D-Bus in the Kernel LinuxCon 2014, Tokyo, Japan

May 2014

D-Bus in the Kernel Who? Greg Kroah-Hartman, David Herrmann, Daniel Mack, Lennart Poettering, Kay Sievers with help from Tejun Heo

D-Bus in the Kernel Most newer OS designs started around powerful IPC Mach, QNX, Hurd, . . . Linux only had IPC primitives (sockets, fifos, shared memory)

D-Bus in the Kernel Signals, Properties, OO, Broadcasting, Discovery, Introspection, Policy, Activation, Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions,

D-Bus in the Kernel Properties, OO, Broadcasting, Discovery, Introspection, Policy, Activation, Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals,

D-Bus in the Kernel OO, Broadcasting, Discovery, Introspection, Policy, Activation, Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties,

D-Bus in the Kernel Broadcasting, Discovery, Introspection, Policy, Activation, Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO,

D-Bus in the Kernel Discovery, Introspection, Policy, Activation, Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting,

D-Bus in the Kernel Introspection, Policy, Activation, Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting, Discovery,

D-Bus in the Kernel Policy, Activation, Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting, Discovery, Introspection,

D-Bus in the Kernel Activation, Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting, Discovery, Introspection, Policy,

D-Bus in the Kernel Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting, Discovery, Introspection, Policy, Activation,

D-Bus in the Kernel Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting, Discovery, Introspection, Policy, Activation, Synchronization,

D-Bus in the Kernel Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting, Discovery, Introspection, Policy, Activation, Synchronization, Type-safe Marshalling,

D-Bus in the Kernel Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting, Discovery, Introspection, Policy, Activation, Synchronization, Type-safe Marshalling, Security,

D-Bus in the Kernel exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting, Discovery, Introspection, Policy, Activation, Synchronization, Type-safe Marshalling, Security, Monitoring,

D-Bus in the Kernel Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting, Discovery, Introspection, Policy, Activation, Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams,

D-Bus in the Kernel File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting, Discovery, Introspection, Policy, Activation, Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials,

D-Bus in the Kernel Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting, Discovery, Introspection, Policy, Activation, Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing,

D-Bus in the Kernel Network transparency, no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting, Discovery, Introspection, Policy, Activation, Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic,

D-Bus in the Kernel no trust required, High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting, Discovery, Introspection, Policy, Activation, Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency,

D-Bus in the Kernel High-level error concept. . .

D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting, Discovery, Introspection, Policy, Activation, Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required,

D-Bus in the Kernel D-Bus is powerful IPC Method Call Transactions, Signals, Properties, OO, Broadcasting, Discovery, Introspection, Policy, Activation, Synchronization, Type-safe Marshalling, Security, Monitoring, exposes APIs/not streams, Passing of Credentials, File Descriptor Passing, Language agnostic, Network transparency, no trust required, High-level error concept. . .

D-Bus in the Kernel Suitable only for control, not payload It’s inefficient (10 copies, 4 complete validations, 4 context switches per duplex method call transaction) Credentials one can send/recv are limited No implicit timestamping Not available in early boot, initrd, late boot Hookup with security frameworks happens in userspace Activatable bus services are independent from other system services Codebase is a bit too baroque, XML, . . . No race-free exit-on-idle bus activated services ...

D-Bus has limitations

D-Bus in the Kernel It’s inefficient (10 copies, 4 complete validations, 4 context switches per duplex method call transaction) Credentials one can send/recv are limited No implicit timestamping Not available in early boot, initrd, late boot Hookup with security frameworks happens in userspace Activatable bus services are independent from other system services Codebase is a bit too baroque, XML, . . . No race-free exit-on-idle bus activated services ...

D-Bus has limitations Suitable only for control, not payload

D-Bus in the Kernel Credentials one can send/recv are limited No implicit timestamping Not available in early boot, initrd, late boot Hookup with security frameworks happens in userspace Activatable bus services are independent from other system services Codebase is a bit too baroque, XML, . . . No race-free exit-on-idle bus activated services ...

D-Bus has limitations Suitable only for control, not payload It’s inefficient (10 copies, 4 complete validations, 4 context switches per duplex method call transaction)

D-Bus in the Kernel No implicit timestamping Not available in early boot, initrd, late boot Hookup with security frameworks happens in userspace Activatable bus services are independent from other system services Codebase is a bit too baroque, XML, . . . No race-free exit-on-idle bus activated services ...

D-Bus has limitations Suitable only for control, not payload It’s inefficient (10 copies, 4 complete validations, 4 context switches per duplex method call transaction) Credentials one can send/recv are limited

D-Bus in the Kernel Not available in early boot, initrd, late boot Hookup with security frameworks happens in userspace Activatable bus services are independent from other system services Codebase is a bit too baroque, XML, . . . No race-free exit-on-idle bus activated services ...

D-Bus has limitations Suitable only for control, not payload It’s inefficient (10 copies, 4 complete validations, 4 context switches per duplex method call transaction) Credentials one can send/recv are limited No implicit timestamping

D-Bus in the Kernel Hookup with security frameworks happens in userspace Activatable bus services are independent from other system services Codebase is a bit too baroque, XML, . . . No race-free exit-on-idle bus activated services ...

D-Bus has limitations Suitable only for control, not payload It’s inefficient (10 copies, 4 complete validations, 4 context switches per duplex method call transaction) Credentials one can send/recv are limited No implicit timestamping Not available in early boot, initrd, late boot

D-Bus in the Kernel Activatable bus services are independent from other system services Codebase is a bit too baroque, XML, . . . No race-free exit-on-idle bus activated services ...

D-Bus has limitations Suitable only for control, not payload It’s inefficient (10 copies, 4 complete validations, 4 context switches per duplex method call transaction) Credentials one can send/recv are limited No implicit timestamping Not available in early boot, initrd, late boot Hookup with security frameworks happens in userspace

D-Bus in the Kernel Codebase is a bit too baroque, XML, . . . No race-free exit-on-idle bus activated services ...

D-Bus has limitations Suitable only for control, not payload It’s inefficient (10 copies, 4 complete validations, 4 context switches per duplex method call transaction) Credentials one can send/recv are limited No implicit timestamping Not available in early boot, initrd, late boot Hookup with security frameworks happens in userspace Activatable bus services are independent from other system services

D-Bus in the Kernel No race-free exit-on-idle bus activated services ...

D-Bus has limitations Suitable only for control, not payload It’s inefficient (10 copies, 4 complete validations, 4 context switches per duplex method call transaction) Credentials one can send/recv are limited No implicit timestamping Not available in early boot, initrd, late boot Hookup with security frameworks happens in userspace Activatable bus services are independent from other system services Codebase is a bit too baroque, XML, . . .

D-Bus in the Kernel ...

D-Bus has limitations Suitable only for control, not payload It’s inefficient (10 copies, 4 complete validations, 4 context switches per duplex method call transaction) Credentials one can send/recv are limited No implicit timestamping Not available in early boot, initrd, late boot Hookup with security frameworks happens in userspace Activatable bus services are independent from other system services Codebase is a bit too baroque, XML, . . . No race-free exit-on-idle bus activated services

D-Bus in the Kernel D-Bus has limitations Suitable only for control, not payload It’s inefficient (10 copies, 4 complete validations, 4 context switches per duplex method call transaction) Credentials one can send/recv are limited No implicit timestamping Not available in early boot, initrd, late boot Hookup with security frameworks happens in userspace Activatable bus services are independent from other system services Codebase is a bit too baroque, XML, . . . No race-free exit-on-idle bus activated services ...

D-Bus in the Kernel Right approach: good concepts, generic, comprehensive, covers all areas Established, it’s the single most used local, high-level IPC system on Linux, bindings for most languages Used in init system (regardless if systemd or Upstart), the desktops, embedded, . . .

D-Bus is fantastic, solves real problems

D-Bus in the Kernel Established, it’s the single most used local, high-level IPC system on Linux, bindings for most languages Used in init system (regardless if systemd or Upstart), the desktops, embedded, . . .

D-Bus is fantastic, solves real problems Right approach: good concepts, generic, comprehensive, covers all areas

D-Bus in the Kernel Used in init system (regardless if systemd or Upstart), the desktops, embedded, . . .

D-Bus is fantastic, solves real problems Right approach: good concepts, generic, comprehensive, covers all areas Established, it’s the single most used local, high-level IPC system on Linux, bindings for most languages

D-Bus in the Kernel D-Bus is fantastic, solves real problems Right approach: good concepts, generic, comprehensive, covers all areas Established, it’s the single most used local, high-level IPC system on Linux, bindings for most languages Used in init system (regardless if systemd or Upstart), the desktops, embedded, . . .

D-Bus in the Kernel Suitable for large data (GiB!), zero-copy, optionally reusable It’s efficient (2 or fewer copies, 2 validations, 2 context switches per duplex methd call transaction) Credentials sent along are comprehensive (uid, pid, gid, selinux label, pid starttime, tid, comm, tid comm, argv, exe, cgroup, caps, audit, . . . ) Implicit timestamping Always available, from earliest boot to latest shutdown Open for LSMs to hook into from the kernel side Activation is identical to activation of other services Userspace is much simpler, no XML, . . . Priority queues, . . . Race-free exit-on-idle for bus activated services ...

kdbus

D-Bus in the Kernel It’s efficient (2 or fewer copies, 2 validations, 2 context switches per duplex methd call transaction) Credentials sent along are comprehensive (uid, pid, gid, selinux label, pid starttime, tid, comm, tid comm, argv, exe, cgroup, caps, audit, . . . ) Implicit timestamping Always available, from earliest boot to latest shutdown Open for LSMs to hook into from the kernel side Activation is identical to activation of other services Userspace is much simpler, no XML, . . . Priority queues, . . . Race-free exit-on-idle for bus activated services ...

kdbus Suitable for large data (GiB!), zero-copy, optionally reusable

D-Bus in the Kernel Credentials sent along are comprehensive (uid, pid, gid, selinux label, pid starttime, tid, comm, tid comm, argv, exe, cgroup, caps, audit, . . . ) Implicit timestamping Always available, from earliest boot to latest shutdown Open for LSMs to hook into from the kernel side Activation is identical to activation of other services Userspace is much simpler, no XML, . . . Priority queues, . . . Race-free exit-on-idle for bus activated services ...

kdbus Suitable for large data (GiB!), zero-copy, optionally reusable It’s efficient (2 or fewer copies, 2 validations, 2 context switches per duplex methd call transaction)

D-Bus in the Kernel Implicit timestamping Always available, from earliest boot to latest shutdown Open for LSMs to hook into from the kernel side Activation is identical to activation of other services Userspace is much simpler, no XML, . . . Priority queues, . . . Race-free exit-on-idle for bus activated services ...

kdbus Suitable for large data (GiB!), zero-copy, optionally reusable It’s efficient (2 or fewer copies, 2 validations, 2 context switches per duplex methd call transaction) Credentials sent along are comprehensive (uid, pid, gid, selinux label, pid starttime, tid, comm, tid comm, argv, exe, cgroup, caps, audit, . . . )

D-Bus in the Kernel Always available, from earliest boot to latest shutdown Open for LSMs to hook into from the kernel side Activation is identical to activation of other services Userspace is much simpler, no XML, . . . Priority queues, . . . Race-free exit-on-idle for bus activated services ...

kdbus Suitable for large data (GiB!), zero-copy, optionally reusable It’s efficient (2 or fewer copies, 2 validations, 2 context switches per duplex methd call transaction) Credentials sent along are comprehensive (uid, pid, gid, selinux label, pid starttime, tid, comm, tid comm, argv, exe, cgroup, caps, audit, . . . ) Implicit timestamping

D-Bus in the Kernel Open for LSMs to hook into from the kernel side Activation is identical to activation of other services Userspace is much simpler, no XML, . . . Priority queues, . . . Race-free exit-on-idle for bus activated services ...

kdbus Suitable for large data (GiB!), zero-copy, optionally reusable It’s efficient (2 or fewer copies, 2 validations, 2 context switches per duplex methd call transaction) Credentials sent along are comprehensive (uid, pid, gid, selinux label, pid starttime, tid, comm, tid comm, argv, exe, cgroup, caps, audit, . . . ) Implicit timestamping Always available, from earliest boot to latest shutdown

D-Bus in the Kernel Activation is identical to activation of other services Userspace is much simpler, no XML, . . . Priority queues, . . . Race-free exit-on-idle for bus activated services ...

kdbus Suitable for large data (GiB!), zero-copy, optionally reusable It’s efficient (2 or fewer copies, 2 validations, 2 context switches per duplex methd call transaction) Credentials sent along are comprehensive (uid, pid, gid, selinux label, pid starttime, tid, comm, tid comm, argv, exe, cgroup, caps, audit, . . . ) Implicit timestamping Always available, from earliest boot to latest shutdown Open for LSMs to hook into from the kernel side

D-Bus in the Kernel Userspace is much simpler, no XML, . . . Priority queues, . . . Race-free exit-on-idle for bus activated services ...

kdbus Suitable for large data (GiB!), zero-copy, optionally reusable It’s efficient (2 or fewer copies, 2 validations, 2 context switches per duplex methd call transaction) Credentials sent along are comprehensive (uid, pid, gid, selinux label, pid starttime, tid, comm, tid comm, argv, exe, cgroup, caps, audit, . . . ) Implicit timestamping Always available, from earliest boot to latest shutdown Open for LSMs to hook into from the kernel side Activation is identical to activation of other services

D-Bus in the Kernel Priority queues, . . . Race-free exit-on-idle for bus activated services ...

kdbus Suitable for large data (GiB!), zero-copy, optionally reusable It’s efficient (2 or fewer copies, 2 validations, 2 context switches per duplex methd call transaction) Credentials sent along are comprehensive (uid, pid, gid, selinux label, pid starttime, tid, comm, tid comm, argv, exe, cgroup, caps, audit, . . . ) Implicit timestamping Always available, from earliest boot to latest shutdown Open for LSMs to hook into from the kernel side Activation is identical to activation of other services Userspace is much simpler, no XML, . . .

D-Bus in the Kernel Race-free exit-on-idle for bus activated services ...

kdbus Suitable for large data (GiB!), zero-copy, optionally reusable It’s efficient (2 or fewer copies, 2 validations, 2 context switches per duplex methd call transaction) Credentials sent along are comprehensive (uid, pid, gid, selinux label, pid starttime, tid, comm, tid comm, argv, exe, cgroup, caps, audit, . . . ) Implicit timestamping Always available, from earliest boot to latest shutdown Open for LSMs to hook into from the kernel side Activation is identical to activation of other services Userspace is much simpler, no XML, . . . Priority queues, . . .

D-Bus in the Kernel ...

kdbus Suitable for large data (GiB!), zero-copy, optionally reusable It’s efficient (2 or fewer copies, 2 validations, 2 context switches per duplex methd call transaction) Credentials sent along are comprehensive (uid, pid, gid, selinux label, pid starttime, tid, comm, tid comm, argv, exe, cgroup, caps, audit, . . . ) Implicit timestamping Always available, from earliest boot to latest shutdown Open for LSMs to hook into from the kernel side Activation is identical to activation of other services Userspace is much simpler, no XML, . . . Priority queues, . . . Race-free exit-on-idle for bus activated services

D-Bus in the Kernel kdbus Suitable for large data (GiB!), zero-copy, optionally reusable It’s efficient (2 or fewer copies, 2 validations, 2 context switches per duplex methd call transaction) Credentials sent along are comprehensive (uid, pid, gid, selinux label, pid starttime, tid, comm, tid comm, argv, exe, cgroup, caps, audit, . . . ) Implicit timestamping Always available, from earliest boot to latest shutdown Open for LSMs to hook into from the kernel side Activation is identical to activation of other services Userspace is much simpler, no XML, . . . Priority queues, . . . Race-free exit-on-idle for bus activated services ...

D-Bus in the Kernel Receiver buffers Single copy to destination(s) Method call windows Name registry

Overview

D-Bus in the Kernel Single copy to destination(s) Method call windows Name registry

Overview Receiver buffers

D-Bus in the Kernel Method call windows Name registry

Overview Receiver buffers Single copy to destination(s)

D-Bus in the Kernel Name registry

Overview Receiver buffers Single copy to destination(s) Method call windows

D-Bus in the Kernel Overview Receiver buffers Single copy to destination(s) Method call windows Name registry

D-Bus in the Kernel File descriptors for memory regions Zero Copy! Sealing At 512K zero copy is faster than single copy (a bit like Android ashmem)

memfds

D-Bus in the Kernel Zero Copy! Sealing At 512K zero copy is faster than single copy (a bit like Android ashmem)

memfds File descriptors for memory regions

D-Bus in the Kernel Sealing At 512K zero copy is faster than single copy (a bit like Android ashmem)

memfds File descriptors for memory regions Zero Copy!

D-Bus in the Kernel At 512K zero copy is faster than single copy (a bit like Android ashmem)

memfds File descriptors for memory regions Zero Copy! Sealing

D-Bus in the Kernel (a bit like Android ashmem)

memfds File descriptors for memory regions Zero Copy! Sealing At 512K zero copy is faster than single copy

D-Bus in the Kernel memfds File descriptors for memory regions Zero Copy! Sealing At 512K zero copy is faster than single copy (a bit like Android ashmem)

D-Bus in the Kernel Bloom Filters Every broadcast message includes bloom filter (calculated by sender) that contains all supported matches, kernel will then simply check receiver bloom filter mask (calculated by receiver) against it. Bloom filter uses SipHash, but kernel doesn’t care

Signal Broadcasting

D-Bus in the Kernel Every broadcast message includes bloom filter (calculated by sender) that contains all supported matches, kernel will then simply check receiver bloom filter mask (calculated by receiver) against it. Bloom filter uses SipHash, but kernel doesn’t care

Signal Broadcasting Bloom Filters

D-Bus in the Kernel Bloom filter uses SipHash, but kernel doesn’t care

Signal Broadcasting Bloom Filters Every broadcast message includes bloom filter (calculated by sender) that contains all supported matches, kernel will then simply check receiver bloom filter mask (calculated by receiver) against it.

D-Bus in the Kernel Signal Broadcasting Bloom Filters Every broadcast message includes bloom filter (calculated by sender) that contains all supported matches, kernel will then simply check receiver bloom filter mask (calculated by receiver) against it. Bloom filter uses SipHash, but kernel doesn’t care

D-Bus in the Kernel No XML, only simple ACL policy attached to service names More fine-grained access control needs to be done in userspace, but it’s much easier Use capability checks! PolicyKit

Policy:

D-Bus in the Kernel More fine-grained access control needs to be done in userspace, but it’s much easier Use capability checks! PolicyKit

Policy: No XML, only simple ACL policy attached to service names

D-Bus in the Kernel Use capability checks! PolicyKit

Policy: No XML, only simple ACL policy attached to service names More fine-grained access control needs to be done in userspace, but it’s much easier

D-Bus in the Kernel PolicyKit

Policy: No XML, only simple ACL policy attached to service names More fine-grained access control needs to be done in userspace, but it’s much easier Use capability checks!

D-Bus in the Kernel Policy: No XML, only simple ACL policy attached to service names More fine-grained access control needs to be done in userspace, but it’s much easier Use capability checks! PolicyKit

D-Bus in the Kernel GVariant used for marshalling (O(1) random access to struct and array fields) Setup, activation, policy management, driver, proxy lives in systemd New libsystemd-bus client library: waaaaay nicer to use – but not portable to non-Linux

Differences in Userspace:

D-Bus in the Kernel Setup, activation, policy management, driver, proxy lives in systemd New libsystemd-bus client library: waaaaay nicer to use – but not portable to non-Linux

Differences in Userspace: GVariant used for marshalling (O(1) random access to struct and array fields)

D-Bus in the Kernel New libsystemd-bus client library: waaaaay nicer to use – but not portable to non-Linux

Differences in Userspace: GVariant used for marshalling (O(1) random access to struct and array fields) Setup, activation, policy management, driver, proxy lives in systemd

D-Bus in the Kernel Differences in Userspace: GVariant used for marshalling (O(1) random access to struct and array fields) Setup, activation, policy management, driver, proxy lives in systemd New libsystemd-bus client library: waaaaay nicer to use – but not portable to non-Linux

D-Bus in the Kernel Synthesizes obsolete AcquiredName, LostName, Hello messages Implements XML policy Activated on demand, exits on idle Remarshals gvariant/dbus1

Proxy: provides compatibility with dbus1 sockets

D-Bus in the Kernel Implements XML policy Activated on demand, exits on idle Remarshals gvariant/dbus1

Proxy: provides compatibility with dbus1 sockets Synthesizes obsolete AcquiredName, LostName, Hello messages

D-Bus in the Kernel Activated on demand, exits on idle Remarshals gvariant/dbus1

Proxy: provides compatibility with dbus1 sockets Synthesizes obsolete AcquiredName, LostName, Hello messages Implements XML policy

D-Bus in the Kernel Remarshals gvariant/dbus1

Proxy: provides compatibility with dbus1 sockets Synthesizes obsolete AcquiredName, LostName, Hello messages Implements XML policy Activated on demand, exits on idle

D-Bus in the Kernel Proxy: provides compatibility with dbus1 sockets Synthesizes obsolete AcquiredName, LostName, Hello messages Implements XML policy Activated on demand, exits on idle Remarshals gvariant/dbus1

D-Bus in the Kernel org.freedesktop.DBus pseudo-service is a real service on kdbus Note that driver signals are synthesized on client side, so the driver only handles method calls Activated on demand, exits on idle

Driver: translates driver method calls into ioctl calls

D-Bus in the Kernel Note that driver signals are synthesized on client side, so the driver only handles method calls Activated on demand, exits on idle

Driver: translates driver method calls into ioctl calls org.freedesktop.DBus pseudo-service is a real service on kdbus

D-Bus in the Kernel Activated on demand, exits on idle

Driver: translates driver method calls into ioctl calls org.freedesktop.DBus pseudo-service is a real service on kdbus Note that driver signals are synthesized on client side, so the driver only handles method calls

D-Bus in the Kernel Driver: translates driver method calls into ioctl calls org.freedesktop.DBus pseudo-service is a real service on kdbus Note that driver signals are synthesized on client side, so the driver only handles method calls Activated on demand, exits on idle

D-Bus in the Kernel Identical to .socket unit types for socket activation dbus1 bus activation files still supported, but only for clients connecting via the proxy

Activation: new .busname unit type in systemd

D-Bus in the Kernel dbus1 bus activation files still supported, but only for clients connecting via the proxy

Activation: new .busname unit type in systemd Identical to .socket unit types for socket activation

D-Bus in the Kernel Activation: new .busname unit type in systemd Identical to .socket unit types for socket activation dbus1 bus activation files still supported, but only for clients connecting via the proxy

D-Bus in the Kernel New client library, designed to be easy to use Not portable to non-Linux Assemble and parse messages with format strings Handles introspection, signal dispatching, method vtables, properties, object manager Lots of convenience functions Focus on converting errno from/to bus errors Connect to container, connect to remote Credentials include units, slices, sessions, . . . It’s probably what you want to use when you hack on system level software, and up

libsystemd-bus

D-Bus in the Kernel Not portable to non-Linux Assemble and parse messages with format strings Handles introspection, signal dispatching, method vtables, properties, object manager Lots of convenience functions Focus on converting errno from/to bus errors Connect to container, connect to remote Credentials include units, slices, sessions, . . . It’s probably what you want to use when you hack on system level software, and up

libsystemd-bus New client library, designed to be easy to use

D-Bus in the Kernel Assemble and parse messages with format strings Handles introspection, signal dispatching, method vtables, properties, object manager Lots of convenience functions Focus on converting errno from/to bus errors Connect to container, connect to remote Credentials include units, slices, sessions, . . . It’s probably what you want to use when you hack on system level software, and up

libsystemd-bus New client library, designed to be easy to use Not portable to non-Linux

D-Bus in the Kernel Handles introspection, signal dispatching, method vtables, properties, object manager Lots of convenience functions Focus on converting errno from/to bus errors Connect to container, connect to remote Credentials include units, slices, sessions, . . . It’s probably what you want to use when you hack on system level software, and up

libsystemd-bus New client library, designed to be easy to use Not portable to non-Linux Assemble and parse messages with format strings

D-Bus in the Kernel Lots of convenience functions Focus on converting errno from/to bus errors Connect to container, connect to remote Credentials include units, slices, sessions, . . . It’s probably what you want to use when you hack on system level software, and up

libsystemd-bus New client library, designed to be easy to use Not portable to non-Linux Assemble and parse messages with format strings Handles introspection, signal dispatching, method vtables, properties, object manager

D-Bus in the Kernel Focus on converting errno from/to bus errors Connect to container, connect to remote Credentials include units, slices, sessions, . . . It’s probably what you want to use when you hack on system level software, and up

libsystemd-bus New client library, designed to be easy to use Not portable to non-Linux Assemble and parse messages with format strings Handles introspection, signal dispatching, method vtables, properties, object manager Lots of convenience functions

D-Bus in the Kernel Connect to container, connect to remote Credentials include units, slices, sessions, . . . It’s probably what you want to use when you hack on system level software, and up

libsystemd-bus New client library, designed to be easy to use Not portable to non-Linux Assemble and parse messages with format strings Handles introspection, signal dispatching, method vtables, properties, object manager Lots of convenience functions Focus on converting errno from/to bus errors

D-Bus in the Kernel Credentials include units, slices, sessions, . . . It’s probably what you want to use when you hack on system level software, and up

libsystemd-bus New client library, designed to be easy to use Not portable to non-Linux Assemble and parse messages with format strings Handles introspection, signal dispatching, method vtables, properties, object manager Lots of convenience functions Focus on converting errno from/to bus errors Connect to container, connect to remote

D-Bus in the Kernel It’s probably what you want to use when you hack on system level software, and up

libsystemd-bus New client library, designed to be easy to use Not portable to non-Linux Assemble and parse messages with format strings Handles introspection, signal dispatching, method vtables, properties, object manager Lots of convenience functions Focus on converting errno from/to bus errors Connect to container, connect to remote Credentials include units, slices, sessions, . . .

D-Bus in the Kernel libsystemd-bus New client library, designed to be easy to use Not portable to non-Linux Assemble and parse messages with format strings Handles introspection, signal dispatching, method vtables, properties, object manager Lots of convenience functions Focus on converting errno from/to bus errors Connect to container, connect to remote Credentials include units, slices, sessions, . . . It’s probably what you want to use when you hack on system level software, and up

D-Bus in the Kernel Some similar technical concepts, different semantics No name registry, no broadcasts, no ordering

Android binder

D-Bus in the Kernel No name registry, no broadcasts, no ordering

Android binder Some similar technical concepts, different semantics

D-Bus in the Kernel Android binder Some similar technical concepts, different semantics No name registry, no broadcasts, no ordering

D-Bus in the Kernel It’s all in kdbus git, and systemd git, now! Compile-time switch in systemd We hope to get kdbus reviewed and accepted into the kernel in 2014 gdbus support coming soon, also libdbus1 support Google for git repos!

When?

D-Bus in the Kernel Compile-time switch in systemd We hope to get kdbus reviewed and accepted into the kernel in 2014 gdbus support coming soon, also libdbus1 support Google for git repos!

When? It’s all in kdbus git, and systemd git, now!

D-Bus in the Kernel We hope to get kdbus reviewed and accepted into the kernel in 2014 gdbus support coming soon, also libdbus1 support Google for git repos!

When? It’s all in kdbus git, and systemd git, now! Compile-time switch in systemd

D-Bus in the Kernel gdbus support coming soon, also libdbus1 support Google for git repos!

When? It’s all in kdbus git, and systemd git, now! Compile-time switch in systemd We hope to get kdbus reviewed and accepted into the kernel in 2014

D-Bus in the Kernel Google for git repos!

When? It’s all in kdbus git, and systemd git, now! Compile-time switch in systemd We hope to get kdbus reviewed and accepted into the kernel in 2014 gdbus support coming soon, also libdbus1 support

D-Bus in the Kernel When? It’s all in kdbus git, and systemd git, now! Compile-time switch in systemd We hope to get kdbus reviewed and accepted into the kernel in 2014 gdbus support coming soon, also libdbus1 support Google for git repos!

D-Bus in the Kernel Sandboxing Yielding CPU time to destination Priority inheritance Priority queues ...

Outlook

D-Bus in the Kernel Yielding CPU time to destination Priority inheritance Priority queues ...

Outlook Sandboxing

D-Bus in the Kernel Priority inheritance Priority queues ...

Outlook Sandboxing Yielding CPU time to destination

D-Bus in the Kernel Priority queues ...

Outlook Sandboxing Yielding CPU time to destination Priority inheritance

D-Bus in the Kernel Outlook Sandboxing Yielding CPU time to destination Priority inheritance Priority queues ...

D-Bus in the Kernel That’s all, folks!

D-Bus in the Kernel