Development quote of the week [LWN.net]

But contrary to what people repeat off internet blogs, the X server is not seeing a lack of maintenance, manpower, or even new features: XInput 2.4, with support for trackpad gestures, was released approximately a year ago, which shows that it is evolving faster than it was during the heyday of X development in the mid-90s. X is also a stable and mature system, by nature of its much more centralized development methodology, meaning that it requires less manpower to keep working than Wayland, where every feature is preceded by two to three protocol extensions from different organizations, and constant changes in the display server are required to keep up with updates to unstable protocol extensions.

— Po Lu

to post comments

Development quote of the week

Posted Aug 26, 2022 15:52 UTC (Fri) by flussence (guest, #85566) [Link]

The one gripe I had with X11 is lack of protocol support for keycodes over 255, which is actually unfixable. Then someone did the sensible thing and updated hid-microsoft in the kernel to no longer emit keycodes over 255.

Okay - two gripes. The other is that screen blanking has no hysteresis and a micron-wide piece of dust floating under the mouse sensor is enough to wake the desktop up. But that's a fixable thing, and screen blanking in Wayland is currently an office politics turf war so it's not like that'd fix things.

Development quote of the week

Posted Aug 30, 2022 18:43 UTC (Tue) by ncm (guest, #165) [Link] (6 responses)

If you like having X releases, please add to your list of Patreon beneficiaries Povilas Kanapickas. I have just raised mine to $30/mo.

Development quote of the week

Posted Aug 30, 2022 19:02 UTC (Tue) by ncm (guest, #165) [Link] (5 responses)

Incidentally:

Despite common claims to the contrary, X can be secure.

This has been done in QubesOS, where a privileged VM called dom0 owns the hardware including the video frame buffer. Each VM that runs user applications runs its own X server that is provided shared memory to write pixels into, which dom0 will copy to the real screen. Different processes in the VM can see one another's pixels and input events, but not any other VM's.

dom0 fields I/O events and sends just the right ones along to app VM X servers. The user gats to decide whether and when audio input may be seen by each VM; the VMs have no access to audio hardware either, but handle streams provided by dom0.

A consequence of this architecture is that app VMs do not get access to the GPU. But CPUs can do everything GPUs are used for, and have become remarkably quick today. E.g. my 5900H can play X.264 video to 3840x1200 at 60 fps without GPU assistance. I admit I have turned off partial transparency in my terminal windows for better performance.

Probably in the future GPUs will be virtualized and VMs given access, but few things actually don't work, today, mainly WebGPU. The main effect is slower operations and, sometimes, shorter battery life.

Development quote of the week

Posted Sep 1, 2022 21:52 UTC (Thu) by davidstrauss (guest, #85867) [Link] (3 responses)

I suspect there are many consequences to the QubesOS approach to X. While I haven't used Qubes, the architecture you've described probably makes clipboards and screen sharing challenging. These areas are -- not coincidentally -- among the challenges for porting apps to Wayland.

So, I'm not sure I find it this case for secure X convincing if it introduces the same compatibility breaks as the Wayland transition.

Am I wrong?

Development quote of the week

Posted Sep 1, 2022 23:22 UTC (Thu) by ncm (guest, #165) [Link] (2 responses)

The clipboard is a *little* more complicated in Qubes, but by design. To paste from one VM to another, you ctrl-C, ctrl-shift-C, and then ctrl-shift-V, ctrl-V in a destination VM window. I.e., a VM can see what is in another VM's clipboard only where you have positively told your desktop UI when you want that to happen.

I have not done a screen-share myself, but I am assured it works. Of course only the windows that belong to the VM that is sharing show up, because those are the only ones it can see. But you can run as many different programs as you like in each VM, memory permitting.

Media works: audio streams go from any VM via pulseaudio to the one that owns your speakers. You can direct your microphone and camera to a VM you have chosen, for exactly as long as you want that.

(BTW, if you want to try out Qubes, and have a laptop with an Nvidia chip *and* a GPU integrated on the CPU, as most of us do, be sure to consult the "Nvidia troubleshooting" page when installing. Nvidia makes things difficult, as always. I gather some people have succeeded in assigning their Nvidia chip to a particular VM, after boot.)

Development quote of the week

Posted Sep 1, 2022 23:41 UTC (Thu) by davidstrauss (guest, #85867) [Link] (1 responses)

That clipboard integration is better than I expected, but screen sharing only within the same VM is *exactly* what I expected.

VM-based X isolation is not great if the goal is to prolifically isolate applications because there's tension between isolation, functionality, and convenience. for example, I don't want my browser windows always visible to Zoom, nor do I want to fire up a new browser in my Zoom VM and recreate what I want to share before being able to.

Now that it actually works, I rather like my Zoom + Wayland + Flatpak experience of sharing existing windows but only when I allow it. Perhaps we can ultimately get the best of all worlds by using VMs but proxying sharing through Flatpak-style portals? In many ways, Flatpak-style portals should make it easier to share across VM boundaries than more direct application access of things like files and screen contents.

I am interested in trying Qubes, though. I have a simple graphics situation: AMD on my desktop and Intel on my laptop. As a nearly exclusive Linux user, I have avoided NVIDIA GPUs for my graphics so far. So, hopefully easy riding!

Development quote of the week

Posted Sep 2, 2022 7:14 UTC (Fri) by ncm (guest, #165) [Link]

It would probably be simpler to start up a zoom in a throwaway snapshot of your browser VM. (VMs can be copied very quickly.) But I get that it was just an example. The tension between convenience and security is always fraught.

Let me recommend having at least 24GB of RAM to run VMs in, if you try Qubes. It doesn't look like Wayland will be well supported in Qubes anytime soon.

Development quote of the week

Posted Sep 2, 2022 11:48 UTC (Fri) by njs (subscriber, #40338) [Link]

> Despite common claims to the contrary, X can be secure.

I mean... sure, I guess. But the way Qubes does it is by throwing out the entire X protocol and replacing it with a totally different display system, similar to VNC or RDP. If that's your standard, then X could have a built-in rootkit and it would still be "secure". Technically true, but not really something that X can brag about.

Development quote of the week

Posted Sep 19, 2022 8:11 UTC (Mon) by daenzer (subscriber, #7050) [Link] (1 responses)

I'm a bit puzzled why this quote was picked. AFAICT this person hasn't had any significant involvement in the development of X (or Wayland, for that matter). So I'm not sure why their opinion on these matters would be considered particularly interesting.

> the X server is not seeing a lack of maintenance, manpower, or even new features: XInput 2.4, with support for trackpad gestures, was released approximately a year ago, which shows that it is evolving faster than it was during the heyday of X development in the mid-90s.

That's a pretty absurd claim. Admittedly I joined X development only around the millennium, but per https://en.wikipedia.org/wiki/X_Window_System the Unix workstation vendors were employing *thousands* of people to work on X in its heyday.

Now I don't know of anybody being employed to work on Xorg full-time. Most of the activity in the xserver tree these days is for Xwayland and other DDXen other than Xorg. It's quite a stark contrast even to the previous two decades.

(Saying "released a year ago with a new feature" shows that it is "evolving fast" is already quite a stretch :)

> X is also a stable and mature system, [...]

It's certainly mature by some meaning of the word. :) When I joined development of X, it was about as old as Wayland is now. At the time, it was just starting to get new features such as anti-aliased text rendering and compositing. Wayland is more feature-complete now than X was back then.

Development quote of the week

Posted Sep 19, 2022 10:11 UTC (Mon) by atnot (guest, #124910) [Link]

> Now I don't know of anybody being employed to work on Xorg full-time. Most of the activity in the xserver tree these days is for Xwayland and other DDXen other than Xorg.

Even the quoted new touchpad gesture support is that. It's part of an effort to improve touchpad support for Linux which touches lots of the stack ("macos like touchpad" project). Xorg just happened to be one of the many places they plumbed things through to make gestures accessible to more apps.

Using this one-off sponsored feature development as a sign of X being actively developed is kind of ridiculous.