It’s often difficult to select a kernel for products that are shipped to customers. Several branches exist, bugs need to be avoided as much as possible and updates must be rare enough not to upset customers. All this must be true during all the product’s lifecycle. This presentation will show how the quality of stable kernels evolves over time and when it’s best to pick them and how to help improve them.
Willy Tarreau, HAProxy Technologies
Kernel Recipes 2013 - Kernel for your deviceAnne Nicolas
Any industrial project based on Linux involves Longterm management of a Linux kernel and therefore a number of questions to ask about the choices to be made. BSP, Linux distribution, kernel.org? Which version?
These questions will be reviewed and best practices to facilitate this maintenance.
Kernel Recipes 2015 - So you want to write a Linux driver frameworkAnne Nicolas
Writing a new driver framework in Linux is hard. There are many pitfalls along the way; this talk hopes to point out some of those pitfalls and hard lessons learned through examples, advice and humorous anecdotes in the hope that it will aid those adventurous enough to take on the task of writing a new driver framework. The scope of the talk includes internal framework design as well as external API design exposed to drivers and consumers of the framework. This presentation pulls directly from the Michael Turquette’s experience authoring the Common Clock
Framework and maintaining that code for the last four years.
Additionally Mike has solicited tips and advice from other subsystem maintainers, for a well-rounded overview. Be prepared to learn some winning design patterns and hear some embarrassing stories of framework design gone wrong.
Mike Turquette, BayLibre
Kernel Recipes 2015: The stable Linux Kernel Tree - 10 years of insanityAnne Nicolas
The Linux kernel gets a stable release about once every week.
This talk will go into the process of getting a patch accepted into the stable releases, how the release process works, and how Greg does a review and release cycle. It will consist of live examples of patches submitted to be added to the stable releases, as well as doing a release “live” on stage.
Greg KH, Linux Foundation
Kernel Recipes 2015: Kernel packet capture technologiesAnne Nicolas
Sniffing through the ages
Capturing packets running on the wire to send them to a software doing analysis seems at first sight a simple tasks. But one has not to forget that with current network this can means capturing 30M packets per second. The objective of this talk is to show what methods and techniques have been implemented in Linux and how they have evolved over time.
The talk will cover AF_PACKET capture as well as PF_RING, dpdk and netmap. It will try to show how the various evolution of hardware and software have had an impact on the design of these technologies. Regarding software a special focus will be made on Suricata IDS which is implementing most of these capture methods.
Eric Leblond, Stamus Networks
Talk from Embedded Linux Conference, http://elcabs2015.sched.org/event/551ba3cdefe2d37c478810ef47d4ca4c?iframe=no&w=i:0;&sidebar=yes&bg=no#.VRUCknSQQQs
Kernel Recipes 2013 - Kernel for your deviceAnne Nicolas
Any industrial project based on Linux involves Longterm management of a Linux kernel and therefore a number of questions to ask about the choices to be made. BSP, Linux distribution, kernel.org? Which version?
These questions will be reviewed and best practices to facilitate this maintenance.
Kernel Recipes 2015 - So you want to write a Linux driver frameworkAnne Nicolas
Writing a new driver framework in Linux is hard. There are many pitfalls along the way; this talk hopes to point out some of those pitfalls and hard lessons learned through examples, advice and humorous anecdotes in the hope that it will aid those adventurous enough to take on the task of writing a new driver framework. The scope of the talk includes internal framework design as well as external API design exposed to drivers and consumers of the framework. This presentation pulls directly from the Michael Turquette’s experience authoring the Common Clock
Framework and maintaining that code for the last four years.
Additionally Mike has solicited tips and advice from other subsystem maintainers, for a well-rounded overview. Be prepared to learn some winning design patterns and hear some embarrassing stories of framework design gone wrong.
Mike Turquette, BayLibre
Kernel Recipes 2015: The stable Linux Kernel Tree - 10 years of insanityAnne Nicolas
The Linux kernel gets a stable release about once every week.
This talk will go into the process of getting a patch accepted into the stable releases, how the release process works, and how Greg does a review and release cycle. It will consist of live examples of patches submitted to be added to the stable releases, as well as doing a release “live” on stage.
Greg KH, Linux Foundation
Kernel Recipes 2015: Kernel packet capture technologiesAnne Nicolas
Sniffing through the ages
Capturing packets running on the wire to send them to a software doing analysis seems at first sight a simple tasks. But one has not to forget that with current network this can means capturing 30M packets per second. The objective of this talk is to show what methods and techniques have been implemented in Linux and how they have evolved over time.
The talk will cover AF_PACKET capture as well as PF_RING, dpdk and netmap. It will try to show how the various evolution of hardware and software have had an impact on the design of these technologies. Regarding software a special focus will be made on Suricata IDS which is implementing most of these capture methods.
Eric Leblond, Stamus Networks
Talk from Embedded Linux Conference, http://elcabs2015.sched.org/event/551ba3cdefe2d37c478810ef47d4ca4c?iframe=no&w=i:0;&sidebar=yes&bg=no#.VRUCknSQQQs
Kernel Recipes 2016 - Kernel documentation: what we have and where it’s goingAnne Nicolas
The Linux kernel features an extensive array of, to put it kindly, somewhat disorganized documentation. A significant effort is underway to make things better, though. This talk will review the state of kernel documentation, cover the changes that are being made (including the adoption of a new system for formatted documentation), and discuss how interested developers can help.
Jonathan Corbet, LWN.net
A talk presented at the Automotive Grade Linux All-Members meeting on September 8, 2015. The focus on why AGL should adopt systemd, and highlights two of the more difficult integration issues that may arise while doing so. The embedded SVG image, courtesy Marko Hoyer of ADIT, is at http://she-devel.com/2015-07-23_amm_demo.svg
How Linux Processes Your Network Packet - Elazar LeibovichDevOpsDays Tel Aviv
With buzz on eBPF, XDP, bpfilter etc,, it's important to get the basics right. We will show the route of a networ packet from kernel driver to TCP/IP stack to userspace socket and explain how and where it's processed en route.
Modern environment uses a lot of the Linux networking stack capability.
Every docker container requires a dedicated bridge, usually a few iptables entries to expose port, and a dnsmasq daemon, and masquarading to allow internet access.
It is hence important to understand Linux network fundumentals. From the driver interrupt/NAPI, to the network stack, the various filters it passes through and the various hooks you have at your disposal to alter and view the network packets flow.
We will first review the theory, and then present useful tools to apply the theory and debug problems in common situations.
We will survey common containers situations and see how packets move from the hardware to the container's veth.
Kernel Recipes 2019 - Kernel documentation: past, present, and futureAnne Nicolas
The Linux kernel project includes a huge amount of documentation, but that information has seen little in the way of care over the
years. The amount of care has increased significantly recently, though, and things are improving quickly. Listen as the kernel’s documentation maintainer discusses the current state of the kernel’s docs, how we got here, where we’re trying to go, and how you can help.
Jonathan Corbet
OpenWrt is a Linux distribution for embedded systems that runs on many routers and networking devices today. In this session we'll talk about OpenWrt's origins, architecture and get down to building apps for the platform.
Along the way we will touch on some basic firmware concepts and at last present the final working OpenWrt router and its capabilities.
Anton Lerner, Architect at Sitaro, computer geek, developer and occasional maker.
Sitaro provides total cyber protection for small business and home networks. Sitaro prevents massive scale IoT cyber attacks.
Find out more information in the meetup event page - https://www.meetup.com/Tel-Aviv-Yafo-Linux-Kernel-Meetup/events/245319189/
OpenVZ, which has turned 7 recently, is an implementation of lightweight virtualization technology for Linux, something which is also referred to as LXC or just containers. The talk gives an insight into 7 different problems with containers and how they were solved. While most of these problems and solutions belongs in the Linux kernel, kernel knowledge is not expected from the audience.
A Reimplementation of NetBSD Based on a Microkernel by Andrew S. Tanenbaumeurobsdcon
Abstract
The MINIX 3 microkernel has been used as a base to reimplement NetBSD. To application programs, MINIX 3 looks like NetBSD, with the NetBSD headers, libraries, package manager, etc. Thousands of NetBSD packages run on it on the x86 and ARM Cortex V8 (BeagleBones). Inside, however, it is a completely different architecture, with a tiny microkernel and independent servers for memory management, the file system, and each device driver. This architecture has many valuable properties which will be described in the talk, including better security and the ability to recover from many component crashes without running applications even noticing. Updating to a new version of the operating system while it is running and without a reboot is on the roadmap for the future.
Kernel Recipes 2016 - Kernel documentation: what we have and where it’s goingAnne Nicolas
The Linux kernel features an extensive array of, to put it kindly, somewhat disorganized documentation. A significant effort is underway to make things better, though. This talk will review the state of kernel documentation, cover the changes that are being made (including the adoption of a new system for formatted documentation), and discuss how interested developers can help.
Jonathan Corbet, LWN.net
A talk presented at the Automotive Grade Linux All-Members meeting on September 8, 2015. The focus on why AGL should adopt systemd, and highlights two of the more difficult integration issues that may arise while doing so. The embedded SVG image, courtesy Marko Hoyer of ADIT, is at http://she-devel.com/2015-07-23_amm_demo.svg
How Linux Processes Your Network Packet - Elazar LeibovichDevOpsDays Tel Aviv
With buzz on eBPF, XDP, bpfilter etc,, it's important to get the basics right. We will show the route of a networ packet from kernel driver to TCP/IP stack to userspace socket and explain how and where it's processed en route.
Modern environment uses a lot of the Linux networking stack capability.
Every docker container requires a dedicated bridge, usually a few iptables entries to expose port, and a dnsmasq daemon, and masquarading to allow internet access.
It is hence important to understand Linux network fundumentals. From the driver interrupt/NAPI, to the network stack, the various filters it passes through and the various hooks you have at your disposal to alter and view the network packets flow.
We will first review the theory, and then present useful tools to apply the theory and debug problems in common situations.
We will survey common containers situations and see how packets move from the hardware to the container's veth.
Kernel Recipes 2019 - Kernel documentation: past, present, and futureAnne Nicolas
The Linux kernel project includes a huge amount of documentation, but that information has seen little in the way of care over the
years. The amount of care has increased significantly recently, though, and things are improving quickly. Listen as the kernel’s documentation maintainer discusses the current state of the kernel’s docs, how we got here, where we’re trying to go, and how you can help.
Jonathan Corbet
OpenWrt is a Linux distribution for embedded systems that runs on many routers and networking devices today. In this session we'll talk about OpenWrt's origins, architecture and get down to building apps for the platform.
Along the way we will touch on some basic firmware concepts and at last present the final working OpenWrt router and its capabilities.
Anton Lerner, Architect at Sitaro, computer geek, developer and occasional maker.
Sitaro provides total cyber protection for small business and home networks. Sitaro prevents massive scale IoT cyber attacks.
Find out more information in the meetup event page - https://www.meetup.com/Tel-Aviv-Yafo-Linux-Kernel-Meetup/events/245319189/
OpenVZ, which has turned 7 recently, is an implementation of lightweight virtualization technology for Linux, something which is also referred to as LXC or just containers. The talk gives an insight into 7 different problems with containers and how they were solved. While most of these problems and solutions belongs in the Linux kernel, kernel knowledge is not expected from the audience.
A Reimplementation of NetBSD Based on a Microkernel by Andrew S. Tanenbaumeurobsdcon
Abstract
The MINIX 3 microkernel has been used as a base to reimplement NetBSD. To application programs, MINIX 3 looks like NetBSD, with the NetBSD headers, libraries, package manager, etc. Thousands of NetBSD packages run on it on the x86 and ARM Cortex V8 (BeagleBones). Inside, however, it is a completely different architecture, with a tiny microkernel and independent servers for memory management, the file system, and each device driver. This architecture has many valuable properties which will be described in the talk, including better security and the ability to recover from many component crashes without running applications even noticing. Updating to a new version of the operating system while it is running and without a reboot is on the roadmap for the future.
It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.All Things Open
Presented by: Igor Seletskiy
Presented at the All Things Open 2021
Raleigh, NC, USA
Raleigh Convention Center
Abstract: IT Teams know the drill. New security bulletins, new issues, new patches to deploy. Schedule another maintenance operation and prepare for system downtime.
There is a better way to do things. Live patching has been around in the Linux Kernel for some time now, but adoption has not been ideal so far - either because of a lack of trust in the technology or just lack of awareness - or sysadmins just enjoy interrupting their workloads or users.
Live patching consists of two aspects. First, there has to be a mechanism for function redirection in the kernel. As in many things, the kernel actually provides three different subset of tools that provide this functionality - kprobes, fprobes and Livepatching. Secondly, Live Patching relies on a set of tools to generate the actual patches to deploy, replacing the old code with new one. This is arguably the most involved part: you need to fit your new code in the proper space, you can’t overwrite other unrelated code and you need to maintain compatibility with other functions. If you change your parameter list, for example, its game over - something will break in the worst possible way.
In this talk we’ll go over issues like Consistency model, patch generation, deployment mechanisms and identify situations that are ideal candidates for live patching instead of traditional patching operations.
ELC-E 2016 Neil Armstrong - No, it's never too late to upstream your legacy l...Neil Armstrong
You maintain or used to maintain a Linux based board or SoC off-tree ? Then there are plenty of reasons for you to push your changes to the mainline Linux. Some will say it’s too late, or too complex, or too expensive but the long-term benefits of regular upstreaming truly outpass these constraints especially it you have the right methods. In this presentation Neil will elaborate on this question.
Neil will then expose the various challenges about code upstreaming, like time constraints, copyright issues and the community aspect of the work. For example, vendor GPL code is generally lying on an obscure github repo, or in a hardly reachable tarball.
In parallel, Neil will present practical tips to easier your day to day upstream work and explicit this simple rule : the fastest the maximum patches are upstreamed, the less work you’ll have to actually maintain the port in the future.
LAS16-209: Finished and Upcoming Projects in LMGLinaro
LAS16-209: Finished and Upcoming Projects in LMG
Speakers: Yongqui Liu, Satish Patel, Bernhard Rosenkränzer
Date: September 27, 2016
★ Session Description ★
This survey of topics covers the engineering output of recent Android related projects in LMG and some future plans. This includes Memory Allocators, Filesystems, LCR news, Work on both gcc and clang based toolchains, Increased participation in upstream development as well as a quick overview of some upcoming topics. Kernel possible topics: Generic Build: where we are at.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-209
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-209/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
Speaker:
Alex Cruise (Dir. Architecture, Metafor Software)
Abstract:
The rise of the DevOps movement has brought into welcome focus something that is often learned only through painful experience and expense: the success of a software product critically depends not only on its implementation, maintenance and enhancement, but also on how it’s deployed and operated.
Distributed systems are hard, but you can’t escape them: you need to scale out, but wrapping proxy interfaces around remote resources so they look local is a recipe for a fragile system. Plus, as the complexity of components and services increases, local systems aren’t actually as reliable as we think! Concurrency is hard, but you can’t escape it: whether you’re using threads in a single process, or multiple processes on a single machine, you still need to synchronize state between them somehow. Fault tolerance is hard, but you can’t escape it: parts will fail, you need to cope without rebooting the whole application. Correctness is hard, but you can’t escape it: whether through laborious testing or a Sufficiently Advanced Compiler, you need to have some assurance that the software will work as intended.
Let’s talk about a set of architectural patterns (and, yes, frameworks) that can really help us achieve the goals of concurrency, fault tolerance and correctness, while affording us the flexibility we need to scale our deployments when we achieve terrifying success.
Kernel Recipes 2017 - Linux Kernel Release Model - Greg KHAnne Nicolas
This talk describes how the Linux kernel development model works, what a long term supported kernel is, and why all Linux-based systems devices should be using all of the stable releases and not attempting to pick and choose random patches.
It also goes into how the kernel community approaches “security” patches, and the reasoning why they do it in the manner they do.
This is an expanded talk based on a lighting talk presented at Kernel Recipes 2015, and the speaker’s interactions with companies reaction to the supposedly confusing development model on which they rely on.
Greg KH, Linux Foundation
Linux is changing the way embedded systems are put together even faster than it is influencing data centres and desktops. I gave this talk at Embedded Linux Conference Europe 2012 in Barcelona
"In the beginning there was RPM, and it was good." Certainly, Linux packaging has solved many of the problems involved in shipping software, from creation to consumption and maintenance. As software development and deployment have evolved, however, new pain points have cropped up that have not been solved by traditional packaging tools.
Are containers the answer? They may be able to solve many of the current problems, but they also introduce a new set of issues and ignore important lessons from the evolution of distribution-level packaging.
Release This! - Tools for a Smooth Release CyclePerforce
Conventional wisdom says that when branching for release, development for the release should be done on the release branch and integrated back to main. However, the team at Guerrilla Games has implemented a reverse workflow process which, when supported by a few carefully chosen tools, has been found to work very well. Learn how to use this unorthodox approach to regain complete control over your release process while making the release cycle much more transparent to everybody involved.
The API Contract is Dead, Long live the API Contract. Examining how to reduce the amount of work required to keep up with all this fast moving software ... in 20 slides, 15 seconds each.
Tips for Installing Cognos Analytics 11.2.1xSenturus
We walk through the installation and configuration steps for a Cognos 11.2.1 upgrade. Just some of the topics we cover include: how installer got smarter, upgraded hardware requirements, backing up and preserving files, upgrade strategy and themes and extensions. See the recording and download this deck: https://senturus.com/resources/tips-for-installing-cognos-analytics-11-2-1/
Senturus offers a full spectrum of services for business analytics. Our Knowledge Center has hundreds of free live and recorded webinars, blog posts, demos and unbiased product reviews available on our website at: https://senturus.com/resources/
During the Neos Conference 2024 I talked – again – about updating Neos. Next to why, when and how you should be updating I talked about going to Neos 9…
Similar to Kernel Recipes 2015: How to choose a kernel to ship with a product (20)
Kernel Recipes 2019 - Driving the industry toward upstream firstAnne Nicolas
Wanting to avoid the Android experience, Google developers always aimed to make their Chrome OS Linux kernels as close to mainline as possible. However, when Chromebooks were first created, Google was left with no choice, the mainline kernel, in some subsystems, still did not have all the functionalities needed by Chromebooks. Hence, similarly to Android, Chrome OS had to develop their own out-of-tree code for the kernel and maintain that for a few different kernel versions.
Luckily, over the last few years a strong and consistent effort has been happening to bring Chromebook devices closer to mainline. It has led to significant improvements that now make it possible to run mainline on Chrome OS devices. And not only Chromebooks, as these significant strides are also improving Arm-based SOCs and other key components of the rich Chromebook hardware ecosystem. In this talk, we will look at how and why upstream support for Chromebooks improved, the current status of various models, and what we expect in the future.
Enric Balletbò i Serra
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMIAnne Nicolas
As the name would suggest, a Non-Maskable Interrupt (NMI) is an interrupt-like feature that is unaffected by the disabling of classic interrupts. In Linux, NMIs are involved in some features such as performance event monitoring, hard-lockup detector, on demand state dumping, etc… Their potential to fire when least expected can fill the most seasoned kernel hackers with dread.
AArch64 (aka arm64 in the Linux tree) does not provide architected NMIs, a consequence being that features benefiting from NMIs see their use limited on AArch64. However, the Arm Generic Interrupt Controller (GIC) supports interrupt prioritization and masking, which, among other things, provides a way to control whether or not a set of interrupts can be signaled to a CPU.
This talk will cover how, using the GIC interrupt priorities, we provide a way to configure some interrupts to behave in an NMI-like manner on AArch64. We’ll discuss the implementation, some of the complications that ensued and also some of the benefits obtained from it.
Julien Thierry
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernelAnne Nicolas
At a rate of almost 9 changes per hour (24/7), the Linux kernel is definitely a scary beast. Bugs are introduced on a daily basis and, through the use of multiple code analyzers, *some* of them are detected and fixed before they hit mainline. Over the course of the last few years, Gustavo has been fixing such bugs and many different issues in every corner of the Linux kernel. Recently, he was in charge of leading the efforts to globally enable -Wimplicit-fallthrough; which appears by default in Linux v5.3. This presentation is a report on all the stuff Gustavo has found and fixed in the kernel with the support of the Core Infrastructure Initiative.
Gustavo A.R. Silva
Kernel Recipes 2019 - Metrics are moneyAnne Nicolas
In I.T. we all use all kinds of metrics. Operations teams rely heavily on these, especially when things go south. These metrics are sometimes overrated. Let’s dive into a few real life stories together.
Aurélien Rougemont
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...Anne Nicolas
Modern SoC designs incorporate technologies from numerous vendors, each with their own inconsistent, confusing, undocumented and even contradictory terminology. The result is a mess of acronyms and product names which have a surprising impact on the ability to develop reusable, modular code thanks to the nature of the underlying IP being obscured.
This presentation will dive into some of the misnomers plaguing the Arm ecosystem, with the aim of explaining why things are like they are, how they fit together under the architectural umbrella and how you, as a developer, can decipher the baffling ingredients list of your next SoC design!
Will Deacon
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary dataAnne Nicolas
GNU poke is a new interactive editor for binary data. Not limited to editing basic ntities such as bits and bytes, it provides a full-fledged procedural, interactive programming language designed to describe data structures and to operate on them. Once a user has defined a structure for binary data (usually matching some file format) she can search, inspect, create, shuffle and modify abstract entities such as ELF relocations, MP3 tags, DWARF expressions, partition table entries, and so on, with primitives resembling simple editing of bits and bytes. The program comes with a library of already written descriptions (or “pickles” in poke parlance) for many binary formats.
GNU poke is useful in many domains. It is very well suited to aid in the development of programs that operate on binary files, such as assemblers and linkers. This was in fact the primary inspiration that brought me to write it: easily injecting flaws into ELF files in order to reproduce toolchain bugs. Also, due to its flexibility, poke is also very useful for reverse engineering, where the real structure of the data being edited is discovered by experiment, interactively. It is also good for the fast development of prototypes for programs like linkers, compressors or filters, and it provides a convenient foundation to write other utilities such as diff and patch tools for binary files.
This talk (unlike Gaul) is divided into four parts. First I will introduce the program and show what it does: from simple bits/bytes editing to user-defined structures. Then I will show some of the internals, and how poke is implemented. The third block will cover the way of using Poke to describe user data, which is to say the art of writing “pickles”. The presentation ends with a status of the project, a call for hackers, and a hint at future works.
Jose E. Marchesi
Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...Anne Nicolas
Operating system distributors often face challenges that are somewhat different from that of upstream kernel developers. For instance, some kernel updates often need to stay at least binary compatible with modules that might be “out of tree” for some time.
In that context, being able to automatically detect and analyze changes to the binary interface exposed by the kernel to its module does have some noticeable value.
The Libabigail framework is capable of analyzing ELF binaries along with their accompanying debug info in the DWARF format, detect and report changes in types, functions, variables and ELF symbols. It has historically supported that for user space shared libraries and application so we worked to make it understand the Linux kernel
binaries.
In this presentation, we are going to present the current support of ABI analysis for Linux Kernel binaries, the challenges we face, how we address them and the plans we have for the future.
Dodji Seketeli, Jessica Yu, Matthias Männich
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and BareboxAnne Nicolas
Different upgrade and update strategies exist when it comes to embedded Linux system. If at development time none of these strategies have been chosen, adding them afterwards can be tedious task.
Even harder it gets when the system is already deployed in the field and only accessible via a 3G connection.
This talk is a developer experience of putting in place exactly that. Giving a return of experience on one way of doing it on a system running Barebox and a Yocto-based distribution.
Patrick Boettcher
Embedded Recipes 2019 - Making embedded graphics less specialAnne Nicolas
Traditionally graphics drivers were one of the last hold-outs of proprietary software in an embedded Linux system. This situation is changing with open-source graphics drivers showing up for almost all of the graphics acceleration peripherals on the market right now. This talk will show how open-source graphics drivers are making embedded systems less special, as well as trying to provide an overview of the Linux graphics stack, de-mystifying what is often seen as black magic GPU stuff from outside observers.
Lucas Stach
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre SiliconAnne Nicolas
This talk will explore Open Source Hardware projects relevant to Linux, including boards like BeagleBone, Olimex OLinuXino, Giant board and more. Looking at the benefits and challenges of designing Open Source Hardware for a Linux system, along with BeagleBoard.org’s experience of working with community, manufacturers, and distributors to create an Open Source Hardware platform. In closing also looking at the future, Libre Silicon like RISC-V designs, and where this might take Linux.
Drew Fustini
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) pictureAnne Nicolas
The I2C subsystem is not the shiniest part of the Linux Kernel. For embedded devices, though, it is one of the many puzzle pieces which just have to work. Wolfram Sang has the experience of maintaining this subsystem for nearly 7 years now. This talk gives a short overview of how maintaining works in general and specifically in this subsystem. But mainly, it will highlight noteworthy points in the timeline and lessons learnt from that. It will present trends, not so much regarding I2C but more the Linux Kernel and the embedded ecosystem in general. And of course, there will be plenty of anecdotes and bits from behind the scenes for your entertainment.
Wolfram Sang
Embedded Recipes 2019 - Testing firmware the devops wayAnne Nicolas
ITRenew is selling recertified OCP servers under the Sesame brand, those servers come either with their original UEFI BIOS or with LinuxBoot. The LinuxBoot project is pushing the Linux kernel inside bios flash and using userland programs as bootloader.
To achieve quality on our software stack, as any project, we need to test it. Traditional BIOS are tested by hand, this is 2019 we need to do it automatically! We already presented the hardware setup behind the LinuxBoot CI, this talk will focus on the software.
We use u-root for our userland bootloader; this software is written in Go so we naturally choose to use Go for our testing too. We will present how we are using and extending the Go native test framework `go test` for testing embedded systems (serial console) and improving the report format for integration to a CI.
Julien Viard de Galbert
Embedded Recipes 2019 - Herd your socs become a matchmakerAnne Nicolas
About 60% of the Linux kernel source tree is devoted to drivers for a large variety of supported hardware components. Especially in the embedded world, the number of different SoC families, versions, and revisions, integrating a myriad of “IP cores”, keeps on growing.
In this presentation, Geert will explain how to match drivers against hardware, and how to support a wide variety of (dis)similar devices, without turning platform and driver code into an entangled bowl of spaghetti.tra
Starting with a brief history of driver matching in Linux, he will fast-forward to device-tree based matching. He will discuss ways to handle slight variations of the same hardware devices, and different SoC revisions, each with their own quirks and bugs. Finally, Geert will show best practices for evolving device drivers in a maintainable way, based on his experiences as an embedded Linux kernel developer and maintainer.
Geert Uytterhoeven
Embedded Recipes 2019 - LLVM / Clang integrationAnne Nicolas
Buildroot is a popular and easy to use embedded Linux build system. It generates, in few minutes, lightweight and customized Linux systems, including the cross-compilation toolchain, kernel and bootloader images, as well as a wide variety of userspace libraries and programs.
This talk is about the integration of LLVM/clang into Buildroot.
In 2018, Valentin Korenblit, supervised by Romain Naour, worked on this topic during his internship at Smile ECS. After a short introduction about llvm/clang and Buildroot, this talk will go through the numerous issues discovered while adding llvm/clang componants and how these issues were fixed. Romain will also detail the work in progress and the work to be done based on llvm/clang libraries (OpenCL, Compiler-rt, BCC. Chromium, ldd).
Romain Naour
Embedded Recipes 2019 - Introduction to JTAG debuggingAnne Nicolas
This talk introduces JTAG debugging capabilities, both for debugging hardware and software. Marek first explains what the JTAG stands for and explains the operation of the JTAG state machine. This is followed by an introduction to free software JTAG tools, OpenOCD and urJTAG. Marek shortly explains how to debug software using those tools and how that ties into the JTAG state machine. However, JTAG was designed for testing hardware. Marek explains what boundary scan testing (BST) is, what are BSDL files and their format, and practically demonstrates how to blink an LED using BST and only free software tools.
Marek Vasut
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimediaAnne Nicolas
PipeWire is an open source project that aims to greatly improve audio and video handling under Linux. Utilising a fresh design, it bridges use cases that have been previously addressed by different tools – or not addressed at all -, providing ground for building complex, yet secure and efficient, multimedia systems.
In this talk, Julien is going to present the PipeWire project and the concepts that make up its design. In addition, he is going to give an update of the current and future work going on around PipeWire, both upstream and in Automotive Grade Linux, an early adopter that Julien is actively working on.
Julian Bouzas
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all startedAnne Nicolas
Ftrace’s most powerful feature is the function tracer (and function graph tracer which is built from it). But to have this enabled on production systems, it had to have its overhead be negligible when disabled. As the function tracer uses gcc’s profiling mechanism, which adds a call to “mcount” (or more recently fentry, don’t worry if you don’t know what this is, it will all be explained) at the start of almost all functions, it had to do something about the overhead that causes. The solution was to turn those calls into “nops” (an instruction that the CPU simply ignores). But this was no easy feat. It took a lot to come up with a solution (and also turning a few network cards into bricks). This talk will explain the history of how ftrace came about implementing the function tracer, and brought with it the possibility of static branches and soon static calls!
Steven Rostedt
Kernel Recipes 2019 - Suricata and XDPAnne Nicolas
Suricata is a network threat detection engine using network packets capture to reconstruct the traffic till the application layer and find threats on the network using rules that define behavior to detect. This task is really CPU intensive and discarding non interesting traffic is a solution to enable a scaling of Suricata to 40gbps and other.
This talk will present the latest evolution of Suricata that knows uses eBPF and XDP to bypass traffic. Suricata 5.0 is supporting the hardware XDP to provide ypass with network card such as Netronome. It also takes advantage of pinned maps to get persistance of the bypassed flows. This talk will cover the different usage of XDP and eBPF in Suricata and shows how it impact performance and usability. If development time permit, the talk will also cover AF_XDP and the impact on this new capture method on Suricata.
Eric Leblond
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)Anne Nicolas
System memory configuration is a transparent operation nowadays, something that we all came to expect to just work out of the box. Still, it does happen behind the scenes every single time we boot our computers. This requires the cooperation of hardware components on the mainboard and on memory modules themselves, as well as firmware code to drive these. While it is possible to just let it happen, having a deeper understanding of how it works makes it possible to access valuable information from the operating system at run-time.
I will take you through the history of system memory configuration from the mid 70s to now. We will explore the different types of memory modules, how their configuration data is stored and how the firmware can access them. We will see which problems had to be solved along the way and how they were solved. Lastly we will see how Linux supports reading the memory configuration information and what you can do with that information.
Jean Delvare
Kernel Recipes 2019 - Formal modeling made easyAnne Nicolas
Modeling parts of Linux has become a recurring topic. For instance, the memory model, the model for PREEMPT_RT synchronization, and so on. But the term "formal model" causes panic for most of the developers. Mainly because of the complex notations and reasoning that involves formal languages. It seems to be a very theoretical thing, far from our day-by-day reality.
Believe me. Modeling can be more practical than you might guess!
This talk will discuss the challenges and benefits of modeling, based on the experience of developing the PREEMPT_RT model. It will present a methodology for modeling the Linux behavior as Finite-State Machines (automata), using terms that are very known by kernel developers: tracing events! With the particular focus on how to use models for the formal verification of Linux kernel, at runtime, with low overhead, and in many cases, without even modifying Linux kernel!
Daniel Bristot de Oliveira
Accelerate Enterprise Software Engineering with PlatformlessWSO2
Key takeaways:
Challenges of building platforms and the benefits of platformless.
Key principles of platformless, including API-first, cloud-native middleware, platform engineering, and developer experience.
How Choreo enables the platformless experience.
How key concepts like application architecture, domain-driven design, zero trust, and cell-based architecture are inherently a part of Choreo.
Demo of an end-to-end app built and deployed on Choreo.
Cyaniclab : Software Development Agency Portfolio.pdfCyanic lab
CyanicLab, an offshore custom software development company based in Sweden,India, Finland, is your go-to partner for startup development and innovative web design solutions. Our expert team specializes in crafting cutting-edge software tailored to meet the unique needs of startups and established enterprises alike. From conceptualization to execution, we offer comprehensive services including web and mobile app development, UI/UX design, and ongoing software maintenance. Ready to elevate your business? Contact CyanicLab today and let us propel your vision to success with our top-notch IT solutions.
Unleash Unlimited Potential with One-Time Purchase
BoxLang is more than just a language; it's a community. By choosing a Visionary License, you're not just investing in your success, you're actively contributing to the ongoing development and support of BoxLang.
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
How to Position Your Globus Data Portal for Success Ten Good PracticesGlobus
Science gateways allow science and engineering communities to access shared data, software, computing services, and instruments. Science gateways have gained a lot of traction in the last twenty years, as evidenced by projects such as the Science Gateways Community Institute (SGCI) and the Center of Excellence on Science Gateways (SGX3) in the US, The Australian Research Data Commons (ARDC) and its platforms in Australia, and the projects around Virtual Research Environments in Europe. A few mature frameworks have evolved with their different strengths and foci and have been taken up by a larger community such as the Globus Data Portal, Hubzero, Tapis, and Galaxy. However, even when gateways are built on successful frameworks, they continue to face the challenges of ongoing maintenance costs and how to meet the ever-expanding needs of the community they serve with enhanced features. It is not uncommon that gateways with compelling use cases are nonetheless unable to get past the prototype phase and become a full production service, or if they do, they don't survive more than a couple of years. While there is no guaranteed pathway to success, it seems likely that for any gateway there is a need for a strong community and/or solid funding streams to create and sustain its success. With over twenty years of examples to draw from, this presentation goes into detail for ten factors common to successful and enduring gateways that effectively serve as best practices for any new or developing gateway.
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
May Marketo Masterclass, London MUG May 22 2024.pdfAdele Miller
Can't make Adobe Summit in Vegas? No sweat because the EMEA Marketo Engage Champions are coming to London to share their Summit sessions, insights and more!
This is a MUG with a twist you don't want to miss.
Software Engineering, Software Consulting, Tech Lead.
Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Security,
Spring Transaction, Spring MVC,
Log4j, REST/SOAP WEB-SERVICES.
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Mind IT Systems
Healthcare providers often struggle with the complexities of chronic conditions and remote patient monitoring, as each patient requires personalized care and ongoing monitoring. Off-the-shelf solutions may not meet these diverse needs, leading to inefficiencies and gaps in care. It’s here, custom healthcare software offers a tailored solution, ensuring improved care and effectiveness.
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Globus
The Earth System Grid Federation (ESGF) is a global network of data servers that archives and distributes the planet’s largest collection of Earth system model output for thousands of climate and environmental scientists worldwide. Many of these petabyte-scale data archives are located in proximity to large high-performance computing (HPC) or cloud computing resources, but the primary workflow for data users consists of transferring data, and applying computations on a different system. As a part of the ESGF 2.0 US project (funded by the United States Department of Energy Office of Science), we developed pre-defined data workflows, which can be run on-demand, capable of applying many data reduction and data analysis to the large ESGF data archives, transferring only the resultant analysis (ex. visualizations, smaller data files). In this talk, we will showcase a few of these workflows, highlighting how Globus Flows can be used for petabyte-scale climate analysis.
Listen to the keynote address and hear about the latest developments from Rachana Ananthakrishnan and Ian Foster who review the updates to the Globus Platform and Service, and the relevance of Globus to the scientific community as an automation platform to accelerate scientific discovery.
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
Large Language Models and the End of ProgrammingMatt Welsh
Talk by Matt Welsh at Craft Conference 2024 on the impact that Large Language Models will have on the future of software development. In this talk, I discuss the ways in which LLMs will impact the software industry, from replacing human software developers with AI, to replacing conventional software with models that perform reasoning, computation, and problem-solving.
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
Globus Compute wth IRI Workflows - GlobusWorld 2024
Kernel Recipes 2015: How to choose a kernel to ship with a product
1. How to choose a kernel to ship with a product
Willy Tarreau
HAProxy Technologies
Kernel Recipes 2015
2. Outline
● Target
– People who don’t use distro kernels
– People who run their own distros
– People who don’t know they’re currently at risk
● Identify your needs
● What not to do
● Remaining options
● How to improve your situation
3. Background
Past and present activities
● First kernel patch around 1995 on kernel 1.2.13
● Maintainer of very old kernels (2.4, 2.6.32, ...)
● Been shipping remotely managed gateways at
Exosec from 2002 to 2008
● Been shipping HAProxy load balancers since
2006
4. Challenges
=> Maintain systems up to date WRT bugs/vulns:
● Gateways: operate remotely without local help
● LBs: avoid regressions casting a bad image of
the product and company in general
5. What absolutely needs updates ?
Few critical components on a system :
“The ones allowing you to fix a bug and then to
fix the failed attempt to fix this bug”
In short (YMMV) :
● Kernel
● Libc
● sshd
6. Not all of them in fact
● Libc very rarely needs to be updated in a
product's life
● Most products don't depend on SSHd, pick the
last one and you're OK.
7. Kernel is special
The kernel :
● provides drivers for your device
● provides drivers for other obscure devices
● provides various network protocols
● provides all the security layers
=> suffers orders of magnitude more bugs than
any other component found in such an appliance.
8. Kernel is sensitive!
A missed kernel upgrade in field can lead to :
● System malfunction / instability / outages
● Data corruption / data loss
● Local and remote DoS
● Local root
=> angry customers, bad image, loss of time
and money
9. Kernel is too sensitive!
In case of bad or failed upgrade in field :
● Have to drive there (managed gateways)
● angry customer + RMA (LBs)
=> Common question :
“should I risk an upgrade or risk a bug?”
10. No such thing as validation in lab
The Linux kernel is a monster project.
● Current size around 19.5M lines
● Linux 4.2 added around 1M lines of code (5%)
=> Nobody can verify there's no regression.
At best we can be certain that there are regs...
...and you don't want them in your product!
11. More numbers
Kernel 2.6.32 was released on 2009/12. Patches
merged from 2009/12 to 2012/05 :
3325
Patches merged from 2012/05 to 2015/09 :
724
Uncertain fixes dropped since 2012/05 :
~3000
=> The kernel is a living thing !
12. Facing a difficult choice
● How long will the product live ?
● What initial level of stability is expected ?
● Does the product accept hardware extensions in field ?
● Will it be possible to update in field ?
● Will the customers see what is running ?
● Will the customers expect updates ?
● Is downtime affordable ?
● Are security issues really a problem ?
13. Stick to what works
● Don't change a kernel branch in the middle of a
product's life cycle if breakage is not an option.
● Backport the fixes you need only.
● Stable kernels are made for you.
=> OK but which one ?
14. How the kernel quality evolves
● All fixes are first merged into mainline before -stable
● -stable lasts 2-3 months, + about 2 years for LTS.
● Typos / thinkos are found after a few days / weeks
=> they will be fixed in -stable
● More subtle bugs can take months/years to be detected
=> only LTS will have a chance to fix them
● Architectural shortcomings require massive rework
=> only a version upgrade will bring them
15. First corollary on kernel quality
Claim: Unmaintained EOLed kernels contain a
lot of subtle bugs that are hard to detect.
You don't believe me ? OK, let's see :
16. First corollary on kernel quality
Claim: Unmaintained EOLed kernels contain a
lot of subtle bugs that are hard to detect.
You don't believe me ? OK, let's see :
17. First corollary on kernel quality
Claim: Unmaintained EOLed kernels contain a
lot of subtle bugs that are hard to detect.
You don't believe me ? OK, let's see :
18. Immediate conclusion
If you really need them, help with
their maintenance and try to get your
work supported by more recent ones.
NEVER EVER USE EOLed KERNELS!!!
19. So what should you do ?
● Pick a kernel that lasts at least as long as your
product's life (or major version's life)
● Degree of confidence should match your
customers' expectations (ADSL router, load
balancer, file server, power plant controller, …)
● Backport missing features (arbitration needed)
● But avoid backporting infrastructure changes!
20. You're not alone!
● All distro vendors and product vendors are in the
same boat.
● Use your distro's kernel if it matches your needs,
it's free.
● Otherwise join forces to maintain a specific kernel
for as long as you need.
=> But please, oh please, avoid needless effort
duplication caused by adding more LTS versions.
21. How to participate
● Upstream your local fixes and improvements
(but not your local crap, thank you)
● Test stable kernels and report good/bad status
● Scrutinize changelogs to check for failed
backports
● Maintain, publish, and advertise a stable
branch if not possible otherwise
22. Don't maintain your own kernel!
Out-of-tree patches = pain. Need to rebase, apply at the wrong
place, etc... Sometimes patches are bogus.
Speaker's experience :
●
Got bored with local patches in Feb 2005 (pre-Git era), started the
public “hotfix” tree for 2.4 kernels (2.4.29+)
●
Most of them were adopted by maintainer Marcelo Tosatti
●
People started to use them, proposing more fixes, sending
feedback about some of them being wrong or not working as
expected, leading to newer versions
●
Eventually all of them got merged or had an equivalent fix.
=> first “stable” tree without this name :-)
23. Don't maintain your own kernel(2)
●
Been shipping 2.4 in our products till 2011 (EOS 2013)
=> Very stable, but amount of efforts was becoming too high to
support new hardware (x86_64) and features (IPv6)
●
Moved to 2.6.27 and dropped many patches
●
Then 2.6.32, dropped more patches, and replaced some
=> met a handful of bugs that were already fixed upstream
●
And then 3.10 and dropped more patches
=> one regression caused by a local patch after a -stable update.
●
Now 3.14 and kept very few patches
=> less out-of-tree patches = less work and less bugs
24. 4 types of stable kernels now
Quest for kernel quality has led to 4 types of stable kernels :
● Official kernel.org stable kernels by Greg KH, started with 2.6.11 by
Greg&Chris.
● Official kernel.org LTS kernels by Greg, started with 2.6.27 and initial
attempts with 2.6.20, 2.6.22, and 2.6.25.
● Extended LTS kernels maintained by individuals after Greg, started
with 2.6.16 by Adrian, replicated with 2.6.20, 2.6.27, 2.6.32, 2.6.34,
2.6.35, 3.4.
● Kernels picked by distro maintainers : 3.2, 3.12, 3.18
=> 8-9 stable branches in parallel now including 7 LTS
See https://kernel.org/category/releases
25. How to choose ?
● 7 LTS are a lot, but they offer a lot of choice.
● Do they all evolve at the same speed ?
● Are they all maintained similarly ?
● Let's see...
29. Analysis
● Greg's kernels are very regular, about 1 version
per week.
● Distro kernels merge more patches but space
their releases more over time.
● Maybe distros backport more features for their
users that are less of interest for your products.
=> don't be fooled by numbers, focus only on
the kernel areas relevant to your product
30. Patches per area of interest
The ALOHA Load balancer is mostly intested in
kernel, mm, ipc, lib, net, drivers/net, arch/x86 :
=> 3.x are pretty much all the same finally...
… but look closer!
32. Try to limit the effort
●
newer kernel = less work but more care and risks
●
older kernel = less risks but more work
●
3/4 of patches in 15 months is very appealing, that leaves one year
of free maintenance for LTS kernels after we start shipping.
●
Our products ship a new major version every year, with 3 years of
support
=> 2 years of maintenance left for us.
●
3.2 and 3.4 would have saved one extra year, but we needed more
recent features.
=> We picked 3.10 in 2014, updated to 3.14 in 2015, maybe 4.1 in
2016.
33. Don't pick too old kernels
Very old kernels are not the cheapest ones to maintain :
● Standard fixes get painful after 2 years
● Security fixes are very hard to backport (doc replaced
some fixes in 2.4)
● Developers are not much willing to help when kernels are
too old
● Less reviewers and testers for each new release
=> regressions start to increase again past some
point (eg: 2.6.32)
34. Distro kernels getting really good
● Less frequent but maintained longer (4-5 years)
● Strong experience within these teams
● Most are now part of the official kernel.org trees.
=> Definitely a good choice when compatible
One regret: too bad they don't stick to the regular LTS
versions and share maintenance efforts. Debian's kernel team
has been very helpful on 2.6.32, they could have picked 3.4
instead of 3.2 and avoid duplicating efforts. Same regarding
3.16.
35. Post-shipping: be careful
● Always review kernel changelogs
Hint: look at -stable only, and it's linear!
● Don't upgrade if there's nothing for you, especially in
July-August!
● Very rare -stable regs but happen once in a while and can
also be caused by your own patches
● Test. Your code could rely on a bug that was recently fixed!
● Report anything suspicious as soon as possible while it's
still fresh in developers' mind.
36. Plan for next major upgrade
● Try to identify what next version you'll have to
upgrade to
● Try to identify if someone is willing to maintain it
for you or does another one you're fine with.
● Start to run it on your laptops then servers long
before you ship it. One more reason for distro
kernels!
● Test as often as possible and report breakage