Linux.conf.au 2014 – Day 3 – Session 2

HTTP/2.0 And You by Mark Nottingham

  • Why?
    • Web heavier and more interactive than it used to be
    • Average size and elements on each page have doubled over last 2 years
    • People have found bad performance affects attention from users
    • Latency is bad on mobile and mobile is growing
  • Current Techniques
    • Spriting images
    • Inlining – encode images directly in CSS
    • Sharding – multiple hostnames
    • Concatenation – jam all js or css into one file/download
    • HACKS!
  • “Eliminate Requests”
  • Why are HTTP request so expensive
    • HTTP/1 uses TCP poorly
    • Head of Line blocking – requests/responses have to be ordered within each TCP connection. Slow one blocks others
    • HTTP request short and bursty, TCP was built for long lived flows
    • TCP slow start
  • Therefore HTTP uses multiple connections
    • Increases congestion events
    • resource intensive on server
    • all of this is really tricky for clients (which request to which connection in which order)
  • Http headers are verbose
    • Same data sent multiple times from request to request
    • Large request headers split across multiple packets
    • 7-8 round trips just to get page loaded
  • SPDY was the starting point
    • Previous efforts ( Opera Turbo, HTTP-NG, Waka )
  • GOAL: One TCP connection for a page load
    • longer lived
    • less resource intensive
    • more fair
  • Protocol
    • Frames – settings, header, data
      • Multiple stream IDs so data and headers from different request can be mixed on same connection
    • Prioritisation and flow control
      • Priority field
      • session level and stream level control
      • WINDOW_UPDATE frame
    • Header compression
      • 1st proposal gzip
        • One compression context for all headers in each direction (don’t redo dictionaries)
        • Very efficient, easy to impliment
        • Some memory overhead
        • But CRIME attack allowed attacker to inject data
      • HPACK instead
        • Coarse-grained delta-coding
    • Server Push
      • Push URLs straight to client in anticipation it will be needed (eg CSS, js after page requested)
  • About a dozen implimentations
  • How will it affect me?
    • 25% page size saved
    • Multiplexing allows a lot better use of network
    • HTTP semantics won’t change, but leaked abstractions will
    • Less “Best Practises” for Perf
    • Rethink connection handling – load balances
    • Now a binary format
    • TLS compulsory (effectively since major browsers will make it) πŸ™
    • Getting most out of protocol will take effort
    • RESTful HTTP APIs , lower request overhead, BATCH operations no needed
  • TLS still being looked at for small/medium operators
  • http://github.com/http2/

 

Reverse engineering vendor firmware drivers for little fun and no profit by Matthew Garrett

  • Deploying Servers is tedious. Fireware config often needs keyboard/screen needs to be connected
  • Automated server deployment is awesome
  • Different mechanism
    • Serial console (can be automated, but very hard)
    • Web services console
    • Vendor-specific method
  • The vendor tool
    • Spits out XML file
    • You Modify file in your editor etc
    • Reads modified file
    • 250KB binary
    • 32-bit only
  • Matthew’s company didn’t have 32-bit libraries
  • strace to the rescue
    • Assumed it was going to use /dev/ipmi – but it didn’t
    • No /sys/bus/pci access
  • MMIOtrace to the rescue
    • No access to PCI BARS either
  • This tool does not use any kernel-provided hardware access
  • strace logs show oipl()
    • this should only be for very simple stuff. app should not access hardware bypassing the kernel
  • gdb
    • find inb/outb functions
    • set breakpoints
  • Was accessing the 0xcf8 / oxcfc PCI configuration register
  • Not just PCI config space, was also doing CMOS access
  • But wait there is more!
    • Some options didn’t trigged the breakpoints above
    • Step though gdb
    • Wait, hang on that is not my address space
    • /dev/mem being opened and mmap()ed
    • Executing BIOS code in process context
  • LD_PRELOAD
    • Trap iopl()
    • Install segfault handler
    • Wait for trap
    • decode instructions around instruction pointer
    • raise privs, execcute, drop priv
    • increment ip
    • continue
  • What is it doing
    • Accessing io ports on the IPMI controller
    • Mirror of the PCI config space registers
  • So where does the XML come from
    • Staring at the output of “strings”
    • Undocumented debug flag
    • When you set the program printed out everything it did.
  • DMI
    • DMI table contains pointer to memory
    • map that memory
    • find another table
    • parse that table
  • Summary
    • Tool access PCI config space in racy manner
    • Tool access CMOS space in a racy manner
    • Tools executes BIOS code from userspace
  • A shockingly happy ending
    • Communication with vendor
    • Work on improving this in future
    • Victory!

 

 

Share

Linux.conf.au 2014 – Day 3 – Session 1

Systems Administration in the Open by Elizabeth Krumbach Joseph

  • Works for HP , paid to work on Openstack project
  • Normally infrasture is maintained by a team
    • You interact with them via tickets and email
    • Priority determined by the team
  • Infrastructure team at open stack
    • CI system
    • Wiki, website, IRC bots
  • Everything is in a public git repo
    • Puppet modules
    • git.openstack.org
    • Anyone can submit patches
  • Openstack code review and CI chelleganes
    • Lots of individual projects (infrastructure is just another one)
    • Syntax checks, testing automated, changes should never break the master
  • Using
    • launchpad
    • git
    • gerrit
    • zuul
    • gearman
    • jenkins
    • nodepool
  • Probably don’t need that much at most places, but already used by other projects
  • Anyone on the Internet can look at our changes and/or do code reviews
  • checks:
    • puppet pareser validate
    • puppet-lint
    • XML
    • Alphabetized project files
  • Peer review
    • Multiple eyes on changes prior to merging
    • Good infrastructure for developing new solutions (particularly for distributed teams)
    • Trains us to be collaborative by default
    • No special process to go through commit access
  • Changes get checked in
    • Either puppet master gets updated and applies change
    • Or vcsrepo module in puppet pulls in latest version of the project
  • Can you really manage via git commits
    • Cacti to keep eye on server usage
    • Puppet dashboards so you can watch your changes get applie(or not)
    • Thorough, specific documentation at http://ci.openstack.org
  • Sometimes you need to login to a server
    • More difficult for complicated migrations, upgrades
    • Passwords need to be more privately managed
    • Other stuff kept in hiera and maintained out of band
  • Conclusion
    • You have the tools you need to figure out and patch the infrastructure
    • Priority is largely determined by the patch submitter
    • No need to wait for the infrastructure team to figure out and write your change

 

Linux Filesystems: Where did they come from? by Dave Chinner

  • Motivation
    • Based on previous study that reviewed commits on file systems from git tree
    • Focus primary on bug fixes
    • Ignored feature work, didn’t look at the people
    • Only considered 2.6.x kernels
    • Listed Patch type, type of bug fixed
    • Only listed by number of commits, not the number of lines
    • Listed bugs fixed per release
    • But didn’t list “why” some of these things happened
  • Fire System Technologies
    • 1970s
      • Record based
      • small file name sizes
      • File control blocks rather than inodes
      • No Hierarchical namespaces – multiple “user regions” to segregate files
    • early 1980s
      • Sector based – complex Cylinder/head/sector mappings and optimisations
      • inode tables
      • bitmaps for free space
      • Resource forks
      • Hierarchical directory structure
        • simple and limited in size and depths
    • late 1980s
      • Extents and btrees in research
      • journalling first used
      • full 32 bit address space in use
      • Cylinder roup seek optimisation lead to multiple inode/data groups per file system
    • Early 1990s
      • maximising IO, > 4GB file systems. minimising seeks in reasearch.
      • RAID
      • log structured filesystems and copy-on-write
      • 5-10 year gap from research to production
    • late 1990s
      • soft updates to replace journaling
      • data transformations (compression, encryption)
      • wandering logs
      • async journalling
    • Current tech 00s
      • transperant error correction
      • direct device management (raid itself)
      • reference counted copy-on-write btrees
      • log structured merge trees
  • Linux file Systems
    • Minux FS – 16 bit, 64MB
    • 1992 ext File System – 2GB MAx, 255 char file names
    • 1993 – ext2 – 4TB max size, a/c/mtime support , group based bitmap allocator, extensible
    • 1998 – journaling proposed for ext2
    • 1999 – IBM release JFS under GPL
    • 2000 – SGI release XFS under the GPL
    • 2001 – Ext3 merged, reiser3 merged, JFFS2 merged, First JFS and XFS releases
    • 2002 – JFS and XFS merged
    • 2004 – Reiser4 released
    • 2005 – NILFS released
    • 2006 – ext4 first proposed, created
    • 2007 – BTRFS concenved
    • 2008 – ext4 declared stale, tux3 design first published
    • 2009 – BTRFS merged, NILFS2 merged
    • 2010 – LogFS merged in 2.6.34
    • 2013 – F2FS merged in 3.8
  • Linux history in git trees
    • Complete from 2.4.0
    • Older releases mostly intact
    • commit date issues, time based search fail
  • XFS History in a git tree
    • Complete from initial commit in 1993
    • Older commits mostly intact, some issues
  • Looking at extN / XFS / btrfs
    • When – diffstat
    • what – difss and commit messages
    • who – commits, mailing lists
  • EXT file system
    • 2500 lines added in 1991 to get it working
    • Removed in 2.1.21
  • ext2
    • 1994 – first commit
    • 1998 – Steven Tweedy did lots of work
    • 2002 – various stuff done
    • 2003 – extended attributes originally from XFS added by XFS team
    • 2008 – reservation based block allocation backported from ext3
  • ext3
    • 2002 – created
    • 2003 – journalling added , extended attributes
    • nothing much since then except maintenance
  • ext4
    • 2007- create
    • features steadily being added 2007 till now
  • btrfs
    • 2x the amount of code than ext4
    • Steady add of features since 2008
    • Stuff being added not removed
    • Sync’d to Linux merge and fix windows every 3 months
  • xfs
    • 1995 release
    • 2000 removed a tonne of stuff due to licenses pre-GPL (and it still worked)
    • Several other code removals
    • Code removals often mechanism being replaced by something better
  • Compare
    • xfs is as old as all others and has had more work done on it most years except recently with btrfs
    • btrfs due to overtake xfs as largest filesystem in 2014

 

Share

Linux.conf.au 2014 – Day 3 – Welcome + Lightning talks

Lightning talks

  • Storing Passwords
    • Salt per per password
    • See Aus Govt standards
    • Use bcrypt or approved standards
    • Don’t write your own
  • Pyladies Australia
    • Setting up in Aus
    • Local groups
    • Various ways you can help
    • australia.pyladies.com
    • @pyladiesAU on twitter
  • Crowd-funding Free Software
    • eg kickstarter
    • wish was a feed of free software crowdfunding campaigns
    • cffsw.modernthings.org
    • @crowdfundfloss
    • Keep record of old and list existing and upcoming funding rounds
  • slidelint
    • everybody makes same mistakes in slides
    • like code lint but for you slides
    • eg text to small, too close to edge, low contrast, spelling
    • Website version coming
    • runs against pdf
    • All in python, pluggable, docs
    • github.com/mithro/slidelint
  • Raising Geek Girls
  • Blue Hackers
    • Blue Hackers area near rego desk
    • Blue Hacker BOF happened on Tuesday
    • Psychologist on campus on Thursday and Friday. Signup in area near desk (anonymous method)
  • File System for Raspberry Pi
  • PyCon Australia 2014
    • www.pycon-au.org
    • Brisbane 1st to 5th August 2014
  • RapRap based curriculum
    • Newer designs are better, can be built in 3 hours
    • Idea that High Schools could build various classes around it: art, maths, physics, chemistry
    • Idea to create a book around this idea that schools could use
  • Kiwi PyCon 2014
    • Wellington somewhere
    • September
    • kiwi.pycon.org

 

Share

Linux.conf.au 2014 – Day 2 – Session 3 – Astronomy Miniconf

Supercomputing and Data Storage Design for the SKA – Stephen Ord

  • Still in design process but not everything finalised
  • Square Kilometre Array
    • Dense core, spread out arms
    • Across Aus and South Africa
    • different antenna cover different frequencies
    • Main goals of array:
      • Galaxy Evolution, Cosmology and Dark energy
      • The first billion years of the Universe
      • Strong field tests of gravity using pulsars and black holes
      • Cosmic Magnetism
      • Cradle of life – complex molecules around distant stars
  • Interferometer – Very heavy proccessing required
  • Lots of data coming in, lots to be archived
  • MWA ( approx 1% of the size of the SKA)
    • 7km of trenching
    • 10kn of electrical cable
    • 16km of fibre
    • 2048 dual pole antennas
    • 42 km of coax cable
  • Way too dense information for me to summarise
  • Next Generation Archiving System
    • Distrubuted, forwards data to various clusters around the world
    • Users can subscribe to tags

 

Desert Fireball Network – with Linux under the bonnet – Martin CupΓ‘k

  • Meteoroid (in space), Meteor (in atmosphere) , Meteorite (on earth)
    • Observed from 2 or more locations. 120-30km above surface. Freefall below 30-40km
    • Triangulation, analysis, weather model (can move up to 10km sidewise)
    • Search trip
    • Meteorite!
  • Types: Stoney, Achondrite, stony-Iron, Iron
  • History
    • Manually operated film cameras (since 1959)
    • Automated film cameras (first in 1997, since 2001)
    • Digital cameras (ideas and dev since 2010, operation since 2013)
  • First Meteorite observed, triangulated and found in Czech republic in April 1959
  • Since 2009 15 automated film cameras across 13 stations in Europe
  • Nullarbor network of automated film cameras – 3 stations 2005, 4 stations since 2007
    • 150km apart
  • Based on Industrial PC
    • Old ones P1 , newer P3
    • Microphone picks up sound from meteor going through atmosphere
  • Software
    • Using Redhat 7.3 (released 2002)
    • ntpd sync’d
    • New System using Centos 5.2
  • Digital Cameras
    • Triggered system
      • sequence of hi-speed HR images fired when event detected
      • 11 images/second
      • Complicated design so put aside for now
    • Long exposure system
      • MK-I – 2 built as testbed
        • eBox Pc, 933Mhz, 3xUSB, 1TB HDD, DSLR taking 30s exposures, leo stick uController for power, GPS and camera control, 3G modem, 2x2TB NAS
        • 3G modem lockups
        • Slow CPU
        • SD card unrelaible
        • External HDD a worry
      • MK-II – 10 built, 5 deployed, 60 planned across Australia + USA
        • Industrial PC
        • Video Camera
        • Atom N2600 dual core 1.6GHz
        • 480G SSD
        • 2 X 4TB external HDs
    • Kit camera system for enthusiasts
      • Similar to long-exposure system, possibly lower resolution
  • Goal 60 Cameras, cover 1/3 of Australia. See 15-20 meteorites / year in searchable areas, 500TB data per year
  • Data available for other uses?
Share

Linux.conf.au 2014 – Day 2 – Session 2 – Open Programming Miniconf

Coming home: a return to PHP’s roots by Adam Harvey

  • I arrived late for this but he looked like he was having fun
  • He wrote a PHP micro-framework live in the talk
  • Cute

Get your PaaS into gear by Katie Miller

  • An introduction to OpenShift
  • Platform As A Service, include web servers, databases, storage.
  • Iaas -> Paas -> Saas
  • Why?
    • Focus on code, not config
    • Speed of deployment
    • Convenience
    • Scalability
    • effeciency
  • Flavours
    • Origin – Source can be downloaded
    • online – Hosted in Amazon
    • Enterprise – Run you own supported
  • Runs on RHEL
    • Runs in containers
    • Cartridges (programming environment) within the container
  • Tissues!

The Cobblers Children Have No Shoes: Development Tools and the Unix Philosophy by Russell Keith-Magee

  • Django Guy
  • Over last 30 years – My tools have got appreciable worse
    • Libraries, languages and computers better
    • Programming tools have not
    • Some have got worse
    • Not language specific
  • Debugging
    • Borland C – GUI – see where in code you are
    • 1994 gdb
    • 2013 gdb
  • Why?
    • The Unix philosphy – small, seperate tools
    • Cargo Cult
      • Powerful tools only need a CLI
  • Fully featured IDE?
    • Only one tool the GUI
    • Maybe a plugin interface, if you are lucky
  • Keep good bit of Unix philosphy
    • Different Window dressing
  • BeeWare
    • Common problem with bad interface – testing
    • Current test suite outputs little to screen until it finishes.
    • Cricket – runs test suites and lets you look at output while it is running, see progress, what is passing/failing, can browse errors, does just one thing
      • cross platform – uses what Python provides out of the box, uses tk
      • Zero configuration – uses pip and run from command line. Nothing set in tool
      • Integration
    • Duvet – Test coverage tool
    • Why not a web interface
      • Needs to have a server
      • Live updates are still ard
      • Don’t believe web browsers will be superior to native tools and time soon
  • pybee.org

 

A Pseudo-Random Talk on Entropy by Jim Cheetham

  • Random vs Pseudo-Random vs Cryptographically Secure Pseudo-Random
  • Some Pseudo-Random generators not as random as was expected
  • Good PRNG – Mersenne Twister,
  • Blum Blum Shub – Crypto good if you pick right numbers
  • Diehard test spot bad random numbers
  • Random numbers for science – use publish “table” of pre-generated ones
  • /dev/random very random enviromental noise , /dev/urandom not crypto-good
  • /dev/random should block if not enough random bits available
  • RdRand – Source of random data built into chip, measures physical noise, runs through AES, can’t acess original data though
  • Sources from various hardware generators
  • Turbit – reads noise from soundcards
  • OneRNG – Speakers project, Open etc
Share

Linux.conf.au 2014 – Day 2 – Session 1 – Open Programming Miniconf

Keeping Current: Maintaining an internal fork by Benno Rice

  • FreeBSD contributor, works for EMC isilon division
  • OneFS file system runs on appliances FreeBSD
  • OneFS = FreeBSD + stuff
  • Various add-one. Pretty interfaces, file system, etc
  • Some changes upstreamed but not others
  • We maintain a divergent fork of FreeBSD

Strategy:

  • Don’t maintain a fork
    • Version is old. 7.3 from 2010 plus backports
  • Don’t get behind
    • Need to catchup and stay caught up
    • Track FreeBSD-current
    • Do our own releases
  • Don’t track branches
    • upstream as much as possible to minimise diffs
  • Upstream as much as possible
    • Code checkout 5GB
    • Pile it all up approach approach – bulk merge and fix things – no timeline – no way to test
    • Pretend we use git approach
      • merge changes from bsd and apply
      • subversion couldn’t do directly, fixed with script
  • If your tools don’t do what you need fix them
    • worlds ugliest rebase – merge in all changes since 7.3
    • eventually got there
    • merge 20 changesets and then test a bit. bisect changes
    • 9 weeks of work to get to FSB v8
  • Don’t Stop
    • Got to keep tracking it forever
    • need to work out when to do releases

 

USB and Android by Joel Stanley

  • Last 3 years making consumer electronic devices, all talk to USB
  • Android as a tool
    • cheap, portable, lots of connectivity
    • No licensing worries vs laptops
    • Lots of features
    • Works out of the box
  • USB APIs as of Andriod 4.0
  • Normally runs in peripheral mode – we are interested in host mode
    • Most hardware requires a dongle
    • ADB over TCP to debug
    • Asus Transformer
  • Architecture
    • libusbΒ  – std Linux
    • app.so – Same as linux version
    • C wrapper – app code created and mait by C, simplyfyin Java
    • JNI
    • App Classes – calls into C code
    • User Interface
  • Java Naive Interface – JNI
    • C can call Java
    • Jave can call purpose-written C-code
    • Hard to get started with, look at others people code off github
  • Native Development Kit
    • C/C++ cross compiler for targeting Android
    • Provided by Google
    • Used it to compile shared libs
  • Android permissions
    • Limits access to device files
    • No auto access to hardware, can’t hard-code since USB is dynamic
    • Get permission in Java code and then change permission so C code can use
  • https://github.com/shenki/FreeDV-Android

 

Developing OQGRAPH, a tool for graph based traversal of SQL data in MariaDB by Andrew McDonnell

  • Graphs = nodes + edges/links
  • Graph alogrithms – Breadth first, depth first, shortest path
  • Graphs in the “real world” – maps (how does GPS work), relationships (linkedin, facebook), trees
  • MariaDB is fork of MySQL
    • Being adopted a various distributios
    • Used by big companies
  • Graphs in a SQL RDBMS
    • store a graph as a list of edges
  • OQGraph
    • Creates “latch” column that contains a special command executed by the storage engine
    • where latch=’breadth_first”
    • Project hosted on lauchpad

 

 

Share

Linux.conf.au 2014 – Day 2 – Keynote

Kate Chapman– OpenStreetmap for disasters

  • Background
    • Most maps people used are not free
    • “The Wikipedia of Maps”
    • Goal: A free map of the whole world
    • ODbL – Like CC-BY-SA
  • Humanitarian Openstreetmap Projects (HOT)
  • 1st official activation in 2009 for Gaza
  • Activatation is a response from the community to a callout
  • Port-au-prince Jan 12 2010
    • Tracing existing satellite photos
    • Being used by people on the ground within a week
    • Geographic agency build collapsed and many staff killed in earthquake
    • Data released by agencies used for maps
    • Also covered Northern Haiti which wasn’t as affected by quake
    • Created NPO to organise
  • Project to map Indonesian ahead of time since disaster-prone country
    • Map once, use for many things
    • Pilot project – West Nusa Tenggara
      • Worked with community to collect data, including demographics data
      • Some existing maps were hand drawn or used “dumb” tools like coral-draw
      • ASM tools distributed
      • Agreement from Govt, NGOs, Companies to make best mapped province in Indonesia
    • Mapping Jakarta
      • 267 Urban villages
      • Talked to each head, get person to map data, University students to input the data
      • Varying levels of data quality, in-putted by students
      • Flooding in Jan 2013 – Map uses as basis of maps to show areas affected
      • Creating a training program (training the trainers)
    • openstreetmap.or.id
    • Data collected (often by Scouts), printed out maps, got people to walk around fill in gap son paper. Add data to online version
    • Used to create impact models for future floods
    • 3 part training manual created (English and Indonesian)
  • Eurosha
    • Training people to go work for 6 months in various African countries
  • Other projects to map 200 asian cities that are prone to disasters
  • Senegal – training and workshops
  • Project in Japan in Tsunami affected areas
  • Mapmill –
    • Civil Air Patrol takes GPS tagged photos of disaster areas
    • People sorted images by damage None/some/bad
  • American Red Cross
    • Fire risk map in Uganda
  • Β  Philippines – Typhoon Haiyan hit Nov 2013
    • Mapped 10,000 buildings in Tacloban before Typhoon hit
    • Website allows people to login and see various tasks that can be done
    • Post-event Satellite Imagery needed
    • US State Dept released satellite imagery for 30 days
    • Able to use photos to do before-vs-after maps on damage
  • github.com/hotosm
  • digitalhumanitarians.comΒ  – various groups
  • Volunteer in Person for a Project – See website for lists
  • hot.openstreetmap.org
Share

Linux.conf.au 2014 – Day 1 – Keynote

Keynote – Dr Suelette Dreyfus

Β The Surveillance state

  • Our state is out of balance, to much state power
  • Evolution to the Post-Snowden World
  • Era of the Whistleblower – Reveals information from inside an organisation
    • Doesn’t have to be a traditional employee (eg contractor)
    • about serious wrongdoing
    • to someone they believe can do something
  • Today’s public perception of whistleblowers
    • Most people think “normal” or “heroes”
    • http://whistleblowingsurvey.org
    • About 50% of population too much secrecy within organisations
    • 80% support people should be supported revealing inside information
    • 87% support someone should be able to go to the media
  • Why the change from traditional views which were much more anti-whistleblower?
    • Whistle-blowers, publishers, journalists, academics are harassed, stopped at borders. Live in exile from UK, USA, Australia. Live in Russia

What has the state been doing

  • Reached a state of security saturation
    • So much money being spent it is being wasted on WoW and stupid places
    • Extra money being spent produces no additional useful data

Case Study – The inside platform

  • Cradle to graduation state tracking of children in Victoria – she used “our children”
  • Move assesment to one-stop-shop
  • Track individual progress of children, to provide picture of child, tailor teaching
  • Learning disabilities, behavioural problems, all in one place
  • What about religious schools, will church attendance and attitude be recorded?
  • Who has access, how long retained, who will it be shared with? Kept overseas?
  • Lots of rules around heath data but none in this tender (hard to tell since tender not publicly available)

Sample of Hardware exploit hardware that can be installed on Dell servers

  • Examples for Dell servers
  • Multiple vendors targeted
  • Hacks for Phones and SIM cards

Status of The Surveillance State

  • Bulk Collection – Met, still to be cross linked
  • Ongoing Storage – Mostly Met
  • Capture of all state data – Not yet fully linked
  • Co-option of big-data players – Being worked on, some push back
  • Legal – Met
  • One-View of citizen across all interactions across lifetime – Getting closer

What you can do

  • “In a time of universal deceit, telling the truth is a revolutionary acts” – George Orwell
  • Get Political
  • Write privacy-enhancing software, write defensive/detection software for ordinary people
  • Get involved in NFPs that give tech support to journalists, NGOs and average citizens
  • If you work for the Govt, use your voice
Share

lca2013 – Day 4 – Session 2

Git For Ages 4 And Up by Michael Schwern

It is not you, is really is complicated

It is easier to understand git from inside out, cause the interface is so far…

Getting started – init and clone

  • Entire repo in .git directory after “git init”

Getting stuff done add and commit

  • add writes to the repo
  • commit creates a commit object and puts labels on it
  • take a new copy this file.
  • Add creates a new node, commit attaches a commit-object to it and moves the head and master

Branching

  • git branch feature – added feature label to current node
  • git checkout feature – next commit will move feature label
  • git commit – moves the feature label and the head
  • head always points to what you have checked out

Commits

  • Every one is unique and has unique id
  • They never change
  • content, author, date

Staging area / Index / Cache

  • Place to build up stuff before a commit
  • eg what is in “add”

Workflow

  • Isolate -> work <-> update -> share
  • git checkout master – move back to master branch, can’t see stuff in branch
  • get merge feature – merge in the branch “feature”
  • git log –graph –decorate all
  • reset – “arbitary move labels around command”
  • Merge master back into feature
    • git checkout feature
    • git merge master
  • Unlike cvs “commit does not meet share”

Working with others

  • git clone remote work – clones a remote into work folder
  • Normally “remote” will be the URL of the remote repo
  • origin/master – label to commit where git thinks remote currently is.
  • pull == fetch + merge
  • git checkout -b bugfixΒ  – checkout and branch
  • git push origin bugfix – push to the branch “bugfix” on the remote “origin”
  • git push -u origin bufix – the -u sets the default branch to push to on the remote “origin” for next time

Tags

  • git tag v1.0 b08234
  • Add any old random tag to a commit, defaults to current commit you are on
  • cannot move tags except with force
  • can branch from tags

Rebase

  • git rebase -iΒ  – interactive mode
  • squash
  • creates a new commit ( hanging off parent of commit your are rebasing ) and move branch to it, leaves previous branch hanging detached
  • Don’t rebase after you have pushed
Share

lca2013 – Day 4 – Keynote

Bunnie – Linux in the Flesh: Adventures Embedding Linux in HardwareΒ 

As CPU speeds growth has stall mobile CPUs have caught up with Desktop CPUs

Cost of Mobile CPUs $20 on intro vs $X00 on intro for desktop CPUs

Time spend making a product

  • 11% on Hardware design – schematic and PCB layout
  • 20% on product and software dev
  • 33% in mass production ramp

Giving Linux a body

  • Consumers don’t like bare boards
  • Comprehensive 3D models
  • Build injection molds – Steel cut, EDM tidy, Hand polish
  • Around $20k to create tool
  • People like Apple will start multiple tool runs and keep the best
  • General rule – $99 product you want to sell wholesale for $30
  • Magic prices products sell at $99, $149, $199
  • 90% of hardware sales between Black Friday and Christmas. Can’t ship just after Christmas

Chellenges of Embedding Linux

  • Embedded CPUs have lots of weird bugs
  • Bootloaders
    • CPU-Specific media loaders
    • Firmware has raw Iron – NO MMU, No DRAM, etc
  • Small memory footprint
    • Linux runs just a few MB of memory
    • Every $ counts, lots of time fixing code
  • Flash File Systems
    • Few 1000 read/write cycles
    • No write g’teed to succeed
    • Power-down corruption is a fact of life, need backup or read-only copies
  • Power Management
    • Reduce frequency and voltage when CPU is lightly loaded
    • Need to adjust for high and low load
    • Rouge processes can chew CPU/Power
    • Lots of auditing needed
    • User apps are hard
  • Suspended / Sleep hard
    • Drivers might be written with this in mind
  • Huge number of devices that can be plugged in, lots of drivers to verify
  • Dev community
    • Smaller pop that desktop
  • Updates and patches and rollout and distribution hard to do, must do yourself
  • Software is the major bottleneck – cause it is easy, you can do anything
  • System architect must create a useful cage for the software dev

Case Study: Robot Vision

  • Kovan
  • Needs to do image processing
  • Lots of choices
    • Using FPGA on PCIe uses up all of memory bandwidth in small systems
    • Connect via USB means it is just a “camera driver”
    • Connect between Soc and the Screen
    • Or between SoC and the DRAM
  • Ended up between SoC and LCD
  • Ends up as /dev/fpga
  • Handle multiple types by probing

Case: NeTV

  • Goes between device and screen
  • Overlay stuff over video
  • But signal is all encrypted
  • Sync Pixels and replace one by one using Man-in-the-middle attack on encrypted signal!!!
  • Very hard to get timing, drift of 100s of pixels per frame
  • Source clock from the incoming signal
  • A few other tricks

Dev Enviroment

  • Created Amazon AMI to help people get up and going
  • But hardware devs not used to using these
  • Not a 100% fit to normal dev model
Share