SlideShare ist ein Scribd-Unternehmen logo

Kernel Report Highlights Linux Kernel Updates

Anne Nicolas
Anne Nicolas

The Linux kernel is at the core of any Linux system; the performance and capabilities of the kernel will, in the end, place an upper bound on what he system as a whole can do. This talk will review recent events in the kernel development community, discuss the current state of the kernel and the challenges it faces, and look forward to how the kernel may address those challenges. Attendees of any technical ability should gain a better understanding of how the kernel got to its current state and what can be expected in the near future. Jonathan Corbet, LWN.net

Software
1 von 72
Downloaden Sie, um offline zu lesen
The kernel report (Kernel Recipes 2016 edition) Jonathan Corbet LWN.net corbet@lwn.net
Recent releases Version Date Days Devs Changesets 4.3 Nov 1 63 1,625 12,274 4.4 Jan 10 70 1,575 13,071 4.5 Mar 13 63 1,537 12,080 4.6 May 15 63 1,678 13,517 4.7 Jul 17 70 1,582 12,283
Recent releases Version Date Days Devs Changesets 4.3 Nov 1 63 1,625 12,274 4.4 Jan 10 70 1,575 13,071 4.5 Mar 13 63 1,537 12,080 4.6 May 15 63 1,678 13,517 4.7 Jul 17 70 1,582 12,283 4.8 Oct 2 70 1,578* 13,253
Recent releases Version Date Days Devs Changesets 4.3 Nov 1 63 1,625 12,274 4.4 Jan 10 70 1,575 13,071 4.5 Mar 13 63 1,537 12,080 4.6 May 15 63 1,678 13,517 4.7 Jul 17 70 1,582 12,283 4.8 Oct 2 70 1,578* 13,253 Total since 4.2 395 4,028 76,478
What’s changing in the develoment community? Not much! The process continues to run smoothly
Security
The year in CVE numbers CVE-2016-0723 CVE-2016-0728 CVE-2016-0758 CVE-2016-0774 CVE-2016-0821 CVE-2016-0823 CVE-2016-1237 CVE-2016-1575 CVE-2016-1576 CVE-2016-1583 CVE-2016-2053 CVE-2016-2059 CVE-2016-2061 CVE-2016-2062 CVE-2016-2063 CVE-2016-2064 CVE-2016-2065 CVE-2016-2066 CVE-2016-2067 CVE-2016-2068 CVE-2016-2069 CVE-2016-2070 CVE-2016-2085 CVE-2016-2117 CVE-2016-2143 CVE-2016-2184 CVE-2016-2185 CVE-2016-2186 CVE-2016-2187 CVE-2016-2188 CVE-2016-2383 CVE-2016-2384 CVE-2016-2543 CVE-2016-2544 CVE-2016-2545 CVE-2016-2546 CVE-2016-2547 CVE-2016-2548 CVE-2016-2549 CVE-2016-2550 CVE-2016-2782 CVE-2016-2847 CVE-2016-2853 CVE-2016-2854 CVE-2016-3070 CVE-2016-3134 CVE-2016-3135 CVE-2016-3136 CVE-2016-3137 CVE-2016-3138 CVE-2016-3139 CVE-2016-3140 CVE-2016-3156 CVE-2016-3157 CVE-2016-3672 CVE-2016-3689 CVE-2016-3707 CVE-2016-3713 CVE-2016-3841 CVE-2016-3951 CVE-2016-3955 CVE-2016-3961 CVE-2016-4440 CVE-2016-4470 CVE-2016-4482 CVE-2016-4485 CVE-2016-4486 CVE-2016-4557 CVE-2016-4558 CVE-2016-4565 CVE-2016-4568 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4581 CVE-2016-4794 CVE-2016-4805 CVE-2016-4913 CVE-2016-4951 CVE-2016-4997 CVE-2016-4998 CVE-2016-5243 CVE-2016-5244 CVE-2016-5340 CVE-2016-5342 CVE-2016-5344 CVE-2016-5400 CVE-2016-5412 CVE-2016-5696 CVE-2016-5728 CVE-2016-5828 CVE-2016-5829 CVE-2016-6130 CVE-2016-6136 CVE-2016-6156 CVE-2016-6162 CVE-2016-6187 CVE-2016-6197 CVE-2016-6198 CVE-2016-6480 CVE-2016-6516
Our security algorithm When a vulnerability is found: Create a patch with a fix Distributors ship an update
This approach has some problems...
Photo: Jeffrey Kontur
Our security algorithm When a vulnerability is found: Create a patch with a fix Distributors ship an update
I have an example of a security bug that a Google researcher found in a 3.10 kernel (but not mainline) I fixed and pushed out an update, but never got picked up in Nexus phones until 6 months later when I found the right person/group to poke within Google. That was a 6 month window where anyone could have gotten root on your phone, easily. — Greg Kroah-Hartman
Our security algorithm When a vulnerability is found: Create a patch with a fix Distributors ship an update
Our defenses are not sufficient for today’s threats
Vulnerabilities will always be with us
Vulnerabilities will always be with us We need to be eliminating classes of exploits
Eliminating classes of exploits Post-init read-only memory (v4.6)
Eliminating classes of exploits Post-init read-only memory (v4.6) Use of GCC plugins (v4.8)
Eliminating classes of exploits Post-init read-only memory (v4.6) Use of GCC plugins (v4.8) Kernel stack hardening (v4.9?)
Eliminating classes of exploits Post-init read-only memory (v4.6) Use of GCC plugins (v4.8) Kernel stack hardening (v4.9?) Hardened user-copy (v4.8)
Eliminating classes of exploits Post-init read-only memory (v4.6) Use of GCC plugins (v4.8) Kernel stack hardening (v4.9?) Hardened user-copy (v4.8) Reference-count hardening
Eliminating classes of exploits Post-init read-only memory (v4.6) Use of GCC plugins (v4.8) Kernel stack hardening (v4.9?) Hardened user-copy (v4.8) Reference-count hardening Much of this originates in grsecurity.net Some funded by CII
What’s the catch? Security-related code has tradeoffs: Performance costs User-space compatibility issues
Can we convince developers it’s worth the cost?
Bypassing the kernel
Kernel bypass
Kernel bypass
Transport over UDP (TOU) Use UDP to move packets around the net Embed higher-level protocols within UDP packets Transport protocols can be done in user space! (See also: QUIC)
Why TOU? Faster deployment of protocol enhancements
Why TOU? Faster deployment of protocol enhancements “The TCP stack in the Android/iOS/Windows kernel is so out of date that in order to get even moderately recent TCP features it is necessary to do this.” — David Miller, June 2016
Why TOU? Faster deployment of protocol enhancements Avoid middlebox interference
Why TOU? Faster deployment of protocol enhancements Avoid middlebox interference Protocol deployment End-to-end privacy
Why not TOU? About those protocol enhancements They don’t have to be free They don’t have to become part of the public net Do we want every app to speak its own protocol?
Will the kernel still be a strong unifying force for the net?
BPF
The Berkeley Packet Filter A simple in-kernel virtual machine Users can load executable code into the kernel bpf() system call Data can be exchanged with the kernel or user space
This sounds dangerous...? Lots of rules for BPF programs No loops No access to arbitrary memory No leaking kernel pointers to user space No access to uninitialized data Blinding of constants in programs … Limited to root in many cases but not all
Uses of BPF Filtering of packets to a socket System call restriction via seccomp() Perf events filtering Packet classification and queuing Tracepoint data filtering and analysis Early device-level packet filter/drop/forward (XDP)
Uses of BPF Filtering of packets to a socket System call restriction via seccomp() Perf events filtering Packet classification and queuing Tracepoint data filtering and analysis Early device-level packet filter/drop/forward (XDP) …?
Our brave new BPF world Chunks of important kernel code come from user space.
Stable kernels and backports
Remember 2.4? Multiple years between releases Huge feature gaps to fill Distributors backported lots of code ...and shipped out-of-tree features
What did we do about it? The “upstream first” rule
What did we do about it? The “upstream first” rule The “new” development model
Problem solved!
The 3.10 kernel Was released in June 2013 3.10.73 update was March 2015 Is 221,430 patches behind the mainline
Fear of mainline kernels The possibility of new bugs and regressions
Fear of mainline kernels The possibility of new bugs and regressions Vast amount of out-of-tree code to forward port
Why all that out-of-tree code? Upstreaming can take a long time Wakelocks USB charging
Why all that out-of-tree code? Upstreaming can take a long time Wakelocks USB charging Some of it is not upstreamable Scheduler rewrites
Why all that out-of-tree code? Upstreaming can take a long time Wakelocks USB charging Some of it is not upstreamable Scheduler rewrites The kernel moves too slowly!
Two points of view Kernel developers “We’ve been doing this for 25 years and plan to still be here 25 years from now.”
Two points of view Kernel developers “We’ve been doing this for 25 years and plan to still be here 25 years from now.” CE manufacturers “Nobody will remember this product next year.”
Perhaps our biggest process problem at the moment
Copyleft
The problem Lots of companies shipping the kernel without complying with the terms of the GPL.
To sue or not to sue? Some say: Companies will not comply without the threat of consequences Lawsuits have yielded useful code contributions in the past Without enforcement, the kernel is effectively BSD licensed.
Others respond: Lawsuits turn companies and their employees into enemies The outcome of legal action is always uncertain Little useful code has come that way It is better to work with engineers and change companies from within We have had great success without lawsuits
Corporate support 4.2.. Intel 10,933 14.3% unknown 5,682 7.4% Red Hat 5,625 7.4% none 4,643 6.1% Linaro 3,544 4.6% Samsung 3.089 4.0% IBM 2,337 3.1% SUSE 2,123 2.8% AMD 1,629 2.1% Renesas Electronics 1,514 2.0% consultants 1,456 1.9% Google 1,428 1.9%
Another way to look at it 1) Code for existing devices eventually — or — 2) Support from companies indefinitely?
How do we best ensure the success of Linux and free software?
Thank you!

Empfohlen

Kernel Recipes 2016 - Kernel documentation: what we have and where it’s going
Kernel Recipes 2016 - Kernel documentation: what we have and where it’s goingKernel Recipes 2016 - Kernel documentation: what we have and where it’s going
Kernel Recipes 2016 - Kernel documentation: what we have and where it’s goingAnne Nicolas
 
Kernel Recipes 2016 - Patches carved into stone tablets...
Kernel Recipes 2016 - Patches carved into stone tablets...Kernel Recipes 2016 - Patches carved into stone tablets...
Kernel Recipes 2016 - Patches carved into stone tablets...Anne Nicolas
 
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the WebCleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the WebSteffen Gebert
 
Intro to Kernel Debugging - Just make the crashing stop!
Intro to Kernel Debugging - Just make the crashing stop!Intro to Kernel Debugging - Just make the crashing stop!
Intro to Kernel Debugging - Just make the crashing stop!All Things Open
 
Dock ir incident response in a containerized, immutable, continually deploy...
Dock ir incident response in a containerized, immutable, continually deploy...Dock ir incident response in a containerized, immutable, continually deploy...
Dock ir incident response in a containerized, immutable, continually deploy...Shakacon
 
new ifnet(9) KPI for FreeBSD network stack
new ifnet(9) KPI for FreeBSD network stacknew ifnet(9) KPI for FreeBSD network stack
new ifnet(9) KPI for FreeBSD network stackGleb Smirnoff
 
Let's go HTTPS-only! - More Than Buying a Certificate
Let's go HTTPS-only! - More Than Buying a CertificateLet's go HTTPS-only! - More Than Buying a Certificate
Let's go HTTPS-only! - More Than Buying a CertificateSteffen Gebert
 
lwref: insane idea on reference counting
lwref: insane idea on reference countinglwref: insane idea on reference counting
lwref: insane idea on reference countingGleb Smirnoff
 

Weitere ähnliche Inhalte

Was ist angesagt?

Kernel Recipes 2015: The stable Linux Kernel Tree - 10 years of insanity
Kernel Recipes 2015: The stable Linux Kernel Tree - 10 years of insanityKernel Recipes 2015: The stable Linux Kernel Tree - 10 years of insanity
Kernel Recipes 2015: The stable Linux Kernel Tree - 10 years of insanityAnne Nicolas
 
Advanced Git: Functionality and Features
Advanced Git: Functionality and FeaturesAdvanced Git: Functionality and Features
Advanced Git: Functionality and FeaturesBrent Laster
 
Simon Laws – Apache Flink Cluster Deployment on Docker and Docker-Compose
Simon Laws – Apache Flink Cluster Deployment on Docker and Docker-ComposeSimon Laws – Apache Flink Cluster Deployment on Docker and Docker-Compose
Simon Laws – Apache Flink Cluster Deployment on Docker and Docker-ComposeFlink Forward
 
DCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveDCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveMadhu Venugopal
 
Kernel Recipes 2019 - Kernel hacking behind closed doors
Kernel Recipes 2019 - Kernel hacking behind closed doorsKernel Recipes 2019 - Kernel hacking behind closed doors
Kernel Recipes 2019 - Kernel hacking behind closed doorsAnne Nicolas
 
FTP Commando to Git Hero - WordCamp Denver 2013
FTP Commando to Git Hero - WordCamp Denver 2013FTP Commando to Git Hero - WordCamp Denver 2013
FTP Commando to Git Hero - WordCamp Denver 2013Jeremy Green
 
All of Your Network Monitoring is (probably) Wrong
All of Your Network Monitoring is (probably) WrongAll of Your Network Monitoring is (probably) Wrong
All of Your Network Monitoring is (probably) Wrongice799
 
Brief introduction to kselftest
Brief introduction to kselftestBrief introduction to kselftest
Brief introduction to kselftestSeongJae Park
 
Intro to git (UT biocomputing 2015)
Intro to git (UT biocomputing 2015)Intro to git (UT biocomputing 2015)
Intro to git (UT biocomputing 2015)chenghlee
 
Nextflow Camp 2019: nf-core tutorial
Nextflow Camp 2019: nf-core tutorialNextflow Camp 2019: nf-core tutorial
Nextflow Camp 2019: nf-core tutorialPhil Ewels
 
Analyzing Packages in Docker images hosted On DockerHub
Analyzing Packages in Docker images hosted On DockerHubAnalyzing Packages in Docker images hosted On DockerHub
Analyzing Packages in Docker images hosted On DockerHubAhmed Zerouali
 
libreCMC : The Libre Embedded GNU/Linux Distro
libreCMC : The Libre Embedded GNU/Linux DistrolibreCMC : The Libre Embedded GNU/Linux Distro
libreCMC : The Libre Embedded GNU/Linux DistroAll Things Open
 
Chaos Engineering for Docker
Chaos Engineering for DockerChaos Engineering for Docker
Chaos Engineering for DockerAlexei Ledenev
 
Tickling CGI Problems (Tcl Web Server Scripting Vulnerability Research)
Tickling CGI Problems (Tcl Web Server Scripting Vulnerability Research)Tickling CGI Problems (Tcl Web Server Scripting Vulnerability Research)
Tickling CGI Problems (Tcl Web Server Scripting Vulnerability Research)Derek Callaway
 
U boot source clean up project how-to
U boot source clean up project how-toU boot source clean up project how-to
U boot source clean up project how-toMacpaul Lin
 
Dockerized ROS Package
Dockerized ROS PackageDockerized ROS Package
Dockerized ROS PackageParham Nikdouz
 
ELIXIR Proteomics Community - Connection with nf-core
ELIXIR Proteomics Community - Connection with nf-coreELIXIR Proteomics Community - Connection with nf-core
ELIXIR Proteomics Community - Connection with nf-corePhil Ewels
 
Kernel Recipes 2019 - CVEs are dead, long live the CVE!
Kernel Recipes 2019 - CVEs are dead, long live the CVE!Kernel Recipes 2019 - CVEs are dead, long live the CVE!
Kernel Recipes 2019 - CVEs are dead, long live the CVE!Anne Nicolas
 
Alexander Kutsan: “C++ compilation boost”
Alexander Kutsan: “C++ compilation boost” Alexander Kutsan: “C++ compilation boost”
Alexander Kutsan: “C++ compilation boost” LogeekNightUkraine
 

Was ist angesagt? (20)

Kernel Recipes 2015: The stable Linux Kernel Tree - 10 years of insanity
Kernel Recipes 2015: The stable Linux Kernel Tree - 10 years of insanityKernel Recipes 2015: The stable Linux Kernel Tree - 10 years of insanity
Kernel Recipes 2015: The stable Linux Kernel Tree - 10 years of insanity
 
Advanced Git: Functionality and Features
Advanced Git: Functionality and FeaturesAdvanced Git: Functionality and Features
Advanced Git: Functionality and Features
 
Simon Laws – Apache Flink Cluster Deployment on Docker and Docker-Compose
Simon Laws – Apache Flink Cluster Deployment on Docker and Docker-ComposeSimon Laws – Apache Flink Cluster Deployment on Docker and Docker-Compose
Simon Laws – Apache Flink Cluster Deployment on Docker and Docker-Compose
 
DCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveDCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep dive
 
Kernel Recipes 2019 - Kernel hacking behind closed doors
Kernel Recipes 2019 - Kernel hacking behind closed doorsKernel Recipes 2019 - Kernel hacking behind closed doors
Kernel Recipes 2019 - Kernel hacking behind closed doors
 
FTP Commando to Git Hero - WordCamp Denver 2013
FTP Commando to Git Hero - WordCamp Denver 2013FTP Commando to Git Hero - WordCamp Denver 2013
FTP Commando to Git Hero - WordCamp Denver 2013
 
All of Your Network Monitoring is (probably) Wrong
All of Your Network Monitoring is (probably) WrongAll of Your Network Monitoring is (probably) Wrong
All of Your Network Monitoring is (probably) Wrong
 
Brief introduction to kselftest
Brief introduction to kselftestBrief introduction to kselftest
Brief introduction to kselftest
 
Intro to git (UT biocomputing 2015)
Intro to git (UT biocomputing 2015)Intro to git (UT biocomputing 2015)
Intro to git (UT biocomputing 2015)
 
Nextflow Camp 2019: nf-core tutorial
Nextflow Camp 2019: nf-core tutorialNextflow Camp 2019: nf-core tutorial
Nextflow Camp 2019: nf-core tutorial
 
New sendfile
New sendfileNew sendfile
New sendfile
 
Analyzing Packages in Docker images hosted On DockerHub
Analyzing Packages in Docker images hosted On DockerHubAnalyzing Packages in Docker images hosted On DockerHub
Analyzing Packages in Docker images hosted On DockerHub
 
libreCMC : The Libre Embedded GNU/Linux Distro
libreCMC : The Libre Embedded GNU/Linux DistrolibreCMC : The Libre Embedded GNU/Linux Distro
libreCMC : The Libre Embedded GNU/Linux Distro
 
Chaos Engineering for Docker
Chaos Engineering for DockerChaos Engineering for Docker
Chaos Engineering for Docker
 
Tickling CGI Problems (Tcl Web Server Scripting Vulnerability Research)
Tickling CGI Problems (Tcl Web Server Scripting Vulnerability Research)Tickling CGI Problems (Tcl Web Server Scripting Vulnerability Research)
Tickling CGI Problems (Tcl Web Server Scripting Vulnerability Research)
 
U boot source clean up project how-to
U boot source clean up project how-toU boot source clean up project how-to
U boot source clean up project how-to
 
Dockerized ROS Package
Dockerized ROS PackageDockerized ROS Package
Dockerized ROS Package
 
ELIXIR Proteomics Community - Connection with nf-core
ELIXIR Proteomics Community - Connection with nf-coreELIXIR Proteomics Community - Connection with nf-core
ELIXIR Proteomics Community - Connection with nf-core
 
Kernel Recipes 2019 - CVEs are dead, long live the CVE!
Kernel Recipes 2019 - CVEs are dead, long live the CVE!Kernel Recipes 2019 - CVEs are dead, long live the CVE!
Kernel Recipes 2019 - CVEs are dead, long live the CVE!
 
Alexander Kutsan: “C++ compilation boost”
Alexander Kutsan: “C++ compilation boost” Alexander Kutsan: “C++ compilation boost”
Alexander Kutsan: “C++ compilation boost”
 

Andere mochten auch

Jet plaquinhas para formar palavras
Jet plaquinhas para formar palavrasJet plaquinhas para formar palavras
Jet plaquinhas para formar palavrasSimoneHelenDrumond
 
Kernel Recipes 2015: Multi-campus Layer 2 Network Fabric: what?, why? How?
Kernel Recipes 2015: Multi-campus Layer 2 Network Fabric: what?, why? How?Kernel Recipes 2015: Multi-campus Layer 2 Network Fabric: what?, why? How?
Kernel Recipes 2015: Multi-campus Layer 2 Network Fabric: what?, why? How?Anne Nicolas
 
EY_Progressions_2012_ LS Report_LowRes_FINAL
EY_Progressions_2012_ LS Report_LowRes_FINALEY_Progressions_2012_ LS Report_LowRes_FINAL
EY_Progressions_2012_ LS Report_LowRes_FINALGautam Jaggi
 
CLT method by Imaneh amini
CLT method by Imaneh aminiCLT method by Imaneh amini
CLT method by Imaneh aminiImana amini
 
Kernel Recipes 2015 - The Dronecode Project – A step in open source drones
Kernel Recipes 2015 - The Dronecode Project – A step in open source dronesKernel Recipes 2015 - The Dronecode Project – A step in open source drones
Kernel Recipes 2015 - The Dronecode Project – A step in open source dronesAnne Nicolas
 
Medical physics
Medical physicsMedical physics
Medical physicssrujan7777
 
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecksKernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecksAnne Nicolas
 
Fundamental particles of an atom.
Fundamental particles of an atom.Fundamental particles of an atom.
Fundamental particles of an atom.srujan7777
 
Scripting para Mikrotik - Presentación Nunsys en MUM
Scripting para Mikrotik - Presentación Nunsys en MUMScripting para Mikrotik - Presentación Nunsys en MUM
Scripting para Mikrotik - Presentación Nunsys en MUMNunsys S.L.
 
[오픈소스컨설팅]systemd on RHEL7
[오픈소스컨설팅]systemd on RHEL7[오픈소스컨설팅]systemd on RHEL7
[오픈소스컨설팅]systemd on RHEL7Ji-Woong Choi
 
[오픈소스컨설팅] Open Stack Ceph, Neutron, HA, Multi-Region
[오픈소스컨설팅] Open Stack Ceph, Neutron, HA, Multi-Region[오픈소스컨설팅] Open Stack Ceph, Neutron, HA, Multi-Region
[오픈소스컨설팅] Open Stack Ceph, Neutron, HA, Multi-RegionJi-Woong Choi
 
1.4.2 Профессиональный электромонтаж ДКС
1.4.2 Профессиональный электромонтаж ДКС1.4.2 Профессиональный электромонтаж ДКС
1.4.2 Профессиональный электромонтаж ДКСIgor Golovin
 

Andere mochten auch (17)

Jet alfabeto 4
Jet alfabeto 4Jet alfabeto 4
Jet alfabeto 4
 
Jet plaquinhas para formar palavras
Jet plaquinhas para formar palavrasJet plaquinhas para formar palavras
Jet plaquinhas para formar palavras
 
Kernel Recipes 2015: Multi-campus Layer 2 Network Fabric: what?, why? How?
Kernel Recipes 2015: Multi-campus Layer 2 Network Fabric: what?, why? How?Kernel Recipes 2015: Multi-campus Layer 2 Network Fabric: what?, why? How?
Kernel Recipes 2015: Multi-campus Layer 2 Network Fabric: what?, why? How?
 
Les Salutations
Les SalutationsLes Salutations
Les Salutations
 
EY_Progressions_2012_ LS Report_LowRes_FINAL
EY_Progressions_2012_ LS Report_LowRes_FINALEY_Progressions_2012_ LS Report_LowRes_FINAL
EY_Progressions_2012_ LS Report_LowRes_FINAL
 
CLT method by Imaneh amini
CLT method by Imaneh aminiCLT method by Imaneh amini
CLT method by Imaneh amini
 
Kernel Recipes 2015 - The Dronecode Project – A step in open source drones
Kernel Recipes 2015 - The Dronecode Project – A step in open source dronesKernel Recipes 2015 - The Dronecode Project – A step in open source drones
Kernel Recipes 2015 - The Dronecode Project – A step in open source drones
 
Medical physics
Medical physicsMedical physics
Medical physics
 
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecksKernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
 
Fundamental particles of an atom.
Fundamental particles of an atom.Fundamental particles of an atom.
Fundamental particles of an atom.
 
Scripting para Mikrotik - Presentación Nunsys en MUM
Scripting para Mikrotik - Presentación Nunsys en MUMScripting para Mikrotik - Presentación Nunsys en MUM
Scripting para Mikrotik - Presentación Nunsys en MUM
 
Fichas Halloween
Fichas Halloween Fichas Halloween
Fichas Halloween
 
Veoveo fichas
Veoveo fichasVeoveo fichas
Veoveo fichas
 
[오픈소스컨설팅]systemd on RHEL7
[오픈소스컨설팅]systemd on RHEL7[오픈소스컨설팅]systemd on RHEL7
[오픈소스컨설팅]systemd on RHEL7
 
[오픈소스컨설팅] Open Stack Ceph, Neutron, HA, Multi-Region
[오픈소스컨설팅] Open Stack Ceph, Neutron, HA, Multi-Region[오픈소스컨설팅] Open Stack Ceph, Neutron, HA, Multi-Region
[오픈소스컨설팅] Open Stack Ceph, Neutron, HA, Multi-Region
 
1.4.2 Профессиональный электромонтаж ДКС
1.4.2 Профессиональный электромонтаж ДКС1.4.2 Профессиональный электромонтаж ДКС
1.4.2 Профессиональный электромонтаж ДКС
 
Desenvolver Portugal, uma analise ToC
Desenvolver Portugal, uma analise ToCDesenvolver Portugal, uma analise ToC
Desenvolver Portugal, uma analise ToC
 

Ähnlich wie Kernel Report Highlights Linux Kernel Updates

Performance Analysis of Idle Programs
Performance Analysis of Idle ProgramsPerformance Analysis of Idle Programs
Performance Analysis of Idle Programsgreenwop
 
XPDDS17: Keynote: Xen Weather Report 2017
XPDDS17: Keynote: Xen Weather Report 2017XPDDS17: Keynote: Xen Weather Report 2017
XPDDS17: Keynote: Xen Weather Report 2017The Linux Foundation
 
Kernel Recipes 2014 - The Linux Kernel, how fast it is developed and how we s...
Kernel Recipes 2014 - The Linux Kernel, how fast it is developed and how we s...Kernel Recipes 2014 - The Linux Kernel, how fast it is developed and how we s...
Kernel Recipes 2014 - The Linux Kernel, how fast it is developed and how we s...Anne Nicolas
 
Jonathan Corbet - Keynote: The Kernel Report
Jonathan Corbet - Keynote: The Kernel ReportJonathan Corbet - Keynote: The Kernel Report
Jonathan Corbet - Keynote: The Kernel Reportlinuxlab_conf
 
[JOI] TOTVS Developers Joinville - Java #1
[JOI] TOTVS Developers Joinville - Java #1[JOI] TOTVS Developers Joinville - Java #1
[JOI] TOTVS Developers Joinville - Java #1Rubens Dos Santos Filho
 
Maintenance des branches stables du noyau
Maintenance des branches stables du noyauMaintenance des branches stables du noyau
Maintenance des branches stables du noyauAnne Nicolas
 
Select, manage, and backport the long term stable kernels
Select, manage, and backport the long term stable kernelsSelect, manage, and backport the long term stable kernels
Select, manage, and backport the long term stable kernelsSZ Lin
 
ELC-E 2016 Neil Armstrong - No, it's never too late to upstream your legacy l...
ELC-E 2016 Neil Armstrong - No, it's never too late to upstream your legacy l...ELC-E 2016 Neil Armstrong - No, it's never too late to upstream your legacy l...
ELC-E 2016 Neil Armstrong - No, it's never too late to upstream your legacy l...Neil Armstrong
 
Dipping Your Toes Into Cloud Native Application Development
Dipping Your Toes Into Cloud Native Application DevelopmentDipping Your Toes Into Cloud Native Application Development
Dipping Your Toes Into Cloud Native Application DevelopmentMatthew Farina
 
It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.
It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.
It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.All Things Open
 
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024Cloud Native NoVA
 
Advanced deployment scenarios (netcoreconf)
Advanced deployment scenarios (netcoreconf)Advanced deployment scenarios (netcoreconf)
Advanced deployment scenarios (netcoreconf)Sergio Navarro Pino
 
Kernel Recipes 2017 - Linux Kernel Release Model - Greg KH
Kernel Recipes 2017 - Linux Kernel Release Model - Greg KHKernel Recipes 2017 - Linux Kernel Release Model - Greg KH
Kernel Recipes 2017 - Linux Kernel Release Model - Greg KHAnne Nicolas
 
Hardening Your CI/CD Pipelines with GitOps and Continuous Security
Hardening Your CI/CD Pipelines with GitOps and Continuous SecurityHardening Your CI/CD Pipelines with GitOps and Continuous Security
Hardening Your CI/CD Pipelines with GitOps and Continuous SecurityWeaveworks
 
Sanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansSanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansPeter Clapham
 
From hello world to goodbye code
From hello world to goodbye codeFrom hello world to goodbye code
From hello world to goodbye codeKim Moir
 

Ähnlich wie Kernel Report Highlights Linux Kernel Updates (20)

Performance Analysis of Idle Programs
Performance Analysis of Idle ProgramsPerformance Analysis of Idle Programs
Performance Analysis of Idle Programs
 
XPDDS17: Keynote: Xen Weather Report 2017
XPDDS17: Keynote: Xen Weather Report 2017XPDDS17: Keynote: Xen Weather Report 2017
XPDDS17: Keynote: Xen Weather Report 2017
 
Kernel Recipes 2014 - The Linux Kernel, how fast it is developed and how we s...
Kernel Recipes 2014 - The Linux Kernel, how fast it is developed and how we s...Kernel Recipes 2014 - The Linux Kernel, how fast it is developed and how we s...
Kernel Recipes 2014 - The Linux Kernel, how fast it is developed and how we s...
 
Jonathan Corbet - Keynote: The Kernel Report
Jonathan Corbet - Keynote: The Kernel ReportJonathan Corbet - Keynote: The Kernel Report
Jonathan Corbet - Keynote: The Kernel Report
 
[JOI] TOTVS Developers Joinville - Java #1
[JOI] TOTVS Developers Joinville - Java #1[JOI] TOTVS Developers Joinville - Java #1
[JOI] TOTVS Developers Joinville - Java #1
 
Maintenance des branches stables du noyau
Maintenance des branches stables du noyauMaintenance des branches stables du noyau
Maintenance des branches stables du noyau
 
Select, manage, and backport the long term stable kernels
Select, manage, and backport the long term stable kernelsSelect, manage, and backport the long term stable kernels
Select, manage, and backport the long term stable kernels
 
ELC-E 2016 Neil Armstrong - No, it's never too late to upstream your legacy l...
ELC-E 2016 Neil Armstrong - No, it's never too late to upstream your legacy l...ELC-E 2016 Neil Armstrong - No, it's never too late to upstream your legacy l...
ELC-E 2016 Neil Armstrong - No, it's never too late to upstream your legacy l...
 
Dipping Your Toes Into Cloud Native Application Development
Dipping Your Toes Into Cloud Native Application DevelopmentDipping Your Toes Into Cloud Native Application Development
Dipping Your Toes Into Cloud Native Application Development
 
It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.
It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.
It’s 2021. Why are we -still- rebooting for patches? A look at Live Patching.
 
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
A Love Story with Kubevirt and Backstage from Cloud Native NoVA meetup Feb 2024
 
Advanced deployment scenarios (netcoreconf)
Advanced deployment scenarios (netcoreconf)Advanced deployment scenarios (netcoreconf)
Advanced deployment scenarios (netcoreconf)
 
Kernel Recipes 2017 - Linux Kernel Release Model - Greg KH
Kernel Recipes 2017 - Linux Kernel Release Model - Greg KHKernel Recipes 2017 - Linux Kernel Release Model - Greg KH
Kernel Recipes 2017 - Linux Kernel Release Model - Greg KH
 
Linux Kernel Development
Linux Kernel DevelopmentLinux Kernel Development
Linux Kernel Development
 
Zap Scanning
Zap ScanningZap Scanning
Zap Scanning
 
Hardening Your CI/CD Pipelines with GitOps and Continuous Security
Hardening Your CI/CD Pipelines with GitOps and Continuous SecurityHardening Your CI/CD Pipelines with GitOps and Continuous Security
Hardening Your CI/CD Pipelines with GitOps and Continuous Security
 
Flexible compute
Flexible computeFlexible compute
Flexible compute
 
Sanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansSanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticians
 
Linux Kernel and Multimedia
Linux Kernel and MultimediaLinux Kernel and Multimedia
Linux Kernel and Multimedia
 
From hello world to goodbye code
From hello world to goodbye codeFrom hello world to goodbye code
From hello world to goodbye code
 

Mehr von Anne Nicolas

Kernel Recipes 2019 - Driving the industry toward upstream first
Kernel Recipes 2019 - Driving the industry toward upstream firstKernel Recipes 2019 - Driving the industry toward upstream first
Kernel Recipes 2019 - Driving the industry toward upstream firstAnne Nicolas
 
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMIKernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMIAnne Nicolas
 
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernelKernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernelAnne Nicolas
 
Kernel Recipes 2019 - Metrics are money
Kernel Recipes 2019 - Metrics are moneyKernel Recipes 2019 - Metrics are money
Kernel Recipes 2019 - Metrics are moneyAnne Nicolas
 
Kernel Recipes 2019 - Kernel documentation: past, present, and future
Kernel Recipes 2019 - Kernel documentation: past, present, and futureKernel Recipes 2019 - Kernel documentation: past, present, and future
Kernel Recipes 2019 - Kernel documentation: past, present, and futureAnne Nicolas
 
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...Anne Nicolas
 
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary dataKernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary dataAnne Nicolas
 
Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...
Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...
Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...Anne Nicolas
 
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and BareboxEmbedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and BareboxAnne Nicolas
 
Embedded Recipes 2019 - Making embedded graphics less special
Embedded Recipes 2019 - Making embedded graphics less specialEmbedded Recipes 2019 - Making embedded graphics less special
Embedded Recipes 2019 - Making embedded graphics less specialAnne Nicolas
 
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre SiliconEmbedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre SiliconAnne Nicolas
 
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) pictureEmbedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) pictureAnne Nicolas
 
Embedded Recipes 2019 - Testing firmware the devops way
Embedded Recipes 2019 - Testing firmware the devops wayEmbedded Recipes 2019 - Testing firmware the devops way
Embedded Recipes 2019 - Testing firmware the devops wayAnne Nicolas
 
Embedded Recipes 2019 - Herd your socs become a matchmaker
Embedded Recipes 2019 - Herd your socs become a matchmakerEmbedded Recipes 2019 - Herd your socs become a matchmaker
Embedded Recipes 2019 - Herd your socs become a matchmakerAnne Nicolas
 
Embedded Recipes 2019 - LLVM / Clang integration
Embedded Recipes 2019 - LLVM / Clang integrationEmbedded Recipes 2019 - LLVM / Clang integration
Embedded Recipes 2019 - LLVM / Clang integrationAnne Nicolas
 
Embedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingEmbedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingAnne Nicolas
 
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimediaEmbedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimediaAnne Nicolas
 
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all startedKernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all startedAnne Nicolas
 
Kernel Recipes 2019 - Suricata and XDP
Kernel Recipes 2019 - Suricata and XDPKernel Recipes 2019 - Suricata and XDP
Kernel Recipes 2019 - Suricata and XDPAnne Nicolas
 
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)Anne Nicolas
 

Mehr von Anne Nicolas (20)

Kernel Recipes 2019 - Driving the industry toward upstream first
Kernel Recipes 2019 - Driving the industry toward upstream firstKernel Recipes 2019 - Driving the industry toward upstream first
Kernel Recipes 2019 - Driving the industry toward upstream first
 
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMIKernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
Kernel Recipes 2019 - No NMI? No Problem! – Implementing Arm64 Pseudo-NMI
 
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernelKernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
Kernel Recipes 2019 - Hunting and fixing bugs all over the Linux kernel
 
Kernel Recipes 2019 - Metrics are money
Kernel Recipes 2019 - Metrics are moneyKernel Recipes 2019 - Metrics are money
Kernel Recipes 2019 - Metrics are money
 
Kernel Recipes 2019 - Kernel documentation: past, present, and future
Kernel Recipes 2019 - Kernel documentation: past, present, and futureKernel Recipes 2019 - Kernel documentation: past, present, and future
Kernel Recipes 2019 - Kernel documentation: past, present, and future
 
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
Embedded Recipes 2019 - Knowing your ARM from your ARSE: wading through the t...
 
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary dataKernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
Kernel Recipes 2019 - GNU poke, an extensible editor for structured binary data
 
Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...
Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...
Kernel Recipes 2019 - Analyzing changes to the binary interface exposed by th...
 
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and BareboxEmbedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
Embedded Recipes 2019 - Remote update adventures with RAUC, Yocto and Barebox
 
Embedded Recipes 2019 - Making embedded graphics less special
Embedded Recipes 2019 - Making embedded graphics less specialEmbedded Recipes 2019 - Making embedded graphics less special
Embedded Recipes 2019 - Making embedded graphics less special
 
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre SiliconEmbedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
Embedded Recipes 2019 - Linux on Open Source Hardware and Libre Silicon
 
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) pictureEmbedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
Embedded Recipes 2019 - From maintaining I2C to the big (embedded) picture
 
Embedded Recipes 2019 - Testing firmware the devops way
Embedded Recipes 2019 - Testing firmware the devops wayEmbedded Recipes 2019 - Testing firmware the devops way
Embedded Recipes 2019 - Testing firmware the devops way
 
Embedded Recipes 2019 - Herd your socs become a matchmaker
Embedded Recipes 2019 - Herd your socs become a matchmakerEmbedded Recipes 2019 - Herd your socs become a matchmaker
Embedded Recipes 2019 - Herd your socs become a matchmaker
 
Embedded Recipes 2019 - LLVM / Clang integration
Embedded Recipes 2019 - LLVM / Clang integrationEmbedded Recipes 2019 - LLVM / Clang integration
Embedded Recipes 2019 - LLVM / Clang integration
 
Embedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debuggingEmbedded Recipes 2019 - Introduction to JTAG debugging
Embedded Recipes 2019 - Introduction to JTAG debugging
 
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimediaEmbedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
Embedded Recipes 2019 - Pipewire a new foundation for embedded multimedia
 
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all startedKernel Recipes 2019 - ftrace: Where modifying a running kernel all started
Kernel Recipes 2019 - ftrace: Where modifying a running kernel all started
 
Kernel Recipes 2019 - Suricata and XDP
Kernel Recipes 2019 - Suricata and XDPKernel Recipes 2019 - Suricata and XDP
Kernel Recipes 2019 - Suricata and XDP
 
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
Kernel Recipes 2019 - Marvels of Memory Auto-configuration (SPD)
 

Kürzlich hochgeladen

What’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesWhat’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesVictoriaMetrics
 
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...OnePlan Solutions
 
Introduction to Firebase Workshop Slides
Introduction to Firebase Workshop SlidesIntroduction to Firebase Workshop Slides
Introduction to Firebase Workshop Slidesvaideheekore1
 
eSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolseSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolsosttopstonverter
 
Understanding Plagiarism: Causes, Consequences and Prevention.pptx
Understanding Plagiarism: Causes, Consequences and Prevention.pptxUnderstanding Plagiarism: Causes, Consequences and Prevention.pptx
Understanding Plagiarism: Causes, Consequences and Prevention.pptxSasikiranMarri
 
Mastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptxMastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptxAS Design & AST.
 
Advantages of Cargo Cloud Solutions.pptx
Advantages of Cargo Cloud Solutions.pptxAdvantages of Cargo Cloud Solutions.pptx
Advantages of Cargo Cloud Solutions.pptxRTS corp
 
SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?Alexandre Beguel
 
2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shardsChristopher Curtin
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogueitservices996
 
Key Steps in Agile Software Delivery Roadmap
Key Steps in Agile Software Delivery RoadmapKey Steps in Agile Software Delivery Roadmap
Key Steps in Agile Software Delivery RoadmapIshara Amarasekera
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptxVinzoCenzo
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics
 
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...kalichargn70th171
 
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdf
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdfPros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdf
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdfkalichargn70th171
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorTier1 app
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingShane Coughlan
 
[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdf
[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdf[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdf
[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdfSteve Caron
 
Zer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdfZer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdfmaor17
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsJean Silva
 

Kürzlich hochgeladen (20)

What’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 UpdatesWhat’s New in VictoriaMetrics: Q1 2024 Updates
What’s New in VictoriaMetrics: Q1 2024 Updates
 
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
Revolutionizing the Digital Transformation Office - Leveraging OnePlan’s AI a...
 
Introduction to Firebase Workshop Slides
Introduction to Firebase Workshop SlidesIntroduction to Firebase Workshop Slides
Introduction to Firebase Workshop Slides
 
eSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolseSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration tools
 
Understanding Plagiarism: Causes, Consequences and Prevention.pptx
Understanding Plagiarism: Causes, Consequences and Prevention.pptxUnderstanding Plagiarism: Causes, Consequences and Prevention.pptx
Understanding Plagiarism: Causes, Consequences and Prevention.pptx
 
Mastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptxMastering Project Planning with Microsoft Project 2016.pptx
Mastering Project Planning with Microsoft Project 2016.pptx
 
Advantages of Cargo Cloud Solutions.pptx
Advantages of Cargo Cloud Solutions.pptxAdvantages of Cargo Cloud Solutions.pptx
Advantages of Cargo Cloud Solutions.pptx
 
SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?SAM Training Session - How to use EXCEL ?
SAM Training Session - How to use EXCEL ?
 
2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards2024 DevNexus Patterns for Resiliency: Shuffle shards
2024 DevNexus Patterns for Resiliency: Shuffle shards
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogue
 
Key Steps in Agile Software Delivery Roadmap
Key Steps in Agile Software Delivery RoadmapKey Steps in Agile Software Delivery Roadmap
Key Steps in Agile Software Delivery Roadmap
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptx
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
 
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...
The Ultimate Guide to Performance Testing in Low-Code, No-Code Environments (...
 
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdf
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdfPros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdf
Pros and Cons of Selenium In Automation Testing_ A Comprehensive Assessment.pdf
 
Effectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryErrorEffectively Troubleshoot 9 Types of OutOfMemoryError
Effectively Troubleshoot 9 Types of OutOfMemoryError
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
 
[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdf
[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdf[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdf
[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdf
 
Zer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdfZer0con 2024 final share short version.pdf
Zer0con 2024 final share short version.pdf
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero results
 

Kernel Report Highlights Linux Kernel Updates

  • 1. The kernel report (Kernel Recipes 2016 edition) Jonathan Corbet LWN.net corbet@lwn.net
  • 2. Recent releases Version Date Days Devs Changesets 4.3 Nov 1 63 1,625 12,274 4.4 Jan 10 70 1,575 13,071 4.5 Mar 13 63 1,537 12,080 4.6 May 15 63 1,678 13,517 4.7 Jul 17 70 1,582 12,283
  • 3. Recent releases Version Date Days Devs Changesets 4.3 Nov 1 63 1,625 12,274 4.4 Jan 10 70 1,575 13,071 4.5 Mar 13 63 1,537 12,080 4.6 May 15 63 1,678 13,517 4.7 Jul 17 70 1,582 12,283 4.8 Oct 2 70 1,578* 13,253
  • 4. Recent releases Version Date Days Devs Changesets 4.3 Nov 1 63 1,625 12,274 4.4 Jan 10 70 1,575 13,071 4.5 Mar 13 63 1,537 12,080 4.6 May 15 63 1,678 13,517 4.7 Jul 17 70 1,582 12,283 4.8 Oct 2 70 1,578* 13,253 Total since 4.2 395 4,028 76,478
  • 5.
  • 6.
  • 7. What’s changing in the develoment community? Not much! The process continues to run smoothly
  • 9. The year in CVE numbers CVE-2016-0723 CVE-2016-0728 CVE-2016-0758 CVE-2016-0774 CVE-2016-0821 CVE-2016-0823 CVE-2016-1237 CVE-2016-1575 CVE-2016-1576 CVE-2016-1583 CVE-2016-2053 CVE-2016-2059 CVE-2016-2061 CVE-2016-2062 CVE-2016-2063 CVE-2016-2064 CVE-2016-2065 CVE-2016-2066 CVE-2016-2067 CVE-2016-2068 CVE-2016-2069 CVE-2016-2070 CVE-2016-2085 CVE-2016-2117 CVE-2016-2143 CVE-2016-2184 CVE-2016-2185 CVE-2016-2186 CVE-2016-2187 CVE-2016-2188 CVE-2016-2383 CVE-2016-2384 CVE-2016-2543 CVE-2016-2544 CVE-2016-2545 CVE-2016-2546 CVE-2016-2547 CVE-2016-2548 CVE-2016-2549 CVE-2016-2550 CVE-2016-2782 CVE-2016-2847 CVE-2016-2853 CVE-2016-2854 CVE-2016-3070 CVE-2016-3134 CVE-2016-3135 CVE-2016-3136 CVE-2016-3137 CVE-2016-3138 CVE-2016-3139 CVE-2016-3140 CVE-2016-3156 CVE-2016-3157 CVE-2016-3672 CVE-2016-3689 CVE-2016-3707 CVE-2016-3713 CVE-2016-3841 CVE-2016-3951 CVE-2016-3955 CVE-2016-3961 CVE-2016-4440 CVE-2016-4470 CVE-2016-4482 CVE-2016-4485 CVE-2016-4486 CVE-2016-4557 CVE-2016-4558 CVE-2016-4565 CVE-2016-4568 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4581 CVE-2016-4794 CVE-2016-4805 CVE-2016-4913 CVE-2016-4951 CVE-2016-4997 CVE-2016-4998 CVE-2016-5243 CVE-2016-5244 CVE-2016-5340 CVE-2016-5342 CVE-2016-5344 CVE-2016-5400 CVE-2016-5412 CVE-2016-5696 CVE-2016-5728 CVE-2016-5828 CVE-2016-5829 CVE-2016-6130 CVE-2016-6136 CVE-2016-6156 CVE-2016-6162 CVE-2016-6187 CVE-2016-6197 CVE-2016-6198 CVE-2016-6480 CVE-2016-6516
  • 10. Our security algorithm When a vulnerability is found: Create a patch with a fix Distributors ship an update
  • 11. This approach has some problems...
  • 13. Our security algorithm When a vulnerability is found: Create a patch with a fix Distributors ship an update
  • 14. I have an example of a security bug that a Google researcher found in a 3.10 kernel (but not mainline) I fixed and pushed out an update, but never got picked up in Nexus phones until 6 months later when I found the right person/group to poke within Google. That was a 6 month window where anyone could have gotten root on your phone, easily. — Greg Kroah-Hartman
  • 15. Our security algorithm When a vulnerability is found: Create a patch with a fix Distributors ship an update
  • 16.
  • 17.
  • 18. Our defenses are not sufficient for today’s threats
  • 20. Vulnerabilities will always be with us We need to be eliminating classes of exploits
  • 21. Eliminating classes of exploits Post-init read-only memory (v4.6)
  • 22. Eliminating classes of exploits Post-init read-only memory (v4.6) Use of GCC plugins (v4.8)
  • 23. Eliminating classes of exploits Post-init read-only memory (v4.6) Use of GCC plugins (v4.8) Kernel stack hardening (v4.9?)
  • 24. Eliminating classes of exploits Post-init read-only memory (v4.6) Use of GCC plugins (v4.8) Kernel stack hardening (v4.9?) Hardened user-copy (v4.8)
  • 25. Eliminating classes of exploits Post-init read-only memory (v4.6) Use of GCC plugins (v4.8) Kernel stack hardening (v4.9?) Hardened user-copy (v4.8) Reference-count hardening
  • 26. Eliminating classes of exploits Post-init read-only memory (v4.6) Use of GCC plugins (v4.8) Kernel stack hardening (v4.9?) Hardened user-copy (v4.8) Reference-count hardening Much of this originates in grsecurity.net Some funded by CII
  • 27. What’s the catch? Security-related code has tradeoffs: Performance costs User-space compatibility issues
  • 28. Can we convince developers it’s worth the cost?
  • 32. Transport over UDP (TOU) Use UDP to move packets around the net Embed higher-level protocols within UDP packets Transport protocols can be done in user space! (See also: QUIC)
  • 33. Why TOU? Faster deployment of protocol enhancements
  • 34. Why TOU? Faster deployment of protocol enhancements “The TCP stack in the Android/iOS/Windows kernel is so out of date that in order to get even moderately recent TCP features it is necessary to do this.” — David Miller, June 2016
  • 35. Why TOU? Faster deployment of protocol enhancements Avoid middlebox interference
  • 36. Why TOU? Faster deployment of protocol enhancements Avoid middlebox interference Protocol deployment End-to-end privacy
  • 37. Why not TOU? About those protocol enhancements They don’t have to be free They don’t have to become part of the public net Do we want every app to speak its own protocol?
  • 38. Will the kernel still be a strong unifying force for the net?
  • 39. BPF
  • 40.
  • 41. The Berkeley Packet Filter A simple in-kernel virtual machine Users can load executable code into the kernel bpf() system call Data can be exchanged with the kernel or user space
  • 42. This sounds dangerous...? Lots of rules for BPF programs No loops No access to arbitrary memory No leaking kernel pointers to user space No access to uninitialized data Blinding of constants in programs … Limited to root in many cases but not all
  • 43. Uses of BPF Filtering of packets to a socket System call restriction via seccomp() Perf events filtering Packet classification and queuing Tracepoint data filtering and analysis Early device-level packet filter/drop/forward (XDP)
  • 44. Uses of BPF Filtering of packets to a socket System call restriction via seccomp() Perf events filtering Packet classification and queuing Tracepoint data filtering and analysis Early device-level packet filter/drop/forward (XDP) …?
  • 45. Our brave new BPF world Chunks of important kernel code come from user space.
  • 46. Stable kernels and backports
  • 47.
  • 48. Remember 2.4? Multiple years between releases Huge feature gaps to fill Distributors backported lots of code ...and shipped out-of-tree features
  • 49. What did we do about it? The “upstream first” rule
  • 50. What did we do about it? The “upstream first” rule The “new” development model
  • 52.
  • 53.
  • 54.
  • 55. The 3.10 kernel Was released in June 2013 3.10.73 update was March 2015 Is 221,430 patches behind the mainline
  • 56. Fear of mainline kernels The possibility of new bugs and regressions
  • 57.
  • 58. Fear of mainline kernels The possibility of new bugs and regressions Vast amount of out-of-tree code to forward port
  • 59. Why all that out-of-tree code? Upstreaming can take a long time Wakelocks USB charging
  • 60. Why all that out-of-tree code? Upstreaming can take a long time Wakelocks USB charging Some of it is not upstreamable Scheduler rewrites
  • 61. Why all that out-of-tree code? Upstreaming can take a long time Wakelocks USB charging Some of it is not upstreamable Scheduler rewrites The kernel moves too slowly!
  • 62. Two points of view Kernel developers “We’ve been doing this for 25 years and plan to still be here 25 years from now.”
  • 63. Two points of view Kernel developers “We’ve been doing this for 25 years and plan to still be here 25 years from now.” CE manufacturers “Nobody will remember this product next year.”
  • 64. Perhaps our biggest process problem at the moment
  • 66. The problem Lots of companies shipping the kernel without complying with the terms of the GPL.
  • 67. To sue or not to sue? Some say: Companies will not comply without the threat of consequences Lawsuits have yielded useful code contributions in the past Without enforcement, the kernel is effectively BSD licensed.
  • 68. Others respond: Lawsuits turn companies and their employees into enemies The outcome of legal action is always uncertain Little useful code has come that way It is better to work with engineers and change companies from within We have had great success without lawsuits
  • 69. Corporate support 4.2.. Intel 10,933 14.3% unknown 5,682 7.4% Red Hat 5,625 7.4% none 4,643 6.1% Linaro 3,544 4.6% Samsung 3.089 4.0% IBM 2,337 3.1% SUSE 2,123 2.8% AMD 1,629 2.1% Renesas Electronics 1,514 2.0% consultants 1,456 1.9% Google 1,428 1.9%
  • 70. Another way to look at it 1) Code for existing devices eventually — or — 2) Support from companies indefinitely?
  • 71. How do we best ensure the success of Linux and free software?