July 22, 2004

Ottawa Linux symposium offers insight into kernel changes

Author: David 'cdlu' Graham

OTTAWA -- The Ottawa Linux Symposium is an annual limited-attendance conference in the heart of the Canadian capital. Linux developers from all over the world descend on the Ottawa Congress Centre for four days and discuss various aspects of Linux and alcohol consumption. The first day of the conference featured presentations on various topics, from running Linux under Windows and new versions of the NFS protocol, to PGP, X, Satellites, and publishing.

Dan Aloni started the first presentation in Room B on the subject of a project called Cooperative Linux, a project similar to user-mode Linux (UML) except designed to run a Linux kernel on top of Windows as well as within Linux.

The current project, only at version 0.6.5, is based on the Linux 2.6.7 kernel. It is a 135kb patch to the kernel source, though it can also run on top of the NT kernel for Windows 2000, allowing it to function as an unemulated Linux virtual machine on top of Window.

Real and cooperative kernels

The actual changes to the Linux kernel are, said Aloni, minimal. With the patch applied it is a compile-time definition to select whether to build the kernel as a real kernel or as a cooperative kernel.

While we did not see a demonstration under Windows, Aloni showed us cooperative Linux -- colinux for short -- under X on his laptop. Linux booted inside a Window on the screen and was, for all intents and purposes, a separate Linux system.

Aloni explained that the way colinux worked, it could not talk directly to hardware. Anything it needs to do with hardware it has to ask the parent kernel to do. He told us colinux runs in "Ring 0," in other words there is no security on the part of the parent kernel to protect the computer from colinux -- it has free access to do whatever it needs to do. It also means that if colinux crashes, there is a good chance of taking down the whole computer, and not just the virtual machine.

The colinux virtual system and the host operating system are able to communicate using simulated network interfaces, and an unlimited number of instances of colinux can be run at any time until all available RAM is used.

The second presentation in Room B was canceled, but the Room C presentation was about NFS version 4, so I moved over to there.

J. Bruce Fields began his presentation on NFSv4 by telling us that most NFS implementations use either version 2 or version 3. Version 4, he told us, has been under development at the University of Michigan since around 1999 or 2000.

NFS version 4 is not based on earlier NFS versions, he said, but is written completely from scratch. The U of Michigan's implementation of NFS version 4 is nearly complete, lacking complete server side reboot recovery.

What does NFS really stand for?

NFS has often been called "No File Security" he mentioned, but NFS version 4 solves many security issues.

Using public key security and Kerberos authentication, NFS version 4 solves the problems of files being transferred in plain text, and the lack of proper verification of users.

At the start of the afternoon, Keith Packard of HP's Cambridge Research Labs discussed the problems facing the X project in its quest to speak to hardware through the kernel instead of directly.

When X was started, Packard told the standing-room-only audience of hundreds of people, it ran on top of closed source operating systems that did not prevent user-level applications from communicating directly with hardware. As a result, the only way X could be run was to talk directly to the video hardware. By the time Linux came around, that was a firmly entrenched way of doing business.

The problem with this setup is that if ever X crashes, because it is communicating directly with the hardware, Linux cannot regain control of the hardware and the entire system locks up. Further, X manipulates memory directly and there is always a risk that X and Linux will not have the same idea of what is where in the memory.

Hot-plugging is a term used to describe any piece of hardware that can be added or removed while the computer is on.

Packard told us that support for hot-plugging of monitors is not yet supported properly. A lot of code, he told the audience, "knows" that the monitor does not change after X has been started.

A lot of code, he said, needs to be moved out of X and into the kernel. His parting thought was that perhaps the console should be abolished altogether and the entire Linux kernel should run in X -- which got Alan Cox to heckle him that he would be lynched if he tried.

PGP: Pretty Good Privacy

Dan York introduced a small group to PGP. PGP is Pretty Good Privacy, which is a file and email encryption and authentication system. GNU Privacy Guard is one implementation of it.

He explained how to set up a key -- "gpg --gen-key" at the command line, using GNU privacy guard, and how to use it, sign keys, and send them around.

An important part of the PGP system is the web trust, he told the audience. In order to verify a key, it requires more than just the program identifying the key as coming from who claimed to have sent it. That person should be verified by having met someone who has met someone who has met someone.. who has met that person. The web of trust requires PGP users to sign each others' keys and state a level of trust.

When users have met each-other and signed each-others' keys, there is a clear path of people who have met each other, and the identity of the person sending the key or the key-signed email or file can be verified.

In the afternoon, former Debian Project Leader Bdale Garbee and Hugh Blemings held a session on ham radios, the IRLP, and the Amateur Satellite (AmSat) project.

Billed as a birds of a feather (BOF), it was actually a presentation. Hugh demonstrated the Linux-based Internet Radio Linking Project by having a conversation with a person in New Zealand talking from his car.

Amateur satellite project on way to Mars?

Garbee talked about the Amateur Satellite project, which has now successfully launched 51 satellites into space. Currently one is in the works that would be the first amateur satellite to travel all the way to Mars, with the goal being to get into Martian orbit.

In 1957, he said, Russia launched the Sputnik spacecraft, launching the space race. Just four years later, ham radio operators launched the first amateur satellite, known as OSCAR. OSCAR-7 was launched in 1974 and ceased to function from 1981 to 2002 when it inexplicably resumed working, making it the oldest amateur satellite still in functional orbit at 30 years.

AmSat launched a science experiment on one of its satellites to determine the quality of GPS signal above the altitude at which the GPS satellites orbit. It discovered that its was able to read signals from the other side of the planet from satellites that were not intending to send signals in their direction. The U.S. Air Force was not willing to help them find this information as the maximum altitude at which GPS signal works is classified.

Naturally, Garbee said, it was AmSat's duty to publish its findings about the GPS signals.

The day was wrapped up with a brief presentation from AMD, a major corporate sponsor of the conference, and a lengthy and very good presentation from Jim Munroe on the similarities between the war between free software and proprietary software and the war between authors, and major publishers and media consolidation.

An engineer from AMD made a point of thanking the people in the room, the Linux community, for helping bring AMD's 64-bit desktop architecture to the main stream.

Sci-fi satire books

He introduced Jim Munroe, author of "Flyboy Action Figure Comes With Gas Mask" and founder of the organization No Media Kings. He discussed his science fiction books which satirize corporations, marketing, and science fiction's tendency to predict the future.

He spoke out against companies' consolidation. Consolidation, he cautioned, leads to monoculture. Monoculture, he said, leads to problems like the virus problems afflicting Windows.

At the end of Munroe's talk, AMD held a door-prize raffle where it offered three AMD CPUs and an Athlon 3700-based system worth over $3,000. Notably, one of the AMD CPUs was won by Intel's representative at the conference.

Click Here!