Tag Archives: tools

Open-Source Radeon Tools Updated With Expanded RDNA(2) Support, Other Features


RADEON --

In addition to NVIDIA releasing new open-source GameWorks projects this week for the Game Developers Conference, AMD with their GPUOpen initiative has released several updated Radeon Windows/Linux tools.

Radeon GPU Analyzer 2.5 is out today with expanded RDNA2 support (GFX1032 target support), support for analyzing OpenCL on RDNA/RDNA2/CDNA targets, live VGPR analysis and control-flow graph support within the Vulkan path, and a variety of other bug fixes and improvements to this graphics analyzer.

Radeon Memory Visualizer 1.2 is also out with stability and bug fixes, tooltips to supply more information, and range-based address search for resource tables.

Radeon GPU Profiler 1.11 was also released today. Radeon GPU Profiler 1.11 brings support for additional RDNA2 GPUs, cache counter support for OpenCL applications, ray-tracing handling improvements, faster loading of profiles, and other changes.

Details on these update tools and the other open-source Radeon packages for developers via GPUOpen.com.


Linux Foundation Announces Software Bill of Materials (SBOM) Industry Standard, Research, Training, and Tools to Improve Cybersecurity Practices


The Linux Foundation responds to increasing demand for SBOMs that can improve supply chain security

SAN FRANCISCO, June 17, 2021 – The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced new industry research, training, and tools – backed by the SPDX industry standard – to accelerate the use of a Software Bill of Materials (SBOM) in secure software development.

The Linux Foundation is accelerating the adoption of SBOM practices to secure software supply chains with:

SBOM standard: stewarding SPDX, the de-facto standard for requirements and data sharingSBOM survey: highlighting the current state of industry practices to establish benchmarks and best practicesSBOM training: delivering a new course on Generating a Software Bill of Materials to accelerate adoptionSBOM tools:  enabling development teams to create SBOMs for their applications

“As the architects of today’s digital infrastructure, the open source community is in a position to advance the understanding and adoption of SBOMs across the public and private sectors,” said Mike Dolan, Senior Vice President and General Manager Linux Foundation Projects. “The rise in cybersecurity threats is driving a necessity that the open source community anticipated many years ago to standardize on how we share what is in our software. The time has never been more pressing to surface new data and offer additional resources that help increase understanding about how to adopt and generate SBOMs, and then act on the information.” 

Ninety percent (90%) of a modern application is assembled from open source software components. An SBOM accounts for the open source software components contained in an application that details their quality, license, and security attributes. SBOMs are used to ensure developers understand what components are flowing throughout their software supply chains, proactively identify issues and risks, and establish a starting point for their remediation.

The recent presidential Executive Order on Improving the Nation’s Cybersecurity referenced the importance of SBOMs in protecting and securing the software supply chain. The National Telecommunications and Information Administration (NTIA) followed the issuance of this order by asking for wide-ranging feedback to define a minimum SBOM. The Linux Foundation has responded to the NTIA’s SBOM inquiry here, and the presidential Executive Order here. 

SPDX: The De-Facto SBOM Open Industry Standard

SPDX – a Linux Foundation Project, is the de-facto open standard for communicating SBOM information, including open source software components, licenses, and known security vulnerabilities. SPDX evolved organically over the last ten years by collaborating with hundreds of companies, including the leading Software Composition Analysis (SCA) vendors – making it the most robust, mature, and adopted SBOM standard in the market. 

SBOM Readiness Survey

Linux Foundation Research is conducting the SBOM Readiness Survey. It will examine obstacles to adoption for SBOMs and future actions required to overcome them related to the security of software supply chains. The recent US Executive Order on Cybersecurity emphasizes SBOMs, and this survey will help identify industry gaps in SBOM applications. Survey questions address tooling, security measures, and industries leading in producing and consuming SBOMs, among other topics. 

New Course: Generating a Software Bill of Materials

The Linux Foundation is also announcing a free, online training course, Generating a Software Bill of Materials (LFC192). This course provides foundational knowledge about the options and the tools available for generating SBOMs and how to use them to improve the ability to respond to cybersecurity needs. It is designed for directors, product managers, open source program office staff, security professionals, and developers in organizations building software. Participants will walk away with the ability to identify the minimum elements for an SBOM, how they can be assembled, and an understanding of some of the open source tooling available to support the generation and consumption of an SBOM. 

New Tools: SBOM Generator

Also announced today is the availability of the SPDX SBOM generator, which uses a command-line interface (CLI) to generate SBOM information, including components, licenses, copyrights, and security references of your application using SPDX v2.2 specification and aligning with the current known minimum elements from NTIA. Currently, the CLI supports GoMod (go), Cargo (Rust), Composer (PHP), DotNet (.NET), Maven (Java), NPM (Node.js), Yarn (Node.js), PIP (Python), Pipenv (Python), and Gems (Ruby). It is easily embeddable in automated processes such as continuous integration (CI) pipelines and is available for Windows, macOS, and Linux. 

Additional Resources

What is an SBOM?Build an SBOM training courseFree SBOM tool and APIs

About the Linux Foundation

Founded in 2000, the Linux Foundation is supported by more than 1,000 members and is the world’s leading home for collaboration on open source software, open standards, open data, and open hardware. Linux Foundation’s projects are critical to the world’s infrastructure, including Linux, Kubernetes, Node.js, and more.  The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

###

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

###

Media Contacts

Jennifer Cloer

for Linux Foundation

jennifer@storychangesculture.com

503-867-2304

The post Linux Foundation Announces Software Bill of Materials (SBOM) Industry Standard, Research, Training, and Tools to Improve Cybersecurity Practices appeared first on Linux Foundation.

Linux’s Perf Tools Prepares For Intel Alder Lake, Adds New AMD Zen 3 Events


HARDWARE --

Linux’s perf tooling for dealing with hardware performance counters and associated monitoring has seen a number of nice updates for the Linux 5.13 kernel cycle.

As usual, Intel continues to lead on the perf front for exposing their hardware’s many performance counters and ensuring good integration for Linux profiling and analysis. With Linux 5.13 there is now support for hybrid PMUs in preparing for forthcoming heterogeneous processor designs like Alder Lake with a mix of Core and Atom CPU cores.

Also on the Intel front, the –iostat option has been added as a way of collecting and presenting I/O statistics for Intel hardware. This relies upon new sysfs information exposed for Intel Xeon Scalable Skylake CPUs and later for read/write I/O devices to/from the host memory and CPU reads/writes to I/O devices below the root port.

Meanwhile AMD has added Zen 3 events reporting to Perf as well as fixing broken L2 Cache hits metrics. The new events supported with AMD Zen 3 processors are outlined in this commit.

On the ARM64 front, there is now support for Fujitsu A64FX PMU event metrics.

Also in the perf tooling pull is perf data now allows converting the perf.data file to JSON format. Bperf has also been added as a means for sharing hardware performance counters (PMCs) with BPF.

The perf tool changes for Linux 5.13 can be found via this pull request.


Where top VCs are investing in open source and dev tools





The once-polarizing world of open-source software has recently become one of the hotter destinations for VCs. As the popularity of open source increases among organizations and developers, startups in the space have reached new heights and monstrous valuations.

Over the past several years, we’ve seen surging open-source companies like Databricks reach unicorn status, as well as VCs who cashed out behind a serious number of exits involving open-source and dev tool companies, deals like IBM’s Red Hat acquisition or Elastic’s late-2018 IPO. Last year, the exit spree continued with transactions like F5 Networks’ acquisition of NGINX and a number of high-profile acquisitions from mainstays like Microsoft and GitHub.

[Source: TechCrunch]



Getting started with GitHub’s desktop and mobile tools





Microsoft has taken a very hands-off approach with GitHub since its acquisition last year. It’s an approach that makes a lot of sense; Microsoft’s past relationship with the open source community hasn’t been the best, and there’s still not much trust there, despite significant moves towards open design and open development models from Redmond.

However, that hasn’t left GitHub stagnant and drifting. Instead, under new leadership and with more clarity about its future, GitHub has accelerated its product development and rollout, adding features to its Web services and to its platform. GitHub’s own developer-focused tools have gotten much more attention in the past year, with regular updates to GitHub Desktop and the release of its first native mobile applications for iOS and Android.

[Source: InfoWorld]