Linux Kernel 2.6.30 Released

diegocgteleline.es writes "Linux kernel 2.6.30 has been released. The list of new features includes NILFS2 (a new, log-structured filesystem), a filesystem for object-based storage devices called exofs, local caching for NFS, the RDS protocol (which delivers high-performance reliable connections between the servers of a cluster), a new distributed networking filesystem (POHMELFS), automatic flushing of files on renames/truncates in ext3, ext4 and btrfs, preliminary support for the 802.11w drafts, support for the Microblaze architecture, the Tomoyo security MAC, DRM support for the Radeon R6xx/R7xx graphic cards, asynchronous scanning of devices and partitions for faster bootup, the preadv/pwritev syscalls, several new drivers and many other small improvements."

DRM?

[corsec67]

Why would DRM be listed as a "feature"?

Oh, wrong kind of DRM?

Re:DRM?

[sakdoctor]

The Direct Rendering Manager (DRM) is a component of the Direct Rendering Infrastructure, a system to provide efficient video acceleration (especially 3D rendering) on Unix-like operating systems, e.g. Linux, FreeBSD, NetBSD, and OpenBSD.
It consists of two in-kernel drivers (realized as kernel modules on Linux), a generic drm driver, and another which has specific support for the video hardware. This pair of drivers allows a userspace client direct access to the video hardware.

I assume it's this. Either that, or linux now has Direct response marketing in the kernel.

Re:DRM?

[Stoian+Ivanov]

Direct Rendering Managment - this DRM not the bad one

Re:DRM?

[mcgrew]

The bad one (not in Linux thankfully) is Dumb Restrictions on Media.

Also stands for Dinasaurs Require Money.

Re:DRM?

[smittyoneeach]

Dinasaurs Require Money

Doesn't Really Matter:
Democrat/Republican Madness
Devours Remaining Milkshake

Re:DRM?

[MadKeithV]

Derivative Regurgitated Music?

Re:DRM?

[Martin+Blank]

I have a hard time envisioning ethical uses for technology to weaponize pathogens

Would you consider it ethical to pursue the technology to gain an understanding of it for purposes of defending against it? Development of vaccines or treatments can come from such research; the US Army still practices and develops techniques for weaponizing biological and chemical agents even as the existing stockpiles are being destroyed. The military has no intentions of using them offensively, and concluded decades ago that the effectiveness over conventional weapons is non-existent when you factor in all of the costs of extra handling precautions and risks that come with actual use. However, since other nations (and more recently non-state entities) were continuing to develop weapons, the need to understand how they could be used and how to react was important.

Re:DRM?

[Hognoxious]

Dead Reiser's Mrs?

Re:Sad, but true:

[Povno]

Balmer... is that you?

In related news

Meanwhile back at GNOME H.Q. the developers are still undecided whether to move the "Ok" button on the default help screen 10 pixels to the right. Most think it would be a good idea but a hard core few insist that such a momentous change requires further study as it may confuse new users.

A new version of the dialogue is expected in 2037.

Re:In related news

[moosesocks]

Say what you want about the glacial speed with which GNOME progresses. Their developers don't rip out 2/3 of the features of their applications, and call it a " major upgrade."

There's also a key difference between 'minimalism' and 'feature-deprived'. Apple understand this, and the GNOME team seem to be catching on. XFce's flexibility also makes it a surprisingly good environment to work in, despite being billed as a 'bare bones' environment. KDE almost certainly doesn't understand this distinction, and I'd frankly be surprised if they had any sort of UI-design review process in place.

Take a look at the most recent release of Amarok, and tell me how the user interface effectively helps the user complete the task that the program was designed to accomplish. Now consider the percentage of screen real-estate that the application devotes to this task (it's around 30%, although you could argue that it's even less than that).

Now compare it to Winamp's famous classic skin, which only takes up a fraction of a 640x480 monitor, has collapsable UI elements to make it smaller if desired, and offers more options to the user up-front with textually-labeled controls. I can only guess what 1 of the 7 icons on the bottom right corner of the previously-linked screenshot actually do. I'll give credit to the KDE team for moving away from the 'Dozens of identical-looking blue icons' paradigm, although the new standard frankly isn't much better.

Re:In related news

[kigrwik]

Say what you want about the glacial speed with which GNOME progresses. Their developers don't rip out 2/3 of the features of their applications, and call it a " major upgrade."

You obviously don't remember gnome 2.0

Re:Sad, but true:

[ta+bu+shi+da+yu]

Eric Allman might well agree.

Re:DRM support? In the kernel?

[TheGratefulNet]

different DRM. this isn't 'rights mgmt' drm.

sometimes, 3 letters can mean different things.

POHMEL

[dimethylxanthine]

Not sure about the story behind naming POHMELFS what it is, but "pohmel'e" in Russian means "hangover". You can only guess...

Re:POHMEL

And Evgeniy Polyakov (the POHMELFS dev) sounds like a russian name. I guess he knows.

in soviet russia file systems name hangovers after you

DRM for Trolls

[chill]

The Direct Rendering Manager (DRM) is a component of the Direct Rendering Infrastructure, a system to provide efficient video acceleration (especially 3D rendering) on Unix-like operating systems, e.g. Linux, FreeBSD, NetBSD, and OpenBSD.

It consists of two in-kernel drivers (realized as kernel modules on Linux), a generic drm driver, and another which has specific support for the video hardware. This pair of drivers allows a userspace client direct access to the video hardware.

From WikiPedia.

Karma Whoring FTW!

Intel integrated graphics now work properly

[zevans]

If you're using 2.7.x Intel xorg drivers you NEED this kernel. Anyone struggling with weird freezes, font corruption, and various other troubles - turns out most of these problems weren't in the Intel drivers at all, but in the GEM and DRI code in the kernel. Mine's been rock solid since RC5 for stability, and RC8 finally fixed the problem with fonts under UXA.

Re:DRM support? In the kernel?

[fuzzyfuzzyfungus]

Just look at RMS vs. RMS. (One has to wonder if that was intentional...)

Thottle Capability

[kenp2002]

Still no support for SLA\95% throttling of processing power allocated to VMs.

Case in Point:

VM 1 : 80% Of processor utilization
VM 2 : 20% of processor utilization
          : Can borrow up to 20% of VM1's allocation
          : if unused.

The scheduler does great things don't get me wrong but when it comes to provisioning systems for various clients some want a garuntee on the level of processing power that is available at any time. This is true in test systems as well where yout Integration, Acceptance, and Performance virtual environments may share Bare Iron with some production VMs.

Now this is old hat easy with mainframes (MIP allocation\weights between LPARS\SYSPLEX) but with more and more focus on VMs and hosted VMs SLAs on processing power is becoming more of an issue.

Nice values are not enough when writing contracts... Great work Linux team but could we get some more granular control over VM provisioning with SLAs in mind? Yeah we can build user space systems to help manage VMs but kernel level provisioning and auditing is something we need with KVM. Gotta have the reports to show the customer you are meeting the agreeded upon SLAs.

And for my own personal use, I'd love to be able to throttle a dos 6.22 VM to 486 speeds so some of those ancient programs can be ran for historical purposes. (Without bombing the processor with dummy NOP and other MOSLO crap so we keep our power consumption down.)

Just some musings as Linux rolls along...

Re:Thottle Capability

[kenp2002]

In large enterprises no, your test environments are still "Production" machines, aka they are mission critical with the expected uptimes. The "test" part of it is what you are running in the system, not the maturity of the iron itself. When a test environment is down that is just as important as the side the consumer sees. The hardware, especially with modern VM infrastructure is all production class. The VMs which the whole point of VMs is to isolate an environment.

Bare Iron in virtual infrastructure is just a resource now in most enterprises. It has become a Fabric of sorts now with SAN, ISCSI, etc. Along with clustering and failover the model has changed drastically on how hardware and software are managed.

Virutal Machines have changed the data center and now VMs result in hardware pools and fabrics rather then discrete machines.

This is important for EOM\EOQ\EOY system activity.

By establishing high\med\low power fabrics VMs can be shifted as needed based on expected hardware resources.

During End of Month say at a bank you may transfer all of your test VMs to a low power fabric to allow production to capitalize all the power. As certain development phases come and go you may want to shift which fabric your VM is running on. This is also crucial for testing VM functionality in various LOCATIONs within the network fabric.

Example
Before we promote this code to production lets move the ACPT systems to HPERF Pool (where production always exists) to see if traffic is routed correctly (transforming the ACPT environment VMs effectively into a DRESS rehersal envionrment.)

For performance testing this may be necessary for mid-sized corporation that cannot afford to duplicate their high performance fabric. So we know that given the 3rd week of second quarter the activity on HIPERF1 is at 5% so we can move the ACPT environment to HIPERF1 and run a full load test and reserve the existing HIPERF1 applications 10% (so our load test can pin the system up to 90%).

That kind of provisioning is a pain in user space but soo damn useful. Same for facility relocation or hardware maintenance. Shutting down MEDPERF1 fabric for hardware maintenance? Shove 50% of the VMs onto HIPERF1 and 50% to LOWPERF1 until maintenance is complete.

The idea is that if you have a production ANYTHING in a VM then it is usually part of a cluster or pool. If a test VM, or any VM, is capable of bringing down the whole bare iron system then you wouldn't have VMs at all to being with. So if you do have PROD VMs then the risk of another VM dropping the system has already been defined as an acceptable risk.

This is what is driving the debate with cloud computing and why mainframes still are around. Some things you can virtualize with low risk, some things can live in the cloud, and for everything else there is a mainframe.

Re:Thottle Capability

[nightfire-unique]

Funny how things run in cycles, eh?

When I was growing up in the late 80s/early 90s I always dreamed of becoming an S/390 admin. I loved the concept of VMs and physical hardware abstraction. It just seemed so... perfect and elegant.

Throughout my career as a *nix admin (over the last 15 years) I've always pushed more and more VM isolation into my datacenters. It started with chroot() containers, then VMware 1.x instances for small lightweight systems, then user-mode-linux, and now ESX and VirtualBox. My clusters are as you describe - a fabric onto which I set hosts that my users need for whatever purpose. Slowly but surely I am becoming a mainframe admin, even if it isn't quite as I could have imagined 20 years ago.

Why another filesystem?!

[Psiren]

Can anyone explain to me why Linux has so many filesystems? Windows has had NTFS for years (admittedly, several versions, but never any compatibility issues that I've come across), and Linux has, what, 73 or something?! Is it really that hard to get it right?

Re:Why another filesystem?!

[fbjon]

This is something quite different and exciting: a log-structured file system, for storing your files on dead trees.

Re:Why another filesystem?!

[harryandthehenderson]

Can anyone explain to me why Linux has so many filesystems?

Because one filesystem isn't optimal for all cases? Because people want to experiment with new things? Why does it matter?

Windows has had NTFS for years (admittedly, several versions, but never any compatibility issues that I've come across), and Linux has, what, 73 or something?! Is it really that hard to get it right?

And Windows has had FAT12, FAT16, FAT32, NTFS, exFAT, VFAT, FFS2, DFS, EFS. Was it really that hard to get it right?

Re:Why another filesystem?!

[tick-tock-atona]

Can anyone explain to me why Windows has so many viruses? Linux has had no viruses for years (admittedly, several attempts, but never any in the wild that I've come across), and Windows has, what, 73 billion or something?! Is it really that hard to get it right?

Re:Why another filesystem?!

[ta+bu+shi+da+yu]

Uh... you just got modded as informative. Genius.

Re:Why another filesystem?!

[wolrahnaes]

It's the combination of a bit of NIH plus the freedom that Linux brings to a programmer. If you know enough C to not break things horribly and can operate Google, you can create a filesystem. There are also hundreds of proprietary filesystems from older hardware running other OSes, and Linux supports a number of those thanks to users of those older systems developing drivers for them.

I'd bet that the vast majority of filesystems supported by Linux are rarely if ever used, and when used they're operated in read-only mode to retrieve data from old disks.

There are still a number, probably in the low teens, of filesystems in active use on modern Linux systems. Those are typically chosen either for compatibility with other platforms (FAT and it's derivatives for example, no one sane would choose to use that when other options are available, but it's just so compatible that often other options don't exist) or for specific job requirements (at one point I ran XFS on my file server because it supported growing the FS while mounted and seemed to be the best choice at the time for a box primarily handling large files). So I guess after all that, yes, it is that hard to get it right because the definition of right varies. Some jobs might want a filesystem to just be incredibly fast with a certain type of data and possibly rely on a nice RAID controller for reliability and caching, others might want the filesystem to handle everything and allow the controller to be dumb. SSDs bring an entirely different set of needs to the table and a filesystem that was laid out to be fast on disk might have serious problems on some SSDs.

Re:Why another filesystem?!

[peppepz]

You forgot High Sierra, ISO9660, UDF.

And WinFS. Oh, wait...

Re:Why another filesystem?!

[morgan_greywolf]

Because one filesystem isn't optimal for all cases?

Exactly. You wouldn't use a journaling filesystem (ext3, JFS, XFS) on an SD card. In networked environments, some filesystems are optimized for general use (CIFS, NFS) while others are optimized for a clustered environment (GFS, VMFS), while others are optmized for a distributed environment (Andrew Filesystem, CODA Filesystem). Log-structured filesystems are a new technology that maximizes write throughput, something that is key to optimizing speed in write-heavy environments: this is as opposed to conventional filesystems which are optimized for randomly reading and writing files in-place.

You wouldn't necessarily want a log-structured filesystem in a database environment, for example, because the performance hit from incurring more seeks that are necessarily a part of a log-structured filesystem would be prohibitive for queries.

Re:Why another filesystem?!

Because one filesystem isn't optimal for all cases?

The thing is, Linux strives so hard for the "optimum" that, while doing so, they end up in mediocrity. That's because its programmers are so concerned with micro-optimizations and top speed that they lack the ability to design properly and make good abstractions.

Would it really be that hard to have ONE good fs that you could tune to different use cases? Probably not. But the average Linux coder sees that something isn't fast in case X and goes ahead redoing the entire wheel. And why? Because the thing he just looked at wasn't designed very well either and can't be adapted easily to different use scenarios. And why? Because it was done by a half-assed coder like himself. And so the circle closes.

Linux needs more people that can properly design software and make good abstractions - instead of narrow-minded code monkeys that can't see beyond their own crap that they are willing to completely rewrite in two revisions anyway because they lost the big picture.

Re:Why another filesystem?!

[Ephemeriis]

Can anyone explain to me why Linux has so many filesystems? Windows has had NTFS for years (admittedly, several versions, but never any compatibility issues that I've come across), and Linux has, what, 73 or something?! Is it really that hard to get it right?

First up, you've got some incorrect assumptions/information about Windows.

Windows has not had just NTFS for years. Windows has gone through several different flavors of FAT (FAT12, FAT16, FAT32, exFAT, VFAT).

As far as NTFS goes... You dismiss the various versions, but then you're counting revisions to the various filesystems in Linux. NTFS has gone through four or five major revisions. Microsoft doesn't really advertise those revisions... They just keep calling it NTFS. But those revisions have added features and fixed bugs and basically changed the way the filesystem operates. Those revisions are no more or less significant than the changes from EXT3 to EXT4.

Windows also offers a couple special-purpose filesystems... Like EFS and DFS...

Windows can also handle NFS shares.

You can also install support for other filesystems (EXT, HFS) in Windows.

So, ultimately, Windows has at least 15ish filesystems going on... And that's just right off the top of my head, without doing any research at all.

Now, as for why Linux has so many different filesystems available, it's simply because no single filesystem is perfect for everything. One filesystem might be good if you've got tons of tiny files... Another filesystem might be better if you've got tons of huge files... Another filesystem might be better if you need extensive journaling and reliability... Another filesystem might be better if you just need raw speed...

Re:Why another filesystem?!

[mcgrew]

Must... not... feed... Ah, screw it.

There are a lot of reasons why windows has so many viruses. The one touted by Windows fans is that 90% of PCs have Windows, making it a fat target. Of course, this discounts the fact that Apple sells millions of computers every year, which should make it a fat target, too, but I don't see any Apple viruses either.

But the 90% seems to me to be the reason, but a different reason - Microsoft has no incentive to "get it right". As long as they can get their OS preinstalled on all the Dells and HPs and etc, and aren't losing revenue by writing a secure OS, why bother? After all, their only aim, unlike Linux's aim, is to make money, like every other corporation. You don't start a corporation to better the world, you start a corporation to make money. period. Apple makes their PCs secure because they have to - they don't own the market likd MS does.

And the 90% also means that Windows users are, on the whole, less tech-savvy, making not only the OS but its users easy targets. A non-tech savvy user will install a trojan where someone who knows better will think twice. A tech savvy user will have a password like Xc4-99_Zza?R2D2, while most Windows users will use something like 1234.

Windows almost requires its users to run as admin (remember, Microsoft has no incentive to do it differently) while better written OSes don't need this. No other OS has anything as stupidly dangerous as Active-X.

There are many, many more reasons. These are just a few that popped into the top of my head.

Re:Why another filesystem?!

[TheRaven64]

Log-structured filesystems are a new technology

Haha! This is the kind of wonderful comment I see a lot from Linux users. The first operating system to ship with a log-structured filesystem was the Sprite kernel in 1990. It was rewritten for 4.4BSD, which was released in 1995. Then, 15 years later, suddenly Linux developers hear about it and it's a brand new technology.

Linux is not the whole world. Most of the 'new' technologies in Linux appeared in other UNIX-like systems first, and many of the implementations in Linux are inferior to the originals (although some are better).

Re:Why another filesystem?!

[pjr.cc]

Personally, i always get quite excited when i hear about a new fs in the linux kernel. everyone of them is unique and inventive and does serve a purpose. I always wanted to write a tag based file system (and ended up implementing one in fuse once i realised i didnt care about how the data actually got onto the disk), the idea was to get rid of directory structures as we know them (i personally think they are a crap way of storing data, but oh well). I never got it finished but it was going to work like file x.zip has the tags a, b and c. So its accessible a variety of ways (/a/x.zip, /b/x.zip, /a/b/c/x.zip or /b/c/a/x.zip), and you could just move it to change its tags (i.e. mv /a/b/c/x.zip /d/x.zip to remove the a, b and c tags and replace them with d, or cd /c; mv x.zip ../d would remove the "c" tag and replace it with "d"). Back when i first thought of the notion i personally think it was quite unique, but its not without its drawbacks (think backup or any kind of filesystem scraping tool).

But lets put some things in perspective first. Sure windows has NTFS, but its not the only one (as has been pointed out numerous times) - i didnt see anyone list vxfs (veritas), but there are probably as many for windows fs's that aren't part of windows (xfs for eg is available for windows - commercially). The other thing is that its always been called NTFS but its gotten quite a few variants (much like solaris and UFS), so your layman only ever see's "NTFS" and "FAT".

So does it matter? the reality is that 99.999% of people only know ntfs and fat for windows, the same goes for linux really, 99.999% of people are using ext2/3 (now 4) plus FAT. In the windows world they would all have just been called "Ext" and you wouldn't have known that windows NT used ext2 while XP used ext3 and vista used ext4. Linux hasn't chosen to do it that way and for good reasons.

But you should also define "right". Show me a filesystem like ext3cow (essentially a compliance file system) for windows, they do exist, they're not NTFS, you've just never heard of them cause you dont need them, and you've probably not heard of ext3cow either for that matter. The truth is that 99% of people just need ext2/3/4 for hard disks, will use fat for flash and wont care which one they get so long as it stores files. Which again, is exactly like windows, 99% of people know only NTFS for hard disks, fat for removable storage and dont need (or want) to know about the rest - but they do exist and we haven't even mentioned things like win CE, XP embedded, etc.

You will get the occasional lunatic (i say that in a loving way) that'll do something like reiserfs or xfs, but thats your getting-a-bit-hardcore linux type.

One other thing worth pointing out is that part of the reason there are few FS's you've heard of for windows is cause its a nightmare to code them (or was, may not be true anymore). I tried to do one for around the time XP/2003 were available, and it had about 12 different ways of doing exactly the same thing in the driver that you had to implement (i.e. "get the list of files in this directory" had to be implemented 6 different ways for backward compatibility, that was painful). Probably a good reason why any third-party commercial FS's for windows costs a minor fortune.

Re:Why another filesystem?!

[leoc]

Can anyone explain to me why Ford has so many kinds of cars? Tesla has had a 2 seat roadster for years (admittedly, several versions, but never any compatibility issues that I've come across), and Ford has, what, 73 or something?! Is it really that hard to get it right?

Re:Why another filesystem?!

[EvilNTUser]

You just wait. In another ten years, Apple will have invented it!

Re:Why another filesystem?!

[profplump]

Did you miss the abstraction layer linux already has for file systems -- VFS? The layer that lets all file-related system calls like be unified among all file systems, so that a file system is only responsible for actually talking to the disk? The same sort of system used by BSD and Windows? Doesn't that essentially make new file systems as minimal as possible while still allowing "tuning"?

Re:Why another filesystem?!

[dotgain]

1. 10 MS workers get to work. Project not necessarily completed on time, might even be mediocre. But those 10 workers know who's paying their bills, and get their heads down. One of them falls out with the rest of his team, and gets replaced immediately.
2. Day 1. Entire Linux team forks, unable to agree on the name. Half of them want to call it "GIND Is Not a Dam", the other half think it should be called "xkjrtl" and install to /opt/bin. Now two teams of 5e6 workers each.
   Day 3. One member expressed his distaste at the brown colour of the bricks they had to use. x teams of 10e6/x
   Day 480. 10e6 bricks lie at various positions on the riverbed, all with their own SourceForge page.

No, I'm no MS fanboy. I just dumped Linux after 14 years for an Apple. It's not perfect, but OSX seems to waste the least of my time.

Re:Why another filesystem?!

[Atriqus]

Considering it's called a New Implementation of a Log File System, perhaps the people who think that this is a new concept aren't exactly the cream-of-the-crop of the userbase. Every group has that guy who'll say uninformed stuff; it's not exactly something worth getting a complex over.

Re:Why another filesystem?!

[Cyberax]

http://www.rsdn.ru/forum/philosophy/1710544.1.aspx - sorry, it's in Russian. You can download benchmark here: http://www.rsdn.ru/File/37054/benchmark.zip Basically, it creates, stat()s and deletes lots of files. As you can see, performance in Windows is quite poor.

I have several more microbenchmarks and _all_ of them work faster on Linux. As a not-very-micro-benchmark: git works way faster on Linux.

And it's not the problem of NTFS itself, because ntfs-3g on my computer _still_ works faster for a lot of operations than the native NTFS in Windows!

Re:Why another filesystem?!

[ejasons]

The reason why you have so much Windows malware and so little for Mac (aside of the smaller target) is simply the same why you get more Windows software and fewer Mac software (at least in areas where core system knowledge is required, as is for malware): Fewer programmers who know the inner workings of the OS.

This doesn't explain why MacOS8/9, which had much less penetration, had (relatively) quite a large number of viruses. No, I don't have an explanation...

Re:DRM support? In the kernel?

[harryandthehenderson]

Direct Rendering Manager

Trusted Computing Slithered In?

[Bob9113]

Integrity Management Architecture

Contributor: IBM

Recommended LWN article: http://lwn.net/Articles/227937/

The Trusted Computing Group(TCG) runtime Integrity Measurement Architecture(IMA) maintains a list of hash values of executables and other sensitive system files, as they are read or executed. If an attacker manages to change the contents of an important system file being measured, we can tell. If your system has a TPM chip, then IMA also maintains an aggregate integrity value over this list inside the TPM hardware, so that the TPM can prove to a third party whether or not critical system files have been modified.

From the recommended article, the key dilemma:

There are clear advantages to a structure like this. A Linux-based teller machine, say, or a voting machine could ensure that it has not been compromised and prove its integrity to the network. Administrators in charge of web servers can use the integrity code in similar ways. In general, integrity management can be a powerful tool for people who want to be sure that the systems they own (or manage) have not be reconfigured into spam servers when they weren't looking.

The other side of this coin is that integrity management can be a powerful tool for those who wish to maintain control over systems they do not own. Should it be merged, the kernel will come with the tools needed to create a locked-down system out of the box. As these modules get closer to mainline confusion, we may begin to see more people getting worried about them. Quite a few kernel developers may oppose license terms intended to prevent "tivoization," but that doesn't mean they want to actively support that sort of use of their software. Certainly it would be harder to argue against the shipping of locked-down, Linux-based gadgets when the kernel, itself, provides the lockdown tools.

OK, maybe this is overdramatic, but trading freedom from third-party oversight through trusted computing for the security of first-party oversight through trusted computing seems a little like:

"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." - Benjamin Franklin

But I can see both sides. Pondering... what are your thoughts?

Re:Trusted Computing Slithered In?

[Alsee]

don't worry, if you have the source code, you have the power to remove the DRM. Freedom, yeah, baby.

Unfortunately, incorrect. I'm a programmer and I have studied the Trusted Computing technical specifications in depth.

One of the central points of Trusted Computing is exactly to defeat that. Trusted Computing in fact manages to make the source code substantially useless. Under Trusted Computing you an "remove the DRM" lines of code from the source, but all that does is leave you with unreadable files and an effectively non-functioning software.

The key you need to unlock the files does not exist in the source code, the key does not exist in the executable. The key you need for successful internet communication does not exist in the source code, the key does not exist in the executable.

I'm going to oversimplify here, but essentially the key you need is locked inside the Trusted Platform Module chip. The chip will only supply that key to the exact unmodified executable. If you alter so much as a single line of code, the chip hands over a completely different effectively random key to you. A useless random garbage key. Your modified program cannot read the files you want it to read, and the internet connections you want will fail to open. If you modify so much as a single bit of source - if you modify so much as a single bit of the executable - the software no longer works. The source code is largely useless.

In general it's impossible to crack Trusted Computing in software. There's a chance you might find an exploitable bug defeat DRM in some particular program, but it would only apply to that one program, and they have ways to actually FORCE down patches on everyone to fix that bug (the program will refuse to run at all until you accept the patch, and you could even be any access until you apply operating system patches). The Trusted Computing scheme itself is pretty well immune to software crackage. To beat the Trusted Computing system you need to physically crack the chip on your motherboard. With current deigns you might be able to get away with hacking into the wiring on your motherboard, but once they move the Trust chip inside the CPU you need to physically rip open your Trust chip and read out your key locked in the silicon. And even that is a limited victory. Every computer or other Trusted device has its own unique key. You need to crack them open and physically read out the keys from the devices one by one. If you want four Trust-unlocked computers you pretty well need to physically rip open four microchips and read out four keys. You can't put a key to multiple-use because they will spot that multiple use and revoke that key. Any DRM files you unlocked with that key obviously still have their DRM removed, but that revoked key becomes useless for unlocking any more DRM files, and it no longer enables you to open Trusted internet connections. And even when you do physically crack systems one by one, you still have to be ultra careful that they do not detect that you system is Trust-cracked. If any of your internet connections or any of your software in any way leak the fact that you have cracked your system, in any way leak the fact that you can do things that you're not supposed to be able to do, again, your key gets revoked. That key becomes useless, it can no longer unlock any additional files all attempted Trust-related internet connections will be denied. If they detect that you managed to read your key, if they detect that you managed to regain full control of your computer and override the Trust locks, then they revoke that key and you then need to go out and pay for new physical hardware with a new key locked inside, and you need to physically rip open that chip and read out a new key. Each time they detect that you cracked your computer, they revoke the key and you pretty much need to buy a new computer over and over and over again.

I have simplified and glossed over a huge number of issues. If you have any questions or you want a technical level explanatio

Re:Trusted Computing Slithered In?

[Alsee]

don't buy it if it's using the TPM hardware

While I agree with that for moral and philosophical reasons, the fact is that from a strictly practical or functional view, that is essentially incorrect.

Trusted Computing is incredibly insidious. It is essentially the old Microsoft "Embrace, Extend, and Exterminate" tactic. he way Trusted Computing is designed there is absolutely no practical or functional reason NOT to buy a computer with a TPM in it. That's the "Embrace" part. A TPM computer can do everything and anything a normal computer can do. Think of it like speakers - there is absolutely no reason NOT to buy a computer that has built in speakers. If the price is cheaper, or if it's all the store carries, you might as wall accept the computer-with-speakers, take it home, and simple never turn the speakers on.

Their plan is to ship TPMs as standard hardware on all motherboards. If you go in and buy a new PC, you may as well buy the TPM computer, take it home, use it just like a normal computer, and just never "turn on" the TPM chip. It's incredibly insidious... there's no actual reason to reject a TPM computer, so they can just make it standard on all PCs and in just a few years everyone will have a TPM-equipped computer by default.

A TPM computer is a normal computer "plus more", it is a normal computer "plus" it has the option of the new TPM mode. The TPM computer can run all your old programs and read all your old files, "plus" it can enter TPM mode and run the new Trusted programs and it can read the new Trusted files and it can access the new Trusted websites.

If you have an old computer, or if you have a new TPM computer and refuse to use the TPM, then none of the new Trusted stuff works. You can't run the new Trusted software, you can't use any of the new Trusted files, you can't view any of the Trusted websites.

If you buy a TPM computer you have a choice - you can "opt in" and "voluntarily" put on a pair of handcuffs and activate the TPM chip - in which case everything works, all the old stuff works and all the new stuff works. Or you can refuse to turn on the TPM chip and you get screwed, the old stuff still works but none of the new stuff works.

If you by a computer without a TPM chip then you have no choice, you just plain get screwed. he old stuff still works, but you get locked out of all the new stuff.

The really evil part is Trusted Network Connect (TNC). TNC is currently targeted for businesses for securing their internal networks, but in a number of years - maybe a decade or so - it might be used by ISPs. In fact government officials have already called on ISPs to implement something like TNC in order to "secure the National Information Infrastructure against terrorist attack". What does TNC do? It checks the "health" of your computer to make sure that it's not infected by viruses or trojans, and that your operating system is has the latest patches to secure your computer against infection. Because your ISP doesn't want you connecting to their network and spewing virus infections to others. They are protecting their network and they are protecting you. Gee, isn't that good? Gee, isn't TNC a swell thing?

Oh, did I forget to mention.... the way TNC works is that it uses Trusted Computing to do that "health check" on your computer. If your computer doesn't have a TPM then you can't preform the health check. If you computer does have a TPM but you refuse to turn it on, then you can't preform the health check. If you can't or wont do the TPM health check then you can't PASS the health check. And what do you think happens if you don't pass that health check? Well your computer might be infected or be vulnerable to infection. And of course they can't allow an infected machine (or a vulnerable machine) onto their network. So what happens is that TNC "quarantines" your computer. It denies you any internet access until you "fix" your "problem" and pass the TPM health check.

If you reject the TPM you may eventually get effectivel

Re:Trusted Computing Slithered In?

[Alsee]

Will there come a day when all computers will ship with TPM?

Members of the Trusted Computing Computing Group have explicitly stated the intention for all motherboards to come with a TPM as standard hardware. An explicit design goal was to keep the chip low-processing-power and simple and small enough to be a sub-$5 item mounted on all motherboards and in all cellphones and included in all digital TVs and in all iPod-type media devices. A lot of work went into minimizing the chip horsepower requirements and components, exactly so it could be "ubiquitous" in any networked device or any small electronic device that might come in contact with copyrighted content.

-

Yes to NFS local caching!

[GnuPooh]

I found the kernel thread where the original author of the FS-Cache patches, David Howell, makes it clear that on a quiet network with a quite fast server metadata will take longer from the cache. However, at my work we have very busy large NFS servers connected over the building network which is very busy. When you try to read a large file repeatedly in the middle of the day the traditional NFS caching just doesn't work if the time between reads is more than about 5 minutes. I've resorted to manually copying my datasets to /usr/tmp on the local disk and seen huge performance improvements. (this has other serious issues, like getting confused about which copy you just modified and migrating any changes back to the official NFS copy.) I know this feature makes sense for me and others in similar environments. The problem of course is: (1) it will be years before it makes it into RHEL and (2) it won't be turned on by default, (3) my system admins are weary to trying anything kernel-related that's not stock RHEL. However, if I can show them an order of magnitude improvement in speed, which I think this will do, they might think twice.

Re:Yes to NFS local caching!

[TooMuchToDo]

Have you looked at pnfs for performance reasons? We use it with upwards of 300TB of spinning media and 17PB of tape, and it works like a champ.

Nice, But...

[maz2331]

If you want a mainframe, maybe calling IBM and ordering one is a better way to go?

Re:Nice, But...

[ta+bu+shi+da+yu]

I know :-) I both strengthened your point and explained the issue to maz2331, who seems to have missed the point entirely.

Some Great Work...But "rt2500 Realtek Drivers"

[mrpacmanjel]

Have wireless "issues" been fixed with this release.

I have a laptop with generic realtek rt2500 wifi hardware.
For many kernel releases I have to compile seperate drivers (Legacy serialmonkey) because the "stock" drivers are woefully unstable.
I either lose my connection, painfully slow( have tried the "rate 54" fix) or I cannot reconnect to my network at all.

I don't mind compiling seperate drivers (a huge benefit of open source stuff & Linux) but I am concerned how long I will be able to do this (E.g. something changes in the kernel makes the "external" driver break - in fact actual development of the legacy drivers has ceased - http://rt2x00.serialmonkey.com/wiki/index.php/Main_Page)?

I know I should not be moaning about this but this issue has been around for ages and seems to affect a lot of hardware.

This is my only niggle with Linux and I am grateful for everything. Computing become much more interesting and fun again.

Huge thanks to Linus and the kernel developers.

Re:Some Great Work...But "rt2500 Realtek Drivers"

[CAIMLAS]

That's not the half of it. The kernel devs appear to break things - intentionally - and leave them that way.

Case in point, PCMCIA was/is supposedly being rewritten. It broke around kernel 2.6.27 for me (I think) on several systems with ricoh integrated chipsets: I'm unable to use my cardbus or CF slot unless I boot with the device in the slot (and not remove it). Supposedly (according to mailing list info I found) this is due to a 'rewrite' of the pcmcia architecture code. I guess they didn't want to leave it well enough alone until they got it right.

Likewise, I have a USB card reader (recognized as "Bus 002 Device 002: ID 0bda:0151 Realtek Semiconductor Corp. Mass Stroage Device") which does not work with the current Ubuntu 9.04 stock kernel. It's recognized, but no devices plugged in work. It worked under 8.10 just fine.

Maybe it's Ubuntu breaking things, but since it appears to be a cross-distro problem (in both cases), I'm betting it's just the kernel devs doing "business as usual" and "letting the distros sort it out".

Ralink Driver Clarification

[Vu1turEMaN]

When they say "Support for rt3070 driver for recent RaLink Wi-Fi chipsets", they really mean support for RT2870, RT2770, RT307X, RT3572 chipsets (they're all the same, with just features enabled or disabled, or signal strength improved between them).

This was the one last thing for me to fully switch over to linux. Netgear and alot of other Wireless-N USB adapters use these chipsets, and they are the best around.

Previously, the method of installing this driver was the largest pain in the ass I've ever had to go through as a linux noob (http://ubuntuforums.org/showthread.php?t=960642) and I'm so very very glad to see that this chipset is now supported.

The reason it was so hard is that the normal controlling app for the USB device has many advanced features you normally don't see on a wireless adapter (act as a router, full cisco network compatibility, etc etc).

Re:LINUX IS SHIT

[morgan_greywolf]

In Windows, something like this Just Works(tm).

Not always. I had a USB WiFi adapter that I attempted to install on a Windows laptop and after several attempts at uninstalling and reinstalling the driver, I took it back to the store and got a different model. Probably that WiFi adapter just sucked, but still, just because something "Just Works(tm)" for one OS and one piece of hardware doesn't mean that is always the case.

NILFS2 is better than MILFS2

[Dystopian+Rebel]

NILFS2 is the successor to MILFS2, which was based on the "Mother" specification.

NILFS2 is based on the "Nanny" specification, which means it is younger, firmer, *and* keeps the child nodes quiet when you are not actively updating its data.

Re:So when's KMS going to happen?

[peppepz]

No kernel modelsetting in 2.6.30 for anything but Intel chips.

There is some work in progress for ATI chips, but nothing in the mainline kernel.

In the meantime you can use uvesafb in the current kernel to get a framebuffer console if you like it. But you will get a bad vt switching experience.

Re:2.8.x kernel soon?

[Hatta]

They should just drop the 2.8. prefix. Linux 30 sounds much cooler than 2.8.30, and man it's got to be light years ahead of Windows 7!

Re:2.8.x kernel soon?

[Keruo]

There's clear roadmap posted here describing features and implications of version numbers.

Re:Features

[oracleofbargth]

Don't speak too hastily. http://www.chris-crockett.com/blog/wpg2?g2_view=keyalbum.KeywordAlbum&g2_keyword=chainmail+bikini&g2_itemId=1910

Re:Sad, but true:

[mcgrew]

Actually, you COULD use Linux as an OS for a British cigarette vending machine, in which case it WOULD be for fags!

Just get your shit together or give up

If Linux is ever going to make it on the desktop, developers are going to need to get their shit together and: make webcams work (they don't in the majority of cases at the moment); stop regressions in graphics drivers; get other hardware working, e.g. iPods; make dual-screen work without spending 20 minutes fucking around (see Lunduke's presentation); get GNOME on to QT and develop a decent HIG (sorry, the current GNOME HIG is an excuse to put off doing anything about bugs, see Apple's for how this should be done); finally pick one -- namely .deb -- package format and stick to it; so developers aren't put-off by the idea of spending days creating packages for different platforms.

I'm sure some smug twat will pop-up and say how they don't care about Linux on the desktop, my answer is: why are you bothering to reply, if you don't care? There are obviously loads of people who do care, just look around at all the advocates. They told me Linux is ready for the desktop, and I tried it, only to find everything's slower, my iPod didn't work, then upgrading hosed my sound and video!

If you're thinking of advocating Linux to someone: stop! Go and do some work on getting drivers working instead, your time won't be wasted and you won't lose any friends.

Re:Just get your shit together or give up

[dotgain]

• He's not trolling, he's moderated troll. He's talking about touchy subjects.
• Tarballs have no inherent way of specifying package dependencies. Basically, a tarball is /just/ a tarball. Why .deb's? Well, they're prevalent, and seem to have worked well. There's a wealth of utilities for working with them. They're not the only choice, but they wouldn't be a bad one.
• Yes, that's what he meant. I don't know if I entirely agree, but I see what he's getting at for sure. While GTK is indeed horrible, getting Gnome on QT just is not going to happen. Gnome will die first.
• Exactly, as long as it's a hobby OS, it's always going to look and feel like one. That's what's really giving the commercial OS's the edge here. Bosses. Deadlines. Sackings. All alien to FOSS. Where on one hand you've got a leader taking responsibility for the direction of his team and project, on the other you get faction-ism, infighting and ultimately, forks (which the FOSS crowd talk about like it's a good thing).

I was explaining to my sister the other day that Linux is not one OS, but available though any of thousands of distributions. Yes, thousands. How did there come to be so many? I explained it with an alalogy to the 'parallel universe'. For every single yes/no left/right up/down design consideration, every single distribution forks into exactly two, and goes on to the next design consideration. The process will continue until every single person including Steve Ballmer is running their own distro, and society as we know it will end with each person slicing himself in two while arguing over which suicidal filesystem to use as the default.

Re:2.8.x kernel soon?

[SiChemist]

I loved the last item in the roadmap:

- 2.6.<odd>: still a stable kernel, but accept bigger changes leading up
      to it (timeframe: a month or two).
  - 2.<odd>.x: aim for big changes that may destabilize the kernel for
      several releases (timeframe: a year or two)
  - <odd>.x.x: Linus went crazy, broke absolutely _everything_, and rewrote
      the kernel to be a microkernel using a special message-passing version
      of Visual Basic. (timeframe: "we expect that he will be released from
      the mental institution in a decade or two").

Performance?

[omuls+are+tasty]

Intel's integrated graphics performance has been pretty progressively worse ever since switching from XAA, and rather abysmal ever since Xorg 1.5. Since then every release of X/mesa/xf86-video-intel made it even worse. Hopefully this release brings the entire GEM/UXA/KMS/whatever stack to a usable state. All this on a 945GM.

What's your experience with it so far? I'll try it out myself in a few days, but I'm eager to hear the results...

Re:Performance?

[zevans]

GEM/UXA/KMS/whatever stack is now GEM/UXA/KMS without the "whatever" - the other options have been dropped out of the code tree for the drivers 2.7.99 and onwards.

The kernel support for these now works properly in 2.6.30 for the first time, but that's only necessary, not sufficient!

At the time of writing the nightly(ish) version from xorg-edgers of the driver blows up on 3D apps, so I'm still on 2.7.1 with some ubuntu patches (that have been pushed upstream because they really did fix stuff). With RC8 of the kernel and xorg-1.6 or the edgers version 1.6.1.901.blahblahblah it's all been nicely stable on UXA for last few days and quite snappy in 2D. UXA is still half the speed of EXA for 3D, even simple stuff like ppracer. Maybe 2.7.99 will fix that soon.

ext4?

[Zancarius]

Where'd my wife and the extra seat from my car go?

With Reiser in jail, the only thing you have left is to blame ext4. :)

Err, excuse me. The application developers.

Re:So when's KMS going to happen?

[PitaBred]

You can get the absolute latest info from the horse's mouth (AKA the ATI dev's that are working on the open source driver) at the Phoronix open-source AMD forums

Re:2.8.x kernel soon?

[OrangeTide]

waiting for linux 3.1415

It's too easy these days ...

[DrogMan]

Downloaded. Compiled. Installed and rebooted, and it's running on a little test "embedded" box I'm playing with. (Geode LX800) It's passed all my own tests, and that's that.

Like the new compression stuff. Compressed kernel under 1MB again - First time I've seen that for a while.

Now to try it on my Acer Aspire One...

Re:LINUX IS SHIT

[Synchis]

Interesting you'd bring up what "Just Works" in windows.

My wifi card in my home PC doesn't work in windows out of the box, and doesn't have a readily available XP driver. I had to hunt for a generic driver and jump through hoops to get it to work.

On the other hand, the same wifi card, in the same machine Just Works in Linux. No fuss, no command line, no configuration. Just enter my wep key when prompted.

In windows, my sound card doesn't work *AT ALL*. Can't find a driver. Not even from the mainboard mfg.

On the other hand, the same sound card, in the same machine Just Works in Linux.

Go figure... apparently my system is confused :P

Or maybe, its you that it confused. Linux now supports more hardware natively than any other operating system in existance. And thanks to projects like the Linux Driver Project, that develops drivers for hardware for companies *FOR FREE*, thats unlikely to change.

Don't get me wrong, I'm sure windows has a place in this world, but Windows should no longer be allowed to lead the market on the desktop. It's far too dangerous.

Re:2.8.x kernel soon?

[shutdown+-p+now]

... rewrote the kernel to be a microkernel using a special message-passing version of Visual Basic.

Oh, so that is what GNU/Hurd guys are up to these days!

Re:2.8.x kernel soon?

[eean]

Well they changed their whole development methodology that they don't have an unstable branch anymore and do feature releases about every 6 months. So kind of.

Re:LINUX IS SHIT

[hairyfeet]

That is because the way Windows loads USB drivers it pretty much is a new device to Windows. I have had this happen to customers in the past, here is what you do- But a cheapo USB extender, hell even a 1 foot one will work. Leave that plugged into a USB port in the back. Always plug your USB stick into that. Problem solved.

And to the Linux guys- yes you will occasionally come up with problems with Wifi in Windows, but that still doesn't let Linux off the hook. I can sell a new XP box and have a 95% assurance that anything they buy in Walmart/Staples/Best Buy will "just work" dropping my after sale support costs to zero. With Linux I'm looking at a 600% return rate because a good 85%+ of the items in the above stores will NOT work without research, and woe be unto you if you pick the wrong brand, like the Lexmark all in ones which are very very popular here. Expecting Sally home maker or Joe SMB to go trawling forums every time he or she wants to buy a new gadget is frankly ludicrous. That is why mine and every other shop in town is a Windows only shop. It isn't because we hate your OS, it is because the support costs for Linux will bankrupt us.

And PLEASE don't bring up bundling and support contracts. I would be insane to go bundling as the margins on those things like Wifi sticks and USB printers is just awful unless you are buying Walmart quantities, and nobody wants to buy support contracts, see how much hatred Best Buy gets from the public for trying to force those extended warranties down the customers throats. When I sell Linux here is what happens every single time. They look at Kubuntu box and go "Ooohh" and buy. They go to Walmart and buy some gadget on sale, gadget doesn't work so they bring the PC back to be "fixed" and when they find out it can NEVER be fixed, because frankly Linux support for home consumer class gadgets is frankly piss poor at best, then they want their money back and I'm stuck eating the cost between what it sold for new and what I have to sell it for now as a used item.

From a support and return standpoint it is simply cheaper to add in the cost of an $89 XP Home or a $139 XP Pro if they are an SMB customer. They are happy, I'm not looking at all the headaches, the research, and the 600% return rate, so I am happy. Until I can sell a box to my customer and have assurance that at least 80% of the items in the above stores will actually work in Linux the support and return nightmare simply makes Linux a losing proposition. If you are running server Linux is great. If you are willing to trawl forums before every single purchase then it will run fine. But that just cut a good 95% of the market out, including all my customers. Sorry, No Sale.

NILFS2

[Eil]

So I've been reading that NILFS is the dog bollocks when it comes to solid-state disks in terms of speed and longevity of the disk. However, what I'd like to know is whether any of the advantages will hold for regular old mechanical disks as well. If so, I'd love to try NILFS. Having a real honest-to-goodness versioning filesystem with instant snapshots on my file servers would be so great, I can hardly find the words to describe it.