Linux News Today features the latest news from the global Linux community. This site is updated daily. Click here to return to our homepage. Get the lowest cost and the best tech support on any Linux web hosting plan. Click here for details.
                                          home   |   news archives   |   advertise on our site   |   contact

Promote your company. Reach over 450,000 Linux software developers, Linux users, Web hosting companies, etc. Boost your sales and promote your brand. Read more, click here.

Plans begin at $24.95 a month. Get more details, click here.

Do it right this time. Click here and we will take good care of you!

Get all the details by clicking here!

Plans begin at $24.95 a month. Get more details, click here.

Promote your company. Reach over 450,000 Linux software developers, Linux users, Web hosting companies, etc. Boost your sales and promote your brand. Read more, click here.

Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.

Click here to order our special clearance dedicated servers.

Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.

Promote your company. Reach over 450,000 Linux software developers, Linux users, Web hosting companies, etc. Boost your sales and promote your brand. Read more, click here.

New code snippet fixes 10-year-old issue in the Linux kernel

Share on Twitter.

Get the most dependable SMTP service for your business. You wished you got it sooner!

September 29, 2015

A snippet of new code can give Linux servers a boost by addressing an unnoticed bug in a congestion control algorithm in the operating system's kernel.

The new code was provided by Google's transport networking team, with contributions from Jana Iyengar, Neal Cardwell and a few others.

It repairs an old bug in a set of routines called TCP CUBIC designed to address the slow response of TCP in long-distance networks, according to its creators.

Like any congestion control algorithm, TCP CUBIC makes network-level decisions based on traffic congestion reports.

If the network becomes very busy with sudden bursts of traffic, hosts are told to slow down.

As Mozilla developer Patrick McManus explains, the bug was simple-- TCP CUBIC interprets a lack of congestion reports as an opportunity to send data at a faster rate. That's it. Nothing more.

But of course, that condition could arise merely because the system hasn't been getting any congestion update reports in a while. That's something else, but nothing that can't be addressed.

What's supposed to happen in congestion control is that the operating system starts sending data slowly, increases its transmission rate until the network says 'that's enough', and then backs off a bit. The design is really simple but smart when you think of it.

The bug in TCP CUBIC fools the system into thinking it has a clear run at the network and should transmit at the maximum possible rate, crashing into other traffic, and ruining the performance and the efficiency of the system.

“The end result is that applications that toggle between transmitting lots of data and then laying quiescent for a bit before returning to high rates of sending will transmit way too fast when returning to the sending state,” McManus explained to us in an email.

However, that condition could be quite common, he notes. A server may have sent a short burst of data over HTTP containing a web form for someone to fill out, and go quiet waiting for a response, then assume there's no congestion, and burst out of the blocks at top-rate when it gets the user's response back.

“A far more dangerous class of triggers is likely to be the various HTTP based adaptive streaming media formats where a series of chunks of media are transferred over time on the same HTTP channel”, McManus asserted.

That's why a fix for that old flaw could be important. Linux is used in many media servers, and for the past ten years or more, an important slate of congestion control hasn't been working quite efficiently in some cases.

The code snippet forces the Linux kernel to act a little more intelligently after an idle period.

A more technical description is included with the bug fix. The code snippet is available on Google's website.

In other Linux and open source news

The open source router OpenWrt version 15.05 has hit the streets and the new release is now operational.

One highlight of the new iteration is an upgrade to Version 3.18 of the Linux kernel, and security has been beefed up with ed-25519 package signing support, and also support for jails and hardened builds as well.

But the big news is a fully writable filesystem with package management, according to the project's founders.

This, OpenWrt explains, offers users different options for the installation and the customisation of the upgraded routing system.

Instead of having to use a vendor's application and selection framework, OpenWrt can now be configured using developer-supplied applications, the group said.

“OpenWrt is a framework to build an application without having to build a complete firmware from the ground up”, the announcement says, while users get “full customization to use the device in ways never envisioned in the past”.

Of course, that almost sounds like a challenge to the FCC, which just a few weeks ago issued a proposed new rule-making that would demand Wi-Fi lock down on several systems.

The proposed regulation specifically proposes requiring Wi-Fi vendors to lock down their firmware and names OpenWrt as a potential issue.

As the rule states, router vendors selling new equipment in America would have to answer “What prevents third parties from loading non-US versions of the software/firmware on the device? Describe in detail how the device is protected from “flashing” and the installation of third-party firmware such as DD-WRT,” the new ruling states.

The FCC's overall concerns are that third-party firmware could allow end users to mess around with their wireless settings, and in careless or malicious hands, that could end up with a Wi-Fi router operating outside its radio spectrum certification.

With OpenWrt's new upgrade, its device support has now passed 950 products from 159 vendors, with new devices added from Marvell, Broadcom and Raspberry Pi.

In other Linux and open source news

The next Ubuntu: version 15.10, nicknamed Wily Werewolf, has begun to take shape but as before, the first beta code out of the gate doesn’t belong to the main desktop.

Rather, that honor belongs to the familiar list of Ubuntu fellow travellers – Kubuntu, Xubuntu, Ubuntu GNOME, Ubuntu MATE and Lubuntu.

As could be expected, the amount of new features varies on Kubuntu, which offers some major updates for the KDE platform that serves as its base, to Lubuntu, which consists primarily of a few bug fixes here and there.

The biggest news right now is that Kubuntu 15.10 uses the hot-off-the-presses KDE Plasma 5.4 desktop. Plasma 5.4 is a huge update for KDE, bringing everything from preliminary Wayland support to smaller, but more noticeable changes like a nice new set of Plasma Widgets and improvements to K-Runner, the revamped, extendible launcher in Plasma 5.

The KDE team has also been finishing up work on the new flat look of Plasma 5. In our initial review of KDE 5, we said it was a bit rough around the edges, with some missing icons and the fact that the search field in the Kickoff app launcher was hard to discover among a range of issues.

As of 5.4, all those elements have been fixed. There are some 1,400 new icons, all consistent with the brighter, flatter design aesthetic the characterises Plasma 5.

The other area that is much improved in this release is KDE's support for HiDPI screens. In previous Kubuntu releases, we had trouble getting the HiDPI support to work in virtual machines, but as of Kubuntu 15.10 that's no longer a problem.

The various features which KDE offers have also been improved. There's a new one for volume and a slick new network app that offers a nice graphical view of your network traffic.

It also now supports SSH connections via a plugin. The Wily Werewolf release of Ubuntu MATE ships with an interesting combination of MATE 1.8 and 1.10, depending on which component of the system you're talking about.

Somehow, it manages to do this without being too buggy, but it can make troubleshooting a little more time-consuming, since you first need to know which version of any problem component you've actually got.

But among Ubuntu's MATE 1.10 elements is Caja, the default file manager. It gains an extension tool for handling various plugins that means it's a lot easier to install and enable plugins since there's no need to restart.

There's also the much-improved multi-monitor support we covered in our Mint 17.2 review a while back.

But there are plenty of MATE 1.8 elements still hanging around, nevertheless. Elements like the main panel, the power manager, applets and the icon theme all remain at their 1.8 versions.

However, Ubuntu MATE was the least stable of the betas we tested. In fact, it would never really run at all in a virtual machine and didn't fare any better on actual server hardware.

In other Linux and open source news

Yesterday, Debian said it has published over the weekend the second update to its Jessie stable release and the 9th update for its older Wheezy flavor.

Debian Jessie version 8.2 mainly adds corrections for security issues to the stable release, along with a few adjustments for serious problems, according to Debian's announcement of its new release.

So far, we have counted no less than 60 security fixes and 68 updated packages in the new release.

By our estimate, Wheezy 7.9, also revealed over the weekend, updated 60 packages and offers no less than 184 security patches.

Many of the bugs have already been addressed, so Debian advises that “Those who frequently install updates from won't have to update many packages and most patches are already included in this update.”

Upgrading to the new releases doesn't need much more than a quick bit of sudo action to get things humming again.

Overall, the Wheezy release is arguably more serious because Debian's releases policy states that “When a new stable version is released, the security team will usually cover the previous version for a year or so.”

The last Wheezy update came out in January of this year, a rather slower release cadence than Jessie which has had two updates since its April 2015 release.

The big new Wheezy update therefore represents one of the few remaining occasions on which Debian's volunteer developers will give the OS their full attention.

In other Linux and open source news

After seeing several years of a constant drop in popularity, the Debian GNU/Linux Project has nixed its support for the Sparc architecture, effective immediately.

"As Sparc isn't exactly the most 'alive' architecture anymore," Debian maintainer Joerg Jaspert wrote in a mailing list last week, "not in Debian 8.x jessie and unlikely to be in Debian 9 stretch, I am going to remove it from the master archive this weekend."

To be sure, Japsert has scrubbed the Sparc code from the Debian "unstable," "experimental," and "jesse-upgrades" source code trees for some time already, in addition to a couple of other trees that are used for internal support.

"The relevant parts of the distribution tree have been cleaned out already, removing the actual files from the pool hierarchy will happen using the usual automated stuff, so starting in about 1 day and then spread out a bit over the following archive-update runs," Jaspert wrote.

Before the code's removal, Debian could be built to run on Sun-4u (UltraSparc) and Sun-4v (Niagara processor) machines, using a 64-bit kernel with most userland applications running as 32-bit.

The decision puts lovers of aging Sun Microsystems hardware in a bit of a lurch, as Debian was one of the few remaining Linux distributions to still support the older Sparc architecture.

Red Hat dropped Sparc support in version 7 of distributions in 2000 – back in the days before it was calling it Red Hat Enterprise Linux.

For its part, Suse dropped support around 2002, and while Ubuntu had a Sparc version as recently as 2010, it hasn't been actively maintained since.

The Sparc code won't be removed from already-released versions of Debian however, so those versions should continue to power aging Sun servers, even as the code gathers dust.

Jaspert added that removing the old Sparc code "does not block it coming back as Sparc64," meaning only the newer Sparc processors would be supported.

For that to happen, someone would have to step up to maintain it, and there doesn't seem to be anyone who's interested for now.

In other Linux and open source news

Suse Linux has made a version of its enterprise Linux distribution available for hardware vendors who want to deliver products to markets based on 64-bit ARM processors, in a new expansion of its reseller program.

As a whole, Suse Linux Enterprise 12 now ships for the x86-64 platform, IBM's Power 8 and IBM System z architectures, and more could be joining the bandwagon soon.

Yesterday saw the arrival of a new version of the operating system for ARM's Arch64 architecture, albeit only for development and testing, for now anyway.

Suse engineering vice president Ralf Flaxa said in a statement-- "Suse's ARM partner program will provide ARM ecosystem partners access to Arch64-supported Suse Linux Enterprise 12 software and expertise, establishing relationships that will result in supported enterprise solutions on different hardware platforms to meet a variety of customer needs."

Suse's ARM partner program originally launched with seven members, including chipmakers AMD, Applied Micro and Cavium, along with server vendors Dell, HP and Supermicro.

It's a small group, but it's not as if vendors are stampeding into the ARM server market, as it's still relatively new.

Click here to order the best deal on a HP enterprise dedicated server and at a great price.

Of the chipmakers, only Applied Micro has ARM server chips in production in the form of X-Gene. Its products have popped up in low-volume server designs from HP and Mitac, albeit with limited sales success.

As for Cavium, it's been working with Gigabyte to get its ARM chips into actual servers, but it's not clear when we can expect them to hit the market.

Even Qualcomm has said it wants part of the action. Some of the problem has been that subtle differences in the various chip vendors' products have made it difficult for software developers to get their code running on everyone's hardware, something that partner programs like Suse's can help with.

Suse isn't the first to jump into the fray, though. Its rival Red Hat launched its own ARM partner program in June 2014.

In February of this year, Red Hat announced that it had signed up more than 35 participating organizations, and the list includes most of those who are working with Suse today.

In addition to making Suse Linux Enterprise available to its ARM partners, Suse said it has also integrated support for Arch 64 into its OpenSuse Build Service, which will allow the development community to build software against real 64-bit ARM hardware, even if they don't have direct access to any themselves.

But if you're anticipating big data centers switching from x86-64 to Arch64, our advice is to not hold your breath just yet. It might take more time. Stay tuned.

In other Linux and open source news

The Linux Foundation's Core Infrastructure Initiative has completed its first-pass survey of the Linux toolset, and is underscoring which OS tools are initially most at risk.

While there's still lots of attention on higher-profile packages like crypto tools, web servers and mail transfer agents, there's also quite a few packages that everyone uses and that nobody cares about such as compression and image libraries appearing high on the list of security vulnerabilities.

The foundation's Census Project has released the final version of a survey by David Wheeler and Samir Khakimov, from the Open Source Software Projects Needing Security Investments.

While Wheeler and Khakimov write that their work was somewhat constrained by time, and to this date concentrated mainly on tools associated with Debian, it's still worrying.

The list of most exposed packages is drawn from a range of metrics-– how much maintenance it actually receives, how popular it is, and how important it is: that is, can you live without it?

After their automated assessment of more than 350 projects, the pair then ran human eyeballs to identify what they believe to be the most exposed to security vulnerabilities in the Linux kernel.

While the list includes more than twenty utilities, some of which are highly exposed to internet risks (mail transfer agents, DHCP, BIND tools, SMTP and so on), the survey is measuring not the “level of bugginess” per se, but rather how much damage a bug could possibly do, and therefore how much TLC a particular tool or project needs to run smoothly.

So while OpenSSL and OpenSSH are rated as critically important, those two projects are already operating under the CII's wing.

But of course, that's not true of tools like the widespread Bzip2 compression tool, which hasn't changed at all in the past five years and doesn't operate a source code repository.

Likewise, reports that BIND 9 has a huge backlog of security issues is equally worrying. Additionally, 'wget' has a fair number of hacks.

Source: Google.

Get the most reliable SMTP service for your business. You wished you got it sooner!

All logos, trade marks or service marks on this website are the property of their respective companies or owners.

Article featured on Tech Blog and on Business 5.0

Get a best price and the most dependable server colocation reliability from the experts at Sun Hosting. Learn more. This article was featured on Tech Blog and Business 5.0.

Linux News is read by over 450,000 people involved in the field of Linux application development, professional Web hosting services, Linux security, Linux Web development, etc. Inquire about our reasonable advertising rates on our news website. One of our advertising representatives will be in touch with you. Simply email us to learn about our ad rates and how we can help drive relevant traffic to your website. Advertising space is limited.

  Site powered by Linux Hosting      Sponsored by Sun Hosting.      Linux news while they are still fresh.    ©   Linux is a registered trademark of Linus Torvalds.