The Torch-MLIR project [1] builds a bridge between the world of machine learning and the LLVM project by providing compiler support from the PyTorch ecosystem to the MLIR ecosystem. This short tutorial covers:

• The projects structure and how to build it
• The TorchOnnxToTorch conversion
• Decomposing complex ONNX
• Lowering from Torch to LinAlg and other lower level dialects

Furthermore, it is discussed how you can get involved and what opportunities especially exist for first time contributors to contribute (code) to the project.

[1] https://github.com/llvm/torch-mlir/

In this talk, I will present how to integrate the Nix package manager with Buck2, an open-source build system developed by Meta, to achieve highly granular and reproducible builds across different platforms.

By integrating Nix and Buck2, developers can benefit from Nix's robust package management and reproducible build environments, while also taking advantage of Buck2's scalable and efficient build system.

I will dive into the details of using remote execution services that support the Bazel remote execution protocol with Buck2 in conjunction with Nix's remote build capabilities and showcasing that using a sample project.

Everyone loves the terminal! It's simple, efficient, and fast — almost everything the web is not.

What if I told you it is possible to build terminal-like web applications with Rust and vice versa?

Join me in this talk, where we explore the future of the terminal and the web and how the Ratatui ecosystem is bringing these two worlds together. We will take a look at example Rust projects that achieved this, their implementation, and the challenges that we are facing.

Get ready to be visually impressed!

For FSF-copyrighted GNU packages, FSF insists on executing copyright assignments and employer disclaimers. These are designed to ensure steady and continuing enforcement of the GPL, as well as to serve other important purposes related to licensing and copyright management. The maintainers of some GNU packages would like to use a simple mechanism called "Developer Certificate of Origin" (DCO). It is hard, and some lawyers think it's even impossible, for a DCO to allow FSF to enforce the GPL. However, we at the FSF have once promised to accept DCOs and to draft a DCO that would best serve the needs of the free software community. We want to fulfill this promise after a broad discussion about issues surrounding copyright assignments: their importance, best approaches, and challenges in managing copyrights in free software projects.

Panelists will elaborate on the following questions: 1) How to ensure swift enforcement of the GPL? 2) How to protect free software against third party claims, including employers' copyright or patent claims? 3) How to enable swift relicensing or adding additional permissions, while protecting software against appropriation? 4) How to remove any challenges a contributor might encounter with the process?

Various blobs like PSCI provider or TEE are currently started between BootROM and the U-Boot bootloader. This has multiple downsides, the blobs are difficult to update and the blobs may configure the platform in a way that prevents U-Boot from accessing all system resources, thus making it less useful as a debug tool. This talk explains how to start U-Boot before most of the blobs, thus giving it full unrestricted access to the platform, and how to start the blobs from U-Boot afterward, so Linux can still access the services like PSCI provided by the blobs. Finally, the talk hints at how to perform a safe A/B update of the blobs.

Project link: https://www.u-boot.org/

Come to see a first prototype of a CRDT-based real-time distributed collaboration implementation - for being able to collaboratively comment on a Writer document, from a number of distributed LibreOffice instances (desktop, browser or cloud).

If you want to use Android for your custom project, then you are almost inevitably going to have to modify the platform code. Typical reasons include supporting specialised hardware, running dedicated system services and pre-installing system apps. AOSP, and some parts of the Board Support Packages, are open source, so what's stopping you just changing the bits you need to? Indeed, this is the standard development model for Android platforms: fork; modify; repeat. Of course, we all know that forking is bad but there isn't any choice, especially when it is so difficult up merge changes upstream

Well, maybe there is a choice, In this talk we will examine the problems created by simply forking Android, and we will look at various ways to make the process more maintainable. In particular we will look at using local_manifests, and at maintaining out of tree patches for AOSP. In the latter case, we will talk about the tooling required to track patch sets ("layers") and the dependencies between them.

We hope that this will spark a conversation in the community through which we can establish best practice for maintaining custom Android systems without forking

Ladybird is a brand-new browser & web engine. Driven by a web standards first approach, Ladybird aims to render the modern web with good performance, stability and security. Currently in heavy development, we take a quick look at its progress, architecture and challenges.

Mgmt is a cutting-edge, real-time, automation tool designed to be fast, safe, and revolutionary. Our goal wasn't just to replicate legacy tools but to surpass them-- and we believe we've done exactly that. Mgmt is now powering real production workloads, showcasing its potential to redefine what's possible in automation.

Empowering our users starts with great documentation! To achieve this, we aimed to minimize the time spent maintaining our docs while ensuring they stay perfectly in sync with the code. So we developed custom AST parsing code that automatically converts code into a structured data format. We then use a GoHugo templating system to publish it in a polished and user-friendly way.

All of this code is open source, making it available for others to use and benefit from! We'll also show how even a small project could do this.

I'll deliver live demos throughout, ensuring the concepts come to life.

You'll also get a glimpse of how mgmt can revolutionize your workflows-- it might just become your go-to tool for managing documentation pipelines!

For those who want a head start, check out our blog posts. Reading a few before the talk will provide a great background of the topic!

Mox is a relatively young modern, all-in-one mail server. One of its goals it making it easy to setup a mail server, and keeping it up to date. In this talk, we'll look at how mox helps with setting up and running a mail server. From the original quickstart with its environment checks, setting up initial DNS records and modifying them later on, notifying about new mox releases and installing them, to a future easier guided setup process and automatic DNS management.

In February 2024, Red Hat released an update to insights-core, a package providing host data for Red Hat Insights. It slipped through our testing and caused all SELinux-enabled systems to crash the service, stopping the hosts from reporting. Even though the patch was released two days later, we couldn’t fix the hosts ourselves, and had to figure out which customers are affected and how to even contact them. It was a big lesson to both engineering and management. We’d like to share this story with the public.

Achieving exactly-once semantics is a cornerstone of reliable event streaming systems, but the challenge magnifies when ensuring guarantees across the entire pipeline—from data ingestion in Apache Kafka to stateful processing in Apache Flink, and back to Kafka or another sink. In this talk, we’ll explore the intricacies of designing an end-to-end system that maintains data integrity and correctness without compromising on scalability.

We’ll dive into: * Kafka’s 2 phase commit transactional guarantees and how they align with Flink’s checkpointing mechanisms. * Flink 2 phase commit E2E protocol * Practical strategies to address challenges like fault tolerance, recovery, and latency trade-offs.

This session will explore the implementation of Flink and Kafka 2 phase commit(2PC), the magic files, coordinating it across two distributed systems and the challenges you will face in implementing exactly once event processing E2E in your systems.

Motivation

Computer Science curriculums often focus on theoretical lessons, such as how garbage collection (GC) works under the hood or the trade-offs between different GC designs. However, there is much less emphasis on how to write GC-aware code in languages like Go. This is surprising since most of these practices are language-agnostic.

This is a significant gap, especially given GC's impact on application performance. Profiling data from real-world applications consistently shows that a considerable amount of time is spent on memory allocation and GC-related activities.

This talk will be a practical session on writing memory-efficient code, supported by an understanding of Go's garbage collection and memory allocation internals.

The talk

Introduction

I will begin by discussing the motivation behind this talk and explaining why this topic is crucial, backed by empirical profiling data from real-world applications.

Essentials

Next, I’ll provide a high-level overview (a 10,000-foot view) of stack, heap, and GC concepts. This segment will be brief but necessary to establish a foundational understanding.

Main

• Walk through real code examples and demonstrate techniques for writing memory-efficient Go code, such as avoiding pointers, preventing overallocation of slices, minimizing the overuse of interfaces and generics and many more, clarify misconceptions about sync.Pool and leverage it effectively.

• Short Overview of Go's standard tooling for observing memory usage and GC behavior: memory profiler, benchmarking tools, escape analysis, GC configuration, execution tracer. Shed more light on less known/used tools like execution tracer.

Finish

Finish the talk by emphasizing that writing allocation-friendly code is crucial for maintaining application performance and should not be overlooked and a wrap-up.

Much of the advice given to Java programmers seeking efficiency is misleading or out of date.

This talk is a result of the author's experience trying making the Java Virtual Machine more efficient, but it isn't just for JVM engineers, it is also relevant to Java programmers. We will cover wide-issue processors, branch and memory-access prediction, and the way Java programmers can use tools to illuminate what is really going on inside a computer when it runs their programs.

If you're looking for a talk about huge memories or millions of threads, this isn't it. Rather, it's about how small details can have surprising effects.

Mechanical Sympathy is when you use a tool or system with an understanding of how it operates best. "You don't have to be an engineer to be be a racing driver, but you do have to have Mechanical Sympathy."

Project: https://github.com/openjdk/jdk

In a continuously changing IT world, not being able to adapt is the difference between yesterday's and tomorrow’s projects. Everybody wants the benefits of changes, but nobody wants to endorse its associated risk. From dev to ops, I’ll share why we created Updatecli, an open-source declarative dependency manager. How automation helps us to anticipate, and fix early, our day-to-day challenges, and where the traps lie.

This presentation aims at presenting a fully open-source pipeline to extract, curate, and explore web archives, a captive data source whose access is restricted. Its purpose is to detail both the technical pipeline and the socio-institutional setting that made it possible to emerge, highlighting the challenges of developing open tools for closed sources.

The French web archives is an institutional repository of data maintained by the French National Library (BnF). It contains more than 2 petabytes of data spanning over close to 30 years, which accounts to more than 50 billion web pages. Access to this data is restricted under the heritage and legal deposit law: academic researchers willing to work on web archives as data are expected to submit research projects that, upon a formal or informal agreement, will enable them to access this data. But what then? Building the methodological means to pursue epistemological goals in that context is particularly challenging. Web archivists do provide toolkits for exploration. Recent initiatives have scaled up the effort to make these sources more accessible. The RESPADON project has successfully managed to build a “captive web archive” capacity into the Hyphe software, and in doing so has opened a new way into developing tools for such data.

In this presentation, we will present a new solution to extensively study, at the qualitative level, specific topics in the full-text indexed collections of the French web archives. Built around the PANDORÆ software, this pipeline has been designed to interrogate the captive data source on site, but also extract relevant metadata in a compliant manner to enable its exploration off-site, while ensuring reproducibility by publishing the code. In doing so, this pipeline provides an up-to-date example of the “one-way mirror” situation of building open tools that are fit to operate on closed data sources.

Have you ever wondered why people get involved in community work? If you think it's just about networking, think again! Let's talk about the deeper motivations rooted in our brains: from fast and slow thinking to the role of the amygdala, our basic human needs, and the impact of collective loneliness on society.

This presentation focuses on the perspective of an Operating System maintainer - how easy it is to add RISC-V support to a Linux based operating system nowadays.

The case study is done on a FOSS Operating System - Flatcar Container Linux. Flatcar Container Linux (https://flatcar.org) is a Container-optimized Linux distribution, CNCF incubated project, which has Gentoo as an upstream distribution.

We will go through the steps required to add RISC-V support, from the Linux Kernel quirks, the bootloader paradigms, and to the generic software support from the wider community: systemd, Docker, Kubernetes.

An important part that will be thoroughly presented is the current state of the art hardware availability combined with virtualization support, very much needed for testing and faster iteration.

As confidential computing continues to gain importance, AMD SEV-SNP has matured within the open-source community. This session will provide an overview, from the OVMF perspective, of how it integrates with QEMU and the Linux Kernel to encrypt memory and safeguard memory security in a virtualized environment. The session is open to UEFI developers as well as virtualization, kernel, and security developers. Attendees will gain insights into how AMD SEV-SNP in confidential computing protects systems in virtualized environments, the latest upstream development progress, and an analysis of the protections it offers. The session will also address whether these protections are adequate and if there is a need to adopt this technology.

Many processes are packed with document generation, and forms of various types, from applications to contracts. Come and hear how new APIs built on LibreOffice Technoloy provided by Collabora Online can make building complex documents easier. From populating fields, to making richer templates, to tweaking chart data, our new Automatic Document REST APIs here enable powerful document interaction - both creation and extraction of data with a simple JSON based API.

Whether you want to extract data from docx files, generate richer templates for subsequent editing, or enable powerful electronic signature functionality - have we got an API for you!?

Come and hear how to use and improve it.

If you are processing and storing sensitive data in the cloud, can you really trust anyone (including the cloud)? The answer is no. Confidential Containers (CoCo) is a CNCF project that leverages Trusted Execution Environments (TEEs) to tackle this challenge. A critical aspect in this effort is providing secure and confidential storage solutions that can be seamlessly deployed across cloud providers.

This session explores the implementation of trusted storage in CoCo, highlighting key aspects such as Kubernetes storage drivers, device virtualization, and the role of attestation in secure key release and data encryption. We also demonstrate how we prevent attackers from injecting data into the TEE using the CNCF Rego policy language.

Overall, we aim to show how cloud providers and end users can securely store and protect sensitive data, enabling the adoption of confidential computing across numerous use cases.

Validating low-level firmware presents unique technical challenges, from automating hardware control operations to testing interactive UEFI firmware menus. In this presentation, we delve into how the Dasharo Open Source Firmware Validation (OSFV) project uses Robot Framework, an open-source automation tool, to address these complexities.

Drawing from years of firmware development experience across diverse hardware platforms ranging from network appliances to workstations we will showcase how OSFV tackles: - automating hardware interactions such as GPIO toggling, UART communication, power control, video output capture, USB devices simluation, and more, on a wide variety of hardware platforms, - testing dynamic and interactive firmware interfaces, including menu navigation and switching configuration options, - managing the variability of real-world hardware environments to ensure repeatable and reliable test execution.

Dealing with web mapping can be complicated, and when tasked with the requirement of drawing on one, things can quickly become a challenging, especially when dealing with complex requirements. Enter Terra Draw: an open source JavaScript library designed to simplify and standardise drawing functionality across popular web mapping libraries such as Leaflet, OpenLayers, Google Maps, MapboxGL JS, and MapLibreGL JS.

Terra Draw offers a versatile set of built-in drawing modes, enabling seamless creation of geometries. The library supports simpler geometry types like points lines and polygons, but also more complex modes like rectangles, circles and sectors. There is also advanced functionalities like snapping, rotation, and scaling, which often require significant effort to implement from scratch. These functionalities are designed to "just work" across the different mapping ecosystems.

The library’s modular design promotes extensibility, allowing developers to create custom drawing modes and adapters for new mapping libraries that may come along. Thanks to its decoupled architecture, any mode can work with any adapter, creating a multiplier effect. This flexibility also ensures that swapping out one mapping library should be much simpler, as the drawing logic is abstracted away from the mapping library.

In this talk, we’ll explore the origins of Terra Draw, demonstrate how to get started, and provide a glimpse of what's possible with it. Whether you're a seasoned developer or just starting with web maps, you'll walk away with practical insights on how Terra Draw can be used in your project.

Not everything needs to become a string! At least not so fast. Don't lose your typing information when building templates for Django, Flask, FastAPI or even without any framework.

With htpy you can write templates just like you write Python, including full support for mypy or pyright checks.

I will show you how to get started with htpy and show you some patterns that make your components reusable and typesafe.

The Ryzen AI NPUs consist of an array of vector processors and programmable interconnect to allow granular control of compute and data movement to achieve high performance and power efficiency. This talk presents a MLIR-based data tiling and packing design for these NPUs that leads to optimized machine instructions. Specifically, it shows how we can derive and optimize how data flows through the array from high-level tiling decisions and how we can efficiently utilize a high degree of data packing by leveraging low-level DMA control and capabilities.

The SMB service in Ceph uses a Samba container to export the Cephfs volume using the vfs_ceph_new plugin. We hit a problem when scaling the number of client connection which results in resource exhaustion on the server host. This was determined to be caused by Samba's forking model and the way data is cached by libcephfs. This presentation delves deeper into the cause of this problem and the proposed solution - the multiplexing proxy.

Nix offers an alternative to the well-known container-based deployment flow, and can offer several benefits compared to those container-based deployments. However, it's not immediately obvious how you would use nix to deploy services on machines running Linux distributions other than the nix-native NixOS. To address this, we developed a tool called system-manager, which allows you to manage certain aspects of the system configuration of a Linux system using nix, while leaving others to be managed using the usual tools of the underlying distribution.

Accessing a Kubernetes cluster for the first time can be daunting. But that’s the price for testing Deployments, Volumes, and other Kubernetes objects, right? Nope. There is an easier way that doesn’t entail learning how to deploy a Kubernetes cluster.

One of the least-known commands of Podman is kube play, and it’s fantastic. It works as kubectl apply and supports the same objects but doesn’t need a Kubernetes cluster. It supports Pods, Deployments, Volumes, ConfigMaps, and many other Kubernetes resources and runs on Linux, macOS, and Windows. It has some additional features compared to kubectl, such as using local images.

This talk will discuss using kube play and its alter-ego kube generate to simplify Kubernetes’ first experiences.

Overview of a feature implementation in Collabora Online, building on LibreOffice Technology, where autotext and other presets and configuration data can be supplied both at an individual user level and at an organization level, via their wopi server, to a Collabora Online instance serving multiple organization tenants.

In high-energy physics, ensuring that analyses remain reproducible and interpretable over time is a significant challenge. As the Large Hadron Collider (LHC) produces vast datasets and as analyses evolve, reproducibility becomes crucial for both current and future research efforts. Rivet (Robust Independent Validation of Experiment and Theory) addresses this challenge by providing a framework for the preservation and reinterpretation of LHC analyses. This talk will discuss how Rivet facilitates analysis preservation, enabling researchers to reproduce, validate, and reuse complex particle collision studies long after initial publication. We’ll explore specific use cases, including how Rivet supports reinterpretation for new physics searches, and the technical underpinnings that make Rivet an indispensable tool for long-term data analysis preservation. This presentation will emphasise Rivet’s role within the broader landscape of open science and data preservation, with insights into its integration with other high-energy physics frameworks. Attendees will gain a clear understanding of Rivet’s contributions to sustainable research practices and reproducibility within the scientific community.

For the training of generative AI models, developers usually have to gather large amounts of mostly copyrighted data (texts, images, code, music etc.). Datasets are provided online for download or can be assembled individually via crawling & scraping.

In both cases, copies and sometimes further adjustments of data are necessary in preparation for AI training - acts relevant to copyright law, usually requiring a license. Since June 2021, the "text and data mining exception", introduced via the DSM directive, is a part of national copyright laws in the member states of the EU, allowing for license-free copies for the purposes of text and data mining (TDM). It is since being discussed whether the TDM exception can be applied to the training of (generative) AI models, and how respective reservations can be made in a "machine-readable format".

The talk will present the first German court decision (09/2024) on the application of the TDM exception to AI analysis and provide an overview of the discussion regarding the applicability of the TDM exception to AI training in Germany. Participants are also invited to join a constructive discussion regarding the feasibility of a machine-readable reservation and the importance of international / EU-wide (copyright) rules on AI training.

Linux v6.12 adds usb9pfs as a new USB gadget function, which can be used to mount a filesystem provided over USB.

Booting from an external rootfs in the form of NFS is already a staple in embedded systems development, but multiple issues complicate its usage:

• network interface required , which may not always be available
• Interference with normal network setup, especially in existence of switches
• Requires setup of multiple services: DHCP, TFTP, NFS...

By using usb9pfs for the rootfs, these limitations can be avoided on all devices that feature a USB gadget port.

This talk will discuss the design of 9p and usb9pfs and showcase how streamlined development on a Yocto root file system can be with both barebox and Linux making use of usb9pfs.

We'll introduce you to our project "Ethersync," a software and protocol for real-time collaboration. The goal is to make it feel like Etherpad, but for entire projects, on the local file system, and with Neovim, VS Code, or your other favorite text editors! We’ll talk about our vision, technical implementation, and the challenges we encountered along the way.

Collaborating with software like Etherpad or Hedgedoc feels a bit like magic: you can instantly see what others are typing. The downside is that you need to be online to access the content—since the document is on a server, it disappears as soon as you disconnect.

We’re working on an open-source software called "Ethersync" to bring real-time collaboration to the file system! We want to make it possible to write notes and documentation together, and we’re also considering use cases like pair programming—directly in Neovim, VS Code, or perhaps your favorite text editor soon. We’re following a "local-first" approach, ensuring you always have control over your data since it’s stored on your own hard drive.

In this talk, we’d like to explain our vision for this type of collaboration and show you our progress and current prototype. We’ll discuss some of the problems we’ve encountered and dive into the underlying technology (like Conflict-Free Replicating Data Types and Operational Transform).

Finally, we'll discuss how you can get involved: For example, we could use help developing plugins for more text editors! We'll go over the Ethersync protocol, and discuss how it could help interoperability between collaborative projects.

Java Flight Recorder (JFR) provides deep visibility into cryptographic operations offering developers unprecedented insights into their applications' security behavior. Learn how to leverage these JFR events to monitor and analyze cryptographic operations in production Java applications with minimal overhead.

Most developers approach unit testing by manually defining specific examples to verify the expected behaviour. With this approach, catching all the edge cases can be tricky – or tedious.

Property-based testing offers an alternative, by emphasizing general properties or rules that should hold true across a wide range of inputs. By automatically generating test cases, property-based testing provides broader coverage and can uncover issues that are difficult to find with conventional techniques.

In this talk, we'll explore property-based testing, breaking down how it works and when to use it. We'll cover:

• Core principles of property-based testing and how it differs from example-based approaches.
• Practical techniques for identifying useful properties in various domains, including algorithms, data structures and APIs.
• Tools and libraries that enable property-based testing in popular programming languages.
• Real-world examples of how this approach has uncovered critical bugs and improved test coverage.

This session is designed for developers curious about expanding their testing toolbox. Whether you're new to property-based testing or looking for ways to apply it in your work, this talk will provide practical guidance and resources to help you get started.

LibreOfficeKit has new API to expose slideshow elements: content, animations, transitions and notes. Short story about composing the impressive 3D slideshows in WebGL directly in the browser.

We will introduce nmbl (no more boot loader), our fast, secure boot scheme based on the Linux kernel. GRUB is a powerful, flexible, fully-featured boot loader used by many distributions on multiple architectures, but its complexity is difficult to maintain, and it necessarily lags behind the Linux kernel exposing many security holes. The kernel itself, on the other hand, has a large developer base, fast feature development, quick responses to vulnerabilities, and much better overall scrutiny. Our approach is to use the Linux kernel as its own boot loader in the form of a unified kernel image (UKI). Loaded by the EFI stub on UEFI, an UKI is made up of all the components needed to reach the final boot target: the kernel, initramfs, and kernel command line, in one signed bundle. All necessary drivers, filesystem support, and networking are already built in and code duplication is avoided. We will describe the work and testing done so far and our approach to customization, as well as fallback, and hope for your feedback and use cases.

Self-hosting Web applications is a practice that is useful both in the personal and business context. Depending on the situation, we can enjoy better privacy, flexibility, performance and reduced costs. However, some "boring" aspects we need to think about are backups, authentication, security, scalability and management across servers.

In this lightning talk, I will present a new multi-server container-based solution that sets a solid foundation for self-hosting, while remaining simple to use and operate: NethServer 8.

• Project page: https://www.nethserver.org
• Source code repositories: https://github.com/nethserver
• Community:< https://community.nethserver.org>
• Apps (some are in "testing"): https://wiki.nethserver.org/doku.php?id=ns8:applications:applications

NextGraph is an open source ecosystem providing solutions for end-users (a platform) and software developers (a framework), wishing to use or create decentralized apps featuring: live collaboration on rich-text and JSON documents, peer to peer communication with end-to-end encryption, offline-first, local-first, portable and interoperable data, total ownership of data and software, security and privacy.

Centered on repositories containing semantic data (RDF), rich text, and structured data formats like JSON, synced between peers belonging to permissioned groups of users, it offers strong eventual consistency, thanks to the use of CRDTs. Documents can be linked together, signed, shared securely, queried using the SPARQL language and organized into sites and containers.

Collabora Online (COOL) delivers collaborative document editing based on LibreOffice Technology to any modern browser. Come and hear about how we've been improving usability, deploy-ability, performance, feature-set and georgeousness of Collabora Online. See how COOL can be deployed and catch the excitement of making code simpler, faster and better for users at pace.

Finally hear how you can get involved with the fun.