Building IoT solutions with Eclipse IoT technology

The talk Building IoT solutions with Eclipse IoT technology by Sven Erik Jeroschewski did not go into excessive detail but provided a good overview about what the Eclipse IoT project currently provides as an open source toolbox for managing IoT (or embedded as some may call it) devices.

Eclipse Hono and Eclipse Ditto allow building infrastructure for communication and interaction between a large set of heterogenous nodes and gateways together with a generic service abstraction model. For deploying and managing the software running on the individual nodes Eclipse hawkBit provides sophisticated device and rollout management to safely deploy updates to a large set of devices.

Schedule and Recording

WolfBoot

As the co-author of the RAUC update framework where I have a lot to do with bootloaders, atomic system switching and artifact verification, this talk caught my attention as it implements most of these techniques for non-linux microcontrollers by using the embedded SSL framework WolfSSL.

WolfBoot supports having a dual-partition setup for microcontroller firmware with a 'swap' partition for storing some state information. With its digest and public key cryptography algorithms WolfBoot verifies update artifacts on the target before installing them. Together with some extra features, this seems to make it a good choice for verified and fail-safe updating on microcontrollers that are too constrained to run a full Linux system.

Schedule and Recording

HOWTO build a product with OP-TEE

During his talk, my colleague Rouven Czerwinski, provides a high level view on his journey to run as much as possible of his i.MX6 software stack outside the ARM TrustZone secure world, so that even a compromised kernel may not access system secrets.

He starts by detailing the ARMv7 Trustzone processor states and how the secure monitor enables communication between the normal and secure world. He then goes on to describe the OP-TEE secure monitor and his quest for better i.MX6 upstream support. The goal, per the problem statement in the talk, is to give system integrators the insight, which side channels they need to secure in order to put upstream OP-TEE into production.

A slide neatly sums up what needs to be done on bootup: RNG-seeding and trusted OP-TEE loading and what isolation needs to be maintained going forward: secure RAM, the hardware unique key, secure peripherals and optionally rollback protection.

Rouven expends some time explaining each of these aspects: the threat model, how to address them, the concrete hardware facilities offered by the i.MX6, and often the patches he brought upstream to make it work.

The talk ended with a wish list what he would like to see in future to improve the developer experience with OP-TEE.

Schedule and Recording

KiCAD: an unusual “state of the union”-talk

As in the last years there was a Computer Aided Design devroom at FOSDEM. Many CAD projects gave some insight into their recent developments and roadmaps. And so did Wayne Stambaugh with his talk KiCAD: Back to the future.

This years talk was special as he laid his focus on KiCADs role for the Open Hardware movement. His thesis is that Open Hardware is currently gaining more and more attention and that KiCAD will be an important part of this change. He assumes that KiCAD will gain a bigger share of the market with every new feature that is added. And of course Wayne closed the talk with a short outlook on the KiCAD 6 roadmap.

Schedule and Recording

The state of PTXdist

In the embedded track on Saturday, Pengutronix embedded artist Roland Hieber presented us “The State of PTXdist”, starting from the basic principles and user experience behind PTXdist until ending up with the very latest and useful features. He gave some useful hints about how to decouple things like board support from the base system or project-specific from generic changes by introducing the several 'layering' techniques that PTXdist provided in the past and got as new features in the latest releases.

Schedule and Recording

Lazy distribution of container images

While Akihiro Suda's talk focused on how to reduce startup time of containers caused by having to download the full image (.tar.gz) before starting it, it also had interesting ideas from my embedded perspective. By modifying how the tar archives are compressed, they can offer efficient random access without breaking compatibility with the existing implementations. The stargz format starts a new gzip stream for every tar entry and appends an index entry. As authentication seems to be out of scope for their use-case (in large data centers), we can't reuse it unmodified for our use-cases, but it's a clever hack nevertheless.

Schedule and Recording

Reinventing home directories

Talk about the upcoming systemd-homed which aims to manage home directories in a complete new way. home-directories are a rather out-dated concept which did not change in the past ~40 years. The systemd developers argue that home is too much entangled with the rest of the system, e.g. encryption and decryption is done by the system and not by the user. The badly designed entanglement can also be seen by /etc/passwd and /etc/shadow, which should belong to the home-directories, not to the system. A better encapsulation of the home-directories will also give the possibility to transfer homes via thumb stick between different computers. Whether or not the systemd-developers are on the right track, I do not dare to say yet, but it is interesting to think about the architectural design of essential linux components and how these may be changed in the future.

Schedule and Recording

Software distribution: new points of failure in a censored world

This talk is about software distribution systems like package managers, language-specific modules like npm or pip, git, flatpak and so on. A new hazardous problem is the censorship of said distribution systems or specific servers. E.g. by blocking npm, as done in China, developers will move to unofficial repos, raising availability and integrity concerns. An even more devastating example was an inofficial distribution of xcode, which included malware that actually integrated itself in every app that was compiled by this xcode-version.

Schedule and Recording

libliftoff status update

In the current DRM ecosystem, only the weston reference compositor employs DRM planes to provide power savings and efficient hardware use to wayland clients. Libliftoff intends to unify the allocation and usage of planes across different DRM drivers and is intended to be used by wayland compositors. The talk outlines the currently working features, a roadmap ahead and the differences between hardware devices used to implement DRM planes.

Schedule and Recording

Debate: should FOSS licenses be enforced at all? What means are acceptable if so?

The prepared debate was about enforcement of FOSS licenses focused on both ethical and practical arguments. The special characteristic of this format is that there are no slides and no single lecturer. The speaker represent either a pro or con point-of-view (that is not necessarily their own) and keep that for the debate.

It included, as against enforcement, that litigation is expensive and time-consuming and, as software becomes way more crucial, also not necessary for open source to prevail. Also most peoples jobs in open source rely on not enforcing, as mistakes happen and if every mistake would cause financial losses, companies would turn away from investing in open source. As pro enforcement the speakers stated, that enforcement does not necessarily equals lawsuit and more so not criminal prosecution. As contracts, and therefore licenses, are enforceable, people simply do have the possibility to enforce. To me, the most important argument for enforcement is: we should not leave this field to license trolls. And against enforcement: judges and lawyers are often not well enough educated in technical aspects, therefore the outcome is unpredictable and could easily harm open source licenses. An interesting, but not unresolvable, point: civil litigation is based on financial compensation, which can be understood as a personal profit and therefore would go against non-profit ideal of some notable licenses.

Schedule and Recording

The GDB text user interface

Tom Tromey gave an update on recent changes to the GDB text user interface. Most of the session consisted of Tom live-demoing all the cool new features in a terminal running the TUI.

He started with stating that the code of the TUI was merged in the late nineties and basically not touched since then. Over the last few years the code has improved a lot due to almost a rewrite. Also while the TUI was pretty much static and only extensible by adding code to GDB the situation has changed dramatically and the TUI now provides more features that you expect from a modern debugger.

He was especially happy about the ability to add colors to the layouts and have syntax highlighting for the code window, which improves readability a lot. Furthermore, he showed how one can add his own layouts to the TUI and even create new windows in Python. The latter, he demonstrated with a cow window that lets a cow tell you the current value of a variable which is implemented in a handful lines of python.

Schedule and Recording

Postmodern strace

Dmitry Levin showed all the new features of strace since his last presentation at FOSDEM'18.

The main focus of the talk was the new PTRACE_GET_SYSCALL_INFO request for the ptrace syscall. This request enables strace to retrieve information about the syscall that caused the stop. One example is the use of 32 bit syscalls on x86-64 systems, which produced garbled and random tracing output. This is now working properly. He further showed how to filter syscalls by return status and how to print stack traces on syscall.

In the end he peeked on upcoming strace features and plans. For one, there are plans to extend the use BPF for filtering which should make strace a lot faster. Furthermore, there are plans to make strace output structured output, e.g., json, which he immediately used to void all questions about improvements to the strace output like coloring or indentation.

Schedule and Recording

openwifi – Open Source “Wi-Fi chip design” and Linux driver

The openwifi project implements an Open Source FPGA-based SDR (software defined radio) stack for 802.11a/g and soon n. It is currently implemented in an FPGA SoC (Zync) with an external RF front end and is compatible with the mac80211 Linux driver.

Beside providing an interesting insight into the complexity of WiFi the speaker also asked tough questions like “Should I use this?” which he answered himself with “No”.

Even if openwifi implements a working WiFi stack it is missing many of the advanced features like MIMO (multiple input multiple output). But it is a great tool to understand WiFi better and allows for researchers to try new ideas.

Beside the interesting topic the talk was also well structured and kept me quite entertained.

Schedule and Recording

HawkTracer: low-end platform profiling

Debugging performance regressions can be hard. It gets even harder if we can't control the runtime environment, e.g. if you are an app developer. Amazon was faced with the same problem for their PrimeVideo application which can be deployed on several targets: SmartTVs, game consoles or FireTV sticks.

The solution for their problem is the in-house developed and now open sourced HawkTracer library. The library can be easily integrated into C/C++ projects and provides bindings for Python and Rust. Traces are stored locally or can be streamed to the network. The project provides a tool to convert the trace events into JSON format so they can be displayed on the host using the ChromeTracing view, FlameGraph view or by a self-defined viewer.

Schedule and Recording

GDB pipelines – convenience iteration over inferior data structures

I spend a lot of time staring at GDB output and navigating complex data structures on the GDB command line. So this talk caught my interest.

In his talk “GDB pipelines – convenience iteration over inferior data structures” Matthew Malcomson introduced “gdb-pipe”, a GDB plugin that makes it easy to iterate over complex data structures. The talk is a fast paced overview of all the features and possible use cases. It is a good starting point before diving in and using gdb-pipe.

Schedule and Recording

The TTM memory manager

As embedded developers we mostly deal with systems that have a unified memory architecture, where CPU and GPUs share the same system memory. Therefore, Christian König's talk about “The TTM memory manager”, which gave a general overview how kernel graphics memory is managed for GPUs with dedicated video memory, was new and interesting to me. The talk detailed the current state of the TTM memory manager, which is used by drivers such as AMDGPU, Nouveau, and Radeon to determine how video buffers migrate between the memory domains (VRAM, system RAM, swap) when required, shining a light on its past and current shortcomings both in architecture and function, as well as pointing out how those issues have been or will be fixed.

Schedule and Recording