本次講座 Will 保哥將分享如何透過 Visual Studio 的 StyleCop 擴充套件做到全自動的程式碼撰寫風格檢查,讓每個人都不用看規範文件,透過工具用最無腦的方式自動幫你做好到程式碼風格檢查。如要觀看完整講座內容,可報名線上課程進行一步查看實際展示與技術講解,網址:
http://miniasp.kktix.cc/events/stylecop-in-action-online
This document discusses eBPF (extended Berkeley Packet Filter), which allows tracing from the Linux kernel to userspace using BPF programs. It provides an overview of eBPF including extended registers, verification, maps, and probes. Examples are given of using eBPF for tracing functions like kfree_skb() and the C library function malloc. The Berkeley Compiler Collection (BCC) makes it easy to write eBPF programs in C and Python.
This document provides a list of GRE vocabulary words beginning with the letter A, along with their definitions. Some of the words included are abase (lower), abash (embarrass), abbreviate (shorten), abdicate (renounce a position), aberrant (abnormal), and abeyance (suspended action). The list contains over 200 words beginning with A and their meanings to help with vocabulary building for the GRE exam.
本次講座 Will 保哥將分享如何透過 Visual Studio 的 StyleCop 擴充套件做到全自動的程式碼撰寫風格檢查,讓每個人都不用看規範文件,透過工具用最無腦的方式自動幫你做好到程式碼風格檢查。如要觀看完整講座內容,可報名線上課程進行一步查看實際展示與技術講解,網址:
http://miniasp.kktix.cc/events/stylecop-in-action-online
This document discusses eBPF (extended Berkeley Packet Filter), which allows tracing from the Linux kernel to userspace using BPF programs. It provides an overview of eBPF including extended registers, verification, maps, and probes. Examples are given of using eBPF for tracing functions like kfree_skb() and the C library function malloc. The Berkeley Compiler Collection (BCC) makes it easy to write eBPF programs in C and Python.
This document provides a list of GRE vocabulary words beginning with the letter A, along with their definitions. Some of the words included are abase (lower), abash (embarrass), abbreviate (shorten), abdicate (renounce a position), aberrant (abnormal), and abeyance (suspended action). The list contains over 200 words beginning with A and their meanings to help with vocabulary building for the GRE exam.
In this PowerPoint, learn how a security policy can be your first line of defense. Servers running AIX and other operating systems are frequent targets of cyberattacks, according to the Data Breach Investigations Report. From DoS attacks to malware, attackers have a variety of strategies at their disposal. Having a security policy in place makes it easier to ensure you have appropriate controls in place to protect mission-critical data.
Video: https://www.youtube.com/watch?v=JRFNIKUROPE . Talk for linux.conf.au 2017 (LCA2017) by Brendan Gregg, about Linux enhanced BPF (eBPF). Abstract:
A world of new capabilities is emerging for the Linux 4.x series, thanks to enhancements that have been included in Linux for to Berkeley Packet Filter (BPF): an in-kernel virtual machine that can execute user space-defined programs. It is finding uses for security auditing and enforcement, enhancing networking (including eXpress Data Path), and performance observability and troubleshooting. Many new open source tools that have been written in the past 12 months for performance analysis that use BPF. Tracing superpowers have finally arrived for Linux!
For its use with tracing, BPF provides the programmable capabilities to the existing tracing frameworks: kprobes, uprobes, and tracepoints. In particular, BPF allows timestamps to be recorded and compared from custom events, allowing latency to be studied in many new places: kernel and application internals. It also allows data to be efficiently summarized in-kernel, including as histograms. This has allowed dozens of new observability tools to be developed so far, including measuring latency distributions for file system I/O and run queue latency, printing details of storage device I/O and TCP retransmits, investigating blocked stack traces and memory leaks, and a whole lot more.
This talk will summarize BPF capabilities and use cases so far, and then focus on its use to enhance Linux tracing, especially with the open source bcc collection. bcc includes BPF versions of old classics, and many new tools, including execsnoop, opensnoop, funcccount, ext4slower, and more (many of which I developed). Perhaps you'd like to develop new tools, or use the existing tools to find performance wins large and small, especially when instrumenting areas that previously had zero visibility. I'll also summarize how we intend to use these new capabilities to enhance systems analysis at Netflix.
The document outlines the schedule and objectives for an operating systems lab course over 10 weeks. The first few weeks focus on writing programs using Unix system calls like fork, exec, wait. Later weeks involve implementing I/O system calls, simulating commands like ls and grep, and scheduling algorithms like FCFS, SJF, priority and round robin. Students are asked to display Gantt charts, compute waiting times and turnaround times for each algorithm. The final weeks cover inter-process communication, the producer-consumer problem, and memory management techniques.
This document discusses Android's recoverable keystore, which allows for migration of encryption keys to a new device and is linked to a Google account. It protects symmetric keys using AES-GCM encryption. Only system apps like Google Play Services can generate and restore recoverable keys. The keystore takes a snapshot of keys that is encrypted and stored in Google's cloud key vault service, allowing restoration of encrypted data and full device backups between devices.
The document discusses the Lua virtual machine (LuaVM) bytecode format and instructions. It shows an example Lua function written in bytecode format, with each instruction taking up one bytecode. The bytecode format uses registers to reference values on the stack and constants to reference values in the constant table. Common Lua operations like variable assignment and table indexing can be represented in a single bytecode instruction this way.
Library Operating System for Linux #netdev01Hajime Tazaki
This document introduces a library operating system approach for using the Linux network stack in userspace. Some key points:
- It describes building the Linux network stack (including components like ARP, TCP/IP, Qdisc, etc) as a library that can be loaded and used in userspace.
- This allows flexible experimentation with and testing of new network stack ideas without modifying the kernel. Code can be added and tested through the library interface.
- Implementations described include directly executing the code (DCE) and using it to integrate with a network simulator, as well as a Network Stack in Userspace (NUSE) that provides a full-featured POSIX-like platform for the network stack in user
BPF of Berkeley Packet Filter mechanism was first introduced in linux in 1997 in version 2.1.75. It has seen a number of extensions of the years. Recently in versions 3.15 - 3.19 it received a major overhaul which drastically expanded it's applicability. This talk will cover how the instruction set looks today and why. It's architecture, capabilities, interface, just-in-time compilers. We will also talk about how it's being used in different areas of the kernel like tracing and networking and future plans.
In this PowerPoint, learn how a security policy can be your first line of defense. Servers running AIX and other operating systems are frequent targets of cyberattacks, according to the Data Breach Investigations Report. From DoS attacks to malware, attackers have a variety of strategies at their disposal. Having a security policy in place makes it easier to ensure you have appropriate controls in place to protect mission-critical data.
Video: https://www.youtube.com/watch?v=JRFNIKUROPE . Talk for linux.conf.au 2017 (LCA2017) by Brendan Gregg, about Linux enhanced BPF (eBPF). Abstract:
A world of new capabilities is emerging for the Linux 4.x series, thanks to enhancements that have been included in Linux for to Berkeley Packet Filter (BPF): an in-kernel virtual machine that can execute user space-defined programs. It is finding uses for security auditing and enforcement, enhancing networking (including eXpress Data Path), and performance observability and troubleshooting. Many new open source tools that have been written in the past 12 months for performance analysis that use BPF. Tracing superpowers have finally arrived for Linux!
For its use with tracing, BPF provides the programmable capabilities to the existing tracing frameworks: kprobes, uprobes, and tracepoints. In particular, BPF allows timestamps to be recorded and compared from custom events, allowing latency to be studied in many new places: kernel and application internals. It also allows data to be efficiently summarized in-kernel, including as histograms. This has allowed dozens of new observability tools to be developed so far, including measuring latency distributions for file system I/O and run queue latency, printing details of storage device I/O and TCP retransmits, investigating blocked stack traces and memory leaks, and a whole lot more.
This talk will summarize BPF capabilities and use cases so far, and then focus on its use to enhance Linux tracing, especially with the open source bcc collection. bcc includes BPF versions of old classics, and many new tools, including execsnoop, opensnoop, funcccount, ext4slower, and more (many of which I developed). Perhaps you'd like to develop new tools, or use the existing tools to find performance wins large and small, especially when instrumenting areas that previously had zero visibility. I'll also summarize how we intend to use these new capabilities to enhance systems analysis at Netflix.
The document outlines the schedule and objectives for an operating systems lab course over 10 weeks. The first few weeks focus on writing programs using Unix system calls like fork, exec, wait. Later weeks involve implementing I/O system calls, simulating commands like ls and grep, and scheduling algorithms like FCFS, SJF, priority and round robin. Students are asked to display Gantt charts, compute waiting times and turnaround times for each algorithm. The final weeks cover inter-process communication, the producer-consumer problem, and memory management techniques.
This document discusses Android's recoverable keystore, which allows for migration of encryption keys to a new device and is linked to a Google account. It protects symmetric keys using AES-GCM encryption. Only system apps like Google Play Services can generate and restore recoverable keys. The keystore takes a snapshot of keys that is encrypted and stored in Google's cloud key vault service, allowing restoration of encrypted data and full device backups between devices.
The document discusses the Lua virtual machine (LuaVM) bytecode format and instructions. It shows an example Lua function written in bytecode format, with each instruction taking up one bytecode. The bytecode format uses registers to reference values on the stack and constants to reference values in the constant table. Common Lua operations like variable assignment and table indexing can be represented in a single bytecode instruction this way.
Library Operating System for Linux #netdev01Hajime Tazaki
This document introduces a library operating system approach for using the Linux network stack in userspace. Some key points:
- It describes building the Linux network stack (including components like ARP, TCP/IP, Qdisc, etc) as a library that can be loaded and used in userspace.
- This allows flexible experimentation with and testing of new network stack ideas without modifying the kernel. Code can be added and tested through the library interface.
- Implementations described include directly executing the code (DCE) and using it to integrate with a network simulator, as well as a Network Stack in Userspace (NUSE) that provides a full-featured POSIX-like platform for the network stack in user
BPF of Berkeley Packet Filter mechanism was first introduced in linux in 1997 in version 2.1.75. It has seen a number of extensions of the years. Recently in versions 3.15 - 3.19 it received a major overhaul which drastically expanded it's applicability. This talk will cover how the instruction set looks today and why. It's architecture, capabilities, interface, just-in-time compilers. We will also talk about how it's being used in different areas of the kernel like tracing and networking and future plans.