SlideShare uma empresa Scribd logo

LCA14: LCA14-503: Android Upstreaming: Status, Netfilter & open discussion

Linaro
Linaro

Resource: LCA14 Name: LCA14-503: Android Upstreaming: Status, Netfilter & open discussion Date: 07-03-2014 Speaker: John Stultz & Mathieu Poirier Video: https://www.youtube.com/watch?v=PyHdw-VReFM Website: http://www.linaro.org/ Linaro Connect: http://connect.linaro.org/ Slide: https://www.slideshare.net/linaroorg/lca14-503-androidupstreamingstatusnetfilteropendiscussion

Tecnologia
1 de 24
Baixar para ler offline
John Stultz & Mathieu Poirier, LCA14-503, Macau Android Upstreaming: Netfilter, Status & Discussion
Overview • Mathieu will cover his recent Netfilter work • General status on Android Upstreaming • Open discussion
Android Netfilter Changes Mathieu Poirier
Netfilter requirements for Android • Capture traffic per application and service • Distinguish between data streams (downloads, video, chat, …) • Support the notion of quotas. • Allow 3rd party applications to track and collect their own data.
Current solution: 3 netfilter modules: • xt_qtaguid (quota, tag, uid) • xt_quota2 • xt_idletimer
xt_qtaguid • Quota, socket tagging, UID tracking • Tracks all ingress/egress packets • Tracks all interface statistics • Let applications tag and delegate their own sockets • Count SKB against looked-up TAG+UID • Replaces “drivers/misc/uid_stats.c”
xt_quota2 and xt_IDLETIMER xt_quota2 • Imported from xtables-addons • Add quotas to iptable rules • Send uevent on quota hit xt_IDLETIMER • Help ConnectivityService deal with quiet interfaces • Keeps track of interfaces coming online. • (I need to read more on this)
Why it can’t go upstream? • xt_qtaguid does a lot of things that should be better handled in userspace. • xt_quota2 duplicates functionality already in place in the nfaccounting framework. • xt_IDLETIMER may no longer be needed - need to review when the above two are dealt with.
Suggested proposal • Use NFQUEUE to replace xt_qtaguid (JPA at Google) • Initial concerns about efficiency but Eric Dumazet assured it wouldn’t be a problem at Linux Plumbers in New Orleans last year. • Extend xt_nfacct with quota capabilities to replace xt_quota2 (Linaro)
Work done at Linaro • Enhance xt_nfacct.c with quota capabilities • Enhance iptables with the capability to define packet/byte quotas for “-m nfacct” • Port userspace tool “nfacct” from “libnfnl” to “libnl2.0”. • Add a broadcast group to inform userspace of quota attainment.
Where is the code? xt_nfacct enhancements: http://marc.info/?l=netfilter-devel&m=139084250124821&w=2 iptables additions: https://git.linaro.org/people/mathieu.poirier/iptables.git Port of nfacct application to libnl2.0: http://android.git.linaro.org/gitweb?p=platform/external/nfacct.git;a=summary (linaro)
Current Status (Linaro) • Port of nfacct to libnl2.0 is done and pushed to AOSP. • Iptables changes are considered done - may need minor tweaks based on pending upstream merge of xt_nfacct changes. • xt_nfacct is currently considered for review by the upstream community. • Found a problem with nfnetlink accounting - fixing the issue may introduce a delay. • Hopefully accepted in 3.15, 3.16 a more likely target. • JP’s investigation has been stalled by internal project - we may have to pick up the work but reluctant based on heavy coupling with Android userspace.
• JP’s investigation on nfqueue has been stalled by internal projects (android64). • The new full libnl2.0 doesn’t work with wpa_supplicant - something they need to look into. • Delays in getting xt_nfacct changes accepted doesn’t matter because of this issue. • Integration of nfacct with BandwithController not started. • Getting libnl2.0 working is top priority because is solves other issues with the current libnl. Current Status (Google)
Android Upstreaming Status John Stultz
Recent accomplishments 3.12: key reset upstreaming completed powersupply wakeup_source enablement merged binder type cleanups for 64bits 3.13: MMC power management improvements merged RTC wakeup_source enablement merged 3.14: ION cleaned up and merged in staging AOSP: binder 64bit abi rework
Community accomplishments 3.14: Functionfs support for configfs ongoing: dma-buf sync And of course more...
Linaro.Android branch maintenance Maintain the AOSP tree forward ported against Linus’ HEAD + a few extra fixes. linaro.android-3.12-merge linaro.android-3.13-merge linaro.android-3.14-merge Maintain linaro-specific fixes for LSK linaro.android-3.10-lsk
Current delta (3.14-rc1) 3.14-rc1 vs linaro.android-3.14-merge: b/net/netfilter/xt_qtaguid.c | 3021 ++++++++++++++++++++++++ b/drivers/usb/gadget/android.c | 1566 ++++++++++++ b/arch/arm/common/fiq_debugger.c | 1376 ++++++++++ b/drivers/cpufreq/cpufreq_interactive.c | 1343 ++++++++++ b/drivers/usb/gadget/f_mtp.c | 1285 ++++++++++ b/drivers/usb/gadget/f_accessory.c | 1180 +++++++++ b/drivers/video/adf/adf.c | 1166 +++++++++ b/drivers/video/adf/adf_fops.c | 957 +++++++ b/drivers/staging/android/binder.c | 867 +++++- b/drivers/usb/gadget/f_audio_source.c | 828 ++++++ b/drivers/video/adf/adf_client.c | 810 ++++++ b/arch/arm/kernel/etm.c | 678 ++++- b/drivers/video/adf/adf_fbdev.c | 651 +++++ b/net/netfilter/xt_qtaguid_print.c | 566 ++++ ... 292 files changed, 30024 insertions(+), 1234 deletions(-) 3.10-stable vs android-3.10: 354 files changed, 35472 insertions(+), 1422 deletions(-) 3.4-stable vs android-3.4: 1265 files changed, 148684 insertions(+), 5934 deletions(-)
Current delta (3.14-rc1) 3.14-rc1 vs linaro.android-3.14-merge: b/net/netfilter/xt_qtaguid.c | 3021 ++++++++++++++++++++++++ b/drivers/usb/gadget/android.c | 1566 ++++++++++++ b/arch/arm/common/fiq_debugger.c | 1376 ++++++++++ b/drivers/cpufreq/cpufreq_interactive.c | 1343 ++++++++++ b/drivers/usb/gadget/f_mtp.c | 1285 ++++++++++ b/drivers/usb/gadget/f_accessory.c | 1180 +++++++++ b/drivers/video/adf/adf.c | 1166 +++++++++ b/drivers/video/adf/adf_fops.c | 957 +++++++ b/drivers/staging/android/binder.c | 867 +++++- b/drivers/usb/gadget/f_audio_source.c | 828 ++++++ b/drivers/video/adf/adf_client.c | 810 ++++++ b/arch/arm/kernel/etm.c | 678 ++++- b/drivers/video/adf/adf_fbdev.c | 651 +++++ b/net/netfilter/xt_qtaguid_print.c | 566 ++++ ... 292 files changed, 30024 insertions(+), 1234 deletions(-) 3.10-stable vs android-3.10: 354 files changed, 35472 insertions(+), 1422 deletions(-) 3.4-stable vs android-3.4: 1265 files changed, 148684 insertions(+), 5934 deletions(-)
Next areas of focus • ETM/ETB • Android Gadget -> ConfigFS Gadget • FIQ_Debugger • ADF
Continuing work • Netfilter • ION / dmabuf allocation helpers • Volatile Ranges • Get ashmem out of staging • Influence KDBUS development • Unlikely to be a binder replacement as hoped • Try to find areas where code can be shared • Fair amount of memfd/ashmem overlap • Continue to help with the Juice project • Aiding with helping Android userland take advantage of upstreamed solutions • mempressure notifiers • sysrq-keyreset • etc
Thank yous! • Takahiro Akashi • Serban Constantinescu • Ulf Hansson • Zoran Markovic • Mathieu Poirier • Jakub Pavelek
Open Discussion • Netfilter related questions? • What are specific kernel related pain-points for Android device development? • Is anyone looking at ADF for their devices yet? • Any adjustments in focus we need? • Extra resources?
More about Linaro Connect: http://connect.linaro.org More about Linaro: http://www.linaro.org/about/ More about Linaro engineering: http://www.linaro.org/engineering/ Linaro members: www.linaro.org/members

Recomendados

LCU13: Android upstreaming - status and future
LCU13: Android upstreaming - status and futureLCU13: Android upstreaming - status and future
LCU13: Android upstreaming - status and future
Linaro
 
Deep Learning Neural Network Acceleration at the Edge - Andrea Gallo
Deep Learning Neural Network Acceleration at the Edge - Andrea GalloDeep Learning Neural Network Acceleration at the Edge - Andrea Gallo
Deep Learning Neural Network Acceleration at the Edge - Andrea Gallo
Linaro
 
Arm Architecture HPC Workshop Santa Clara 2018 - Kanta Vekaria
Arm Architecture HPC Workshop Santa Clara 2018 - Kanta VekariaArm Architecture HPC Workshop Santa Clara 2018 - Kanta Vekaria
Arm Architecture HPC Workshop Santa Clara 2018 - Kanta Vekaria
Linaro
 
Huawei’s requirements for the ARM based HPC solution readiness - Joshua Mora
Huawei’s requirements for the ARM based HPC solution readiness - Joshua MoraHuawei’s requirements for the ARM based HPC solution readiness - Joshua Mora
Huawei’s requirements for the ARM based HPC solution readiness - Joshua Mora
Linaro
 
Bud17 113: distribution ci using qemu and open qa
Bud17 113: distribution ci using qemu and open qaBud17 113: distribution ci using qemu and open qa
Bud17 113: distribution ci using qemu and open qa
Linaro
 
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018
Linaro
 
HPC network stack on ARM - Linaro HPC Workshop 2018
HPC network stack on ARM - Linaro HPC Workshop 2018HPC network stack on ARM - Linaro HPC Workshop 2018
HPC network stack on ARM - Linaro HPC Workshop 2018
Linaro
 
It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...
It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...
It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...
Linaro
 

Recomendados

LCU13: Android upstreaming - status and future
LCU13: Android upstreaming - status and futureLCU13: Android upstreaming - status and future
LCU13: Android upstreaming - status and future
Linaro
 
Deep Learning Neural Network Acceleration at the Edge - Andrea Gallo
Deep Learning Neural Network Acceleration at the Edge - Andrea GalloDeep Learning Neural Network Acceleration at the Edge - Andrea Gallo
Deep Learning Neural Network Acceleration at the Edge - Andrea Gallo
Linaro
 
Arm Architecture HPC Workshop Santa Clara 2018 - Kanta Vekaria
Arm Architecture HPC Workshop Santa Clara 2018 - Kanta VekariaArm Architecture HPC Workshop Santa Clara 2018 - Kanta Vekaria
Arm Architecture HPC Workshop Santa Clara 2018 - Kanta Vekaria
Linaro
 
Huawei’s requirements for the ARM based HPC solution readiness - Joshua Mora
Huawei’s requirements for the ARM based HPC solution readiness - Joshua MoraHuawei’s requirements for the ARM based HPC solution readiness - Joshua Mora
Huawei’s requirements for the ARM based HPC solution readiness - Joshua Mora
Linaro
 
Bud17 113: distribution ci using qemu and open qa
Bud17 113: distribution ci using qemu and open qaBud17 113: distribution ci using qemu and open qa
Bud17 113: distribution ci using qemu and open qa
Linaro
 
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018
OpenHPC Automation with Ansible - Renato Golin - Linaro Arm HPC Workshop 2018
Linaro
 
HPC network stack on ARM - Linaro HPC Workshop 2018
HPC network stack on ARM - Linaro HPC Workshop 2018HPC network stack on ARM - Linaro HPC Workshop 2018
HPC network stack on ARM - Linaro HPC Workshop 2018
Linaro
 
It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...
It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...
It just keeps getting better - SUSE enablement for Arm - Linaro HPC Workshop ...
Linaro
 
Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...
Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...
Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...
Linaro
 
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...
Linaro
 
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...
Linaro
 
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainlineHKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
Linaro
 
HKG18-100K1 - George Grey: Opening Keynote
HKG18-100K1 - George Grey: Opening KeynoteHKG18-100K1 - George Grey: Opening Keynote
HKG18-100K1 - George Grey: Opening Keynote
Linaro
 
HKG18-318 - OpenAMP Workshop
HKG18-318 - OpenAMP WorkshopHKG18-318 - OpenAMP Workshop
HKG18-318 - OpenAMP Workshop
Linaro
 
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainlineHKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
Linaro
 
HKG18-315 - Why the ecosystem is a wonderful thing, warts and all
HKG18-315 - Why the ecosystem is a wonderful thing, warts and allHKG18-315 - Why the ecosystem is a wonderful thing, warts and all
HKG18-315 - Why the ecosystem is a wonderful thing, warts and all
Linaro
 
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
HKG18- 115 - Partitioning ARM Systems with the Jailhouse HypervisorHKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
Linaro
 
HKG18-TR08 - Upstreaming SVE in QEMU
HKG18-TR08 - Upstreaming SVE in QEMUHKG18-TR08 - Upstreaming SVE in QEMU
HKG18-TR08 - Upstreaming SVE in QEMU
Linaro
 
HKG18-113- Secure Data Path work with i.MX8M
HKG18-113- Secure Data Path work with i.MX8MHKG18-113- Secure Data Path work with i.MX8M
HKG18-113- Secure Data Path work with i.MX8M
Linaro
 
HKG18-120 - Devicetree Schema Documentation and Validation
HKG18-120 - Devicetree Schema Documentation and Validation HKG18-120 - Devicetree Schema Documentation and Validation
HKG18-120 - Devicetree Schema Documentation and Validation
Linaro
 
HKG18-223 - Trusted FirmwareM: Trusted boot
HKG18-223 - Trusted FirmwareM: Trusted bootHKG18-223 - Trusted FirmwareM: Trusted boot
HKG18-223 - Trusted FirmwareM: Trusted boot
Linaro
 
HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D...
HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D...HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D...
HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D...
Linaro
 
HKG18-317 - Arm Server Ready Program
HKG18-317 - Arm Server Ready ProgramHKG18-317 - Arm Server Ready Program
HKG18-317 - Arm Server Ready Program
Linaro
 
HKG18-312 - CMSIS-NN
HKG18-312 - CMSIS-NNHKG18-312 - CMSIS-NN
HKG18-312 - CMSIS-NN
Linaro
 
HKG18-301 - Dramatically Accelerate 96Board Software via an FPGA with Integra...
HKG18-301 - Dramatically Accelerate 96Board Software via an FPGA with Integra...HKG18-301 - Dramatically Accelerate 96Board Software via an FPGA with Integra...
HKG18-301 - Dramatically Accelerate 96Board Software via an FPGA with Integra...
Linaro
 
HKG18-300K2 - Keynote: Tomas Evensen - All Programmable SoCs? – Platforms to ...
HKG18-300K2 - Keynote: Tomas Evensen - All Programmable SoCs? – Platforms to ...HKG18-300K2 - Keynote: Tomas Evensen - All Programmable SoCs? – Platforms to ...
HKG18-300K2 - Keynote: Tomas Evensen - All Programmable SoCs? – Platforms to ...
Linaro
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: Introduction
Linaro
 
HKG18-116 - RAS Solutions for Arm64 Servers
HKG18-116 - RAS Solutions for Arm64 ServersHKG18-116 - RAS Solutions for Arm64 Servers
HKG18-116 - RAS Solutions for Arm64 Servers
Linaro
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
apidays
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Remote DBA Services
 

Mais conteúdo relacionado

Mais de Linaro

Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...
Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...
Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...
Linaro
 
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...
Linaro
 
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...
Linaro
 
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainlineHKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
Linaro
 
HKG18-100K1 - George Grey: Opening Keynote
HKG18-100K1 - George Grey: Opening KeynoteHKG18-100K1 - George Grey: Opening Keynote
HKG18-100K1 - George Grey: Opening Keynote
Linaro
 
HKG18-318 - OpenAMP Workshop
HKG18-318 - OpenAMP WorkshopHKG18-318 - OpenAMP Workshop
HKG18-318 - OpenAMP Workshop
Linaro
 
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainlineHKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
Linaro
 
HKG18-315 - Why the ecosystem is a wonderful thing, warts and all
HKG18-315 - Why the ecosystem is a wonderful thing, warts and allHKG18-315 - Why the ecosystem is a wonderful thing, warts and all
HKG18-315 - Why the ecosystem is a wonderful thing, warts and all
Linaro
 
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
HKG18- 115 - Partitioning ARM Systems with the Jailhouse HypervisorHKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
Linaro
 
HKG18-TR08 - Upstreaming SVE in QEMU
HKG18-TR08 - Upstreaming SVE in QEMUHKG18-TR08 - Upstreaming SVE in QEMU
HKG18-TR08 - Upstreaming SVE in QEMU
Linaro
 
HKG18-113- Secure Data Path work with i.MX8M
HKG18-113- Secure Data Path work with i.MX8MHKG18-113- Secure Data Path work with i.MX8M
HKG18-113- Secure Data Path work with i.MX8M
Linaro
 
HKG18-120 - Devicetree Schema Documentation and Validation
HKG18-120 - Devicetree Schema Documentation and Validation HKG18-120 - Devicetree Schema Documentation and Validation
HKG18-120 - Devicetree Schema Documentation and Validation
Linaro
 
HKG18-223 - Trusted FirmwareM: Trusted boot
HKG18-223 - Trusted FirmwareM: Trusted bootHKG18-223 - Trusted FirmwareM: Trusted boot
HKG18-223 - Trusted FirmwareM: Trusted boot
Linaro
 
HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D...
HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D...HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D...
HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D...
Linaro
 
HKG18-317 - Arm Server Ready Program
HKG18-317 - Arm Server Ready ProgramHKG18-317 - Arm Server Ready Program
HKG18-317 - Arm Server Ready Program
Linaro
 
HKG18-312 - CMSIS-NN
HKG18-312 - CMSIS-NNHKG18-312 - CMSIS-NN
HKG18-312 - CMSIS-NN
Linaro
 
HKG18-301 - Dramatically Accelerate 96Board Software via an FPGA with Integra...
HKG18-301 - Dramatically Accelerate 96Board Software via an FPGA with Integra...HKG18-301 - Dramatically Accelerate 96Board Software via an FPGA with Integra...
HKG18-301 - Dramatically Accelerate 96Board Software via an FPGA with Integra...
Linaro
 
HKG18-300K2 - Keynote: Tomas Evensen - All Programmable SoCs? – Platforms to ...
HKG18-300K2 - Keynote: Tomas Evensen - All Programmable SoCs? – Platforms to ...HKG18-300K2 - Keynote: Tomas Evensen - All Programmable SoCs? – Platforms to ...
HKG18-300K2 - Keynote: Tomas Evensen - All Programmable SoCs? – Platforms to ...
Linaro
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: Introduction
Linaro
 
HKG18-116 - RAS Solutions for Arm64 Servers
HKG18-116 - RAS Solutions for Arm64 ServersHKG18-116 - RAS Solutions for Arm64 Servers
HKG18-116 - RAS Solutions for Arm64 Servers
Linaro
 

Mais de Linaro (20)

Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...
Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...
Intelligent Interconnect Architecture to Enable Next Generation HPC - Linaro ...
 
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...
Yutaka Ishikawa - Post-K and Arm HPC Ecosystem - Linaro Arm HPC Workshop Sant...
 
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...
Andrew J Younge - Vanguard Astra - Petascale Arm Platform for U.S. DOE/ASC Su...
 
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainlineHKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
 
HKG18-100K1 - George Grey: Opening Keynote
HKG18-100K1 - George Grey: Opening KeynoteHKG18-100K1 - George Grey: Opening Keynote
HKG18-100K1 - George Grey: Opening Keynote
 
HKG18-318 - OpenAMP Workshop
HKG18-318 - OpenAMP WorkshopHKG18-318 - OpenAMP Workshop
HKG18-318 - OpenAMP Workshop
 
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainlineHKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
HKG18-501 - EAS on Common Kernel 4.14 and getting (much) closer to mainline
 
HKG18-315 - Why the ecosystem is a wonderful thing, warts and all
HKG18-315 - Why the ecosystem is a wonderful thing, warts and allHKG18-315 - Why the ecosystem is a wonderful thing, warts and all
HKG18-315 - Why the ecosystem is a wonderful thing, warts and all
 
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
HKG18- 115 - Partitioning ARM Systems with the Jailhouse HypervisorHKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
HKG18- 115 - Partitioning ARM Systems with the Jailhouse Hypervisor
 
HKG18-TR08 - Upstreaming SVE in QEMU
HKG18-TR08 - Upstreaming SVE in QEMUHKG18-TR08 - Upstreaming SVE in QEMU
HKG18-TR08 - Upstreaming SVE in QEMU
 
HKG18-113- Secure Data Path work with i.MX8M
HKG18-113- Secure Data Path work with i.MX8MHKG18-113- Secure Data Path work with i.MX8M
HKG18-113- Secure Data Path work with i.MX8M
 
HKG18-120 - Devicetree Schema Documentation and Validation
HKG18-120 - Devicetree Schema Documentation and Validation HKG18-120 - Devicetree Schema Documentation and Validation
HKG18-120 - Devicetree Schema Documentation and Validation
 
HKG18-223 - Trusted FirmwareM: Trusted boot
HKG18-223 - Trusted FirmwareM: Trusted bootHKG18-223 - Trusted FirmwareM: Trusted boot
HKG18-223 - Trusted FirmwareM: Trusted boot
 
HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D...
HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D...HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D...
HKG18-500K1 - Keynote: Dileep Bhandarkar - Emerging Computing Trends in the D...
 
HKG18-317 - Arm Server Ready Program
HKG18-317 - Arm Server Ready ProgramHKG18-317 - Arm Server Ready Program
HKG18-317 - Arm Server Ready Program
 
HKG18-312 - CMSIS-NN
HKG18-312 - CMSIS-NNHKG18-312 - CMSIS-NN
HKG18-312 - CMSIS-NN
 
HKG18-301 - Dramatically Accelerate 96Board Software via an FPGA with Integra...
HKG18-301 - Dramatically Accelerate 96Board Software via an FPGA with Integra...HKG18-301 - Dramatically Accelerate 96Board Software via an FPGA with Integra...
HKG18-301 - Dramatically Accelerate 96Board Software via an FPGA with Integra...
 
HKG18-300K2 - Keynote: Tomas Evensen - All Programmable SoCs? – Platforms to ...
HKG18-300K2 - Keynote: Tomas Evensen - All Programmable SoCs? – Platforms to ...HKG18-300K2 - Keynote: Tomas Evensen - All Programmable SoCs? – Platforms to ...
HKG18-300K2 - Keynote: Tomas Evensen - All Programmable SoCs? – Platforms to ...
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: Introduction
 
HKG18-116 - RAS Solutions for Arm64 Servers
HKG18-116 - RAS Solutions for Arm64 ServersHKG18-116 - RAS Solutions for Arm64 Servers
HKG18-116 - RAS Solutions for Arm64 Servers
 

Último

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

Último (20)

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 

LCA14: LCA14-503: Android Upstreaming: Status, Netfilter & open discussion

  • 1. John Stultz & Mathieu Poirier, LCA14-503, Macau Android Upstreaming: Netfilter, Status & Discussion
  • 2. Overview • Mathieu will cover his recent Netfilter work • General status on Android Upstreaming • Open discussion
  • 4. Netfilter requirements for Android • Capture traffic per application and service • Distinguish between data streams (downloads, video, chat, …) • Support the notion of quotas. • Allow 3rd party applications to track and collect their own data.
  • 5. Current solution: 3 netfilter modules: • xt_qtaguid (quota, tag, uid) • xt_quota2 • xt_idletimer
  • 6. xt_qtaguid • Quota, socket tagging, UID tracking • Tracks all ingress/egress packets • Tracks all interface statistics • Let applications tag and delegate their own sockets • Count SKB against looked-up TAG+UID • Replaces “drivers/misc/uid_stats.c”
  • 7. xt_quota2 and xt_IDLETIMER xt_quota2 • Imported from xtables-addons • Add quotas to iptable rules • Send uevent on quota hit xt_IDLETIMER • Help ConnectivityService deal with quiet interfaces • Keeps track of interfaces coming online. • (I need to read more on this)
  • 8. Why it can’t go upstream? • xt_qtaguid does a lot of things that should be better handled in userspace. • xt_quota2 duplicates functionality already in place in the nfaccounting framework. • xt_IDLETIMER may no longer be needed - need to review when the above two are dealt with.
  • 9. Suggested proposal • Use NFQUEUE to replace xt_qtaguid (JPA at Google) • Initial concerns about efficiency but Eric Dumazet assured it wouldn’t be a problem at Linux Plumbers in New Orleans last year. • Extend xt_nfacct with quota capabilities to replace xt_quota2 (Linaro)
  • 10. Work done at Linaro • Enhance xt_nfacct.c with quota capabilities • Enhance iptables with the capability to define packet/byte quotas for “-m nfacct” • Port userspace tool “nfacct” from “libnfnl” to “libnl2.0”. • Add a broadcast group to inform userspace of quota attainment.
  • 11. Where is the code? xt_nfacct enhancements: http://marc.info/?l=netfilter-devel&m=139084250124821&w=2 iptables additions: https://git.linaro.org/people/mathieu.poirier/iptables.git Port of nfacct application to libnl2.0: http://android.git.linaro.org/gitweb?p=platform/external/nfacct.git;a=summary (linaro)
  • 12. Current Status (Linaro) • Port of nfacct to libnl2.0 is done and pushed to AOSP. • Iptables changes are considered done - may need minor tweaks based on pending upstream merge of xt_nfacct changes. • xt_nfacct is currently considered for review by the upstream community. • Found a problem with nfnetlink accounting - fixing the issue may introduce a delay. • Hopefully accepted in 3.15, 3.16 a more likely target. • JP’s investigation has been stalled by internal project - we may have to pick up the work but reluctant based on heavy coupling with Android userspace.
  • 13. • JP’s investigation on nfqueue has been stalled by internal projects (android64). • The new full libnl2.0 doesn’t work with wpa_supplicant - something they need to look into. • Delays in getting xt_nfacct changes accepted doesn’t matter because of this issue. • Integration of nfacct with BandwithController not started. • Getting libnl2.0 working is top priority because is solves other issues with the current libnl. Current Status (Google)
  • 15. Recent accomplishments 3.12: key reset upstreaming completed powersupply wakeup_source enablement merged binder type cleanups for 64bits 3.13: MMC power management improvements merged RTC wakeup_source enablement merged 3.14: ION cleaned up and merged in staging AOSP: binder 64bit abi rework
  • 16. Community accomplishments 3.14: Functionfs support for configfs ongoing: dma-buf sync And of course more...
  • 17. Linaro.Android branch maintenance Maintain the AOSP tree forward ported against Linus’ HEAD + a few extra fixes. linaro.android-3.12-merge linaro.android-3.13-merge linaro.android-3.14-merge Maintain linaro-specific fixes for LSK linaro.android-3.10-lsk
  • 18. Current delta (3.14-rc1) 3.14-rc1 vs linaro.android-3.14-merge: b/net/netfilter/xt_qtaguid.c | 3021 ++++++++++++++++++++++++ b/drivers/usb/gadget/android.c | 1566 ++++++++++++ b/arch/arm/common/fiq_debugger.c | 1376 ++++++++++ b/drivers/cpufreq/cpufreq_interactive.c | 1343 ++++++++++ b/drivers/usb/gadget/f_mtp.c | 1285 ++++++++++ b/drivers/usb/gadget/f_accessory.c | 1180 +++++++++ b/drivers/video/adf/adf.c | 1166 +++++++++ b/drivers/video/adf/adf_fops.c | 957 +++++++ b/drivers/staging/android/binder.c | 867 +++++- b/drivers/usb/gadget/f_audio_source.c | 828 ++++++ b/drivers/video/adf/adf_client.c | 810 ++++++ b/arch/arm/kernel/etm.c | 678 ++++- b/drivers/video/adf/adf_fbdev.c | 651 +++++ b/net/netfilter/xt_qtaguid_print.c | 566 ++++ ... 292 files changed, 30024 insertions(+), 1234 deletions(-) 3.10-stable vs android-3.10: 354 files changed, 35472 insertions(+), 1422 deletions(-) 3.4-stable vs android-3.4: 1265 files changed, 148684 insertions(+), 5934 deletions(-)
  • 19. Current delta (3.14-rc1) 3.14-rc1 vs linaro.android-3.14-merge: b/net/netfilter/xt_qtaguid.c | 3021 ++++++++++++++++++++++++ b/drivers/usb/gadget/android.c | 1566 ++++++++++++ b/arch/arm/common/fiq_debugger.c | 1376 ++++++++++ b/drivers/cpufreq/cpufreq_interactive.c | 1343 ++++++++++ b/drivers/usb/gadget/f_mtp.c | 1285 ++++++++++ b/drivers/usb/gadget/f_accessory.c | 1180 +++++++++ b/drivers/video/adf/adf.c | 1166 +++++++++ b/drivers/video/adf/adf_fops.c | 957 +++++++ b/drivers/staging/android/binder.c | 867 +++++- b/drivers/usb/gadget/f_audio_source.c | 828 ++++++ b/drivers/video/adf/adf_client.c | 810 ++++++ b/arch/arm/kernel/etm.c | 678 ++++- b/drivers/video/adf/adf_fbdev.c | 651 +++++ b/net/netfilter/xt_qtaguid_print.c | 566 ++++ ... 292 files changed, 30024 insertions(+), 1234 deletions(-) 3.10-stable vs android-3.10: 354 files changed, 35472 insertions(+), 1422 deletions(-) 3.4-stable vs android-3.4: 1265 files changed, 148684 insertions(+), 5934 deletions(-)
  • 20. Next areas of focus • ETM/ETB • Android Gadget -> ConfigFS Gadget • FIQ_Debugger • ADF
  • 21. Continuing work • Netfilter • ION / dmabuf allocation helpers • Volatile Ranges • Get ashmem out of staging • Influence KDBUS development • Unlikely to be a binder replacement as hoped • Try to find areas where code can be shared • Fair amount of memfd/ashmem overlap • Continue to help with the Juice project • Aiding with helping Android userland take advantage of upstreamed solutions • mempressure notifiers • sysrq-keyreset • etc
  • 22. Thank yous! • Takahiro Akashi • Serban Constantinescu • Ulf Hansson • Zoran Markovic • Mathieu Poirier • Jakub Pavelek
  • 23. Open Discussion • Netfilter related questions? • What are specific kernel related pain-points for Android device development? • Is anyone looking at ADF for their devices yet? • Any adjustments in focus we need? • Extra resources?
  • 24. More about Linaro Connect: http://connect.linaro.org More about Linaro: http://www.linaro.org/about/ More about Linaro engineering: http://www.linaro.org/engineering/ Linaro members: www.linaro.org/members