CE Linux Forum in Ottawa Linux Symposium 2006 - PowerPoint PPT Presentation

About This Presentation
Title:

CE Linux Forum in Ottawa Linux Symposium 2006

Description:

CE Linux Forum in Ottawa Linux Symposium 2006 S. Ueda From July 19th to 22nd At Ottawa Congress Center Yamanote-line and Cyuo-line 3 Activities http://tree ... – PowerPoint PPT presentation

Number of Views:72
Avg rating:3.0/5.0
Slides: 15
Provided by: Sator1
Learn more at: https://www.elinux.org
Category:

less

Transcript and Presenter's Notes

Title: CE Linux Forum in Ottawa Linux Symposium 2006


1
CE Linux Forum in Ottawa Linux Symposium 2006
  • S. Ueda

From July 19th to 22nd At Ottawa Congress Center
2
Yamanote-line and Cyuo-line
Desktop use
Enterprise System
Embedded System Design
Linux Mainline Community
Everybody get together here to contribute Linux
enhancement
Shinjyuku
Hachioji
2.6.17
European developers
Asian developers
Generic Implementation
3
3 Activities
  • http//tree.celinuxforum.org/CelfPubWiki/
  • Embedded Linux BOF
  • Official session of OLS
  • Project Bof
  • A private BoF by CELF
  • Technical Showcase
  • In the lobby of the OLS venue

4
Embedded Linux BOF
  • Wiki Title OttawaLinuxSymposium2006
  • http//tree.celinuxforum.org/CelfPubWiki/OttawaLin
    uxSymposium2006

Tim Bird, Architecture Group Chair
5
CELF Project BOF
  • Wiki Title OttawaLinuxSymposium2006
  • http//tree.celinuxforum.org/CelfPubWiki/OttawaLin
    uxSymposium2006

About 80 developers joined and were squeezed into
the small room, (sorry).
6
Technology Showcase
  • Wiki Title OLS2006Demos
  • http//tree.celinuxforum.org/CelfPubWiki/OLS2006De
    mos

Last Year Great deal of Oh Cool! This Year No
one said Oh Cool! Hey show me your
code! Lets get together in Next Year?
Andrew Morton
7
In General
  • OLS 2005
  • Embedded system people was GUEST
  • Many developers said what a cool!
  • OLS 2006
  • Embedded system people was PARTNER
  • No one said cool! but many intensive technical
    discussions
  • Many people supported the embedded
  • OLS 2007
  • We should become the community member

8
Improving startup time using Software Suspend
  • Startup time
  • swsusp support for ARM implemented
  • Co-operation of linux and boot loader
  • Copying of snapshot image is donein boot loader
    side, and jumps to kernel-resume-point

KERNEL LAND
restore regs
resume dev
continue process
Issues met in snapshot boot
BOOT LOADER
setup dev
init board
copy image
  • device initialization and setups
  • snapshot data structure

ON
  • OMAP 5912 Starter Kithttp//tree.celinuxforum.org
    /CelfPubWiki/OSK

http//tree.celinuxforum.org/ CelfPubWiki/SuspendT
oDiskForARM
9
Mobile Phone Powered by Linux
Masashige Mizuyama / Panasonic Mobile
Communications
Mobile Phone built on top Linux and X Featuring
Digital TV
Allocate on Write Defer RAM page allocation for
.data until process writes to the page (Normal
Linux allocates the page on ether read or
write) Implementation No change in kernel
code. Small change to the runtime dynamic
linker 1. Drop PROT_WRITE bit when mmaping ELF
data segment By this, the kernel
(CRAMFS) maps the segment to ROM page just as
XIP text segment. 2. Then, set PROT_WRITE by
mprotect() By this, copy-on-write is enable to
the mapped segment memory. Page is copied to RAM
when write occurs. Until then read is routed to
ROM.
X Server
Apps Phone, Digital TV, Java,
Toolkit (Gtk etc.)
Linux MontaVista CEE3.1 (2.4.20based)
  • Key technologies to make it work on Linux
  • 1.Reduction of memory footprint
  • Allocate on Write (our original improvements)
  • XIP (eXcute In Place), ARM Thumb code
  • 2. Prelink to improve key response/boot time
  • 3. Avoiding priority inversion for RT Apps by
    eliminating inter-threads race conditin ( heap,
    file, mutex )

Some patches including Allocate on Write and
thumb tool chain are available on CELF public
Wiki pages.
Panasonic UniPhier (ARM11 core included)
10
Mobile Phone Based on CE Linux
NEC Corporation
  • N900iL
    (WCDMA/Wireless LAN Dual-Mode)
  • Wireless LAN Browser
  • N902iS
    (WCDMA with PoC)
  • Improvement in performance of real time
    operations
  • Reduction of application boot times
  • 1. Function
  • NECs Linux technology has built the following
    mobile-phone
  • functionality using OSS modules (SIP, RTP, RTCP,
    etc.).
  • This has been achieved against a background of
    actively
  • seeking external alliances with other developers.
  • Wireless LAN Access
  • PoC (Push-To-Talk over Cellular)
  • Telephony API specification has been proposed to
    MPPWG.
  • 2. Performance
  • Approaching RTOS-based phone levels of
    performance.
  • Minimized start up time
  • Reduction of application boot times

11
Linux Kernel CPU Resource Reservation
Waseda Univ., Hitachi
Linux assigns higher priority to a real-time
process than a Time-Sharing process so that no
other processes could run if some real-time
process would not release the CPU resource. In
order to realize comfortable GUI in embedded
systems like DTV which consists of real-time
processes, interactive processes and background
processes, we need to assign the CPU resource to
a particular process which takes care of GUI. We
implement CPU Resource Reservation Feature which
specifies Upper Limit as well as Lower Limit of
CPU usage for a process so that we could get
response in acceptable time from a particular
process.
Block of RT RT processes are limited in maximum
execution time in a defined period Priority Boost
Idea Time-Sharing processes are boosted
temporarily to RT processes, and minimum
execution time is guaranteed
ltText or Figuregt
High Priority
RT Time-Sharing Time-Sharing Boost Time-Sharing
RealTime Process
Time-Sharing Process
Low Priority
Boost Period
High Priority
Period
RealTime Process
RT Block
NormalBoost
Time-Sharing Process
Low Priority
Limitation of execution time
Guaranteed Lower Limit Time
Demonstration
Renesas RTS7751R2D
The patch will be available in the CELF patch
archive.
RealView Versatile ARM926EJ-S
12
Mandatory Access Control Comparison for Embedded
Linux
Seiji Munetoh / IBM Japan
A test bed for various kernel security
enhancement. We use kexec to switch them
without Flash update. You can tune up the
policy at anytime and anyplace!
Now the embedded system are faced on the same
threat which worried about by desktop and server
system, and MAC policy enforcement is one of the
strong security feature supported by Linux
Kernel. However, the resource consumption and the
performance impact is serious here. and developer
have to create the whole AC policy by him/herself
from zero. Linux Zaurus might be a good test bed
to investigate which enhancement satisfy the
security requirements. It will be able to support
wide range of devices, from simple controller
to rich PDA with GUI. The system developer can
test the sizing, performance impact, ease of use
and MAC policy description. In addition, we
should use a Secure Boot or Trusted Computing to
protect the kernel itself. The detail comparison
report is available from CELF site http//tree.cel
inuxforum.org/CelfPubWiki/MandatoryAccessControlC
omparison
Performance Comparison Policy Tuning
POR
Normal
LIDSPolicy Learning
TOMOYOPolicy Learning
RSBACPolicy Learning
Product
Ready?
MAC PolicyEnforced
Sharp Linux Zaurus SL-C860/760CPU XScale
(PXA255 400MHz) Memory 128MB(Flash), 64MB(RAM)
Many security enhancements are developed on the
x86 platform but they also work for other
architectures with some fixes.
13
Secure Boot Loader
Stephen Johnson, Security Working Group
Secure booting using signed kernel images
Uboot was extended to verify images using an RSA
signature. puts (" Verifying Signature ...
") if (verify_signature(hdr-gtih_sign,
data, len) 0) puts ("Invalid
image signature\n") SHOW_BOOT_PROGRESS(-3) ret
urn 1 puts ("OK\n") During boot the
meta-data is stripped from the image and the
signature field is decrypted using the public key
giving digest-1. Digest-2 is calculated
directly from the image. These two digests are
compared equality means the image is undamaged.
Kernel image signing
Kernel image
Kernel image
Digest/hash
Signature
SHA1
private key encryption
Signature
Kernel image verification
Kernel image
Kernel image
Digest/hash
SHA1
compare
Digest/hash
Signature
Signature
public key decryption
Will be released when completed.
OMAP5912 OSK development system
14
HTTP-FUSE KNOPPIX Box
AIST National Institute of Advanced Industrial
Science and Technology
Ext2Optimizer relocates data blocks to pack them
into fewer bock files of HTTP-FUSE CLOOP.
HTTP-FUSE KNOPPIX Box is a server for PXE Boot
and HTTP Proxy. It relay block files for virtual
block device HTTP-FUSE CLOOP.
Original
Ext2Optimzer
http//unit.aist.go.jp/itri/knoppix/http-fuse/inde
x-en.html
HTTP-FUSE KNOPPIX Box is based on L-Box (SH-4,
64MB Memory)
Write a Comment
User Comments (0)
About PowerShow.com