This year the Embedded Linux Conference took place in Seattle alongside the Embedded Open Source Summit and once again several members of The Good Penguin team participated, including Andrew Murray who presented a talk about SD cards. We feel that these events not only assist us in staying up to date with the wider Linux ecosystem but they also provide us with a great opportunity to collaborate and make connections with the community. In this blog post we (Ben King and Benjamin Braddock) would like to share some of our highlights from this year’s summit.
Rethinking U-Boot Devicetree Story – Sumit Garg, Linaro Ltd.
Currently in a standard embedded Linux distribution, a device tree is generated for and provided to both the U-boot and Linux kernel independently, potentially leading to fragmentation and a lack of uniformity. In this talk Sumit discusses the use of the OF_UPSTREAM option within U-boot to allow it to provide it’s loaded device tree to the Linux kernel, unifying the two systems.
See the schedule for the slides and further information.
Standardizing the generation and signing of boot images – Neha Malcom Francis and Vignesh Raghavendra, TI, Simon Glass, Google
This was about how binman uses the device tree format to describe the layout of images and firmware. Modern SoCs can have lots of complex requirements when it comes to AMP cores, co-processors, security firmware, FPGA firmware, compression, alignment, integrity hashes and security signing. With the old method of custom scripts to generate these images, this was messy and hard to read/maintain.
By declaring everything in a device tree format, you get all of the advantages and features of the device tree: it becomes a lot easier to read, to add custom properties, include a common dtsi and then append or overwrite anything etc. In this example, TI added a custom class to sign all binaries with their key using openssl. Binman can also change things at runtime which we can see being useful to do things like selecting a firmware (from multiple options) based on a runtime parameter such as a value stored in EEPROM or a button/switch input etc.
See the schedule for the slides and further information.
Power Measurement and Attribution in Kernel for Embedded System Processes – Aditya Manglik, ETH Zurich
In this talk Aditya broke down some of the challenges of measuring power draw of individual software components on a running Linux system and emphasised how much of a challenge it can be to narrow down the system-wide power consumption to just a single software process. One particular concern raised was the delicate balance between a power consumption measurement model being too simple to provide useful data vs a highly sophisticated measurement model that would noticeably increase the load of a system and therefore bias the output data.
See the schedule for the slides and further information.
AMP Virtio – A new Virtio transport for AMP systems – Bill Mills, Linaro
This talk was about virtual devices in an AMP environment (e.g. a SoC); the focus was on the limitations of virtio-mmio and the ways that it is typically used.
A usage we found interesting was that you can share an i2c bus between the M and A cores of an SoC by having the M core (running an RTOS) share the physical bus by exposing a virtio-i2c device to the A core.
Not only does this let you share the bus, it also allows you to limit access to certain devices (which could be useful for security or stability reasons) and is a solution to some of the requirements we’ve encountered in past projects.
The current state of the work is that there is a draft for what the transport provider will require and how it will be used. It looks like it will become a new transport provider (instead of building on top of virtio-mmio) due to it being too different, and there not being much benefit of modifying virtio-mmio.
It will be interesting to see the adoption of this and if we can move towards the use of virtio devices for more applications instead of layering custom protocols on top of rpmsg that require new kernel drivers, like we saw with “Display Sharing in heterogeneous systems using Linux as high level OS” . The presenters of the display sharing talk were also in the AMP Virtio talk and asked about it for their use case, so it will be interesting to see if they explore the use of a virtio display for their system.
See the schedule for the slides and further information.
Compound Interest – Dealing with Two Decades of Technical Debt in Embedded Linux – Bartosz Golaszewski, Linaro
It was interesting to learn about how a seemingly simple subsystem like GPIO can become messy and have blatant misuses in the kernel, e.g. violating an atomic context by using an incorrect function that was added to fix a specific issue in another driver and used in that specific way. It was also interesting to think about the added complexity of compatibility with the user-space interface and the fact that the kernel can change to a new interface but it still has to consider/abide by a number of different things. This can block progress and/or make people less willing to work on it, which is how this technical debt accumulates.
Regarding the GPIO interface, a DBus API is in the works and if successful, we will have to see if/when other subsystems follow and change their interfaces and clean up the way they handle device specific workarounds in the future.
See the schedule for the slides and further information. Regarding subsystems, another good talk was…
From C to Rust: Bringing Rust Abstractions to Embedded Linux – Fabien Parent, Linaro
This talk discusses how initial support for Rust has been implemented into the Linux kernel, however there are seemingly very few Rust device drivers being developed and upstreamed. The speaker accredits this to a lack of Rust abstractions upstream, but as abstractions can’t be added to the kernel unless they are used somewhere this creates an interesting chicken-and-egg problem. In an effort to “get the ball rolling”, the speaker has been making efforts to write device drivers in Rust and get them upstreamed in order to make a wider selection of abstractions available to other Rust device driver developers.
Fabien noted that most security vulnerabilities arise from the subsystems rather than the drivers themselves and thus Rust would be a great addition here. In recent years there has been a rising number of bugs reported to do with race conditions and memory correctness. These bugs have gone unnoticed or unpatched for decades in some cases but are becoming more apparent because of the increase in single core performance, out of order execution, compiler optimisations etc. These, like the security vulnerabilities, mostly occur in the core kernel subsystems rather than the device drivers, which is why Rust is a good fit as it can solve most, if not all of these issues and help kernel stability and security.
See the schedule for the slides and further information.
The full schedule for the conference (along with the slides) can be found here. Videos are available on YouTube. We’re already looking forward to our next conference which will be Linaro Connect next month in Madrid.