What Is A Kernel In Linux

What Is A Kernel In Linux – Thomas Graf talks about how companies like Facebook and Google are using BPF to patch zero-day exploits, how BPF will forever change the way features are added to the kernel, and how BPF is a new kind of application delivery method for introducing the linux kernel. .

Thomas Graf is co-founder and CTO of Isovalent and creator of the Cilium project. Previously, he was a Linux kernel developer at Red Hat for many years. In more than 15 years of working on the Linux kernel, he has been involved with a variety of networking and security subsystems. In recent years he has been involved in the development of BPF and XDP.

What Is A Kernel In Linux

Software changes the world. QCon empowers software development by facilitating the spread of knowledge and innovation in the developer community. QCon is a practice-oriented conference and is aimed at technical team leaders, architects, technical managers and project managers who influence innovations in their teams.

Collabora Expect Their Linux Kernel Work For Windows Game Emulation In Kernel 5.11

Graf: My name is Thomas Graf, probably the best description would be a long time kernel developer, but more recently I also co-founded a company called Isovalent and built Cilium with a team. This won’t be a pure talk about Cilium, I’ll talk more generally about how the Linux kernel is being reconsidered and why this is happening.

Before we get to that, who remembers that age? I’m glad a lot of people remember it. This is what the internet used to look like, before the year 2000 most websites looked like this.

How do we go from the sites you see on the left at the age we are used to today to the ones you see on the right where we spend most of our time in a web browser? We’ve gone from simple websites with cute GIFs to huge apps that run in web browsers. What made this development possible in about 20 years? We’ve gone from pretty much just markup, and I’m using HTML 2.0 requirements for comments here, to an era where we mostly use scriptable platforms.

I’m a kernel developer so I’m not familiar with all of these JavaScript frameworks, but there are plenty out there and it’s basically what made it possible. Of course, there is much more, but fundamentally it is the programmability that makes it possible to go from fairly static websites to applications that run in web browsers. Why is this important, and why is it important to the Linux kernel? We’ll get to it.

Gender Diversity Analysis Of The Linux Kernel Technical Contributions

Before we look at some programmability basics, what does it mean to build a programmable system like JavaScript that powers a web browser? First of all, we need a concept of security. If you allow untrusted code to run in a web browser, it must be isolated, it must be isolated somehow, it must be secure.

We need continuous delivery. It doesn’t make sense to expand our application when we innovate and then require the user to install a new web browser, nobody would use an application, a web-based application, if they need to install a new web browser. There was a time when you had to update to new versions of the browser and it was very confusing for users. We are no longer used, we are used to automatically receive updates for websites and browsers in the blink of an eye. You probably won’t even notice it at this point if you update your Chrome and you definitely won’t notice it unless there’s a visual cue or a visual change that the site has changed its backend, for example. All this happens continuously and without problems. When you roll out a new version of your app, you can have millions of users on this site at the time you want to upgrade without a hitch. Every programmable system must have a vision of continuous delivery and seamless upgrades.

The final aspect is performance. If we gain programmability and sacrifice performance, programmability probably isn’t worth it. A good example of this is in the early stages or early years of Java, where there was a big performance hit. Much of this disappeared later, but initially the cost of running Java, or the difference between running a C++ application on a Java application, was huge.

Similar to JavaScript, running JavaScript before JIT compilers added a significant amount of CPU usage on the end user’s laptop or machines. Every aspect of programmability also requires some notion of native executions, and in many cases this is done with just-in-time or JIT compilers, where a notion of generic bytecode is translated into what your machine’s CPU actually understands, that is, we go as close as possible to the native execution speed.

Inside The Linux Kernel

The second thing before we can put the two together is a super quick introduction to the kernel. What is the Linux kernel like? Roughly speaking, it has three parts: We have a user area – the kernel people like to put that on top. Below is the Linux kernel, the operating system, and at the bottom is the hardware. Then we get an idea of ​​the processes by removing applications, some tasks that are done in user space and on the lowest level of hardware that we have. I have greatly simplified this storage and networking. Obviously there’s a lot more hardware available, but I’ve made it as simple as possible.

The first thing the kernel will do is abstract this away with a so-called controller. Of course, the kernel needs to understand and enable the hardware, but it doesn’t want to expose that complexity directly to applications. It will introduce the first level of abstraction for the Linux kernel to understand: “I know block devices”, “I know network devices”, “I know an input/output device”, “I know a console” and so on, it is the first abstraction level. Similarly, we have system calls that an application calls to communicate with the Linux kernel. There are many of them, I have used some examples here.

You want file I/O, read and write, this would allow reading files, writing to files and also sending and receiving messages. This would use an application for network interaction to send data over a BSD socket or a TCP socket. This is what the kernel makes available to user space in your applications, this is where the kernel provides guarantees in terms of backwards compatibility. The API doesn’t change, we allow applications to keep running even if the kernel actually evolves.

Then we have middle layers, middleware in the middle. That’s logic, that’s business logic, like a virtual file system, process scheduler, network, firewall, and TCP/IP technology, etc., all of that is in between.

Android 12: The Ars Technica Review

Then the final piece is someone who actually operates the system. Back in the day it was a real human being, these days all of this is pretty much automated and done via configuration APIs. Over the years the kernel has adopted many different APIs, we have System FS or sysfs, procfs, netlink. There are many more different APIs that a human, controller, script, or component can interact with the Linux kernel and configure these systems. For example, mounting the file system, changing the firewall rule, loading a new driver, loading the Linux kernel module, all these things are done through these APIs. That was a super quick introduction to the Linux architecture.

We will review the kernel development process. What do you do if you want to change something about it? What options do I have if the current Linux kernel doesn’t offer what I need? You pretty much have two options, you can either do a native implementation or write a kernel module and we’ll look at both.

Native support means changing the kernel source code, it means going on the Linux kernel mailing list and convincing the world that this change is really necessary, and no matter how much complexity it adds, the rest of the world should pay. It means exposing some kind of configuration API to expose that and enable it, and then you have to wait five years for all your users to upgrade to the latest version of the Linux kernel.

That’s good once it’s there, and when those five years are up, basically everyone will have that ability. The problem with that is we don’t really have time for it, nobody wants to wait those five years. The second aspect is a Linux kernel module, a loadable plugin that you can load into the Linux kernel at runtime and that extends the functionality of the kernel. it’s basically like

Pdf) Linux Kernel Internals