LWN.net Weekly Edition for September 22, 2005
Two approaches to Open gadgets
The world is full of fun gadgets which perform specific tasks. Those gadgets tend to be highly closed affairs, however. Even the ones which run Linux are sealed shut so that they cannot be played with. The result is that many of these toys retain annoying misfeatures and do not live up to their full potential. For this reason, most interesting electronic toys are surrounded by a crowd of developers looking for a way in. Wouldn't it be nice if that work weren't necessary?One device which has begun to attract attention is the GP2X, which will be shipping soon. This device has a superficial resemblance to the Sony PSP; it has a central screen with a set of buttons on the right and a joystick-button on the left. Unlike the PSP, however, it is an open device. The specifications are available (this Wikipedia page has the most comprehensive information), and the device runs Linux. It is clearly meant to be hacked on, and it could be the source of no end of interesting applications.
On the other hand, some details are scarce, and there appears to be no place to download the Linux distribution used on the device. An earlier version of the product page contains the ominous words "copyright protection by certified DRM." The device will remain vaporware for a little longer; once it is in circulation, the world will see if it is truly a Linux-friendly (as opposed to simply Linux-using) gadget or not.
A more interesting project, one which could certainly benefit from more development help, is Rockbox. The Rockbox developers are creating a free system for portable music players; the primary target is the Archos product line, but work is proceeding on iRiver 1xx and 3xx players as well. This project (which will be releasing version 2.5 "soon") is a demonstration of why free software is such a nice thing to have on these devices.
A partial list of advantages to the Rockbox software would include:
- A much wider range of translations than the original manufacturer
provides.
- Numerous features for blind users, including a voice mode which reads
out menu entries as the user moves over them.
- Gapless playback.
- A wider range of codecs, enabling the use of audio formats not
supported by the manufacturer.
- A user-configurable "while playing" screen, enabling scarce display
space to be used for exactly what the user wishes to see.
- A plugin architecture for adding new features. The plugin
list appears heavily biased toward games, but it also includes image
file viewers, clocks and stopwatches, and more.
- On the iRiver: faster booting and the ability to boot into USB storage mode when the filesystem is corrupted. So filesystem problems which would turn a stock iRiver into a brick are recoverable with Rockbox.
The list goes on, but the point should be clear: Rockbox allows the owner of a music player to do away with no end of annoyances, add new features, and generally get the most out of a nice piece of hardware. The freedom to make changes like this is what drew many of us to free software in the first place.
The sad thing is that the Rockbox developers have had to put considerable work into figuring out how the hardware works and developing firmware patches. Had the vendors simply opened up their hardware in the first place, that effort could have gone into making the software better. This situation should eventually change: Rockbox already looks better than what a number of manufacturers are installing onto their players. As Rockbox develops and that gap widens, there will come a time when some manufacturer will realize that the ability to run Rockbox will be a positive selling point for a media player. Then, maybe, we'll have a truly open gadget to play with.
Reiser4 and kernel inclusion
Filesystem developer Hans Reiser cannot be accused of giving up quickly. His current request that the reiser4 filesystem be included in the 2.6.14 kernel has created a lengthy discussion, but that's not where the story starts. In fact, Hans first asked that reiser4 be merged back in July - of 2003. For more than two years, Hans has repeated his request and made changes in response to feedback from the kernel development community. Yet reiser4 remains out of the mainline, and its chances of getting into 2.6.14 appear small.Reiser4 is an interesting filesystem. It comes with claims of improved speed and space utilization; those are welcome, but they are beside the real point. Reiser4 includes a "wandering log" mechanism which provides journaling capability without the need for a separate journal. The ability to perform multi-step transactions is built into the filesystem, though not yet completely exposed to user space. Multi-stream files (including file-like access to file metadata) are supported, though this feature is turned off for the moment as well. A flexible plugin architecture makes it easy to add new features (such as encryption, compression, different formats, etc.) to the filesystem. And so on.
Hans Reiser and his developers at Namesys are trying to change how people work with filesystems - and with computers as a whole. The underlying vision is one where the filesystem implements the entire namespace used by the system; everything truly is a file. In the Reiser view of the future, applications like relational database managers need not exist; such tasks will be handled in the filesystem itself.
What it comes down to is that reiser4 represents some of the most innovative work being done with filesystems for Linux - or for any other system. So one might well wonder why inclusion is proving to be such a challenge. Some of the reasons are straightforward: there were genuine issues with the code. The "files as directories" capability opened the door to trivial, user-initiated kernel deadlocks - a feature which can absolutely ruin those performance benchmarks. The multiplexed sys_reiser4() system call - to be used for managing transactions, among other things - is just the sort of call that the Linux developers are trying to get away from (and its use of an in-kernel command interpreter did not help). A number of other things needed to be fixed; the Namesys hackers have been working through the list, but a few items remain.
The real point, however, is that getting code into the kernel is an increasingly hard thing to do. In the early days of Linux, almost any code which made things work or added new features was welcome - we needed it all. In more recent times, it is often hard to argue that new features are truly needed, especially at the kernel level. So each new addition must be weighed against the costs that will be incurred when it is added.
The result is that the standards for new kernel code have gone up considerably over the years. Reiser4 has run into these standards, and objections have been raised to code which duplicates features found elsewhere in the kernel, is hard to read, violates the layering rules, has unclear locking schemes, or which uses obsolete interfaces. The point is that, in order to be merged, the reiser4 code must be understandable by people other than its original developers. As Alan Cox put it:
"What happened later on" is that the reiser3 developers moved on to reiser4; not only did they stop maintaining the code, but they actively opposed updates made to the code by other developers. At this point, reiser3 is almost entirely maintained by non-Namesys developers. In the future, the same thing may well happen with reiser4.
The crux is this: the Linux kernel has been around for 14 years, and is expected to last for quite a few more. The kernel hackers understand that, if they are insufficiently careful about what they merge now, they will have a big mess to deal with five years down the road. Many developers, working in all areas of the kernel, have had seemingly good code turned away because the development community was worried about maintaining the code in the future. The process is most frustrating for the people involved, but it is absolutely essential if we want to continue to use Linux into the future. To many, the difficulties encountered by reiser4 (and FUSE, and the realtime LSM, and class-based kernel resource management, and ...) represent the kernel development process at its worst, but the opposite is true.
That said, reiser4 has had a harder time and more microscopes applied to its code than many other developments. Mr. Reiser's approach to community relations, which strikes many as occasionally belligerent and paranoiac, certainly has not helped here. This issue has been discussed often, but there is another issue which deserves airing: some people are clearly uncomfortable with the vision behind the ongoing Reiser filesystem effort. It doesn't quite look like the Unix systems we grew up with. Linux is not an experimental or research-oriented system, so the inclusion of radically different ideas of how the system should work must be carefully considered. But Linux must also evolve, or risk irrelevance in the future. Hans Reiser's efforts to push that evolution are a good thing; the community discourages such work at its peril. So perhaps the time has come to let reiser4 in; the wider community can then get to work dealing with any remaining issues.
The relevance of the Linux Standard Base
Back in May, 1998, a group of high-profile Linux development and business figures (including Linus Torvalds, Jon 'maddog' Hall, Bruce Perens, Ransom Love, Larry Augustin, Eric Raymond, and others) proposed the creation of a Linux application binary interface (ABI) standard. This effort, called the "Linux Standard Base," would help to ensure that applications ran on all Linux systems. In this way, it was hoped, a great wealth of applications for Linux would be created, and Linux would avoid the sort of fragmentation which afflicted proprietary Unix systems. The LSB would include a formal specification and a reference implementation; applications which ran on the reference system could be expected to run on all LSB-compliant systems.More than seven years later, version 3.0 of the LSB specification has been released. With this release, the LSB requires the system to have a relatively new compiler and toolchain (gcc-3.4 or newer), adds some libraries and interfaces, and cleans up some obsolete interfaces. There are two core variants of the LSB specification, depending on whether the target system is expected to have graphics capability or not. Sample implementations are available for eight different architectures. The release notes have more details, for those who are curious.
In many circles, however, the LSB 3.0 release is being greeted with a big yawn. Most Linux users probably have a hard time seeing how the LSB benefits them. Ulrich Drepper, who, as maintainer of glibc is faced with a wide range of LSB compliance issues, has recently claimed that the LSB lacks value and should be dropped. It is a rare Linux user who chooses a distribution or application based on its adherence to the LSB.
The stated purpose of the LSB was to encourage the availability of applications - both free and proprietary - for Linux. So it is telling that, among the available Linux applications, very few claim to be targeted at LSB-compliant systems. In fact, your editor found just one beyond the special versions of free applications in the LSB's own application battery: it's Appgen's MyBooks, which works on bleeding-edge LSB-compliant systems like SUSE 8.1 and SCO OpenLinux. In general, application vendors are not targeting the LSB; they are, instead, certifying specific distributions.
Not everybody feels a need for wide availability of proprietary applications for Linux. But, for those who do, the certification of individual distributions is exactly the sort of situation that the LSB was created to prevent. From that standpoint, the LSB would appear to have failed.
That said, the LSB effort has certainly had a positive effect in bringing Linux distributions closer, and in raising awareness among distributors of how their offerings diverge from the standard. Even if an application is not specifically aimed at LSB compliance, the fact that it probably just works on non-certified systems is, at least in part, attributable to the LSB. There is value in separating the core part of a distribution (that which, in some sense, makes it "Linux") from the additional features and services distributors throw in to add value to their offerings. The LSB helps to bring that separation about.
From the moment that Linux started to attract attention outside of the development community, detractors have grumbled that it would fragment in the same way that Unix did. Yet, despite the existence of hundreds of distributions, several of which are widely used, this fragmentation has not happened. Linux applications remain portable, and, just as importantly, switching from one distribution to another is (usually) nearly painless. Linux is Linux, regardless of the distributor. The reasons for this state of affairs include the use of a (more or less) common kernel and application base, and the fact that free licensing makes it easy for good ideas to move quickly from one distribution to another. But there is a place for standards as well. As long as the LSB continues to codify current expectations of what a Linux system should be, it will help to keep the Linux universe coherent.
Security
Another look at response times
Two weeks ago, this page compared the response times of several distributors to a small set of recent security issues. That article generated a number of comments and a fair amount of mail from people who felt that its conclusions were inaccurate. As before, the table shows the number of days required for each distributor to issue an update. For the purposes of this table, the clock starts when a vulnerability is disclosed, or when the first distributor alert is issued, whichever comes first. So, here is a new version of the response times table which takes those comments - and alerts issued after publication - into account:
Vulnerability Distributor Debian Fedora Gentoo Red Hat SUSE Ubuntu Apache mod_ssl 14 9 21 11 14 12 clamav 22 3 3 n/a 5 -- evolution -- 1 13 19 6 1 fetchmail 22 0 4 4 7 5 PCRE 13 4 14 18 16 3 PHP XML-RPC 9 4 5 6 7 4 PHP XML-RPC 2 18 10 9 4 15 5 ProFTPd 35 -- 4 n/a n/a n/a vim modeline -- 16 n/a? 28 n/a? 1
In the above table, numbers which are underlined reflect alerts issued after the previous version. Those which are, instead, bold are corrections for erroneous entries published two weeks ago.
As one can see, a number of corrections were required. One might conclude from this that your editor was being even more clueless than usual when compiling the previous version of the table. One would probably be right, but there is a little more to it than that. It turns out that putting together a table like this is a hard thing to do.
The previous version stated that Fedora had not issued an advisory for clamav. That is, in fact, true; no advisory ever came out. The clamav package in Fedora Extras was quietly replaced, however, shortly after the vulnerability was disclosed. In the presence of silent fixes, it is hard for users to know if they are vulnerable or not; this is doubly true in cases where security fixes are backported to previous releases of the affected package. Fedora Extras does not do backporting, but it still requires an alert administrator to know that, while clamav has been fixed, ProFTPd in Extras remains vulnerable.
Speaking of ProFTPd, your editor had seen that package in a SUSE distribution he had at hand, and assumed it was still distributed. That turns out not to be the case.
Both SUSE and Gentoo claim to not be affected by the vim modeline vulnerability because they ship versions with the modeline feature turned off by default. Turning off a possibly insecure feature is a good thing to do; it reflects a concern by the distributor for the security of its users. Some of those users, however, will certainly turn the feature back on. Others will be concerned by the fact that they are running software with a known, unpatched vulnerability, even if that vulnerability does not directly affect them. In such cases, it would make sense for the distributor to, at a minimum, issue an advisory explaining the situation. Putting out a fix would be better.
Other corrections above reflect simple screwups on your editor's part. Sorry.
The corrected table still shows some real patterns in the relative response times for security updates. There is value in this information. As time permits, LWN will be making changes to its security database to make the generation of this sort of table an easier and more accurate process. But a task which, in the presence of nice things like CVE numbers, should be relatively straightforward is likely to require a fair amount of time (and iterations) for the foreseeable future.
Brief items
Mozilla Linux Command Line URL Parsing Security Flaw Reported (MozillaZine)
MozillaZine warns of a new firefox security problem; this one has to do with command line parsing. "For example, consider a Linux user who uses Firefox as his or her default Web browser and Mozilla Thunderbird as his or her default email client. An attacker could send an email to this user containing a link to http://local`find`host. When the user clicks on this link in Thunderbird, Firefox's URL-parsing shell script will be invoked and will execute the find command before calling Firefox to open the URL." The firefox 1.0.7 release contains the fix for this problem (and a few others).
New vulnerabilities
clamav: multiple vulnerabilities
| Package(s): | clamav | CVE #(s): | CAN-2005-2919 CAN-2005-2920 | ||||||||||||||||||||||||
| Created: | September 19, 2005 | Updated: | September 29, 2005 | ||||||||||||||||||||||||
| Description: | The release notes for ClamAV 0.87 note that this version fixes vulnerabilities in the handling of UPX and FSG compressed executables. | ||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||
Mailutils: format string vulnerability in imap4d
| Package(s): | mailutils | CVE #(s): | CAN-2005-2878 | ||||||||||||
| Created: | September 19, 2005 | Updated: | October 13, 2005 | ||||||||||||
| Description: | The imap4d server contains a format string bug in the handling of IMAP SEARCH requests. | ||||||||||||||
| Alerts: |
| ||||||||||||||
masqmail: input sanitizing and symlink vulnerabilities
| Package(s): | masqmail | CVE #(s): | CAN-2005-2662 CAN-2005-2663 | ||||||||
| Created: | September 21, 2005 | Updated: | October 10, 2005 | ||||||||
| Description: | Masqmail fails to properly sanitize addresses when sending failed mail, allowing a local attacker to run arbitrary commands as the mail user. There is also a symlink vulnerability which can be exploited to overwrite files. | ||||||||||
| Alerts: |
| ||||||||||
Py2Play: remote execution of arbitrary Python code
| Package(s): | Py2Play | CVE #(s): | CAN-2005-2875 | ||||||||||||
| Created: | September 19, 2005 | Updated: | September 6, 2006 | ||||||||||||
| Description: | Py2Play uses Python pickles to send objects over a peer-to-peer game network, that clients accept without restriction the objects and code sent by peers. A remote attacker participating in a Py2Play-powered game can send malicious Python pickles, resulting in the execution of arbitrary Python code on the targeted game client. | ||||||||||||||
| Alerts: |
| ||||||||||||||
turqstat: buffer overflow
| Package(s): | turqstat | CVE #(s): | CAN-2005-2658 | ||||
| Created: | September 15, 2005 | Updated: | September 21, 2005 | ||||
| Description: | Turquoise SuperStat is a Fidonet and Usenet statistics gathering application. A malicious NNTP server can cause a buffer overflow condition. | ||||||
| Alerts: |
| ||||||
Zebedee: Denial of Service vulnerability
| Package(s): | zebedee | CVE #(s): | |||||
| Created: | September 20, 2005 | Updated: | September 21, 2005 | ||||
| Description: | Zebedee crashes when "0" is received as the port number in the protocol option header. By performing malformed requests a remote attacker could cause Zebedee to crash. | ||||||
| Alerts: |
| ||||||
Page editor: Jonathan Corbet
Kernel development
Brief items
Kernel release status
The current stable 2.6 release is 2.6.13.2, released on September 16.
The current 2.6 prepatch is 2.6.14-rc2, released by Linus on
September 19. "Not a whole lot o' excitement, ye scurvy dogs,
but it has t' ALSA, LSM, audit and watchdog merges that be missed from
-rc1, and a merge series with Andrew.
" Some specific additions
which came in after -rc1 include a new virtual filesystem for security
modules, some DCCP additions, a number of audit subsystem patches, some
netfilter enhancements, and an ALSA update. See the long-format changelog for the details.
Linus's git repository currently contains a SCSI update, some netfilter patches, an InfiniBand update, and various fixes.
The current -mm tree is 2.6.14-rc1-mm1. Recent changes to -mm include per-task write throttling, a conversion of the input subsystem to sysfs (includes some driver model changes which will need reworking prior to merging), a big reiser4 update meant to address various review comments, the removal of the perfctr patches (the maintainer is moving on and recommending perfmon instead), and some page allocator tweaks.
Kernel development news
Quotes of the week
if (is_key_possessed(keyref)) {
I'm inevitably mentally going "Linda Blair! It is spewing pea-soup and rotating its head!"
A new approach to kernel timers
The kernel internal API includes a flexible mechanism for requesting that events happen at some point in the future. This timer subsystem is relatively easy to work with and efficient, but it has always suffered from a fundamental limitation: it is tied to the kernel clock interrupt, with the result that the resolution of timers is limited to the clock interrupt period. For a 2.6.13 kernel, on the i386 architecture, using the default clock interval, timers can be no more precise than 4ms. For many applications, that resolution is adequate, but some others (including real time work and some desktop multimedia applications) require the ability to sleep reliably for shorter periods. Thus, a number of developers have produced high-resolution timer patches over the years, but none of them have been merged into the mainline.Ingo Molnar's recently-released 2.6.13-rt6 tree, which contains the realtime preemption patch set, brought a surprise in the form of a new high-resolution timer implementation by Thomas Gleixner. Ingo has stated his intention to merge this new code ("ktimers") upstream, so it merits a look.
The ktimer implementation starts with the view that there are two fundamentally different types of timers used in the system. They are (using the terms adopted by the patch):
- Timeouts. Timeouts are used primarily by networking and device
drivers to detect when an event (I/O completion, for example) does not
occur as expected. They have low resolution requirements, and they
are almost always removed before they actually expire.
- Timers are used to sequence ongoing events. They can have high resolution requirements, and usually expire.
The current kernel timer implementation is heavily oriented toward timeouts. To see how, consider the following diagram which, with sufficient imagination, can be construed as a model of the data structure used inside the kernel to manage timers:
![[Timer wheel diagram]](https://static.lwn.net/images/ns/kernel/Timers.png)
At the right side of the diagram is an array (tv1) containing a set of 256 (in most configurations) linked lists of upcoming timer events. This array is indexed directly by the bottom bits of a jiffies value to find the next set of events to execute. When the kernel has, over the course of 256 jiffies, cycled through the entire tv1 array, that array must be replenished with the next 256 jiffies worth of events. That is done by using the next set of jiffies bits (six, normally) to index into the next array (tv2), which points to those 256 jiffies of timer entries. Those entries are "cascaded" down to tv1 and distributed into the appropriate slots depending on their expiration times. When tv2 is exhausted, it is replenished from tv3 in the same way. This process continues up to tv5. The final entry in tv5 is special, in that it holds all of the far-future events which do not otherwise fit into this hierarchy.
This structure has some distinct advantages. It can retrieve all of the events to execute with a simple array lookup. Insertion of events is cheap, since their location in the structure is easy to calculate. Importantly, the removal of events is also cheap; there is no need to search through a long list of events to find a specific one to take out. Since most timeouts are removed before they expire, quick removal is a useful feature.
On the other hand, this data structure is firmly tied to jiffies values, and cannot easily cope with timers with sub-jiffies resolution. The cascade process, which moves events from the higher arrays to the lower ones, can be expensive if there are a lot of events to work with. Events which are removed prior to expiration will often not have to be cascaded at all, while those which survive through to expiration will have to work their way through the structure. If the clock interrupt frequency is raised (to get better timer resolution), these cascades will happen more often, and the cost of the data structure goes up.
The ktimers patch makes no changes to the existing API or data structure, which are deemed to be adequate and efficient for use with timeouts. Instead, it adds an entirely new API (and internal implementation) aimed at the needs of high-resolution timers. So ktimers are described entirely with human time units - nanoseconds, in particular. They are kept in a sorted, per-CPU list, implemented as a red-black tree. This structure provides for relatively quick insertion or removal, though it will be slower than the timeout structure shown above - but there is no need for the cascade operation.
The core structure for ktimers is, unsurprisingly, struct ktimer. They must be initialized before use with one of the following functions:
void init_ktimer_mono(struct ktimer *timer);
void init_ktimer_real(struct ktimer *timer);
Internally, each ktimer is tied to a "base," being the clock by which it is run. The ktimer patch provides two such clocks. The "monotonic" clock is similar to jiffies in that it is a straightforward, always-increasing count. The "realtime" clock, instead, tries to match time as known outside of the system; that clock can be corrected by the kernel or by the system administrator. A ktimer with a 5ms expiration will, if initialized with init_ktimer_mono(), expire 5ms in the future (with the usual proviso that delays can happen). That same timer, if initialized with init_ktimer_real(), will expire when the realtime clock says that 5ms have passed. But, since the realtime clock may be adjusted in the meantime, the actual elapsed time could differ.
There are some caller-accessible fields in struct ktimer:
void (*function)(void *);
void *data;
nsec_t expired;
nsec_t interval;
When the timer expires, function() will be called with data as its argument. The expired field will contain the time at which the timer actually expired, which might be later than requested. Interestingly, the high-resolution version of the ktimers patch does not set this field. Finally, interval is used for periodic timers.
A timer is set with a call to:
int start_ktimer(struct ktimer *timer, nsec_t *time, int mode);
Here, time is the expiration time in nanoseconds, and mode describes how that time is to be interpreted. The possible mode values are:
- KTIMER_ABS: the timer will expire at an absolute time.
- KTIMER_REL: the given time value is a relative time, which must be added to the current time to get an absolute expiration time.
- KTIMER_INCR: for timers which have been used before, the time value is added to the previous expiration time.
- KTIMER_FORWARD: like KTIMER_INCR, except that the time value will be added repeatedly, if necessary, to obtain an expiration time in the future.
- KTIMER_REARM: like KTIMER_FORWARD, except that the interval value stored in the timer is added.
- KTIMER_RESTART: the expiration time of the timer is not changed at all.
For KTIMER_FORWARD and KTIMER_REARM, the ktimer code also maintains an integer overrun field in the ktimer structure. If a timer is started after the next expected expiration time (in other words, the system fell behind and did not restart the timer soon enough), overrun will be incremented to allow the calling code to compensate.
The return value will be zero, unless the timer is already expired, in which case the timer will not be started and the return value will be negative. If, however, the mode argument contains the bit KTIMER_NOCHECK, the timer will be started and executed normally, regardless of whether it is already expired.
Most of the other ktimer functions are reasonably self-explanatory for those who have seen the current timer API:
int modify_ktimer(struct ktimer *timer, nsec_t *time, int mode);
int try_to_stop_ktimer(struct ktimer *timer);
int stop_ktimer(struct ktimer *timer);
There is also a convenience function to make a process sleep on a ktimer:
nsec_t schedule_ktimer(struct ktimer *timer, nsec_t *time,
int state, int mode);
The additional argument here (state) should be TASK_INTERRUPTIBLE or TASK_UNINTERRUPTIBLE, depending on whether the sleep should be interrupted by signals or not. The return value is the number of nanoseconds remaining in the requested sleep time; it will be zero except when the sleep is ended prematurely.
The standalone ktimers patch posted by Thomas is the version most likely to be merged. This patch runs ktimers from the normal clock interrupt, with the result that it provides no better resolution than the existing timer API. All of the structure is there to do better, however, once the low-level timer code and architecture specific support is in place. A separate patch exists which enables ktimers to provide high-resolution timers on the i386 architecture.
So far, the largest objection to the ktimer implementation is the use of nanoseconds for time values. Nanosecond timekeeping requires 64-bit variables, which will slow things down a little on 32-bit systems. The response from the developers is that the additional overhead is almost zero and not worth worrying about. So, unless some other surprise turns up, ktimers could find their way into the kernel not too long after 2.6.14 comes out.
(See also: this posting from Thomas, which describes the motivation behind ktimers and its relation to other timing patches in detail).
ZONE_DMA32
Linux systems typically divide main memory into three zones. Most memory fits into the "normal" zone, ZONE_NORMAL. At the low end, however, there are 16MB of memory which are partitioned into the DMA zone ZONE_DMA; this memory is then reserved for situations where it is specifically needed. The most common user of DMA memory is older peripherals which can only address 24 bits of memory. Finally, on the high end, ZONE_HIGHMEM contains all memory which cannot be directly addressed by the kernel.Not all systems implement all of these zones. Some newer architectures do not support ancient peripherals and leave out ZONE_DMA. In general, 64-bit systems have no addressing problems and do not need ZONE_HIGHMEM. The ia64 architecture settled on a different implementation of ZONE_DMA, defining it to cover all memory addressed below 4GB.
As it turns out, there are uses for a 4GB zone. Quite a few devices have trouble accessing memory which cannot be addressed with 32 bits. Drivers for such devices have been forced to use ZONE_DMA, the I/O memory management unit (on systems which have one), or bounce buffers. None of those solutions is ideal: ZONE_DMA is a small and scarce resource, IOMMU space can also be scarce, and bounce buffers are slow. All of these problems could be avoided if DMA memory could be reliably allocated below the 4GB boundary.
Andi Kleen has decided that the time has come for the x86-64 architecture to support a 32-bit DMA zone. So his patch adds a new zone (ZONE_DMA32) and an associated GFP flag (GFP_DMA32) for allocations. According to Andi, the reason which prevented the addition of this zone in the first place (the fact that the virtual memory subsystem had a very hard time balancing memory between zones) has gone away. Meanwhile, the lack of this zone is causing real problems.
This patch does not actually add the new zone for any architecture except x86-64. For ia64, it causes GFP_DMA to mean the same thing as GFP_DMA32, with the idea that GFP_DMA should, once again, be restricted to the older, 24-bit meaning. The patch also causes the generic DMA code to use the new zone when it makes sense, making it available to properly-written drivers with no additional work required.
This patch has come too late for inclusion into 2.6.14, but expect to see it in a mainline kernel shortly thereafter.
Predictive per-task write throttling
Memory-intensive tasks can be the bane of many a system administrator. One task which plows through vast numbers of pages can make the system thrash for everybody. The problem is especially acute when the memory hog is writing pages. Since each page dirtied by the process must be written to backing store before it can be reclaimed, a write-intensive task can quickly take a large portion of the system's memory out of commission. Often, a simple large file copy can noticeably impact a system's performance for some time after the copy apparently completes.The Linux VM subsystem attempts to address this problem with a simple form of write throttling. When the number of dirty pages gets too large, a process caught in the act of dirtying a page will be sent off to write out a few pages before being allowed to proceed. This technique slows the dirtying of pages while simultaneously helping to reclaim pages which have already been written to. This write throttling code makes no attempt to penalize any specific process, however; it will happily throttle any process which dirties a page at the wrong time.
Andrea Arcangeli has decided to improve the situation with a per-task predictive write throttling patch, currently found in the -mm tree. The patch is surprisingly simple - especially after noting that the bulk of it is involved with setting up the /proc and sysctl control interfaces.
At its core, the patch adds a simple accumulator which keeps an approximate count of the number of pages dirtied by each process over the last five seconds. It then assumes that each process will continue to dirty pages at about the same rate into the future. The "are there too many dirty pages?" calculation is then changed to take this rate into account. The code, thus, is making a guess at what the dirty memory situation will be like in the future, based on what each process is doing. Any process which looks like it will cause too much memory to be dirtied gets to perform writeback for a while, while processes which are not writing to lots of pages are not given that particular chore.
Andrea's preliminary results show that, with this patch in place, small, interactive tasks run in competition with a large copy task will run more quickly. Since the copy operation is being made to perform writeback (when it would have otherwise been dirtying more pages), more memory is available for the other tasks in the system. The interesting part of the result is that the copy task runs no slower with this patch in place. A process which is bound by the system's ability to write pages to disk will not benefit from being allowed to dirty the bulk of the system's memory, and it will not suffer by being throttled. So this little patch looks like it could be a winner for everybody involved.
Patches and updates
Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Memory management
Networking
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet
Distributions
News and Editorials
A Look at Slackware Linux 10.2
Slackware Linux 10.2 was released on 14 September 2005. Looking through the release notes, it is clear that Slackware 10.2 is not particularly heavy on exciting new features, which, in itself, can perhaps be considered the most obvious selling point of this distribution. In fact, with Slackware, it often seems that Patrick Volkerding tries hard to avoid adding anything that might disturb the peace and add an element of unpredictability, together with potential bugs. With the Native POSIX Thread Library (NPTL), Slackware took the most conservative approach among the Linux distributions, requiring three years to introduce NPTL into the product. NPTL, besides the newly added support for SATA controllers and other hardware, is probably the biggest new feature of Slackware 10.2.The above paragraph summarizes why Slackware, which had as much as 90% market share of all Linux installations in the mid-nineties, has slowly and painfully become a niche distribution, catering mostly to die-hard Linux geeks. A good case in point is the kernel in Slackware 10.2. Although the default kernel is version 2.4.31, version 2.6.13 is also provided in the /testing directory for the more adventurous users. This kernel can be selected during installation. Once you do that, however, the system will boot into the new kernel without loading any kernel modules, disregarding any hardware detection that might have taken place during the installation. Users are then left to their own devices (no pun intended) to set up and load any kernel modules they might require.
The situation is somewhat better if the user chooses one of the standard binary kernels - either the bare one, or one of the specially prepared kernels with support for certain less common hardware. This type of installation will result in a functional system, with kernel modules for sound cards, USB devices, and network cards loaded and working properly. But the installer does nothing to set up the graphical part of the system; although it provides a functional xorg.conf file with a VESA driver and a decent screen resolution and color depth, it does not extract information from the graphics card, let alone create a proper configuration file with the parameters supported by the card. Configuring X, together with adding non-root users, is a manual task left entirely to the person performing the installation.
Virtually all major distributions available today do an excellent job setting up not only graphics cards and monitors - even more exotic devices, such as scanners, wireless cards or digital cameras, can often be detected and configured without any user intervention. Of course, any such interference with the kernel might introduce bugs and even serious instability, and this is something that Slackware is trying to avoid at all costs. As such, there is little wonder that Slackware is considered to be one of the most stable and bug-free distributions - without taking any risks and without introducing even remotely troublesome code into the product, Slackware is indeed rock solid. And if a user decides to load a kernel module and things go wrong, then it's the user's problem, not Slackware's.
The above attitude means that Slackware is a great product for deployment on servers, but much less exciting as an operating system on workstations - at least until the distribution is painfully set up to support all the peripherals. Even so, some users might be disappointed with the new Slackware release, which, for the first time in years, ships without the GNOME desktop. Although not everybody likes GNOME, there are useful GTK+ and GNOME applications that many might choose to run while logged into KDE or one of the other available desktops. Those users will now have to get GNOME from independent sources, perhaps from Freerock GNOME or GWARE, thus adding a layer of complexity to the process of security updates. And if you think about using the popular Dropline GNOME packages on Slackware, then think again - due to the project's insistence of adding PAM and replacing large system packages, Patrick Volkerding does not recommend it as a suitable option.
Security and system updates provide further cases in point to illustrate how much more convenient most modern distributions have become over the last few years. Although Slackware issues security advisories and provides timely security updates, the process of patching holes is as cumbersome as ever - it entails downloading the updated package manually, then checking its signature, before firing up Slackware's pkgtool to upgrade the vulnerable package. Similarly, a highly manual method awaits any user who decides to upgrade from an older version of Slackware Linux to a newer one - a complicated 10-step process that starts with dropping to runlevel 1, then updating glibc, pkgtool and sed before proceeding with the rest of the software and before bravely refreshing all the configuration files and clean up the resulting mess. Suddenly, you wish that you were running Ubuntu, which can be upgraded with a single command, or SUSE, where a similar task can be achieved from within a nice graphical application.
Before I get reminded about it - yes, I know that Slackware can be extended to include various third-party tools and applications that make security and system upgrades so much more convenient. It also enjoys a large number of community sites that package extra software for Slackware. With their help, Slackware can indeed be extended into a more complete and user-friendly distribution that can do anything that other modern distributions do out of the box. But will it be still Slackware? Or will it be a new distribution where only the base is Slackware, while the reminder is a mix of third-party tools and applications where stability and security are no longer guaranteed?
And that's really what Slackware Linux is today: a base system with the Linux kernel, GNU, pkgtool and a fairly bare collection of the most common open source applications. As such, it gets very high marks for being an extremely clean, stable, reliable and secure operating system. On the other hand, it scores very low in terms of user-friendliness, hardware setup, upgrade convenience and features. A perfect system for many web or file servers, for the geeks who need to have total control, and for those who wish to build a new distribution on top of it.
New Releases
Slackware 10.2 is released
Release 10.2 of Slackware Linux has been announced. "Slackware 10.2 includes the Linux 2.4.31 kernel, with Linux 2.6.13 available in the /testing directory. For the first time, a 2.6 kernel with support for SCSI, RAID, and SATA is offered as a boot option in the installer (called "test26.s"). Slackware 10.2 also sports a new revision of glibc (2.3.5) with NPTL support for improved thread performance when using a kernel with NPTL support, the latest KDE 3.4.2 and XFce 4.2.2 desktop environments, updated development tools, and new additions like SASL support in sendmail, the Subversion version control system, the Firefox browser, and the Thunderbird email and news client."
Preview of Linux DCC 3.0 Released (LinuxElectrons)
LinuxElectrons covers the preview release of DCC 3.0. "DCC 3.0 PR1 supports the i386, ia64, and amd64 architectures and is available in the form of an APT repository and an installable ISO image. The APT repository is designed to serve as the basis of Debian-based distributions that wish to base on standard Debian "sarge" and provide LSB 3.0 compliance. The installable ISO image is designed to serve as a minimal reference DCC-based distribution that can be used as the basis for experimentation, testing, and certification and includes the DCC 3.0 as well as the necessary infrastructure to make DCC 3.0 installable (debian-installer framework and bootloaders)."
Distribution News
Giving Desktop/LX users a Mandriva Club discount
Mandriva purchased the technology assets from Lycoris earlier this year. As part of this agreement, Mandriva wishes to give a special discount on Club memberships to Desktop/LX users. Click below for details.DebCentral.org launches users group for Debian based distributions
The DebCentral team has announced the official launch of DebCentral.org, the first online community dedicated to both Debian GNU/Linux, and the many derivative distributions it has spawned. "DebCentral's goal is to provide a place where users of any Debian based or derivative distributions can come together for news, support, collaboration, and to exchange views and information with each other. We are aiming to provide a place that is welcoming to users, administrators, and developers of all levels. No matter if you have just recently moved to a Debian style distro, or you are a highly experienced guru, you will be more than welcome at DebCentral.org."
Debian Project news
In Bits from the New Maintainer Front Desk provides a look at changes to the New Maintainer process. "We have effectively put applicants on hold (or even removed their application) if they haven't contributed to Debian yet. This is now an official policy and we will check for this directly after an application is received from now on."
DVD videos of the Debconf5 sessions (plus Debian Day and some extras) are now available in PAL format. NTSC format discs and downloadable images will be coming soon.
If you have been having problems getting
recently released security updates, you may just have to be patient.
"The recently released security update of XFree86 in DSA 816 for
sarge and woody has caused the host security.debian.org to saturate its
100MBit/s network connection entirely. Due to the large number of X
packages, the gross size of these packages and the high number of users who
need to install the update, the server is busy sending out updates which
exhaust its total outgoing bandwidth.
"
There has been ongoing discussion of an architecture-specific release criteria. Some architectures will need to re-qualify to be included with 'etch'.
* our users will benefit from the architecture's presence in a release,
* the architecture will give our users the same support and stability as any other architecture in the stable release,
* the architecture's inclusion doesn't negatively impact other architectures or the release process as a whole.
Order SUSE Linux 10 now
SUSE Linux 10.0 begins shipping on September 30, 2005. Place your order before October 1, and Novell will pay the shipping.
New Distributions
AspisOS Linux
AspisOS Linux is targeted for SBCs (Single Board Computers) or dedicated desktop PCs that will function as wireless access points. It's optimized for size and security. Version 0.0.1 was released September 16, 2005.
Distribution Newsletters
Debian Weekly News
The September 20 issue of the Debian Weekly News is out. This week's topics include a look at volunteer participation, the removal of non-free documentation, overload problems on the security update server, and more.Fedora Weekly News
The Fedora Weekly News covers Release Notes, the revamped Fedora Project website, meeting minutes for Fedora Documentation, meeting minutes for Fedora Marketing, Fedora Legacy Documents Move into Fedora Wiki, Fedora Core 4 on Dell Inspiron 6000, and other topics.Gentoo Weekly Newsletter
The Gentoo Weekly Newsletter for the week of September 19, 2005 covers the first Gentoo council meeting, the European Gentoo developer conference planned for November 18 in Germany, a report from the open-source conference 2005 in Tokyo, and several other topics.Mandriva Community Newsletter #108
The Mandriva Community Newsletter has a new edition, with a look at Mandriva Linux 2006 Release Candidate 1, more eTraining courses, the Department of Mandriva Security is recruiting, and more.Red Hat Magazine
The September 2005 edition of Red Hat Magazine is out, with a look at Linux performance tuning; Computer worms, Red Hat, and you; and more.DistroWatch Weekly, Issue 118
The DistroWatch Weekly for September 19, 2005 is out. "The major news of the past week was, of course, the release of Slackware Linux 10.2 - a distribution with a clear focus on simplicity, stability and reliability. Next on the release calendar: Mandriva Linux 2006 - with the second release candidate announced last week, we can't be too far off from the final release. Also in this issue: an explanation about the delay of KNOPPIX 4.0 CD edition, news about a live CD that uses Xen to boot a host operating system, and two free learning resources - one for OpenBSD and one for Linux. We also take a brief look at a new book for Xandros users - Linux Made Easy."
Minor distribution updates
New primary Quantian mirror available
Quantian has announced (click below) a new mirror for http, ftp and rsync downloads.
Package updates
Fedora updates
Updates for Fedora Core 4: mc (bug fixes), libwnck (upgrade to 2.10.3), dia (bug fix), qt (upstream patch fixes kmail folder selector), yum (bug fixes and features), pilot-link (update to 0.12.0-0.pre5 snapshots), selinux-policy-strict (update to match targeted released policy), tetex (bug fixes), pwlib (new upstream release), openh323 (new upstream release), gnomemeeting (update to 1.2.2), man-pages (bug fix), jpilot (rebuilt new version).Updates for Fedora Core 3: gnupg (update to 1.2.7), mc (bug fixes), openmotif (fixed mrm initialization error), termcap (new termcap-description for rxvt-unicode-terminal-emulator), xorg-x11 (bug fix).
Mandriva MDKA-2005:040
Mandriva has updated drakbt packages that reflect the new URLs for the Mandriva domain names.Trustix Secure Linux Bugfix Advisory TSL-2005-0048
Trustix has fixed various bugs in ltrace, mkbootdisk, mrtg, mtools, mysql, php, pptpd, sqlite3 and vim.
Newsletters and articles of interest
ISP Server Setup - OpenSUSE 10 RC 1 (HowtoForge)
Howto Forge has a detailed description of the steps needed to setup an OpenSUSE 10.0-based server that offers all services needed by ISPs and hosters (web server (SSL-capable), mail server (with SMTP-AUTH and TLS!), DNS server, FTP server, MySQL server, POP3/IMAP, Quota, Firewall, etc.) and the ISPConfig control panel.
Distribution reviews
First Look at Ubuntu 5.10 Preview (Mad Penguin)
Mad Penguin reviews Ubuntu 5.10 Preview. "Performance on the desktop was acceptable. I wouldn't say that Ubuntu was a screamer because I'd be lying to you, but it did perform well enough to warrant every day workstation/desktop duty. Applications were quick to respond and overall the system felt pretty snappy. The final version should prove to be quite a performer. This, combined with how easy it is to add/remove/update software (it's Debian after all) will seriously make it hard to beat."
Opinion: Make mine a Lite, a MEPISLite (Linux-Watch)
Linux-Watch reviews MEPISLite 3.3.1-2. "MEPISLite is simply put together well. It is a smooth, clean Linux distribution. With many smaller distributions, you may get the feeling that you're working with a kit rather than an operating system. Now, that's fine for Linux gear-heads. But, if you just want to get work done on a slow machine, or introduce someone who's still using Windows 98 or ME to Linux, I haven't seen a better distribution than MEPISLite."
Page editor: Rebecca Sobol
Development
Back Up to CD with Cedar Backup
Cedar Backup is a backup package that has been written by Kenneth J. Pronovici, it works on POSIX-compliant operating systems and has been released under the GNU General Public License (GPL).
![[Cedar Solutions]](https://static.lwn.net/images/ns/cedarsoln.png)
The code is a second-generation effort, according to the project history. It started out as a Perl application, and was later changed to Python and renamed.
Unlike more traditional tape-based backup systems, Cedar Backup is squarely aimed at the use of common and inexpensive CDR media. A big advantage of CD-based backups is the ability to read the backup media on just about every computer that one can buy today.
The online manual describes the numerous Cedar Backup features:
- Supports master/client machines on a network.
- Uses ssh-based encryption for moving backup data between machines.
- Runs with a four-stage backup process.
- The backups are fired off from a series of cron scripts.
- Writes backups to CDR and CDRW media types.
- Supports multi-session disks.
- Writable DVD support is planned for a future release.
- Performs daily, weekly and incremental backup types.
- Backups are initiated from a command line interface.
- Configuration information is stored in an XML-formatted file.
- Sends error messages via email.
- Stores directories as tar files with optional compression.
- Comes with extensions for backing up subversion and MySQL data.
- Allows user-supplied extensions for backing up other types of data.
- Restore operations work on any machine.
Version 2.6.0 of Cedar Backup
was released last week, it adds minor feature enhancements
and bug fixes:
"This release is focused around a wide-ranging set of enhancements, bugfixes, and documentation updates. The list of changes is fairly large, although not much of the core functionality was touched.
"
The software is available as a Debian package, or an easily installed Python script. Installation on a Fedora Core 3 system was simply a matter un-tarring the source and running the install script. The dependencies of the package include the Python language on all machines, and a number of CD-specific utilities on the master machine.
If you need to back up a single machine, or a group of machines, Cedar Backup is worth investigating.
System Applications
Clusters and Grids
Release 2.0.1 of Linux-HA is available
Release 2.0.1 of Linux-HA, a cluster management application, has been announced. "This release provides support for monitoring of resources (services) and support for larger clusters. In Release 2, simple clusters are simple to create, and more complex clusters can take advantage of our rule-based resource placement methods to ensure that the cluster does exactly what is desired when failures occur. In addition, it supports the OCF standard resource model, the SAF membership API, and provides command line, web-based and SNMP-based cluster monitoring tools."
Database Software
PostgreSQL 8.1 Beta 2 available
Version 8.1 Beta 2 of the PostgreSQL database has been released. Testers are needed.PostgreSQL Weekly News
The September 18, 2005 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL database resources and articles.
Mail Software
Sendmail 8.13.5 released
Version 8.13.5 of the Sendmail mail transfer agent has been released. "It fixes some bugs and adds support for various newer operating system versions." The detailed change information is available in the release notes.
Package Management
Setting up a repository server with yum-pull
William Stearns has announced his yum-pull script. "Yum, apt, up2date and other package management tools have helped reduce the amount of manual labor involved in installing new rpms, but don't address the issue of bandwidth used in patching a large collection of machines or applying updates when ones Internet line is down. *smile* I've put together a script called yum-pull that pulls down collections of rpm packages off Internet servers and stores them locally, creates apt, yum and up2date indexes for them, and shares the files with client machines."
Security
John the Ripper 1.6.39 released
Version 1.6.39 of John the Ripper, a fast password cracker, is out with feature enhancements and bug fixes.
VPN Software
SSL-Explorer 0.1.13 released (SourceForge)
Version 0.1.13 of SSL-Explorer, a browser-based SSL VPN, has been announced. "With release 0.1.13 of SSL-Explorer, 3SP has introduced a new reverse proxy feature that provides a far more robust web forwarding facility. This feature is currently touted by a number of tier-one vendors as a solution for the provision of intranet access to remote VPN users. As a welcome byproduct of the reverse proxy feature, SSL-Explorer now fully supports the enhanced ActiveX user interface of Microsoft Outlook Web Access 2003."
Web Site Development
Mod_python 3.2.2b (Beta) is out
Beta version 3.2.2 of mod_python, the Python language module for the Apache web server, has been announced. See the online manual for details.NAJAX 0.4.0.0 released (SourceForge)
Version 0.4.0 of NAJAX is available with bug fixes and new features. "NAJAX is a package that can be used to call PHP classes on the Web server side from Javascript code in Web pages. It uses AJAX technology to submit HTTP requests from Javascript to pass call parameters and collect and process the responses."
Desktop Applications
Audio Applications
LASH 0.5.0 released
Version 0.5.0 of LASH, the LASH Audio Session Handler, has been announced. "LASH (formerly LADCCA) is the LASH Audio Session Handler. It allows you to save, restore, and distribute sessions consisting of many interconnected Jack/Alsa applications." Changes include a new GTK control panel, bug fixes, and more.
Desktop Environments
GNOME Software Announcements
The following new GNOME software has been announced this week:- GARNOME 2.12.0.1 (new features and bug fixes)
- Serpentine 0.6.2 (new features and bug fixes)
- Sysprof 1.0 (new features)
The GNOME Journal, September Edition (GnomeDesktop)
GnomeDesktop.org has announced the September, 2005 edition of The GNOME Journal. "It features a look at GNOME's Summer of Code participation by Julien Gilli and Akbar Pasha, Peer to Peer document collaboration with GOCollab by Claus Schwarm and Martin Sevior, an introduction to the Banshee Music Player by Ken VanDine, the description of a GNOME deployment in Austria by Murray Cumming, Remote Desktop Administration using Vino by Marcus Bauer, and notes on translating GNOME by Runa Bhattacharjee."
Preliminary Gnome 2.14 Schedule
The release schedule for GNOME 2.14 and preceding point releases is being worked on. Look for the next stable release around March, 2006.Scribes 0.1 Released (GnomeDesktop)
GnomeDesktop announces the release of Scribes 0.1, yet another text editor for GNOME. "It is simple and easy to use. Scribes allows you to focus entirely on your tasks. It ensures monotonous operations, such as saving your files regularly, are handled automatically and properly. With Scribes, your workflow is never interrupted, and your files are always safe." A number of screenshots are available.
KDE Software Announcements
The following new KDE software has been announced this week:- amaroK 1.3.2 (new features and bug fixes)
- eric3 3.7.2 (bug fixes)
- iList 0.4.7 (new features and bug fixes)
- KAlgebra 0.3 (new features and bug fixes)
- KDE Asciiquarium 0.3.2 (new features)
- KEnigma 0.5 (new features and bug fixes)
- Kalva 0.8.0 (new features)
- Konstruct 20050921 (installs KDE 3.5 Beta)
- kradview 0.5.3 (bug fixes)
- nokuake 0.1 (kuake replacement)
- xik 0.5 (initial release)
KDE 3.5 beta 1 released
The first beta for the upcoming KDE 3.5 release is out; see the announcement and the info page for details.Don't Install, Just Copy with klik (KDE.News)
KDE.News takes a look at Klik. "Klik is a system which creates self-contained packages of programmes installable over the web with a single click. In the article below Kurt Pfeifle discusses the potential uses of this technology for helping the non-coding contributors to KDE. He also looks at how the system works and the obvious security issues involved."
Electronics
Gadgetboard 1.0 announced
For those of you who like playing with microcontroller hardware, OpenCollector.org has an announcement for version 1.0 of Gadgetboard. "The Gadgetboard is a user friendly Atmel proto board on steroids. The ATMEGA32 comes programmed with a command-line interface which runs over the serial port, allowing the user to read the 8 analog inputs and set the 8 outputs. Four of the high current MOSFET outputs optionally drive 15-amp relays, while the other 4 MOSFETS are driven by the Atmel's 4 onboard PWM channels. All inputs and outputs are ESD-protected, and are connected to screw terminals. Prototype your gadget in three easy steps." The design is free, and the support software is Linux-compatible.
XCircuit 3.3.36 released
Version 3.3.36 of XCircuit, an electronic schematic drawing application, is out with bug fixes.
Games
Block Rage version 0.2.1 Released (SourceForge)
The initial release of Block Rage, a falling-blocks game with animated plasmatic backgrounds, has been announced. "The game is already fully playable (and higly addictive, I think), but the graphics and sounds are only temporary, and there is no music yet."
Interoperability
Wine Traffic
The September 16, 2005 edition of Wine Traffic is available. Topics include: We're Back, To Do List Update, Device Drivers Still Suck, Wine's Development Model, HTML Help, DirectX Update, Safedisc Begins to Work, WineHQ Server Upgrade, SMP Safe?, and Wine's MSI - Help Us Break It.
Medical Applications
CMS Releases Beta VOE (LinuxMedNews)
LinuxMedNews covers the release of an evaluation version of the Vista Office Electronic Health Record system by the Centers for Medicare and Medicaid Services (CMS). "Highlights of the press release are that apparently CMS is going to evaluate how implementations are working at a limited number of beta test sites, then consider standards for 'certification criteria and process' through WorldVistA."
Music Applications
Jackbeat 0.5.3
Version 0.5.3 of Jackbeat, a JACK-enabled drum machine, is out with new features and bug fixes.KMiditracker 0.5.13 released
Version 0.5.13 of KMidiTracker, a MIDI Step Sequencer, has been released. "New features includes a midi thru KAction (midi thru is easily accessed) follow song, copy & paste, .mid export and input selection."
Patchage 0.2.3 Released
Version 0.2.3 of Patchage, a modular patch bay for Jack and Alsa (MIDI) applications, has been released. "This release features updated LASH support (optionally depends on the recent LASH 0.5.0 release). Patchage will restore module locations, and it's window size/location along with a session."
Science
PyVISA 0.9.6 released
Version 0.9.6 of PyVISA is available. PyVISA is: "A Python package with bindings to the "Virtual Instrument Software Architecture" VISA library, in order to control measurement devices and test equipment via GPIB, RS232, or USB."
Web Browsers
Mozilla Firefox 1.0.7 Released (MozillaZine)
Version 1.0.7 of the Mozilla Firefox web browser has been announced. "Fixes are included for the international domain name (IDN) link buffer overflow vulnerability and the Linux command line URL parsing flaw. There are also other security and stability changes, including a fix for a crash experienced when using certain Proxy Auto-Config scripts. In addition, some regressions introduced by previous 1.0.x security updates have been resolved."
Miscellaneous
SeaMonkey 1.0 Alpha Released (MozillaZine)
The SeaMonkey Council has announced the release of SeaMonkey 1.0 Alpha. "Developed from the codebase of the previously successful Mozilla Application Suite, SeaMonkey 1.0 Alpha contains lots of new features, and numerous enhancements and bugfixes compared to the last Mozilla suite versions."
Languages and Tools
C++
Boost C++ library 1.33.0 released
Version 1.33.0 of the Boost C++ libraries was announced. Several new libraries were added and existing ones were updated. "Boost provides free peer-reviewed portable C++ source libraries. We emphasize libraries that work well with the C++ Standard Library. Boost libraries are intended to be widely useful, and usable across a broad spectrum of applications. The Boost license encourages both commercial and non-commercial use. We aim to establish "existing practice" and provide reference implementations so that Boost libraries are suitable for eventual standardization."
Caml
Caml Weekly News
The September 13-20, 2005 edition of the Caml Weekly News is online with the latest discussions about the Caml language.
Java
AndroMDA 3.1 Release Candidate 1 has been released (SourceForge)
Release Candidate 1 of AndroMDA 3.1 is out. "AndroMDA is a code generation framework that follows the Model Driven Architecture (MDA) paradigm. It takes a UML model from a CASE-tool and generates classes and deployable components (J2EE or other) specific for your application architecture."
This week on harmony-dev
The September 11-17, 2005 edition of This week on harmony-dev covers the latest developments on the Harmony open-source Java implementation.What Is a Portlet (O'ReillyNet)
Sunil Patil introduces Portlets in an O'Reilly article. "The Portlet specification defines a portlet as a "Java-technology-based web component, managed by a portlet container that processes requests and generates dynamic content." That's not the easiest thing to understand, is it? This article will explain what portlets are and what they do."
Perl
This week in perl6-compiler (Perl.org)
The August 24 - September 11, 2005 edition of This week in perl6-compiler is out with the latest Perl 6 development news.
PHP
Understanding MVC in PHP (O'Reilly)
Joe Stump looks at the use of the MVC (Model-View-Controller) framework from PHP. "This article series demonstrates how to build an MVC web framework using PHP 5. This article covers the basics of MVC web frameworks, building the foundation classes for a framework that the other three articles in this series will build."
Python
Dr. Dobb's Python-URL!
The September 19, 2005 edition of Dr. Dobb's Python-URL! has been published. Take a look for lots of Python language discussions and software releases.PyInstaller 1.0 released
Version 1.0 of PyInstaller has been announced, it includes major bug fixes. "PyInstaller is a program that packages Python programs into stand-alone executables under Windows, Linux, and Irix. This is similar to the famous py2exe, but PyInstaller supports several platforms. It is able to build fully-contained (single file) executables."
Ruby
Ruby Weekly News
The September 18th, 2005 edition of the Ruby Weekly News looks at the latest discussions from the ruby-talk mailing list.
Tcl/Tk
Dr. Dobb's Tcl-URL!
The September 19, 2005 edition of Dr. Dobb's Tcl-URL! is out with the week's Tcl/Tk news and resources.
XML
Processing Atom 1.0 (XML.com)
Uche Ogbuji works with Atom 1.0 on XML.com. "In the fast-moving world of weblogs and Web-based marketing, the approval of the Atom Format 1.0 by the Internet Engineering Task Force (IETF) as a Proposed Standard is a significant and lasting development. Atom is a very carefully designed format for syndicating the contents of weblogs as they are updated, the usual territory of RSS, but its possible uses are far more general, as illustrated in the description on the home page".
The More Things Change (XML.com)
Micah Dubinko looks back at topics from the the XML-Deviant column. "In this column, Micah Dubinko concludes XML.com's longest running column, XML-Deviant, by looking back at how things have changed and how they've stayed the same. It's time for XML.com to evolve, now that the classic era of core XML specifications is ending."
IDEs
Eric3 3.7.2 released
Version 3.7.2 of Eric3, an IDE for Python and Ruby, has been announced. Here is the change summary: "A possible security exploit was fixed. Compatibility changes for PyQt 3.15 were made. Many other fixes were done."
Version Control
Mercurial v0.7 released
Version 0.7 of the Mercurial distributed SCM has been released. This release features numerous usability improvements, performance enhancements, and bug fixes over previous releases. See also the article on Mercurial in the current Weekly Edition (for subscribers only).
Miscellaneous
XPlanner 0.7 beta 1 released (SourceForge)
Version 0.7 beta 1 of XPlanner has been announced. "XPlanner is a web-based project planning and tracking tool for eXtreme Programming (XP) teams. XPlanner is implemented using Java, JSP, and Struts, and MySQL (user contributed support for other databases). XPlanner 0.7 provide many improvements."
Page editor: Forrest Cook
Linux in the news
Recommended Reading
Microsoft Challenges Massachusetts on Open-Format Plan (eWeek)
eWeek looks at corporate opposition to the Massachusetts Open-Format Plan. "A proposal in Massachusetts to move computer networks onto an open-file format by January 2007 is sparking debate, as companies like Microsoft Corp, Adobe Systems Inc., Corel Corp., IBM and Sun Microsystems Inc. weigh in on the potential shift. Although the public has been invited to comment on an initial draft, available on the state government's Information Technology Division site, responses were solicited from the major tech companies. The letter getting the most attention is from Microsoft, which supplied a 15-page comment that was copied to the state's governor, Mitt Romney."
Are potential legal liabilities holding back Linux adoption? (TechRepublic)
Here's a TechRepublic Article looking at whether patent fears are slowing down Linux. The answer is mostly "no," but there is an interesting side look at OSRM: "OSRM announced that its insurance would be available via brokers and that the risk would be underwritten by Lloyd's of London syndicates. However, [Red Hat counsel Mark] Webbink has questions to ask about this move too. 'The announcement was interesting from the standpoint that it contained no quotes from anyone at Lloyd's, and subsequent inquiries by others - not me- to Lloyd's raised significant questions as to the veracity of the CEO of OSRM's assertion,' he says. 'Moreover, to our knowledge, OSRM is not licensed to broker insurance in its home state of North Carolina or anywhere else in the U.S.' OSRM has not been able to clarify the matter for TechRepublic."
The SCO Problem
Chart of SCO's Answer to Novell's Counterclaims (Groklaw)
Groklaw has posted a chart showing SCO's answers to Novell's Counterclaims. "These are not the complete documents, just the section on counterclaims by Novell and SCO's answers to them, which is another reason I will be putting up the SCO Answer on its own next. SCO has ten affirmative defenses listed as well, for example, and they both have Wherefore clauses and prayers for relief, and that kind of thing. But this presents the claims/counterclaims side by side, so it's easy to see what SCO is denying and admitting."
Companies
Red Hat and IBM to take Linux to emerging markets (PCPro)
PCPro takes a look at a joint initiative by Red Hat and IBM to promote the development and adoption of Linux solutions in emerging markets. "The companies say they will provide developers with technical resources and development support at IBM Innovation Centres in fifteen locations across Asia, North America and Europe including Beijing, Shanghai, Bangalore and Seoul. At the IBM Innovation Centres, IBM says it will offer consulting support and technical expertise to help programmers migrate, test, develop and implement their applications for Red Hat Enterprise Linux on IBM platforms."
Legal
Bid to trademark the word 'Linux' rejected (News.com)
News.com reports that an attempt by Australia's peak Linux body to register the name "Linux" on behalf of Linus Torvalds has failed. ""For your client's trademark to be registerable under the Trade Marks Act, it must have sufficient 'inherent adaptation to distinguish in the marketplace," said the letter, which was apparently written by Andrew Paul Lowe, who's named on the document as the examiner. "In other words, it cannot be a term that other traders with similar goods and services would need to use in the ordinary course of trade.""
Politicos call for music copyright reform (News.com)
New.com covers copyright reform lead by Representative Rick Boucher, a congressman from Virginia. "The remedy, he said, lies in a congressional rewrite of portions of copyright law that govern licensing and royalty fees and make it cumbersome for legal download services to add material to their inventories. Boucher said he hopes his committee will have a new bill written and reported to the U.S. House of Representatives by the end of this congressional term in November." (Thanks to Max Hyre)
Interviews
U.S. Patent Reform Bill: An Interview with Mark Webbink (O'ReillyNet)
Richard Koman talks with Mark Webbink, deputy general counsel for intellectual property at Red Hat, about the state of patents, the patents commons idea, and the patent reform legislation working its way through Congress, on O'ReillyNet. "Defending a patent claim costs about $2 million per side, per claim. That may be, as eBay deputy general Jay Monahan puts it, "an unfortunate cost of doing business," but that's not a cost most open source projects can afford. Granted, patent trolls will go after companies with deep pockets, but companies that compete with open source may see a strategy in using patent claims to simply shut down a small company."
A Glimpse of SUSE Linux 10.0 and Other Things Brewing at Novell (MozillaQuest)
MozillaQuest looks at the upcoming SUSE Linux 10.0 and talks with Greg Mancusi-Ungaro, Novell's director of marketing for Linux and open source software. "MozillaQuest: What are the reasons SUSE shifted from a closed beta program to an open beta program? Greg Mancusi-Ungaro: We've done more than just shift the beta program; we are opening the entire development process to public participation. Through the openSUSE project, we are inviting the community to really shape the future SUSE Linux. The bugs reported by the community during the SUSE Linux beta cycles are important, but by no means do those bugs represent the total activity of the community. SUSE Linux benefits from publicly submitted package requests, usability/design proposals, feature requests, etc."
An Interview with Chia-liang Kao (O'ReillyNet)
O'ReillyNet talks with Chia-Liang Kao, the creator of the SVK source code management system. "SVK allows distributed development using existing infrastructure, which means you don't need to deploy a new system for your whole organization. SVK works best with Subversion, but you can also seamlessly branch from CVS, Perforce, or even git repositories. SVK lets you commit directly back to Subversion repositories and 'commit as a patch' to other systems or to Subversion repositories you don't have commit access to."
Resources
A Brief Introduction to Multi-Category Security (MCS) (LiveJournal)
James Morris has written an introduction to MCS on LiveJournal. "MCS is something we've been working on to help make SELinux more user-oriented, as well as adapt some of the Multi-Level Security (MLS) infrastructure for more general use. An important aspect of SELinux is that it implements Mandatory Access Control (MAC), where security policy is managed by a system or security administrator and is not overridable by users or applications. MAC is important for dealing with security threats arising from software flaws, malware, user error and some classes of malicious users."
What Is Open Source (O'ReillyNet)
Here's an O'ReillyNet article that attempts to define 'open source' in terms the average pointy-haired boss can understand. "The most important difference between software created by the open source communities and commercial software sold by vendors is that open source software is published under licenses that ensure that the source code is available to everyone to inspect, change, download, and explore as they wish. This is the essential meaning of open source: the source code--the language in which the software is written and the key to understanding how the software works--can be obtained and improved by anyone with the right skills."
The Daemon, the GNU and the Penguin, Chapter 18 (Groklaw)
Groklaw has published chapter 18 of the online book "The Daemon, the GNU and the Penguin" by Dr. Peter Salus. The topic of the chapter is "The Web".Peter van der Linden's Guide to Linux: A Lesson in Encryption, Part 1 (Linux Journal)
This Linux Journal article provides an introductory look at encryption. "The mathematical qualities that PKE relies on have a beautiful symmetry to them, and PKE rocked the worlds of computer science and encryption when it appeared in the 1970s. Government scientists in Britain's GCHQ eavesdropping and phone-tapping center later claimed that they had invented the technique some years earlier, but kept it secret! Indeed, they did uncover some of the theory, but it was clear that the spies of GCHQ had not grasped its practical significance."
OOo Off-the-Wall: Back to School with Bibliographies (Linux Journal)
The Linux Journal continues its OpenOffice.org series with this look at bibliography creation. "However, the process of creating the bibliography is confused by two things. For one, bibliographies are lumped together with indexes and tables of contents. Second, OOo Writer provides misleading samples for its bibliography database. For this reason, it is worth walking through the process step by step to avoid confusion."
Five Pitfalls of Linux Sockets Programming (developerWorks)
developerWorks covers some common mistakes in socket programming. "First introduced into the 4.2 BSD UNIX® operating system, the Sockets API is now a standard feature of any operating system. In fact, it's hard to find a modern language that doesn't support the Sockets API. The API is a relatively simple one, but new developers can still run into a few common pitfalls. This article identifies those pitfalls and shows you how to avoid them."
Reviews
CLI Magic: CDargs (Linux.com)
Linux.com looks at CDargs. "Typing long path names at the command line can get to be a chore very quickly. Even with tab-completion, it can take a lot of typing to move from your home directory to /var/www/www.mysite.com/cgi-bin or something similar. Wouldn't it be much better if you could "bookmark" long path names and type something simple, like cdb site, to get to a directory? That's where CDargs comes in. CDargs is a program that provides bookmarks and browsing at the command line. It takes a little work to set up, but it's well worth it. I've been using this program for a few years now, and it really does help speed up work at the shell."
'Firefox Secrets' and 'Hacking Firefox' Published (MozillaZine)
MozillaZine reviews the latest books on Mozilla Firefox. "Two new books about Mozilla Firefox have been published recently. Firefox Secrets by Cheah Chu Yeow was launched by SitePoint in July, while August saw the release of Mel Reyes' Hacking Firefox from Wiley."
Wireless made easy with Netapplet (NewsForge)
NewsForge looks at Netapplet. "After several of my favorite operating systems and distributions failed to properly connect to wireless hotspots without a lot of command-line tweaking, I found Netapplet, a great little GNOME applet in Novell's SUSE 9.3 Professional that scans for 802.11a/b/g wireless networks and shows you their signal strength and ESSID. You can then select the hotspot of your choice (if several are available) and continue on to the Internet from there. Yes, you can do the same thing from the command line by using iwlist and iwconfig, but it's nice to have it done automatically. Although Novell engineers created Netapplet for SUSE Linux, it can be installed on any GNU/Linux distribution."
Book Review: Perl Best Practices (Linux Journal)
Linux Journal reviews the book Perl Best Practices by Damian Conway. "Perl and its supporters are known for working in whatever way suits them, but that can make for unnecessarily complex and confusing code. Here's a book, though, that dares to say "enough"."
Using Qpsmtpd (O'ReillyNet)
O'ReillyNet has a review of Qpsmtpd. "Those who administer an email server more than likely have put up with the pain of adding dnsbl lookups to something like Sendmail or Qmail, or adding recipient validation for their custom user database in Postfix. Extending email servers is painful, and for the most part you can't do it easily in Perl. Wouldn't it be nice if you could do something like mod_perl in a mail server?Sylpheed 2.0 messaging client pushes the envelope (Linux.com)
Joe 'Zonker' Brockmeier reviews version 2.0 of the Sylpheed email client on Linux.com "Since I started using email in 1995, I've been on a (seemingly) never-ending quest for the perfect email client. I've used text-based, Web-based, and GUI email clients, on Linux, Windows, and Mac OS, and have yet to find one mail user agent (MUA) that I'd consider "perfect." There are some really, really good MUAs -- such as Mutt and Mozilla Thunderbird -- but I haven't found the perfect mailer just yet. Sylpheed 2.0, however, is getting close."
Page editor: Forrest Cook
Announcements
Non-Commercial announcements
The return of Citizens Against Government Waste
Citizens Against Government Waste has sent out a press release complaining about the plan in Massachusetts to standardize on open document formats. "'It is bad procurement policy for any state to unilaterally lock itself into one set of technologies,' CAGW President Tom Schatz said. 'Agencies should be able to accept bids from any company that can provide the desired product or service. Government earns the best value for taxpayer dollars through a competitive, transparent, and accountable bidding process.'" Presumably it is just fine for the state to lock itself into proprietary formats. For those who don't remember, these are the folks who have been accused of recruiting dead people to the anti-Linux cause in the past.
Nokia Joins Eclipse Foundation as Strategic Developer and Board Member
Nokia has joined the Eclipse Foundation. "Nokia and the Eclipse Foundation today announced that Nokia has joined the Eclipse Foundation as a Strategic Developer and Board member. Nokia will support the work of the Eclipse open source community by contributing software and developers to a proposed new Eclipse project. As a Strategic Developer in the Eclipse Foundation, Nokia will lead a project to create a framework for mobile Java developer tools, including complete tooling support for J2ME (Java 2 Micro Edition)."
OSV to States: Follow Massachusetts in Open Document Standards
Australia's Open Source Victoria has sent out a public announcement concerning open file formats in government. "The Commonwealth of Massachusetts has announced the adoption of the OpenDocument XML file format as its preferred method for storing government documents. In doing so, Massachusetts joins the Australian Federal Government in adopting this format for long-term electronic document storage. Open Source Victoria calls on all remaining Australian states and government agencies to also adopt this format, as it is the only viable approach to ensuring guaranteed access to public sector documents and data in perpetuity."
Commercial announcements
Dell releases its first Linux consumer product with Mandriva
Mandriva has announced the availability of a Dell Laptop pre-loaded With Mandriva Linux. "Mandriva worked with Dell to certify this first consumer laptop, which is now being sold direct to students by Dell. The company ensured the optimum integration of its Mandriva Linux Limited Edition 2005 - a major hit in recent Linux downloads and reviews - with Dell's Latitude 110L. The certified computer is a WIFI 1,4 to 1,7 GHZ mobile Celeron or Pentium M, with 256 to 1280 MB of ram, and a DVD Drive."
Linbox improves the Linbox Rescue Server
Linbox has announced improvements to its Linbox Rescue Server (LRS). "Thanks to the LRS, it is probably the first time ever a cloning software allows to create optimized images of systems including a LVM (Logical Volume Manager) 1 or 2 layer."
Mandriva revamps partner program
Mandriva has introduced a revamped partner program. "With the new program, Mandriva looks to enhance the privileged relationship established with partners. "The biggest truth that we have learned from our experiences during the recent years is that close strategic partnerships are vital to optimize growth and long-term success. With our new partner program we want to provide more efficient services to our partners," explains Gaurav Parakh, Partner Business manager. The program is expected to help partners increase their business, penetrate new and emerging markets, as well as better adapt offerings to their customers' needs."
MontaVista Linux on blades
Sun Microsystems has announced its upcoming Netra ATCA (advanced telecom computing architecture) blade server powered with the multi-core AMD Opteron processor will be sold with a choice of Solaris 10 or MontaVista Linux.Artesyn Communication Products has announced that its PICMG 2.16, AdvancedTCA, AdvancedMC, ProcessorPMC blades and modules, will come with MontaVista Carrier Grade Linux.
Opera now ad banner free
Opera Software has removed the ad banner and licensing fee from its Web browser. The ad-free, full-featured Opera browser is now available for free download.Red Hat GFS Now Supported by Oracle, EMC and NetApp
Red Hat, Inc. has announced support for its Red Hat Global File System (GFS) by Oracle, EMC and NetApp. "Red Hat GFS is the open source cluster file system designed for high-performance enterprise workloads, such as Oracle RAC, web and application server clusters. GFS makes it possible to manage a cluster of servers and shared storage as if it were a single system, by providing a common cluster-wide filesystem."
Polycom Chooses Red Hat to Manage Storage Clusters
Polycom has migrated to Red Hat GFS and Red Hat Enterprise Linux. "Red Hat, Inc., the world's leading provider of open source solutions to the enterprise, announced today that Polycom has chosen Red Hat Global File System (GFS) and Red Hat Enterprise Linux to accelerate the software development cycles for two key product lines by as much as 40 times over legacy UNIX systems."
Versora and Win4Lin Announce Linux Desktop Migration and Virtualization Toolkit
Versora and Win4Lin have announced their Complete Linux Desktop Migration and Virtualization Toolkit. "The bundled software package includes Versora's Progression Desktop which automates the migration of data, application and system settings from Windows desktops to Linux as well as Win4Lin Pro, which runs Windows 2000/XP applications and OS on Linux."
Zend Technologies Announces Zend Platform 2
Zend Technologies, Inc. has announced Zend Platform 2. "This new version of the first-ever management platform for PHP applications uniquely delivers the reliability, scalability and interoperability required for business critical applications. Zend Platform 2 brings enhanced application performance and simplified data synchronization."
New Books
No Starch Press Releases "The Debian System"
No Starch Press has published the book The Debian System by Martin F. Krafft.RT Essentials - O'Reilly's Latest Release
O'Reilly has published the book RT Essentials by Jesse Vincent, Robert Spier, Dave Rolsky, Darren Chamberlain and Richard Foley.No Starch Press Releases: "The TCP/IP Guide"
No Starch Press has published the book The TCP/IP Guide by Charles M. Kozierok. "At long last, network professionals, internetworking educators, and students have a comprehensive and user-friendly desk reference for TCP/IP."
Resources
The LDP Weekly News
The September 14, 2005 edition of the Linux Documentation Project Weekly News is online with the latest new documentation releases.Linux training materials now available free (NewsForge)
NewsForge covers the release of a Linux training course. "In 1995, Dr. Giovanni Orlando wrote FTLinuxCourse, a detailed training course written in HTML for some of his clients who were using Caldera OpenLinux. Last month, Orlando released the current version for free download at FTLinuxCourse.com"
Samba PDC and Kolab with OpenLDAP: integration
Tomasz Chmielewski has written a HOWTO on integrating a Samba/OpenLDAP environment with Kolab. "This article explains how to add Kolab Groupware functionality to your existing Samba/OpenLDAP setup."
Contests and Awards
Clarkson University wins first TuxMasters invitational (NewsForge)
NewsForge looks at Clarkson University's success in the TuxMasters Invitational coding competition. "Clarkson University may not be the first institute of higher learning that comes up when you're discussing sports, science, or stature, but the Potsdam, New York-based university is at the top of its class for bringing Linux learning to real-world data centers. The 3,000-student university took top honors at the first-ever TuxMasters Invitational coding competition, which awarded Clarkson both first and second place in the intercollegiate contest."
Upcoming Events
The Libre Graphics Meeting
The Libre Graphics Meeting (originally GimpCon 2006) will take place in Lyon, France on March 17-19, 2006.LPI Offers Free Certification Exams at LinuxWorld UK
The Linux Professional Institute will hold free Linux certification exams at the LinuxWorld Conference and Expo in London, England on October 5 and 6, 2005.MySQL Users Conference 2006 - Call for Participation
A Call for Participation has gone out for the 2006 MySQL Users Conference. The event will take place in Santa Clara, CA on April 24-27, 2006. Submissions are due by November 7, 2005.Open Source Desktop Workshop, San Diego
The 2005 Open Source Desktop Workshop will be held on October 13 and 14 in San Diego, California.@System Security Conference, Pisa
The 2005 @System Security Conference will be held in Pisa, Italy on October 13, 2005.Univa Grid Technology Pioneers to Present at Multiple Industry Conferences
Univa Corporation has announced a series of grid events this fall in Boston, New York, Chicago, Seattle, and Newton, Mass. "Univa Corporation, the leading provider of commercial software and professional services for open source Globus(R) software, will be presenting at several open source software and grid events this quarter. Steve Tuecke, Univa CEO and co-founder, will be discussing the benefits of using open source, standards-based grid infrastructure software to support the next-generation data center."
Zend/PHP Conference and Expo 2005 Program Announced
The program for the Zend/PHP Conference and Expo 2005 has been announced. "The conference theme is "Power Your Business With PHP" and features keynote addresses from Marc Andreessen, Google VP Adam Bosworth, and executives from IBM, Oracle & Intel. Featured speakers include Michael Radwin of Yahoo!, Adam Trachtenberg of eBay, Joyce Park of Renkoo.com, George Schlossnagle & Wez Furlong of OmniTI, and, of course, Zeev Suraski & Andi Gutmans."
Events: September 22 - November 17, 2005
| Date | Event | Location |
|---|---|---|
| September 22 - 23, 2005 | New Security Paradigms Workshop(NSPW) | (UCLA Conference Center)Lake Arrowhead, California |
| September 23 - 24, 2005 | Sixth Symposium on Trends in Functional Programming(TFP 2005) | Tallinn, Estonia |
| September 26 - 29, 2005 | Hack in the Box Security Conference(HITBSecConf2005) | Kuala Lumpur, Malaysia |
| September 26 - 30, 2005 | IEEE International Conference on Cluster Computing(Cluster 2005) | Boston, Massachusetts |
| September 28 - 30, 2005 | OpenOffice.org Conference 2005(OO.oCon) | Koper (Capodistria), Slovenia |
| September 30 - October 2, 2005 | Linucon | Austin, Texas |
| October 1, 2005 | Ohio LinuxFest 2005 | Columbus, OH |
| October 2 - 5, 2005 | Gelato October 2005 Meeting for Linux on Itanium | Porto Alegre, Brazil |
| October 5 - 6, 2005 | LinuxWorld London | Olympia, London, UK |
| October 5 - 7, 2005 | Web 2.0 Conference | (Argent Hotel)San Francisco, CA |
| October 6, 2005 | Fedora Users and Developers Conference(FUDCon London) | (LinuxWorld Conference and Expo UK)London, UK |
| October 7 - 9, 2005 | Indie Games Con 2005(IGC) | Eugene, Oregon |
| October 8 - 10, 2005 | GNOME Boston Summit | (Gates Building)Cambridge, MA |
| October 8, 2005 | LinuxForum BOF-dag | Denmark |
| October 12 - 13, 2005 | IT Underground(ITU) | Warsaw, Poland |
| October 13 - 14, 2005 | Open Source Desktop Workshops | San Diego, CA |
| October 13, 2005 | @System Security Conference | Pisa, Italy |
| October 14 - 15, 2005 | HackLu 2005 | (Chambre des Metiers)Kirchberg, Luxembourg |
| October 14 - 16, 2005 | Blender Conference 2005 | (De Waag)Amsterdam, the Netherland |
| October 16 - 23, 2005 | piksel05 | Bergen, Norway |
| October 17 - 20, 2005 | O'Reilly European Open Source Convention(EuroOSCON) | (NH Grand Hotel Krasnapolsky)Amsterdam, the Netherlands |
| October 18 - 21, 2005 | Zend/PHP Conference and Expo 2005 | (Hyatt Regency SF Airport Hotel)Burlingame, CA |
| October 18, 2005 | Dynamic Languages Symposium 2005(DLS05) | San Diego, CA |
| October 19 - 21, 2005 | Australian Unix Users Group Conference 2005(AUUG) | Sydney, Australia |
| October 24 - 28, 2005 | 12th Annual Tcl/Tk Conference | (Red Lion Hotel)Portland, Oregon |
| October 30, 2005 October 31 - November 11, 2005 | Ubuntu Below Zero | (downtown Holiday Inn)Montreal, Canada |
| November 6 - 9, 2005 | International PHP Conference 2005 | Frankfurt, Germany |
| November 7 - 9, 2005 | Open Source Database Conference 05 | (NH-Hotel Frankfurt-Mörfelden)Frankfurt, Germany |
| November 8 - 9, 2005 | Association Française des Utilisateurs de PHP(AFUP) | Paris, France |
| November 13 - 15, 2005 | Firebird Conference 2005 | (Hotel Olsanka)Prague, Czech Republic |
| November 15 - 18, 2005 | Embedded Technology 2005(ET2005) | Yokohama, Japan |
| November 15 - 17, 2005 | LinuxWorld Germany | Frankfurt, Germany |
Web sites
ODBMS.ORG Launches Portal on Object Databases
The new ODBMS.ORG portal has been announced. "ODBMS.ORG, a vendor-independent, non-profit group of high-profile software experts lead by Prof. Roberto Zicari, today announced the launch of ODBMS.ORG (www.odbms.org), the Internet¹s most up-to-date educational and research portal on object database technology. This initiative is the first of its kind in nearly two decades, since first-generation object-oriented databases emerged in the early 1990s and subsequently fell dormant."
Audio and Video programs
Beta Broadcast 001: 'Is this thing on?' (O'ReillyNet)
O'Reilly has launched a downloadable audio program. "In this pilot of O'Reilly's audio magazine program "Distributing the Future" Phil Torrone of Make magazine says you may not want to upgrade your PSP 2.0, Nat Torkington previews the upcoming debut of a new Open Source conference to be held in Amsterdam in mid October, David Smith and Doc Searls discuss issues of identity, Chris Adamson tells you how to get started with the game, the exercise, the cult: dance dance revolution, David Pogue has tips on using Spotlight on Mac OS X Tiger, and our featured "FOO Cast" is Richard Giles' Gadget show interview with John Batelle."
Page editor: Forrest Cook
Letters to the editor
Response to "TOE performance" letter in Sept 8 edition
| From: | "Asgeir Eiriksson" <asgeir-AT-chelsio.com> | |
| To: | <corbet-AT-lwn.net> | |
| Subject: | Response to "TOE performance" letter in Sept 8 edition | |
| Date: | Wed, 14 Sep 2005 10:55:34 -0700 |
Jonathan
In his "TOE performance" letter in the September 8th issue, Dave S.
Miller asked for some further TOE performance information, and I'd like
to provide the following response.
Regards,
Asgeir Eiriksson
CTO
Chelsio Communications Inc.
----
We welcome the chance to respond to the concerns that David Miller has
about TOE cards.
First, let me remark that it seems to me that he's been badly burned in
the past by over-hyped TOE cards, but I maintain that we at Chelsio have
learned from these prior mistakes by other people, and we should have a
fresh look at TOE cards at 10GE speeds. I'll mention some of the reasons
in the following:
>
> > You might want to ask the Chelsio guys to provide some performance
> > metric other than their "land speed record" that, as Linux
> > networking stack maintainer, I'm frankly sick of hearing about over
> > and over again.
Considerable number of HPC folk pay close attention to the LSR, and it
also demonstrates the resiliency of the TOE implementation to different
topologies (not all TOEs were created equal) and applications for remote
back-up (e.g. for single connection data transfers such as FTP).
Admittedly, the LSR has in fact gotten too much press.
>
> > What's more interesting to me is an area I know TOE is poor in, and
> > that is TCP connection rates. It's all too easy to make one sole
> > connection pump a lot of data, but it's hard to make a web or
> > database server serve hundreds of thousands of connections per
> > second. TOE cards generally cannot do that because each connection
> > setup/teardown requires setting up and tearing down state on the
> > network card, which subsequently kills TCP connection rates.
>
I agree with your list of important performance corners so the Chelsio
TOE is designed from the ground-up with these in mind.
I believe, your observations on the connection setup process might be
valid for the way Microsoft Chimney currently sets up connections (time
will tell), but this is not how Chelsio is proposing to do TOE on Linux.
In the proposed Linux patch the connection setup and teardown is
offloaded to the NIC, and a SYN that hits an offloaded listening server
triggers a request-to-host/response-from-host to "ASK" the host if the
connect request should be accepted or not (this allows full integration
with linux access controls, etc.). The response-from-host triggers the
sending of the SYN+ACK so I would maintain that this flavor of
connection setup integrates well with the Linux access controls, and you
will see some benefit in setup/teardown performance. The hardware is
capable of processing SYN packets at line rate (some millions/sec but
the setup loop includes socket creation/destruction, kernel checks and
controls on acceptance, making the overall rate lower). In the proposed
patch the active open is also offloaded, and this will lead to a
significant benefit in performance. Finally, the FIN processing is
offloaded for both types of close.
The Chelsio TOE does not have any on-chip caches and therefore has a
flat performance profile as the number of connections is increased. We
have measured the performance up to 14000 connections with linux 2.6.*
(about 6Gbps aggregate BW on an Opteron) and our profiling of the code
indicated to us that we were running into linux bottlenecks (select()
de-multiplexing, etc.) at that point and not hitting TOE issues (yet).
The veritest report Figure 3 and 4 at the following location
http://www.chelsio.com/technology/Chelsio10GbE_Fujitsu.pdf shows the BW
from 1 up to 1000 connections, but the 14000 connection measurement is
unpublished internal data.
We also included low end-to-end latency in the list of design
objectives, and traffic shaping and pacing capabilities. The first
requirement is to enable going toe-to-toe with the IB and FC crowd. The
second requirement is useful for media pumping applications of 10s of
thousands of audio, or thousands of MPEG streams at one extreme, and on
the other end of the scale to throttle and give-priority to connections
that are going to e.g. storage, etc.
These issues are just a sampling of the issues that we've encountered in
our TOE integration work, and I have no doubt that the linux community
at large is capable of improving the integration, utility, and
performance of the TOE even further, and this frankly is one of the
motivations behind open sourcing our TOE software and submitting the
patch.
>
> > So if you're a scientist trying to break the land speed record
> > between Stanford University in California and some place in the
> > middle of Europe on the other side of the planet, yeah TOE is
> > probably a great toy to play with.
>
> > TOE users are niche, always have been, and always will be. It is no
> > mistake that the Chelsio guys do not delve into this aspect of their
> > technology.
>
> > And the study they mentioned in their mail to you of course will be
> > full of accolades for their approach. If you read only the documents
> > posted on their web site, you might think that TOE is the best thing
> > since sliced bread.
>
The publications on the Chelsio website fall into three broad
categories: a) PR by marketing people, b) white-papers by our engineers,
and c) published papers by some of the top names in the HPC field, and
you're no doubt referring to a) and maybe b) above in your remarks. The
papers in category c) are by independent researchers in the HPC field,
and in their papers they've chosen the applications to benchmark, and
they've chosen what to measure and how to measure it.
The following is the list of such publications at this writing:
[1] "Head to TOE Evaluation of High-Performance Sockets over Protocol
Offload Engines", by Dr. Wu Feng of Los Alamos National Labs, Dr. DK
Panda of Ohio State University, et al., that will appear at Cluster
2005, Boston. Available at
http://www.chelsio.com/technology/Cluster_2005_Techical_R...
ANL.pdf
[2] "Performance Evaluation of a 10-Gigabit Ethernet TOE", by Dr. Wu
Feng of Los Alamos National Labs, et al. that appeared last month at Hot
Interconnect 2005. Available at
http://www.chelsio.com/technology/HotInterconnect_2005.pdf
[3] "Infiniband and 10-Gigabit Ethernet for I/O in Cluster Computing",
by Helen Chen of Sandia National Labs, et al. that appeared in July at
the Cluster Symposium 2005. Available at
http://www.chelsio.com/technology/Cluster_Symposium_2005_...
ndi.pdf
When I look through [1], [2], and [3] I observe the following:
- the performance for the applications chosen, and presumably the
applications that the researchers care about show TOE outperforming NIC
- the end-to-end latency for socket API and TOE is less than for SDP
over IB
- there are various traffic profiles in the benchmarks and TOE does well
on every single one.
There's of course a lot more there in the papers, and I invite people to
look through the results for themselves and reach their own conclusions.
As an aside: it is also interesting to note that TCP+Ethernet flow
control does great against the supposedly superior IB flow control in
all the above experiments.
> > The TOE folks are frankly between a rock and a hard place. They need
> > some support in upstream Linux for their solution to really be far
> > reaching and viable, yet the negative aspects of their technology
> > are such that this is likely not going to happen.
>
> > They also refuse to actively consider stateless offloads, which are
> > much better for long term maintainability and do not bypass the
> > Linux TCP networking stack we've been tuning for 10+ years. Doing so
> > would at least make these guys appear less anti-social and I would
> > certainly pay more attention to their concerns if they at least made
> > some efforts in this area. But they'll never do something so open
> > minded because their whole buisness model surrounds TOE.
>
> > With that in mind I applaud folks like Lenoid Grossman who are
> > working on stateless TCP receive offloads for highspeed networks on
> > the products they work on.
>
> > Take care.
>
Our NIC in addition to having TOE support, also offloads iSCSI, and
iWARP (RDMA), and has support for stateless offload technology such as
TSO and checksum generation/checking, and supports MSS of 1500B up to
jumbo frame size for each of these traffic types.
So, we are obviously for customer choice, and if I were to extract one
NIC vs. TOE observation from all our performance comparison work to
date, it would be the following:
- NIC with jumbo frames can fill a 10GE wire in the Tx or Rx directions,
but the NIC gets into trouble as the average packet size goes down
(packet frequency goes up) or the connection count goes up.
- TOE with a traffic mix anywhere from 500B average frame size to jumbo
frame size will fill a 10GE wire, i.e. no performance corners at any
packet size or connection count
Finally, not all applications are data mover applications that can use
jumbo frames, and there are applications with smaller packet sizes that
clearly benefit from TOE at 10GE speeds, so high performance TOE
integration into Linux clearly deserves to be considered without any
preconceived notions, similar to all other new technologies that Linux
considers for inclusion.
Regards,
Asgeir Eiriksson
CTO
Chelsio Communications Inc.
Page editor: Jonathan Corbet