[SIG Monthly Report] Sharing the latest progress of the openKylin community SIG group in November

In order to promote the prosperity and development of the community and create an innovative ecology of open source operating systems, the openKylin  community has divided different SIG groups according to the field, and is actively carrying out various technical research and innovation. Among them, 4 new SIG groups were added to the community in November , and a total of 56 SIG groups are in operation. Next, let us take stock of the latest technical progress of the openKylin community SIG groups in November:

Community added SIG

InputSolution SIG

Committed to the establishment of the openKylin community input method solution framework special interest group and the input method solution open source community, and promote the implementation and maintenance of the input method solution framework in the community.

RTHypervisor SIG

Committed to the research of real-time virtualization technology, currently mainly including jailhouse. Provide virtualization solutions for real-time control in industrial control, vehicle and other fields.

GPU SIG is committed to the research of GPU driver related technologies, including OpenGL, OpenCL, Vulkan, VDPAU and VAAPI. Provide technical planning, design, development, maintenance and upgrade services of GPU-related software packages, and jointly promote the development of domestic GPU technology.

Easylosu SIG

Responsible for developing a simple and efficient programming language for OpenKylin, committed to allowing users to easily enjoy the convenience of programming with the lowest threshold, promoting the localization of programming languages, and promoting the promotion of OpenKylin in non-developer groups.

OpenKylin community technical progress and achievements

一、UKUI SIG

The UKUI (Ultimate Kylin User Interface) SIG group is committed to the planning, maintenance and upgrading of desktop environment-related software packages, desktop environment programs that meet the needs of various devices and users, mainly including program launchers (start menu), user configuration, files Management, login lock screen, desktop, network tools, quick configuration, etc., provide users with a basic graphical operation platform. The progress in November is as follows:

● Promote the bug fixes left in version 0.9;

● 1.0 Integrate the remaining requirements of the plan;

● Promote the repair of new bugs, including: fix the translation of scheduled shutdown, the control panel is minimized after setting the network, the triple state of the tablet and PC window is not restored, the resolution of the HDMI display is abnormal, the Bluetooth headset does not automatically reconnect, and the external 4K display Bugs such as abnormal display, no pop-up window when the battery is about to run out, occasional flashback of the toolbox, and no battery status on the lock screen;

● UKUI website information update and new website design draft review;

● Push the UKUI removal package list into the corresponding SIG group;

● Solve the problem that the display position of the taskbar and start menu is abnormal;

● Notification, network, power management, control panel, USD completed the requirements, integrated into the latest code;

● Added variable intensity frosted glass effects;

● The enterprise network adds LEAP, PWD, and FAST certification types;

● UKUI website update: Finalize design elements such as product features and community display pages.

All interested community developers are welcome to join us to create a stable and easy-to-use desktop environment for the openKylin desktop system!

二、RISC-V SIG

This SIG group is mainly responsible for the maintenance of RISC-V architecture open source software packages, releasing the RISC-V version of openKylin, and performing software package construction and system construction.

● Completed the first draft of the patent "A Scalable Segmented Automated Image Construction Technology for RISC-V" and the writing of related scripts;

● Cross-compile opensbi, kernel and solve related problems. RVTrans adds support for GtkApplication, GApplication, GtkTextView3, GtkTextContainer3;

● Solved the problem of running gtk applications such as minesweeper;

● The Pingtouge development board has built a rootfs image that meets the requirements of the development board, and needs to continue debugging and optimization in the future;

● Encapsulate GTK3-related classes and dynamic library functions needed to run minesweeper and other small games, add or modify 400+ lines of code, and enhance the support for RVTrans for Gtk3;

● Pingtouge Yingying 1520 development board adaptation:

● (1) The system image has been successfully partitioned by modifying the uboot environment variable, and the test has been able to burn the image normally and start the rootfs we made;

● (2) Adapt to RISC-V native Firefox and LibreOffice, and the progress is 20% complete;

● rvtrans：

● (1) Added the encapsulation of GtkButton3, GamesScoresImporter class and libgnome-game-support dynamic library, and enhanced the support for gnome games;

● (2) Encapsulate 30+ dynamic library functions necessary to run gtk applications;

● (3) Solved the problem of missing g_object_connect related callback functions.

Welcome all enthusiasts interested in RISC-V technical direction to join RISC-V SIG!

三、Virtualization SIG

Virtualization SIG is committed to building the virtualization technology of the openKylin community system and creating a full-scenario virtualization solution for the end, edge, and cloud. The main progress of this SIG group in November is as follows:

● The virtio-gpu hardware encoding framework virglerenderer patch set has been accepted by the upstream community;

● Provide topics and expert materials to the Gitlab Cloud Native Salon in the Jihu community;

● Fix qemu 7.1 compilation error, temporarily close qemu uring support;

● Add repository spice libvirt spice-protocol;

● virglrender ported upstream virtio-gpu hardware acceleration codec patch;

● qemu adds virtio-gpu hardware acceleration patches and runs 12 dependent libraries;

● Added 6 virtualization dependent packages to solve the problem of packaging failure on openkylin;

● Fix libvirt running crash problem.

Welcome all enthusiasts who are interested in the direction of virtualization technology to join Virtualization SIG!

四、Release SIG

Release SIG is mainly responsible for coordinating various SIG groups, controlling version development progress and risks, formulating version release plans, and completing version release work. The main progress of Release SIG this month is as follows:

● Screened 34 serious bugs that had a greater impact, promoted and repaired 27, officially released version 0.9 of openkylin, and started public testing;

● Sort out all development, project management, and rule process documents, and write community-signed CLA participation guidelines, submission and review issue guidelines;

● Finalize community demand management norms;

● Determine the 1.0alpha, beta, and RC version plans;

● Advance software store and UKUI demand scheduling;

● Highlights of version 1.0 publicity;

● Community Kanban function docking discussion;

All enthusiasts who are interested in openKylin community version integration, version management, version distribution, etc. are welcome to join the Release SIG!

五、Kernel SIG

Kernel SIG is responsible for the kernel selection and code maintenance of the openKylin community version. The main progress of this month is as follows:

● Complete the development and transplantation of the kernel patch of the hierarchical freezing mechanism.

All enthusiasts interested in kernel development and maintenance in the openKylin community are welcome to join Kernel SIG!

六、Framework SIG

Framework SIG is committed to providing the openKylin community with a programming environment that integrates program editing, compiling, debugging, publishing, and analysis with a full set of development functions, covering general integrated development environments, compilation toolchains, runtime environments, and class libraries. In the initial stage, SIG focused on the development of a high-efficiency, cross-platform, plug-in, and easy-to-debug general integrated development environment, supporting C, C++, Java, Go, Fortran, Python, JavaScript and other standard programming languages, covering coding, compiling, debugging, and performance A complete set of development processes such as analysis and software delivery can meet the needs of software development on the openKylin platform. The main progress of this month is as follows:

● Repair and optimize while continuing to promote the development of functions such as CMake intelligent editing, distributed compilation integration plug-ins, deadlock detection, code performance analysis, and project creation;

Welcome all enthusiasts who are interested in openKylin community application integrated development environment to join Framework SIG!

六、Framework SIG
Infrastructure SIG is responsible for the development and maintenance of the basic platform system functions of the openKylin community. The main progress of this month is as follows:

● CI platform

● (1) Add changelog format check function, track OKBS processing status after packaging and uploading, automatically close old issues after packaging is successful;

● (2) Fix the problem that some software packages gbp.conf enable tag signature and cause packaging failure;

●digital signage

● (1) Jointly debug the interface with the applet terminal and go online;

● (2) Support viewing the contribution details of SIG members;

● CLA platform

● (1) Support third-party suppliers to promote personal CLA signing;

● (2) Added logo management function for enterprise members, added reset enterprise administrator password function, and added membership certificate and other documents.

Welcome all enthusiasts who are interested in the development and maintenance of the openKylin community infrastructure platform to join Infrastructure SIG!

八、Defend SIG

The Defend SIG group is working on the system defense features introduced in the openKylin community version. The main progress of the SIG group in November is as follows:

● Organize the first public regular meeting of the Defend SIG group, and invite community members Shanshi Network Security experts to participate in the exchange;

● The functional modules of openKylin security protection software continue to be sorted out.

All enthusiasts interested in operating system protection software are welcome to join Defend SIG!

Mainly responsible for maintaining the adaptation and development of Xfce and KDE desktop environments in the openKylin community. The main progress of the SIG group in November is as follows:

● All components of the Xfce desktop environment have been uploaded and released to the openKylin proposed source through the OKBS software package compilation platform, which can be installed and used. Currently in the state of daily maintenance, a CVE-2022-45062 vulnerability is fixed this month.

● The basic components of the KDE desktop environment have been uploaded, and released to the openKylin proposed source through the OKBS software package compilation platform, which can be installed and used. At present, some graphics, network and game applications of KDE have been transplanted, and daily maintenance will be carried out and more KDE applications will continue to be transplanted.

All interested community enthusiasts are welcome to join us!

十、Docs SIG

The Docs SIG group is committed to creating various documents in the openKylin community, including but not limited to usage documents, development documents, various tutorials, etc., to help newcomers and developers in the community better use and develop the openKylin version and its surroundings. Docs SIG progress in November is as follows:

● Lead the update of the openkylin SDK v2.0 development guide document and convert it into markdown format.

All community enthusiasts who are interested in document writing and document management are welcome to join us!

十一、Packaging SIG

Packaging SIG is responsible for maintaining the package packaging specifications of the openKylin community, maintaining public software packages, and coordinating and making decisions on package dependencies during the release of community versions. The main progress in November is as follows:

● Compile and upload python3.10, python2.7, llvm;

● Handle version upgrades of glibc, gcc, libkysdk-ocr-dev, libkysdk-sysinfo, libkysdk-sysinfo-dev, python3-stdlib-extensions, python3-defaults, python-pip, libjs-sphinxdoc, fakeroot, dh-python, glibc, etc. , and handle dependency issues;

● Added 44 source code packages;

● Solve gspell, perl and other compilation problems, upgrade and update fakeroot/glibc2.36, systemd251.4;

● Added 21 upstream packages and uploaded 13 packages to gitee;

● Write "Transplant Hello software to openKylin";

Analyzing python3.10, glibc, document is being formed;

● 6 local newly compiled packages, dealing with compiling problems of perl-5.36, gimp, xrdp, batik, remmina, openjdk-lts and other software packages;

Welcome all community enthusiasts who are interested in independent selection, compilation and packaging of openKylin community software to join us!

十二、QA SIG

The QA SIG group is committed to improving the quality of the openKylin community version, including community version testing, quality assurance, etc. The main progress of this month is as follows:

● RC-1101 version, RC-1102 version regression test;

● 0.9 release version testing (x86 and RISC-V);

● Write the openKylin 0.9 co-testing plan, uploaded to the code cloud and synchronized to the product;

● The test report of version 0.9 is completed and sent, the remaining requirements are sorted out and new nodes are confirmed, a total of test issues are reviewed and scored, and 10 issues are reviewed this week;

● openKylin software store - add openKylin ID login support requirements patch package test preparation;

● Chuanshu and openKylin vulnerability repair tests are completed. The security vulnerability has been fixed, and the impact domain test passed the basic function test of Chuanshu. The two versions executed a total of 82 ZenTao use cases, 76 of which passed, and 4 failed;

● Version 0.9 co-testing event Issue review and scoring processing;

● The new version of the software store and login ID requirements confirm the test scope, submit 7 issues including 6 high-level ones, and send the preliminary test results;

● Compile the 1.0 version of the test plan to be reviewed;

● Write test cases for some new requirements of UKUI;

All community enthusiasts who are interested in openKylin community version testing and quality management are welcome to join us!

十三、SecurityGovernance SIG

The openKylin SecurityGovernance SIG improves the security of community products by receiving and responding to product security problem reports from the openKylin community, providing community security guidance, and carrying out security governance activities. The main progress of this month is as follows:

● Planned three open source projects related to the security R&D process, and submitted relevant process introductions, warehouses and implementation plans;

● poc warehouse (openkylin-exploit-db), add 15 vulnerability POC;

● fuzzing repository

● (1) Introduce the technical documentation content of the Google fuzz warehouse;

● (2) Add 3 original technical articles;

● Security vulnerability scanning framework repository (genmai)

● (1) Complete the parsing function of the YAML and JSON configuration files of the "Diagnostic Pulse" scanning framework, and submit the code;

● (2) Complete and optimize the functions of three modules (sandbox interface module, YAML configuration analysis module, JSON configuration analysis module), and submit more than 2,000 lines of go code;

● Attack-defense think tank (attack-defense-think-tank)

● (1) Newly included 5 technical articles and emergency response toolbox. Afterwards, common vulnerabilities (such as command injection and directory manipulation) will continue to be included in relevant vulnerability repair summaries, combined with vulnerability repair suggestions, for community developers to read;

● (2) Three new technical articles were added, and two external personnel (researcher of 360 Offensive and Defense Laboratory, security researcher of Xinglan Technology) added contributions;

● (3) Added 7 new articles on vulnerability analysis and reproduction in the "Terminal Security" section, and added 5 new technical articles (4 from external sources and 1 original from internal sources: research and utilization of netlink communication modules);

● 202 cveissues have been submitted in the openKylin community, providing CVE information, scoring, patches, references, etc. SecurityGovernance fixed a total of 85;

● The new project openkylin-cve-tracer is used to build an openkylin intelligence sharing mechanism, and a new project introduction is added;

● Create a new project openkylin-cve-manager-bot for automatic transfer of vulnerability information;

● Vulnerability-aware brain project added a new architecture diagram and release issue process;

● The security vulnerability scanning framework warehouse (genmai) completed the optimization of three module functions (sandbox interface module, YAML configuration analysis module, JSON configuration analysis module), and submitted more than 2,000 lines of go code;

● "Pulse Diagnosis" vulnerability detection framework/tool (genmai), writing poc interactive parser, terminal text UI interface, adding more than 1,300 lines of code;

● The Security Governance SIG group independently applied 83 patches;

● The openKylin community terminal plug-in warehouse (a-cool-config) has uploaded more than 30 plug-ins, written two installation scripts, and written related configuration instructions;

● Preliminary detection of the openkylin unified user center (id.openkylin.top), there is a vulnerability in the file upload interface that does not limit the type of upload, which can lead to attackers gaining administrator privileges, and has been notified for rectification.

All community enthusiasts who are interested in openKylin version security vulnerability mining/verification, security vulnerability repair and other security work are welcome to join us!

十四、UKUIApplications SIG

This SIG group is committed to the development and maintenance of basic applications in the openKylin community, and to expand the ecology of the openKylin system. The main progress of this month is as follows:

● Promote the bug fixes left in version 0.9;

● Fix security vulnerability KVE-2022-1103.

Welcome all community enthusiasts who are interested in UKUI application development in the openKylin community to join us!

十五、OpenSDK SIG

This SIG group is responsible for the planning, development, and maintenance of the openKylin developer suite (base, system, and applications), and is committed to solving the compatibility issues of applications in multiple operating systems. The main progress of this month is as follows:

● Promote the bug fixes left in version 0.9;

● Solve the problem that the application fails to reference the SDK library due to the pc file;

● Improve the openSDK v2.0 development guide document;

● Added completion notification module;

● Added support for multiple programming languages.

Welcome all community enthusiasts who are interested in the development and maintenance of openSDK in the openKylin community to join us!

十六、Connectivity SIG

This SIG group is dedicated to the development and maintenance of the basic interconnection capabilities of the openKylin community. The main progress in November is as follows:

● Advance the bug fixes left in version 0.9.

Welcome all community enthusiasts who are interested in the openKylin community interconnection application and the improvement of the interconnection of all things to join us!

十七、InputMethod SIG

This SIG group is committed to building an input method open source community and promoting input method maintenance in the community. The main progress of this month is as follows:

● Increase the flag bit for disabling the input method;

● Allow the IM module to disable the pop-up and close behavior of the virtual keyboard provided by fcitx5 when it gets the focus and loses the focus when creating the InputContext object;

● Discuss the QCompleter focus strategy with the fcitx community, submit issues to the Qt community, and provide patch solutions;

● Advance the legacy bugs of version 0.9.

Welcome all community enthusiasts who are interested in the fcitx input method framework and desktop virtual keyboard development in the openKylin community to join us!