Vue lecture
The bpftop tool
bpftop provides a dynamic real-time view of running eBPF programs. It displays the average execution runtime, events per second, and estimated total CPU % for each program. This tool minimizes overhead by enabling performance statistics only while it is active.
[$] A look at Nix and Guix
Nix and Guix are a pair of unusual package managers based on the idea of declarative configurations. Their associated Linux distributions — NixOS and the Guix System — take the idea further by allowing users to define a single centralized configuration describing the state of the entire system. Both have been previously mentioned on LWN, but not covered extensively. They offer different takes on the central idea of treating packages like immutable values.
Security updates for Wednesday
The Open Collective Foundation is shutting down
Unfortunately, over the past year, we have learned that Open Collective Foundation's business model is not sustainable with the number of complex services we have offered and the fees we pay to the Open Collective Inc. tech platform.In late 2023, we made the decision to pause accepting new collectives in order to create space for us to address the issues. Unfortunately, it became clear that it would not be financially feasible to make the necessary corrections, and we determined that OCF is not viable.
Some more information can be found in the Dissolution FAQ. Note that the Open Collective Foundation is distinct from Open Source Collective, which has hastened to point out that it remains in operation as before, and both are distinct from the Open Collective platform.
[$] The KDE desktop gets an overhaul with Plasma 6
It's been nearly 10 years since KDE Plasma 5, which is the last major release of the desktop. On February 28 the project announced its "mega release" of KDE Plasma 6, KDE Frameworks 6, and KDE Gear 24.02 — all based on the Qt 6 development framework. This release focuses heavily on migrating to Wayland, and aspires to be a seamless upgrade for the user while improving performance, security, and support for newer hardware. For developers, a lot of work has gone into removing deprecated frameworks and decreasing dependencies to make it easier to write applications targeting KDE.
Tails 6.0 released
Tails 6.0 is now available. Based on Debian, Tails is a portable operating system designed to run from a USB stick and help users avoid surveillance and censorship. This release updates most Tails applications, and includes important security and usability improvements.
One major new feature in 6.0 is to provide warnings to users about
errors when reading or
writing to persistent storage. This release now ignores USB devices plugged in while the screen is locked, and removes some file and disk-wiping features from the Files application that are "not reliable enough
" on USB sticks and SSDs to continue offering to users.
Users of Tails prior to 6.0~rc1 will need to do a manual upgrade to retain persistent storage. New users can download Tails for USB, or as an ISO to create a DVD or run Tails in a virtual machine.
[$] LWN.net Weekly Edition for February 29, 2024
Security updates for Thursday
[$] A sandbox mode for the kernel
NVK is now ready for prime time (Collabora blog)
Back in october, I announced that NVK had reached Vulkan 1.0 conformance on Turing hardware. As of today NVK is now a conformant Vulkan 1.3 implementation on Turing (RTX 2000 and GTX 1600 series), Ampere (RTX 3000 series), and Ada (RTX 4000 series) GPUs. Not only have we jumped forward three Vulkan versions, but the new test runs were done with the GSP firmware enabled and includes Ampere and Ada GPUs. Also, unlike the initial 1.0 run, there are no hacks this time. Every test we passed in those conformance test runs also passes on upstream Mesa.
Security updates for Friday
Musl C library releases support for new architectures
On February 29, the musl project announced release 1.2.5, including support for loongarch64 and riscv32. This release also contains support for the statx(), preadv2(), and pwritev2() system calls.
[$] An alternate pattern-matching conditional for Elisp
Kernel prepatch 6.8-rc7
So we finally have a week where things have calmed down, and in fact 6.8-rc7 is smaller than usual at this point in time. So if that keeps up (but that's a fairly notable "if") I won't feel like I need to do an rc8 this release after all.So no guarantees, but assuming no bad surprises, we'll have the final 6.8 next weekend.
Security updates for Monday
[$] Making multiple interpreters available to Python code
It has long been possible to run multiple Python interpreters in the same process — via the C API, but not within the language itself. Eric Snow has been working to make this ability available in the language for many years. Now, Snow has published PEP 734 ("Multiple Interpreters in the Stdlib"), the latest work in his quest, and submitted it to the Python steering council for a decision. If the PEP is approved, users will have an additional option for writing performant parallel Python code.