泰晓科技 -- 聚焦 Linux - 追本溯源,见微知著!
网站地址:http://tinylab.org

随身Linux Lab实验盘:128G可当256G使
请稍侯

泰晓资讯·3月 / 第三期 / 2020

Wang Chen 创作于 2020/03/20

“泰晓资讯”,广泛报道 “Linux/开源” 业界资讯。欢迎广大读者投递相关资讯来源和素材,本站将进一步收集整理后发布给大家。

  • Linux Kernel 5.6-rc6 发布

    Another week, another rc.
    
    Things look normal - all the stats look like they usually do at this point.
    
    The full patch is about 60% driver changes (gpu, networking, s390
    stand out, but there's noise all over), with the rest being tooling
    (mainly perf), networking, arch updates (mainly x86, but some arc,
    mips and s390 too), and misc core updates.
    
    Diffstat looks normal, and the number of commits is right in the
    middle of the usual range too. And I don't think any of the commits
    look all that strange either - it's all pretty small.
    
    So please test,
    
                Linus
    

    Linus Torvalds 于 15 日发布了 Linux Kernel 5.6-rc6,代码指标在内核周期的这一阶段看起来还不错。

    Linus 指出,第六次每周发布的候选版的所有统计数据看起来没有什么异常。 本周大约有 60% 的更改是有关驱动程序的修复,其余的是有关工具、网络和架构方面的更新。

    因此,如果继续保持这种情况,Linux 的 5.6 版本有望在三月底按时发布。

    关键词: Linux, 5.6-rc

  • 谁来保护 Linux 的开发流程?

    The kernel development process is based on trust at many levels — trust in developers, but also in the infrastructure that supports the community. In some cases, that trust may not be entirely deserved; most of us have long since learned not to trust much of anything that shows up in email, for example, but developers still generally trust that emailed patches will be what they appear to be. In his ongoing effort to bring more security to kernel development, Konstantin Ryabitsev has proposed a patch attestation scheme that could help subsystem maintainers verify the provenance of the patches showing up in their mailboxes.

    内核的整个开发过程基于多个级别的信任-不仅基于对开发人员的信任,也基于对支撑社区的基础架构的信任。在某些情况下,这种信任可能并不完全可靠;例如,我们大多数人早就意识到不能完全信任电子邮件中显示的内容,但是 Linux 社区的开发人员仍然普遍相电子邮件,大家已经习惯于采用电子邮件发送补丁并且并没有觉得有什么不正常。为了不断提高内核开发的安全性,Konstantin Ryabitsev 提出了一个补丁,希望给开发流程添加证书机制,从而可以帮助子系统的维护人员验证收到的含有补丁程序的电子邮件的来源。

    Ryabitsev 的目标是使整个验证过程足够简单容易,因为只有足够的简单才能使得繁忙的内核开发人员愿意接受将其添加到他们的工作流程中。目前,他希望将其提出的方案与使用 git send-email 发送一组补丁的流程进行集成。开发人员可以通过创建一个存放补丁代码的目录,然后以常规方式通过运行 git send-email 命令将其发送出去,并在该过程中添加证书。更多的验证过程细节可以阅读原文 “Attestation for kernel patches”

    Ryabitsev 的建议是否真的会被社区接受还有待观察。考虑到历史上社区对流程安全管理上总是抱着可有可无的态度,特别地甚至像 Linus Torvalds 这样的高层人士也对此不是很感冒 ……。当然,如果在 Linux 社区中真的发生了一次安全攻击事件或许可以迅速地改变那些 “大人物” 的态度。

    关键词: Linux, development process

  • 眼看着要和 “High Memory” 说拜拜?

    This patch from Johannes Weiner seemed like a straightforward way to improve memory-reclaim performance; without it, the virtual filesystem layer throws away memory that the memory-management subsystem thinks is still worth keeping. But that patch quickly ran afoul of a feature (or “misfeature” depending on who one asks) from the distant past, one which goes by the name of “high memory”. Now, more than 20 year