A guide on getting Nvidia GPUs to work with the Raspberry Pi 5 and Rockchip boards using a custom kernel patch.
Challenges the idealized view of open source history, arguing that corporate involvement has always existed and shouldn't be seen as impure.
Analyzes Kubernetes User Namespaces from an offensive security perspective, covering isolation benefits, potential misconfigurations, and escape vectors.
A technical blog post about writing an experimental Linux scheduler using eBPF and Java that dynamically allocates CPU cores based on system sound levels.
A retrospective analysis of the Rust-for-Linux project's progress, challenges, and developer burnout, two years after its initial proposal.
Blog post about the new eBPF documentary, which tells the story of how the revolutionary Linux kernel technology was developed and accepted.
Explains how Linux kernel manages network connections using accept queues, with code examples from the kernel source.
An analysis arguing against including Rust in the Linux kernel, focusing on the unique constraints of kernelspace development.
Explains how to generate ioctl numbers for the Hare programming language using code generation, as Hare lacks C-style macros.
Analysis of the Dirty Pipe Linux kernel vulnerability (CVE-2022-0847), its impact on cloud environments, and defensive advice.
Critique of Pine64's funding priorities for FOSS software development on their hardware, arguing for more focus on core kernel and telephony work.
Explains why large tech companies like Twitter benefit from having in-house kernel teams to handle critical system issues and reduce costs.
Explores the deeply distributed nature of Linux kernel development, using the MAINTAINERS file and DRM subsystem as examples.
Explains that containers don't require a full OS inside, clarifying the roles of the kernel, OS, and distributions in containerization.
An introduction to using Linux kernel probes (kprobes) with eBPF and BCC for dynamic kernel debugging and tracing.
A practical guide to understanding and using Linux capabilities, with examples and tooling for managing privileges in containers.
Eight practical ways for companies to support and sustain the open source projects they depend on, from hiring maintainers to creating award programs.
A developer recounts attending XDC 2018 with the wlroots team, sharing insights on graphics drivers, testing, and community interactions.
A critique of container security messaging, arguing that existing defaults like Seccomp and AppArmor provide robust, multi-layered sandboxing.
A developer explores using Linux's BINFMT_MISC to run scripts in any language via containers, building on a Cloudflare post about scripting in Go.
