Open Source Software
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
An Introduction to Linux IPC
An introduction to Linux IPC Michael Kerrisk © 2013 linux.conf.au 2013 http://man7.org/ Canberra, Australia [email protected] 2013-01-30 http://lwn.net/ [email protected] man7 .org 1 Goal ● Limited time! ● Get a flavor of main IPC methods man7 .org 2 Me ● Programming on UNIX & Linux since 1987 ● Linux man-pages maintainer ● http://www.kernel.org/doc/man-pages/ ● Kernel + glibc API ● Author of: Further info: http://man7.org/tlpi/ man7 .org 3 You ● Can read a bit of C ● Have a passing familiarity with common syscalls ● fork(), open(), read(), write() man7 .org 4 There’s a lot of IPC ● Pipes ● Shared memory mappings ● FIFOs ● File vs Anonymous ● Cross-memory attach ● Pseudoterminals ● proc_vm_readv() / proc_vm_writev() ● Sockets ● Signals ● Stream vs Datagram (vs Seq. packet) ● Standard, Realtime ● UNIX vs Internet domain ● Eventfd ● POSIX message queues ● Futexes ● POSIX shared memory ● Record locks ● ● POSIX semaphores File locks ● ● Named, Unnamed Mutexes ● System V message queues ● Condition variables ● System V shared memory ● Barriers ● ● System V semaphores Read-write locks man7 .org 5 It helps to classify ● Pipes ● Shared memory mappings ● FIFOs ● File vs Anonymous ● Cross-memory attach ● Pseudoterminals ● proc_vm_readv() / proc_vm_writev() ● Sockets ● Signals ● Stream vs Datagram (vs Seq. packet) ● Standard, Realtime ● UNIX vs Internet domain ● Eventfd ● POSIX message queues ● Futexes ● POSIX shared memory ● Record locks ● ● POSIX semaphores File locks ● ● Named, Unnamed Mutexes ● System V message queues ● Condition variables ● System V shared memory ● Barriers ● ● System V semaphores Read-write locks man7 .org 6 It helps to classify ● Pipes ● Shared memory mappings ● FIFOs ● File vs Anonymous ● Cross-memoryn attach ● Pseudoterminals tio a ● proc_vm_readv() / proc_vm_writev() ● Sockets ic n ● Signals ● Stream vs Datagram (vs uSeq. -
Linux and Free Software: What and Why?
Linux and Free Software: What and Why? (Qué son Linux y el Software libre y cómo beneficia su uso a las empresas para lograr productividad económica y ventajas técnicas?) JugoJugo CreativoCreativo Michael Kerrisk UniversidadUniversidad dede SantanderSantander UDESUDES © 2012 Bucaramanga,Bucaramanga, ColombiaColombia [email protected] 77 JuneJune 20122012 http://man7.org/ man7.org 1 Who am I? ● Programmer, educator, and writer ● UNIX since 1987; Linux since late 1990s ● Linux man-pages maintainer since 2004 ● Author of a book on Linux programming man7.org 2 Overview ● What is Linux? ● How are Linux and Free Software created? ● History ● Where is Linux used today? ● What is Free Software? ● Source code; Software licensing ● Importance and advantages of Free Software and Software Freedom ● Concluding remarks man7.org 3 ● What is Linux? ● How are Linux and Free Software created? ● History ● Where is Linux used today? ● What is Free Software? ● Source code; Software licensing ● Importance and advantages of Free Software and Software Freedom ● Concluding remarks man7.org 4 What is Linux? ● An operating system (sistema operativo) ● (Operating System = OS) ● Examples of other operating systems: ● Windows ● Mac OS X Penguins are the Linux mascot man7.org 5 But, what's an operating system? ● Two definitions: ● Kernel ● Kernel + package of common programs man7.org 6 OS Definition 1: Kernel ● Computer scientists' definition: ● Operating System = Kernel (núcleo) ● Kernel = fundamental program on which all other programs depend man7.org 7 Programs can live -
Linux Kernel and Driver Development Training Slides
Linux Kernel and Driver Development Training Linux Kernel and Driver Development Training © Copyright 2004-2021, Bootlin. Creative Commons BY-SA 3.0 license. Latest update: October 9, 2021. Document updates and sources: https://bootlin.com/doc/training/linux-kernel Corrections, suggestions, contributions and translations are welcome! embedded Linux and kernel engineering Send them to [email protected] - Kernel, drivers and embedded Linux - Development, consulting, training and support - https://bootlin.com 1/470 Rights to copy © Copyright 2004-2021, Bootlin License: Creative Commons Attribution - Share Alike 3.0 https://creativecommons.org/licenses/by-sa/3.0/legalcode You are free: I to copy, distribute, display, and perform the work I to make derivative works I to make commercial use of the work Under the following conditions: I Attribution. You must give the original author credit. I Share Alike. If you alter, transform, or build upon this work, you may distribute the resulting work only under a license identical to this one. I For any reuse or distribution, you must make clear to others the license terms of this work. I Any of these conditions can be waived if you get permission from the copyright holder. Your fair use and other rights are in no way affected by the above. Document sources: https://github.com/bootlin/training-materials/ - Kernel, drivers and embedded Linux - Development, consulting, training and support - https://bootlin.com 2/470 Hyperlinks in the document There are many hyperlinks in the document I Regular hyperlinks: https://kernel.org/ I Kernel documentation links: dev-tools/kasan I Links to kernel source files and directories: drivers/input/ include/linux/fb.h I Links to the declarations, definitions and instances of kernel symbols (functions, types, data, structures): platform_get_irq() GFP_KERNEL struct file_operations - Kernel, drivers and embedded Linux - Development, consulting, training and support - https://bootlin.com 3/470 Company at a glance I Engineering company created in 2004, named ”Free Electrons” until Feb. -
Ceph: Distributed Storage for Cloud Infrastructure
ceph: distributed storage for cloud infrastructure sage weil msst – april 16, 2012 outline ● motivation ● practical guide, demo ● overview ● hardware ● ● how it works installation ● failure and recovery ● architecture ● rbd ● data distribution ● libvirt ● rados ● ● rbd project status ● distributed file system storage requirements ● scale ● terabytes, petabytes, exabytes ● heterogeneous hardware ● reliability and fault tolerance ● diverse storage needs ● object storage ● block devices ● shared file system (POSIX, coherent caches) ● structured data time ● ease of administration ● no manual data migration, load balancing ● painless scaling ● expansion and contraction ● seamless migration money ● low cost per gigabyte ● no vendor lock-in ● software solution ● commodity hardware ● open source ceph: unified storage system ● objects ● small or large ● multi-protocol Netflix VM Hadoop ● block devices radosgw RBD Ceph DFS ● snapshots, cloning RADOS ● files ● cache coherent ● snapshots ● usage accounting open source ● LGPLv2 ● copyleft ● free to link to proprietary code ● no copyright assignment ● no dual licensing ● no “enterprise-only” feature set distributed storage system ● data center (not geo) scale ● 10s to 10,000s of machines ● terabytes to exabytes ● fault tolerant ● no SPoF ● commodity hardware – ethernet, SATA/SAS, HDD/SSD – RAID, SAN probably a waste of time, power, and money architecture ● monitors (ceph-mon) ● 1s-10s, paxos ● lightweight process ● authentication, cluster membership, critical cluster state ● object storage daemons (ceph-osd) -
Control Groups (Cgroups)
System Programming for Linux Containers Control Groups (cgroups) Michael Kerrisk, man7.org © 2020 [email protected] February 2020 Outline 19 Cgroups 19-1 19.1 Introduction to cgroups v1 and v2 19-3 19.2 Cgroups v1: hierarchies and controllers 19-17 19.3 Cgroups v1: populating a cgroup 19-24 19.4 Cgroups v1: release notification 19-33 19.5 Cgroups v1: a survey of the controllers 19-43 19.6 Cgroups /procfiles 19-65 19.7 Cgroup namespaces 19-68 Outline 19 Cgroups 19-1 19.1 Introduction to cgroups v1 and v2 19-3 19.2 Cgroups v1: hierarchies and controllers 19-17 19.3 Cgroups v1: populating a cgroup 19-24 19.4 Cgroups v1: release notification 19-33 19.5 Cgroups v1: a survey of the controllers 19-43 19.6 Cgroups /procfiles 19-65 19.7 Cgroup namespaces 19-68 Goals Cgroups is a big topic Many controllers V1 versus V2 interfaces Our goal: understand fundamental semantics of cgroup filesystem and interfaces Useful from a programming perspective How do I build container frameworks? What else can I build with cgroups? And useful from a system engineering perspective What’s going on underneath my container’s hood? System Programming for Linux Containers ©2020, Michael Kerrisk Cgroups 19-4 §19.1 Focus We’ll focus on: General principles of operation; goals of cgroups The cgroup filesystem Interacting with the cgroup filesystem using shell commands Problems with cgroups v1, motivations for cgroups v2 Differences between cgroups v1 and v2 We’ll look briefly at some of the controllers System Programming for Linux Containers ©2020, Michael Kerrisk Cgroups 19-5 §19.1 -
Secure Boot UEFI Secure Boot, Trusted Firmware Grub 2, Tboot
Design and Implementation of a Security Architecture for Critical Infrastructure Industrial Control Systems in the Era of Nation State Cyber Warfare David Safford, Bill Smith, Monty Wiseman LSS, 2016 GE Global Research Center Imagination at work. GE: • Half of the world’s installed Power Generation (PG) base is from GE • 10,000 gas and steam turbine generating units • Over 1,000,000 megawatts of installed capacity in 120 countries. • https://powergen.gepower.com/products/heavy-duty-gas-turbines.html • 40% share of the worldwide market for new PG equipment. • http://www.statista.com/statistics/381088/global-market-share-of-power- generation-equipment-manufacturers/ • Largest supplier of Transmission & Distribution (T&D) equipment in the United States, top three worldwide. • http://microgridmedia.com/ge-becomes-globa-utility-td-powerhouse/ • https://medium.com/@GE_Grid/a-vision-to-power-the-world- 74349a3c98a6#.ehjw5t7v8 3 Controls in The Era of Nation State Cyber Attacks At RSA 2016, Admiral Michael Rogers, head of the NSA and the US Cyber Command, told delegates during his keynote address at RSA 2016 that the number one thing that keeps him awake at night is a cyber attack against US critical infrastructure, which is only a matter of when, not if, it will happen. http://www.theregister.co.uk/2016/03/01/nsa_boss_three_security_ nightmares/ Stuxnet compromised the control systems for Iran’s nuclear centrifuges, rendering them useless. It attacked them successfully despite a state of the art air-gap defense. http://threatjournal.com/archive/tj12072013.html Ukraine’s electric grid was shut down for 8 hours by a cyber attack, which wiped all control system computers, and bricked critical control interfaces. -
Debian's Support for Secure Boot on X86 And
Debian’s support for Secure Boot on x86 and ARM Ben Hutchings Kernel Recipes, Paris, 2016 Ben Hutchings ● Regular Linux contributor since 2008 ● Working on various drivers and kernel code in my day job ● Debian kernel and LTS team member, now doing most of the kernel maintenance aside from ports ● Maintaining Linux 3.2.y and 3.16.y stable update series on kernel.org ● Kernel maintainer for LF Civil Infrastructure Platform, aiming for super-long-term support Secure Boot ● Optional feature in UEFI - uses certificate store to validate boot loader, UEFI drivers, system firmware updates ● Protects against persistent malware (bootkit / kernel rootkit) if implemented correctly ● Required in 'Designed for Windows' systems since Windows 8 (2012) ● Only common trusted certificates on PCs are for Microsoft signing keys ● MS will sign PC boot loaders for a small fee, and the certificate store is normally editable on PCs ● ARM-based Windows systems are completely locked down ● HPe shipping ARM64 server systems in SB setup mode, allowing installer to set trusted certificates GNU/Linux under Secure Boot ● First stage needs MS signature – manual submission process ● Most distributions introduced 'shim' as first stage boot loader that won't need updating often ● MS expects boot loader and kernel to validate code they load – and it's a good idea anyway ● For later stages, we control certificates and keys – certificates can be embedded in 'shim' ● GRUB needs to validate its modules and kernels ● Linux kernel needs to validate its modules and any other code -
Digitalocean
UPDATE SAGE WEIL – RED HAT SC16 CEPH BOF – 2016.11.16 2 JEWEL APPAPP APPAPP HOST/VMHOST/VM CLIENTCLIENT RADOSGWRADOSGW RBDRBD CEPHCEPH FSFS LIBRADOSLIBRADOS AA bucket-based bucket-based AA reliable reliable and and fully- fully- AA POSIX-compliant POSIX-compliant AA library library allowing allowing RESTREST gateway, gateway, distributeddistributed block block distributeddistributed file file appsapps to to directly directly compatiblecompatible with with S3 S3 device,device, with with a a Linux Linux system,system, with with a a accessaccess RADOS, RADOS, andand Swift Swift kernelkernel client client and and a a LinuxLinux kernel kernel client client withwith support support for for QEMU/KVMQEMU/KVM driver driver andand support support for for C,C, C++, C++, Java, Java, FUSEFUSE Python,Python, Ruby, Ruby, andand PHP PHP AWESOME AWESOME NEARLY AWESOME AWESOME RADOSRADOS AWESOME AA reliable, reliable, autonomous, autonomous, distributed distributed object object store store comprised comprised of of self-healing, self-healing, self-managing, self-managing, intelligentintelligent storage storage nodes nodes 3 2016 = FULLY AWESOME OBJECT BLOCK FILE RGW RBD CEPHFS S3 and Swift compatible A virtual block device with A distributed POSIX file object storage with object snapshots, copy-on-write system with coherent versioning, multi-site clones, and multi-site caches and snapshots on federation, and replication replication any directory LIBRADOS A library allowing apps to direct access RADOS (C, C++, Java, Python, Ruby, PHP) RADOS A software-based, -
Greg Kroah-Hartman [email protected] Github.Com/Gregkh/Presentation-Kdbus
kdbus IPC for the modern world Greg Kroah-Hartman [email protected] github.com/gregkh/presentation-kdbus Interprocess Communication ● signal ● synchronization ● communication standard signals realtime The Linux Programming Interface, Michael Kerrisk, page 878 POSIX semaphore futex synchronization named eventfd unnamed semaphore System V semaphore “record” lock file lock file lock mutex threads condition variables barrier read/write lock The Linux Programming Interface, Michael Kerrisk, page 878 data transfer pipe communication FIFO stream socket pseudoterminal POSIX message queue message System V message queue memory mapping System V shared memory POSIX shared memory shared memory memory mapping Anonymous mapping mapped file The Linux Programming Interface, Michael Kerrisk, page 878 Android ● ashmem ● pmem ● binder ashmem ● POSIX shared memory for the lazy ● Uses virtual memory ● Can discard segments under pressure ● Unknown future pmem ● shares memory between kernel and user ● uses physically contigous memory ● GPUs ● Unknown future binder ● IPC bus for Android system ● Like D-Bus, but “different” ● Came from system without SysV types ● Works on object / message level ● Needs large userspace library ● NEVER use outside an Android system binder ● File descriptor passing ● Used for Intents and application separation ● Good for small messages ● Not for streams of data ● NEVER use outside an Android system QNX message passing ● Tight coupling to microkernel ● Send message and control, to another process ● Used to build complex messages -
Analyzing a Decade of Linux System Calls
Noname manuscript No. (will be inserted by the editor) Analyzing a Decade of Linux System Calls Mojtaba Bagherzadeh Nafiseh Kahani · · Cor-Paul Bezemer Ahmed E. Hassan · · Juergen Dingel James R. Cordy · Received: date / Accepted: date Abstract Over the past 25 years, thousands of developers have contributed more than 18 million lines of code (LOC) to the Linux kernel. As the Linux kernel forms the central part of various operating systems that are used by mil- lions of users, the kernel must be continuously adapted to changing demands and expectations of these users. The Linux kernel provides its services to an application through system calls. The set of all system calls combined forms the essential Application Programming Interface (API) through which an application interacts with the kernel. In this paper, we conduct an empirical study of the 8,770 changes that were made to Linux system calls during the last decade (i.e., from April 2005 to December 2014) In particular, we study the size of the changes, and we manually identify the type of changes and bug fixes that were made. Our analysis provides an overview of the evolution of the Linux system calls over the last decade. We find that there was a considerable amount of technical debt in the kernel, that was addressed by adding a number of sibling calls (i.e., 26% of all system calls). In addition, we find that by far, the ptrace() and signal handling system calls are the most difficult to maintain and fix. Our study can be used by developers who want to improve the design and ensure the successful evolution of their own kernel APIs. -
SLA-Aware Adaptive Mapping Scheme in Bigdata Distributed Storage Systems
SMA 2020, September 17-19, Jeju, Republic of Korea, S. Chum et al. SLA-Aware Adaptive Mapping Scheme in Bigdata Distributed Storage Systems Sopanhapich Chum Jerry Li Department of Computer Science Memory Solutions Lab. Dankook University Samsung Semiconductor Inc. Yongin, Korea San Jose, CA, USA [email protected] [email protected] Heekwon Park Jongmoo Choi Memory Solutions Lab. Department of Computer Science Samsung Semiconductor Inc. Dankook University San Jose, CA, USA Yongin, Korea [email protected] [email protected] ABSTRACT by 2025, with a compounded annual growth rate of 61% [23]. In As data are processed by diverse clients ranging from urgent time- addition, these data are processed instantly to extract information critical to best-effort, supporting different QoS (Quality of Service) for decision making, recommendation and autonomous control becomes a vital component in a distributed storage system. In this using various analytic models and frameworks [1, 8, 11, 20, 27, 30]. paper, we propose a novel SLA (Service Level Agreement)-aware We indeed live in Bigdata era [24]. adaptive mapping scheme that can differentiate between urgent Distributed storage (also called as Cloud storage) plays a key and normal clients based on their I/O requirements. The scheme ba- role in Bigdata era. There are various distributed storage systems sically divides storage into two regions, normal and urgent, which including GFS [14], HDFS [26], Ceph [2, 33], Azure Storage [16], makes it feasible to isolate urgent clients from normal ones. In Amazon S3 [22], Openstack Swift [18], Haystack [6], Lustre [35], addition, it changes the size of the isolated region in an adaptive GlusterFS [17] and so on. -
Ceph, Programmable Storage, and Data Fabrics Carlos Maltzahn, UC Santa Cruz Fermilab, 6/9/17 Carlos Maltzahn Background
Ceph, Programmable Storage, and Data Fabrics Carlos Maltzahn, UC Santa Cruz Fermilab, 6/9/17 Carlos Maltzahn Background • Adjunct Professor, Computer Science, UC Santa Cruz • Current Research • Director, UCSC Systems Research • High-performance ultra-scale Laboratory (SRL) storage and data management • Director, Center for Research in Open • End-to-end Performance Source Software (CROSS) cross.ucsc.edu management and QoS • Director, UCSC/LANL Institute for • Reproducible Evaluation of Scalable Scientific Data Management Systems (ISSDM) • Network Intermediaries • 1999-2004: Performance Engineer, • Other Research Netapp • Data Management Games • Information Retrieval • Advising 6 Ph.D. students. • Cooperation Dynamics • Graduated 5 Ph.D. students • I do this 100% of my time! 2 Agenda • Overview of Ceph • Programmable Storage • CDNs/Data Fabrics Ceph, Programmable Storage, and Data Fabrics 3 Carlos Maltzahn Ceph History • 2005: Started as summer project • Funded by DOE/NNSA (LANL, LLNL, SNL) • Quickly turned into Sage Weil’s Ph.D. project • 2006: Publications at OSDI and SC • 2007: Sage graduated end of 2007, turned prototype into OSS project • 2010: Ceph Linux kernel client in 2.6.34 • 2011: Inktank startup • 2014: Red Hat acquires Inktank for $175m Ceph, Programmable Storage, and Data Fabrics 4 Carlos Maltzahn ARCHITECTURAL COMPONENTS APP HOST/VM CLIENT RGW RBD CEPHFS A web services A reliable, fully- A distributed <le gateway for object distributed block system with POSIX storage, compatible device with cloud semantics and scale- with