Red Hat and IBM Leftovers
-
PR Web ☛ MEDIA ADVISORY: CIQ White Paper Quantifies Volume of Back-Ported Bugs in Stable Branches of Popular Linux Builds
CIQ, the company leading the next generation of software infrastructure for enterprises, has published a white paper titled, "Vendor Kernels, Bugs and Stability." The paper is intended to put numbers around an open secret in the Linux community, specifically, that vendor kernels are inherently insecure and that the current engineering process makes securing those kernels impossible. Instead, the paper advocates, consuming upstream stable kernels affords much greater protection from security vulnerabilities that are routinely back ported in error into vendor kernels.
-
LWN ☛ White paper: Vendor Kernels, Bugs and Stability
Ronnie Sahlberg, Jonathan Maple, and Jeremy Allison of CiQ have published a white paper looking at the security-relevant bug fixes applied (or not applied) to the RHEL 8.x kernel over time.
-
Vendor Kernels, Bugs and Stability
Linux vendor kernels are currently created by taking a frozen snapshot of a specific linux release associated with a git reference or git tag, and then back-porting selected fixes as the upstream git tree changes. Changes are selected to address specific bug fixes, and to a much lesser extent, new features may be added. This model was invented twenty-five years ago when out of tree device drivers were much more common, as many device vendors had not yet understood how important Linux support was going to be for their hardware.
The theory is that by carefully selecting changes to be back-ported, usually associated with security problems, the resulting kernel will be more stable and secure.
This paper analyzes this theory by examining the change rate and bug count of a selected vendor kernel - Red Hat Enterprise Linux (RHEL) 8.8, kernel version 4.18.0-477.27.1 and comparing this to upstream kernels published by kernel.org. Kernel version 4.18.0-477.27.1 is the version that Rocky Linux 8 is also based upon. In particular, we analyzed the kernel-4.18.0-477.27.1.el8_8.src.rpm source code RPM.
-
Network World ☛ Red Hat seeks to be the platform for enterprise AI
Red Hat went all-in on generative AI at its annual summit last week, offering a wide range of tools for operational and development teams to help them build and deploy generative AI systems. That includes tools for creating and managing a model garden, training and fine-tuning models, building applications, and deploying generative AI at scale in a hybrid architecture.
Red Hat did not release its own generative AI foundation model last week. Instead, it partnered with IBM to feature the Granite models as the default option in its tool sets and as the base for its Lightspeed products. But Red Hat had everything else. It delivered a version of Linux – Red Hat Enterprise Linux AI – optimized for AI, InstructLab for fine tuning models, and Podman AI Lab for building and testing AI-powered applications.