KDE is getting woke

 
Sustainable Software: KDE software is many things: free, beautiful, performant, customizable… The list goes on. But how about all that and environmentally sustainable too? This is the question that Cornelius, our new Champion, will answer while working with the community towards this Goal. This topic of course is not new to him, as he helped set up funding for KDE Eco, KDE’s incursion into research to produce more energy-efficient software. Cornelius plans to help continue certifying KDE apps (like KDE’s PDF reader Okular!), set up testing for measuring the environmental impact of our software, and improving its efficiency where needed.

What was wrong about building fast, efficient software that performs well? Why do you need to justify performant software referring to moral? Moralism is invading all areas of our culture and brining ideologue and religious principles to engineering which used to be a pure rationale discipline. Welcome to The Brave New World!

Linux 5.20 might become the first real-time capable upstream kernel version

 
After years in the works, the "PREEMPT_RT" support for building a real-time Linux kernel might finally be mainlined for the upcoming Linux 5.20 cycle if the last few remaining bits are reviewed/signed-off on in time for next week's merge window. The Linux real-time patch series has been getting smaller with time and quite close to crossing the finish line with just around 50 patches to be merged. This allows for building a real-time / fully preemptible kernel off the mainline code for embedded Linux systems.

Real-time Linux variants were available for years already. These variants wehre off-tree variants maintained by enthusiasts and enabled through dozens of patches on top of the upstream Linux. With Linux 5.20 patching might turn into a thing of the past as all the real-time code will become part of the mainline. So building a real-time Linux will be just a matter of flipping the right configuration checkbox. Google's real-time Fuchsia lab finally can be scrapped for good.

New AMD notebooks do not boot Linux

 
I finally managed to get hold of a Thinkpad Z13 to examine a functional implementation of Microsoft's Pluton security co-processor. Trying to boot Linux from a USB stick failed out of the box for no obvious reason, but after further examination the cause became clear - the firmware defaults to not trusting bootloaders or drivers signed with the Microsoft 3rd Party UEFI CA key. This means that given the default firmware configuration, nothing other than Windows will boot. It also means that you won't be able to boot from any third-party external peripherals that are plugged in via Thunderbolt. There's no security benefit to this. If you want security here you're paying attention to the values measured into the TPM, and thanks to Microsoft's own specification for measurements made into PCR 7, switching from booting Windows to booting something signed with the 3rd party signing key will change the measurements and invalidate any sealed secrets. It's trivial to detect this. Distrusting the 3rd party CA by default doesn't improve security, it just makes it harder for users to boot alternative operating systems. Lenovo, this isn't OK. The entire architecture of UEFI secure boot is that it allows for security without compromising user choice of OS. Restricting boot to Windows by default provides no security benefit but makes it harder for people to run the OS they want to. Please fix it.

I never understood why so many in the Linux community always preferred the supposed underdog AMD, compared to Intel. AMD is far from being an underdog. AMD is a US corporation, just like Intel is. However unlike Intel, AMD does not contribute as much to the Linux kernel and the overall community as Intel is doing.

UnityX, a GTK-based alternative to the GNOME desktop environment

 
UnityX uses GTK as the UI toolkit. However, unlike many other desktop environments (including the previous version of Unity, Unity7), it does not employ GNOME components. Most of the components of UnityX are licensed under the GNU General Public License version 3.

It's great to see an alternative to GNOME that hopefully won't follow KDE's philosophy of configuration overkill that brings tons of new bugs to every new increment of KDE fixing tons of old bugs.

GNOME 43 is going to emphasize web integration

 
First of all, GNOME Software 43 is getting support for Web Apps, with a focus on PWAs (Progressive Web Apps). With this, the GNOME devs want you to enjoy even more apps on your Linux distro. In addition to supporting Web Apps, GNOME Software 43 also brings improved support for Flatpak apps as the graphical package manager and app store is now capable of displaying file system permissions requested by Flatpak apps.

There are many reasons for building UI-centric apps atop web technologies and not using native apps. It's not year 2000 where you'd need to sacrifice performance because choosing web tech. Actually for various reasons the performance might be even better compared to native apps.

GTK5 to drop X11 support to remain Wayland-only

 
Before this issue becomes an unreadable dumping ground of complaints about Wayland: we are talking about GTK5, which currently has no fixed release time frame GTK provides the client side of Wayland, so it has nothing to do with how Wayland compositors work extant issues of Wayland clients and compositors have no bearing with whether GTK5 should drop the X11 backend; file bugs for toolkits, compositors, and the protocols Also, gentle reminder that any Xlib-based code base is tied with the current (lack of) maintenance status of X11; things are unlikely to improve on that side of the equation. If you want to ensure that the X11 backend in toolkits still works, go and help the X11 project first.

Dropping support is easier in non-commercial environments and usually there are lots of younger enthusiasts who do not understand the concept of legacy support. In this case however its just reasonable to drop X11 support considering the release timelines.

Xonotic 0.8.5 - an overhauled epic OSS first person shooter (FPS)

 
Xonotic 0.8.5 is the new version released and it continues to further enhance this open-source game. Xonotic as a reminder is built atop the DarkPlaces engine, which is derived from the original Quake engine but has seen significant modifications over the past 20+ years. There’s been thousands of commits since 0.8.2 making this quite a long read for all the right reasons: refined gameplay, new and updated maps and models, new sound effects, more dangerous bots, new HUD and menu features, more translations, better infrastructure, too many fixes to count, and much more. XonStat and NetRadiant made great progress too.

Xonotic is probably one of the few - if not THE - most stellar OSS FPS for Linux

Intel shifts from x86 to RISC-V for supercomputing

 
Intel and the Barcelona Supercomputing Centre (BSC) have announced a €400 million investment in a new lab dedicated to developing RISC-V processors. The facility will focus on building RISC-V-based CPUs to power high-performance computing (HPC) systems, as well as specialized chips for artificial intelligence and autonomous vehicles. The objective is to enable zettascale-class systems, roughly 1,000x more powerful than the fastest supercomputers today, a milestone Intel is aiming to achieve within the next five years. “High-performance computing is the key to solving the world’s most challenging problems and we at Intel have an ambitious goal to sprint to zettascale era for HPC [sic],” said Jeff McVeigh, VP & GM of Intel’s Super Compute Group. “Barcelona Supercomputing Center shares our vision for this goal, with equal emphasis on sustainability and an open approach. We are excited to partner with them to embark on this journey.”

Looks like ARM has already seen its peak momentum. In the end the ARM architecture belongs to a single western company.

Linux is moving closer to a realtime kernel

 
The real-time (RT) patch series still hasn't been mainlined but the patch delta is slowly winding down with each new kernel version. Out today is the re-based RT patch series for the recently minted Linux 5.19-rc1 with some of the prior real-time patches having been upstreamed this merge window and other patches re-based to work with the newest kernel code. For v5.18-rt11-patches it was a set of 95 patches while now with v5.19-rc1-rt1 it's down to just 53 patches! A lot of necessary kernel changes for real-time kernel support managed to work their way upstream this cycle across various subsystems.

For years already Linux can be patched to fulfil realtime criteria. It would be interesting to know what the major differences between Google's Fuchsia OS and Linux are. Fuchsia was designed to be a realtime OS since its inception.

Java 19 is getting a Linux/RISC-V Port

 
Huawei Technologies, Alibaba, and Red Hat regularly build and test this port on Linux/RISC-V as well as on the currently-supported JDK platforms to ensure that no regressions are introduced which break the existing platforms. Huawei Technologies is committed to support fully (i.e., regularly update, enhance, and test) the code introduced by this effort.

Unlike ARM, the RISC-V ISA is loyalty-free and a great opportunity to diversify the industry.

The customizable Framework laptop w/ open-source firmware

 
The Framework Laptop currently is centered around Intel Tiger Lake. Unfortunately, no AMD Ryzen options at this point or for say any Arm based designs. While this is quite an upgradeable and well designed laptop, at least currently it doesn't hold any claims about being open-source down to the firmware or like -- compared to some of the goals with the EOMA68 effort. The initial Tiger Lake based laptop at least is still relying upon proprietary system firmware / BIOS. Given all of the gains made by this laptop, it would be great if they had at least a Coreboot port available while still limited by the Intel FSP, etc. Hopefully this will be an area they pursue further moving forward.

Seeing the firmware bump is nice but even nicer is the general framework concept and the Linux-first approach of the vendor.

Fedora 36 to support OSTree native containers / CoreOS layering

 
The Fedora Engineering and Steering Committee (FESCo) has approved a change to enhance the RPM OSTreee stack to natively support OCI/Docker containers as a transport and delivery mechanism for operating system content. This feature is the basis for "CoreOS Layering" as a means of allowing operating system updates from container images and easily generating layered images from a CoreOS base image.

Docker is the ultimate way to ship immutable layered deliverables.

Intel's Cloud Hypervisor is moving to the Linux Foundation

 
Cloud Hypervisor is an open source Virtual Machine Monitor (VMM) implemented in Rust that focuses on running modern, cloud workloads, with minimal hardware emulation.

One of the few domains where Rust can playout its safety strengths very well. Also it's backed by industry behemoths like ARM, Microsoft, and Intel.

XiangShan is a RISC-V high-performance CPU engineered in China

 
XiangShan, released jointly by Institute of Computing Technology, Chinese Academy of Sciences (ICT, CAS) and Peng Cheng Laboratory (PCL), is an open-source high-performance RISC-V processor started in June 2020. It's written in Chisel hardware construction language and supports RV64GC instruction set. During the development of XiangShan, they built many open-source agile tools to speed up the development, including differential testing, simulation snapshot, RISC-V checkpoints, etc. XiangShan has been taped-out for the first time in July 2021 and is expected to have its second generation taped-out at early 2022. XiangShan has been open-sourced at GitHub and contributions are welcome. In this talk, Dr. Bao will focus on the experience in chip agile development and introduce the development tools used in the XiangShan project.

RISC-V is an open standard instruction set architecture (ISA) based on established reduced instruction set computer (RISC) principles. Great to see more actual CPUs being published which could disrupt the server, desktop, and mobile phone market just as ARM did it 10 years ago.

Java 18' Foreign Function & Memory API

 
Introduce an API by which Java programs can interoperate with code and data outside of the Java runtime. By efficiently invoking foreign functions (i.e., code outside the JVM), and by safely accessing foreign memory (i.e., memory not managed by the JVM), the API enables Java programs to call native libraries and process native data without the brittleness and danger of JNI.

This feature would enable safe & secure interoperability with non JVM programs which would strengthen the JVM ecosystem overall.

Rust code is coming to Linux to stay and evolve

 
In 2022 we will very likely see the experimental Rust programming language support within the Linux kernel mainlined. Sent out this morning were the updated patches introducing the initial support and infrastructure around handling of Rust within the kernel.
This summer saw the earlier patch series posted for review and discussion around introducing Rust programming language support in the Linux kernel to complement its longstanding C focus. In the months since there has been more progress on enabling Rust for the Linux kernel development, Linus Torvalds is not opposed to it, and others getting onboard with the effort. Rust for the Linux kernel remains of increasing interest to developers over security concerns with Rust affording more memory safety protections, potentially lowering the barrier to contributing to the kernel, and other related benefits.

Seeing Rust code inside the Linux kernel might increase its safety and security yet making kernel engineering more appealing to younger engineers who could not develop their skills in C yet.

Ungoogled Chromium a Chrome browser without the Google magic and warez

 
Without signing in to a Google Account, Chromium does pretty well in terms of security and privacy. However, Chromium still has some dependency on Google web services and binaries. In addition, Google designed Chromium to be easy and intuitive for users, which means they compromise on transparency and control of inner operations. ungoogled-chromium addresses these issues in the following ways:
  1. Remove all remaining background requests to any web services while building and running the browser
  2. Remove all code specific to Google web services
  3. Remove all uses of pre-made binaries from the source code, and replace them with user-provided alternatives when possible.
  4. Disable features that inhibit control and transparency, and add or modify features that promote them (these changes will almost always require manual activation or enabling).

Chromium is great just like Android but both are not necessarily tied to Google as both are OSS at their core.

Wasmer 2.1 WebAssembly implementation adds virtual filesystem, Lisp and Crystal support

 
After a few months of work, we are super happy to announce the general availability of Wasmer 2.1. Packed with amazing new features and bug fixes, including: Wasmer 2.1 also kicks off the company's transition to a milestone-driven public roadmap and delivery process

Wasmer as "the universal WebAssembly runtime" that focuses on being able to run WASM code on any platform is out with its next major release. Great to see a cross-platform universal runtime making progress.

Longson is China's MIPS64 based CPU architecture

 
China's Loongson continues bringing up LoongArch processor support for Linux with this MIPS64-based ISA now seeing the complete patch series for review to enable the GNU Compiler Collection (GCC). For months Loongson has been working on LoongArch support for the Linux kernel to varying extents from the new CPU ISA functionality to copying a lot of existing MIPS64 code and adding in new IDs. That Linux kernel support is still in the works. Concurrently they have been working on the compiler/toolchain side as well. Recently LoongArch support for GNU Binutils was merged while sent out today were the set of 12 patches for wiring up the GCC compiler support.

Great to have an ISA competitor for ARM and vendors like Apple & Qualcomm that build their CPUs licensing ARM's CPU architecture.

Amazon Linux 2022 is Fedora Linux wrapper

 
Amazon Linux / Amazon Linux 2 had been based on a combination of RHEL and Fedora packages while in today's Amazon Linux 2022 release they note it's explicitly based on Fedora. Besides apparently being more Fedora oriented now than RHEL, with Amazon Linux 2022 they are transitioning to a formal two year release cadence between their releases while having quarterly point releases. AWS intends to provide major Amazon Linux updates every two years while each major release will see five years of support and quarterly minor release updates. As for the noted changes in Amazon Linux 2022, "AL2022 uses the Fedora project as its upstream to provide customers with a wide variety of the latest software, such as updated language runtimes, as part of quarterly releases. In addition, AL2022 has SELinux enabled and enforced by default." There are surely more changes in tow while this is just what they outlined for today's announcement.

It seems to be a pattern to create a corporate wrapper around everything a corporation touches. Those wrappers usually do not provide any additional value and make things just complicated.

Microsoft Working On Direct3D 12 Video Acceleration For Mesa

 
Microsoft's latest work in the area of open-source graphics drivers with the Mesa stack is for adding Direct3D 12 video acceleration support. As part of Microsoft's continued work around supporting GUI applications with Windows Subsystem for Linux (WSL2) and mapping Vulkan/OpenGL/OpenCL over Direct3D on Windows, Microsoft engineers are now working on adding Direct3D 12 video acceleration support to Mesa. Not only are they working to add D3D12 video acceleration to their Gallium3D Direct3D 12 driver, but they are hoping to implement it so that other Mesa video front-ends would be able to work off this D3D12 video acceleration code path. In theory this would allow Mesa's VA-API and VDPAU implementations to be able to run off D3D12 video hardware acceleration in such environments.

Nothing has changed, MS is still driving its good old embrace, extend, extinguish strategy. In this case this would introduce Windows as a fixed & crucial dependency to Linux workloads, making Windows a better platform to run certain Linux workloads or even to run certain Linux workloads at all.

After five years, WSL is still an 80% Linux on Windows

 
Canonical continues working heavily on enhancing the capabilities of Ubuntu within the Microsoft Windows confines of WSL. Each week as part of their weekly status reports continues to reflect a great deal of attention to WSL (as well as their ongoing new desktop installer, Snaps, and Flutter efforts from the desktop side, just as OpenZFS support used to receive a lot of attention too).

This week one of the more interesting WSL mentions is proof-of-concept work on using systemd within Windows Subsystem for Linux. Well known Ubuntu developers Didier Roche and Jean Baptiste Lallement of Canonical's desktop team mentioned among their WSL work recently was "PoC of systemd on WSL at startup of an instance."

After five years WSL, Linux support on Windows with WSL is still far from completed. There are still many edge cases that make WSL just a useful hack. Deleting opened files is still not possible with Windows like it is possible wit Unix/POSIX systems. This breaks the compatibility of many Linux apps on Windows, e.g. when running Gradle via WSL and working with an IDE on Windows.

Alpine Linux - a simple Linux distribution

 
Alpine Linux is built around musl libc and busybox. This makes it smaller and more resource efficient than traditional GNU/Linux distributions. A container requires no more than 8 MB and a minimal installation to disk requires around 130 MB of storage. Not only do you get a fully-fledged Linux environment but a large selection of packages from the repository. Binary packages are thinned out and split, giving you even more control over what you install, which in turn keeps your environment as small and efficient as possible.

Recently I switched from Fedora to Alpine Linux as my default build-time & runtime container. I've recognized that my benchmark numbers and build times are much more consistent now. I used to have multiple failures for my Selenium tests due to inconsistent runtime behavior of my Fedora-based images - these failures ended for good with Alpine Linux.

Intel 12gen CPU performance is behind Windows 11' in contrast to Intel's 11gen CPUs

 
Just like with the recent Rocket Lake benchmarking on Windows 11, Linux was leading. In this complementary Tiger Lake testing, Ubuntu 21.10 was in first place over Windows 11 for 75% of the benchmarks. As I have been showing since the Alder Lake launch day earlier this month, the Core i5 12600K and Core i9 12900K performance under Linux can be quite good and competitive with AMD Ryzen on Ubuntu and other distributions. However, as shown by these benchmarks there is more uplift possible still under Linux if Intel gets their Thread Director support in order and should also take care of the higher run-to-run variance now exhibited under Linux and not Windows 11. Stay tuned to Phoronix for learning more about the ongoing Alder Lake developments and performance under Linux.

Still sad to see that every major architectural advancement is getting just delayed support on Linux. The overall hardware support situation on Linux improved but this is rather due to overall hardware industry-wide standardization efforts and not due to proactive hardware company support for Linux.

Btrfs is about to break its file system format

 
tl;dr I’m working on a large set of on-disk format changes to address some of the more painful parts of Btrfs’s design. There’s a lot of discrete changes here, but they’ll all go under the single umbrella of “extent-tree-v2.” We’ve spent a few months going back and forth on different approaches, and have finally settled on a final set of changes. The global roots and block group root patches have been completed and submitted, but there’s a lot more change coming.

Changing a file system's format in a non-backwards-compatible way is breaking its most important API contract. On the one hand it's good to push performance but introducing this breaking change is like introducing a completely new file system that can be created on top of any other random file system. Not doing this is what makes file system design a though challenge.

OpenZFS 3.0 keeps improving with DirectIO, object store and macOS support

 
The annual OpenZFS Developer Summit wrapped up yesterday with interesting talks on this open-source, cross-platform ZFS file-system implementation. ZFS co-creator Matt Ahrens kicked things off as usual, including touching on future work and possible expectations for OpenZFS 3.0. Given the annual major release cadence, OpenZFS 3.0 is up next for the project that currently has support for Linux and FreeBSD systems. Some of the possible features expressed for OpenZFS 3.0 include macOS support, DirectIO, RAIDZ expansion, Linux namespaces, ZFS on object store, FIEMAP, VDEV properties, async DMU, and more. We'll see though next year ultimately what pans out for the next ZFS release.

With the official release macOS support, ZFS would be the first and only enterprise-grade file system that supports production workloads on all major operating systems.

ARM bumps architecture to ARMv9 with CCA and SVE2

 
Hardware security isn’t a given: A single vulnerability could compromise an entire network, and we face new attempts to exploit Arm technology every day. To get a sense for how pervasive the problem is, Symantec detected almost 19 million attacks on its Internet of Things (IoT) honeypots in the first quarter of 2020. That’s a rate of more than 100 attacks per second, 13 percent higher than we saw towards the end of 2019. In Armv9, we are introducing new features designed to deliver confidential computing – now an industry priority – at scale. Ordinarily, the operating system (OS) of a device has the highest authority and can see and do everything. Confidential compute changes that, and while the OS still decides what can run when, applications sit in a separate hardware-protected area of memory isolated from everything else in the system. The Arm Confidential Compute Architecture (CCA) builds on the foundations of Arm TrustZone by enabling, for example, your personal banking information to be fully separated from your smartphone’s social media applications. Arm CCA’s new security features mean that even if a social media app did become infected with malware, it could not spread to the rest of your device.

Confidential Compute Architecture (CCA) is probably one of the most exciting aspects about ARMv9 as it brings the same confidence to cloud computing as AMD's Zen 2 did.

Zen 4 is coming in the form of EPIC Genoa and Bergamo to servers first

 
In addition to announcing Milan-X processors at the virtual Accelerated Data Center Premiere event, AMD just provided some new public details concerning next-generation Zen 4 processors. The key takeaways from today's disclosures around the Zen 4 road-map include: EPYC "Genoa" processors will feature up to 96 high performance Zen 4 cores with DDR5 and PCIe 5.0 support. Zen 4 as expected uses the TSMC 5nm process. EPYC "Bergamo" is a high-core count compute engine designed for cloud-native workloads and other environments. Bergamo will feature up to 128 Zen 4 "C" cores. Bergamo will carry all of the same Genoa features like DDR5, PCIe 5.0, CXL 1.1, and more. Bergamo is socket-compatible with Genoa. The "Zen 4 C" is software-compatible with Zen 4 but with enhancements for cloud workloads and power efficiency enhancements. Look for more information on Zen 4 desktop and server platforms in 2022 and the expected launch later in the year. Bergamo isn't expected until H1'2023.

Technically AMD dominates Intel on servers. We'll see if AMD also manages to turn this tech advantage into profit. In the end it's all about economic success as the tragedy around Sun Microsystems Inc. have shown.

AMD older Q121 CPU crushes Intel's newly released Alder Lake CPU in benchmarks

 
Published yesterday was the Core i5 12600K / Core i9 12900K Linux review looking at the exciting performance uplift provided by Alder Lake. One of the areas only talked about briefly in yesterday's article were the UHD Graphics 770 found with these new desktop processors, due to time constraints with only having a few days so far for carrying out tests. Today the initial batch of UHD Graphics 770 / ADL-S GT1 Linux graphics/gaming benchmarks have wrapped up to show how the Intel graphics performance compares to prior generation Rocket Lake as well as AMD's Ryzen 7 5700G.

The only area where Intel CPUs still provide decent overall experience is the notebook segment.

oneAPI L0 & OpenCL Compute Runtimes Are Coming To WSL2

 
Hardware-accelerated oneAPI Level Zero, OpenVINO, and OpenCL on Intel graphics hardware can now be enjoyed within the WSL2 environment when using the latest updates and drivers. Like with the rest of the WSL2 stack and capabilities from other GPU vendors, this is at a near-native level of performance. Notable with this effort is Microsoft getting Intel's open-source Compute-Runtime working atop Microsoft's open-source but not mainlined kernel driver. This is in reference to the DirectX "dxgkrnl" driver that had slim prospects of being mainlined when published last year in large part over lack of open-source clients. With this wired up Intel Compute-Runtime code atop, there is the possibility now Microsoft will try to get their DXGKRNL driver merged to mainline.

Intel Tiger Lake Performance Between Windows 10 vs. Ubuntu 21.04 Linux

 
With having hands on with a Dell XPS 13 9310 (Dell 0DXP1F) with the Core i7 1185G7 Tiger Lake processor (compared to prior Linux tests with the i7-1165G7), here is a fresh look at the performance of Microsoft Windows 10 Pro as shipped by Dell with all available stable updates versus a clean install of Ubuntu 21.04 Linux.

Just a few years ago, Windows was leading in benchmarks for common graphics-driven apps. The times are changing.

Kinux 5.14 sees secret memory areas via memfd_secret

 
The "memfd_secret" system call is being added to the Linux 5.14 kernel to provide the ability to create memory areas that are visible only in the context of the owning process and these "secret" memory regions are not mapped by other processes or the kernel page tables. Using memfd_secret means the memory areas will only be mapped in the page table of the processes that have access to the owning file descriptor and is unmapped from the kernel direct map. Access to memfd_secret is disabled by default but requires using the secretmem_enable boot time option when booting the kernel to enable this secret memory functionality.

I am curious when there will user space software tools that will actually leverage this system call or if it's just a stillbirth.