Operating system distributors often face challenges that are somewhat different from that of upstream kernel developers. For instance, some kernel updates often need to stay at least binary compatible with modules that might be “out of tree” for some time.
In that context, being able to automatically detect and analyze changes to the binary interface exposed by the kernel to its module does have some noticeable value.
The Libabigail framework is capable of analyzing ELF binaries along with their accompanying debug info in the DWARF format, detect and report changes in types, functions, variables and ELF symbols. It has historically supported that for user space shared libraries and application so we worked to make it understand the Linux kernel
binaries.
In this presentation, we are going to present the current support of ABI analysis for Linux Kernel binaries, the challenges we face, how we address them and the plans we have for the future.
Dodji Seketeli, Jessica Yu, Matthias Männich
Kernel Recipes 2019 - Metrics are moneyAnne Nicolas
In I.T. we all use all kinds of metrics. Operations teams rely heavily on these, especially when things go south. These metrics are sometimes overrated. Let’s dive into a few real life stories together.
Aurélien Rougemont
Kernel Recipes 2019 - Kernel documentation: past, present, and futureAnne Nicolas
The Linux kernel project includes a huge amount of documentation, but that information has seen little in the way of care over the
years. The amount of care has increased significantly recently, though, and things are improving quickly. Listen as the kernel’s documentation maintainer discusses the current state of the kernel’s docs, how we got here, where we’re trying to go, and how you can help.
Jonathan Corbet
Embedded Recipes 2019 - Testing firmware the devops wayAnne Nicolas
ITRenew is selling recertified OCP servers under the Sesame brand, those servers come either with their original UEFI BIOS or with LinuxBoot. The LinuxBoot project is pushing the Linux kernel inside bios flash and using userland programs as bootloader.
To achieve quality on our software stack, as any project, we need to test it. Traditional BIOS are tested by hand, this is 2019 we need to do it automatically! We already presented the hardware setup behind the LinuxBoot CI, this talk will focus on the software.
We use u-root for our userland bootloader; this software is written in Go so we naturally choose to use Go for our testing too. We will present how we are using and extending the Go native test framework `go test` for testing embedded systems (serial console) and improving the report format for integration to a CI.
Julien Viard de Galbert
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all startedAnne Nicolas
Ftrace’s most powerful feature is the function tracer (and function graph tracer which is built from it). But to have this enabled on production systems, it had to have its overhead be negligible when disabled. As the function tracer uses gcc’s profiling mechanism, which adds a call to “mcount” (or more recently fentry, don’t worry if you don’t know what this is, it will all be explained) at the start of almost all functions, it had to do something about the overhead that causes. The solution was to turn those calls into “nops” (an instruction that the CPU simply ignores). But this was no easy feat. It took a lot to come up with a solution (and also turning a few network cards into bricks). This talk will explain the history of how ftrace came about implementing the function tracer, and brought with it the possibility of static branches and soon static calls!
Steven Rostedt
Kernel Recipes 2014 - NDIV: a low overhead network traffic diverterAnne Nicolas
NDIV is a young, very simple, yet efficient network traffic diverter. Its purpose is to help build network applications that intercept packets at line rate with a very low processing overhead. A first example application is a stateless HTTP server reaching line rate on all packet sizes.
Willy Tarreau, HaproxyTech
Kernel Recipes 2019 - Metrics are moneyAnne Nicolas
In I.T. we all use all kinds of metrics. Operations teams rely heavily on these, especially when things go south. These metrics are sometimes overrated. Let’s dive into a few real life stories together.
Aurélien Rougemont
Kernel Recipes 2019 - Kernel documentation: past, present, and futureAnne Nicolas
The Linux kernel project includes a huge amount of documentation, but that information has seen little in the way of care over the
years. The amount of care has increased significantly recently, though, and things are improving quickly. Listen as the kernel’s documentation maintainer discusses the current state of the kernel’s docs, how we got here, where we’re trying to go, and how you can help.
Jonathan Corbet
Embedded Recipes 2019 - Testing firmware the devops wayAnne Nicolas
ITRenew is selling recertified OCP servers under the Sesame brand, those servers come either with their original UEFI BIOS or with LinuxBoot. The LinuxBoot project is pushing the Linux kernel inside bios flash and using userland programs as bootloader.
To achieve quality on our software stack, as any project, we need to test it. Traditional BIOS are tested by hand, this is 2019 we need to do it automatically! We already presented the hardware setup behind the LinuxBoot CI, this talk will focus on the software.
We use u-root for our userland bootloader; this software is written in Go so we naturally choose to use Go for our testing too. We will present how we are using and extending the Go native test framework `go test` for testing embedded systems (serial console) and improving the report format for integration to a CI.
Julien Viard de Galbert
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all startedAnne Nicolas
Ftrace’s most powerful feature is the function tracer (and function graph tracer which is built from it). But to have this enabled on production systems, it had to have its overhead be negligible when disabled. As the function tracer uses gcc’s profiling mechanism, which adds a call to “mcount” (or more recently fentry, don’t worry if you don’t know what this is, it will all be explained) at the start of almost all functions, it had to do something about the overhead that causes. The solution was to turn those calls into “nops” (an instruction that the CPU simply ignores). But this was no easy feat. It took a lot to come up with a solution (and also turning a few network cards into bricks). This talk will explain the history of how ftrace came about implementing the function tracer, and brought with it the possibility of static branches and soon static calls!
Steven Rostedt
Kernel Recipes 2014 - NDIV: a low overhead network traffic diverterAnne Nicolas
NDIV is a young, very simple, yet efficient network traffic diverter. Its purpose is to help build network applications that intercept packets at line rate with a very low processing overhead. A first example application is a stateless HTTP server reaching line rate on all packet sizes.
Willy Tarreau, HaproxyTech
Troubleshooting Tips from a Docker Support EngineerJeff Anderson
Troubleshooting is like going on an adventure. Here are some tips for how to tackle unexpected situations when using Docker.
These cases were pulled from the most common issues encountered while helping folks in the Docker community solve issues.
This talk is all about the Berkeley Packet Filters (BPF) and their uses in Linux.
Agenda:
* What is a BPF and why do we need it?
* Writing custom BPFs
* Notes on BPF implementation in the kernel
* Usage examples: SOCKET_FILTER & seccomp
Speaker:
Kfir Gollan, senior embedded software developer, Linux kernel hacker and software team leader.
A Kernel of Truth: Intrusion Detection and Attestation with eBPFoholiab
"Attestation is hard" is something you might hear from security researchers tracking nation states and APTs, but it's actually pretty true for most network-connected systems!
Modern deployment methodologies mean that disparate teams create workloads for shared worker-hosts (ranging from Jenkins to Kubernetes and all the other orchestrators and CI tools in-between), meaning that at any given moment your hosts could be running any one of a number of services, connecting to who-knows-what on the internet.
So when your network-based intrusion detection system (IDS) opaquely declares that one of these machines has made an "anomalous" network connection, how do you even determine if it's business as usual? Sure you can log on to the host to try and figure it out, but (in case you hadn't noticed) computers are pretty fast these days, and once the connection is closed it might as well not have happened... Assuming it wasn't actually a reverse shell...
At Yelp we turned to the Linux kernel to tell us whodunit! Utilizing the Linux kernel's eBPF subsystem - an in-kernel VM with syscall hooking capabilities - we're able to aggregate metadata about the calling process tree for any internet-bound TCP connection by filtering IPs and ports in-kernel and enriching with process tree information in userland. The result is "pidtree-bcc": a supplementary IDS. Now whenever there's an alert for a suspicious connection, we just search for it in our SIEM (spoiler alert: it's nearly always an engineer doing something "innovative")! And the cherry on top? It's stupid fast with negligible overhead, creating a much higher signal-to-noise ratio than the kernels firehose-like audit subsystems.
This talk will look at how you can tune the signal-to-noise ratio of your IDS by making it reflect your business logic and common usage patterns, get more work done by reducing MTTR for false positives, use eBPF and the kernel to do all the hard work for you, accidentally load test your new IDS by not filtering all RFC-1918 addresses, and abuse Docker to get to production ASAP!
As well as looking at some of the technologies that the kernel puts at your disposal, this talk will also tell pidtree-bcc's road from hackathon project to production system and how focus on demonstrating business value early on allowed the organization to give us buy-in to build and deploy a brand new project from scratch.
Nadav Markus goes over the path from a simple crash POC provided by Google Project Zero (for CVE-2015-7547), to a fully weaponized exploit.
He explores how an attacker can utilize the behavior of the Linux kernel in order to bypass ASLR, allowing an attacker to remotely execute code on vulnerable targets.
In this talk Jiří Pírko discusses the design and evolution of the VLAN implementation in Linux, the challenges and pitfalls as well as hardware acceleration and alternative implementations.
Jiří Pírko is a major contributor to kernel networking and the creator of libteam for link aggregation.
Kernel Recipes 2013 - Deciphering OopsiesAnne Nicolas
The Linux kernel is a very complex beast living in millions of households and data centers around the world. Normally, you’re not supposed to notice its presence but when it gets cranky because of something not suiting it, it spits crazy messages called colloquially
oopses and panics.
In this talk, we’re going to try to understand how to read those messages in order to be able to address its complaints so that it can get back to work for us.
Have you ever heard of FreeBSD? Probably.
Have you ever interacted with its kernel? Probably not.
In this talk, Gili Yankovitch (nyxsecuritysolutions.com) will talk about the FreeBSD operating system, its network stack and how to write network drivers for it.
The talk will cover the following topics:
* Kernel/User interation in FreeBSD
* The FreeBSD Network Stack
* Network Buffers API
* L2 and L3 Hooking
DPDK (Data Plane Development Kit) Overview by Rami Rosen
* Background and short history
* Advantages and disadvantages
- Very High speed networking acceleration in L2
- How this acceleration is achieved (hugepages, optimizations)
- rte_kni (and KCP)
- VPP (and FD.io project) , providing routing and switching.
- TLDK (Transport Layer Development Kit, TCP/UDP)
* Anatomy of a simple DPDK application.
* Development and governance model
* Testpmd: DPDK CLI tool
* DDP - Dynamic Device Profiles
Rami Rosen is a Linux Kernel expert, the author of "Linux Kernel Networking", Apress, 2014.
Rami had published two articles about DPDK in the last year:
"Network acceleration with DPDK"
https://lwn.net/Articles/725254/
"Userspace Networking with DPDK"
https://www.linuxjournal.com/content/userspace-networking-dpdk
Kernel Recipes 2015 - So you want to write a Linux driver frameworkAnne Nicolas
Writing a new driver framework in Linux is hard. There are many pitfalls along the way; this talk hopes to point out some of those pitfalls and hard lessons learned through examples, advice and humorous anecdotes in the hope that it will aid those adventurous enough to take on the task of writing a new driver framework. The scope of the talk includes internal framework design as well as external API design exposed to drivers and consumers of the framework. This presentation pulls directly from the Michael Turquette’s experience authoring the Common Clock
Framework and maintaining that code for the last four years.
Additionally Mike has solicited tips and advice from other subsystem maintainers, for a well-rounded overview. Be prepared to learn some winning design patterns and hear some embarrassing stories of framework design gone wrong.
Mike Turquette, BayLibre
netfilter is a framework provided by the Linux kernel that allows various networking-related operations to be implemented in the form of customized handlers.
iptables is a user-space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall (implemented as different netfilter modules) and the chains and rules it stores.
Many systems use iptables/netfilter, Linux's native packet filtering/mangling framework since Linux 2.4, be it home routers or sophisticated cloud network stacks.
In this session, we will talk about the netfilter framework and its facilities, explain how basic filtering and mangling use-cases are implemented using iptables, and introduce some less common but powerful extensions of iptables.
Shmulik Ladkani, Chief Architect at Nsof Networks.
Long time network veteran and kernel geek.
Shmulik started his career at Jungo (acquired by NDS/Cisco) implementing residential gateway software, focusing on embedded Linux, Linux kernel, networking and hardware/software integration.
Some billions of forwarded packets later, Shmulik left his position as Jungo's lead architect and joined Ravello Systems (acquired by Oracle) as tech lead, developing a virtual data center as a cloud-based service, focusing around virtualization systems, network virtualization and SDN.
Recently he co-founded Nsof Networks, where he's been busy architecting network infrastructure as a cloud-based service, gazing at internet routes in astonishment, and playing the chkuku.
Not breaking userspace: the evolving Linux ABIAlison Chaiken
Don't break userspace" is famously one of the core tenets of Linux kernel development. The rule makes it possible for distros to upgrade the kernel independently of userspace applications. But what does the phrase actually mean in 2022? What portions of the kernel's interface are guaranteed stable and are safe for applications to rely on?
Kernel contributors try to make only backward-compatible changes to the procfs and sysfs filesystems. These virtual filesystems (VFS) constitute the primary applications binary interface (ABI). System calls in a C library like glibc send commands to and receive information from the kernel via the VFS. Linux userspace applications can then rely on the syscalls to interact with the OS or access the VFS directly.
Linux OS's have many artifacts besides procfs and sysfs, however. Which of them are part of the stable ABI? The kernel's documentation calls out the fact that kernel configuration parameters are not stable, but what about devicetree formats, the dmesg log, the BPF validator interface, /dev files, kernel command-line parameters, tracepoints and filesystem metadata? Changes to not explicitly stable parameters have often been the source of controversy.
The difficulty of adding features and fixing bugs without changing the stable ABI is universal in software development. Sometimes there is a stark choice between implementing an upstream fix and "breaking" the library's users. When inevitably the kernel ABI is modified for bug fixes, C-library developers try to balance support for the changes with customer stability expectations. For example, a recent fork of libpthread with an ABI break was created by the realtime Linux community in order to fix problems in time-critical systems like robotics. In 2021, the kernel added a "printk indexing" feature that will make it easier for applications to parse error messages in the dmesg log. The presentation should equip attendees to better understand the Linux ABI and feel better prepared to deal with changes to them that affect their own projects.
Kernel Recipes 2016 - Would an ABI changes visualization tool be useful to Li...Anne Nicolas
Libabigail is a new infrastructure for semantic analysis of ELF binaries containing C or C++ programs that has emerged lately. It powers command line tools like ‘abidiff’, which let users compare ABI changes between two different versions of a given ELF binary by analyzing just the binary and its ancillary debug information.
The result of the binary comparison is a kind of hierarchical ‘diff’ which shows changes up to the types of the interfaces that constitute the ABI of an ELF program.
This interactive talk intents to spark discussions around the idea of having a libabigail-based tool specifically targeted to comparing the ABI of two Linux Kernel binary trees and how it could be useful to maintainers of the stable kernel tree. The main goal of such a tool would be to show the ABI differences between two kernels, in terms of which function or variable — part of the ABI exposed by the kernel to its modules — changed and what the details of the changes are.
This interactive talk will present what libabigail and its associated tools can do today, and how the library can be used to build an hypothetical “kabidiff” new tool. Discussions are going to be very welcome so please make sure to attend.
Dodji Seketeli, Red Hat
Troubleshooting Tips from a Docker Support EngineerJeff Anderson
Troubleshooting is like going on an adventure. Here are some tips for how to tackle unexpected situations when using Docker.
These cases were pulled from the most common issues encountered while helping folks in the Docker community solve issues.
This talk is all about the Berkeley Packet Filters (BPF) and their uses in Linux.
Agenda:
* What is a BPF and why do we need it?
* Writing custom BPFs
* Notes on BPF implementation in the kernel
* Usage examples: SOCKET_FILTER & seccomp
Speaker:
Kfir Gollan, senior embedded software developer, Linux kernel hacker and software team leader.
A Kernel of Truth: Intrusion Detection and Attestation with eBPFoholiab
"Attestation is hard" is something you might hear from security researchers tracking nation states and APTs, but it's actually pretty true for most network-connected systems!
Modern deployment methodologies mean that disparate teams create workloads for shared worker-hosts (ranging from Jenkins to Kubernetes and all the other orchestrators and CI tools in-between), meaning that at any given moment your hosts could be running any one of a number of services, connecting to who-knows-what on the internet.
So when your network-based intrusion detection system (IDS) opaquely declares that one of these machines has made an "anomalous" network connection, how do you even determine if it's business as usual? Sure you can log on to the host to try and figure it out, but (in case you hadn't noticed) computers are pretty fast these days, and once the connection is closed it might as well not have happened... Assuming it wasn't actually a reverse shell...
At Yelp we turned to the Linux kernel to tell us whodunit! Utilizing the Linux kernel's eBPF subsystem - an in-kernel VM with syscall hooking capabilities - we're able to aggregate metadata about the calling process tree for any internet-bound TCP connection by filtering IPs and ports in-kernel and enriching with process tree information in userland. The result is "pidtree-bcc": a supplementary IDS. Now whenever there's an alert for a suspicious connection, we just search for it in our SIEM (spoiler alert: it's nearly always an engineer doing something "innovative")! And the cherry on top? It's stupid fast with negligible overhead, creating a much higher signal-to-noise ratio than the kernels firehose-like audit subsystems.
This talk will look at how you can tune the signal-to-noise ratio of your IDS by making it reflect your business logic and common usage patterns, get more work done by reducing MTTR for false positives, use eBPF and the kernel to do all the hard work for you, accidentally load test your new IDS by not filtering all RFC-1918 addresses, and abuse Docker to get to production ASAP!
As well as looking at some of the technologies that the kernel puts at your disposal, this talk will also tell pidtree-bcc's road from hackathon project to production system and how focus on demonstrating business value early on allowed the organization to give us buy-in to build and deploy a brand new project from scratch.
Nadav Markus goes over the path from a simple crash POC provided by Google Project Zero (for CVE-2015-7547), to a fully weaponized exploit.
He explores how an attacker can utilize the behavior of the Linux kernel in order to bypass ASLR, allowing an attacker to remotely execute code on vulnerable targets.
In this talk Jiří Pírko discusses the design and evolution of the VLAN implementation in Linux, the challenges and pitfalls as well as hardware acceleration and alternative implementations.
Jiří Pírko is a major contributor to kernel networking and the creator of libteam for link aggregation.
Kernel Recipes 2013 - Deciphering OopsiesAnne Nicolas
The Linux kernel is a very complex beast living in millions of households and data centers around the world. Normally, you’re not supposed to notice its presence but when it gets cranky because of something not suiting it, it spits crazy messages called colloquially
oopses and panics.
In this talk, we’re going to try to understand how to read those messages in order to be able to address its complaints so that it can get back to work for us.
Have you ever heard of FreeBSD? Probably.
Have you ever interacted with its kernel? Probably not.
In this talk, Gili Yankovitch (nyxsecuritysolutions.com) will talk about the FreeBSD operating system, its network stack and how to write network drivers for it.
The talk will cover the following topics:
* Kernel/User interation in FreeBSD
* The FreeBSD Network Stack
* Network Buffers API
* L2 and L3 Hooking
DPDK (Data Plane Development Kit) Overview by Rami Rosen
* Background and short history
* Advantages and disadvantages
- Very High speed networking acceleration in L2
- How this acceleration is achieved (hugepages, optimizations)
- rte_kni (and KCP)
- VPP (and FD.io project) , providing routing and switching.
- TLDK (Transport Layer Development Kit, TCP/UDP)
* Anatomy of a simple DPDK application.
* Development and governance model
* Testpmd: DPDK CLI tool
* DDP - Dynamic Device Profiles
Rami Rosen is a Linux Kernel expert, the author of "Linux Kernel Networking", Apress, 2014.
Rami had published two articles about DPDK in the last year:
"Network acceleration with DPDK"
https://lwn.net/Articles/725254/
"Userspace Networking with DPDK"
https://www.linuxjournal.com/content/userspace-networking-dpdk
Kernel Recipes 2015 - So you want to write a Linux driver frameworkAnne Nicolas
Writing a new driver framework in Linux is hard. There are many pitfalls along the way; this talk hopes to point out some of those pitfalls and hard lessons learned through examples, advice and humorous anecdotes in the hope that it will aid those adventurous enough to take on the task of writing a new driver framework. The scope of the talk includes internal framework design as well as external API design exposed to drivers and consumers of the framework. This presentation pulls directly from the Michael Turquette’s experience authoring the Common Clock
Framework and maintaining that code for the last four years.
Additionally Mike has solicited tips and advice from other subsystem maintainers, for a well-rounded overview. Be prepared to learn some winning design patterns and hear some embarrassing stories of framework design gone wrong.
Mike Turquette, BayLibre
netfilter is a framework provided by the Linux kernel that allows various networking-related operations to be implemented in the form of customized handlers.
iptables is a user-space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall (implemented as different netfilter modules) and the chains and rules it stores.
Many systems use iptables/netfilter, Linux's native packet filtering/mangling framework since Linux 2.4, be it home routers or sophisticated cloud network stacks.
In this session, we will talk about the netfilter framework and its facilities, explain how basic filtering and mangling use-cases are implemented using iptables, and introduce some less common but powerful extensions of iptables.
Shmulik Ladkani, Chief Architect at Nsof Networks.
Long time network veteran and kernel geek.
Shmulik started his career at Jungo (acquired by NDS/Cisco) implementing residential gateway software, focusing on embedded Linux, Linux kernel, networking and hardware/software integration.
Some billions of forwarded packets later, Shmulik left his position as Jungo's lead architect and joined Ravello Systems (acquired by Oracle) as tech lead, developing a virtual data center as a cloud-based service, focusing around virtualization systems, network virtualization and SDN.
Recently he co-founded Nsof Networks, where he's been busy architecting network infrastructure as a cloud-based service, gazing at internet routes in astonishment, and playing the chkuku.
Not breaking userspace: the evolving Linux ABIAlison Chaiken
Don't break userspace" is famously one of the core tenets of Linux kernel development. The rule makes it possible for distros to upgrade the kernel independently of userspace applications. But what does the phrase actually mean in 2022? What portions of the kernel's interface are guaranteed stable and are safe for applications to rely on?
Kernel contributors try to make only backward-compatible changes to the procfs and sysfs filesystems. These virtual filesystems (VFS) constitute the primary applications binary interface (ABI). System calls in a C library like glibc send commands to and receive information from the kernel via the VFS. Linux userspace applications can then rely on the syscalls to interact with the OS or access the VFS directly.
Linux OS's have many artifacts besides procfs and sysfs, however. Which of them are part of the stable ABI? The kernel's documentation calls out the fact that kernel configuration parameters are not stable, but what about devicetree formats, the dmesg log, the BPF validator interface, /dev files, kernel command-line parameters, tracepoints and filesystem metadata? Changes to not explicitly stable parameters have often been the source of controversy.
The difficulty of adding features and fixing bugs without changing the stable ABI is universal in software development. Sometimes there is a stark choice between implementing an upstream fix and "breaking" the library's users. When inevitably the kernel ABI is modified for bug fixes, C-library developers try to balance support for the changes with customer stability expectations. For example, a recent fork of libpthread with an ABI break was created by the realtime Linux community in order to fix problems in time-critical systems like robotics. In 2021, the kernel added a "printk indexing" feature that will make it easier for applications to parse error messages in the dmesg log. The presentation should equip attendees to better understand the Linux ABI and feel better prepared to deal with changes to them that affect their own projects.
Kernel Recipes 2016 - Would an ABI changes visualization tool be useful to Li...Anne Nicolas
Libabigail is a new infrastructure for semantic analysis of ELF binaries containing C or C++ programs that has emerged lately. It powers command line tools like ‘abidiff’, which let users compare ABI changes between two different versions of a given ELF binary by analyzing just the binary and its ancillary debug information.
The result of the binary comparison is a kind of hierarchical ‘diff’ which shows changes up to the types of the interfaces that constitute the ABI of an ELF program.
This interactive talk intents to spark discussions around the idea of having a libabigail-based tool specifically targeted to comparing the ABI of two Linux Kernel binary trees and how it could be useful to maintainers of the stable kernel tree. The main goal of such a tool would be to show the ABI differences between two kernels, in terms of which function or variable — part of the ABI exposed by the kernel to its modules — changed and what the details of the changes are.
This interactive talk will present what libabigail and its associated tools can do today, and how the library can be used to build an hypothetical “kabidiff” new tool. Discussions are going to be very welcome so please make sure to attend.
Dodji Seketeli, Red Hat
This PPT File helps IT freshers with the Basic Interview Questions, which will boost there confidence before going to the Interview. For more details and Interview Questions please log in www.rekruitin.com and click on Job Seeker tools. Also register on the and get employed.
By ReKruiTIn.com
CS266 Software Reverse Engineering (SRE)
Reengineering and Reuse of Legacy Software
Teodoro (Ted) Cipresso, teodoro.cipresso@sjsu.edu
Department of Computer Science
San José State University
Spring 2015
C++ (pronounced "see plus plus") is a computer programming language based on C. It was created for writing programs for many different purposes. In the 1990s, C++ became one of the most used programming languages in the world.
The C++ programming language was developed by Bjarne Stroustrup at Bell Labs in the 1980s, and was originally named "C with classes". The language was planned as an improvement on the C programming language, adding features based on object-oriented programming. Step by step, a lot of advanced features were added to the language, like operator overloading, exception handling and templates.
LAS16-501: Introduction to LLVM - Projects, Components, Integration, InternalsLinaro
LAS16-501: Introduction to LLVM - Projects, Components, Integration, Internals
Speakers: Renato Golin
Date: September 30, 2016
★ Session Description ★
Deep dive into LLVM internals, middle/back-ends, libraries, sanitizers, linker, debugger and overall compilation process. The focus is to show how LLVM works under the hood, which is useful for GCC compiler engineers getting into LLVM development, as well as for other engineers to learn more about parts of the toolchain they’re not familiar with. This presentation also touches on frequent LLVM-specific errors, so GCC users may find useful, if they’re moving to LLVM.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-501
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-501/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
Similar to Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by the Kernel to its modules (20)
Kernel Recipes 2019 - Driving the industry toward upstream firstAnne Nicolas
Wanting to avoid the Android experience, Google developers always aimed to make their Chrome OS Linux kernels as close to mainline as possible. However, when Chromebooks were first created, Google was left with no choice, the mainline kernel, in some subsystems, still did not have all the functionalities needed by Chromebooks. Hence, similarly to Android, Chrome OS had to develop their own out-of-tree code for the kernel and maintain that for a few different kernel versions.
Luckily, over the last few years a strong and consistent effort has been happening to bring Chromebook devices closer to mainline. It has led to significant improvements that now make it possible to run mainline on Chrome OS devices. And not only Chromebooks, as these significant strides are also improving Arm-based SOCs and other key components of the rich Chromebook hardware ecosystem. In this talk, we will look at how and why upstream support for Chromebooks improved, the current status of various models, and what we expect in the future.
Enric Balletbò i Serra
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMIAnne Nicolas
As the name would suggest, a Non-Maskable Interrupt (NMI) is an interrupt-like feature that is unaffected by the disabling of classic interrupts. In Linux, NMIs are involved in some features such as performance event monitoring, hard-lockup detector, on demand state dumping, etc… Their potential to fire when least expected can fill the most seasoned kernel hackers with dread.
AArch64 (aka arm64 in the Linux tree) does not provide architected NMIs, a consequence being that features benefiting from NMIs see their use limited on AArch64. However, the Arm Generic Interrupt Controller (GIC) supports interrupt prioritization and masking, which, among other things, provides a way to control whether or not a set of interrupts can be signaled to a CPU.
This talk will cover how, using the GIC interrupt priorities, we provide a way to configure some interrupts to behave in an NMI-like manner on AArch64. We’ll discuss the implementation, some of the complications that ensued and also some of the benefits obtained from it.
Julien Thierry
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernelAnne Nicolas
At a rate of almost 9 changes per hour (24/7), the Linux kernel is definitely a scary beast. Bugs are introduced on a daily basis and, through the use of multiple code analyzers, *some* of them are detected and fixed before they hit mainline. Over the course of the last few years, Gustavo has been fixing such bugs and many different issues in every corner of the Linux kernel. Recently, he was in charge of leading the efforts to globally enable -Wimplicit-fallthrough; which appears by default in Linux v5.3. This presentation is a report on all the stuff Gustavo has found and fixed in the kernel with the support of the Core Infrastructure Initiative.
Gustavo A.R. Silva
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...Anne Nicolas
Modern SoC designs incorporate technologies from numerous vendors, each with their own inconsistent, confusing, undocumented and even contradictory terminology. The result is a mess of acronyms and product names which have a surprising impact on the ability to develop reusable, modular code thanks to the nature of the underlying IP being obscured.
This presentation will dive into some of the misnomers plaguing the Arm ecosystem, with the aim of explaining why things are like they are, how they fit together under the architectural umbrella and how you, as a developer, can decipher the baffling ingredients list of your next SoC design!
Will Deacon
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary dataAnne Nicolas
GNU poke is a new interactive editor for binary data. Not limited to editing basic ntities such as bits and bytes, it provides a full-fledged procedural, interactive programming language designed to describe data structures and to operate on them. Once a user has defined a structure for binary data (usually matching some file format) she can search, inspect, create, shuffle and modify abstract entities such as ELF relocations, MP3 tags, DWARF expressions, partition table entries, and so on, with primitives resembling simple editing of bits and bytes. The program comes with a library of already written descriptions (or “pickles” in poke parlance) for many binary formats.
GNU poke is useful in many domains. It is very well suited to aid in the development of programs that operate on binary files, such as assemblers and linkers. This was in fact the primary inspiration that brought me to write it: easily injecting flaws into ELF files in order to reproduce toolchain bugs. Also, due to its flexibility, poke is also very useful for reverse engineering, where the real structure of the data being edited is discovered by experiment, interactively. It is also good for the fast development of prototypes for programs like linkers, compressors or filters, and it provides a convenient foundation to write other utilities such as diff and patch tools for binary files.
This talk (unlike Gaul) is divided into four parts. First I will introduce the program and show what it does: from simple bits/bytes editing to user-defined structures. Then I will show some of the internals, and how poke is implemented. The third block will cover the way of using Poke to describe user data, which is to say the art of writing “pickles”. The presentation ends with a status of the project, a call for hackers, and a hint at future works.
Jose E. Marchesi
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and BareboxAnne Nicolas
Different upgrade and update strategies exist when it comes to embedded Linux system. If at development time none of these strategies have been chosen, adding them afterwards can be tedious task.
Even harder it gets when the system is already deployed in the field and only accessible via a 3G connection.
This talk is a developer experience of putting in place exactly that. Giving a return of experience on one way of doing it on a system running Barebox and a Yocto-based distribution.
Patrick Boettcher
Embedded Recipes 2019 - Making embedded graphics less specialAnne Nicolas
Traditionally graphics drivers were one of the last hold-outs of proprietary software in an embedded Linux system. This situation is changing with open-source graphics drivers showing up for almost all of the graphics acceleration peripherals on the market right now. This talk will show how open-source graphics drivers are making embedded systems less special, as well as trying to provide an overview of the Linux graphics stack, de-mystifying what is often seen as black magic GPU stuff from outside observers.
Lucas Stach
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre SiliconAnne Nicolas
This talk will explore Open Source Hardware projects relevant to Linux, including boards like BeagleBone, Olimex OLinuXino, Giant board and more. Looking at the benefits and challenges of designing Open Source Hardware for a Linux system, along with BeagleBoard.org’s experience of working with community, manufacturers, and distributors to create an Open Source Hardware platform. In closing also looking at the future, Libre Silicon like RISC-V designs, and where this might take Linux.
Drew Fustini
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) pictureAnne Nicolas
The I2C subsystem is not the shiniest part of the Linux Kernel. For embedded devices, though, it is one of the many puzzle pieces which just have to work. Wolfram Sang has the experience of maintaining this subsystem for nearly 7 years now. This talk gives a short overview of how maintaining works in general and specifically in this subsystem. But mainly, it will highlight noteworthy points in the timeline and lessons learnt from that. It will present trends, not so much regarding I2C but more the Linux Kernel and the embedded ecosystem in general. And of course, there will be plenty of anecdotes and bits from behind the scenes for your entertainment.
Wolfram Sang
Embedded Recipes 2019 - Herd your socs become a matchmakerAnne Nicolas
About 60% of the Linux kernel source tree is devoted to drivers for a large variety of supported hardware components. Especially in the embedded world, the number of different SoC families, versions, and revisions, integrating a myriad of “IP cores”, keeps on growing.
In this presentation, Geert will explain how to match drivers against hardware, and how to support a wide variety of (dis)similar devices, without turning platform and driver code into an entangled bowl of spaghetti.tra
Starting with a brief history of driver matching in Linux, he will fast-forward to device-tree based matching. He will discuss ways to handle slight variations of the same hardware devices, and different SoC revisions, each with their own quirks and bugs. Finally, Geert will show best practices for evolving device drivers in a maintainable way, based on his experiences as an embedded Linux kernel developer and maintainer.
Geert Uytterhoeven
Embedded Recipes 2019 - LLVM / Clang integrationAnne Nicolas
Buildroot is a popular and easy to use embedded Linux build system. It generates, in few minutes, lightweight and customized Linux systems, including the cross-compilation toolchain, kernel and bootloader images, as well as a wide variety of userspace libraries and programs.
This talk is about the integration of LLVM/clang into Buildroot.
In 2018, Valentin Korenblit, supervised by Romain Naour, worked on this topic during his internship at Smile ECS. After a short introduction about llvm/clang and Buildroot, this talk will go through the numerous issues discovered while adding llvm/clang componants and how these issues were fixed. Romain will also detail the work in progress and the work to be done based on llvm/clang libraries (OpenCL, Compiler-rt, BCC. Chromium, ldd).
Romain Naour
Embedded Recipes 2019 - Introduction to JTAG debuggingAnne Nicolas
This talk introduces JTAG debugging capabilities, both for debugging hardware and software. Marek first explains what the JTAG stands for and explains the operation of the JTAG state machine. This is followed by an introduction to free software JTAG tools, OpenOCD and urJTAG. Marek shortly explains how to debug software using those tools and how that ties into the JTAG state machine. However, JTAG was designed for testing hardware. Marek explains what boundary scan testing (BST) is, what are BSDL files and their format, and practically demonstrates how to blink an LED using BST and only free software tools.
Marek Vasut
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimediaAnne Nicolas
PipeWire is an open source project that aims to greatly improve audio and video handling under Linux. Utilising a fresh design, it bridges use cases that have been previously addressed by different tools – or not addressed at all -, providing ground for building complex, yet secure and efficient, multimedia systems.
In this talk, Julien is going to present the PipeWire project and the concepts that make up its design. In addition, he is going to give an update of the current and future work going on around PipeWire, both upstream and in Automotive Grade Linux, an early adopter that Julien is actively working on.
Julian Bouzas
Kernel Recipes 2019 - Suricata and XDPAnne Nicolas
Suricata is a network threat detection engine using network packets capture to reconstruct the traffic till the application layer and find threats on the network using rules that define behavior to detect. This task is really CPU intensive and discarding non interesting traffic is a solution to enable a scaling of Suricata to 40gbps and other.
This talk will present the latest evolution of Suricata that knows uses eBPF and XDP to bypass traffic. Suricata 5.0 is supporting the hardware XDP to provide ypass with network card such as Netronome. It also takes advantage of pinned maps to get persistance of the bypassed flows. This talk will cover the different usage of XDP and eBPF in Suricata and shows how it impact performance and usability. If development time permit, the talk will also cover AF_XDP and the impact on this new capture method on Suricata.
Eric Leblond
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)Anne Nicolas
System memory configuration is a transparent operation nowadays, something that we all came to expect to just work out of the box. Still, it does happen behind the scenes every single time we boot our computers. This requires the cooperation of hardware components on the mainboard and on memory modules themselves, as well as firmware code to drive these. While it is possible to just let it happen, having a deeper understanding of how it works makes it possible to access valuable information from the operating system at run-time.
I will take you through the history of system memory configuration from the mid 70s to now. We will explore the different types of memory modules, how their configuration data is stored and how the firmware can access them. We will see which problems had to be solved along the way and how they were solved. Lastly we will see how Linux supports reading the memory configuration information and what you can do with that information.
Jean Delvare
Kernel Recipes 2019 - Formal modeling made easyAnne Nicolas
Modeling parts of Linux has become a recurring topic. For instance, the memory model, the model for PREEMPT_RT synchronization, and so on. But the term "formal model" causes panic for most of the developers. Mainly because of the complex notations and reasoning that involves formal languages. It seems to be a very theoretical thing, far from our day-by-day reality.
Believe me. Modeling can be more practical than you might guess!
This talk will discuss the challenges and benefits of modeling, based on the experience of developing the PREEMPT_RT model. It will present a methodology for modeling the Linux behavior as Finite-State Machines (automata), using terms that are very known by kernel developers: tracing events! With the particular focus on how to use models for the formal verification of Linux kernel, at runtime, with low overhead, and in many cases, without even modifying Linux kernel!
Daniel Bristot de Oliveira
Kernel Recipes 2019 - CVEs are dead, long live the CVE!Anne Nicolas
For the Linux kernel, CVEs do not work at all given the rate of fixes being applied and rapidly backported and pushed to users through a huge variety of different ways. The average “request to fix” date for Linux CVEs is -100 days, showing that either no one cares about CVEs for Linux, or engineers are using them to game their internal release processes, or no one happens to notice when the kernel developers resolve an issue, or all of the above. This talk will go into the problems with CVEs when it comes to a fast moving project like Linux, and show the decentralized solution that we have been using for the past 14 years instead. All other open source projects are encouraged to use these same methods to help resolve the problems that CVEs have.
Kernel Recipes 2019 - XDP closer integration with network stackAnne Nicolas
XDP (eXpress Data Path) is the new programmable in-kernel fast-path, which is placed as a layer before the existing Linux kernel network stack (netstack).
We claim XDP is not kernel-bypass, as it is a layer before and it can easily fall-through to netstack. Reality is that it can easily be (ab)used to create a kernel-bypass situation, where non of the kernel facilities are used (in form of BPF-helpers and in-kernel tables). The main disadvantage with kernel-bypass, is the need to re-implement everything, even basic building blocks, like routing tables and ARP protocol handling.
It is part of the concept and speed gain, that XDP allows users to avoid calling part of the kernel code. Users have the freedom to do kernel-bypass and re-implement everything, but the kernel should provide access to more in-kernel tables, via BPF-helpers, such that users can leverage other parts of the Open Source ecosystem, like router daemons etc.
This talk is about how XDP can work in-concert with netstack, and proposal on how we can take this even-further. Crazy ideas like using XDP frames to move SKB allocation out of driver code, will also be proposed.
Kernel Recipes 2019 - Kernel hacking behind closed doorsAnne Nicolas
The recent hardware security vulnerabilites exposed the kernel community to unprecedented restrictions and bureaucrazy. Pure software bugs which only affect the Linux kernel are a completely different category and the kernel community has established and well working ways to handle them.
Hardware issues like Meltdown, Spectre, L1TF etc. must be treated differently because they usually affect all Operating Systems and therefore need coordination across different OS vendors, distributions, hardware vendors and other parties. For some of the issues, software mitigations can depend on microcode or firmware updates, which need further coordination.
Meltdown/Spectre hit all affected parties completely unprepared, which was nicely reflected in the resulting chaos all over the place. With that experience the kernel community started to push for workable scenarios to handle these kind of issues as it was entirely clear to everyone that this was just the start and the tip of the iceberg.
This talk will take a look at the difference between hardware and software vulnerabilities, gives insight into the events surrounding Meltdown/Spectre and explains how the later issues, e.g. L1TF, have been dealt with. It also looks at the approach the kernel community has taken to further reduce the annoyance for future issues of that kind
Kernel Recipes 2019 - Faster IO through io_uringAnne Nicolas
Since the dawn of time, Linux has had to make do with inferior IO interfaces. Native Linux AIO supports only a niche application class (O_DIRECT), and even for that use case, it’s far too slow for modern storage. This talk will detail io_uring, a modern IO interface for Linux, that’s both fully featured and performant.
Jens Axboe
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdfJay Das
With the advent of artificial intelligence or AI tools, project management processes are undergoing a transformative shift. By using tools like ChatGPT, and Bard organizations can empower their leaders and managers to plan, execute, and monitor projects more effectively.
Into the Box Keynote Day 2: Unveiling amazing updates and announcements for modern CFML developers! Get ready for exciting releases and updates on Ortus tools and products. Stay tuned for cutting-edge innovations designed to boost your productivity.
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
May Marketo Masterclass, London MUG May 22 2024.pdfAdele Miller
Can't make Adobe Summit in Vegas? No sweat because the EMEA Marketo Engage Champions are coming to London to share their Summit sessions, insights and more!
This is a MUG with a twist you don't want to miss.
Cyaniclab : Software Development Agency Portfolio.pdfCyanic lab
CyanicLab, an offshore custom software development company based in Sweden,India, Finland, is your go-to partner for startup development and innovative web design solutions. Our expert team specializes in crafting cutting-edge software tailored to meet the unique needs of startups and established enterprises alike. From conceptualization to execution, we offer comprehensive services including web and mobile app development, UI/UX design, and ongoing software maintenance. Ready to elevate your business? Contact CyanicLab today and let us propel your vision to success with our top-notch IT solutions.
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteGoogle
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
👉👉 Click Here To Get More Info 👇👇
https://sumonreview.com/ai-pilot-review/
AI Pilot Review: Key Features
✅Deploy AI expert bots in Any Niche With Just A Click
✅With one keyword, generate complete funnels, websites, landing pages, and more.
✅More than 85 AI features are included in the AI pilot.
✅No setup or configuration; use your voice (like Siri) to do whatever you want.
✅You Can Use AI Pilot To Create your version of AI Pilot And Charge People For It…
✅ZERO Manual Work With AI Pilot. Never write, Design, Or Code Again.
✅ZERO Limits On Features Or Usages
✅Use Our AI-powered Traffic To Get Hundreds Of Customers
✅No Complicated Setup: Get Up And Running In 2 Minutes
✅99.99% Up-Time Guaranteed
✅30 Days Money-Back Guarantee
✅ZERO Upfront Cost
See My Other Reviews Article:
(1) TubeTrivia AI Review: https://sumonreview.com/tubetrivia-ai-review
(2) SocioWave Review: https://sumonreview.com/sociowave-review
(3) AI Partner & Profit Review: https://sumonreview.com/ai-partner-profit-review
(4) AI Ebook Suite Review: https://sumonreview.com/ai-ebook-suite-review
Listen to the keynote address and hear about the latest developments from Rachana Ananthakrishnan and Ian Foster who review the updates to the Globus Platform and Service, and the relevance of Globus to the scientific community as an automation platform to accelerate scientific discovery.
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Anthony Dahanne
Les Buildpacks existent depuis plus de 10 ans ! D’abord, ils étaient utilisés pour détecter et construire une application avant de la déployer sur certains PaaS. Ensuite, nous avons pu créer des images Docker (OCI) avec leur dernière génération, les Cloud Native Buildpacks (CNCF en incubation). Sont-ils une bonne alternative au Dockerfile ? Que sont les buildpacks Paketo ? Quelles communautés les soutiennent et comment ?
Venez le découvrir lors de cette session ignite
Check out the webinar slides to learn more about how XfilesPro transforms Salesforce document management by leveraging its world-class applications. For more details, please connect with sales@xfilespro.com
If you want to watch the on-demand webinar, please click here: https://www.xfilespro.com/webinars/salesforce-document-management-2-0-smarter-faster-better/
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisGlobus
JASMIN is the UK’s high-performance data analysis platform for environmental science, operated by STFC on behalf of the UK Natural Environment Research Council (NERC). In addition to its role in hosting the CEDA Archive (NERC’s long-term repository for climate, atmospheric science & Earth observation data in the UK), JASMIN provides a collaborative platform to a community of around 2,000 scientists in the UK and beyond, providing nearly 400 environmental science projects with working space, compute resources and tools to facilitate their work. High-performance data transfer into and out of JASMIN has always been a key feature, with many scientists bringing model outputs from supercomputers elsewhere in the UK, to analyse against observational or other model data in the CEDA Archive. A growing number of JASMIN users are now realising the benefits of using the Globus service to provide reliable and efficient data movement and other tasks in this and other contexts. Further use cases involve long-distance (intercontinental) transfers to and from JASMIN, and collecting results from a mobile atmospheric radar system, pushing data to JASMIN via a lightweight Globus deployment. We provide details of how Globus fits into our current infrastructure, our experience of the recent migration to GCSv5.4, and of our interest in developing use of the wider ecosystem of Globus services for the benefit of our user community.
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns
Unlocking Business Potential: Tailored Technology Solutions by Prosigns
Discover how Prosigns, a leading technology solutions provider, partners with businesses to drive innovation and success. Our presentation showcases our comprehensive range of services, including custom software development, web and mobile app development, AI & ML solutions, blockchain integration, DevOps services, and Microsoft Dynamics 365 support.
Custom Software Development: Prosigns specializes in creating bespoke software solutions that cater to your unique business needs. Our team of experts works closely with you to understand your requirements and deliver tailor-made software that enhances efficiency and drives growth.
Web and Mobile App Development: From responsive websites to intuitive mobile applications, Prosigns develops cutting-edge solutions that engage users and deliver seamless experiences across devices.
AI & ML Solutions: Harnessing the power of Artificial Intelligence and Machine Learning, Prosigns provides smart solutions that automate processes, provide valuable insights, and drive informed decision-making.
Blockchain Integration: Prosigns offers comprehensive blockchain solutions, including development, integration, and consulting services, enabling businesses to leverage blockchain technology for enhanced security, transparency, and efficiency.
DevOps Services: Prosigns' DevOps services streamline development and operations processes, ensuring faster and more reliable software delivery through automation and continuous integration.
Microsoft Dynamics 365 Support: Prosigns provides comprehensive support and maintenance services for Microsoft Dynamics 365, ensuring your system is always up-to-date, secure, and running smoothly.
Learn how our collaborative approach and dedication to excellence help businesses achieve their goals and stay ahead in today's digital landscape. From concept to deployment, Prosigns is your trusted partner for transforming ideas into reality and unlocking the full potential of your business.
Join us on a journey of innovation and growth. Let's partner for success with Prosigns.
Developing Distributed High-performance Computing Capabilities of an Open Sci...Globus
COVID-19 had an unprecedented impact on scientific collaboration. The pandemic and its broad response from the scientific community has forged new relationships among public health practitioners, mathematical modelers, and scientific computing specialists, while revealing critical gaps in exploiting advanced computing systems to support urgent decision making. Informed by our team’s work in applying high-performance computing in support of public health decision makers during the COVID-19 pandemic, we present how Globus technologies are enabling the development of an open science platform for robust epidemic analysis, with the goal of collaborative, secure, distributed, on-demand, and fast time-to-solution analyses to support public health.
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by the Kernel to its modules
1. 2019 | Public
Analyzing changes to the binary
interface exposed by the Kernel
to its modules
Kernel Recipes 2019
Jessica Yu -- Dodji Seketeli -- Matthias Männich
2. 2019 | Public
What makes up the kernel ABI?
● Low level binary interface between the kernel and its modules
● Set of exported symbols (functions, variables) and their symbol versions (CRCs)
● Data structure layouts, offsets, size, alignment
● ABI tools check these structural expectations
3. 2019 | Public
Kernel ABI - why care?
● In a perfect world, all modules would be in-tree and upstream...
● Unfortunately, reality is more complicated
4. 2019 | Public
Kernel ABI - why care?
● Distributors care about maintaining kABI stability for out-of-tree modules from partners/vendors
● Prevent needed third party modules from breaking with routine kernel updates
5. 2019 | Public
Kernel ABI - why care?
● Decouple development of the kernel and its modules
● Provide a single kernel ABI / API for ecosystem of vendor modules
6. 2019 | Public
Upstream tools for kernel ABI checks
● modversions/genksyms (CONFIG_MODVERSIONS)
7. 2019 | Public
Modversions: Limitations
● yacc/lex based parser (genksyms)
● Prone to report false positive kABI breakages
● Maintenance pain
● Limited reporting of kABI breakage
8. 2019 | Public
Modversions: Limitations
KABI: symbol bio_trim(vmlinux) changed crc from 0xea9cb7e9 to 0x595bb017
block/bio.c:1891: warning: bio_trim: modversion changed because of changes in
struct blk_mq_tags
12. 2019 | Public
Modversions: Limitations
● Similar things happen when a struct suddenly becomes defined (inclusion of header file)
Export for_each_kernel_tracepoint == <void for_each_kernel_tracepoint ( void
( * ) ( struct tracepoint { … struct static_key_mod { UNKNOWN } * next ;
…>
Move the definition of static_key_mod to a header file included by kernel/tracepoint.c, you get:
Export for_each_kernel_tracepoint == <void for_each_kernel_tracepoint ( void
( * ) ( struct tracepoint { … struct static_key_mod { struct static_key_mod
* next ; struct jump_entry * entries ; struct module { enum module_state {
MODULE_STATE_LIVE , …>
● As a result, CRC also changes, although the binary interface has stayed the same
13. 2019 | Public
Modversions: Limitations
$ echo 'struct foo { int bar; };' | ./scripts/genksyms/genksyms -d
Defn for struct foo == <struct foo { int bar ; } >
Hash table occupancy 1/4096 = 0.000244141
$ echo 'struct __attribute__((packed)) foo { int bar; };' |
./scripts/genksyms/genksyms -d
Hash table occupancy 0/4096 = 0
Source: https://lore.kernel.org/lkml/CAKwvOdnJAApaUhTQs7w_VjSeYBQa0c-TNxRB4xPLi0Y0sOQMMQ@mail.gmail.com/
14. 2019 | Public
Distro requirements
● ABI tracking for a (sub)set of exported symbols
● Normally don’t care about ABI of in-tree only or inter-driver/inter-module symbols (symbol
whitelist)
● Human-readable kABI reports, easily pinpoint source of kABI breakages and save developer time
● Runtime ABI checks (checking symbol CRCs at module load time)
● Doesn’t extend kernel/package build time by too much
● ...
15. 2019 | Public
Enters Libabigail
● “ABI Generic Analysis and Instrumentation Library”
○ Framework to analyze ABI by looking at binaries directly
● It’s basically a library
○ Reads ELF and DWARF information
○ Builds an internal in-memory representation of ABI artifacts (a.k.a ABI/IR)
■ Functions, variables, types, ELF symbols
● Can compare two ABI IRs
○ The result of the comparison is also an IR (a.k.a DIFF/IR)
● The aim is to analyze the graphs represented by the IRs to emit useful information
● Different tools use the library in specific ways for specific purposes
○ Initially tailored to support analysis of userspace shared libraries
● Jessica and Matthias recently joined to help make the framework grok Linux kernel binaries
16. 2019 | Public
Libabigail Kernel Support
● Kernel binaries have several symbol tables
○ .symtab, __ksymtab, __ksymtab_gpl
○ that’s where we find symbols of functions/variables that matter
○ possibly various formats
■ since v4.19 new format possible on AARCH64
● Kernel made of vmlinux + thousands of modules and hundreds of thousands of types
○ We want to build one in-memory representation for vmlinux + modules
○ We want to be able to load two Kernel IR in memory at one point in time
● Somewhat bigger than your average shared library out there …
○ Challenging to be fast enough but we are regularly making progress
Or what’s specific about it ...
17. 2019 | Public
struct my_type {
char str[1024];
} my_type;
struct my_struct {
int a;
struct my_type b;
} my_struct;
enum my_enum {
A, C, B
};
void func_str(struct my_struct s) {}
void func_ptr(struct my_struct * s) {}
void func_enu(enum my_enum e) {}
+void new_func() {}
Typical Breakages -- Added FunctionLibabigail
Functions changes summary: 0 Removed, 0 Changed, 1 Added function
Variables changes summary: 0 Removed, 0 Changed, 0 Added variable
1 Added function:
'function void new_func()' {new_func}
ABI Breakage yes, but ABI still compatible
Mitigation n/a
Notes new_func() becomes part of the ABI. An update of the ABI
representation is required to catch future breakages of
new_func().
18. 2019 | Public
struct my_type {
char str[1024];
} my_type;
struct my_struct {
int a;
struct my_type b;
} my_struct;
enum my_enum {
- A, C, B
+ A, B, C
};
void func_str(struct my_struct s) {}
void func_ptr(struct my_struct * s) {}
void func_enu(enum my_enum e) {}
Typical Breakages -- Sort enum valuesLibabigail
Functions changes summary: 0 Removed, 1 Changed, 0 Added function
Variables changes summary: 0 Removed, 0 Changed, 0 Added variable
1 function with some indirect sub-type change:
[C]'function void func_enu(my_enum)' at test.c:16:1 has indirect sub-type
changes:
parameter 1 of type 'enum my_enum' has sub-type changes:
type size hasn't changed
2 enumerator changes:
'my_enum::C' from value '1' to '2' at test.c:10:1
'my_enum::B' from value '2' to '1' at test.c:10:1
ABI Breakage no, but API breakage
Mitigation Just don't.
Notes Again, this is not a strict ABI breakage, but still discovered
as breakage. In this case, the change is not considered
harmless.
19. 2019 | Public
struct my_type {
char str[1024];
} my_type;
struct my_struct {
int a;
struct my_type b;
} my_struct;
enum my_enum {
A, C, B
};
void func_str(struct my_struct s) {}
void func_ptr(struct my_struct * s) {}
-void func_enu(enum my_enum e) {}
Typical Breakages -- Removed FunctionLibabigail
Functions changes summary: 1 Removed, 0 Changed, 0 Added function
Variables changes summary: 0 Removed, 0 Changed, 0 Added variable
1 Removed function:
'function void func_enu(my_enum)' {func_enu}
ABI Breakage yes
Mitigation Add back the symbol (maybe forward if it was a rename).
Notes
20. 2019 | Public
struct my_type {
char str[1024];
} my_type;
struct my_struct {
int a;
struct my_type b;
+ int new_member;
} my_struct;
enum my_enum {
A, C, B
};
void func_str(struct my_struct s) {}
void func_ptr(struct my_struct * s) {}
void func_enu(enum my_enum e) {}
Typical Breakages -- Add struct memberLibabigail
Functions changes summary: 0 Removed, 2 Changed, 0 Added functions
Variables changes summary: 0 Removed, 0 Changed, 0 Added variable
2 functions with some indirect sub-type change:
[C]'function void func_str(my_struct)' at test.c:15:1 has indirect sub-type changes:
parameter 1 of type 'struct my_struct' has sub-type changes:
type size changed from 8224 to 8256 (in bits)
1 data member insertion:
'int my_struct::new_member', at offset 8224 (in bits) at test.c:8:
[C]'function void func_ptr(my_struct*)' at test.c:16:1 has indirect sub-type changes:
parameter 1 of type 'my_struct*' has sub-type changes:
in pointed to type 'struct my_struct' at test.c:5:1:
[...]
ABI Breakage yes, but strictly only for func_str()
Mitigation Add padding to data structures potentially being affected.
Notes func_ptr() does not actually suffer from an ABI breakage
at that very definition. It might be affected when the
parameter gets dereferenced or if its size is taken.
Libabigail diagnoses this because it can. It would not if the
full definition of my_struct would not be available.
21. 2019 | Public
struct my_type {
char str[1024];
} my_type;
struct my_struct {
int a;
- struct my_type b;
+ struct my_type c;
} my_struct;
enum my_enum {
A, C, B
};
void func_str(struct my_struct s) {}
void func_ptr(struct my_struct * s) {}
void func_enu(enum my_enum e) {}
Typical Breakages -- Struct member name changeLibabigail
Functions changes summary: 0 Removed, 0 Changed (2 filtered out),
0 Added functions
Variables changes summary: 0 Removed, 0 Changed, 0 Added variable
ABI Breakage no, but API breakage
Mitigation From an ABI point of view this is sane.
Notes The rename is detected, but considered harmless.
Most likely the rename is not essential for the intent of the
actual patch. So, reverting the rename is probably a good
idea.
22. 2019 | Public
struct my_type {
char str[1024];
} my_type;
struct my_struct {
int a;
- struct my_type b;
+ char b[1024];
} my_struct;
enum my_enum {
A, C, B
};
void func_str(struct my_struct s) {}
void func_ptr(struct my_struct * s) {}
void func_enu(enum my_enum e) {}
Typical Breakages -- Type change (with identical memory layout)Libabigail
Functions changes summary: 0 Removed, 2 Changed, 0 Added functions
Variables changes summary: 0 Removed, 0 Changed, 0 Added variable
2 functions with some indirect sub-type change:
[C]'function void func_ptr(my_struct*)' at test.c:15:1 has indirect sub-type changes:
parameter 1 of type 'my_struct*' has sub-type changes:
in pointed to type 'struct my_struct' at test.c:5:1:
type size hasn't changed
1 data member change:
type of 'my_type my_struct::b' changed:
entity changed from 'struct my_type' to 'char[1024]'
[...]
ABI Breakage no, but API breakage
Mitigation Just don't.
Notes Again, this is not a strict ABI breakage, but still discovered
as breakage. In this case, the change is not considered
harmless.
23. 2019 | Public
Project Treble (Android 8)
Stable ABIs for Android Kernels
Applications
Android Framework
HAL Interface
Vendor Implementation
of HAL Interface
Hardware Components
Linux Kernel
Framework Build
Part of the Android build
that is hardware-agnostic
Vendor Implementation
Part of the Android build
that is aware of the
hardware and implements
the corresponding Vendor
Interface (VINTF)
VINTF
Android Next Generation
Generic Kernel
Image (GKI)
(arm64)
4.19.x / 5.x.y
GKI Modules
4.19.x / 5.x.y
Chip- & Board-
Specific Drivers
(Kernel Modules)
StableAPI/ABI
24. 2019 | Public
Stable ABI within Boundaries
○ Define what is part of the
ABI
○ Whitelist
○ Suppression
○ Only keep ABI stable
within major upstream
branch
○ E.g.
LTS 4.9, 4.14, 4.19, 5.x
○ Single Kernel Configuration
○ Suitable for all vendors
○ Configuration changes
allowed if they don't break
ABI
○ Single Toolchain
○ Hermetic Build
Branches Configuration Toolchain Scope
and how Android implements that*
○ android-4.19
○ android-5.x *
○ Generic Kernel Image
(GKI) configuration
○ Clang Build (only)
○ Hermetic Toolchain*
(enforced by build wrapper)
○ Observable ABI
○ Whitelists *
○ Symbol Namespaces *
* some of these are still work in progress and to be finalized / implemented
25. 2019 | Public
Integration into the Android Kernel Build
build_abi.sh
build.sh ABI Tooling
○ Setup (hermetic) build environment
○ Toolchain
○ Cross Compiler
○ Build Dir / Dist Dir
○ make mrproper
○ make <defconfig>
○ make
○ create Android Kernel distribution
○ abidw --linux-tree out/
○ abidiff abi.xml abi-base.xml
○ create abi report
$ repo init -u <url> -b <branch> # initialize workspace
$ repo sync # get sources, toolchain, dependencies, etc.
$ build/build_abi.sh # build and validate ABI
26. 2019 | Public
० Define a baseline ABI
० Keep it along with your sources
० Establish ABI checking (e.g. build_abi.sh)
as mandatory test before merging
० Changes targeting Android Common Kernels
have to pass this test in AOSP Gerrit
Monitoring and Enforcement
--- a/include/linux/utsname.h
+++ b/include/linux/utsname.h
@@ -22,6 +22,7 @@ struct user_namespace;
extern struct user_namespace init_user_ns;
struct uts_namespace {
+ int dummy;
struct kref kref;
struct new_utsname name;
struct user_namespace *user_ns;
27. 2019 | Public
० Library and set of tools to analyze ABIs of binaries
० Allows serializing, deserializing and comparing of ABI
representation
० Considers ELF symbols along with DWARF information
० Linux Kernel Support is fairly new, but works pretty good
(considers ksymtab instead of ELF symbol table )
० Support for 4.19+ Kernels is almost completed
"Application Binary Interface Generic Analysis and Instrumentation Library"
https://sourceware.org/libabigail/
Libabigail
1
2
3
Create Binaries
Extract ABI
Compare
vmlinux
mod1.ko
mod2.ko
abi.xml
abi.xml vs. abi-base.xml
31. 2019 | Public
include/linux/mm.h
enum {
REGION_INTERSECTS,
REGION_DISJOINT,
REGION_MIXED,
};
/* returns one of the above values */
int region_intersects(resource_size_t offset,
size_t size,
unsigned long flags,
unsigned long desc);
Untagged enumsUnhandled Cases
How to handle sorting of such an enum now?
enum {
- REGION_INTERSECTS,
REGION_DISJOINT,
+ REGION_INTERSECTS,
REGION_MIXED,
};
Generate ABI capturing data structures
(code generation or compiler plugin)
enum abi_enum {
abi_REGION_INTERSECTS = REGION_INTERSECTS,
abi_REGION_DISJOINT = REGION_DISJOINT,
abi_REGION_MIXED = REGION_MIXED,
};
void abi_func(enum abi_enum e) { } Captured as
ELF symbol
32. 2019 | Public
include/linux/sched.h
/* Used in tsk->state: */
#define TASK_RUNNING 0x0000
#define TASK_INTERRUPTIBLE 0x0001
#define TASK_UNINTERRUPTIBLE 0x0002
[...]
#define TASK_WAKEKILL 0x0100
[...]
/* Convenience macros for the sake of
set_current_state: */
#define TASK_KILLABLE
(TASK_WAKEKILL | TASK_UNINTERRUPTIBLE)
DefinesUnhandled Cases
How to handle changes to #defined values?
#define TASK_RUNNING 0x0000
#define TASK_INTERRUPTIBLE 0x0001
-#define TASK_UNINTERRUPTIBLE 0x0002
+#define TASK_UNINTERRUPTIBLE 0x0004
[...]
#define TASK_KILLABLE (TASK_WAKEKILL | TASK_UNINTERRUPTIBLE)
Deduct defines and create trackable data structures.
enum abi_enum {
abi_TASK_RUNNING = 0x0000,
abi_TASK_INTERRUPTIBLE = 0x0001,
abi_TASK_UNINTERRUPTIBLE = 0x0002,
abi_TASK_WAKEKILL = 0x0100,
abi_TASK_KILLABLE = 0x0102
};
void abi_func(enum abi_enum e) { }
Captured as
ELF symbol