 So I guess there would be no microphone without some news from the herd and I welcome Samuel and we're really looking forward to what's new in the herd. So good morning everybody and thanks for coming. So I won't talk about the specific bit of the herd, but general news and general plans for the future. Just the usual introduction to the herd. It's actually all about freedom zero being able to run whatever in whichever situation for any purpose and notably that's the freedom for actual users on the system. They shouldn't have to ask the system administrator to do some crazy things like partition the disk or something like this. As long as they have the right to access a disk or some area or whatever, they should be able to just run fdisk and things like this. And also network access. You should be able to run a VPN as a user and things like this. There's no reason you shouldn't be able to do. And also the freedom to innovate. If you want to store your data in a different way with an experimental file system, you should be able to do this just to try new things without the fear of crashing the machine just because the system will actually prevent you from doing bad things like this. You would like to give a PCI card, experimental PCI card to a program which will drive it in a safe way and all kinds of things like this. And also the freedom from the programs themselves. If they crash then okay that's fine. If a driver crashes okay that's fine. It shouldn't harm the rest of the system. So to give an idea, this is how it works. You have the kernel here, a microkernel which only handles the tasks, memory and IPC between user-learn programs. And then you have several root-started services like PFInet for the TCP IP stack, proc to know what is a process, who has a PID and which identity has each process. Auth which knows who is who and X2FS the file system. And then when you have a shell which is starting with CP, actually they are talking with X2FS to access the files and it goes through Auth so that X2FS knows who is that program which is asking me to read a file or whatever and it checks with Auth who he is according to what is stored on the file system. For the permissions I mean. So the thing is if a server crashes then that's not really a problem. If the PFInet stack crashes then that's fine. We start another one and then things will continue. It's nice to debug because you can run GTP on a file system and things like this. The third console is actually a user-learned application so we could implement crazy things like Chinese in text mode that is using glyphs on the fly to actually show them with a normal VGA card. And the kernel itself only handles the task memory and IPC and nothing more than this normally. I will talk about it more later. This also provides a virtualization at a really fine grain because you can choose for each program which TCP IP stack it will use, which root file system it will use, which notion of process it will use, which notion of user it will use which is exactly the same as on Linux with name services and all kinds of separation except that here it's deep inside the structure of the kernel that it's that way. So it's not like on Linux or we forgot to separate sound support for instance, network support etc. We forgot about this. On the herd you cannot forget about compartmentalizing things just because that's the way it is done anyway. You do not have another way than having separations between processes. So you can do crazy things like have an FTPFS running on top of the TCP IP stack and then run ISOFS opening an ISO on the FTP server and then run a shell within the ISO image it's like this so you set a translator on FTP command and then you can open a URL and then start an ISO file system and then you can look at it. And the nice thing is that since LS just looks at the root of the ISO image then in the ISO translator only has to ask FTPFS to download a bit of the ISO image so you don't have to download everything just to see what's in there. So that's really a nice thing. And you can permanently store this kind of thing so this set trans for instance you can store it in your home. I have a little example like here. I have a signature file which each time I open it I get another content just because it's a translator behind which just starts fortune for each open of the file. So you have nice things like this which are possible thanks to this kind of flexibility and just to show you so I have a lot of processes of course so there's X2FS here, the ODE server and all kinds of translators for different services and if I kill one of them then that's fine, the rest continues. So the herd is a real thing. What is actually is really stable. I don't remember when I reinstalled the boxes I'm using. This one for instance I've been copying over and over in virtual machines between my different laptops and I don't remember when I installed it. The Debian build days are like this so they keep building Debian packages all day long and yes from times to times there is maybe a program which takes all resources because it does make minus j or things like this and then the system locks but then yeah that's the normal kind of things when a process tries to eat all resources of a system but yeah usually it just works. We have like three quarters of Debian building which is really a thing because you don't have things without patches like Firefox or LibreOffice but all the dependencies basically are there except a few things like cargo and things like this which we are working on. But basically we have XFC, GNOME, KDE, these kind of things do work and it's supporting upstream so this is really an operating system which does exist in upstream like GCC, JLPC, LLVM and we are working on Go and REST so that's progressing. So we have the Debian distribution which is really well supported and we have the installation working just like a normal Debian port on Linux or on KFubiSD and there are GeeksSD and Arc ongoing there is a lot of work on GeeksSD, Arc maybe it's on post but there are people working on it from times to times so GeeksSD would probably provide one of the most pure GNU operating system with GNU kernel etc. So it's on its track. So now what's the future? The thing is there are many, many, many existing bits in different places which just need polishing so I will give a few examples. That's the idea of in 10% time you get 90% of the thing done and then for the 10 remaining percent you have to take 90% of the time and a lot of people don't take that time to make it just work completely they had something funny and then they stopped there that's a bit sad because then there are a lot of things which are not completely working but almost then I show the ongoing project IDs and a couple of crazy IDs that we could experiment with so for instance there is HDTPFS and FTPFS which work quite fine most of the time so you can do like you CD to a directory and then you install all the files with that kind of name and that's really efficient because you don't have to do downloading or whatever it's just normal shell operations. I think this almost works fine because the HDTP server here provides an HTML file which HDTPFS can pass correctly but there are all the kinds of HTML page that HDTPFS has troubles with. With FTPFS it works quite fine as well so you can just find some files because you don't remember where it is and then it does it for you. Of course you have FTP clients which can do this kind of thing but just use your shell with normal tools and it will work fine. We have namespace-based translators so that's a funny thing so you can look at the software.tar.gz and you append colon colon here, comma comma here and then you can CD into it so the idea is that you have a translator behind the actual file system or whatever and then it sees that you have put these combos and then it will start a tarFS translator so you can actually enter into it and then look what's in there and again tar is indexed so you do not have to read all of the tar file. You could chain them, you have a disk image and then you open a partition within it and then you open the X2FS file system within it. I'm not sure this one is working but it's the kind of thing that should be possible and possibly it's not so many lines of code to get it working so yeah, please somebody have a look and have fun with implementing this. MboxFS, if you have an Mbox file it's all mails into just one file you could start MboxFS and then manipulate things inside it just put some random IDs that's kind of IDs you could have. XMLFS, you open an XML file and then you can browse into it with directories so you can find for instance the H1 sections and then just get the text of each H1 section in a nice way. There are some experiments with being able to write all these kinds of translators in high level languages so in Pearl, in Lisp, in Java, in Python these are mostly experimental but some of them are working and it's just a bit of polishing the existing thing and to have something which would work and allow a lot of different possibilities. I'm not detailing those but there are more JFS to open a JFS file system it is read only but at least it works and write availability would be fine notice the modifications of a file run, I've shown it with the Fortune program UnionFS to union some file systems so these are just to polish and to get them working really fine then there is ongoing work a lot of on-the-air hardware support in the field because we have to have this to continue being able to start the herd on machines so recently we've introduced a PCI Arbiter which allows to have safe concurrent access to PCI config space up to now we would just let programs poke at IOPorts concurrently and of course it would be a nightmare to do the same at the same time so I told about it last year the really cool thing would be to be able to use an IOMMU to make it safe that is the PCI Arbiter would literally give a PCI card to a process, just a process it's actually fine grained virtualization and then the process would be able to drive the card without anybody else interfering with it without giving that process access to the whole memory and things like this because of DMA thanks to IOMMU so that would be really cool just to make drivers well separated we have an ACPI translator pending commit to provide access to ACPI imporations just like being able to shut down the machine it's really complex to shut down the machine actually you have to do some ACPI but yes we should have it at some point using Ramp I talked about it some years ago because Ramp is really supported by a lot of people and also lead guest FS to access file systems without having to implement the thing is we don't want to use systems and device drivers because that's a lot of work and instead we can just put that into a process and then we just provide the proper interface to make it interact with the rest of the system we have a bit of 64-bit kernel support there are a few bits missing to let a 32-bit userland run on top of a 64-bit kernel so at least we could manage a lot of memory easily and then try to bootstrap a 64-bit userland it looks like an easy thing but bootstrapping a userland but really bootstrapping that means putting the information of 60-bit herd exists in Autoconf, in GCC, in G-Lipsy etc etc it's all these kind of programs which need to be made aware of this so that's kind of work but that would be really great and also S&P support the thing is the herd itself is already parallel because we have several translators running in parallel and we have threads which are working fine it's just at the kernel side that we don't have S&P support but actually MARH itself does have some support it's an old MARH that the herd system is using where S&P support wasn't updated to parsing ACPI tables and all kinds of things like this so it's that bit which should be done and then of course fixing the bugs that have remained since it wasn't tested for a long time but at least just because I'll show that we will remove as much drivers from the kernel as possible it should be easier because we have less source code to make sure it works in S&P mode so no drivers in the kernel so for the herd system the idea is that the kernel provides tasks memory and IPC that's the basics that was chosen but at the moment we have drivers in there we used to have network drivers but we have gotten rid of them into user space so I talked about it some years ago but we still have these drivers just because nobody took the time to move them out so how could we move them to userland just do it well there's one issue it's how do you actually boot the system and the solution will be to just use another CREP loaded module so how does it boot right now right now CREP loads the kernel and two modules and the file system and the exact server which knows how to execute a program and the kernel has the disk driver so the first thing that happens is that X2FS starts the minimal herd dish translators so to know what is a process who is who and start-up scripts so the idea is that X2FS knows it has to start them it tells to execute them and open files which contain the code for this and to get the data we use the disk drivers and then start-up can start in it and then in it can start a TCP IP stack which uses user level network drivers and so here we have a system which just works with the disk as an additional module the whole thing will be the same except that yes we have to have CREP load the disk module so that X2FS can edit load data from the disk right from here maybe we will have to add the PCI arbiter here so that the disk driver can access safely to the PCI card while later on Xorg will access to the PCI as well but then it's just all the same and then we really have everything running in New Zealand as root while the kernel only handles this kind of thing ok so to conclude there are a lot of nice things that we have in GNU Heard and a lot of things that we could achieve if just you polished it it's fun to have on something to have something starting to work it's better to have it finished so that people can really use it it's something that I've often seen I get patches and then they are not completely working I say this this that is not alright and then I get no response and that's really a concern because I cannot do this myself so sometimes people have other things to do ok that's fine but yes if people can help with just finishing the existing things that would be great when I see the micro kernel room presentations I see that there are a lot of micro kernel things and that's great to have something which is a real OS I mean that you have a whole distribution with usual programs and people just log into it and have their usual comments and there are no plus it's really hard it was mentioned in the Debian on risk 5 talk that just getting Perl to compile is really a lot of work and we do have it on the Heard because somebody did it in the past and we do have it for GCC for GDB and all kinds of things so we have already all of this which is already there we just need a few things to have it even more to the point of being a usable system so thanks for listening and thanks for all the people who have been working on it you have the websites for more information thanks the question one question I have time for more yeah so you said a lot of things about what could happen now and what I missed is what improved in the past three years so I showed what we could do and what happened in the past three years basically what I mentioned here so the PCI Arbiter and ACPI Translator the Rump as well I think so it was here in 2016 so basically these points are the ones which are hot but there are not many people working on it so it's a really slow pace there is nobody full-time or things like this it's only part-time I mean home time basically make a question more concrete what was finished in the past three years what was finished so that people can now test it on a running board so the PCI Arbiter is finished I mean here my heart system here is actually showing it I think yeah so the XOR actually uses it nowadays to access because we have NetDD which accesses the network board and XOR as well so yes we had to have we had to have something finished for this okay thank you we can miss something