communications infrastructure. First, though, this code needs to find its way into the mainline. The CAN developers had a bit of a disconnect with the networking maintainers back in August which will not have helped that cause. The issues would appear to have been resolved, and the CAN developers are posting patches and fixing the issues which are brought up by reviewers. Inclusion in 2.6.24 seems highly unlikely, but one more development cycle might be enough to get this code into shape for merging. All things considered, a bump or two during the review process for a patch like this is not particularly surprising. Companies like Volkswagen are not in the habit of contributing kernel patches. Instead, VW has done some work which was useful for its own purposes and is now making the (considerable) extra effort to share that code with the rest of the world. VW's developers do not work with the development process every day; it is not surprising that some friction resulted here. To their credit, those developers managed to overcome the issues and appear to be sticking with the process through to the end. This story could be repeated many times, for better or for worse. There will be no end of companies adapting Linux to their specific needs - that is why some of them will use free software in the first place. If we are lucky, some of those companies will try to contribute their work back so that others can make use of it and improve on it. These companies will not be familiar with our processes and may lack the time and the will to persevere in the face of a hostile reaction. Finding ways of helping these companies get their work into the mainline would appear to be in everybody's interest; otherwise we may well lose contributions we would have rather merged. (See also: Wikipedia for more information on Controller Area Network).
Playing with printk()The venerable printk() function is one of the primary communication channels from the kernel to user space. printk() looks much like the standard C printf(), but with a few differences, including support for log levels. This function has not seen much change in recent times, but there are now a couple of people looking at enhancing it in various ways.The most ambitious changes are being pushed by Vegard Nossum. This work came initially from the discussion of the revived Linux-tiny patch set. One of the quickest ways to reduce the size of a binary kernel image is to remove all of the printk() calls and their associated format strings. The downside of doing that, of course, is that it results in a kernel which can no longer communicate. If something starts to go wrong on a printk()-less system, there is often no way to determine what the problem is. Usually only one experience like that is required before one decides that, perhaps, storing a few thousand format strings is not the worst possible use for a bit of memory. Vegard's original patch addressed this problem by reworking the definition of printk() such that calls below a given log level could be dropped at compile time. With this change in place, debugging messages could be removed from the kernel while the more important messaged would be retained. This change is made at the cost of creating a whole new kprint() infrastructure and breaking occasional printk() callers, though. This patch also made a number of other changes aimed at different objectives. In particular, Vegard is trying to help developers who are looking to translate kernel messages into other languages on the fly. Supporting translation directly inside the kernel has never been a popular option, so that part of the task must be done in user space. But people working on translation still think it would be nice if the messages coming out of the kernel were formatted in a way which made translation easier. One of the things which complicates translation, it seems, is the encoding of arguments into kernel messages. What the translation developers would like to see is a format where arguments are kept separate from the format string itself, making it easy to write expressions which match the strings and, perhaps, do something intelligent with the arguments separately. So Vegard's patch changed the output format (as seen in the kernel log buffer) entirely. Arguments were encoded, but kept separate with the idea that the user-space log daemon would put things together. So, while a current kernel might print something like:
usb-storage: cheesy flash drive detected at 12
the new format would be more like:
"usb-storage: cheesy flash drive detected at %d", "12"
In fact, there was more to it than that - the new format also included fields for the log level, current time, file name, line number, and current function. This patch raised a few eyebrows. A patch which was intended to help shrink the kernel, but which, in the end, added a new log buffer format and about 1600 lines to the kernel tree seemed a bit inconsistent. Nobody really wants to have to put together a more complicated user-space log daemon just to make sense of kernel messages. Overall, it seemed like the addition of a fair amount of complexity for not much gain. So this patch did not get very far. Acting on a suggestion from Alan Cox, Vegard came back with a much simpler solution aimed at the translation problem. Rather than create an entirely new log format, the new patch simply puts marker characters (0x1f) around each encoded argument. This character does not display on serial consoles (though it does result in "funny symbols" on VGA consoles, currently), but it can be picked out by translation code. This more focused solution has not yet gotten a lot of feedback, but it might point the way toward the creation of more translation-friendly messages without forcing big changes to the kernel - or to the habits of kernel developers. Meanwhile, Jan Engelhardt decided to stir things up and improve the "cuteness" of Linux by adding a color output option for kernel messages. The initial version of the patch set a single color for all messages; later updates added per-loglevel coloring as well. Some developers like this feature, while others see it as useless bloat. One remarked that "Coloring isn't useful. If it was, it would be implemented ~16 years ago." In the end, the patch is small and the default output does not change, so there probably is no real reason for it not to go in. One can only hope the distributors can resist the temptation to set up message colors which are as garishly unreadable as those they seem to prefer for tools like ls.
The design of preemptible read-copy-updateThis document walks through the design of preemptible RCU.IntroductionRead-copy update (RCU) is a synchronization API that is sometimes used in place of reader-writer locks. RCU's read-side primitives offer extremely low overhead and deterministic execution time. The downside of this deterministic read-side execution time is that RCU updaters cannot block RCU readers. This means that RCU updaters can be expensive, as they must leave old versions of the data structure in place to accommodate pre-existing readers. Furthermore, these old versions must be reclaimed after all pre-existing readers complete. A time period during which all such pre-existing readers complete is called a "grace period". The Linux kernel offers a number of RCU implementations, the first
such implementation being called "Classic RCU".
More material introducing RCU may be found in the
The RCU implementation for the -rt patchset is unusual in that
it permits read-side critical
sections to be preempted and to be blocked waiting for locks.
However, it does not handle general blocking
(for example, via the
The new preemptible RCU implementation that was submitted to LKML (most recently with this patch as of this writing) removes these limitations, and this document describes its design. Quick Quiz 1: Why is it important that blocking primitives called from within a preemptible-RCU read-side critical section be subject to priority inheritance? Quick Quiz 2:
Could the prohibition against using primitives
that would block in a non- Conceptual RCUUnderstanding and validating an RCU implementation is much easier given a view of RCU at the lowest possible level. In contrast with other RCU documentation, the goal of this section is not to help you understand how to use RCU, but rather to understand the most basic concurrency requirements that an RCU implementation must support. RCU implementations must obey the following rule: if any statement in a given RCU read-side critical section precedes a grace period, then all statements in that RCU read-side critical section must complete before that grace period ends. This is illustrated by the following picture, where time advances from left to right:
The red "Removal" box represents the update-side critical section that
modifies the RCU-protected data structure, for example, via
So, what is the poor RCU implementation to do in this situation? It must extend the grace period, perhaps as shown below:
In short, the RCU implementation must ensure that any RCU read-side critical sections in progress at the start of a given grace period have completely finished, memory operations and all, before that grace period is permitted to complete. This fact allows RCU validation to be extremely focused: simply demonstrate that any RCU read-side critical section in progress at the beginning of a grace period must terminate before that grace period ends, along with sufficient barriers to prevent either the compiler or the CPU from undoing the RCU implementation's work. Overview of Preemptible RCU AlgorithmThis section focuses on a specific implementation of preemptible RCU. Many other implementations are possible, and for additional discussion of these other possibilities, please see the 2006 OLS paper or the 2005 linux.conf.au paper.Instead, this article focuses on the general approach, the data structures, the grace-period state machine, and a walk through the read-side primitives. General ApproachBecause this implementation of preemptible RCU does not require memory barriers inrcu_read_lock() and rcu_read_unlock(),
a multi-stage grace-period detection algorithm is required.
Instead of using a single wait queue of callbacks
(which has sufficed for earlier RCU implementations), this implementation
uses an array of wait queues, so that RCU callbacks
are enqueued on each element of this array in turn.
This difference in callback flow is shown in the following figure
for a preemptible RCU implementation with two waitlist stages per grace period
(in contrast,
the September 10 patch
uses four waitlist stages):
Given two stages per grace period, any pair of stages forms a full grace period. Similarly, in an implementation with four stages per grace period, any sequence of four stages would form a full grace period. To determine when a grace-period stage can end,
preemptible RCU uses a per-CPU two-element
During the first stage on the left-hand side of the above figure,
Because each CPU's old In this second stage, the elements of each CPU's The critical point is that all The Each CPU also maintains Data StructuresThis section describes preemptible RCU's major data structures, includingrcu_ctrlblk, rcu_data, rcu_flipctr,
rcu_try_flip_state, rcu_try_flip_flag, and
rcu_mb_flag.
rcu_ctrlblkThe rcu_dataThe
![[Preempt lists]](/images/ns/kernel/rcu/RCUpreemptLists.png)
The figure on the right shows how RCU callbacks flow through a given
rcu_data structure's lists, from creation by
call_rcu() through invocation by
rcu_process_callbacks().
Each blue arrow represents one pass by the grace-period state machine,
which is described in a later section.
rcu_flipctrAs noted earlier, thercu_flipctr
per-CPU array of counters contains the
counter pairs that track outstanding RCU read-side critical sections.
Any given counter in this array can go negative, for example, when
a task is migrated to a different CPU in the middle of an RCU
read-side critical section.
However, the sum of the counters will
still remain positive throughout the corresponding grace period, and will
furthermore go to zero at the end of that grace period.
rcu_try_flip_stateThercu_try_flip_state variable tracks the current state of
the grace-period state machine, as described in the next section.
rcu_try_flip_flagThercu_try_flip_flag per-CPU variable alerts the corresponding
CPU that the grace-period counter has recently been incremented, and
also records that CPU's acknowledgment.
Once a given CPU has acknowledged the counter flip, all subsequent actions
taken by rcu_read_lock() on that CPU must account for the
new value of the grace-period counter, in particular, when incrementing
rcu_flipctr in rcu_read_lock().
rcu_mb_flagThercu_mb_flag per-CPU variable alerts the corresponding
CPU that it must execute a memory barrier in order for the grace-period
state machine to proceed, and also records that CPU's acknowledgment.
Once a given CPU has executed its memory barrier, the memory operations
of all prior RCU read-side critical sections will be visible to any code sequenced
after the corresponding grace period.
Grace-Period State MachineThis section gives an overview of the states executed by the grace-period state machine, and then walks through the relevant code.Grace-Period State Machine OverviewThe state (recorded inrcu_try_flip_state)
can take on the following values:
The grace period state machine cycles through these states sequentially, as shown in the following figure.
The next figure shows how the state machine operates over time. The states are shown along the figure's left-hand side and the relevant events are shown along the timeline, with time proceeding in the downward direction. We will elaborate on this figure when we validate the algorithm in a later section.
In the meantime, here are some important things to note:
Grace-Period State Machine WalkthroughThis section walks through the C code that implements the RCU grace-period state machine, which is invoked from the scheduling-clock interrupt, which invokesrcu_check_callbacks() with
irqs (and thus also preemption) disabled.
This function is implemented as follows:
Line 4 selects the The
Line 3 checks to see if this CPU needs to execute a memory barrier,
and, if so, line 4 executes one and line 5 informs the state
machine.
Note that this memory barrier ensures that any CPU that sees the new
value of The
Line 6 attempts to acquire the global RCU state-machine lock,
and returns if unsuccessful.
Lines; 5 and 7 accumulate RCU-tracing statistics (again, if
The
Line 6 checks to see if there is any RCU grace-period work
pending for this CPU, and if not, line 8 leaves, telling
the top-level state machine to remain in the idle state.
If instead there is work to do, line 11 increments the
grace-period stage counter, line 12 does a memory barrier
to ensure that CPUs see the new counter before they see the
request to acknowledge it, and lines 13 and 14 set all of
the online CPUs' The
Line 6 cycles through all of the online CPUs, and line 7 checks to see if the current such CPU has acknowledged the last counter flip. If not, line 9 tells the top-level grace-period state machine to remain in this state. Otherwise, if all online CPUs have acknowledged, then line 11 does a memory barrier to ensure that we don't check for zeroes before the last CPU acknowledges. This may seem dubious, but CPU designers have sometimes done strange things. Finally, line 13 tells the top-level grace-period state machine to advance to the next state. The
Lines 8 and 9 sum the counters, and line 10 checks
to see if the result is zero, and, if not, line 12 tells
the state machine to stay right where it is.
Otherwise, line 14 executes a memory barrier to ensure that
no CPU sees the subsequent call for a memory barrier before it
has exited its last RCU read-side critical section.
This possibility might seem remote, but again, CPU designers have
done stranger things, and besides, this is anything but a fastpath.
Lines 15 and 16 set all online CPUs' The
Lines 6 and 7 check each online CPU to see if it has done the needed memory barrier, and if not, line 9 tells the state machine not to advance. Otherwise, if all CPUs have executed a memory barrier, line 11 executes a memory barrier to ensure that any RCU callback invocation follows all of the memory barriers, and line 13 tells the state machine to advance. The
Line 7 checks to see if the global Quick Quiz 3:
How is it possible for lines 38-43 of
Read-Side PrimitivesThis section examines thercu_read_lock() and
rcu_read_unlock() primitives, followed by a
discussion of how this implementation deals with the fact
that these two primitives do not contain memory barriers.
rcu_read_lock()The implementation ofrcu_read_lock() is as follows:
1 void __rcu_read_lock(void)
2 {
3 int idx;
4 struct task_struct *me = current;
5 int nesting;
6
7 nesting = ACCESS_ONCE(me->rcu_read_lock_nesting);
8 if (nesting != 0) {
9 me->rcu_read_lock_nesting = nesting + 1;
10 } else {
11 unsigned long flags;
12
13 local_irq_save(flags);
14 idx = ACCESS_ONCE(rcu_ctrlblk.completed) & 0x1;
15 smp_read_barrier_depends(); /* @@@@ might be unneeded */
16 ACCESS_ONCE(__get_cpu_var(rcu_flipctr)[idx])++;
17 ACCESS_ONCE(me->rcu_read_lock_nesting) = nesting + 1;
18 ACCESS_ONCE(me->rcu_flipctr_idx) = idx;
19 local_irq_restore(flags);
20 }
21 }
(Note: this code is under review and will likely change somewhat.
This version matches
that posted to LKML on September 10, 2007.)
Line 7 fetches this task's RCU read-side critical-section nesting
counter.
If line 8 finds that this counter is non-zero,
then we are already protected by an outer
However, if this is the outermost The
It is not clear that the The reasons that irqs must be disabled from line 13 through line 19 are as follows:
The last three reasons could of course be addressed by disabling preemption rather than disabling of irqs, but given that the first reason requires disabling irqs in any case, there is little reason to separately disable preemption. It is entirely possible that the first reason might be tolerated by requiring an additional grace-period stage, however, it is not clear that disabling preemption is much faster than disabling interrupts on modern CPUs. rcu_read_unlock()The implementation ofrcu_read_unlock() is as follows:
(Again, please note that this code is under review and will likely change somewhat. This version matches that posted to LKML on September 10, 2007.) Line 7 fetches the However, as with The Quick Quiz 4:
What problems could arise if the lines containing
Quick Quiz 5:
What problems could arise if the lines containing
Quick Quiz 6:
What problems could arise in
Memory-Barrier ConsiderationsNote that these two primitives contains no memory barriers, so there is
nothing to stop the CPU from executing the critical section
before executing the
The "MB"s represent memory barriers, and only the emboldened barriers are needed, namely the first and last on a given CPU for each grace period. This preemptible RCU implementation therefore associates the memory barriers with the grace period, as shown below (diagram taken from the 2006 OLS paper):
Given that the Linux kernel can execute literally millions of RCU read-side critical sections per grace period, this latter approach can result in substantial read-side savings, due to the fact that it amortizes the cost of the memory barrier over all the read-side critical sections in a grace period. Validation of Preemptible RCUTestingThe preemptible RCU algorithm was tested with a two-stage grace period on weakly ordered POWER4 and POWER5 CPUs using rcutorture running for more than 24 hours on each machine, with 15M and 20M grace periods, respectively, and with no errors. Of course, this in no way proves that this algorithm is correct. At most, it shows either that these two machines were extremely lucky or that any bugs remaining in preemptible RCU have an extremely low probability of occurring. We therefore required additional assurance that this algorithm works, or, alternatively, identification of remaining bugs.This task requires a conceptual approach, which is taken in the next section. Conceptual ValidationBecause neitherrcu_read_lock() nor rcu_read_unlock()
contain memory barriers, the RCU read-side critical section can bleed
out on weakly ordered machines.
In addition, the relatively loose coupling of this RCU implementation
permits CPUs to disagree on when a given grace period starts and ends.
This leads to the question as to how long a given RCU read-side critical
section can possibly extend relative to the grace-period state machine.
The worst-case scenario is as follows:
Here, CPU 0 is executing the shortest possible
removal and reclamation sequence,
while CPU 1 executes the longest possible RCU read-side critical
section.
Because the callback queues are advanced just before acknowledging a
counter flip, the latest that CPU 0 can execute its
Meanwhile, CPU 1 is executing an RCU read-side critical section.
Let us assume that the Because the
#define GP_STAGES 2
Quick Quiz 7:
Suppose that the irq disabling in
Quick Quiz 8:
Why can't the Formal ValidationFormal validation of this algorithm is quite important, but remains as future work. One tool for doing this validation is described in an earlier LWN article.Quick Quiz 9: What is a more precise way to say "CPU 0 might see CPU 1's increment as early as CPU 1's last previous memory barrier"? Answers to Quick QuizzesQuick Quiz 1: Why is it important that blocking primitives called from within a preemptible-RCU read-side critical section be subject to priority inheritance? Answer: Because blocked readers stall RCU grace periods,
which can result in OOM.
For example, if a reader did a Of course, there are other methods besides priority inheritance that handle the priority inversion problem, including priority ceiling, preemption disabling, and so on. However, there are good reasons why priority inheritance is the approach used in the Linux kernel, so this is what is used for RCU. Quick Quiz 2: Could the prohibition against using primitives
that would block in a non- Answer: If testing and benchmarking demonstrated that the
preemptible RCU worked well enough that classic RCU could be dispensed
with entirely, and if priority inheritance was implemented for blocking
synchronization primitives
such as Quick Quiz 3: How is it possible for lines 38-43 of
Answer: Consider the following sequence of events:
Quick Quiz 4: What problems could arise if the lines containing
Answer:
It is not clear that the Quick Quiz 5: What problems could arise if the lines containing
Answer: Absolutely none!!! The code in Quick Quiz 6: What problems could arise in
Answer:
Of course, both of these situations could be handled by disabling preemption rather than disabling irqs. (The CPUs I have access to do not show much difference between these two alternatives, but others might.) Quick Quiz 7: Suppose that the irq disabling in
Answer: No finite value of Suppose that low-priority Task A has executed
Given this situation, consider the following sequence of events:
This sequence of events could repeat indefinitely, so that no finite
value of Therefore, more-pervasive changes to the grace-period state will be
required in order for Quick Quiz 8: Why can't the Answer: Because the memory barrier is being executed in
an interrupt handler, and interrupts are exact in the sense that
a single value of the PC is saved upon interrupt, so that the
interrupt occurs at a definite place in the code.
Therefore, if the
Quick Quiz 9: What is a more precise way to say "CPU 0 might see CPU 1's increment as early as CPU 1's last previous memory barrier"? Answer: First, it is important to note that the problem with the less-precise statement is that it gives the impression that there might be a single global timeline, which there is not, at least not for popular microprocessors. Second, it is important to note that memory barriers are all about perceived ordering, not about time. Finally, a more precise way of stating above statement would be as follows: "If CPU 0 loads the value resulting from CPU 1's increment, then any subsequent load by CPU 0 will see the values from any relevant stores by CPU 1 if these stores preceded CPU 1's last prior memory barrier." Even this more-precise version leaves some wiggle room.
The word "subsequent" must be understood to mean "ordered after", either
by an explicit memory barrier or by the CPU's underlying memory ordering.
In addition, the memory barriers must be strong enough to order the relevant
operations.
For example, CPU 1's last prior memory barrier must order stores
(for example, In general, much care is required when proving parallel algorithms. AcknowledgmentsI owe thanks to Steve Rostedt, Oleg Nesterov, Andy Whitcroft, Nivedita Singhvi, Robert Bauer, and Josh Triplett for their help in getting this document into a human-readable state.
Patches and updates Kernel trees
Build system
Core kernel code
Device drivers
Documentation
Filesystems and block I/O
Memory management
Networking
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Who made Gentoo Linux, and when? A commit analysisSince LWN has published statistics on who wrote the Linux kernel, I thought readers might also be interested in who's writing other major open-source projects. I recently obtained the entire CVS repository history for Gentoo Linux, courtesy of Robin Johnson <robbat2 -AT- gentoo -dot- org>. Although some of the code has moved to Subversion or Git recently so these numbers may not be 100% accurate, the techniques used to analyze commits should be generally useful in understanding the progress and contributors to any project. First, I wanted to understand the developer community. How much experience do our developers have with Gentoo, and how has that changed over time? To do this, I created a number called "lifetime" that's the length of time between the developer's first and last commits. Then I scanned across each month, checking the average developer lifetime. I used the scanning month for the last commit of active developers to get the developer's experience at that time, not the developer's experience today. 
What you can see is that the lifetimes go up roughly as a function of time since CVS history begins. This shows that the "average Gentoo developer" joins and stays involved for more than a year. Over a span of 3 years, the average lifetime increases from 1 year to 2 years. Another way to look at this is to ask how many active and retired developers there are today as a function of when they gained commit access. The majority of active developers joined in 2005 and 2006, while the most retired developers joined in 2003 and 2004. This again shows that the average lifetime is around 2 years. 
Developer counts at any given time is also of interest. I found this by scanning across months again, checking for how many developers the month is during their commit lifetimes. 
The most interesting part is a sharp decline starting in early 2006. I wanted to attribute this in part to the addition of Subversion, which was right around that time, but that would only account for it if the developers commiting to Subversion no longer commited to CVS. That certainly isn't the case for more than 100 people, since the main package tree remains in CVS. Instead, I now attribute this drop to Gentoo's developer population returning toward an equilibrium after an explosive, uncontrolled growth. The Gentoo structure and governance could not scale quickly enough to deal with all the new developers, but it took some time to normalize and continues to do so. Now that we've learned something about our developers, how about our code? The next three graphs show commits per month to each CVS module. The "gentoo-x86" module contains all of the ebuilds (the packages). There's nothing particularly unusual about this, except for a huge peak in early 2006, I suspect when someone accidentally branched the entire repository. Interestingly, there isn't as much of a decline in commits as you might expect, given the drop in developers by more than a third. Apparently, the actively commiting developers weren't the ones who quit. The "gentoo" module contains the website files as well as some projects such as the installer and the Catalyst LiveCD creator as well as patchsets for more complex packages. The website is fairly stable at this point, and many of the projects in this repository have reached maturity, so development has slowed down. The "gentoo-src" module contains a number of projects as well, but the huge drop near the beginning of 2006 indicates a move of active development to Subversion. 
And finally, let's tie the developers and the code together with a histogram. This shows the number of commits each developer's made, with a bin size of 100. You can see the incredibly long tail of the most active commiters, with most developers under 20,000 (note the scale) but the top developer at 120,000 commits. 
Now let's take a closer look at the long tail of the developers with the largest commit counts. The tables show any developer with at least 1% of the total commits.
About 40% of the all-time commits to Gentoo come from just 18 developers. Unfortunately, I didn't have access to the size of the commits, just the number of them, so I couldn't try to rank them by changes in lines of code. One thing to be wary of is the very small commits, such as those indicating that a package works on a given architecture. But this list is not dominated by architecture developers.
In 2007 so far, 26 developers accounted for nearly 60% of commits. Unlike the all-time list, a significant fraction of these developers are architecture developers, including the top commiter. This analysis was mostly automated, using a combination of awk, bash shell, Python and gnuplot. The scripts are available upon request to the author <dberkholz -AT- gentoo -dot- org>.
New Releases openSUSE 10.3 is now availableNovell, Inc. has announced the release of openSUSE version 10.3. "Enhancements to openSUSE 10.3 include the newest versions of the GNOME* and KDE desktop environments, including a KDE 4 preview. OpenOffice.org 2.3 makes sharing files with Microsoft Office users easy, and the newest version of AppArmor(TM) protects the Linux operating system and applications from attacks, viruses and malicious applications. OpenSUSE 10.3 also now includes MP3 support out of the box for Banshee(TM) and Amarok, which are the default media players in openSUSE. In addition, openSUSE 10.3 offers the latest open source applications for developing applications, setting up a home network and running a Web server, as well as the latest virtualization software such as Xen* 3.1 and VirtualBox 1.5." There are more links in this announcement from the openSUSE team.
Mandriva Linux 2008 releasedMandriva Linux 2008 has been released with Compiz Fusion 0.5.2 and drak 3D, 2.6.22.9 Kernel, KDE 3.5.7 and KDE 4 preview, GNOME 2.20, X.org 7.3, RandR1.2, OpenOffice.org 2.2.1, and Mozilla Firefox 2.0.0.6. Click below for the official announcement or check out the the release tour page for more information.
Linspire 6.0 Desktop Linux Operating System ReleasedLinspire has announced the immediate availability of Linspire 6.0, the latest commercial release of the desktop Linux operating system. "Building on the best of open source software using Ubuntu as its base line, Linspire 6.0 adds licensed proprietary drivers, codecs, and software in its core distribution to provide a better user experience."
Fedora 8 Test 3 releasedThe third (and final) Fedora 8 test release is available. Changes since test 2 include an Online Desktop preview, the "Iced Tea" Java environment, CodecBuddy, improved power management, and more.
Fedora Electronic Lab - Livecd F8Test3The Fedora Electronic Lab live CD has been updated to the latest Fedora test release. "The idea of Fedora Electronic Lab is not to include as many as packages for electronic simulations, but mainly to ensure that design flows can be achieved. Because it's useless for the user to have those packages if his/her data can't be process with other applications thus implying the user will waste his/her time."
EnGarde Secure Linux releases v3.0.17Guardian Digital has announced the newest release of EnGarde Secure Linux: Community 3.0.17 (Version 3.0, Release 17). "In distribution since 2001, Guardian Digital's EnGarde has been a staple for security enthusiasts, administrators and organizations looking to run servers easily and securely. Solely designed as an integrated server platform, EnGarde Secure Linux provides web, DNS and email functions simply and securely, while delivering on integrated intrusion detection, advanced kernel and network security features, manageable SELinux policies, robust engineering and graphical auditing and reporting."
Distribution News Debian GNU/Linux Google Summer of Code 2007 wrap-upDebian's Steve McIntyre has posted a wrap-up report on the Debian distribution's Google Summer of Code 2007 projects. "The summer has finished, and it's about time I summarised how we got on. We had 9 Summer of Code students working for us, and we had a 100% success rate this year. Woo! Last year we only managed 6 successful projects out of 10, so that's a major improvement. A couple of things helped a great deal this time: several of our students were already contributors to the Debian community at various levels, and for the first time this year the SoC programme also included an extra chunk of time to allow the students to get involved ("bonding time") before they had to start coding work. These meant that our students were much more involved in Debian than last year, and that was a very good outcome."
Bits from the Alioth teamStephen Gran reports on Debian's Alioth team. "[T]he Alioth team is proud to announce YARCS (Yet Another Revision Control System). Alioth can now host your Darcs repositories in pretty much the same way as it can host your CVS, Subversion, Arch/Bazaar, Bzr, Hg and Git repositories. Please refer to http://wiki.debian.org/Alioth/darcs for details."
Bits from the listmastersMartin Zobel-Helas reports on some changes to the Debian mailing lists, including a new spam filter setup, a new greylisting daemon, and several other topics.
Debian's Constitutional amendment vote on DPL electionsDebian developers have voted for an amendment to reduce the length of Debian Project Leader election process.
Mandriva Linux Mandriva makes a complete Linux System accessible to allMandriva has issued a press release on the Powerpack edition of Mandriva Linux 2008. "A new subscription mode in the commercial Powerpack product will provide users to install or upgrade their system and take advantage of all the new technologies integrated in the Powerpack product. Regarding this new pricing policy, the new subscription mode in the Powerpack is the replacement of the former downloading services of the Club. The 'community services' of Club platform will be now available to all. This new plan is designed for users who want to stay tuned with the latest Linux technologies. With the 2008 release, customers can subscribe to this plan to download 2 Powerpack releases. This plan is offered for only 59 euro per year ($69 USD)."
Other distributions Arch LeadershipArch Linux is getting a change in leadership. Project founder Judd Vinet is stepping down and passing on the leadership role to Aaron Griffin. "Though I will still be around for discussions and anything else I can do for Arch (within my feeble time constraints), I feel this is the time to say Goodbye, at least as leader. I will still be around as Arch's Number One Cheerleader, but not as its visionary." Judd's blog has a bit more about what he's up to, besides Arch.
New Distributions Linux Apes Vista With New Distro Called Vixta (Information Week)Information Week reports on a new distribution called Vixta. "Vixta's home page touts the imminent availability of version 095, and enumerates the goals of the project as follows: 1. Absolutely free, in every sense; 2. Spread Linux to the "masses"; 3. ABN -- Absolutely No Config.; 4. User-Friendly; 5. Eye-catching. Familiar look and feel."
Distribution Newsletters Fedora Weekly News Issue 104The Fedora Weekly News for October 1, 2007 looks at F8t3, joining Fedora, release notes freeze, summit happenings, and much more.
Ubuntu Weekly Newsletter #60The Ubuntu Weekly Newsletter for October 6, 2007 covers the freeze of the Gutsy archive, a Gutsy countdown script for websites, Philipp Kern joining the MOTU Team, the release of UbuntuBolivia by the Bolivian LoCo Team, Ubuntu Forums interviews, and much more.
DistroWatch Weekly, Issue 223The DistroWatch Weekly for October 8, 2007 is out. "The big openSUSE 10.3 release week is now behind us. All went without a hitch and many users are enjoying the newest software, improved package management, and extended support for the latest hardware in this new version. No major bugs have been reported so far, but let's wait for the first reviews before concluding that this is indeed openSUSE's best release ever. In other news, Mandriva Linux 2008 has been released to "early seeders", Ubuntu has begun accepting pre-orders for "Gutsy Gibbon", and Judd Vinet has resigned as the lead developer of Arch Linux. Finally, don't miss the featured story of this week - a Susan Linton's report on the major new release from Puppy Linux, version 3.00."
Newsletters and articles of interest Interview with Mairin Duffy on Fedora 8 ArtworkThe Fedora wiki has an interview with Máirín Duffy, lead of the Fedora art team, on the process of creating the artwork for Fedora 8. "We don't have any hard restriction saying that you can only produce software using the free and open source tools available in Fedora, but all of the artwork as far as I know was produced exclusively in tools available in Fedora, including Inkscape and the GIMP. So Fedora 8's artwork serves as a pretty good example of what you can do with the tools readily available in Fedora itself."
The Perfect Desktop - OpenSUSE 10.3 (HowtoForge)HowtoForge sets up a GNOME desktop on openSUSE 10.3. "This tutorial shows how you can set up an OpenSUSE 10.3 desktop that is a full-fledged replacement for a Windows desktop, i.e. that has all the software that people need to do the things they do on their Windows desktops. The advantages are clear: you get a secure system without DRM restrictions that works even on old hardware, and the best thing is: all software comes free of charge."
Ubuntu - a Speedup guideMy10sen has some tips for speeding up Ubuntu, including filesystem, swapping, and other tweaks. "On default installation Ubuntu chooses 'journal data ordered' and In data=ordered mode, ext3 only officially journals metadata it logically groups metadata and data blocks into a single unit called a transaction. When it want to write the new metadata out to disk, the associated data blocks are written first. data=ordered mode effectively solves the corruption problem found in data=writeback mode and most other journaled filesystems, and it is done without requiring full data journaling. In general, data=ordered ext3 filesystems perform slightly slower than data=writeback filesystems, but slightly faster than the full data journaling counterparts. To speed it up we're going to change it to data=writeback system."
Distribution reviews An in-depth look at Puppy Linux (DesktopLinux)DesktopLinux takes a look at the latest version of Puppy Linux. "Puppy breathes new life into old hardware and runs well on diskless PCs and thin workstations. Needless to say, it's a total speed demon on state-of-the-art hardware. While I've emphasized Puppy's special role on constrained hardware, the product is fully competitive on current systems. My friends and I run it on our newest computers, too."
The best Linux system repair distribution gets better (DesktopLinux.com)DesktopLinux.com reviews the 0.4 version of SystemRescueCD, a Gentoo-based distribution for repairing broken systems. "Another major improvement is that you can now use PXE network booting. With PXE, you can boot a troubled PC remote over your LAN into SystemRescueCD. This is great, for example, for a help desk repairing systems scattered over an office or campus. To get this to work, the PCs will need to be set to use wake-on-LAN and network boot. That's been a standard PC feature since 2001, but it usually must be made active in the BIOS before you can use it."
The 7 Most Influential GNU/Linux Distributions (Datamation)Datamation looks at the seven top Linux distributions. "GNU/Linux offers a bewildering variety of flavors -- or distributions, as they're called. To a newcomer's eye, many of these seem virtually identical to each other. Yet, the more you learn about a distribution and the community that surrounds it, the more different they become. Here, in alphabetical order, is a list of the seven distributions that have most affected GNU/Linux as a whole."
Page editor: Rebecca Sobol Development Recovering data from a laptop drive using LinuxA friend recently came to me with a data recovery problem. He had a ten year old Compaq Presario 1090ES laptop with numerous hardware problems. The laptop's hard drive contained some non-backed up text documents as well as a number of home-made audio recordings. The laptop's operating system was Windows 95. After a number of attempts to get the laptop to boot, I decided that a better approach to recovering the data would be to remove the hard drive and connect it to a Linux box. Even if the system could be revived, transferring the data to another machine would be difficult since the machine had no Ethernet connection. The first problem involved connecting the laptop drive to a regular desktop system's IDE bus. The drive, an IBM DMCA-21440 with a capacity of 1.4GB, had a miniature 44 pin IDE/power connector and the desktop system had a regular 40 pin IDE (PATA) connector. The appropriate adapter was found on eBay for a mere $5 plus $5 more for shipping/handling (from Hong Kong). The adapter was purchased and it arrived in the mail a week later. Problem number one solved. ![[Laptop IDE recovery]](/images/ns/laptopide1sm.png)
The laptop drive was connected to several machines before it was recognized by a system BIOS. Despite selecting the device as an IDE slave, it would only operate when there were no other devices on the bus. The secondary IDE bus (IDE1) was used and the machine's CDROM was removed for the duration of the data recovery session. From the root account, the command: fdisk /dev/hdc was used (carefully) to verify that the drive was visible to the system. The fdisk print command showed the drive's partition information, the main partition was /dev/hdc1. The drive was initially mounted on the temporary mount point /mnt using the command: mount -t vfat /dev/hdc1 /mnt. This resulted in a filesystem with a lot of unreadable filenames. A little digging on the net revealed the sys_immutable argument to mount. The mount man page was somewhat discouraging: "sys_immutable, showexec, dots, nodots, dotsOK=[yes|no] Various misguided attempts to force Unix or DOS conventions onto a FAT file system." Misguided or not, the drive was mounted with the command: mount -t vfat -O sys_immutable /dev/hdc1 /mnt. The sys_immutable option seemed to work and the drive's contents became viewable with the standard Unix commands. A number of Microsoft Word (.doc) files were copied over to the host system, these were for the most part readable by OpenOffice.org 2.2 with the exception that a small percentage of words showed up with misspelled characters. Fortunately, for the small number of documents, a bit of manual editing fixed the problem. The wav files were also copied over to the host system with no problems. Once on the Linux system, it became easy to improve the wav file recordings. Audacity is useful for chopping off noisy sections at the beginning and endings of the recordings and sox can be used for resampling the 22050 hz files into standard 44100 hz files. With a bit of effort, it will be possible to turn the collection of wav files into a reasonably professional sounding audio CD. The operation was completely successful, all of the desired data was recovered from the damaged laptop and my friend's work has been saved.
System Applications Database Software PostgreSQL 8.3 beta 1 releasedThe first PostgreSQL 8.3 beta release is out. 8.3 looks like it will be one of the most interesting PostgreSQL releases in some time; it includes a full text search mechanism, a number of performance improvements, SQL:XML support, and much more. "How soon this beta turns into a release depends on testing by our community of users. As soon as possible, please help us with community testing."
Postgres Weekly NewsThe October 7, 2007 edition of the Postgres Weekly News is online with the latest PostgreSQL DBMS articles and resources.
SQLite 3.5.1 releasedVersion 3.5.1 of SQLite, a light weight DBMS, has been announced, it features the following changes: "Fix a long-standing bug that might cause database corruption if a disk-full error occurs in the middle of a transaction and that transaction is not rolled back. The new VFS layer is stable. However, we still reserve the right to make tweaks to the interface definition of the VFS if necessary."
Networking Tools SDTConnector 1.4.2 released (SourceForge)Version 1.4.2 of SDTConnector has been announced. "SDTConnector provides a simplified way to tunnel various TCP and UDP based network services (such as RDP, VNC, HTTP and Telnet) through SSH. SDTConnector is a graphical tool to simplify the task of providing the privacy and security of SSH for common 'insecure' services, such as VNC, RDP (Windows Terminal Services), HTTP, Telnet and others. Uniquely, SDTConnector has the ability to SSH tunnel UDP based services (such as DNS or Serial over LAN), and facilitate out-of-band access to remote hosts when they can't be reached via the primary link. This release fixes several bugs, please see the change log for details."
Web Site Development Django RoundupThe October 7, 2007 edition of the Django Roundup is out with the latest news from the Django web development platform project. "We're getting the roundups going again: news about last month's sprint, a new screencast, Django Gigs launches, Django on Jython work continues to proceed, a Django-powered BitTorrent tracker, and more inside."
Desktop Applications Animation Software synfig 0.61.07 releasedVersion 0.61.07 of synfig has been announced, it adds some new functionality and bug fixes. "Synfig is a powerful, industrial-strength vector-based 2D animation software package, designed from the ground-up for producing feature-film quality animation. It was initially a proprietary application produced by Voria Studios for internal use and when the company closed down, Synfig was released to the free software community for development under the GNU General Public Licence."
Business Applications JasperReports 2.0.2 released (SourceForge)Version 2.0.2 of JasperReports, a business intelligence and reporting engine, has been announced. Changes include: "support for element origin information in generated documents; support for exporter element filtering based on element origin; minor bug fixes and improvements".
Calendar Software Lcal 2.1.0 releasedVersion 2.1.0 of Lcal, a lunar calendar application that generates PostScript is out. "Changes include enhanced colorization control options, which allow for some stunning color lunar calendars, both for previewing and for printing." (Thanks to Bill Marr).
Data Visualization PyX 0.10 releasedVersion 0.10 of PyX, a Python package for the creation of PostScript and PDF files, has been announced. "This release adds 3d plotting facilities to PyX using parallel or central projection. Two new graph styles grids and surfaces can be used in 3d graphs as well as some existing generic graph styles (symbols, lines, errorbars etc.). Several new examples, various other improvements requested by PyX users and some bugfixes complete this release."
Desktop Environments Fluxbox 1.0.0 released (SourceForge)Version 1.0.0 of Fluxbox has been announced. "Fluxbox is a X11 windowmanager build for speed and flexibility. Finally a new stable release! After almost four and a half years with 0.9.x releases we finally got to 1.0.0! This release includes a lot of bugfixes, new styles, updated language support, better shaped corners and much more."
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE Commit-Digest (KDE.News)The October 7, 2007 edition of the KDE Commit-Digest has been announced. The content summary says: "Image support in Parley, and support for formulas in the note feature of the Step physics simulation package. blinKen changes capitalisation to Blinken for the KDE 4.0 release. Theme work across kdegames, with better collision detection in Kolf. More XMP integration work in Digikam. Work on KConfig merged back into trunk/. Colour conversion system becomes fully operational in Krita..."
KDE Software AnnouncementsThe following new KDE software has been announced this week:
Desktop Publishing LyX 1.5.2 is releasedVersion 1.5.2 of LyX, a GUI interface to the TeX typesetter, is out. "This is a maintenance release that focuses on improving the stability. We have fixed numerous crashes, performance problems, and other bugs. Furthermore, the documentation has been revised. It covers all new features of the 1.5.x series now."
Electronics Initial release of gsch2pcbThe initial release of gsch2pcb has been announced. "When designing a printed circuit board (PCB) it's often desirable to create a 'schematic' which shows the components to be used and their connectivity in an abstract fashion. The connectivity information is then used to help when designing the actual circuit board. ``gsch2pcb`` is a command-line tool, part of the gEDA suite, which is used to generate and update a PCB layout. It works with schematics created by ``gschem``, part of the gEDA suite, and layouts created by ``pcb``, a PCB layout system commonly used with gEDA. ``xgsch2pcb`` provides an intuitive, user-friendly graphical interface to ``gsch2pcb``."
Financial Applications Security issues with SQL-LedgerSQL-Ledger, a web-based financial accounting system, has some unresolved SQL injection security issues. "Unfortunately the maintainer of SQL-Ledger has declined to fix any of the SQL injection issues we have sent his way. Even correcting these, there are many SQL injection issues in that application. Our official recommendation for SQL-Ledger users is to restrict access to database relations to the least privelege necessary. While this does not entirely solve the issues, it does limit the damage considerably."
Graphics OpenSceneGraph 2.2 releasedVersion 2.2 of OpenSceneGraph has been announced. "OpenSceneGraph Professional Services announces the release of OpenSceneGraph 2.2, the industry's leading open-source scene graph technology, designed to accelerate application development and improve 3D graphics performance. OpenSceneGraph 2.2 written entirely in Standard C++ and built upon OpenGL, offers developers working in the visual simulation, game development, virtual reality, scientific visualization and modeling markets - a real-time visualization tool which eclipses commercial scene graph toolkits in functionality, stability and performance. OpenSceneGraph 2.2 runs on all Microsoft Windows platforms, Apple OS/X, GNU/Linux, IRIX, Solaris, HP-UX, AIX and !FreeBSD operating systems."
Medical Applications PatientOS v0.14 HL7 Interfaces released (LinuxMedNews)LinuxMedNews covers the newest capabilities included with version 0.14 of PatientOS, the 1.0 release is scheduled for the end of October. "PatientOS is an open source healthcare information system for physicians, nursing, pharmacy, laboratory and ultimately all departments in a hospital, physician or practice, or any other healthcare facility. Version 0.14 of PatientOS integrates the Open Source Mirth HL7 Engine with PatientOS. Registering or updating patient information in the demo demonstrates the creation of an outbound HL7 ADT message."
Web Browsers Mozilla Links NewsletterThe October 4, 2007 edition of the Mozilla Links Newsletter is online, take a look for the latest news about the Mozilla browser and related projects.
Miscellaneous Task Coach 0.65.2 available (SourceForge)Version 0.65.2 of Task Coach has been announced. "Task Coach is a simple open source todo manager to manage personal tasks and todo lists. Often, tasks and other things todo consist of several activities. Task Coach is designed to deal with composite tasks. This release is aimed at better performance."
Languages and Tools C GCC 4.2.2 releasedVersion 4.2.2 of GCC, the Gnu Compiler Collection, has been announced. See the change notes for more information.
Caml Caml Weekly NewsThe October 9, 2007 edition of the Caml Weekly News is out with new Caml language articles.
PHP New PHP documentation build system is ready for testingA new documentation build system for PHP has been announced. "The PHP documentation team is pleased to announce the initial release of the new build system that generates the PHP Manual. Written in PHP, PhD ([PH]P based [D]ocBook renderer) builds are now available for viewing at docs.php.net. Everyone is encouraged to test and use this system so that bugs will be found and squashed. Once the new build system is stable, expect additional changes to the PHP manual that will include an improved navigation system and styling for OOP documentation."
Tcl/Tk Tcl-URL! - weekly Tcl news and linksThe October 4, 2007 edition of the Tcl-URL! is online with new Tcl/Tk articles and resources.
Tcl-URL! - weekly Tcl news and linksThe October 10, 2007 edition of the Tcl-URL! is online with new Tcl/Tk articles and resources.
Version Control GIT 1.5.3.4 announcedVersion 1.5.3.4 of GIT, a distributed version control system, has been announced, it features bug fixes, performance improvements and documentation work.
Miscellaneous An overview of linkingIan Lance Taylor has a series of 20 articles on linkers, providing a technical introduction and lots of details on ELF. Due to the weblog format, it is a bit hard to follow, read from the bottom and use the 'Next Entries' link to get to more. Here is a permalink to the first article in case things move around in his archives. "In the old days, when dinosaurs roamed the data centers, many programs were complete in themselves. In those days there was generally no compiler – people wrote directly in assembly code – and the assembler actually generated an executable file which the machine could execute directly. As languages liked Fortran and Cobol started to appear, people began to think in terms of libraries of subroutines, which meant that there had to be some way to run the assembler at two different times, and combine the output into a single executable file. This required the assembler to generate a different type of output, which became known as an object file (I have no idea where this name came from). And a new program was required to combine different object files together into a single executable. This new program became known as the linker (the source of this name should be obvious)." (Thanks to Daniel Qarras)
Page editor: Forrest Cook Linux in the news Recommended Reading Retailer PCI Rebellion: 'No More Storing Credit Card Numbers' (Dark Reading)Dark Reading has a a report on storing credit card numbers, with the National Retail Foundation advocating that retailers not be forced to store them. "'Data breaches have continued to occur at an unacceptable rate. There have been numerous instances of hackers targeting sophisticated retail computer systems that store or process credit card data, stealing the data and then using it to commit fraud,' he said. '[PCI] is a valiant attempt to prevent large stockpiles of credit card data from getting into the wrong hands. However, it is unlikely PCI will ever be able to keep pace with the continually-evolving sophistication of the professional hacker, or anticipate every possible variation of future attacks. We believe the time has come to rethink the assumptions behind PCI.'"
Linux phishing botnet statistics can be deceptive (TechRepublic)Chad Perrin at TechRepublic offers some thoughts on recent reports of Linux botnets in The Register, PCWorld, and elsewhere. "The obvious implication is that there are far more compromised Linux systems in phishing botnets than Windows systems. This is reinforced by eBay CISO Dave Cullinane's comment that 'The vast majority of [the phishing sites] we saw were on rootkit-ed Linux boxes, which was rather startling. We expected a predominance of Microsoft boxes and that wasn't the case.'"
Ten ways to make more humane open source software (Humanized)Humanized has a lengthy article on making free software more user-friendly. "The difference between the Mozilla and Firefox was that Mozilla was the result of developers contributing every web-browser feature they could think of. It only started to become humane once the Firefox team applied a unifying principle 'Does this help Mom surf the web?' and pared away features that didn't fit. Its not enough to duplicate what has come before; even in an established category, a product still needs a unifying design, based on a clear vision of what users need to accomplish."
Trade Shows and Conferences Regional Events Rock (Linux Journal)Jon maddog Hall looks at some regional events. "Regional events allow customers to more easily see and talk with local vendors as well as the more local representatives of the national firms. The more local attendance allows the audience to get "up close and personal" with the speakers, and the age restrictions that exist at a lot of larger events are non-existent at these regional events. I met a lot of Free Software users who were still in strollers. :-)"
Companies Thank you Michael, but no, thank you... by Charles H. Shulz (Groklaw)Groklaw has posted a different point of view on the tension between Novell and OpenOffice.org. "While Novell contributes quite normally to OpenOffice.org's import filters, it is also developing an OpenXML export filter that won't be available in OpenOffice.org-- that is, if you choose to use OpenOffice.org and not 'Open Office, Novell Edition'. And since these export filters are supposedly developed in collaboration with Microsoft, this technology would logically include Microsoft's sacred intellectual property that Sun and many others don't want to see covered by the JCA."
Linux Adoption The Next Leap for Linux (The New York Times)The New York Times looks at the current state of desktop Linux. "Until recently, major PC makers shied away from Linux. Now the industry is watching as Dell is selling two Linux-equipped desktop models ($549 and $870, including a monitor) and a $774 notebook PC. (Hewlett-Packard offers Linux systems to businesses, and Lenovo, the Chinese company that bought I.B.M.s PC division, sells Linux machines in China and says it will soon offer Linux-based computers in the United States.) The Ubuntu version of Linux runs the Dell computers. Because Dell does not have to pay a licensing fee for the operating system, the computers are $80 cheaper than PCs with Windows Vista Home Premium or $50 cheaper than the stripped-down Vista Basic edition."
Linux set to dominate in embedded systems (EETimes)EETimes analyzes the increasing use of Linux by embedded systems developers. "Embedded system manufacturers are increasingly committing to Linux as the operating system of choice, and this migration from more traditional and commercial operating systems is set to continue, according to market research group Venture Development Corporation (VDC). A recent survey by VDC (Natick, MA) suggests the majority of current Linux users surveyed plan to use Linux again as their primary operating system on future projects."
Legal Red Hat: Customers Can Deploy Linux with Confidence (eWeek)Steve Ballmer, CEO of Microsoft, recently gave a speech in which he said that Linux users needed to compensate Microsoft for patent infringement. Of course requests to "show us the patents" remain unanswered. This vnunet article and this Linux-Watch article are just two of the many articles we've seen.eWeek takes a look at the responses from Red Hat and the Linux Foundation. "In a scathing response to Ballmer's remarks, Red Hat's IP team said the reality is that the community development approach of free and open-source code represents a healthy development paradigm, which, when viewed from the perspective of pending lawsuits related to intellectual property, is at least as safe as proprietary software. "We are also aware of no patent lawsuit against Linux. Ever. Anywhere," the team said in a blog posting."
Resources Bastille: Classic Linux and Unix Security (Enterprise Networking Planet)Enterprise Networking Planet takes a look at Bastille for system security. "The glamorous new kids in the Linux security parade are SELinux, AppArmor, and all manner of virtualization technologies. (Though it is being discovered that virtual machines, just like chroot jails, aren't all that difficult to break out of, so don't count on them for strong security.) But don't overlook the reliable, helpful old-timer Bastille Linux. Bastille Linux is both a batch of Perl scripts that lead you through hardening your Linux system, and an educational tool. I recommend running it just to get a grounding in basic security measures -- the newfangled things are nice, but the basics are still important and valuable."
Setting time the right way, the Linux way (Linux-Watch)Steven J. Vaughan Nichols discusses time issues and NTP client/server configuration in a Linux-Watch article. "Since most computers store the Epoch's number of seconds as a 32-bit signed integer, the "End of Time" will come at 03:14:07 UTC on Tuesday, Jan. 19, 2038. Since we're quickly moving to 64-bit computing, that won't be a real problem. The "End of Time" using a signed 64-bit integer will come sometime on Sunday, Dec. 4 in the year 292,277,026,596. With more than 290 billion years to go, I'm not going to sweat it. Believe it or not, we are already beginning to run into Epoch timing problems. For example, come January 19, 2008, you may get some interesting results from a 30-year mortgage calculator running on an older Linux or Unix system."
Reviews Adobe readies Flex Builder for Linux (Tech Watch)Tech Watch reports on Adobe's release of Adobe Flex Builder for Linux. "Flex Builder is an IDE for building rich Internet applications that leverage Flex and Adobe's Flash Player. Flex Builder Linux Alpha offers most Flex Builder 3 features such as project creation, code coloring, code hints and Ajax bridge. The release requires Sun Java Runtime Environment 1.5.x and the Eclipse 3.3 platform. The alpha product supports several Suse, Red Hat and Ubuntu Linux distributions and the Firefox browser. Plans call for expanding support to other browsers and Linux distributions, said Phil Costa, director of product management at Adobe."
Good-bye NetWare, hello Linux: Novell Open Enterprise 2.0 (Linux-Watch)Linux-Watch looks at the release of Novell's Open Enterprise Server 2. "Now, with OES 2.0, the NetWare operating system kernel, NetWare 6.5 SP7, is still there if you run it, but it runs on top of the Xen hypervisor. You can also run the NetWare services, or a para-virtualized instance of NetWare, on top of Xen with the SLES (SUSE Linux Enterprise Server) 10 SP 1 kernel. So, if you're wedded to NetWare and its way of doing things, you don't have to wave good-bye to it."
Laptop With a Mission Widens Its Audience (The New York Times)David Pogue reviews the OLPC XO laptop for the New York Times. His take is quite favorable, giving Linux two positive stories in as many days in a pretty high-profile publication. "The truth is, the XO laptop, now in final testing, is absolutely amazing, and in my limited tests, a total kid magnet. Both the hardware and the software exhibit breakthrough after breakthrough — some of them not available on any other laptop, for $400 or $4,000."
Page editor: Forrest Cook Announcements Non-Commercial announcements Mark Webbink Joins Board of Software Freedom Law CenterThe Software Freedom Law Center (SFLC), has announced that Mark Webbink has joined its board of directors. "Webbink comes to SFLC from Red Hat, the premiere Linux and open source vendor, where he served as its first general counsel beginning in 2000. In 2004, he became Red Hat's deputy general counsel for intellectual property, a position he served in until his retirement in August 2007. During his tenure with Red Hat, Webbink wrote and spoke extensively on the subjects of open source software, software patents, and patent reform."
Commercial announcements KnowledgeTreeLive service launchedKnowledgeTree has announced the launch of KnowledgeTreeLive, a software-as-a-service document management application built on the Amazon Elastic Compute Cloud and the rPath virtual appliance platform. "The KnowledgeTreeLive on-demand document management service brings the powerful capabilities of the open source KnowledgeTree application to users wishing to subscribe to an easy to use, cost-effective and secure hosted application. The KnowledgeTreeLive service includes document management and collaboration features such as document versioning and auditing, metadata and content searching, workflow, tagging and tag clouds, RSS feeds and email triggers.
LPA announces African affiliatesThe Linux Professional Institute has announces new affiliates in Africa. The LPI "announced new affiliates in East Africa (Uganda, Kenya, Tanzania) and Nigeria. "These two new affiliates are indicative of the growing importance of Linux and Open Source Software both in the field of education and IT capacity development in Africa," said John Meaney, LPI Area Operations Manager for EMEA (Europe, the Middle East, and Africa). Mr. Meaney noted that there was significant interest in the region in Linux professionalism and that he was involved in ongoing discussions with other potential affiliates for the Middle East and Africa."
Oracle open-sources the OCI8 database driver for PHPOracle has announced the availability of an open-source preview release of OCI8. "Continuing to deliver on its long-standing commitment to the Open Source community, Oracle today announced the contribution and a preview release of an enhanced Oracle Call Interface (OCI8) database driver for PHP. This helps bring breakthrough scalability to PHP applications, further enhancing PHP as a viable development environment for mission-critical applications. The OCI8 database driver for PHP supports important Oracle(R) Database features such as connection pooling and fast application notification, enabling a single industry-standard server to support tens of thousands of database connections while providing higher availability."
Scalix 11.2 releasedVersion 11.2 of Scalix has been announced. "Scalix, the premier award-winning Linux e-mail, calendaring and messaging company, today announced the release of Scalix 11.2, with significant new features to support hosted multi-tenant environments, the latest Linux servers, and enhanced Microsoft Outlook facilities for mobile devices. Scalix 11.2 allows application service providers (ASPs) to host multiple customers on a single Scalix server without the use of virtualization. They can now easily subdivide a single Scalix installation into multiple independent partitions, each with its own address book and global address list."
TransGaming and Mandriva renew OEM agreementTransGaming has announced that it has renewed an OEM agreement with Mandriva. "TransGaming Inc., a leading developer of software portability products for the electronic entertainment industry, announced today the renewal of the OEM and distribution agreement with Mandriva, the leading retail distribution for the Linux operating system. Under this agreement, MandrivaLinux 2008 customers will receive access to TransGaming's Cedega product that will allow them to play hundreds of PC games out-of-the-box."
New Books Linux Firewalls--New from No StarchNo Starch Press has published the book Linux Firewalls by Michael Rash.
Linux Thin Client book from Packt PublishingPackt Publishing has published the book Linux Thin Client Networks Design and Deployment by David Richards.
Resources FSFE NewsletterThe October 9, 2007 edition of the FSFE Newsletter is online with the latest Free Software Foundation Europe news. Topics include: Microsoft antitrust: A victory for Free Software and freedom of competition, WIPO: FSFE calls for interoperability and Open Standards, Freedom Task Force signs MoU with TIS Free Software Center, Southern Tyrol, Italy, Videos of FSFE president Georg Greve with Chilean Minister of Economy, FSFE supports protest against increased surveillance of digital communication, FSFE presents FSCONS and The Scandinavian Free Software Award, FSFE at OpenExpo, Switzerland and Get active.
Contests and Awards KDE 4.0 Release Event Contest (KDE.News)KDE.News has an announced the KDE 4.0 Release Event Contest. "The KDE 4.0 Release Event Team is pleased to announce a contest for the KDE 4.0 Release Event. The winners of this contest will be flown out to Mountain View, California on January 17-19, 2008. Hotel and meals will be covered for them during the event. Read on for information about the contest. The purpose of this contest is to find the most enthusiastic KDE community member and reward him or her with a ticket to the KDE 4.0 Release Event held at the Google Headquarters at Mountain View, CA."
Education and Certification LPI Exams in Portugal and ItalyThe Linux Professional Institute will hold discounted LPIC exams at in Portugal on October 12-13 and October 19-21, 2007, and in Italy on October 27, 2007.
Upcoming Events KDE 4.0 release event announcedA three-day event is being held at the Googleplex, 17-19 January 2008, to celebrate the release of KDE 4.0. The schedule is still being worked out, but there will be a keynote by Aaron Seigo and lots of BOFs (Birds of a Feather meetings). Click below for more information.
Legal Summit for Software Freedom at Columbia Law SchoolThe Software Freedom Law Center (SFLC) is hosting a legal summit at Columbia Law School in New York City on 12 October 2007. Speakers include Eben Moglen, Dan Ravicher, Richard Fontana, Matt Norwood, Karen Sandler and James Vasile and the summit covers "licensing, copyrights and patents, and corporate issues related to Software Freedom." Click below for more information.
NLUUG 25 year anniversary conferenceThe NLUUG, the Dutch Unix Users Group, has announced its 25th anniversary conference. "The programme committee and the NLUUG board members are very excited about this 25th anniversary conference on November 7th, at the "Beurs of Berlage" in Amsterdam, the Netherlands. Do not miss this extraordinary conference!"
Events: October 18, 2007 to December 17, 2007The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it. Web sites Free Software Directory gets a new lookThe Free Software Directory has undergone a web site makeover. "The Free Software Directory is a project of the Free Software Foundation (FSF) and United Nations Education, Scientific and Cultural Organization (UNESCO). We catalog useful free software that runs under free operating systems particularly the GNU operating system and its GNU/Linux variants."
Announcing Planet CentOSThe Planet CentOS web site has been announced. "The CentOS team is pleased to announce the Planet CentOS website. Are you wondering what is cooking in the kitchens of the CentOS developers? Wait no longer, Planet CentOS aggregates the blogs of CentOS contributors, merging them into one feed. You can read Planet CentOS with your favorite RSS/Atom reader, or through the Planet CentOS website." (Thanks to Daniel de Kok).
Audio and Video programs Samba and Google Summer of Code PodcastA podcast with a discussion of Samba projects from the Google Summer of Code has been announced. "The podcast features several members of the Samba Team -- Jeremy Allison, Andrew Bartlett, Jelmer Vernooij, Jerry Carter, Kai Blin, Rafal Szczesniak, Stefan Metzmacher and Steve French -- and is a fun listen, covering everything from Samba development itself to Samba's participation in the Google Summer of Code."
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Grace period]](/images/ns/kernel/rcu/GracePeriodBad.png)
![[Grace period]](/images/ns/kernel/rcu/GracePeriodGood.png)
![[RCU preempt lists]](/images/ns/kernel/rcu/RCUpreemptListsCompare.png)
![[RCU counter flip]](/images/ns/kernel/rcu/RCUpreemptCounterFlip.png)
![[Preempt states]](/images/ns/kernel/rcu/RCUpreemptStates.png)
![[preempt timeline]](/images/ns/kernel/rcu/RCUpreemptTimeline.png)
![[Memory barrier waste]](/images/ns/kernel/rcu/RCUrt-MBwaste.png)
![[Memory barrier nowaste]](/images/ns/kernel/rcu/RCUrt-MBnowaste.png)
![[worst-case scenario]](/images/ns/kernel/rcu/RCUpreemptValidation.png)