binary blobs attack!!!
TRANSCRIPT
![Page 1: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/1.jpg)
pfefferzLinaro Android Platform Team
Binary Blobs Attack!!!
Zach Pfeffer (pfefferz)Linaro Android Platform Team
Embedded Linux Conference 2012
![Page 2: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/2.jpg)
pfefferzLinaro Android Platform Team
I'm working on a movie...
![Page 3: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/3.jpg)
pfefferzLinaro Android Platform Team
Here's the script...
![Page 4: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/4.jpg)
pfefferzLinaro Android Platform Team
8 AM - San JosePhilip
...stretches, pees, starts checking mail
9 AMPhilip
"okay, I need to write a message through this blob to the core"
11 AMPhilip
"Crap! What's wrong, why did you crash?"
1 PM San Jose 2:30 AM Bangalore
Philip"Yeah, I'm not sure, I send the message and BOOM! The core just stops."
FAE of FaST "I think that teams in India, I'll send a mail"
Philip"Okay..."
Working Title: Binary Blobs Attack!!!
![Page 5: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/5.jpg)
pfefferzLinaro Android Platform Team
10 AM Bangalore, the next day8:30 PM San Jose
Vishal"I got your mail..."
FAE of FaST NDA mumble, NDA mumble, NDA mumble...
Vishal"right, you need to send the version of the interface you want before using it"
FAE of FaST NDA mumble, NDA mumble, NDA mumble...
Vishal"no you have the v2.2 of the doc, its on page 34x-rwfv-444-:) of version 2.2.0.1, check Dora for the new version"
11 PM San JoseFAE of FaST
opens beer"let me send this before I go to bed..."
![Page 6: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/6.jpg)
pfefferzLinaro Android Platform Team
8 AM San Jose9:30 PM Bangalore
Philip"okay, I sent the version"runs the unit..."crap! what's wrong with the graphics stack"calls Ngraphics' FAE...
![Page 7: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/7.jpg)
pfefferzLinaro Android Platform Team
A Word Problem
Father's Day is in 13 days. SuperCoolNotGoogle and FaST is working on the FathersDayChecksYourFridgeHasBeer phone. It estimates that it will need to solve 325 crashes. 2 engineers and 1 FAE can solve 1 crash per day. How many Engineers and FAEs does SuperCoolNotGoogle need to ship their product?
325 crashes until launch
13 days until launch
325 crashes / 13 days = 25 crashes / day
2 engineers + 1 FAE = 1 crash / day
Answer
50 engineers + 25 FAEs
![Page 8: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/8.jpg)
pfefferzLinaro Android Platform Team
My movie wasn't picked up :(
Maybe I'll do a web series...
![Page 9: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/9.jpg)
pfefferzLinaro Android Platform Team
Here's the web series script...
![Page 10: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/10.jpg)
pfefferzLinaro Android Platform Team
8 AM - San JosePhilip
...stretches, pees, starts checking mail
9 AMPhilip
"okay, I need to write a message through this blob to the core"
11 AMPhilip
"Crap! What's wrong, why did you crash?"
1 PM San Jose Philip
looks at source, puts a print in at the remote call, checks log"Hmm... I guess I need to send the version first"work, work, work"Bingo!"
Working Title: Binary Blobs Attack Again!
![Page 11: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/11.jpg)
pfefferzLinaro Android Platform Team
Another Word Problem
Mother's Day is in 13 days. SuperCoolNotGoogle is working on the MothersDayRemindsYourKidsToCall phone. It estimates that it will need to solve 325 crashes. SuperCoolNotGoogle has the source to everything so 1 engineer can solve 2 crashes per day. How many Engineers does SuperCoolNotGoogle need to ship their product?
325 crashes until launch
13 days until launch
325 crashes / 13 days = 25 crashes / day
2 engineers = 2 crashes / day
Answer
12.5 engineers
![Page 12: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/12.jpg)
pfefferzLinaro Android Platform Team
Wow!!!
Having the source allowed SuperCoolNotGoogle and FaST to save 12.5 engineers and 25 FAEs.
Maybe they could get 2 phones out instead of 1 or...
![Page 13: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/13.jpg)
pfefferzLinaro Android Platform Team
Time spent on binary blob production, integration and debugging has eclipsed any other activity in the product cycle.
![Page 14: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/14.jpg)
pfefferzLinaro Android Platform Team
Engineer Rants
● “Binary blob scribbling is impossible to debug”
● “Kernel upgrades mean a recompile cycle with the SoC's 3rd party vendor”
● “Binary blobs are un-ethical”
● “OS independent code is always buggy, slow and will only be used on the OS its not meant for”
● “I need debug symbols!”
● “Documentation, Helloooo”
● “I'm going to kick ARM out of the kernel”
● “I can't track Linus' tip because I'll lose enablement”
● “I need a JTAG”
● "Write once, run everywhere doesn't really work for Java, so how well is that going to work for a driver?"
![Page 15: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/15.jpg)
pfefferzLinaro Android Platform Team
Problems
● The audio blob is locked to the 3.0 kernel the graphics blob is locked to 3.1
● hardfp and other toolchain improvements are lost
● The blob producers are impossible to track down
● Has brought back “batch” development
![Page 16: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/16.jpg)
pfefferzLinaro Android Platform Team
Binary blobs are responsible for the Linux ARM “problem.”
![Page 17: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/17.jpg)
pfefferzLinaro Android Platform Team
Binary blobs won't be going away.
How can we ensure an open, sustainable software eco-system with them?
![Page 18: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/18.jpg)
pfefferzLinaro Android Platform Team
Most problems happen when proprietary code crosses the userspace/kernel boundary
User Space
Kernel
Proprietary Blob
![Page 19: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/19.jpg)
pfefferzLinaro Android Platform Team
Vendor Provided Kernel SpaceProprietary Blob
How Windows deals with this (so I've heard)
Well Defined User Space API
Well Defined Kernel Space API
Vendor Provided User SpaceProprietary Blob
User Space
![Page 20: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/20.jpg)
pfefferzLinaro Android Platform Team
Linux Kernel
Typical Proprietary Stacks on Linux
Vendor Provided Kernel Space
Proprietary Blob
Linux Kernel Shim
Vendor Provided User SpaceProprietary Blob
User Space
open/read/write/ioctl shim
![Page 21: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/21.jpg)
pfefferzLinaro Android Platform Team
SoC vendors want to write code once and protect IP
Vendor Provided Kernel SpaceProprietary Blob
Well Defined User Space API
Well Defined Kernel Space API
Vendor Provided User SpaceProprietary Blob
User Space
Linux Kernel
Linux Kernel Shim
User Space
open/read/write/ioctl shim
Vendor Provided Kernel SpaceProprietary Blob
Linux Driver Shim
![Page 22: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/22.jpg)
pfefferzLinaro Android Platform Team
Things we can do
● Examine what crosses the OS barrier and see what we can do to decouple things, such as:● Rethink memory and power policy and mechanism
at the OS boundary● Create official binary box interfaces● Split devices from the kernel completely● Enable hacking and proprietary solutions
![Page 23: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/23.jpg)
pfefferzLinaro Android Platform Team
Things we can do
● OEMs and ODMs can work with SoC manufactures to ensure the source flows
● Reverse engineer
![Page 24: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/24.jpg)
pfefferzLinaro Android Platform Team
Thanks!
Feel free to send questions, comments and rants to [email protected]
or
pfefferz at #linaro-android on irc.freenode.net
or
Zach Pfeffer (not the soccer player) on G+
![Page 25: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/25.jpg)
pfefferzLinaro Android Platform Team
Binary Blobs Attack!!!
Zach Pfeffer (pfefferz)Linaro Android Platform Team
Embedded Linux Conference 2012
![Page 26: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/26.jpg)
pfefferzLinaro Android Platform Team
I'm working on a movie...
![Page 27: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/27.jpg)
pfefferzLinaro Android Platform Team
Here's the script...
![Page 28: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/28.jpg)
pfefferzLinaro Android Platform Team
8 AM - San JosePhilip
...stretches, pees, starts checking mail
9 AMPhilip
"okay, I need to write a message through this blob to the core"
11 AMPhilip
"Crap! What's wrong, why did you crash?"
1 PM San Jose 2:30 AM Bangalore
Philip"Yeah, I'm not sure, I send the message and BOOM! The core just stops."
FAE of FaST "I think that teams in India, I'll send a mail"
Philip"Okay..."
Working Title: Binary Blobs Attack!!!
![Page 29: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/29.jpg)
pfefferzLinaro Android Platform Team
10 AM Bangalore, the next day8:30 PM San Jose
Vishal"I got your mail..."
FAE of FaST NDA mumble, NDA mumble, NDA mumble...
Vishal"right, you need to send the version of the interface you want before using it"
FAE of FaST NDA mumble, NDA mumble, NDA mumble...
Vishal"no you have the v2.2 of the doc, its on page 34x-rwfv-444-:) of version 2.2.0.1, check Dora for the new version"
11 PM San JoseFAE of FaST
opens beer"let me send this before I go to bed..."
![Page 30: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/30.jpg)
pfefferzLinaro Android Platform Team
8 AM San Jose9:30 PM Bangalore
Philip"okay, I sent the version"runs the unit..."crap! what's wrong with the graphics stack"calls Ngraphics' FAE...
![Page 31: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/31.jpg)
pfefferzLinaro Android Platform Team
A Word Problem
Father's Day is in 13 days. SuperCoolNotGoogle and FaST is working on the FathersDayChecksYourFridgeHasBeer phone. It estimates that it will need to solve 325 crashes. 2 engineers and 1 FAE can solve 1 crash per day. How many Engineers and FAEs does SuperCoolNotGoogle need to ship their product?
325 crashes until launch
13 days until launch
325 crashes / 13 days = 25 crashes / day
2 engineers + 1 FAE = 1 crash / day
Answer
50 engineers + 25 FAEs
![Page 32: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/32.jpg)
pfefferzLinaro Android Platform Team
My movie wasn't picked up :(
Maybe I'll do a web series...
![Page 33: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/33.jpg)
pfefferzLinaro Android Platform Team
Here's the web series script...
![Page 34: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/34.jpg)
pfefferzLinaro Android Platform Team
8 AM - San JosePhilip
...stretches, pees, starts checking mail
9 AMPhilip
"okay, I need to write a message through this blob to the core"
11 AMPhilip
"Crap! What's wrong, why did you crash?"
1 PM San Jose Philip
looks at source, puts a print in at the remote call, checks log"Hmm... I guess I need to send the version first"work, work, work"Bingo!"
Working Title: Binary Blobs Attack Again!
![Page 35: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/35.jpg)
pfefferzLinaro Android Platform Team
Another Word Problem
Mother's Day is in 13 days. SuperCoolNotGoogle is working on the MothersDayRemindsYourKidsToCall phone. It estimates that it will need to solve 325 crashes. SuperCoolNotGoogle has the source to everything so 1 engineer can solve 2 crashes per day. How many Engineers does SuperCoolNotGoogle need to ship their product?
325 crashes until launch
13 days until launch
325 crashes / 13 days = 25 crashes / day
2 engineers = 2 crashes / day
Answer
12.5 engineers
![Page 36: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/36.jpg)
pfefferzLinaro Android Platform Team
Wow!!!
Having the source allowed SuperCoolNotGoogle and FaST to save 12.5 engineers and 25 FAEs.
Maybe they could get 2 phones out instead of 1 or...
![Page 37: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/37.jpg)
pfefferzLinaro Android Platform Team
Time spent on binary blob production, integration and debugging has eclipsed any other activity in the product cycle.
![Page 38: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/38.jpg)
pfefferzLinaro Android Platform Team
Engineer Rants
● “Binary blob scribbling is impossible to debug”
● “Kernel upgrades mean a recompile cycle with the SoC's 3rd party vendor”
● “Binary blobs are un-ethical”
● “OS independent code is always buggy, slow and will only be used on the OS its not meant for”
● “I need debug symbols!”
● “Documentation, Helloooo”
● “I'm going to kick ARM out of the kernel”
● “I can't track Linus' tip because I'll lose enablement”
● “I need a JTAG”
● "Write once, run everywhere doesn't really work for Java, so how well is that going to work for a driver?"
![Page 39: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/39.jpg)
pfefferzLinaro Android Platform Team
Problems
● The audio blob is locked to the 3.0 kernel the graphics blob is locked to 3.1
● hardfp and other toolchain improvements are lost
● The blob producers are impossible to track down
● Has brought back “batch” development
![Page 40: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/40.jpg)
pfefferzLinaro Android Platform Team
Binary blobs are responsible for the Linux ARM “problem.”
Upstream won't look at shim's, pass throughs or other kernel or userspace blob frontends.
This also leads to an inability to refactor ARM support into common kernel code, further marginalizing ARM
![Page 41: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/41.jpg)
pfefferzLinaro Android Platform Team
Binary blobs won't be going away.
How can we ensure an open, sustainable software eco-system with them?
![Page 42: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/42.jpg)
pfefferzLinaro Android Platform Team
Most problems happen when proprietary code crosses the userspace/kernel boundary
User Space
Kernel
Proprietary Blob
![Page 43: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/43.jpg)
pfefferzLinaro Android Platform Team
Vendor Provided Kernel SpaceProprietary Blob
How Windows deals with this (so I've heard)
Well Defined User Space API
Well Defined Kernel Space API
Vendor Provided User SpaceProprietary Blob
User Space
![Page 44: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/44.jpg)
pfefferzLinaro Android Platform Team
Linux Kernel
Typical Proprietary Stacks on Linux
Vendor Provided Kernel Space
Proprietary Blob
Linux Kernel Shim
Vendor Provided User SpaceProprietary Blob
User Space
open/read/write/ioctl shim
![Page 45: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/45.jpg)
pfefferzLinaro Android Platform Team
SoC vendors want to write code once and protect IP
Vendor Provided Kernel SpaceProprietary Blob
Well Defined User Space API
Well Defined Kernel Space API
Vendor Provided User SpaceProprietary Blob
User Space
Linux Kernel
Linux Kernel Shim
User Space
open/read/write/ioctl shim
Vendor Provided Kernel SpaceProprietary Blob
Linux Driver Shim
![Page 46: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/46.jpg)
pfefferzLinaro Android Platform Team
Things we can do
● Examine what crosses the OS barrier and see what we can do to decouple things, such as:● Rethink memory and power policy and mechanism
at the OS boundary● Create official binary box interfaces● Split devices from the kernel completely● Enable hacking and proprietary solutions
![Page 47: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/47.jpg)
pfefferzLinaro Android Platform Team
Things we can do
● OEMs and ODMs can work with SoC manufactures to ensure the source flows
● Reverse engineer
![Page 48: Binary Blobs Attack!!!](https://reader033.vdocuments.us/reader033/viewer/2022061002/6299d40b641e225153699186/html5/thumbnails/48.jpg)
pfefferzLinaro Android Platform Team
Thanks!
Feel free to send questions, comments and rants to [email protected]
or
pfefferz at #linaro-android on irc.freenode.net
or
Zach Pfeffer (not the soccer player) on G+