LWN.net Weekly Edition for May 8, 2003
Free licenses and warranties
Releasing a work - be it code, words, sounds, or images - under a free license is not just a matter of tossing in a file called COPYING and putting up a tarball. It is a legal decision which may have long-term implications. For an example, consider this discussion on the warranty provisions of the Creative Commons licenses.The Creative Commons offers several licenses to fit different people's wishes regarding attribution, commercial use, and derived works. They range from being very GPLish, to something that looks vaguely like the BSD license (though rather more complicated), to others that would not be considered "free" by most in the community. One thing they have in common, however, is a fairly strong warranty provision:
- Licensor has secured all rights in the Work necessary to grant the license rights hereunder and to permit the lawful exercise of the rights granted hereunder without You having any obligation to pay any royalties, compulsory license fees, residuals or any other payments;
- The Work does not infringe the copyright, trademark, publicity rights, common law rights or any other right of any third party or constitute defamation, invasion of privacy or other tortious injury to any third party.
In other words, when you release a work under a Creative Commons license, you are making a promise to any potential user that nobody else has any rights to that work that could require payments from that user. This is a warranty: should a third party come to one of your users for royalties or damages, they can come back to you. Releasing a work under one of these licenses means taking on a legal liability.
This feature of the Creative Commons licenses is deliberate: it is intended to give users of CC-licensed works confidence that they can truly use and redistribute those works without getting into trouble. This sort of language is not uncommon; anybody who has had a book published, for example, has signed off on a warranty that is at least as strong as the CC licenses require. But some authors who release under a CC license may not understand the commitment that they are making. The Creative Commons folks will apparently be making some changes to make the warranty commitment more clear.
What about other licenses? The GNU General Public License is clear that the covered works come (in capital letters) "WITHOUT WARRANTY OF ANY KIND." Other common licenses, including the Apache Public License, the Artistic License, the BSD License, the Mozilla Public License, and others all include warranty disclaimers. The Open Software License, instead, reads:
In other words, authors using the OSL are taking on a warranty obligation. The GNU Free Documentation License, interestingly, states only that any warranty disclaimers must be preserved. Authors releasing under that license should probably add an explicit statement of their warranty position.
Of course, no warranty disclaimers will keep you out of trouble if a litigious third party decides that you are distributing their intellectual property. For example, should SCO manage to prove in court that the famous "printer on fire" kernel message was stolen by IBM and placed in the Linux kernel, the fact that the relevant code was released under the GPL (if it was) will prevent other Linux distributors from suing IBM, but will it not help against SCO.
Regardless of disclaimers, anybody distributing material under a free license had better be sure that they have the right to do so. Once that is done, however, it is worth being aware of just what sort of warranty you are promising people who are making free use of your work.
Silly Corporate Obnoxiousness
The latest bit of amusement in the SCO suit comes from this talk with SCO CEO Darl McBride on News.com. Mr. McBride is now making direct claims that Unix source code has been copied into the Linux kernel. But don't hold your breath while waiting to see where this copying has happened:
Mr. McBride's contempt for the Linux developer community is, it would seem, exceeded only by his contempt for the public as a whole. It takes little thought to realize that his claims makes no sense whatsoever.
The Linux community, of course, would be incapable of "laundering" the code, since it is, according to SCO, incapable of implementing (or reimplementing) anything so advanced without stealing it. Of course, perhaps this band of thieves could rip off replacement code from somewhere else. Suppose, for the sake of argument, that the code in question is "laundered" with a replacement stolen from, say, CP/M. The resulting kernel would be bizarre, but it would no longer infringe upon SCO's copyrights.
Such a series of events would not change SCO's case in any way, however. If IBM truly misappropriated SCO's code, that act remains. And it is an act that cannot be hidden; the evidence is distributed, beyond recall, all over the Internet. And all over the physical world as well. So even if the Kernel Janitors do an especially effective cleanup job, SCO could certainly manage to send one of its brand-name lawyers down to a local computer store to pick up a boxed set of the distribution of their choice. "Exhibit A" should not be that hard to find.
Indeed, the company could simply submit one of its own products to the court. SCO is, with full knowledge now, distributing the disputed source licensed under the GPL. There are two possible conclusions that can be reached from this action:
- SCO has agreed that the code which - it claims - was taken from Unix
can now be distributed under the GPL. This would not necessarily make
the case moot - SCO might not have agreed to the initial disclosure -
but it certainly removes the need to "launder" anything.
- SCO is knowingly distributing a derived product from a GPL-licensed program (the kernel) which is not, itself, licensed under the GPL. If SCO is claiming proprietary rights on the kernel that it is shipping, then SCO is in violation of the GPL, and loses the right to distribute the kernel at all.
Either way, the implications are interesting. If it looks like SCO is in violation of the GPL, the development community is unlikely to adopt a forgiving attitude. The first big Linux lawsuit could end up giving birth to the first big GPL case.
[As a postscript: SCO's veiled hints that the free software community is behind the denial of service attack on its web site border on libel. As Eric Raymond has pointed out, Linux hackers have better things to do. Criminal attacks do not help us in any way, and are not the free software way of doing things.]
A Look At WineX
[This article was contributed by Joe 'Zonker' Brockmeier]
Gaming is still an area where Windows is, so to speak, way ahead of the game. Since Loki Entertainment Software went under, Linux gamers have had little hope of seeing a wide selection of popular games for Linux. However, the folks at TransGaming are trying to bridge the gap with WineX. TransGaming recently released version 3.0 of WineX, a product that's designed to allow Linux users to run Windows games on Linux. I took it for a spin recently to see just how well the product worked, and whether WineX is the answer to gaming on Linux. The answer, as it turns out, is "maybe."
WineX is not compatible with all Windows games on the market. In fact, TransGaming supports only a small subset of Widnows games. You can find a full list of supported games on TransGaming's site along with ratings for games that have been tested by TransGaming or submitted by their users.
I tested WineX 3.0 on a machine with an Athlon XP 2000+ CPU, one gigabyte of RAM and an ATI Radeon 9000 with 64 MB of RAM running Mandrake Linux 9.1. It's not as brawny as many gaming machines, but it's no slouch in the speed department either. I've been running native Linux versions of Quake III Arena and Unreal Tournament on it for some time, and I'm happy with the performance of those games.
Setting up WineX 3.0 is pretty easy, I just grabbed the WineX RPM and installed it. I also installed their Point2Play GUI, but I didn't have very good luck with it. At first, it couldn't even find my CD-ROM or DVD drives -- apparently the format of Mandrake's /etc/fstab threw it for a loop. Even after I fixed that, the options for installing a game using Point2Play remained greyed out. That's not really a big deal, installing a game with WineX is easy enough from the command line. All you need to do is mount the CD-ROM and run "winex3 setup.exe" (replacing "setup.exe" with the appropriate name for the setup program) and run through the normal installation procedure you'd go through in Windows.
I tested several games, some on TransGaming's list and some not, and only had real success with two games. To be fair, the games that didn't function were either not on the list or marked as working poorly. Half-Life installed, but threw an error after startup and then hung on a black screen with an hourglass cursor. I suspect that if I spend some time tweaking config file, I could probably get it to work. The installation program for Dungeon Master died midway through the install, as did the installer for MDK 2.
Then I tried installing the Windows version of Return to Castle Wolfenstein. This installed flawlessly. Then I began the grueling work of actually testing the game. After several hours of gameplay I didn't notice any glitches or problems with Wolfenstein. I had success switching the resolution, tweaking the brightness, saving and loading games -- in short, it seemed to work perfectly. I then installed Heretic II. I had to tweak the WineX configuration file so that Heretic would realize that the CD-ROM was in the drive, but it also ran perfectly after I made the switch.
WineX 3.0 kind of reminds me of the days when I used to buy a DOS game and cross my fingers hoping that it would run on my computer. Some games would install and run easily, others would take a little wrestling to get them to run, and others never ran due to conflicts with this or that piece of hardware or for some other almost unknowable reason. The difference here is that TransGaming is continuously working on WineX, so it's possible that a game that doesn't run today will run sometime down the road.
While WineX may not be compatible with a fair number of games, the performance of the games that are compatible is very satisfying. If you're thinking that you want to run a Windows game under Linux, my advice would be to check TransGaming's list of compatible games first. If your game is on the list with a working rating of 4 or 5, you can feel pretty confident that you'll be able to play your game on Linux with WineX and be happy with the performance and stability of that game. Otherwise, proceed with caution.
Even though WineX doesn't run everything under the sun, I still think it's worth the price. TransGaming doesn't sell WineX as a boxed product, you have to subscribe to WineX to get the prepackaged files. They offer RPMs and Debian packages of current releases only to subscribers, but you can access their CVS and try to build it yourself from source. I didn't try this, but would be curious to hear what kind of success others have had. The pricing for the subscription is pretty reasonable, just $5 a month with a 3-month minimum. Even if you cancel the subscription after the initial three months, you still have the releases that you download during your subscription. It's not a perfect solution, but WineX does show a lot of promise.
Security
Brief items
Hardening Linux against buffer overflows
Whenever kernel hacker Ingo Molnar disappears for a while, it is reasonable to expect that he will resurface with some interesting new development. In the past, he has materialized with the TUX in-kernel web server, the O(1) scheduler, and the new kernel threads implementation. His most recent offering, however, has to do with making Linux systems more resilient in the face of buffer overflow vulnerabilities.The new "Exec Shield" patch (which applies to the 2.4.21 release candidate kernel) takes several steps to fight buffer overflows, including:
- Engaging in some x86 segmentation magic to minimize the range of
addresses where the processor can execute code. This approach is
essentially a hack to work around the inconvenient fact that the x86
architecture lacks a page table flag for controlling execute
permission. By playing with segments, this patch makes it impossible
to execute code on the stack and in as much of the data area as
possible. As a result, the execution of exploit code delivered via
buffer overflows becomes far more difficult.
- As much executable code as possible is moved into the lowest part
of the virtual address space - below 16MB. Addresses in this range
begin with a zero byte, making them hard to create with purely ASCII
overflows. Many applications which deal with C strings cannot be
overflowed with a string containing NULL bytes. Others, of course,
will read any sort of data and will not be affected by this particular
change. For applications for which this measure is effective, however
(and that set includes most web-based applications), this shift into
the "ASCII armor" area will block exploits which work by jumping into
library code which might, say, execute a shell.
- A subsequent release of the patch includes shared library and stack address randomization. These measures make mass exploits harder, since each target process is different.
This approach, note, is different from that used in the recent OpenBSD 3.3 release. OpenBSD does not (yet) provide executable stack protection on the x86 architecture; instead, it relies on detecting buffer overflows with a modified compiler that installs (and checks) "canaries" on the stack. The OpenBSD "W^X" execute permission control will be extended to the x86 architecture in 3.4.
So does this approach bring any real security? Non-executable stack patches have failed to get into the Linux kernel before, since Linus does not believe in them:
The real solution, says Linus, is to fix the applications. That is undoubtedly true, but fixing all of the applications out there (and keeping them fixed) is not an easy task. In the meantime, raising the bar for potential attackers may well be the right thing to do. It would not be surprising to see this patch find its way into the kernels shipped by the major distributors, even if Linus does not accept it into the mainline.
OpenSSL pursuing FIPS 140-2 cryptographic certification
The Open Source Software Institute is leading an effort to secure National Institute of Standards and Technology's (NIST) FIPS 140-2 level 1 cryptographic certification for OpenSSL. Hewlett-Packard has provided funding to support the certification effort. In addition, Gary Gross, of HP, is serving as OSSI's program manager and technical lead for the FIPS 140-2 certification program. The press release is in PDF format. (Thanks to David A. Wheeler)
New vulnerabilities
epic4: buffer overflows and arbitrary code execution
| Package(s): | epic4 | CVE #(s): | |||||||||
| Created: | May 2, 2003 | Updated: | May 22, 2003 | ||||||||
| Description: | Timo Sirainen discovered several problems in EPIC4, a popular client for Internet Relay Chat (IRC). A malicious server could craft special reply strings, triggering the client to write beyond buffer boundaries. This could lead to a denial of service if the client only crashes, but may also lead to executing of arbitrary code under the user id of the chatting user. | ||||||||||
| Alerts: |
| ||||||||||
fuzz: symlink vulnerability
| Package(s): | fuzz | CVE #(s): | |||||
| Created: | May 7, 2003 | Updated: | May 7, 2003 | ||||
| Description: | The fuzz software stress testing tool has a temporary file vulnerability which can be exploited by a local attacker. | ||||||
| Alerts: |
| ||||||
leksbot: improper setuid-root execution
| Package(s): | leksbot | CVE #(s): | |||||
| Created: | May 6, 2003 | Updated: | May 7, 2003 | ||||
| Description: | Maurice Massar discovered that, due to a packaging error, the program /usr/bin/KATAXWR was inadvertently installed setuid root. This program was not designed to run setuid, and contained multiple vulnerabilities which could be exploited to gain root privileges. | ||||||
| Alerts: |
| ||||||
mod_auth_any: remote exploit
| Package(s): | mod_auth_any | CVE #(s): | CAN-2003-0084 | ||||
| Created: | May 2, 2003 | Updated: | May 7, 2003 | ||||
| Description: | mod_auth_any is a web server module that allows the Apache httpd server to
call arbitrary external programs to verify user passwords.
Vulnerabilities have been found in the way mod_auth_any escapes shell arguments when calling external programs. These vulnerabilities allow remote attackers to run arbitrary commands as the user under which the Web server is running. | ||||||
| Alerts: |
| ||||||
openssh: timing attack leads to information disclosure
| Package(s): | openssh | CVE #(s): | CAN-2003-0190 | ||||||||||||||||||||
| Created: | May 2, 2003 | Updated: | November 30, 2004 | ||||||||||||||||||||
| Description: | From the advisory:
"During a pen-test we stumbled across a nasty bug in OpenSSH-portable with PAM support enabled (via the --with-pam configure script switch). This bug allows a remote attacker to identify valid users on vulnerable systems, through a simple timing attack. The vulnerability is easy to exploit and may have high severity, if combined with poor password policies and other security problems that allow local privilege escalation." | ||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||
Resources
The top 75 security tools
Insecure.org has put together a list of the top 75 security tools as determined by a poll of nmap users. The list starts out with the obvious entries (nessus, ethereal, snort), but there's sure to be something new there for just about anybody.Linux Security Week
The May 5 issue of the Linux Security Week newsletter from LinuxSecurity.com is available.
Events
HiverCon 2003 call for papers
HiverCon 2003 is happening November 6 and 7 in Dublin; the call for papers has gone out, with submissions due by the beginning of August.ToorCon 2003 call for papers
The call for papers for ToorCon 2003 (September 26 to 28, San Diego) has gone out; submissions are due by August 17.
Page editor: Jonathan Corbet
Kernel development
Brief items
Kernel release status
The current development kernel is 2.5.69, released by Linus on May 4. This large patch includes a FireWire update, some IDE cleanups, more devfs cleanups, a rework of the driver core class code, some new libfs helpers which make it easier to create in-kernel virtual filesystems, a big tty layer cleanup, a change to the interrupt handler prototype (see the April 24 LWN Kernel Page), runtime barrier instruction patching (which allows optimal performance on different processors without the need to ship multiple kernels), more preparation for an expanded dev_t type, some swapoff improvements, a new set of memory allocation flags, and numerous other fixes and updates. Details can be found in the long-format changelog.Linus's BitKeeper tree contains some I2C improvements, some netfilter tweaks, and a small number of other fixes.
2.5.69-ac1 is available from Alan Cox; it adds some IDE fixes, a number of janitorial fixes, and various other fixes and updates.
The current stable kernel remains 2.4.20; there have been no 2.4.21 prepatches since 2.4.21-rc1 on April 21.
Alan Cox's 2.4.21-rc1-ac4 adds a vesafb fix, some NFS improvements, audio and serial ATA support for the Intel ICH5 controller, a new AMI Megaraid driver, and various other fixes.
Kernel development news
The right way to yield
The kernel list still sees occasional complaints about the interactive response of recent development kernels. Many of these complaints, it turns out, relate to OpenOffice. The specific problem in this case has been found: a combination of a change in sched_yield() semantics and, one might say, suboptimal programming in OpenOffice.The purpose of sched_yield() is to temporarily give up the processor to other processes. The process calling sched_yield() remains in the runnable state, and can normally expect to run again in short order. The 2.5 development series has made a subtle change in the way sched_yield() works, however. This call used to simply move the process to the end of the run queue; now it moves the process to the "expired" queue, effectively cancelling the rest of the process's time slice. So a process calling sched_yield() now must wait until all other runnable processes in the system have used up their time slices before it will get the processor again.
The new semantics arguably make more sense; a process calling sched_yield() should truly give up the processor. Some threaded applications, however, implement busy-wait loops with sched_yield(). OpenOffice is one such application; LinuxThreads also, apparently, uses this technique. This kind of application performs poorly with the new yield semantics; being moved to the "expired" queue makes the loop far less responsive.
There has been talk of ways of changing sched_yield() so that OpenOffice and other applications are not so badly penalized. One approach, for example, preserves the application's time slice, but drops its priority slightly. The consensus, however, seems to be that applications that loop on sched_yield() are simply broken and should be fixed. In the case of OpenOffice, this fix has already apparently been made.
Module reference counts - back to the future?
In the 2.2 (and prior) kernels, loadable modules were charged with the task of maintaining a count of references to the module. When the reference counting was done correctly, the kernel knew when it was safe to unload a module. Unfortunately, the maintenance of the reference counts often was not done right, and, in any case, in-module reference counting was subject to certain small but unavoidable race conditions. Simply put, there was no way to completely avoid situations where the kernel was executing module code while the module's reference count was zero.Starting in 2.3, the reference counting task moved slowly outside of the modules themselves. For example, the file_operations structure exported by char drivers got an owner field which points to the module. Before the kernel will, say, call a module's open() method, it increments the reference count. This mechanism puts the reference count in one place (rather than in hundreds of module open() methods) and eliminates race conditions. In 2.5, this mechanism was extended further, and attempts to increment reference counts were allowed to fail (for example, when the module still exists, but is being unloaded).
This mechanism works reasonably well for most device drivers; the interface between the kernel and the module is narrow, and references to the module are limited to a few types of objects (open files and memory mappings). Life gets harder, however, when you get into other parts of the kernel. A recent discussion on the netdev list, started by the discovery of a situation where the networking subsystem can call into a module which has been unloaded, shows how hard it can be.
The networking code keeps track of a vast array of objects, each of which can reference others, and each of which must be reference counted. A networking module can only be unloaded when all of those objects are no longer referenced and have been cleaned up. The immediate problem has to do with network devices (exported by network device drivers); numerous parts of the kernel can reference such a device. So the device itself contains a reference count. In some situations, however, the kernel can remove a driver module even though a particular device's reference count had not dropped to zero. One solution to the problem, as proposed by Rusty Russell, is to increment the module's reference count every time one of its network device's count goes up. The problem with this approach, according to David Miller, is that devices are just the beginning.
The insanity comes from the fact that attempts to increment module use counts can fail. Trying to add an unbelievable number of failure paths to the networking code to deal with this case does indeed seem like a one-way ticket to the funny farm. All this extra reference counting also adds significant overhead to the networking code's hand-crafted fast paths; that is a penalty that the networking hackers are not prepared to accept.
The solution that some of the networking developers are asking for is to go back to having modules maintain their own reference counts - sort of. At the least, modules need some way of saying whether they can or cannot be unloaded at a particular time. Usually that decision is just a matter of looking at the internal objects they have to maintain anyway. So the addition of a simple can_unload() function to many modules would solve the immediate problem.
There is still another problem, though: actually getting a complex module to a state where it can be unloaded can be a tricky task. Removing a network protocol, for example, requires shutting down the protocol and waiting for all objects to be freed. Little details (like sockets which must, according to the protocol specification, sit in a 60-second TIME_WAIT state before going away) complicate the picture and can make the unload process take a long time. Users tend to worry when an rmmod command appears to just hang. Handling all the details of that case (especially if you want to allow users to interrupt the rmmod operation) gets to be tricky indeed. Possible solutions are being discussed, but no implementations are currently on the horizon.
Of course, one could always go back to Rusty's suggestion from the 2002 Kernel Summit: simply do not allow modules to be removed from the kernel.
Driver porting
Driver porting: Device model overview
| This article is part of the LWN Porting Drivers to 2.6 series. |
The device model presents a bit of a steep learning curve when first encountered. But the underlying concepts are not that hard to understand, and driver programmers will benefit from a grasp of what's going on.
The fundamental task of the driver model is to maintain a set of internal data structures which reflect the architecture and state of the underlying system. Among other things, the driver model tracks:
- Which devices exist in the system, what power state they are in, what
bus they are attached to, and which driver is responsible for them.
- The bus structure of the system; which buses are connected to which
others (i.e. a USB controller can be plugged into a PCI bus), and
which devices each bus can potentially support (along with associated
drivers), and which devices actually exist.
- The device drivers known to the system, which devices they can
support, and which bus type they know about.
- What kinds of devices ("classes") exist, and which real devices
of each class are connected. The driver model can thus answer
questions like "where is the mouse (or mice) on this system?" without
the need to worry about how the mouse might be physically connected.
- And many other things.
Underneath it all, the driver model works by tracking system configuration changes (hardware and software) and maintaining a complex "web woven by a spider on drugs" data structure to represent it all.
Some device model terms
The device model brings with it a whole new vocabulary to describe its data structures. A quick overview of some driver model terms appears below; much of this stuff will be looked at in detail later on.
Other terms will be defined as we come to them.
- device
- A physical or virtual object which attaches to a (possibly virtual) bus.
- driver
- A software entity which may probe for and be bound to devices, and which can perform certain management functions.
- bus
- A device which serves as an attachment point for other devices.
- class
- A particular type of device which can be expected to perform in certain ways. Classes might include disks, partitions, serial ports, etc.
- subsystem
- A top-level view of the system's structure. Subsystems used in the kernel include devices (a hierarchical view of all devices on the system), bus (a bus-oriented view), class (devices by class), net (the networking subsystem), and others. The best way to think of a subsystem, perhaps, is as a particular view into the device model data structure rather than a physical component of the system. The same objects (devices, usually) show up in most subsystems, but they are organized differently.
sysfs
Sysfs is a virtual filesystem which provides a userspace-visible representation of the device model. The device model and sysfs are sometimes confused with each other, but they are distinct entities. The device model functions just fine without sysfs (but the reverse is not true).The sysfs filesystem is usually mounted on /sys; for readers without a 2.6 system at hand, an example /sys hierarchy from a simple system is available. The top-level directories there correspond to the known subsystems in the model. The full device model data structure can be seen by looking at the entries and links within each subsystem. Thus, for example, the first IDE disk on a particular system, being a device, would appear as:
/sys/devices/pci0/00:11.1/ide0/0.0
But that device appears (in symbolic link form) under other subsystems as:
/sys/block/hda/device
/sys/bus/ide/devices/0.0
And, additionally, the IDE controller can be found as:
/sys/bus/pci/devices/0.11.1
/sys/bus/pci/drivers/VIA IDE/00:11.1
Within the disk's own sysfs directory (under /devices), the link block points back at /sys/block/hda. As was said before, it is a complicated data structure.
Driver writers generally need not worry about sysfs; it is magically created and implemented by the driver model and bus driver code. The one exception comes about when it comes to exporting attributes via sysfs. These attributes represent some aspect of how the device and/or its driver operate; they may or may not be writeable from user space. Sysfs is now the preferred way (over /proc or ioctl()) to export these variables to user space. The next article in the series looks at how to manage attributes.
Kobjects
Even though most driver writers will never have to manipulate a kobject directly, it is hard to dig very deeply into the driver model without encountering them. A kobject is a simple representation of data relevant to any object found in the system; in a true object-oriented language, this would be the class that most others inherit from. Kobjects contain the attributes that, it is expected, most objects in the system will need: a name, reference count, parent, and type. Almost any object related to the device model will have a kobject buried deeply inside it somewhere.A kset is a container for a set of kobjects of identical type. Ksets belong to a subsystem (but a subsystem can hold more than one kset). Among other things, ksets control how the system responds to hotplug events - the addition (or removal) of an entry to (or from) the set.
Together, kobjects and ksets make up much of the glue that holds the driver model structure together. A separate article in this series covers kobjects and ksets in detail.
Driver porting: Devices and attributes
| This article is part of the LWN Porting Drivers to 2.5 series. |
Some time ago, this series looked at a simple block driver. That driver will now be augmented with simple driver model and sysfs support. The relevant bits of code will be shown below; the full source is available here.
The device structure
Once upon a time, struct device referred to a network interface. That structure has long since been renamed net_device, and, in 2.5, struct device became the "base class" for representing all devices in the system. The full structure can be seen in <linux/device.h>; for most drivers, however, there are only a few fields that are worth worrying about:
char name[DEVICE_NAME_SIZE];
char bus_id[BUS_ID_SIZE];
void *driver_data;
struct device_driver *driver;
The name field is a descriptive name (not something found in /dev; it can be something like "Barmatic VX773 Frobnicator"). bus_id describes where the device can be found on the bus; for PCI devices it is a string like "00:09.0". The driver can put anything it wants into the driver_data field. And driver describes the driver for this device; we'll get there shortly.
As a general rule, your driver will want to remember more about a device than can be represented in struct device; this structure just exists to hold the data common to all devices in the system. So drivers do not normally deal with bare device structures; instead, this structure is embedded within something larger. Thus, if you look at the definition of, say, struct pci_dev or struct usb_device, you'll find a struct device lurking within.
A general rule has been adopted that struct device is not the first field in any other structure which contains it. The idea is that programmers should think carefully about which structure they are dealing with at any given time, and not just cast pointers back and forth. Going from the larger structure to struct device is just a matter of referencing the appropriate field. To go the other way, the container_of() macro should be used. Thus, for example, a USB driver could turn a struct device pointer (called, say, devp) into a struct usb_device pointer with:
container_of(devp, struct usb_device, dev)
Here, "dev" is the name of the struct usb_device field containing the device structure. Normally, a bus subsystem will define a macro for doing this conversion; in the USB case, it is to_usb_device().
The example simple block device (SBD) does not attach to a physical bus, of course. For this type of device, the kernel exports a "system" bus which may be used for virtual attachments. Usually, the system bus contains devices like the processor, interrupt controller, and timer. But we can attach virtual disks there too.
System bus devices are represented by struct sys_device, defined as:
struct sys_device {
char *name;
u32 id;
struct device dev;
};
(A couple of fields have been omitted). Here, the name should be a /dev-style name - it will be used (along with the id value) to create the device's entry in sysfs under devices/sys.
The simple block device will be represented as a sys_device. Before we get to that, however, there is another structure that deserves a look.
The device driver structure
Device drivers, too, are represented in the device model, and in sysfs. The relevant structure (again, with a few fields omitted) looks like:
struct device_driver {
char *name;
struct bus_type *bus;
int (*probe) (struct device * dev);
int (*remove) (struct device * dev);
void (*shutdown) (struct device * dev);
int (*suspend) (struct device * dev, u32 state, u32 level);
int (*resume) (struct device * dev, u32 level);
};
The name this time around is the name of the driver, of course. The bus field is normally filled in by the bus-layer logic; drivers need not worry about initializing it. The various methods provided in the structure are for the handling of device discovery and power management tasks. Usually, again, these methods are provided at the bus level, with bus-specific calls down into the driver itself.
Time to look at some code. The SBD driver sets up its structure as:
static struct device_driver sbd_driver = {
.name = "sbd",
};
A driver for a real device may, at the least, want to add methods for suspend and resume events. There is nothing in particular that SBD needs to do in response to such events, however, so no such methods have been provided.
In the SBD module init code, the driver structure is registered with:
driver_register(&sbd_driver);
It is also necessary to call driver_unregister() in the shutdown code, of course.
This call is sufficent to create the directory bus/system/sbd in the sysfs hierarchy. As SBD devices are registered, they will appear as symbolic links in that directory. There will be no other data there, at least not yet.
Driver attributes
Suppose we wanted to put something else in the driver sysfs directory? That can be done through the creation of driver attributes. The SBD driver adds a file called version which contains the version of the driver code; user-space scripts could query that file to get a sense for what capabilities might or might not be available.Each driver attribute requires a name, file permissions, and functions to format and set the value of the attribute. Generally the functions are defined first. The SBD function to display the version is:
static ssize_t show_version(struct device_driver *drv, char *buf)
{
strcpy(buf, Version);
return strlen(Version) + 1;
}
The buffer passed into the show function is one full page, so there's plenty of room. In general, however, values for sysfs attributes should be short. The convention is that an attribute contains a single value - not pages of information as can be found in some /proc files.
The store function has the prototype:
ssize_t (*store)(struct device driver *drv,
const char *buf,
size_t count);
The return value is the number of bytes consumed by the operation (usually count); it can also be one of the usual error codes. Since there is little point in changing the driver's version string from user space, SBD provides no store function.
Creating attributes requires filling in a driver_attribute structure. This is usually done with the DRIVER_ATTR macro:
DRIVER_ATTR(name, mode, show, store);
In the case of the SBD driver, the relevant declaration is:
static DRIVER_ATTR(version, S_IRUGO, show_version, NULL);
This line creates a structure called driver_attr_version; it will ultimately create a file called version in the driver's sysfs directory. That file will have read-only permissions, and will call show_version() when read.
Actually creating the file, however, requires one more step. This line appears in the module initialization code, immediately after the call to driver_register():
driver_create_file(&sbd_driver, &driver_attr_version);
There is a driver_remove_file(), but normally it is unnecessary to call it - the files will be removed automatically when the driver is unregistered.
Device registration
Now that we are done looking at driver registration, we can get around to creating our device. SBD is a "system bus" device; the bus-specific device structure is created as:
static struct sys_device sbd_sys_device = {
.name = "sbd",
.dev = { /* struct device stuff */
.name = "Simple block device",
.driver = &sbd_driver
},
};
The id field defaults to zero, so this device will eventually be sbd0. Note the assignment of the dev.driver field, which connects the device with the driver that handles it.
At initialization time, the device is registered with:
sys_device_register(&sbd_sys_device);
sys_device_register() is a wrapper around device_register() which handles "system bus" details. Once this call has been made, the sysfs directory device/sys/sbd0 is created. Two attributes exist there: name contains "Simple block device", and power contains the device's current power state. Most importantly, however, the device exists within the device model data structure, where it can respond to hotplug and power management events.
Devices, too, can have custom attributes. For SBD, an attribute device contains the device number assigned to the virtual disk; this value could be used, for example, to create a /dev entry automatically in user space. The implementation is very similar to the driver attribute we set up before:
static ssize_t show_devnum(struct device *dev, char *buf)
{
return sprintf(buf, "%02x00", major_num);
}
DEVICE_ATTR(device, S_IRUGO, show_devnum, 0);
...
device_create_file(&sbd_sys_device.dev, &dev_attr_device);
One final step, specific to block devices, is taken in SBD. Before the virtual disk's gendisk structure is registered with add_disk(), a pointer to the device structure is stored:
Device.gd->driverfs_dev = &sbd_sys_device.dev;
This assignment causes a couple of extra symbolic links to be created in sysfs; devices/sys/sbd0/block points to block/sbd0, and block/sbd0/device points back to devices/sys/sbd0. In this way, the relationship between the various entries is made explicit.
Going further
This article barely touches on the device model interface. Many details have necessarily been omitted; many of them will be topics for future articles. The next article in the series, which will appear soon (promise) will look at the class interface. Power management also deserves a look, but that interface remains in flux as of this writing. Expect an article when the dust settles a bit.
Patches and updates
Kernel trees
Architecture-specific
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Janitorial
Networking
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet
Distributions
News and Editorials
Knoppix - the Great Linux Advocate
[This article was contributed by Ladislav Bodnar]
If you had to single out one project that most contributed to attracting Windows users to Linux, which one would it be? Opinions will undoubtedly vary a great deal, but one of the projects that has to be very close to the top is Knoppix, the popular Linux live CD, developed by Klaus Knopper.Consider this letter written by an excited reader of Langa List, a popular newsletter for Windows users:
Very few of the long-time LWN readers will get this excited about Knoppix's ability to read files on Windows partitions, or indeed, about its ability to repair a broken Windows installation that refuses to boot. It is not because we don't appreciate this ability - it's just that, in all honesty, we have become accustomed to using Linux this way and many of us carry around a bootable Linux CD for those emergencies that require system repair, irrespective of the operating system.
Why has Knoppix become so popular and successful? The concept of a bootable CD is not new and neither is the content of the Knoppix CD - the software packages provided are nothing but a selection of pre-compiled deb files from Debian's unstable, and occasionally, experimental branches. Few people heard of Knoppix as recently as a year ago, so how come suddenly everybody, even Windows users, talk about Knoppix?
Possibly the greatest advantage of Knoppix, as opposed to similar live CD projects, is its ease of use. Place the CD into the CD-ROM drive and reboot the computer - a few minutes later you will be fully productive in a graphical environment that is fairly easy to navigate even by those who have never used Linux before. Few Linux distributions have been able to match Knoppix's ability to auto-detect and set up hardware during boot. Everything from network cards to printers will be instantly available, at least in the majority of cases.
It goes without saying that if the user's intention is to use Knoppix to read password protected Microsoft Office files, then the user will have to learn how to start the console, navigate a UNIX file system and mount the correct partition. Those are just the first steps, but we all had to start somewhere. The curiosity, together with the realization of how powerful Linux is, might just convince these users to start playing with Linux on a more regular basis and even give it a partition on their hard disks. The shock of learning how awfully inadequate Microsoft file protection features are should be another strong motivator.
Knoppix has become so successful, that new Knoppix-based sub-projects have sprung all over the Internet. One the most comprehensive Knoppix-related resource sites available today is knoppix.net. Its Knoppix Customizations page lists, at the time of writing, a total of 28 customized versions of Knoppix, catering for those who need Knoppix in Hebrew or Norwegian, for those who want a live CD with extensive multimedia support, for those who prefer more educational or medical software, for those who need a mini-Knoppix or a live firewall..., the list goes on. Still cannot find what you need? Then head for the Knoppix Remastering Howto page for instructions how to build your own Knoppix bootable CD.
There is little doubt that Knoppix has become one of the greatest advocates of Linux we have ever seen. At the same time, it is simple to use, practical and useful in emergency situations. If you want to spread the word, carry a few Knoppix CDs in your briefcase and give them away liberally.
Distribution News
Debian GNU/Linux
The Debian Weekly News for May 6, 2003 looks at the FLOSS survey, old and new; something from Bruce Perens' wishlist; will i386 support be dropped?; the debate over credits in Free Software; and much more.The Debian Project will be attending conferences in Italy (Webb.it 2003 in Padova) and Austria (IFIT 2003 in Innsbruck).
Tollef Fog Heen has a Debconf 3 update. This year Debcamp and Debconf will take place in July, in Oslo, Norway.
Wichert Akkerman introduces a new service for SubVersion users at svn.debian.org.
DebianPlanet reports on the work being done to create a tag-based browseable hierarchy of Debian packages.
Gentoo Weekly Newsletter -- Volume 2, Issue 18
This week's edition of the Gentoo Weekly News looks at the feature list for the next release of Gentoo Linux 1.4; Rsync etiquette guidelines; some new mailing lists are available; and a policy discussion regarding accessing users' boxes.Libranet 2.8 released
Libranet GNU/Linux has released Libranet 2.8 with many improvments, including improved hardware detection, up to date KDE, Gnome, kernel etc. and it has undergone rigorous beta testing.Mandrake Linux
MandrakeSoft announced the immediate availability of Mandrake Linux 9.1 retail packs. Choose from the Standard Edition, PowerPack Edition (for power users) or ProSuite Edition (for businesses). All Mandrake Club members will receive a 20% discount on 9.1 orders made at the MandrakeStore.MandrakeSoft has some bug fixes available for Mandrake Linux 9.1:
- kdebase-servicemenu (a broken Konqueror feature used for PS to PDF file conversion).
- Updated devfsd packages fix multiple bugs.
- More bugs have been found in the drakxtools package.
- OpenLDAP did not properly migrate data from previous versions.
OpenBSD 3.3 released
OpenBSD 3.3 is out, with a long list of improvements and new security features. Much work has been done to make buffer overrun attacks harder to execute, but there's a lot of other security work in this release as well.Announcing GinGin64: A Technology Preview for the AMD64 Platform
Red Hat has announced the availability of a AMD64 technology preview. This preview is for those who are interested in early access to a Red Hat distribution for the AMD64 platform.
Minor distribution updates
Damn Small Linux
Damn Small Linux has released v0.3.8. "Changes: There is now a very nice X configuration script. The very small but very easy to use Monkey Web server has been added. A couple of small bugs in dsl-hdinstall and mkliloboot have been fixed."
Gibraltar Firewall
Gibraltar has released v0.99.7a with major security fixes. "Changes: The major security fix is for pptpd. It has been upgraded to a new development version that fixes the problem while glibc has been downgraded to the version available for Debian woody, which has the fix applied. If you use the pptpd service, then it is recommended to upgrade as soon as possible, since there already exists exploit code for this vulnerability (even if it doesn't work with current Gibraltar versions)."
KNOPPIX
KNOPPIX has released v3.2-2003-05-03 with minor feature enhancements. "Changes: This release has an hpijs inkjet driver update, a LILO update (fixed RAID support), qtparted, libsmbclient, and ethtool."
MoviX
MoviX has released v0.8.0pre5 with minor bugfixes. "Changes: The dxr3 modules have been updated. Video card detection finally seems to be correctly fixed. MPlayer's cache is now automatically reduced when free RAM is very low, to allow MoviX to work with just 64MB of RAM. DMA problems have been fixed. Memory bounds for the use of Win Codecs have been raised to ensure that there is enough RAM for the system."
MoviX2 0.3.0pre3 has
also been released with major bugfixes. "Changes: There is improved
TV out support. MPlayer has been upgraded to 0.90, and faad/Real support
added to it. DeCSS routines have been removed. NVidia support has been
fixed. Support for VIA CastleRocks cards has been added. DMA and video card
autodetection bugs have been fixed. Some modifications have been made to
make it work with 128MB. The -menu MPlayer feature has been added.
"
Rock Linux and dRock
Rock Linux released dRock v2.0.0-beta followed by Rock Linux v2.0.0-beta.
dRock (desktop Rock Linux) "Changes: Many package updates and compile
fixes were made. The PowePC port and hardware auto-detection were
improved. The installer has also been sped up greatly.
"
Rock Linux "Changes: This beta release features an almost totally
redesigned build system, which is now more like a true distribution build
kit. The dROCK (Desktop ROCK) sub-distribution was merged into the main
ROCK tree, many new packages were added, and important package updates were
made.
"
RUNT (ResNet USB Network Tester)
RUNT has released v1.11 with minor bugfixes. "Changes: An fstab entry has been added for /dev/hda1. Network card probing has been removed from the netconfig script to prevent rc.netdevices being overwritten. lilo.conf has been improved to recognize /dev/sda as the first disk when booting directly from USB. runthelp has been improved, and diskhelp help files have been added. This release uses Sendmail 8.12.9 for a security fix."
Slackware Live CD
Slackware Live CD has released v2.9.0.14 with major feature enhancements. "Changes: This release adds KOffice 1.2.1, adds the ability to pass some kernel parameters during boot (hold down Shift), and allows changing of the keyboard layout in KDE (multi-language keyboard)."
uClinux
uClinux has released v2.5.69-uc0 with major feature enhancements. "Changes: The latest kernel updates were applied. DragonEngine and 5282 support were added."
Distribution reviews
SuSE 8.2 approaches computing Nirvana (Register)
The Register has a glowing review of SuSE Linux 8.2. "There's a lot to like in SuSE's latest edition, 8.2, and little to complain about. There are security enhancements and graphics tweaks partly due to KDE 3.1, and major administration bonuses in YaST-2. It's clear that SuSE has worked hard to accommodate the corporate desktop market as well as the home user since edition 8.1, which we did not recommend. It appears the company is serious about tempting a mixed-species shop of Linux servers and Windows desktops to harmonize in favor of Linux and thus save considerably on administration costs. Microsoft should worry about the strides SuSE is making in this area."
Knoppix installation tips (NewsForge)
Here's a NewsForge article with some tips to help you get the most from your Knoppix CD. "When you boot up the Knoppix CD, a browser window pops up with a link to the software's FAQ, which includes instructions for installing Knoppix on the hard disk. Don't follow them! If you do, you'll install the German version of the software even though you booted from an English version of the CD. If you follow the instructions in the FAQ you can still convert the system to English, but to do so you have to change the locale setting in a number of places using a German interface."
Page editor: Rebecca Sobol
Development
The New Generation of Foomatic
LinuxPrinting.org mentions the release of version 3.0.0 of the Foomatic printer compatibility database. This is the first stable version in the 3.0 series. Foomatic is used for defining printer and printer driver capabilities, it works with the following print spoolers: CUPS, PPD, LPD, LPRng, GNUlpr, PDQ, and PPR. It also supports printer operation without a print spooler.![[LinuxPrinting.org]](https://static.lwn.net/images/ns/linprint.jpg)
Some of the important changes in Foomatic version 3.0.0 include:
- One filter, foomatic-rip, works with all spoolers.
- Standard PPD files are now used for all spoolers.
- Full Adobe Compliance for Foomatic generated PPD files.
- Support for manufacturer supplied PPD files.
- Foomatic-rip adheres to Adobe's DSC (Document Structuring Conventions).
- Support for custom page sizes on all spoolers.
- Option settings can be applied to individual pages.
- Support for pre-configured quality levels with "PrintoutMode".
- Much more.
System Applications
Audio Projects
Alsa 0.9.3 released
A new version of the Alsa sound driver has been released. The change summary says: "Moved firmware code from vxpocket and hdsp driver to alsa-tools."
JACK 0.70.4 released
Version 0.70.4 of JACK, the JACK Audio Connection Kit, is available. Changes include bug fixes, the addition of a new port metering API, and more.Ogg Traffic
The April 29, 2003 edition of Ogg Traffic is out with Ogg Vorbis audio compression software news. Discussion topics include: Appending an Ogg file to another, Emmett Plant leaves Xiph.org, Independent Label considers going Vorbis, Theora support coming to Xine, and Xiph.org News Feed.
Education
Linux in education report #95
Issue #95 of the Linux in education report is out. Topics include multiple display management with ZASS, the April Schoolforge meeting logs, a Schoolforge wiki, a free and open source solar system text, the Radio Gutenberg project, free software in education in India, the SchoolTool administration infrastructure project, the WordNet on-line lexical reference system, and more.
Mail Software
Milter news
The milter.org site has an article on Sendmail Performance Using Milter, and mentions new releases of Milter-Sender and Spamilter.
Networking Tools
Moodss 17.1 released
Version 17.1 of Moodss, a modular multi-platform monitoring application, has been released.
Printing
Common UNIX Printing System 1.1.19rc4 available
Version 1.1.19rc4 of CUPS, the Common Unix Printing System, is available. A number of bugs have been fixed, see the release notes for more information.
Web Site Development
Silva 0.9.1.3 released
Version 0.9.1.3 of Silva has been announced. "Silva is a Zope-based web application designed for the creation and management of structured, textual content. Silva allows users to enter new documents as well as edit existing documents using a web interface." This release features many bug fixes.
TextIndexNG 2.0 a1 released
Version 2.0 alpha of TextIndexNG has been released. "TextIndexNG is the new fulltext index for Zope and is the most feature-complete solution for fulltext indexing under Zope."
MySQL User Folder 0.9.1 released
Version 0.9.1 of mysqlUserFolder has been released. "This version is second candidate for 1.0 release - no major changes are planned. Version 0.9.1 brings some "small" improvements and bugfixes".
Miscellaneous
GNOME System Tools 0.25.0 is out! (GnomeDesktop)
Gnomedesktop.org has an announcement for version 0.25.0 of GNOME System Tools. "The GNOME System Tools are a set of cross-platform configuration utilities for Linux and other Unix systems. Internally they are divided in frontends and backends. The frontend knows nothing about the underlying system and provides the same user interface across the different types of systems. The backend knows how to read and write the configuration information."
Desktop Applications
Audio Applications
Ardour News
There is some new news from the Ardour multi-track audio recording project: "There's been more going on that you could possibly guess. This list just highlights a few of the most recent items:"PLUS Release Date Announced
- complete redesign of transport mechanism
- editor window mixer strip displays selected track
- better thread-safety throughout
- multi-channel import
- per-mixer-strip hide + width buttons
Sound Juicer 0.2.1 is out (GnomeDesktop)
Gnomedesktop.org mentions the release of Sound Juicer 0.2.1. "Sound Juicer is a CD-Ripping tool that aims to provide a clean interface and automatic file tagging."
CAD
PythonCAD Release Six available
Release number six of PythonCAD has been released. "The sixth release at long last adds the ability to store text in a drawing. The text handling is in its earliest stages of development, but now it is there. There is a new Polyline entity available to use in a drawing now. A Polyline is essentially the same thing as a connected set of segments, with the segments joined at the endpoint of one to another. The ability to mirror objects around an arbitrarily angled construction line has been added in this release as well."
Desktop Environments
X.Org - X Window - IPV6 Proposed Enhancements - Public Review
The Members of X.Org have announced the availability for Public Review of the proposed enhancements to the X Window System for the support of IPV6.KDE-CVS-Digest
The May 2, 2003 edition of the KDE-CVS-Digest is out. The topic summary includes: "Fixes to Khelpcenter. Scripting interface for Kstars. Kmail editing improvements and bug fixes. Beginnings of Postgresql support for Kexi. More work on screensavers and desktop locking."
KDE Traffic #49
Issue #49 of KDE Traffic is available. Topics include a kde-look newsflash, Exchange support for KMail?, Move KRename to KDE CVS, Removal of KEdit, Kmyfirewall maintainer resurfaces!, KDE Developer's Conference, KDE 3.1.2, What happened to the KOffice icon contest?, Finally ... a chilean KDE website, and KChart Evolution. Probably.
Interoperability
Wine Traffic #168
Issue #168 of Wine Traffic has been published. Topics include: CrossOver Plug-in 1.2.1, WineX 3 Review 2, MacOS X Work, Running Borland's Free Compiler (bcc), Updated Valgrind Instructions, New Server Specs, and Updated CVS Utilities.
Office Applications
AbiWord Weekly News #142
Issue #142 of the AbiWord Weekly News is out. "We get some updated information about the State of Bidi from the Executor and Chief of Bidi for Abiword, Tomas Frydrych. At the same time, the Mail Merge plugin is officially reaches full functionalilty, while the Open Text Summarization tool makes its big debut in Abiword's CVS. Speaking of premiers in the CVS, we now have THREE tutorials for the first time Abiword user, thanks to a technical writing course and too many people lacking communications skills and tutorials for their MUAs (that's a joke, but it will make sense to you in a bit). By the way, 1.9.1 is coming out, today."
Evolution 1.3.3 Preview available
Version 1.3.3 Preview of Evolution, a personal and workgroup information management application, has been released. The release notes say: "The plan for Evolution 1.3 is to not add any new major features compared to Evolution 1.2. The aim of the upcoming stable release is to just provide the same functionality as Evolution 1.2, but with better integration with the GNOME 2 desktop, as well as to take advantage of the features of the new platform, such as better font support. Of course, a bunch of 1.2 bugs have also been fixed during the process of porting Evolution to GNOME 2."
Fisterra: Open Source ERP (GnomeDesktop)
Gnomedesktop.org covers the first release of fisterra, an open-source Enterprise Resource Planner (ERP). "It currently supports invoicing, stock and payment management, POS (Point-Of-Sale), distributed work and offline replication. It uses Gnome technologies and PostgreSQL."
GNUe Traffic #78
Issue #78 of GNUe Traffic is available. Threads include: Multi-language Forms, HTML and Curses User Interfaces for GNUe, and a GNUe Overview.LyX Development News
The May 4, 2003 LyX Development News is out. Topics include: CJK LyX 1.3.0 for Qt, Configurable toolbars and the new icons, New menu layout, Recent developments, The humanities of LyX, and Bugwatch.LyX 1.3.2 is released
Version 1.3.2 of LyX is available. Changes include spellchecker code overhaul, Qt frontend bug fixes, and improved UI translations.StarDict 2.0.0 released (GnomeDesktop)
Gnomedesktop.org has an announcement for version 2.0.0 of StarDict. "StarDict is an international dictionary written for the GNOME environment. It [has] powerful features such as "Glob-style pattern matching", "Scan selection word", "Fuzzy query" and etc".
Web Browsers
Epiphany 0.6.0 released (GnomeDesktop)
Version 0.6.0 of the Epiphany browser has been announced, with a long list of changes. "Epiphany is a GNOME web browser based on the mozilla rendering engine. The name meaning: "An intuitive grasp of reality through something (as an event) usually simple and striking""
Mozilla status update
The May 2, 2003 Mozilla status update has been published. Check it out for the latest Mozilla browser development news.Lynx 2.8.5dev.15 released
Version 2.8.5dev.15 of Lynx, a text-mode browser, has been released. The change information is available in the code.
Languages and Tools
Caml
Caml Weekly News
The May 6, 2003 edition of the Caml Weekly News is out with the latest Caml language news. Topics include: Dynamic HTML: DTD validation with phantom types, memoization and CPS, comparison with C performance, recursive modules, and GCaml.
Java
Charming Jython (IBM developerWorks)
Uche Ogbuji writes about Jython on IBM's developerWorks. "Jython, the 100% Pure Java implementation of the Python programming language, combines the advantages of Python and the Java virtual machine and library and serves as a handy complement to the Java platform. In this article, software consultant and frequent developerWorks contributor Uche Ogbuji introduces Jython 2.1 to Java developers by contrasting and comparing the way Python and the Java language create classes and how they use the interpreter. Uche illustrates the differences by providing samples of Java library access, as well as the Jython interpreter shell and code files."
Lisp
ECL 0.9 released
Version 0.9 of ECL (Embeddable Common-Lisp) is available. "This version remembers by default function definitions from the interpreter, adds a function for creating totally empty files, allows customization of the directory for temporary files used by the compiler, provides minor optimizations, improves ANSI compliance and fixes several bugs."
Perl
This Week on perl5-porters (use Perl)
The April 28 - 4 May 2003 edition of This Week on perl5-porters is out. "This week summary doesn't feature very exceptional bug fixes, or utterly important information, or pearls of the most pleasant sense of humor of the perl5-porters. Does this mean that it's completely non-interesting ? Read it and judge by yourself : shortcuts, ACLs, meta-information, and a couple of cows."
This week on Perl 6 (O'Reilly)
The April 27, 2003 edition of This week on Perl 6 has been published. Check it out for the latest Perl 6 development news.May Perl Journal out
The May Perl Journal is available to TPJ subscribers, with articles about Web Localization & Perl; Data Manipulation & Perl Command-Line Options; Google and Perl; and more.
PHP
PHP Weekly Summary
The May 5, 2003 PHP Weekly Summary is out. Topics include: "comments and execution speed, DOMXML speed issues, ODBTP project and extension, Why ZTS?, Deprecating stdio, PHP 4.3.2 RC 2 released, *= operator, replacing expat with libxml2, Memory handling in PHP."
Python
Dr. Dobb's Python-URL! (May 5, 2003)
The Dr. Dobb's Python-URL! with news and links for the week of May 5, 2003 is available. This week Michael Chermside explains why subclassing tuple needs two-stage initialization; Jeff Epler explains why "for line in sys.stdin" doesn't stop on the first ctrl-d; and much more.
XML
Developing E-Business Interactions with JAXM (O'ReillyNet)
Nikhil Patil writes about JAXM on O'Reilly. "RPC-style web services are getting a lot of press, but sometimes transferring a document is more important than calling a remote procedure. Nikhil Patil explores JAXM, the Java API for XML Messaging, which allows document-style web services."
Web-based XML Editing with W3C XML Schema and XSLT (O'Reilly)
Ali Mesbah writes about XML Editing with W3C XML Schema and XSLT on O'Reilly. "This article describes a technique in which an XML instance document can be edited through an automatically created form-based GUI, based on the schema of the instance document. The whole cycle of GUI creation (using XSLT), editing, and updating (using XUpdate) XML instances is presented here."
Style stylesheets to extend XSLT, Part 1 (IBM developerWorks)
Read about extending XSLT with stylesheets in an article by Joseph Kesselman on IBM's developerWorks. "XSLT isn't just about styling documents for presentation. It's actually a very general-purpose document transformation processor. And as Joe demonstrates in this two-part series, stylesheets are themselves documents, so XSLT can be used as a portable preprocessor to automatically enhance the behavior of a stylesheet."
Miscellaneous
Mono 0.24 ships
Version 0.24 of Mono, an open-source implementation of the .NET Development Framework, has been released. "We have released Mono 0.24 which includes our new code generation engine." See the release notes for more information.
Put virtual filesystems to work (IBM developerWorks)
Cameron Laird talks about virtual filesystems on IBM's developerWorks. "The idea behind a VFS is simple: it represents as a filesystem something that is not a filesystem. Filesystem here means a "conventional Linux-like filesystem": a tree or hierarchy of directly accessible directories and (ordinary) files. The concept should intrigue anyone working with Linux, of course, simply because so much of Linux's own character comes from the representation of devices, tables, and other objects within the UNIX filesystem. UNIX is founded on the principle that everything, or at least plenty of things, are files; VFS generalizes this to view as much as possible as a filesystem."
Page editor: Forrest Cook
Linux in the news
Recommended Reading
Windows Server 2003 better than Linux (Inquirer)
This article in the Inquirer typifies the hype that is going around on Microsoft's latest OS offering. "The combatants fighting it out were Windows Server 2003, Red Hat 8.0 and Red Hat Advanced Server 2.1. The arena was serious enterprise, one of the machines used in the test was an 8 processor HP Proliant DL760 Xeon system with 4GB of RAM. The Linux systems were running Samba. The test was performed using ZD NetBench 7.02. And Windows Server 2003 gave the Linux system a right good stuffing, almost performing at twice the speed in many tests." (Thanks to Dan Kegel)
Penguin cracks Windows servers (IT-Director)
IT-Director.com has concluded that there is a future for Linux. "Meanwhile, Merrill Lynch now rates Microsoft shares as 'neutral', citing Linux, supported (especially) by IBM, as a threat."
Code red for open source? (News.com)
News.com talks with SCO CEO Darl McBride about the IBM suit. "'We feel very good about the evidence that is going to show up in court. We will be happy to show the evidence we have at the appropriate time in a court setting,' McBride said. 'The Linux community would have me publish it now, (so they can have it) laundered by the time we can get to a court hearing. That's not the way we're going to go.'" Despite being yet another insult against the Linux developer community, this remark shows a great ignorance of how that community works. No amount of "laundering" will make the code history go away.
Trade Shows and Conferences
KDE Has Tea With Stallman
Philippe Fremy writes about his experience at Paris Linux Solution 2003 and having tea with Richard Stallman and the French KDE team.Feed Your Head at Etech 2003 (O'Reilly)
O'Reilly has coverage of this year's Emerging Technology Conference. "As the Emerging Technology Conference came to a conclusion on Friday, April 25, 2003, many of the participants were still just as enthusiastic as they had been on day one, and the sessions were as full as ever. Daniel Steinberg was there from the beginning, and he's pulled together some of his favorite observations for this article."
Companies
MySQL moves forward (IT-Director)
This IT-Director article takes MySQL to task for not supporting XML. "The market works on the basis of perception and it listens to the stories that the 800lb gorillas tell. And the stories these vendors are telling is that you can implement XML in the database, that the overhead of mapping between XML structures and relational tables can be minimised if not totally reduced, and we have even got relational database vendors implementing hierarchical structures for XML indexing."
PeopleSoft takes the leap to Linux (ZDNet)
ZDNet reports on the latest new (proprietary) application for Linux. "PeopleSoft said it will announce plans at a customer conference in Las Vegas on Tuesday to convert its entire line of business applications, which includes more than 170 products, to run on the open-source Linux operating system."
SCO in the news
SCO is in the news. Maybe it's true that any publicity is good publicity, or maybe not.- News.com Net
attack crushes SCO Web site
- OfB.biz SCO
Declares IP Jihad on Linux
- ZDNet SuSE safe from SCO attacks
Linux Adoption
Operating system battling non-believers (Globe and Mail)
The Globe and Mail looks at Linux in the workplace, and talks to Evan Leibovitch. "So whenever Mr. Leibovitch hears objections to Linux, he dismisses them as a "smokescreen thrown up by people who have turf to protect." So what are the valid obstacles to Linux in the workplace? One objection is that popularity of a product is a powerful argument to switch, but it's difficult to measure the success of Linux. No one has records of the number of installations of Linux, because as a free system it can't be measured the traditional way, which is to calculate the number of copies a manufacturer ships." (Thanks to Philip Webb)
On Open Source Procurement Policies (NewsForge)
NewsForge carries a lightly edited transcript of a presentation by Tony Stanco made at a meeting of the New York City Council's Select Committee on Technology in Government on April 29, 2003. "One question that is seldom asked is, "How can Open Source possibly be giving multi-billion dollar companies so much competition that they feel they need to actively dissuade government officials from even thinking of using Open Source software?" This is not an idle question. Open Source doesn't have lobbyists or marketers or ad men to promote its software. So, to say that governments shouldn't have rules to consider Open Source software, as Open Source opponents often do, takes away the only avenue that Open Source has to really reach government."
Louisiana courts go with Linux (NewsForge)
NewsForge looks at open source technology used by US state governments. "One of the latest government installations based on open source tools is being developed in Louisiana, on behalf of the state's court system. In Louisiana's Nineteenth Judicial District Court, developers are building a new database application over Linux that offers police, judges and the public real-time access to judicial records."
Legal
IBM denies charges of Unix theft (News.com)
News.com covers IBM's 18-page filing in U.S. District Court in Utah, rebutting SCO suit. "IBM also accused SCO of trying, in the suit, to interfere with the open-source community, which develops Linux and many other software packages. SCO is seeking "to hold up the open-source community (and development of Linux in particular) by improperly seeking to assert proprietary rights over important, widely used technology and impeding the use of that technology by the open-source community," IBM said."
False open source representative calls for European software patents (NewsForge)
In this NewsForge article, Bruce Perens reports that a false or misled "open source representative" has signed an industry resolution calling for the EU to allow software patenting. "Software patents could be fatal for Open Source software in the U.S. and Europe. Since we do not collect royalties from the distribution of our own software, we have no funds to pay royalties to patent holders. Rather than sue us to collect money, expect patent holders to sue Open Source developers to restrain them from distributing their software or carrying out further development. Companies that produce proprietary software would bring that sort of suit to kill us off as a competitor."
Ed Felten's analysis of the Grokster ruling
Ed Felten has posted an "instant analysis" of the Grokster ruling. "Unless this decision is overturned quickly on appeal, the P2P policy battle will now move to Washington. Having lost in the Courts, the content industry will take the judge's hint and lobby Congress to pass legislation changing the rules. My prediction is that we'll see a bill circulated that creates an affirmative responsiblity to design products that make infringement as difficult as possible."
Software Patents and SMEs (7 - 8 May 2003) - Brussels
AEL (Association of Electronic Liberties) announces some upcoming events to protest a Software Directive that is currently being considered by the European Parliament which would legalise software patents in the EU.
Interviews
Eye on Karamba: Talking to Hans Karlsson (KDE.News)
KDE.News interviews Hans Karlsson, author of Karamba. "Karamba is a desktop enhancement, similar to Konfabulator and Samurize, that appeared on KDE-Look.org (looky) about one month ago. Since then, Karamba has become the highest rated project on looky with a surprisingly large number of themes and extensions having been contributed, subsequently leading to a dedicated category for Karamba contributions. We had a little chat with author Hans Karlsson about himself, KDE, Karamba, and the hype surrounding it."
Interview with George Staikos (linmagau.org)
linmagau.org has an interview with George Staikos about Qt and the future of KDE and Linux/Unix desktops in general. "Originally: I was a KMail developer. Now: Konqueror - I wrote and maintain all the SSL code, I work on the I/O level, I maintain the Netscape plugin code, I wrote the web sidebar module (for NS6 sidebar compatibility), general bugfixing in KDE as well. I also maintain Xinerama (multiple-merged-monitors) support for all of KDE, and I do work on laptop support for KDE."
Reviews
Kaboodle/Noatun vs XMMS (linuxmagau.org)
Linuxmagau.org reviews the sound quality of several Linux mp3 players. "For those that might be new to the world of GNU/Linux, XMMS and Noatun are designed to play large playlists of audio files, with XMMS being mostly about audio and Noatun being more of a media player in general. Kaboodle is a small and lightweight player that avoids playlists and big multimedia capabilities and focuses on playing one file at a time, basically mp3s, mpegs and ogg vorbis files."
Miscellaneous
Thanks! (GnomeDesktop)
GnomeDesktop has a lengthy list of thank-you statements to various GNOME developers. "Sometimes I get a bit bummed out by a small minority of FootNotes posters who seem to be ungrateful for the incredible work, and amazing amount of time that GNOME hackers put into their software. Your software. So, to pull myself out of the disappointment doldrums, I wrote a list of things that I am personally grateful for, and people who I'd like to thank."
Page editor: Forrest Cook
Announcements
Non-Commercial announcements
More Open Source Experts Join CSPRI at George Washington University
The George Washington University has announced that Brian Behlendorf, Miguel de Icaza, Hans Reiser, Jay Beale, Jeffery "hemos" Bates, Russell Coker and Brian May have joined its Cyber Security Policy and Research Institute (CSPRI). They join Bruce Perens, Rishab Ghosh, Martin Dean, Adam Turoff, John Viega and Tony Stanco, who are already part of the Open Source team at CSPRI.
Commercial announcements
A couple of Linux deployments
According to this press release from Dell and Oracle, mobile phone service provider Orange has switched over to a Linux cluster to run its (13 million customer) subscriber database.Meanwhile, MontaVista has announced that Peek Traffic will be deploying MontaVista Linux in its traffic signal controllers. The next time you have to stop at a red light, a Linux system may be to blame...
"Building Embedded Linux Systems" Released by O'Reilly
O'Reilly has released Building Embedded Linux Systems by Karim Yaghmour. "This book shows readers how to design and build their own embedded systems using Linux as the kernel and freely available open source tools as the framework. Written by an active member of the open source community, the book is structured to gradually introduce readers to the intricacies of embedded Linux, with detailed information and examples in each chapter that culminate in describing how Linux is actually put on an embedded device."
Lycoris and TransGaming Unleash the GamePak
Lycoris and TransGaming have launched the commercial GamePak package for Linux. "Breaking down one of the barrriers to widespread adoption of Desktop/LX as a mainstream operating system, Lycoris and TransGaming unleash the GamePak. A powerful package of five (5) native Desktop/LX games, the GamePak comes bundled with access to one free month of WineX which allows Desktop/LX users to play over 250 Windows games on their Desktop/LX PC."
OpenOffice.org 1.0: One Year Later
The OpenOffice team thanks the OpenOffice community for all your support over the past year.OpenOffice.org scripting project
The folks at OpenOffice.org have sent out a new annoucement for the OpenOffice.org Scripting project. "The Scripting project aims to provide a repository for the assorted useful scripts & macros that have been posted to the OpenOffice.org mailing lists. It also provides a forum for the discussion & development of scripts and scripting within the suite."
Open Systems Visionary Mike Lambert Retires
The Open Group announced that Chief Technical Officer and Vice President Mike Lambert has been appointed the first Fellow of The Open Group. In this newly created role, Lambert will become a roving ambassador for The Open Group.General Hugh Shelton Elected to Red Hat Board of Directors
Red Hat, Inc. has announced that General H. Hugh Shelton, former Chairman of the Joint Chiefs of Staff and counsel to the President, has joined Red Hat's board of directors. ""Red Hat's distinction is the sincerity of its management team and high standards they've set for themselves to lead responsibly," said General Shelton. "Red Hat's executive team has had tremendous vision and I have great enthusiasm to join the board of directors of this global technological leader.""
Resources
LDP Weekly News
The May 6, 2003 edition of the Linux Documentation Project Weekly News is out with a long list of Linux documentation updates.Linux Gazette #90 (May 2003) available
The May 2003 issue of Linux Gazette is now available. This issue has articles about Software development for a Sharp Zaurus SL-5500 Linux PDA; Perl One-Liner of the Month: The Mystery of the Red Worm; The CUPS printing system; and much more.LPI-News April 2003
Here's the April edition of the Linux Professional Institute (LPI) Newsletter. Topics include Novell and LPI; LPI-Japan; Real World Linux - Toronto, Canada; and more.Open Source Digest Issue #2
The second issue of Open Source Digest is now available, with five new articles an online magazine devoted to bringing quality articles about open source software.GNOME Talk - Doolin Technology Series (GnomeDesktop)
According to gnomedesktop.org, Glynn Foster has published one of his technical presnetations on GNOME, this one is called "The GNOME Project - Where we're going, we don't need roads".
Upcoming Events
AFFS Annual Conference, Birmingham
The AFFS Annual Conference (AFFSAC), will be held in Birmingham, England on May 17, 2003."AFFSAC is a one-day plenary conference, with sessions about topics such as networking, multimedia and activism. The conference is free to AFFS members and those who have applied to join, with small charges for optional extras."
EuroPython 2003 Call for Talks extended
The call for talks for the EuroPython Conference 2003 has been extended until Monday, May 12, 2003. "If you haven't done so or are still hesitating, you can still propose a 30 minute talk, a 45 minute talk, or a 90- minute tutorial."
Netfilter Developer Workshop 2003
The Netfilter Developer Workshop 2003 will be held in Budapest, Hungary from August 18-20, 2003.Open Source in Government Conference in Paris, Nov 24-26, 2003
The Call for Papers is out for the EGOVOS conference. This is a high-level international event covering the topic of free/open source software (commonly referred to as Libre Software in Europe), interoperability and open standards in the government sphere.O'Reilly Emerging Technology Conference Wrap-Up
Here's a wrap-up of O'Reilly's Emerging Technology Conference. "Observed Tim O'Reilly, "O'Reilly's customers, the hackers and alpha geeks, are the ones who show us the shape of the future. The Emerging Technology Conference is a way for us to frame what they're showing us about new technologies into a coherent picture, think about the implications, and share it with interested--and interesting--parties." Added Program Chair Rael Dornfest, "This year's conference was rich with creativity and community, and we can't wait to see what comes of it.""
2003 Perl Conferences (O'Reilly)
Simon Cozens has put together a list of 2003 Perl Conferences on O'Reilly. "The season of Perl conferences is almost upon us! In fact, the first of the YAPCs for this year is in less than a week. So I thought this would be a good time to give a tour of the various conferences and see what's going on at each."
Events: May 8 - July 3, 2003
| Date | Event | Location |
|---|---|---|
| May 8 - 9, 2003 | International PHP Conference, 2003 | Amsterdam, the Netherlands |
| May 11 - 14, 2003 | The International Symposium on High Performance Computing Systems and Applications(HPCS 2003) | (Sherbrooke Delta Hotel)Quebec, Canada |
| May 11, 2003 | Yet Another Perl Conference, Israel(YAPC::Israel::2003) | (C.R.I.)Haifa, Israel |
| May 15 - 16, 2003 | YAPC::Canada | (Carleton University)Ottawa, Canada |
| May 17, 2003 | Association For Free Software Annual Conference(AFFSAC) | (Aston University)Birmingham, England |
| May 25 - 27, 2003 | GCC Developer's Summit | Ottawa, Canada |
| May 28 - 30, 2003 | Open Source Content Management, 2003(OSCOM) | (Harvard Law School)Cambridge, Mass |
| May 30 - 31, 2003 | 4th European Tcl/Tk Users Meeting(Tcl'Europe 2003) | Nürnberg, Germany |
| June 4 - 6, 2003 | Enterprise Linux Forum Conference & Expo | (Santa Clara Convention Center)Santa Clara, California |
| June 9 - 14, 2003 | USENIX 2003 | (Marriott Hotel)San Antonio, TX |
| June 10, 2003 | Linux For Business | (The Commonwealth Institute)London, England |
| June 16 - 18, 2003 | Yet Another Perl Conference::North America(YAPC::2003) | (Florida Atlantic University)Boca Raton, FL |
| June 16 - 18, 2003 | GNOME User and Developer European Conference(GUADEC) | (Trinity College)Dublin, Ireland |
| June 18 - 23, 2003 | Open Source Clinical Application Resource Workshop(OSCAR) | (McMaster University)Ontario, Canada |
| June 21 - 22, 2003 | EuropeanRubyConference | (University of Karlsruhe)Karlsruhe, Germany |
| June 23 - 26, 2003 | ClusterWorld Conference & Expo | (San Jose Convention Center)San Jose, California |
| June 24 - 26, 2003 | LinuxUser & Developer Expo | (Birmingham National Exhibition Centre)Birmingham, UK |
| June 25 - 27, 2003 | European Python and Zope Conference 2003 | (CEME)Charleroi, Belgium |
Web sites
Pawfal site becomes a Wiki
The pawfal.org site (audio/visual foolishness for linux) has been revamped and is now operating as a wiki.
Software announcements
This week's software announcements
Here are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
- Sorted alphabetically,
- Sorted by license.
Page editor: Forrest Cook
Letters to the editor
win2003 v Linux bias
| From: | Richard Kay <rich@copsewood.net> | |
| To: | mike.magee@theinquirer.net | |
| Subject: | win2003 v Linux bias | |
| Date: | Wed, 7 May 2003 12:57:42 +0100 | |
| Cc: | letters@lwn.net |
In article http://www.theinquirer.net/?article=9333 you wrote:
>IT WILL COME as no surprise that the tests involved, although performed
>by an independent lab, were sponsored by Microsoft. But that doesn't
>change their basic validity. The tests were all about performing that
>most basic of tasks, file serving. And Windows thrashed Linux.
Sorry but this does significantly compromise their basic validity.
First of all it would appear that Microsoft chose the systems on
which the testing lab carried out the
comparison , and the Red Hat system seems to have been running
a 2 year old Kernel. The latest Linux stable kernel (2.4.19 ?) is
now lacking about a years worth of SMP performance work on the
development series (2.5.x) while the Linux development series is probably
not yet stable enough in its product cycle for a fair comparison.
Secondly I would have thought that it is common knowledge that
what Microsoft pays for is by definition not independent. The
testing firm claims to have investigated performance issues
concerning the Samba configuration, but was there any open
invitation to the Samba development community to recommend configuration
options for the setup, or to debug problems with this ? Presumably
Microsoft's leading system developers were involved in the
choice and configuration of the Windows 2003 version.
Thirdly the test involved using a network file-sharing protocol which
is of Microsoft's design, which Microsoft has chosen not to publish
full documentation for. The fact that previous versions of Samba have
outperformed previous versions of Windows is testament to the reverse
engineering skills of the Samba developers, but when the choice of
playing field is so clearly sloping in one direction this is hardly
comparing like with like. How about a comparison involving a
Microsoft system chosen and setup by Linux NFS developers serving
NFS clients in competition with Linux ?
Sincerely,
Richard Kay
rich@copsewood.net
Page editor: Jonathan Corbet