On this page, I try to give a short sketch of some stations of my life, related to IT.

Early days

edit

I was born 1971 in Graz, Austria and started programming as a hobby in 1986 using an MSX home computer in BASIC and machine language. By 1990, I upgraded to personal computers, where I programmed using Quick Basic and Turbo Pascal. After taking a course for C and studying man pages and books on SQL and Unix, I switched from working as an industrial electrician and instrumentation technologist for maintaining process control and feedback control systems in a paper mill to programming for a living.

UNIX Programming

edit

My first programming work was done in the early 90s on UNIX-Servers (SCO UNIX release 3.2 version 4.2 and HP-UX 9.04) to create SQL database applications at local companies. I became also proficient in UNIX system and network administration.

My first production deployment of Free Software was the installation of Samba on UNIX servers, obsoleting the requirement to use PC-NFS software on the clients and thereby curing and printing problems which were caused by bugs in the PC software.

Initial use of Linux

edit

I replaced a modem terminal which was running on DOS with a Linux-based dial-on demand router which handled many dial-out and call-back calls in parallel and later configured it to also provide dial-up access to the Internet.

I also used Linux to connect two company buildings using Ethernet bridging (for NT authentication) which I converted to a router later. I also did a bit of prototype programming in Java, but in the same year (1998), I moved to Germany and started to work for SuSE to work on improving their Linux distribution.

Time at SuSE

edit

Like everybody, I had to do 6 months of customer support and then I started with maintenance of RPM packages. After becoming the maintainer of pppd, I became responsible for dial-up (execpt for i4l).

By 2000, thanks to my integration of wvdial, dial-up was working smoothly and I was looking for new challenges, but not for a long time: At the same time, IBM released Linux for S/390, and since I was becoming curious of the technology of IBM mainframes, I took the challenge to build up a the platform of SuSE Linux for big iron.

I was the principal developer of the project and Joachim Schroeder (who recently moved to Red Hat) worked with me on the setup of the machines. This distribution became the first version of SUSE Linux Enterprise Server (SLES). After some involvement in the software patent debate in Europe, I wanted to work with more common hardware again, and I'm now working on kernel-related tasks for AMD which incude for example kernel debugging over FireWire.

Kernel contributions (best of)

edit
  • In October 1995 (16 years ago), I published a prototype of a new Linux Lernel configuration tool which added menus to the Linux Kernel configuration. This method was picked up as the method to provide a menu-oriented way to configure the features of the Linux kernel.
  • In June 1997, I fixed pre-emtive scheduling when an development kernel for SMP machines was running on a non-APIC board
  • In 1999, Linux kernel 2.2.10 simply seemed to kernel dead-lock when getting out of memory, machines simply stopped when the out-of-memory situation was reached when a large swap partition was used. I worked with Andrea Arcangeli fixing the issue. It turned out to be an off-by-one swap space computation error in the kernel code for the new swap partition format for swap partitions larger than 128MB which brought the out-of-memory handler in the kernel to a stop. The fix was merged by Alan Cox placing me as author into his 2.2.10ac11 kernel tree.
  • In 2002, I worked with Neale Ferguson from Software AG on fixing Linux kernel and gcc issues found by him doing porting and QA of the Tamino XML database server on Linux and fixed a SMP race condition in the Unix System V message queues of the Linux Kernel (The fix has been merged in with Linux 2.4.21pre3-ac3)
  • In 2003, an exploit for a security hole in the Linux kernel which could be used on many SMP machines to gain root permissions was published on the Internet. It managed to trigger an SMP race condition in interaction between the ptrace system call and the kernel module loader. In theory, it could also be used in a preemptive Linux kernels.
    • A quick fix required and provided Red Hat developers.
    • Their fix had side effects which caused some grief: Process monitoring of suid tasks was broken and it became impossible to debug such programs and debugged processes could even become stuck or unkillable.
    • I analyzed the issues and produced a fix which only kept the changes required to fix the security hole, but not break process monitoring or debugging.
      • This resulted in some public discussion with well-known kernel hackers from Red Hat, including Alan Cox, but in the end he accept what my fix wasn't flawed, and we used it to fix the SUSE distribution's kernel.
      • Weeks later , the Linux-2.4 Kernel maintainer Marcelo Tosatti required a fix for the official 2.4 kernel and asked me what the latest status was and so my fix entered mainline with 2.6.21-rc2 after having been in use in the official SUSE kernel update for a while.
      • It was the most prominent fix in this release because the stakes to not compromise security but to allow debugging and tracing were very very high and it was needed to find a correct, safe fix which did not pose security risks while not by breaking backwards compatibility.
      • Years later, a young student showed up in my office and told me that this inspired him to get involved with kernel hacking as he saw that even comparably unknown people can stand up and convince people.
    • Thread with an initial description and inclusion of a fix which does not have the most prominent side effects
    • Mail in which I describe how the ptrace security issue is fixed correctly

FLOSS and Linux Kernel contributions (striving to be complete)

edit

In 1995, I started to work on contributions to the Linux-Kernel. This list only contains what can be publically described. Fork which I have done on Linux on zSeries such as adapting the kernel and tools it support 4k HW sector size (mostly in LVM, which was not yet in mainline at that time) and to make reiserfs (was also not yet in mainline Linux at that time), I have not found public traces, I could only try to provide the changelogs or find the old patches and put them on-line).

1997:

1999:

2003:

  • Around 2.4.20, a security hole in a very central place was discovered: An SMP race condition concerning an interaction between the ptrace system call and the kernel module loader which could (in theory) also be triggered in a preemptive kernel presented local users with the possibility to gain root permission. A quick fix was released by Red Hat developers. Unfortunately, they used the big hammer to fix it and not a well calibrated approach. Their fix had side effects which caused some grief: It prevented access to /proc/<pid>/cmdline for some tasks and made it impossible to debug some programs. I analyzed the issue and limited the fix to what was sensible to do but still safe. This resulted in some public discussion with well-known kernel hackers from Red Hat, including Alan Cox. In the end, he had to accept what was correct. Weeks later , the Linux-2.4 Kernel maintainer Marcelo Tosatti required a fix for the official 2.4 kernel and asked me what the latest status was and so my fix entered mainline with 2.6.21-rc2 after having been in use in the official SUSE kernel update for a while. It was the most prominent fix in this release because the stakes to not compromise security but to allow debugging and tracing were very very high and it was needed to find a balance which does not pose security risks while not by breaking backwards compatibility. Years later, this prompted a student to show up in my office to tell me that this inspired him to get involved with kernel hacking as he saw that even comparably unknown people can stand up and convince people.

2004:

2006:

2007:

  • I developed an early initialization routine for OHCI1394 FireWire controllers to enable kernel debugging of early boot issues over FireWire, submitted it, and Ingo Molnar said: "cool stuff" and added it to the x86 tree pending further review. It has has since been added to the release candidate series for the next official release of the Linux kernel.