LISA 2021 Conference

This year LISA 2021 is going to be held as a virtual event with a very modest price. Which gives an incredible opportunity to attend it for those who could do that during the previous years due to the overall price-tag, i.e. transportation + accommodation + conference + misc. costs. By flipping through the program I’ve already picked my favourites:

Posted on April 17, 2021 at 10:01 pm by sergeyt · Permalink · Leave a comment
In: Conferences

Upgraded to FreeBSD 13.0-RELEASE

My small FreeBSD based droplet which I run in DigitalOcean is certainly unrepresentative but nevertheless I was very pleased with the smoothness of my recent upgrade to FreeBSD 13.0-RELEASE. Just a single reboot and here I am running the latest version of FreeBSD:

[freebsd@flagword ~]$ freebsd-version

Posted on April 16, 2021 at 4:38 pm by sergeyt · Permalink · Leave a comment
In: FreeBSD

Canceled my booking

As of January 1st I’m no longer employed by and surely have some mixed feeling about that. But as the saying goes – “every cloud has a silver lining” so I’m looking in to the future with a strong optimism. New Year – New Beginnings. ;-)

Posted on January 10, 2021 at 12:04 pm by sergeyt · Permalink · One Comment
In: Life

Advent of Code 2020 experience

This year was the very first one when I was able to follow along with the daily Advent of Code 2020 small programming puzzles. “Small” is certainly a subjective word as I still have yet to finish part 2 of days 19 and 20 but overall it has been an exciting journey that gave me a chance to learn and to improve so I look forward to the next round in 2021.

Posted on December 26, 2020 at 9:59 am by sergeyt · Permalink · Leave a comment
In: Life

my experience with kernel lockdown and eBFP

I’m running Ubuntu Linux on Dell Latitude 7390 and was extremely baffled when suddenly I couldn’t run any of eBPF tools. Even running as root I received this:

Error creating map: '@curfreq': Operation not permitted
Error creating map: '@process_mhz': Operation not permitted
Error creating map: '@system_mhz': Operation not permitted
Error creating printf map: Operation not permitted
Creation of the required BPF maps has failed.
Make sure you have all the required permissions and are not confined (e.g. like
snapcraft does). `dmesg` will likely have useful output for further troubleshooting

Quick googling pointed me to the root cause – kernel lockdown, the mode which is activated by Secureboot. In the past it was still possible to disable lockdown from command line:

echo 1 > /proc/sys/kernel/sysrq
echo x > /proc/sysrq-trigger

But now this option has been disabled and it’s no longer possible to turn lockdown off through sysrq-trigger. If you try these two commands today nothing would change except for the following message in dmesg:

[Sun Mar 15 14:07:19 2020] This sysrq operation is disabled from userspace.

As far as I know there are three options left:
1. Disable secure boot in UEFI
2. Use Alt+SysRq everytime after reboot
3. sudo mokutil –disable-validation

As a dirty hack I’ve used Alt+SysRq option so far. Btw, to initiate Alt+SysRq on Dell 7390 I had to:
1. Press Fn+Esc to enable function keys
2. Press Alt+PrtScr+x to disable lockdown

Check dmesg to confirm it worked:

[Sun Mar 15 14:11:28 2020] sysrq: Disabling Secure Boot restrictions
[Sun Mar 15 14:11:28 2020] Lifting lockdown

Finally, I’d highly recommend to read Brendan Gregg’s comment regarding lockdown and it’s impact.

Stay cool and stay unlocked!

Posted on March 15, 2020 at 2:09 pm by sergeyt · Permalink · Leave a comment
In: BPF, Linux

Christmas gifts 2020 already in house

It all started with a long awaited book by Brendan Gregg “BPF Performance Tools” that I decided to purchase directly from since didn’t have it in store and it wasn’t clear at all when they would have one.

Then another day I found this in my mail box:

With a couple of cute stickers generously sent by and kindly packed by
Bryan Cantrill’s family

Time for learning and sticking out ;-)

Posted on March 1, 2020 at 1:37 pm by sergeyt · Permalink · Leave a comment
In: Life

My trivial Linux kernel module in Rust

Couple of weeks ago had a chance to participate in a small gig at work that offered a chance to try Rust as a language for wringing Linux kernel module. It was a steep learning experience which made it super fun. Huge shout out to folks behind linux-kernel-module-rust framework without whom nothing would be possible.

Below is the result:

Posted on February 12, 2020 at 10:56 am by sergeyt · Permalink · Leave a comment
In: Linux, Programming

Time to learn something OSX new

Received Volume I and II back in December 2019 and before that had been craving to own them for quite a while. The catalyst that finally motivated me to buy one was the final call or, more correctly, a tweet. I’ve quickly gleaned through the books and the depth of the material was impressive and intimidating at the same time. But for lifelong leaner like me this is the reason I bought them in the first place.

Posted on February 2, 2020 at 12:39 pm by sergeyt · Permalink · Leave a comment
In: Apple, OSX

Finished “Permanent Record”

Just turned the final page of Permanent Record and, not taking into account that I haven’t read a real physical book for quite a while, must say this one was thrillingly riveting. The world would’ve been undoubtedly a better place had we had more Snowdens among us.

Posted on February 1, 2020 at 5:25 pm by sergeyt · Permalink · Leave a comment
In: Life

python-bpfcc on Ubuntu 19.10 misses PerfEventArray due to an outdated bpfcc-tools

If you, like me, follow bcc Python Developer Tutorial, to sharpen bpf skills you might hit the same snag as I did when I was trying to implement a solution for lesson 8:

Traceback (most recent call last):
  File "_ctypes/callbacks.c", line 315, in 'calling callback function'
  File "/usr/lib/python2.7/dist-packages/bcc/", line 572, in raw_cb_
    callback(cpu, data, size)
  File "./", line 69, in print_event
    event = b["events"].event(data)
AttributeError: 'PerfEventArray' object has no attribute 'event'

Lesson 7 doesn’t work and fails with the same error.
Originally, one had to use ctypes to define the event data structure in Python but this PR changed that. So now perf event data structure in Python is auto-generated. The code for leasson 8 has been updated accordingly as well

However bpf which is shipped with Ubuntu 19.10 is outdated, version 0.8.0-4 versus 0.12.0 as of this writing, and the only way around is to keep using ctypes, or build the tool chain from source due to a known bug

Posted on January 13, 2020 at 4:35 pm by sergeyt · Permalink · Leave a comment
In: BPF, Linux