The document describes a PC certification routine that can perform single or multiple audits of PCs. It reveals hardware and software inventory details, lists of users and defined printers. It can verify if a newly configured PC is within specification, and can verify the contents of an existing PC so a suitable replacement can be configured. It produces an inventory report in a spreadsheet with details of hardware, software, users and more.
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven RostedtAnne Nicolas
Ftrace is the official tracer of the Linux kernel. It has been apart of Linux since 2.6.31, and has grown tremendously ever since. Ftrace’s name comes from its most powerful feature: function tracing. But the ftrace infrastructure is much more than that. It also encompasses the trace events that are used by perf, as well as kprobes that can dynamically add trace events that the user defines.
This talk will focus on learning how the kernel works by using the ftrace infrastructure. It will show how to see what happens within the kernel during a system call; learn how interrupts work; see how ones processes are being scheduled, and more. A quick introduction to some tools like trace-cmd and KernelShark will also be demonstrated.
Steven Rostedt, VMware
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven RostedtAnne Nicolas
Ftrace is the official tracer of the Linux kernel. It has been apart of Linux since 2.6.31, and has grown tremendously ever since. Ftrace’s name comes from its most powerful feature: function tracing. But the ftrace infrastructure is much more than that. It also encompasses the trace events that are used by perf, as well as kprobes that can dynamically add trace events that the user defines.
This talk will focus on learning how the kernel works by using the ftrace infrastructure. It will show how to see what happens within the kernel during a system call; learn how interrupts work; see how ones processes are being scheduled, and more. A quick introduction to some tools like trace-cmd and KernelShark will also be demonstrated.
Steven Rostedt, VMware
Zhuo Ma, Tencent
USB is one of the most common interface supported on modern computer. Modern OSes offer tons of USB drivers to support frequently used USB device classes. For other 3rd party USB device, Microsoft provide automatic driver downloading and installation via Windows AutoUpdate Service. In this talk, we consider this as a novel attacking surface exposed by Windows.
We are trying to assess the vulnerability in those USB drivers provided via Windows AutoUpdate Service, which can be automatic installed and run after device plugged in. Obviously, these drivers are all designed for real USB device, which have to talk to device during running.
So, the biggest obstacle for assessing these drivers is we can not prepare real USB devices for all of these drivers. To overcome this, We developed a system to emulate these USB device, further, we are trying to fuzz these drivers against our emulated USB device. By using this system, we can fuzz device drivers without the real USB device. In further, we can also precisely fuzz every stage of driver loading. We can feed any custom data to the drivers to trigger vulnerabilities. Also, this system supports IO Control Code fuzz as well. And all in all, all of this progress can be done automatically.
We tested about 6000 drivers, yielded hundreds of crash by fuzzing. IO Control Fuzz also gave a reasonable result. We are going to divide our talk into three parts: the first part is about how we get the list of automatic installed USB drivers, and how to analyze these drivers in automatic ways; the second part is about the fuzzing system we designed, including the architecture of system, ways to emulating devices, key points for designing; the last part will show some vulnerabilities we found by this system.
An introduction to ACPI for users. Covers how to configure ACPI on FreeBSD and what is currently supported. Given at the Bay Area FreeBSD User's Group, September 6, 2006
An introduction to ACPI for developers. Includes an example tracing a power management event from the hardware up through the OS and back down. Intended to get other kernel developers interested in helping me maintain FreeBSD's ACPI layer. Given at the Bay Area FreeBSD User's Group, May 3, 2006.
HKG15-409: ARM Hibernation enablement on SoCs - a case studyLinaro
HKG15-409: ARM Hibernation enablement on SoCs - a case study
---------------------------------------------------
Speaker: Grygorii Strashko
Date: February 12, 2015
---------------------------------------------------
★ Session Summary ★
Hibernation on ARM devices is a long-wanted feature, with multiple ways of achieving it - in-kernel, fully userspace, or a combination. This presentation will give brief overview of these methods, and will discuss the effort required in enabling in-kernel ARM hibernation to the TI platform. We will also share the pre-requisites for enabling this on other SoCs.
--------------------------------------------------
★ Resources ★
Pathable: https://hkg15.pathable.com/meetings/250837
Video: https://www.youtube.com/watch?v=dJqCbTfKrMk
Etherpad: http://pad.linaro.org/p/hkg15-409
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2015 - #HKG15
February 9-13th, 2015
Regal Airport Hotel Hong Kong Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
zfsday talk (a video is on the last slide). The performance of the file system, or disks, is often the target of blame, especially in multi-tenant cloud environments. At Joyent we deploy a public cloud on ZFS-based systems, and frequently investigate performance with a wide variety of applications in growing environments. This talk is about ZFS performance observability, showing the tools and approaches we use to quickly show what ZFS is doing. This includes observing ZFS I/O throttling, an enhancement added to illumos-ZFS to isolate performance between neighbouring tenants, and the use of DTrace and heat maps to examine latency distributions and locate outliers.
Zhuo Ma, Tencent
USB is one of the most common interface supported on modern computer. Modern OSes offer tons of USB drivers to support frequently used USB device classes. For other 3rd party USB device, Microsoft provide automatic driver downloading and installation via Windows AutoUpdate Service. In this talk, we consider this as a novel attacking surface exposed by Windows.
We are trying to assess the vulnerability in those USB drivers provided via Windows AutoUpdate Service, which can be automatic installed and run after device plugged in. Obviously, these drivers are all designed for real USB device, which have to talk to device during running.
So, the biggest obstacle for assessing these drivers is we can not prepare real USB devices for all of these drivers. To overcome this, We developed a system to emulate these USB device, further, we are trying to fuzz these drivers against our emulated USB device. By using this system, we can fuzz device drivers without the real USB device. In further, we can also precisely fuzz every stage of driver loading. We can feed any custom data to the drivers to trigger vulnerabilities. Also, this system supports IO Control Code fuzz as well. And all in all, all of this progress can be done automatically.
We tested about 6000 drivers, yielded hundreds of crash by fuzzing. IO Control Fuzz also gave a reasonable result. We are going to divide our talk into three parts: the first part is about how we get the list of automatic installed USB drivers, and how to analyze these drivers in automatic ways; the second part is about the fuzzing system we designed, including the architecture of system, ways to emulating devices, key points for designing; the last part will show some vulnerabilities we found by this system.
An introduction to ACPI for users. Covers how to configure ACPI on FreeBSD and what is currently supported. Given at the Bay Area FreeBSD User's Group, September 6, 2006
An introduction to ACPI for developers. Includes an example tracing a power management event from the hardware up through the OS and back down. Intended to get other kernel developers interested in helping me maintain FreeBSD's ACPI layer. Given at the Bay Area FreeBSD User's Group, May 3, 2006.
HKG15-409: ARM Hibernation enablement on SoCs - a case studyLinaro
HKG15-409: ARM Hibernation enablement on SoCs - a case study
---------------------------------------------------
Speaker: Grygorii Strashko
Date: February 12, 2015
---------------------------------------------------
★ Session Summary ★
Hibernation on ARM devices is a long-wanted feature, with multiple ways of achieving it - in-kernel, fully userspace, or a combination. This presentation will give brief overview of these methods, and will discuss the effort required in enabling in-kernel ARM hibernation to the TI platform. We will also share the pre-requisites for enabling this on other SoCs.
--------------------------------------------------
★ Resources ★
Pathable: https://hkg15.pathable.com/meetings/250837
Video: https://www.youtube.com/watch?v=dJqCbTfKrMk
Etherpad: http://pad.linaro.org/p/hkg15-409
---------------------------------------------------
★ Event Details ★
Linaro Connect Hong Kong 2015 - #HKG15
February 9-13th, 2015
Regal Airport Hotel Hong Kong Airport
---------------------------------------------------
http://www.linaro.org
http://connect.linaro.org
zfsday talk (a video is on the last slide). The performance of the file system, or disks, is often the target of blame, especially in multi-tenant cloud environments. At Joyent we deploy a public cloud on ZFS-based systems, and frequently investigate performance with a wide variety of applications in growing environments. This talk is about ZFS performance observability, showing the tools and approaches we use to quickly show what ZFS is doing. This includes observing ZFS I/O throttling, an enhancement added to illumos-ZFS to isolate performance between neighbouring tenants, and the use of DTrace and heat maps to examine latency distributions and locate outliers.
The goal of this test plan is to test SPECTRE and MELTDOWN performance impact on Intel CPU. We will run CPU intensive workloads in Virtual Machine(s) running on non-patched and patched ESXi host and observe performance impact.
We will test impact on network, storage and memory performance because these I/O intensive workloads requires CPU caching which is impacted by vulnerabilities remediation.
Qualification of performance is very specific and hard subject. The performance impact varies across different hardware and software configurations. However, performed tests are very well described in this document so the reader can understand all conditions of the test and observed results. The reader can also perform tests on his specific hardware and software configurations.
Automating everything with PowerShell, Terraform, and AWSChris Brown
From the Melbourne PowerShell meetup in December 2016. At this event I presented a demonstration of how easy it is to build, test, and destroy infrastructure using combinations of technologies.
Did you know that Ansible can automate network resources? Do you need a primer on getting started with Ansible to help automate your network resources? If so, this session is for you. This demo-based session walks through the configurations, templates, and processes of how to go from zero to a full, working configuration. We will also discuss how to maintain and update the environment. This simple walkthrough of the configurations, templates, and processes will start your journey to network automation.
This is the document which explain the step by step procedure to upgrade PowerVC from 1.3.0.2 to 1.3.2.0. I've added useful information in the documents.
Accelerating Virtual Machine Access with the Storage Performance Development ...Michelle Holley
Abstract: Although new non-volatile media inherently offers very low latency, remote access
using protocols such as NVMe-oF and presenting the data to VMs via virtualized interfaces such as virtio
adds considerable software overhead. One way to reduce the overhead is to use the Storage
Performance Development Kit (SPDK), an open-source software project that provides building blocks for
scalable and efficient storage applications with breakthrough performance. Comparing the software
paths for virtualizing block storage I/O illustrates the advantages of the SPDK-based approach. Empirical
data shows that using SPDK can improve CPU efficiency by up to 10 x and reduce latency up to 50% over
existing methods. Future enhancements for SPDK will make its advantages even greater.
Speaker Bio: Anu Rao is Product line manager for storage software in Data center Group. She helps
customer ease into and adopt open source Storage software like Storage Performance Development Kit
(SPDK) and Intelligent Software Acceleration-Library (ISA-L).
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days
A participant will acquire basic skills of searching for vulnerabilities on switches and routers from various vendors. The masterclass will cover both common network vulnerabilities, and exceptive cases that can be detected in the process of security assessment of real networks.
* Know the reasons why various operating systems exist and how they are functioned for dedicated purposes
* Understand the basic concepts while building system software from scratch
• How can we benefit from cheap ARM boards and the related open source tools?
- Raspberry Pi & STM32F4-Discovery
High Availability can be a curiously nebulous term, and most people probably don't care about it until they can't access their online banking service, or their plane crashes.
This presentation examines some of the considerations necessary when building highly available computer systems, then focuses on the HA infrastructure software currently available from the Corosync/OpenAIS, Linux-HA and Pacemaker projects.
Originally presented at Linux Users Victoria in April 2010 (http://luv.asn.au/2010/04/06)