A Faster Way to Create Virtual Machines with Cloud Images and virt-manager

I’ve written previously about Booting Cloud Images with QEMU. However, I’ve since graduated to a more convenient method of spawning virtual machines. This method is also much faster and is more cohesive with the rest of the virtualization stack that you’ll find on your Linux distribution. As someone who creates and tears down tons of virtual machines for testing things, this method appeals to me more than the previous. Let’s get into it.

Read More…

Implementing a Continuous Delivery Pipeline for my Discord Bot with GitHub Actions, podman, and systemd

I’ve been having a lot of fun lately refining a weekend project I started a few months ago. I basically threw this bot over the wall back in early April. About a month ago, I started getting serious about learning the Go programming language, so I thought I’d just revisit my Discord bot with a more “learned” eye and find ways to polish it up a bit. Popple is a Discord bot that I made for myself and my friends, and it has been my playground for practicing everything I was learning in a project with an extremely small blast radius.

Read More…

How I use Thunderbird to Write Emails and Review Patches

Regardless of how one might feel about patches-over-email software development, the reality is that a lot of exciting open source projects are developed on mailing lists. Configuring a pleasant plaintext-oriented e-mail environment may not be obvious for those of us who come from a primarily git forge style background. At least, it wasn’t for me. In any case, I’ve finally arrived at a productive setup and I’d like to write it down here for posterity.

Read More…

Tips for Improving the Quality of Your Code Reviews

Check out the changes locally For everything but the most trivial of patches, check change out locally. Not only is this a technical prerequisite for some of the other tips in this article, but I’ve found it is easier to remain focused on the review when it takes place outside of my email inbox/GitHub/Gitlab/etc. Use more context when viewing changes The default context for a diff is rather narrow. It will show lines added and removed next to only a few other lines of the code.

Read More…

sevctl available soon in Fedora 34

I am pleased to announce that sevctl will be available in the Fedora repositories starting with Fedora 34. Fedora is the first distribution to include sevctl in its repositories 🎉. sevctl is an administrative utility for managing the AMD Secure Encrypted Virtualization (SEV) platform, which is available on AMD’s EPYC processors. It makes many routine AMD SEV tasks quite easy, such as: Generating, exporting, and verifying a certificate chain Displaying information about the SEV platform Resetting the platform’s persistent state As of this writing, Fedora 34 is entering its final freeze, but sevctl is queued for inclusion once Fedora 34 thaws.

Read More…

Booting Cloud Images with QEMU

Do you ever get frustrated with waiting for a heavy VM image to download or with installing operating systems onto virtual machines manually? It can start to feel cumbersome after a while, especially if you bring up and tear down lots of virtual machines as part of your workflow. It’d be nice if spawning a ready-to-use VM was as quick and as easy as it is when using a public cloud.

Read More…

How Rust's Type Checker Helped Find a Bug in a Linux Kernel ioctl Definition

Don’t you love it when your compiler thinks hard so you don’t have to? Rust’s built-in static analysis is praised for providing all kinds of safety guarantees for your code. Today, it’s not about your code, or even my code; it’s about how calling Linux ioctls through a type-safe abstraction layer exposed a bug in an ioctl definition and Rust’s type-checker was the first one to bark about it! [iocuddle](https://github.com/enarx/iocuddle/) is a library for improving the safety of ioctl calls from Rust.

Read More…

Hacktoberfest 2020 Was Not All Bad

Hacktoberfest 2020 had a rocky start. I’m not here to argue against any of the criticisms brought up by other members of the community. Their feedback is not unfounded. However, I don’t believe it was all bad. I signed one of my weekend projects up for Hacktoberfest to gain some more experience in a maintainer role rather than an individual contributor role. In this regard, I believe Hacktoberfest 2020 was a successful experience for myself and for the contributors who spent their time and energy submitting patches to my project.

Read More…

Test Driven Development in the Clang Compiler

A while back, I participated in a software engineering capstone with a group of other computer science students to complete my degree. Our project was to create a from-scratch implementation of grsecurity’s “randstruct” GCC plugin for the Clang compiler. Long story short, we ended up sending out a request for comments (RFC) on the initial draft that we produced during the capstone. A number of Clang/LLVM contributors took the time to review what we made and kindly suggested some changes for a future revision.

Read More…

How the Linux Kernel Detects PCI Devices and Pairs Them With Their Drivers

Have you ever wondered how Linux knows what PCI devices are plugged in? How does Linux know what driver to associate with the device when it detects it? In short, here’s what happens: During the kernel’s init process (init/main.c), various subsystems are brought up according to their “init levels.” Among these early subsystems are the ACPI subsystem and the PCI bus driver. The ACPI subsystem probes the system bus. This “probe” is actually a recursive scan since there can be other devices that act as “bridges” from that main system bus.

Read More…