Description
In the Linux ecosystems there are many ways to build all the software used to put together a running system. Whether it’s building all the binary packages for a binary Linux distribution, using a source-based distribution, or building an embedded system from scratch, there are a lot of shared challenges which each system solves in their own way.
-
Joshua Lock (Verizon)14/11/2023, 09:30
The software chain of trust — that source code, actors, and outputs all meet (often implicit) expectations when placed under scrutiny — is an area of growing concern. Accidental or malicious tampering with the chain of trust can result in security issues, failure to comply with software licences, inexplicable errors and more.
Linux distributions reduce the number of trust decisions...
Go to contribution page -
John Moon (Qualcomm Innovation Center, Inc.)14/11/2023, 10:10
Maintaining userspace API (UAPI) compatibility has been a cornerstone of Linux’s success over the years as it has allowed users to confidently upgrade their kernels without worrying about their userspace programs breaking.
Traditionally, kernel developers have used code review and testing to find UAPI-breaking changes. With libabigail, an additional tool could be added to the kernel tree...
Go to contribution page -
Bruce Ashfield (AMD)14/11/2023, 10:50
While the kernel is a core output of a build system that targets a
full platform or system, it also needs to balance many competing
use cases and outputs.Is it providing uapi headers ? Is it testing tightly coupled user
Go to contribution page
space packages ? Is it tracking LTS or -stable releases, or is it also
testing on the bleeding edge ? Is it only used in loadbuild type
environments or is interactive... -
Jon Mason14/11/2023, 12:00
In the never-ending quest to run all of the latest versions of all of the software, issues ensue. From CVEs to makefiles changes needed to get the thing building in an environment, patches are created and applied. Some of these patches are upstreamed and others live forever in the murky bowels of the distro's package. The latter's technical debt can cause issues on the next release, etc. ...
Go to contribution page -
Alejandro Hernandez Samaniego14/11/2023, 12:30
Its undeniable that heterogeneous systems are more commonly used on embedded products nowadays, for performance reasons it is better to use different operating systems running on different architectures on a single device.
However, each OS has its own build-time and runtime dependencies e.g. different C library (if one at all) as well as developer workflow, pre-configured IDE and such, this...
Go to contribution page