Your argument is completely specious. Re-read that list. Assembly is a second language in the kernel already, and really it's multiple languages, one per supported ISA. Perl and Python scripts are used to generate data tables; there are multiple build-time languages. eBPF is evaluated at runtime; the kernel contains bytecode loaders, JIT compilers, and capability management for it. The kernel has already paid the initial cost of setting up a chimeric build process which evaluates many different languages at many different stages.
Martin's already in the list of maintainers for another subsystem; this is a territorial play by Hellwig. Any kernel developer would recognize this; you don't seem especially familiar with kernel social dynamics either! Also please fix your formatting if you're going to copy-and-paste rather than linking.
Whose arguments are you apologizing for? Read the thread backwards. Your claims about C and kernel policy were wrong, therefore @pressanykeynow@lemmy.world's point about multiple languages was right, therefore your main defense of Hellwig acting in good faith is unevidenced. So, are you still so ready to insist that Hellwig is arguing in good faith? Would you say that this thread has adequately discussed the technical details and is ready to return to the overarching political point?
I would recommend looking at English WP's style guide on weasel words. Rather than matching evidence and countering claims, you've set up a nest of strongly-held opinions with words like "basically", "personal experience", "I believe", "an opinion of course", "it isn't just me", and refused to actually directly engage with the evidence scrutinized. Given that it takes maybe five minutes to find even just one piece of assembly that has no justification for not being written in C, I think that it's fair to characterize your position as inconsistent with actual kernel-hacking practices at best.
It’s also relevant to note that, most likely, nobody here has the “kwalifikashuns” to discuss this topic. Not even programmers - because odds are that nobody here is in a position to change anything about it.
Literally any kernel hacker can change the kernel. This is the root of why you shouldn't be in the conversation; you aren't such a hacker, and you therefore imagine that none of us are, either. You're not skilled as a sealion either, for what it's worth.
Both of your technical claims are wrong. C isn't high-level assembly; on e.g. x86, it has no way to express SIMD, control I- and D-caches, or encode certain efficient instructions for which there is no corresponding idiom like Hamming weight (popcount). Also, the kernel does not have any sort of policy mandating a minimum of assembly, and there are definitely many spots where writing a compilation unit purely in assembly is done instead of using inline assembly to make the unit shorter and more readable.
I am not a programmer. … I’m a random with a chimp avatar. … It’s just that [Hellwig] prioritises consistency (for the sake of maintainability)…
Pick a side and stick to it. You seem very keen to endorse Hellwig's arguments despite not understanding them, and also to emit words on the topic despite not having a qualified opinion. It sounds like you want me to not take you seriously (so that I won't reply to you) and also take you seriously (so that you are counted as part of the programming public.)
I'm docking you again, this time for listening comprehension. Quoting Gaynor:
The common thread here is that for each of [six listed vulnerabilities exploited by nation-states against vulnerable minorities], the vulnerability that was executed … was only possible because of the victim's software being written in a memory-unsafe language. Put another way, if the relevant portions of these projects were written in a safe language, these vulnerabilities wouldn't have been possible.
That was early in the talk, around 6:30. Later, around 19:40, he says:
The Rust-for-Linux project is working to make it possible for people to write Linux kernel modules in Rust.
So, if you had watched Gaynor's presentation, you would understand that Rust-for-Linux is a significant and prominent part of a wider push by security professionals to improve the overall safety of common devices, like Android phones, that are in the pockets of millions of people already. And then you wouldn't be talking about respectability politics while apologizing for reactionaries who oppose that safety.
Your position is entirely reasonable and an excellent example of how ignoring technical details leads to failures of technical leadership. C is one of several languages notable for extreme lack of memory safety. Its lack of safety has been repeatedly quantified; I like to recommend Gaynor 2021 for a high-level introduction. Rust was introduced primarily to replace C (and a relative, C++) and improve the overall security of computing systems.
The "merits of the project Rust4Linux" are simple and obvious: as code is translated from C to Rust, its overall characteristics (readability, performance, low-level modeling of machine behavior) will remain, but overall memory safety will increase. Opposition to it is reactionary, not well-grounded in technical merits; most of Linux is not well-proven to be correct, only believed to be correct under typical operating conditions as estimated by several dozen experienced programmers, and any technical options for improving our confidence in its correctness should be considered.
Also, finally, I have to dock you for reading comprehension. Martin was quite clear: calling Rust a "cancer" -- a cute pun given Rust's crab mascot, or a dehumanizing slur, who knows -- was, to them, a violation of the Code. It is not difficult to read the Code and notice that, were it a slur, it would violate the prohibition on "insulting/derogatory comments, and personal or political attacks."
I've hacked kernel and I've listened to you; I don't really think that your comments address the actual needs of the kernel. Also, both Christoph and Hector are kernel maintainers already; anybody who wants their responsibilities is welcome to match their level of contribution.
Like @devtoi@feddit.nu I use plain-text accounting (PTA) to manage a few bank accounts, including small businesses. In my case, I'm using hledger. Every time I get a receipt, invoice, or statement, I type it into a text file. My bank gives me CSVs which are easy to import. Reports are done with a few commands; repeatable reports are done by saving commands to a shell script. hledger comes with builtin tools for monthly reports, BSE, currencies, pending invoices, closing/opening new years, and those are merely what I recall using recently.
As explained self-referentially in this Zeit article, photo and video of Musk's actions is not publishable without alterations in Germany because it violates anti-Nazi laws. By German standards, Musk is a Nazi.
Your opinion doesn't mean shit when you are this ill-read, this out-of-touch with politics, and this apologetic for an open fascist.
Open your mind a little; collective action has an impact but individual action may not. Paraphrasing Cloud Atlas, certainly an ocean is nothing more than a vast collection of raindrops, but each individual raindrop collectively acts as a body of water. This dissolves your false dilemma.
I might prototype a workflow with this tool, but I don't really have any problems that it would solve. Connectivity to my machines is established with overlay networks and isn't a problem; I'd rather read a Prometheus dashboard than connect to individual machines, and I'd rather sit back and know that everything is working within acceptable parameters and metrics than repeatedly probe parts of the system.
Some of the features feel like they can never be made secure; in particular, it's not clear how XPipe changes the threat model for attacks which start by compromising a single development environment, other than being a large obvious target. File transfer is another good example; every connection protocol either already has file transfer or it doesn't, and for two Internet-connected machines I can always fall back to Magic Wormhole. Similarly, while it's important to know how to get into a Kubernetes Pod, it's usually a security problem to have one-click SSH access to hundreds of them.
I'm telling you this mostly because of the open-core note. I genuinely cannot imagine recommending XPipe for purchase in any scenario, and I don't know how much that will change after prototyping a workflow. Shops that have needed tools for managing thousands of machines/sysadmin usually are willing to do the in-house development to build in-house tools. Over the past decade, GIFEE ("Google's infrastructure, for everybody else") has resulted in first Prometheus and now (I guess) OpenTelemetry making it possible to have good observability on tiny, small, and medium systems with a single observatory. It also shouldn't surprise you that I'm not going to recommend XPipe outside of a work context or encourage folks to contribute to it; there's no point in building a community around a closed project.
Yeah, writing your own squeeblerizer sucks, but there's no better option. GNU Scrimble can be used off-the-shelf as a passthrough, so the only real tasks are implementing Squeeb's algorithm and a sprongler; then, your entire pipeline is merely something like:
Edit: Whoops! Forgot to mention, GNU Scrimble also has Snorble support out-of-the-box, and Scrimble clients have content auto-negotiation, so your_squeeb can just take JSON on stdin. GNU Scrimble is really nice for this sort of thing, just...big.
And if you want to sprongle directly into a database or etc. then you can write your_sprongler to taste. Full disclosure: I have a fairly fast implementation of Squeeb's algorithm in rpypkgs. However, I'd really recommend writing your own; it's like twenty lines of code you can copy from Wikipedia and it'll give you a good basis for extending it with your own desired changes later.
You can read snorblite's code if you need to figure out a specific sprongling technique, but it's way easier to just go look up the original SprongCode from SprongReg. Use a search engine to get around the university's paywall. This gets you the SprongCode UUID and you don't have to read code written by a batshit fascist.
I expect you to have zero kernel commits to your name.