Linux Plumbers Conf 2009

Linux multiseat configurations hold the potential to get the cost per Linux user down to half or less of even the cheapest PCs. But can we make multiseat plug and play?

Linux Virtual Ethernet switch enhancements, configuration of management including embedded switches in NICs, support for MIBs and ACLs

Audio BoF

offsched is a platform aimed to assign an assignment to an offloaded processor. offloaded processor is a processor that is hot un-plugged from the operating system.

Data Center Bridging

I) Milestones in LIO 3.1 since LPC 2008 *) A complete configfs enabled kernel-level codebase in lio-core-2.6.git consisting of a generic target engine (target_core_mod) and iSCSI Target fabric fabric module (iscsi_target_mod) including a fabric independent target engine and iSCSI Target python CLI API for real-time configuration and management of running Linux systems using k.o v2.6.3x code that is capable of scaling up to 10,000 unique virtual HBA+FILEIO objects and LIO-Target iSCSI fabric endpoints within a single KVM guest instance using 10 Gb/sec IOV capable hardware.

The wireless extensions API is universally hated by wireless developers on both sides of the user/kernel divide. Fortunately the cfg80211 API is maturing as a modern alternative. What is needed is for drivers (both new and old) to adopt cfg80211 as their configuration mechanism so that the long wireless extensions nightmare can finally end.

The talk outlines various ways of establishing a networking communication between a network namespace (a container) and the outer world, compares their performance and features.

The subject of this talk is a software based solution for scaling performance of the networking receive path. This is particularly useful with a single queue (legacy) NIC on a multi-core computer.

Increasing networking performance by using threaded interrupts for the network devices.

A talk and demo on the current status of SELinux integration in Ubuntu.

We have introduced the concept of the general purpose sandbox using SELinux.

The Linux kernel Crypto API has come a long way since it was first added as a part of the IPsec stack.

Linux 2.6.30 includes the Integrity Measurement Architecture (IMA) system, which measures (hashes) files before they are accessed, and which can use a TPM for hardware signed attestation for centralized management of client integrity.

This talk will discuss the requirements and design of a new SELinux policy infrastructure. It is hoped that this talk will lead to the SELinux community validation of the requirements, acceptance of the new architecture, and a plan to replace the old infrastructure.

Our sample application is a commercial database server. It provides database services over the network using TCP connections. The security goal we're using Smack to address is the isolation of the database files from the users on the server. We'll cover two different ways to provide access to the database, allowing either remote or local users access to the services of the database while protecting the database itself.

SELinux policy is currently installed from a single or multiple package(s) as an application which breaks the linkage between policy and the software they are constraining. We will talk about a way to treat policy specially without adding downfalls such as a large increase in packages.

XACE can be used to make a nifty secure desktop on Xorg. But is XACE relevant with graphics interfaces moving into the kernel?

SELinux is often disabled immediately or at the first sign of trouble. How can we make SELinux something users actually want to leave on?

Discussing limitations of current userspace storage APIs for use in QEMU/KVM.

open discussion on locking issue on clustering file systems, especially associated with fs/dlm code

Data de-duplication is a effective way to reduce large storage needs by eliminating redundant data, a hot demanded feature for virtualization OS image sharing and efficient data storage backups. It's really valuable to add data de-duplication support to Linux filesystem, however the feature is quite challenging too. How to get it right? What's the performance impact? Block level or file level? On the fly data de-duplication in filesystem or background userspace de-duplication?

Video API Deathmatch: VDPAU vs. VAAPI

Over the last few years the graphics stack have been split up and refactored into shared libraries, kernel drivers and other components. The X server provides a lot of legacy functionality that isn't used by the modern, composited Linux desktop. Wayland is a new display server that builds on top of all those components to provide a minimal foundation for a composited destkop. X can run under Wayland with very little overhead for legacy applications.

Overview of the current state of compositor interfaces and their interactions with OpenGL double-buffering.

The initial impetus for cairo-drm came from a desire to experiment with GEM on my i915, and a need to provide an acceleration architecture for the wayland system compositor. (wayland is a minimalistic compositor and input multiplexer that requires client-side rendering.) It proved very easy to incorporate a drm/i915 backend into cairo; first by adapting the existing EXA driver, then to extend it to provide full acceleration for all patterns and to accelerate some of cairo's higher level operations. (The i915 hardware does not seem amenable for offloading tessellation, which has limited just how much we can accelerate in the backend. On more capable hardware, such as the fully programmable i965, we should be able to achieve much more.)

A talk about Gallium and the Xorg state tracker and where they fit in and where they are going.