Everything Open 2024 Quick Notes :: Day 1

Everything Open 2024 Quick Notes :: Day 1

April 16, 2024
Talks, EverythingOpen, rxlog

sched_ext - Write your own Linux thread scheduler in BPF #

  • BPF made creating new scheduler simpler

    • with strong safety guarantee to not break the system, the side effects of bad scheduler are confined.
    • run a binary to enable your scheduler, stop the binary to revert to default
  • Scheduling problem is now more complicated due to increasing complexity of workload/CPU design

  • BPF provides reliable access to critical data structures inside the kernel

Exploring mobile linux security with PinePhone Pro: OP-TEE sec enclave, Virtualization and beyond #

  • This is my talk ;)
  • See the readings page for slides/demos and more.

Presenting n3n - A simple Peer to Peer VPN #

  • Forked from n2n to avoid CLA

    • Protocol level compatibility with n2n is maintained
  • Peer-to-peer VPN at network layer, acting like a distributed virtual switch

    • Layer 2 over Layer 3
    • Only route packets through a server/supernode when required, p2p by default
    • Better latency due to being p2p
  • NAT piecing

  • Written in C, should have good cross-platform supports (more testing wanted on *BSD)

    • Relatively small codebase for a VPN
  • TunTap interface support is expected from the OS side, shouldn’t be a problem for common Unix-likes

    • Modern macOS is dropping support for TunTap, need to use NetworkExtension?
  • Packaging and distro submission are still WIP

    • Framework for a debian package exists but not in an upstreamable shape
    • OpenBSD?
  • Future roadmap

    • n3n over IPv6
    • Code cleanup
    • Multiple network driver support (e.g. something other than TunTap)
    • Better NAR piecing
    • Mobile support?
  • Useful for

    • LAN gaming with old/modern systems
    • Remote access
  • Simpler than wireguard/openvpn but offers OK security (not for security-critical apps?)

  • Easier to configure, use INI style config files

Running your own Mailserver #

  • 90% of all incoming mails are low-effort spams.
  • Setup DMARC/SPF records

Lions OS #

  • seL4 is bad at usability, Lions OS intends to solve this

  • Still in early stage of development

  • Composable components for build custom OS for a single task

    • Runs on seL4 Microkernel
    • For things like IoT, embedded, cars etc…
  • Focus on simplicity

  • 0.1.0 just released, still in its early stage

  • high performance

  • Only for Arm64/aarch64 now, riscv64 in future?

  • Device Driver Model

  • Multi Language Support

  • A reference system called Kitty exists

    • A Linux running inside VMM is used for framebuffer, but any OS should do