Closed unicornx closed 4 years ago
unicornx
commented
4 years ago “在命令行窗口中看大片《星球大战》,太强了!”
今天看到一个非常有趣的网站,分享给大家,这个网站需要telnet登录 在命令行窗口输入:telnet Towel.blinkenlights.nl,然后星球大战就开始了, 首先出现的是 20 世纪福克斯的 Logo,有趣的是那光柱还是动态的。 美中不足的是,网速有时候比较慢,看的时候得耐心一点,如果你实在是等不及,可以直接去作者的网站上去看看: http://www.asciimation.co.nz/
unicornx
commented
4 years ago Wave Computing Closes Its MIPS Open Initiative with Immediate Effect, Zero Warning
Wave Computing has announced the immediate closure of the MIPS Open Initiative, a programme which provided royalty-free access to the MIPS architecture and cores based around it, less than a year after its launch.
继 2018 年底,收购 MIPS 公司的美国 AI 公司 Wave Computing 宣布其正式启动 MIPS Open 项目,完全开源 MIPS 架构后, 不到一年,近日又再次宣布从 2019 年 11 月 14 日开始,关闭 MIPS Open 项目,并立即生效。Wave 将不再提供 MIPS 的免费下载,包括 MIPS 架构、核心、工具、IDE、模拟器、FPGA 包和/或任何与之相关的软件代码或者计算机硬件。 虽然大家都感觉得到,与 RISC-V 和 OpenSPARC 等更加开放的竞争对手相比,MIPS Open 的动作过于缓慢,但 Wave Computing 突然决定无条件放弃开源的决定仍然让大家觉得过于意外,这也使得所有一直在从事 MIPS Open 项目相关工作的工作陷入困境。
unicornx
commented
4 years ago Generalizing address-space isolation
Linux systems have traditionally run with a single address space that is shared by user and kernel space. That changed with the advent of the Meltdown vulnerability, which forced the merging of kernel page-table isolation (KPTI) at the end of 2017. But, Mike Rapoport said during his 2019 Open Source Summit Europe talk, that may not be the end of the story for address-space isolation. There is a good case to be made for increasing the separation of address spaces, but implementing that may require some fundamental changes in how kernel memory management works.
一直以来 Linux 系统都是让用户和内核共享同一个地址空间。在 Meltdown 漏洞爆发之后,大家期望改变这种做法,因此在 2017 年底合入了 kernel page-table isolation (KPTI)。不过 Mike Rapoport 在2019 年欧洲开源峰会上提醒大家,不过这个方案性能表现不好,尤其是在用户空间和内核空间之间切换的时候。鉴于当时没有任何其他方案能解决 Meltdown 问题,因此 KPTI 的补丁还是被合入了。对很多人来说,这种接受有点勉强。社区中提出了多种地址空间隔离的机制,这些机制各不相同,但有一点是共同的。就是他们都希望能在现有内存中建立一块受限制的地址区间,然后只有满足某些具体执行上下文条件的时候才让这块空间可见。因此 Rapoport 希望能实现一套通用 kernel API 来供这些地址空间隔离机制使用。不过这会对内存子系统引入不少重要的改动。
unicornx
commented
4 years ago Emulated iopl() https://lwn.net/Articles/804143/
Operating systems and computing hardware both carry a lot of their history with them. The x86 I/O-port mechanism is one piece of that history; it is rarely used by hardware designed in the last 20 years, but it must still be supported. That doesn't mean that this support can't be cleaned up and improved, though, especially when the old implementation turns out to have some unpleasant properties. An example can be seen in the iopl() patch set from Thomas Gleixner.
在大多数体系架构上,I/O 都是按照 memory-mapped I/O(MMIO)方式来处理。但在 x86 早期,创建了一个独立的地址空间用来支持 65536 个 I/O 端口,需要使用特殊的指令来访问这些 I/O 端口。并且这些指令都是特权级别的。不过有时候的确需要在用户态操作外设。为了支持这个功能,x86 设计者就创建了两种独立的方式供非特权进程来访问 I/O 端口:一种是通过 iopl() 系统调用来修改 IOPL 寄存器允许普通的用户态进程访问 I/O 端口。另一种是利用存放在 TSS 里的标志位 bitmap 来控制对某个特定的端口的操作权限。如果对应某个端口的相应位是 0,那么该进程就可以访问这个端口。可以使用 ioperm() 系统调用来修改这个 bitmap。
但使用 iopl() 有一个小问题:提升进程的 I/O 权限级别的同时,也会允许该进程打开或者关闭中断。如果这个进程怀有恶意,譬如关掉中断然后做死循环就很容易地把 CPU 锁死。虽然最好的做法是完全废弃掉 iopl() 这个接口,但是考虑到不少应用程序依然依赖这个函数,所以还不能这么粗暴地拿掉这个功能。为此,Thomas Gleixner 提交了一个补丁,希望在保留该接口的前提下,在内部通过 bitmap 的方式替换掉其实现。经过社区的审查和改进后,这个改进有望被合入。
unicornx
commented
4 years ago Statistics from the 5.4 development cycle https://lwn.net/Articles/804119/
As of this writing, just over 14,000 non-merge changesets have found their way into the mainline repository for the 5.4 release; that is a bit less than we saw for 5.3, but more than most of the other recent kernels. The final 5.4 release is approaching, so it must be time for our usual look at where the code merged in this development cycle came from. It's mostly business as usual in the kernel community, modulo an appearance from none other than Hulk Robot.
截止 2019 年 11 月 7 日,已经有 14000 个 changeset 合入了 mainline 仓库,这些修改都会被包含在后续的 5.4 版本里。这个数字比起 5.3 的数量要少,不过比起其他近期的 kernel 版本来说补丁数量还是要多一些的。在最终的 5.4 版本发布之前,让我们再次看一下这个开发周期中合入的补丁统计信息吧:
5.4的贡献者中,我们识别出来的有234个公司、组织,其中最活跃的是:
其中650个来自华为的changeset已经是这个公司的新纪录了。Huawei在市场领域碰到了很明显的政治相关阻碍,不过一直没有停止在代码方面的贡献。
unicornx
commented
4 years ago https://kernelnewbies.org/Linux_5.4
Summary: This release includes the kernel lockdown mode, intended to strengthen the boundary between UID 0 and the kernel; virtio-fs, a high-performance virtio driver which allows a virtualized guest to mount a directory that has been exported on the host; fs-verity, for detecting file tampering, like dm-verity, but works on files rather than block devices; dm-clone, which allows live cloning of dm targets; two new madvise() flags for improved app memory management on Android, support for new Intel/AMD GPUs, support for the exfat file system and removing the experimental status of the EROFS file system; a new haltpoll cpuidle driver and governor that greatly improves performance for virtualized guests wanting to do guest-side polling in the idle loop; and blk-iocost, a I/O cgroup controller that attempts to calculate the cost of I/O more accurately. As always, there are many other new drivers and improvements.
Linus Torvalds 在内核开发者邮件列表上宣布释出 Linux 5.4。
主要新特性包括:
内核锁定模式, haltpoll CPU 调节器, iocost I/O 控制器, EROFS 文件系统, fs-verity 文件完整性机制, dm-clone 设备映射器对象, 新的随机数生成器, virtiofs 文件系统, 内核符号命名空间, 支持英特尔/AMD 新显卡, 等等
更多可浏览 kernelnewbies: http://kernelnewbies.org/Linux_5.4
unicornx
commented
4 years ago Google Unveils Mendel Linux 4.0 For Its Coral SBC, Based On Debian GNU/Linux 10
Google announced over the weekend the general availability of Mendel Linux 4.0 “Day,” the company’s in-house built, Debian-based GNU/Linux distribution for its Coral Dev Board and System-on-Module (SoM). Revealed earlier this year as a Raspberry Pi rival, Google’s Coral Dev Board single-board computer (SBC) and System-on-Module (SoM) just received a much-improved, more stable and up-to-date Mendel Linux OS, which is based on the latest Debian GNU/Linux 10 “Buster” operating system series and ships with Linux kernel 4.14 LTS, Python 3.7, and U-Boot 2017.03.3, as well as upgraded GStreamer, OpenCV, and OpenCL components.
谷歌在周末宣布了Mendel Linux 4.0“ Day”的全面上市,该公司内部开发的基于Debian的Gal / Linux发行版用于其Coral开发板和模块化系统(SoM)。 构建具备本地 AI 的物联网终端装置,并同时发表了五款硬件装置。
所谓「本地 AI ( local AI )」或称为「 On-device AI 」,是指不经过云端,而是在本地端装置(边缘装置)上进行 AI 处理, Coral 平台就提供了完整的本地 AI 工具,让开发者将想法从原型化为产品。它包括硬件模块、软件工具和内容,让开发者创建、训练和执行本地边缘装置神经网络。Coral 平台还同时支持 Google 今日推出正式版的人工智能框架 TensorFlow Lite 。
Google的Coral Dev Board单板计算机(SBC)和模块化系统(SoM)于今年早些时候作为Raspberry Pi的竞争对手推出,刚刚获得了经过改进,更稳定和最新的Mendel Linux OS。 它基于最新的Debian GNU / Linux 10“ Buster”操作系统系列,并随附Linux内核4.14 LTS,Python 3.7和U-Boot 2017.03.3,以及升级的GStreamer,OpenCV和OpenCL组件。
LWN.net Weekly Edition for November 7, 2019