Typical Mistakes when Submitting a New Code to Linux Kernel
Language: English

Code review is a crucial part of developing a stable and robust open source project, such as Linux kernel. Newcomers and surprisingly many active and known contributors have been making the same mistakes, like using non-scalable APIs, over and over. How can we eliminate or avoid them? Considering the patterns the best practices would be suggested. In addition, relatively new Linux kernel APIs, such as Unified Device Properties, will be discussed.

Bio
Andriy Shevchenko was born in Donetsk in 1977. He studied electronics at the State University of Donetsk and graduated in 1999. Andriy joined Intel Finland Oy in May 2011.

He has participated in few projects since and eventually become one of the active contributors to the Linux kernel.

Andriy has over ten years of software development experience in Linux environment, especially in a serial bus drivers area in the kernel programming. During this time he has contributed hundreds of patches to the Linux kernel. In his current position, he has been designing and developing a glue layer between ACPI and pin control framework.

Besides, Andriy has done a proof-of-concept (not yet in upstream) of correct run time power management support in 8250 UART driver.

GPIO and Pin Control for Embedded Systems. MMC/SD and a Little SDIO
Language: English

GPIO and Pin Control for Embedded Systems
The maintainer of two of the frameworks for embedded digital input-output will give a crash course in all the things you need to know about the pins that come out of a system on chip (SoC) from electrical configuration down to controlling the output/input of individual bits to/from the environment.

MMC/SD and a Little SDIO
An overview of the framework for standard memory cards and the recent changes done to the framework will be given, from the physical cards, the history of it, the history and state of the Linux MMC/SD/SDIO stack all the way to the interface to the block layer.

Bio
Linus Walleij is a subsystem maintainer of the pin control and GPIO subsystems of the Linux kernel. Apart from this, he occasionally works with diverse ARM32 systems and device drivers. He holds a master of science in computer science and a bachelor of the social sciences in research policy. He likes sports such as step aerobics and bodypump and enjoys cooking.

Xen Paravirtualized Devices: a Description of the Architecture
Language: English

Xen, like most of the other available virtualization solutions, is making use of paravirtualized devices in order to speed up I/Os of guest systems. Juergen's presentation will show how those paravirtualized devices are working: which basic mechanisms are used for their realization, which components are involved, how are they instantiated, how are they doing I/Os. Juergen will go into detail on how the different components are working together during the life cycle of a paravirtualized device and which measures have been taken for performance and security. You will see in detail how a single I/O is being performed and how the I/O data flow between the guest and the physical device looks like.

Bio
Born 1964 in Germany, Juergen Gross studied physics and started his IT career in 1989 at Siemens in the mainframe department. Doing the major work to enable the mainframe OS "BS2000" to run as a Xen guest on X86 machines brought him in contact with the Xen community. Juergen has joined SUSE in 2014 as Linux kernel developer being responsible for the Xen hypervisor interfaces in the Suse Linux kernel.

He is a maintainer of the Xen hypervisor cpupools. Since 2016, he has been one of the Linux kernel maintainers of the Xen-specific kernel code, and in October 2017 he became a maintainer of the x86 paravirt framework of the Linux kernel.

Why Use TEE's and How to Avoid Mistakes when Working with Them
Language: English

Trusted Execution Environments (TEE in short) are starting to gain more an more traction, but still many people believe that they mainly exist because of DRM protection. In this talk Joakim Bech is going to give an overview of what you can do with it and where it is in use already today. In addition to that, he will talk about some examples of other areas where it could be useful to enable a TEE.

At the second part to this talk we are going to have a look at some (old and) known issues that one has to be aware of when doing development for a TrustZone environment. As it turns out, even though you have much better security when using a hardware assisted environment there are still things that can go wrong.

Bio
Joakim Bech manages planning and strategic goals for Linaro's security efforts. Joakim and his team has been a key player in open sourcing the Trusted Execution Environment (TEE) solution called OP­-TEE.

Joakim is also the Technical Lead for the Security Working Group where he is responsible for the techniques and features developed by the working group. Prior to Linaro he spent 10 years in the telecom industry working for companies such as Sony Ericsson, EMP and ST-­Ericsson. His roles have included architect, team leader, and development engineer.

His primary focus was embedded security where he was a contributor to the GlobalPlatform based TEE / TrustZone solution which was created and used by ST­-Ericsson. For that particular TEE solution, he focused on user space, kernel driver, and Trusted OS implementation. Joakim also has experience with developing crypto drivers for hardware accelerated crypto IPs.

Modular Cell Phone Software: Mainline Kernel and PostmarketOS
Language: English

It would be nice to have a real operating system on a cellphone, good enough to run common applications, and modular so that parts can be modified without huge effort. At the moment, we do have suitable hardware (Nokia N900, N9, Motorola Droid 4) and most of necessary kernel support.

Pavel Machek will explain what parts are missing or need improvement in the kernel. Unfortunately, situation is not nearly as good in the userland -- some rather important parts are missing (suitable windowing system, audio management, voice calls, camerasupport) or are in proof-of-concept stage. Hopefully, the situation will improve soon, because great community is gathering around PostmarketOS.

Bio
Pavel Machek hacked kernel for SUSE for almost 10 years, including work on USB stack, x86-64 port and hibernation. He currently hacks kernels, bootloaders, and complete systems in cooperation with DENX Software Engineering GmbH. In the last few years, he started hacking mobile phones, with a goal of running common distributions on them.

HDMI CEC (Consumer Electronics Control): Intro & Status Update
Language: English

This presentation introduces the HDMI CEC protocol and gives an update of the latest status of the HDMI CEC subsystem in the kernel. Special attention will be given to the new CEC error injection framework. If you ever wondered how to automatically turn on your TV, then this talk will tell you all about that!

Bio
Hans Verkuil started contributing patches to the MPEG encoder/decoder ivtv driver in early 2004 and it snowballed from there. Since 2013 he is a video4linux co-maintainer responsible for V4L2 bridge drivers and video receivers and transmitters. Since 2016, he also maintains the HDMI CEC framework.

Hans lives in Oslo, Norway, working as a senior R&D software engineer at Cisco Systems Norway, developing — surprise! — video4linux drivers.

Intel GVT-g: Integration into XenServer
Language: English

This talk will give an overview of virtual graphics in Citrix XenServer. It will give background on the nature of device emulation in Xen and guest graphics stacks, and then go into particular detail on one of the vendor solutions, Intel’s GVT-g, covering the architecture as well as the current and proposed future implementations in XenServer. The talk will also cover other vendor solutions from NVIDIA and AMD, and recent work on virtual GPU migration.

Bio
Paul Durrant is a Senior Principal Software Engineer in the XenServer platform group of Citrix Systems R&D, based in Cambridge, UK. His chief responsibilities are Windows Paravirtual drivers, Virtual GPU subsystem, and the guest storage and network data-paths. His work has given him broad experience of Xen (hypervisor, tools and firmware), PV protocols and QEMU. Paul has been a kernel level programmer since he graduated from the University of Cambridge (BA CompSci) in 1994, generally specializing in network drivers. He spent several years in Solaris kernel group at Sun Microsystems where he was responsible for the kernel network driver interface (a.k.a. GLD) and then, prior to joining Citrix, Paul spent a few years at Solarflare Communications working on their user-space low latency TCP/IP stack.

Make Your Own USB Gadget
Language: English

A USB gadget is a device which has a USB Device Controller and can be connected to a host to extend it with additional functions. Creating a gadget means deciding what configurations there are and which functions each configuration provides. So far the choice had to be made statically at kernel compile time. Configfs can be used to tell the kernel about the above mentioned decision at runtime; no need to compile anything, all required components are available in mainline. Composing a new gadget of existing functions does not involve USB maintainers any more, basic shell scripting is enough.

Bio
Andrzej Pietrasiewicz graduated from Warsaw University of Technology, Faculty of Electronics and Information Technology, Warsaw, Poland in 2002. From then on he had been developing systems in C++ for over 5 years. Then for 3 years he had been involved in various smaller projects and development of an Eclipse-based IDE. For over 5 years he has been working on the Linux kernel.

Andrzej is the original author and co-maintainer of drivers/media/platform/s5p-jpeg and has significantly contributed to converting USB gadgets and functions to configfs. He spoke at LinuxCon North America 2013, 2014 and 2015, as well as Plumbers 2013 and 2015, Jesien Linuksowa 2016 and LVEE 2017. For five years he has been successfully delivering five-part kernel programming trainings with hands-on sessions to his fellow employees at Samsung R&D Institute Poland, his current employer.

USB Attacks Explained
Language: English

USB is the most common external interface in the world. Even machines which, for security reasons, are disconnected from the Internet often offer a USB connectivity. This creates a new attacks surface for skilled hackers. USB implementation may be exploited on various levels. To effectively protect against such attack, knowledge about already exploited vulnerabilities is required. This talk is a survey of state-of-the-art USB-related attack and defense methods.

Bio
Krzysztof Opasiak is a PhD student at Warsaw University of Technology. He works as Kernel and System Developer at Samsung R&D Institute Poland. Since 2013 involved in USB support development in Tizen OS. Maintainer of libusbgx, a library for USB gadgets management through ConfigFS. Open Source enthusiast and speaker at several Linux and Open Source Conferences.

Simultaneous Localisation and Mapping with Deep Learning in Automotive (Part 1)
Language: Russian

SLAM (Simultaneous Localisation and Mapping) is a set of algorithms and software implementation, used in automotive software development. SLAM algorithms allow to analyze the parameters of sensors (cameras, laser rangefinders, ultrasonic sensors, radars, etc.) and determine where the object is and what it is surrounded with. This is necessary for any automated system that is designed to analyze the environment in motion.

In particular, the talk will include the definition of motion trajectory according to the data from the camera. Focus will be made on interesting mathematical questions, algorithmic and machine learning approaches such as image analysis, small elements recognition and isolating important data from data stream.

Bio
Igor Uspeniev has over 10 years of experience in data science including data mining and computer vision. He conducts mathematical research in the analysis of nonlinear dependencies. Igor is a Lead Software Engineer, Consultant, GlobalLogic, and at his current position he develops approaches in SLAM in environmental recognition.

Simultaneous Localisation and Mapping with Deep Learning in Automotive (Part 2)
Language: Russian

SLAM (Simultaneous Localisation and Mapping) is a set of algorithms and software implementation, used in automotive software development. SLAM algorithms allow to analyze the parameters of sensors (cameras, laser rangefinders, ultrasonic sensors, radars, etc.) and determine where the object is and what it is surrounded with. This is necessary for any automated system that is designed to analyze the environment in motion.

In particular, the talk will include the definition of motion trajectory according to the data from the camera. Focus will be made on interesting mathematical questions, algorithmic and machine learning approaches such as image analysis, small elements recognition and isolating important data from data stream.

Bio
Ihor Tanenkov has over 7 years of experience IT, mostly with computer graphics and computer vision. During the last years he has been working with deep learning solutions for a wide variety of tasks, including automotive development, navigation and robotics. He developed several projects for ADAS systems with traffic signs recognition, license plates recognition and lane tracking.

Artificial Intelligence, Theory and Practice
Language: Russian

Musings on matters of Artificial Intelligence, from both practical and theoretical standpoint. Specific areas include AI applications in computer vision and decision making with emphasis on learning approaches and hybrid Neural-Symbolic systems. We'll discuss current research and limitations of the state-of-art AI systems on the market as of today.

Bio
Pavlo Suikov is a software engineer with mathematical background and 10+ years of experience including R&D projects. He has worked in the areas of embedded, automotive, augmented reality, virtualization and, most recently, machine learning.

Industrial Internet of Things. Hardware, Software and Cloud Architecture Challenges
Language: English

Internet of Things (IoT) is still a vague term that refers to the network of physical, identifiable objects connected via the Internet, which can sense and communicate. Industrial IoT is a part of this concept applicable to industrial fields such as oil & gas, electric, water management and other utilities. The main key parts of industrial IoT are sensors, communication infrastructure and cloud where collected data is sent to be aggregated with other data. Industrial applications bring certain limits and requirements to both hardware and software architecture of communication infrastructure and unique cloud challenges.

Bio
Dmitry Moiseev was born in Sverdlovsk, Russia. He studied arts of Informational Security at the Ural States University. Dmitry joined Cambium Networks in March 2014 as a Principal Systems Engineer and Systems Architect. Before Cambium Networks he was working as deputy CTO at Infinet Wireless.

At his current position, he is leading development of innovative wireless equipment for fixed broadband wireless communications and industrial Internet of Things. He also carries out duties of Product Security Officer.

What's Coming in Kernel Shark
Language: English

Tracing data, generated by the Linux kernel can be an extremely valuable source of information, when trying to understand exactly what is happening in your system. KernelShark is a front-end reader for Ftrace, the official tracer of the Linux kernel, which provides a set of tools for visualization and analysis.

The original KernelShark was written in Gtk+-2.0 and was released in 2010. Currently, we are working on a new improved version, based on Qt. The new KernelShark is optimized for efficient processing of significantly larger amounts of trace data and will come with reinforced analysis toolkit.

This work will be presented in the context of our long-term goal to develop instrumentation for studying the behavior of multiple Linux VMs, concurrently running and sharing resources on the same physical host.

Bio
Yordan Karadzhov's professional experience includes six years as senior researcher at University of Geneva. During this period Yordan worked in some of the world's largest physics laboratories, like CERN, FermiLab and RAL, developing software for particle physics experiments. He has recently joined VMware Open source team to work on development of instruments for visualization and analysis of Linux kernel tracing data.

Mechanisms of Meltdown and Spectre Mitigations
Language: Russian

The talk will describe the approaches to Meltdown and Spectre mitigations implemented in FreeBSD. Kostiantyn will explain how Kernel Page Table Isolation is organized on amd64, how it affects performance of kernel entry and which CPU features are used to reduce the performance cost. Also, he will describe Intel hardware features to mitigate Spectre, what a
microcode update is and how it all was messed up.

Bio
Kostiantyn Belousov is a FreeBSD developer, who has src commit bit for 10 years. His areas of interest include kernel and userspace. He has worked on many features and fixed a lot of bugs.

Containers on Microsoft Azure: From Infrastructure to Applications
Language: English

With one in three VMs in Azure running Linux today, Microsoft is deeply committed to helping the enterprise accelerate their digital transformation with Linux and open source in Azure.
Containers are redefining the way we build and operate reliable systems in this cloud world. This demo packed session will cover how Infrastructure as a Service, container orchestration, Platform as a Service and Container as a Service are layered in order to provide users at all levels of the stack new capabilities of agility and reliability.

Bio
Matjaž Perpar is a Cloud Solution Architect at Microsoft focused on helping customers build solutions with public cloud platforms. He is specialized in cloud computing and experienced in leading deep technical architecture discussions. Previous experience include designing and implementing large-scale deployment of software systems and solutions globally. Matjaž enjoys presenting and delivering both technical and business workshops. He is frequent speaker at regional and world-wide conferences.

Building Secure and Trusted Systems
Language: English

Building the next generation of competitive embedded solutions means, first of all, building secure and trusted systems. Living in a world of smart things around us (mobile devices, wearables, medical equipment, vehicles, and more) and knowing that you can't trust them at all is the worst nightmare we are actively moving to.

Hacking mobile devices, wearables and stealing personal data, money. Hacking smart homes and turning them into 24/7 surveillance systems. Terrorists and individual attacks using hacked vehicles, drones. Sophisticated attacks via medical equipment hacking. It's all real and it's already happening today.

Building secure and trusted systems is not an easy task: getting something you can trust is hard, keeping that trust is harder, making system secure is close to impossible. But as stopping the progress is not the choice, it is the duty of all of us to make sure that each element of this progress, each technology and each system will be secure and trusted.

In this talk we are going to cover vital technologies, solutions, components and their role in building secure and trusted systems (SoCs, secure boot, trusted boot, TrustZone, secure elements, Trusted Execution Environments, hypervisors, wireless protocols, firmware updates, etc.) Most common usage scenarios and most common insecurities will be reviewed. Detailed analysis of several real cases with the illustration of complexities and reasons of failure. Lessons to learn. Recommendations.

Bio
Oleg Yeskov has over 15 years of professional experience in information security. While studying in a university, Oleg started working as a security specialist for several financial organizations. After graduating, he spent significant time caring about security in one of the biggest banks in Ukraine. Oleg then switched to work remotely on contracts with U.S. and European companies. For 5 years, he worked as a security contractor for Samsung Electronics and Samsung SDS. At the moment, Oleg is busy helping to establish security services business direction for a well-known U.S. company. Also, as a founder, he is in the process of establishing a security startup where he is going to play the role of CEO. The security startup will bring new advanced security tools to the market, while performing R&D, discovering and exploiting new attack vectors, 0-days, etc.

Kubernetes Workshop. Infrastructure as Code (IaC) in Microsoft Azure Workshop
Language: Russian

Kubernetes Workshop

During the workshop attendees are going learn basic concepts of containers - Docker, container orchestrator — Kubernetes and Azure. By the scenario attendees are going to practice deploying multiplayer Minecraft server in Kubernetes cluster.
We are going to start with the basic concept Docker containers by launching server on the local.

Than we are going to explore different ways of running container in the Cloud. First we start with single container deployment than learn how and why to deploy containers orchestration services. Using Kubernetes we are going to learn how make stateless and stateful deployments, manage ingress connections, run load balancers, update versions and finally enable automatic horizontal scaling.

During the workshop we are going to use Microsoft Azure Cloud and learn how to use many useful services such as: Container Instances, Container Services, Storage, Functions, App Service and others.

Workshop duration: 3 hours Requirements:
Every attendee should bring their own PC running Windows, Mac or Linux. Following software should be preinstalled and configured:
● Docker: https://www.docker.com/community-edition
● Visual Studio Code: https://code.visualstudio.com
● Azure CLI: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli
● Any modern browser

Skills
● Basic skills in managing applications from the shell (like bash)
● Understanding networking concepts (TCP/IP , ports)
● General understanding of Linux OS principals

Infrastructure as Code (IaC) in Microsoft Azure Workshop

Infrastructure as Code (IaC), one of the DevOps practices, assumes a declarative description of the infrastructure resources required to deploy and test the build / project. Accordingly, there should be a mechanism for automating the processing of such declarative files and allocating / modifying the necessary resources. In Microsoft Azure public cloud Azure Resource Manager (ARM) serves as the mechanism, and so-called ARM templates perform the role of declarative files.
During the workshop you will learn ARM templates structure and explore how to describe desired infrastructure using ARM templates and how to deploy the infrastructure based on that templates in Microsoft Azure.

Requirements:
Every attendee should bring own PC running Windows, Mac or Linux. Following software should be preinstalled and configured:
● Visual Studio Code: https://code.visualstudio.com
● Azure CLI: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli
● Any modern browser

Skills
● Basic skills in managing applications from the shell (like bash)
● Understanding networking concepts (TCP/IP , ports)
● General understanding of Linux OS principals

Bio
Victor Tsykunov holds a position of Principal Software Engineering Lead (Commercial Software Engineering) at Microsoft Corporation and is a Microsoft cloud technologies expert. He has more than 15 years of experience in IT systems management and software development. During the last 13 years Viktor has been working at Microsoft on different roles in product marketing, technical evangelism and software engineering.

Kubernetes Workshop. Infrastructure as Code (IaC) in Microsoft Azure Workshop
Language: Russian

Kubernetes Workshop

During the workshop attendees are going learn basic concepts of containers - Docker, container orchestrator — Kubernetes and Azure. By the scenario attendees are going to practice deploying multiplayer Minecraft server in Kubernetes cluster.
We are going to start with the basic concept Docker containers by launching server on the local.

Than we are going to explore different ways of running container in the Cloud. First we start with single container deployment than learn how and why to deploy containers orchestration services. Using Kubernetes we are going to learn how make stateless and stateful deployments, manage ingress connections, run load balancers, update versions and finally enable automatic horizontal scaling.

During the workshop we are going to use Microsoft Azure Cloud and learn how to use many useful services such as: Container Instances, Container Services, Storage, Functions, App Service and others.

Workshop duration: 3 hours Requirements:
Every attendee should bring their own PC running Windows, Mac or Linux. Following software should be preinstalled and configured:
● Docker: https://www.docker.com/community-edition
● Visual Studio Code: https://code.visualstudio.com
● Azure CLI: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli
● Any modern browser

Skills
● Basic skills in managing applications from the shell (like bash)
● Understanding networking concepts (TCP/IP , ports)
● General understanding of Linux OS principals

Infrastructure as Code (IaC) in Microsoft Azure Workshop

Infrastructure as Code (IaC), one of the DevOps practices, assumes a declarative description of the infrastructure resources required to deploy and test the build / project. Accordingly, there should be a mechanism for automating the processing of such declarative files and allocating / modifying the necessary resources. In Microsoft Azure public cloud Azure Resource Manager (ARM) serves as the mechanism, and so-called ARM templates perform the role of declarative files.
During the workshop you will learn ARM templates structure and explore how to describe desired infrastructure using ARM templates and how to deploy the infrastructure based on that templates in Microsoft Azure.

Requirements:
Every attendee should bring own PC running Windows, Mac or Linux. Following software should be preinstalled and configured:
● Visual Studio Code: https://code.visualstudio.com
● Azure CLI: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli
● Any modern browser

Skills
● Basic skills in managing applications from the shell (like bash)
● Understanding networking concepts (TCP/IP , ports)
● General understanding of Linux OS principals

Bio
Yana Valieva is a Software Engineer in Commercial Software Engineering team, Microsoft, CEE. Yana's main focus is Machine Learning and Data Analysis. Before joining Microsoft she worked on commercial AI-based solutions. Yana participated in Microsoft Research Summer School on IoT in 2016 and after that she became interested in IoT-related projects.

Kubernetes Workshop. Infrastructure as Code (IaC) in Microsoft Azure Workshop
Language: Russian

Kubernetes Workshop

During the workshop attendees are going learn basic concepts of containers - Docker, container orchestrator — Kubernetes and Azure. By the scenario attendees are going to practice deploying multiplayer Minecraft server in Kubernetes cluster.
We are going to start with the basic concept Docker containers by launching server on the local.

Than we are going to explore different ways of running container in the Cloud. First we start with single container deployment than learn how and why to deploy containers orchestration services. Using Kubernetes we are going to learn how make stateless and stateful deployments, manage ingress connections, run load balancers, update versions and finally enable automatic horizontal scaling.

During the workshop we are going to use Microsoft Azure Cloud and learn how to use many useful services such as: Container Instances, Container Services, Storage, Functions, App Service and others.

Workshop duration: 3 hours Requirements:
Every attendee should bring their own PC running Windows, Mac or Linux. Following software should be preinstalled and configured:
● Docker: https://www.docker.com/community-edition
● Visual Studio Code: https://code.visualstudio.com
● Azure CLI: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli
● Any modern browser

Skills
● Basic skills in managing applications from the shell (like bash)
● Understanding networking concepts (TCP/IP , ports)
● General understanding of Linux OS principals

Infrastructure as Code (IaC) in Microsoft Azure Workshop

Infrastructure as Code (IaC), one of the DevOps practices, assumes a declarative description of the infrastructure resources required to deploy and test the build / project. Accordingly, there should be a mechanism for automating the processing of such declarative files and allocating / modifying the necessary resources. In Microsoft Azure public cloud Azure Resource Manager (ARM) serves as the mechanism, and so-called ARM templates perform the role of declarative files.
During the workshop you will learn ARM templates structure and explore how to describe desired infrastructure using ARM templates and how to deploy the infrastructure based on that templates in Microsoft Azure.

Requirements:
Every attendee should bring own PC running Windows, Mac or Linux. Following software should be preinstalled and configured:
● Visual Studio Code: https://code.visualstudio.com
● Azure CLI: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli
● Any modern browser

Skills
● Basic skills in managing applications from the shell (like bash)
● Understanding networking concepts (TCP/IP , ports)
● General understanding of Linux OS principals

Bio
Margaryta Ostapchuk is a technical evangelist at Microsoft Canada, Commercial Software Engineering team. Her role involves working with customers, partners and developers to find solutions to their most challenging issues. Margaryta’s technical focus areas include emerging technologies such as: Azure Data Platform, Containers, Cognitive Services, integrated bot development and Artificial Intelligence. She has worked with worldwide corporations and numerous startups helping them design and build intelligent ways of engaging with their customers.