lwn.net

lwn.net 피드 구독하기
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
업데이트: 32분 31초 지남

[$] Shrinking the kernel with link-time garbage collection

6시간 33분 지남
One of the keys to fitting the Linux kernel into a small system is to remove any code that is not needed. The kernel's configuration system allows that to be done on a large scale, but it still results in the building of a kernel containing many smaller chunks of unused code and data. With a bit of work, though, the compiler and linker can be made to work together to garbage-collect much of that unused code and recover the wasted space for more important uses.

Click below (subscribers only) for a detailed article from Nicolas Pitre on how to use link-time garbage collection to create a smaller kernel image.

카테고리:

Security updates for Friday

12시간 50분 지남
Security updates have been issued by Debian (erlang), Fedora (python-dulwich), Gentoo (curl, opencv, openssl, and webkit-gtk), openSUSE (libapr-util1 and php5), Red Hat (qemu-kvm-rhev), and Ubuntu (linux, linux-aws, linux-kvm, linux-raspi2 and linux-lts-xenial, linux-aws).
카테고리:

Goodbye, net neutrality—Ajit Pai’s FCC votes to allow blocking and throttling (Ars Technica)

금, 2017/12/15 - 5:04오전
In a vote that was not any kind of surprise, the US Federal Communications Commission (FCC) voted to end the "net neutrality" rules that stop internet service providers (ISPs) and others from blocking or throttling certain kinds of traffic to try to force consumers and content providers to pay more for "fast lanes". Ars Technica covers the vote and the reaction to it, including the fact that the fight is not yet over: "Plenty of organizations might appeal, said consumer advocate Gigi Sohn, who was a top counselor to then-FCC Chairman Tom Wheeler when the commission imposed its rules. 'I think you'll see public interest groups, trade associations, and small and mid-sized tech companies filing the petitions for review,' Sohn told Ars. One or two 'big companies' could also challenge the repeal, she thinks. Lawsuit filers can challenge the repeal on numerous respects, she said. They can argue that the public record doesn't support the FCC's claim that broadband isn't a telecommunications service, that 'throwing away all protections for consumers and innovators for the first time since this issue has been debated is arbitrary and capricious,' and that the FCC cannot preempt state net neutrality laws, she said."
카테고리:

Protecting code integrity with PGP

금, 2017/12/15 - 1:40오전
Linux Foundation Director of IT infrastructure security, Konstantin Ryabitsev, has put together a lengthy guide to using Git and PGP to protect the integrity of source code. In a Google+ post, he called it "beta quality" and asked for help with corrections and fixes. "PGP incorporates a trust delegation mechanism known as the 'Web of Trust.' At its core, this is an attempt to replace the need for centralized Certification Authorities of the HTTPS/TLS world. Instead of various software makers dictating who should be your trusted certifying entity, PGP leaves this responsibility to each user. Unfortunately, very few people understand how the Web of Trust works, and even fewer bother to keep it going. It remains an important aspect of the OpenPGP specification, but recent versions of GnuPG (2.2 and above) have implemented an alternative mechanism called 'Trust on First Use' (TOFU). You can think of TOFU as 'the SSH-like approach to trust.' With SSH, the first time you connect to a remote system, its key fingerprint is recorded and remembered. If the key changes in the future, the SSH client will alert you and refuse to connect, forcing you to make a decision on whether you choose to trust the changed key or not. Similarly, the first time you import someone's PGP key, it is assumed to be trusted. If at any point in the future GnuPG comes across another key with the same identity, both the previously imported key and the new key will be marked as invalid and you will need to manually figure out which one to keep. In this guide, we will be using the TOFU trust model."
카테고리:

Stable kernels 4.14.6 and 4.9.69

금, 2017/12/15 - 1:21오전
Two new stable kernels have been released by Greg Kroah-Hartman: 4.14.6 and 4.9.69. As usual, they contain fixes all over the kernel tree; users of those series should upgrade.
카테고리:

Security updates for Thursday

금, 2017/12/15 - 12:41오전
Security updates have been issued by Arch Linux (qt5-webengine and quagga), Debian (xrdp), Oracle (kernel), Red Hat (eap7-jboss-ec2-eap, go-toolset-7 and go-toolset-7-golang, and java-1.8.0-ibm), and SUSE (intel-SINIT and tomcat).
카테고리:

[$] LWN.net Weekly Edition for December 14, 2017

목, 2017/12/14 - 10:27오전
The LWN.net Weekly Edition for December 14, 2017 is available.
카테고리:

[$] MAP_FIXED_SAFE

목, 2017/12/14 - 7:46오전
The MAP_FIXED option to the mmap() system call allows a process to specify that a mapping should be placed at a given virtual address if at all possible. It turns out, though, that "if at all possible" can involve a bit more collateral damage than some would like, and can even lead to exploitable vulnerabilities. A new, safer option is in the works but, as is often the case, it has run into a bit of non-technical difficulty.
카테고리:

[$] An overview of KubeCon + CloudNativeCon

목, 2017/12/14 - 3:22오전

The Cloud Native Computing Foundation (CNCF) held its conference, KubeCon + CloudNativeCon, in December 2017. There were 4000 attendees at this gathering in Austin, Texas, more than all the previous KubeCons before, which shows the rapid growth of the community building around the tool that was announced by Google in 2014. Large corporations are also taking a larger part in the community, with major players in the industry joining the CNCF, which is a project of the Linux Foundation. The CNCF now features three of the largest cloud hosting businesses (Amazon, Google, and Microsoft), but also emerging companies from Asia like Baidu and Alibaba.

카테고리:

Linaro ERP 17.12 released

목, 2017/12/14 - 1:58오전
Linaro has announced the 17.12 release of its "Enterprise Reference Platform" distribution. "The goal of the Linaro Enterprise Reference Platform is to provide a fully tested, end to end, documented, open source implementation for ARM based Enterprise servers. The Reference Platform includes kernel, a community supported userspace and additional relevant open source projects, and is validated against existing firmware releases."
카테고리:

Security updates for Wednesday

목, 2017/12/14 - 1:09오전
Security updates have been issued by Debian (tiff), openSUSE (firefox, fossil, GraphicsMagick, and libheimdal), Red Hat (rh-java-common-lucene and rh-java-common-lucene5), and Ubuntu (libxml2).
카테고리:

[$] Process tagging with ptags

수, 2017/12/13 - 9:22오전
For various reasons related to accounting and security, there is recurring interest in having the kernel identify the container that holds any given process. Attempts to implement that functionality tend to run into the same roadblock, though: the kernel has no concept of what a "container" is, and there is seemingly little desire to change that state of affairs. A solution to this problem may exist in the form of a neglected patch called "ptags", which enables the attachment of arbitrary tags to processes.
카테고리:

[$] Federation in social networks

수, 2017/12/13 - 7:27오전

Social networking is often approached by the free-software community with a certain amount of suspicion—rightly so, since commercial social networks almost always generate revenue by exploiting user data in one way or another. While attempts at a free-software approach to social networking have so far not met widespread success, the new ActivityPub federation protocol and its implementation in the free-software microblogging system Mastodon are gaining popularity and already show some of the advantages of a community-driven approach.

카테고리:

Fedora 25 End Of Life

수, 2017/12/13 - 6:56오전
Fedora 25 has reached its end of life. There will be no more updates. Users are advised to upgrade.
카테고리:

Security updates for Tuesday

수, 2017/12/13 - 1:02오전
Security updates have been issued by Debian (chromium-browser, evince, pdns-recursor, and simplesamlphp), Fedora (ceph, dhcp, erlang, exim, fedora-arm-installer, firefox, libvirt, openssh, pdns-recursor, rubygem-yard, thunderbird, wordpress, and xen), Red Hat (rh-mysql57-mysql), SUSE (kernel), and Ubuntu (openssl).
카테고리:

Nottingham: Internet protocols are changing

수, 2017/12/13 - 12:07오전
Worth a read: this APNIC blog entry from Mark Nottingham on the near-term evolution of various Internet protocols. "The newest change on the horizon is DOH — DNS over HTTP. A significant amount of research has shown that networks commonly use DNS as a means of imposing policy (whether on behalf of the network operator or a greater authority). Circumventing this kind of control with encryption has been discussed for a while, but it has a disadvantage (at least from some standpoints) — it is possible to discriminate it from other traffic; for example, by using its port number to block access. DOH addresses that by piggybacking DNS traffic onto an existing HTTP connection, thereby removing any discriminators."
카테고리:

[$] Toward better CPU load estimation

화, 2017/12/12 - 8:33오전
"Load tracking" refers to the kernel's attempts to track how much load each running process will put on the system's CPUs. Good load tracking can yield reasonable predictions about the near-future demands on the system; those, in turn, can be used to optimize the placement of processes and the selection of CPU-frequency parameters. Obviously, poor load tracking will lead to less-than-optimal results. While achieving perfection in load tracking seems unlikely for now, it appears that it is possible to to do better than current kernels do. The utilization estimation patch set from Patrick Bellasi is the latest in a series of efforts to make the scheduler's load tracking work well with a wider variety of workloads.
카테고리:

Artifex and Hancom Reach Settlement Over Ghostscript Open Source Dispute

화, 2017/12/12 - 6:10오전
Artifex Software, Inc. and Hancom, Inc. have announced a confidential agreement to settle their legal dispute. The case filed by Artifex concerned the use of Artifex’s GPL licensed Ghostscript in Hancom's office product. "While the parties had their differences in the interpretation of the open source license, the companies were able to reach an amicable resolution based on their mutual respect for and recognition of the copyright protection and the open source philosophy."
카테고리:

Elisa 0.0.80 Released

화, 2017/12/12 - 4:07오전
A very early alpha version of the Elisa music player has been released. "Elisa allows to browse music by album, artist or all tracks. The music is indexed using either a private indexer or an indexer using Baloo. The private one can be configured to scan music on chosen paths. The Baloo one is much faster because Baloo is providing all needed data from its own database. You can build and play your own playlist."
카테고리:

Debian stable releases

화, 2017/12/12 - 1:35오전
The Debian project has released updates to oldstable "jessie" and stable "stretch". Debian 9.3 "stretch" and Debian 8.10 "jessie" are available with the usual set of corrections for security issues and adjustments for serious problems.
카테고리:

페이지