Closing session of All Systems Go! 2023about this event: https://cfp.all-systems-go.io/all-systems-go-2023/talk/PKSMVD/

In this talk we’ll discuss antlir2, Meta’s solution to building container and bare metal operating system images. We’ll talk about how we have built performant, hermetic and deterministic image building infrastructure on top of buck2 (Meta’s new open source build system) and how we enable users to compose their own multi-language projects with full…

sdbusplus generates ergonomic and compile-time type-checked dbus bindings built atop sd-bus. This library is heavily used within the OpenBMC project to provide all IPC between its many userspace processes. This talk will give an overview of how OpenBMC leverages dbus, how sdbusplus facilitates its usage, as well as an introduction on our approach f…

A quick journey through the Azure infrastructure, specifically looking at how image-based Linux is used for Azure Boost, what it enables, what interesting security and performance features were added and where to find them upstream.Believe it or not, today Linux is right at the core of Microsoft Azure's infrastructure, on the very nodes that run al…

BuildStream is a tool for building / integrating software stacks. In a way, it has a similar goal to bitbake / yocto and Android repo, but takes a completely different approach. It can be used to take software from various sources, build it with various buildsystems in a reproducible sandbox, and cache results for speedy rebuilds.In this talk I giv…

Are you using container images with hundreds of known vulnerabilities?The majority of us are using images based on the Docker official images available on the Docker Hub. This includes base images – such as Debian and Ubuntu – as well as application images such as nginx and redis. Unfortunately these images often have hundreds of known vulnerabilit…

mkosi is a tool for building operating system images. In this talk we'll give an introduction to mkosi, how we use it to develop systemd and discuss how we want to support running and updating systems with mkosi and other systemd tooling.Github repository: https://github.com/systemd/mkosi/Initial blog post on mkosi: https://0pointer.net/blog/mkosi-…

openSUSE Aeon (formerly MicroOS Desktop) aims to be a fully fledged modern Linux Desktop leveraging as many of the latest user space innovations available including:- Immutable OS with Transactional Updates- Secure Boot- TPM Encryption- Flatpaks & OCI containers as primary application deliveryThis talk will introduce the distribution, highlight the…

Recently, atomic updates via image based systems have become more relevant forservers and desktops, as they allow predictable management of large fleets. In theembedded Linux space, this approach has been the default for many years andproven updaters exist already.In this talk, we will delve into RAUC and look at how its design and featureshave bee…

systemd-repart has recently learned many features to make it useful for building discoverable disk images. In this talk, we'll give a deep-dive on the new features and how they can be used to assemble discoverable disk images.about this event: https://cfp.all-systems-go.io/all-systems-go-2023/talk/VPQADA/…

Network operating systems commonly provide a stable userspace platform for networking devices. Integration of userspace applications as well as low-level hardware support are handled by firmware build systems.Existing build systems for network operating systems display numerous limitations by either targeting only distinct types of devices, using c…

A/B partitioning is great - you hermetically drop-in the whole new OS and bootinto it. Although, how can we manage and migrate the RW configuration and statefiles that lie within? Can we do that reliably on both OS upgrades anddowngrades?This talk will explore the design used on the SteamDeck, the issueswe've seen while drawing analogies, and futur…

Arch Linux has worked with its own packaging framework - Arch Linux Package Management (ALPM) - for about 20 years.This talk is about an effort to rewrite low-level components and to create specifications for related metadata files using the Rust programming language.It will cover new projects in the ALPM (https://gitlab.archlinux.org/archlinux/alp…

This talk will explore the ideas from Lennart's "Fitting Everything Together"blog post, particularly the A/B partitioning scheme and its bootloader design,comparing it with the approach used on the SteamDeck. Spoiler alert, we're notusing sd-boot.We will focus on the requirements that drove us to the latter design, some implementation details, and …

The build system should get out of the way to let us focus on our tasks, not be distracted by slow or unreliable builds, get fast feedback on changes, and let us know what’s in the software we’re shipping to our users. But, what does it take for a build system to be really fast and reliable? What does it take to know what’s in the software?It requi…

Modification of the kernel command line has historically been one of the easiest ways to customize system behavior. Bootloaders allow for persistent changes via config-files and on-the-fly changes interactively during system boot.System behavior changes made via the kernel command line are not limited to the kernel itself. Userspace applications fr…

openSUSE is a general purpose, rpm based distribution. One of it's unique features is the use of btrfs snapshots to offer rollback of the root file system of both traditional as well as transactional systems. This talk explains the challenges faced to integrate systemd-boot into openSUSE.about this event: https://cfp.all-systems-go.io/all-systems-g…

This talk will be a whirlwind overview of NixOS modules and the lessons I've learned with maintaining and writing new ones.Nix modules are the core of how you organize configuration and service config, but there's a lot of "draw the rest of the owl" subtext as to how you actually go about writing them. This talk covers some best practices for how t…

The talk wants to provide a brief introduction into Confidential Containers Project. We'll discuss the rationale behind Confidential Computing and how concepts like Trusted Computing or Remote Attestation can be leveraged by end-users to guard their workloads not only from malicious actors but also their cloud service provider. Confidential Contain…

The Talos Linux distribution is built from scratch with the goal of providing a secure, verified, and minimal-footprint operating system for running Kubernetes clusters. Talos is designed to be immutable, minimal, and secure. Talos includes only the bare minimum required to run Kubernetes.This talk will cover how Talos uses Unified Kernel Images (U…

The Linux Userspace team at Meta aims to make significant contributions to upstream userspace projects, while also ensuring that Meta is able to leverage those improvements. In this talk we'll give an overview of the team and brief history of how it was formalized. Then we'll dive deeper into some of the efforts we've worked on with the open source…

Confidential compute is a new compute and programming paradigm to run an application in enclave, a run-time encrypted and authenticated trusted execution environment. We give an overview of the current technologies provided by AMD, Intel and ARM. We also give an overview of open source tools to leverage compute along a tutorial to enclave any appli…

All Systems Go! lightning talkabout this event: https://cfp.all-systems-go.io/all-systems-go-2023/talk/8P7XKH/Von Adrian Vovk

All Systems Go! lightning talkabout this event: https://cfp.all-systems-go.io/all-systems-go-2023/talk/AKNDS3/Von flokli

All Systems Go! lightning talkabout this event: https://cfp.all-systems-go.io/all-systems-go-2023/talk/VAY88J/Von Daniel Maslowski

The journey of developing a Linux platform to require very little in the way of configuration management, and how to virtually eliminate the need to modify code to change configuration. From configuration via scripts and evolving through a couple of configuration management products, we have used the idea of matching actions to timescales to transf…

A quick overview of the work in progress to plumb PID FDs through Linux userspace, to achieve resilience and security improvementsProcess ID File Descriptors were introduced in Linux v5.3. They allow tracking a process reliably, without risking races and reuse attacks, as they always refer to one single process regardless of the actual PID, so if t…

Image based OS updates are the future. One way to handle updates is viacontent-addressable synchronisation software, like casync and desync.This talk with give a presentation about the two - their overall design,feature set and strengths and weaknesses. It will also demonstrate a realworld use-case of them.about this event: https://cfp.all-systems-…

Some quick numbers and maybe curiousities from our work on evaluating which libraries need to be rebuilt for 64-bit time_t on armhf in Ubuntu using abi-compliance-checker.about this event: https://cfp.all-systems-go.io/all-systems-go-2023/talk/R3SWBQ/Von Julian Andres Klode

The utmp implementation of glibc uses on quite some 64bit architectures a 32bit time variable, which leads to an overflow on 03:14:07 UTC on 19 January 2038. This talk will explain the current work on replacing utmp with logind.The year 2038 problem (also known as Y2038) is a time formatting bug on Unix systems with representing times after 03:14:0…

A walkthrough of an interesting use case for the `FICLONE` ioctl: cloning file data into a tar archive, and cloning files out of it again. "Free" archiving and unarchiving at zero-copy speeds!Topics:- Copy-on-write and the `FICLONE` ioctl- The ancient `tar` format- A trick for adding arbitrary padding to the `tar` format in order to force file syst…

A short case study on where we are with sandboxing APT; what gaps there are and what technologies we looked at.Downloading packages, verifying packages, installing packages, protecting user data from snoopy or broken maintainer scripts. A package manager has a lot of places that can need some sort of sandboxing.APT currently employs a minimal sandb…

In light of the climate crises, and despite hardware getting faster and faster, fully powering down systems and back on on demand – the obvious choice – is still inconvenient, as boot times are still very long. Even ChromeOS still has not lowered its limit from ten seconds since years. Show the current status of the hobby project on x86 hardware, a…

Despite being ordinary computers with an ASIC for switching, in reality network hardware must still be treated differently from normal servers. In recent years a lot has improved, and vendors offer white box switches, allowing users to install a (network) operating system of their choice. Of course, the NOS needs to support the firmware interface f…

The TPM event log contains a history of all measurements made with the TPM.Complete with some context information for each measurement it is intended tohelp with recreating the current PCR contents. What was meant as a debuggingtool turns out to be of vital importance when trying to remotely attest reallife systems. This is mostly because of the ov…

This talk will discuss new features provided by the new kernel mount API interfaceabout this event: https://cfp.all-systems-go.io/all-systems-go-2023/talk/NYLYDK/Von Christian Brauner

Let's get you up to speed on Trusted Platform Modules (TPM 2.0) and Linux. Specifically, the various additions to basic Linux userspace, i.e. systemd in our goal to make measured boot a default on Linux.about this event: https://cfp.all-systems-go.io/all-systems-go-2023/talk/HSEJY9/Von Lennart Poettering

Let's discuss about `bpfilter`, a userspace daemon that empowers services to create efficient packet-filtering BPF programs using a high-level representation of filtering rules.For a significant period, `bpfilter` wasn't more than an empty [usermode helper](https://cateee.net/lkddb/web-lkddb/STATIC_USERMODEHELPER.html) and an [abandoned patch serie…

systemd v254 introduced a new reboot type: soft-reboot. It shortcuts the reboot process by not restarting the kernel, and instead shutting down userspace, followed by re-exec'ing systemd from the new rootfs, starting everything up again. Not only this allows to save time by virtue of doing less work, but it also allow select resources (File Descrip…

strace is a traditional userspace tracer utility for Linux, implemented using ptrace API. Despite of the abundance of various kernel tracing interfaces nowadays, there are certain classes of tasks that are still better served by strace. In this talk the maintainer of strace will provide examples of such tasks.about this event: https://cfp.all-syste…

Stopping the old and starting a new service afresh -- that is what service restart is roughly about. We will look what it comprises in more detail from service manager perspective and also from the service's client end. Thus we will look at how FDSTORE API can be used to smooth service restart. Furthermore, we will review how unit instances may pro…

Using an image-based OS brings advantages and challenges. One challenge is the customization of a read-only image with additional host-level software and configuration, and how to manage this customization through the lifetime of a machine.For deeper changes in /usr, users might build their own images instead of following the official image updates…

With the introduction of "Forensic Container Checkpointing" in Kubernetes 1.25 it is possible to checkpoint containers. The ability to checkpoint containers opens up many new use cases. Containers can be migrated without loosing the state of the container, fast startup from existing checkpoints, using spot instances more effective. The primary use …

In this presentation, we introduce Inspektor Gadget, a tool designed for the creation, deployment, and execution of eBPF programs (gadgets) across Kubernetes and Linux environments. Inspektor Gadget encapsulates eBPF programs into OCI containers, providing well-understood and easily distributable units.We'll delve into Inspektor Gadget's automatic …

At Meta, we've been working to add encryption support to btrfs, with exciting implications for per-container security. Traditionally encryption has either dealt with whole disks, with LUKS, or with a few filesystems: ext4, f2fs, ubifs, and ceph, lacking in advanced volume management. Btrfs has several features these filesystems don't: deduplicating…

UKIs are a fundamental building block of modern measured and trusted boot chains. Let's have a look at what happened in the area and discuss recently added new concepts, such as "add-ons", new PE sections, build tools and more.about this event: https://cfp.all-systems-go.io/all-systems-go-2023/talk/ZEVAWH/…

A welcome session for All Systems Go!about this event: https://cfp.all-systems-go.io/all-systems-go-2023/talk/X89KG9/

Closing, thank yous, sponsors, what's next, anything elseabout this event: https://talks.nixcon.org/nixcon-2023/talk/NRSXHT/Von Ron Efroni

microvm.nix builds NixOS for a few virtual machine managers in a few different use-casesFull virtualization suffers from overhead and performance degradation due to software emulation of real hardware. MicroVMs are optimized by replacing this emulation with interfaces that have been optimized for the virtual machine use-case: VirtIO.microvm.nix hel…

Nix is an amazing build tool not only for applications, but also for the infamous "yaml engineering". Join Volodymyr to learn about the journey of using nix along with argocd to deploy payloads into kubernetes.What you will learn:- Setting up nix to work with argocd- Deploying simple applications written purely in nix- Utilizing the public helm cha…