diff options
| author | Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org> | 2023-01-30 23:20:36 +0100 |
|---|---|---|
| committer | Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org> | 2023-01-31 00:51:02 +0100 |
| commit | 15c1a4d98d2f9ed035c12f8a804a5bda3bce27d9 (patch) | |
| tree | b6bae21356aedd6617ad598a01d63fa50e6aa348 | |
| parent | 6aac3e95cae0753ab1df334862874eb0e3163a1e (diff) | |
| download | presentations-15c1a4d98d2f9ed035c12f8a804a5bda3bce27d9.tar.gz presentations-15c1a4d98d2f9ed035c12f8a804a5bda3bce27d9.tar.bz2 presentations-15c1a4d98d2f9ed035c12f8a804a5bda3bce27d9.zip | |
Add FOSDEM 2023 presentation
It is heavily based on the presentation I prepared for the Guix
brithday in 2022 that could not be presented there.
GraphicsMagick was used instead of ImageMagick as in Guix ImageMagick
produces the following error:
convert ../common/images/i9300_hardware.svg output/i9300_hardware.jpg
convert: unable to read font `helvetica' @ error/annotate.c/RenderFreetype/1396.
convert: non-conforming drawing primitive definition `letter-spacing' @ error/draw.c/RenderMVGContent/4405.
make: *** [Makefile:76: output/i9300_hardware.jpg] Error 1
That error is not present with Parabola i686, even with no fonts
installed, and Parabola uses similar imagemagick and fontconfig
packages versions, though as the conference is to be made very soon it
was better to workaround for now than to fix the package in Guix.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
| -rw-r--r-- | FOSDEM2023/How_Replicant_uses_Guix.tex | 991 | ||||
| -rw-r--r-- | FOSDEM2023/Makefile | 87 |
2 files changed, 1078 insertions, 0 deletions
diff --git a/FOSDEM2023/How_Replicant_uses_Guix.tex b/FOSDEM2023/How_Replicant_uses_Guix.tex new file mode 100644 index 0000000..c5f16ea --- /dev/null +++ b/FOSDEM2023/How_Replicant_uses_Guix.tex @@ -0,0 +1,991 @@ +\documentclass[aspectratio=169]{beamer} +\usepackage[english]{babel} +\usepackage{color} +\usepackage{CJKutf8} +\usepackage{graphicx} +\usepackage{ifthen} +\usepackage[utf8]{inputenc} +\usepackage{listings} +\usepackage{longtable} +\usepackage{pdfpages} +\usepackage{xtab} + +\lstdefinestyle{terminal}{ + backgroundcolor=\color{black}, + basicstyle=\scriptsize\color{green}, +} + +\newcommand{\devicepicture}[1]{../external_resources/replicant_website/images/supported-devices/#1.png} + +\newcommand{\includedevicepicture}[1]{ + {\includegraphics[width=.2\textwidth]{\devicepicture{#1}}} +} + +\newcommand{\inline}[3]{ + \ifthenelse{\equal{top}{#2}}{ + \noindent + \resizebox{\textwidth}{\textheight * 2 / 3}{#1} + {#3} + }{} + \ifthenelse{\equal{bottom}{#2}}{ + {#3} + \noindent + \resizebox{\textwidth}{\textheight * 2 / 3}{#1} + }{} + \ifthenelse{\equal{right}{#2}}{ + \begin{columns}[T] + \begin{column}{5cm} + #3 + \end{column} + \begin{column}{5cm} + #1 + \end{column} + \end{columns} + }{} +} + +\newcommand{\inlinepicture}[3]{ + \ifthenelse{\equal{right}{#2}}{ + \begin{columns}[T] + \begin{column}{5cm} + #3 + \end{column} + \begin{column}{5cm} + \includegraphics[width=5cm,height=8cm,keepaspectratio=true]{#1} + \end{column} + \end{columns} + }{ + \inline{\includegraphics[keepaspectratio=true]{#1}}{#2}{#3} + } +} + +\usetheme{Singapore} + +\title{How Replicant uses Guix? \\ + \small + Replicant has a lot of problems. \\ + Guix has a lot of solutions. \\ + Can they match? \\ +} + +\author{Denis 'GNUtoo' Carikli} +\date{February 4, 2023} + +\begin{document} + +\maketitle + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\section{Introduction} + +\begin{frame} + \center{Introduction} +\end{frame} + +\begin{frame} + \center{Presentation structure:} + \begin{itemize} + \item (Lot of) background information: + \begin{itemize} + \item Why caring about smartphones? + \item Smartphone hardware and status + \item What is Replicant? + \end{itemize} + \item Replicant and Guix: + \begin{itemize} + \item Why we can't build Replicant with Guix (yet). + \item Running Guix on top of Replicant + \item Usage in automatic Testing + \item Small use in Replicant infrastructure. + \end{itemize} + \item Production usage by other projects, licenses, credits, etc + \end{itemize} +\end{frame} + +\subsection{Why caring about smartphones?} + +\begin{frame} + \center{Why caring about smartphones?} +\end{frame} + +\begin{frame} + \center{Why people have smartphones?} + \begin{itemize} + \item Pressure to be reacheable at all times? + \item Mobile computing? + \item Mobile banking? + \item Cheap computer? + \item Add your ideas here. + \end{itemize} +\end{frame} + +\begin{frame} + \inlinepicture{output/electronic_waste_small.jpg}{right}{ + \center{Main issues with smartphones} + \begin{itemize} + \item Making smartphones destroys people (bad work conditions) and the + planet (manufacturing). + \item The network knows the smartphone location. + \item Runs nonfree software. + \item Unclear if empowers people or not (depends users freedom, use cases, + etc). + \item Add your issues here. + \end{itemize} + } +\end{frame} + +\begin{frame} + \inlinepicture{output/anti_smartphones.jpg}{right}{ + \center{Solution:} + \\ + Not use smartphones at all \\ + $\rightarrow$ No need to fix the issue + } +\end{frame} + +\begin{frame} + \inlinepicture{output/phist.jpg}{right}{ + \center{Doesn't work?} + \begin{itemize} + \item At least 2.7 billion people still using it, + including people at risk like:\cite{number-of-smartphones} + \begin{itemize} + \item Political activists + \item Journalists + \item etc + \end{itemize} + \item Or indigenous people in Oxaca for their security + \end{itemize} + } +\end{frame} + +\begin{frame} + \center{And yet:} + \begin{itemize} + \item Making smartphones destroys people (bad work conditions) and the + planet (manufacturing) + \item The network knows the smartphone location + \item Runs nonfree software + \end{itemize} +\end{frame} + +\begin{frame} + \inlinepicture{output/the_leader_of_the_luddites_small.jpg}{right}{ + \center{How to fix that?} + \begin{itemize} + \item Destroy civilization, capitalism, etc? $\rightarrow$ Does that + require smartphones that run free software in the first place? + \item Destroy all factories? $\rightarrow$ Not my area of + expertize. People also do depend on smartphones and that cannot + work without big support from people. + \end{itemize} + } +\end{frame} + +\begin{frame} + \inlinepicture{output/4-freedoms.jpg}{right}{ + \center{Free software to advance in the right direction} + \begin{itemize} + \item $\rightarrow$ We need free software OS on smartphones too. + \end{itemize} + } +\end{frame} + +\begin{frame} + \center{Other ways to help without programming:} + \inlinepicture{output/anti_drm_protest.jpg}{right}{ + Political pressure: + \begin{itemize} + \item Practical right to repair, devices that last longer + $\rightarrow$ Easier to support with free software. + \item Against DRM: Corelation between DRM and the unability + for users to completely control their device (can't change + the nonfree bootloader, TrustZone OS, etc). + \item Practical right to install your own OS. + \end{itemize} + } +\end{frame} + +\begin{frame} + \center{Other ways to help without programming:} + \begin{itemize} + \item{Through organization:} + \begin{itemize} + \item Funding work (Nlnet, etc) and helping projects that do that in + sustainable ways (Work to upstream support for devices). + \item Connecting with other struggles (anti-planned obsolescence, + environmental movement, people that destroy factories if that + exists, etc) to go in the right direction and getting stronger + together instead of fighting each other. + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} + \center{Have clear demands and attainable goal: First steps} + \inlinepicture{output/raised_fist_small.jpg}{right}{ + \begin{itemize} + \item 100\% free sofware on the main CPU + \item 100\% free sofware distribution(s) + \item Usable by people: + \begin{itemize} + \item Easy to use if possible + \item Hardware easy to find + \item Hardware that can last and that is not too expensive + \end{itemize} + \item Limits the damage: + \begin{itemize} + \item Add some limits to the invasion of intimacy. + \item Hardware lasts longer. + \end{itemize} + \end{itemize} + } +\end{frame} + +\begin{frame} + \center{How Replicant achieved that in the past?} + \inlinepicture{output/we_can_do_it_small.jpg}{right}{ + \begin{itemize} + \item $\rightarrow$ Lot of work by many people over many years. + \item $\rightarrow$ Not shipping nonfree firmwares or any nonfree software. + \item $\rightarrow$ Collaborating with other distributions if possible. + \end{itemize} + } +\end{frame} + +\begin{frame} + \center{Why 100\% free software distributions?} + \begin{itemize} + \item How it works: Users choose hardware to run the (free) software + they want instead of the opposite. + \item The usual arguments: freedom, control, privacy, transparency, etc + \begin{itemize} + \item control + \begin{itemize} + \item Example: can't run GNU/Linux on a given phone because of nonfree drivers. + \end{itemize} + \item transparency: + \begin{itemize} + \item https://ownyourbits.com/2019/02/02/whats-wrong-with-the-raspberry-pi + \item https://redmine.replicant.us/projects/replicant/wiki/SamsungGalaxyBackdoor + \end{itemize} + \item Know the status of free software + \item More (work on) free software: ath9k\_htc, libsamsung-ipc, Galaxy SII + audio library, linux-libre firmwares etc + \end{itemize} + \end{itemize} +\end{frame} + +\section{Smartphone hardware and status} + +\begin{frame} + \center{Smartphone hardware and status} +\end{frame} + +\begin{frame} + \center{Example smartphone: Galaxy SIII (GT-I9300):} + \inlinepicture{output/i9300_hardware.jpg}{top}{ + \begin{itemize} + \item System on a chip + \item Smartphones and the (isolated) modem + \end{itemize} + } +\end{frame} + +\begin{frame} + \center{Additional particularities:} + \begin{itemize} + \item Very small display with very high DPI/PPI + \item Big fingers (cannot click on small close window buttons) + \item No hardware keyboard (cryptsetup, games) + \end{itemize} +\end{frame} + +\begin{frame} + \center{Easily available smartphones today:} + \begin{longtable}[!t]{|p{2cm}|p{2cm}|p{2cm}|p{2cm}|p{2cm}|} + \hline + Smartphone & WiFi & Boot & Modem & Battery \\ + \hline + Second hand GT-I9300/N7100 & nonfree firmware & nonfree, signed & Isolated, free drivers & Removable \\ + \hline + Librem 5 & firmware on flash chip & nonfree DDR4 firmware & can be isolated, free drivers & Removable \\ + \hline + Pinephone & nonfree firmware & free & can be isolated, free drivers & Removable \\ + \hline + Exynos / Qualcomm SOC & nonfree firmware & nonfree, signed & shared memory, free drivers possible & often non-replaceable \\ + \hline + \end{longtable} +\end{frame} + +\begin{frame} + \center{Hardware usability:} + \begin{longtable}[!t]{|p{2cm}|p{3cm}|p{3cm}|p{2cm}|p{2cm}|} + \hline + Smartphone & Networks & Power consumption & Reliability & Price \\ + \hline + Second hand GT-I9300/N7100 & 3G maximum & Good enough & Good enough & Very cheap \\ + \hline + Librem 5 & Removable 4G modem. VOLTE WIP & Good enough? & OK? & Very expensive \\ + \hline + Pinephone & 4G modem, VOLTE enabled? / reliable? & Poor, can be extended with hardware keyboard & WIP & Cheap \\ + \hline + Exynos / Qualcomm SOC & Various & Good enough & OK? & Various \\ + \hline + \end{longtable} +\end{frame} + +\begin{frame} + \center{What we have now: FSDG Distributions} +\end{frame} + +\begin{frame} + %% No space for Trisquel 10 otherwise + %% \center{Free distributions} + \begin{longtable}[!t]{|p{2cm}|p{2cm}|p{3cm}|p{3cm}|} + \hline + Distribution & OS & Smartphones support & Shortcommings \\ + \hline + Guix & GNU/Linux & Missing packages & /gnu size?, requires to know lisp (Fix WIP?) \\ + \hline + Parabola & GNU/Linux & Missing packages & Installation, rolling release \\ + \hline + PureOS & GNU/Linux & Supports the Librem5 well & rolling release, 1 device only? \\ + \hline + Replicant 6 & Android & Support 10 devices & Security issues, old, not sustainable \\ + \hline + Replicant 11 & Android & Work in progress & Not ready \\ + \hline + Trisquel 10 & GNU/Linux & Missing packages & Installation, Applications to adapt \\ + \hline + \end{longtable} +\end{frame} + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\section{What is Replicant?} + +\begin{frame} + \center{What is Replicant?} +\end{frame} + +\begin{frame} + \inlinepicture{output/replicant_logo.jpg}{right}{ + \center{Replicant:} + \begin{itemize} + \item Fully free Android distribution approved by the FSF + \item But the hardware it runs on is not... + \end{itemize} + } +\end{frame} + +\begin{frame} + \center{Quick Facts} + \begin{itemize} + \item Website: replicant.us + \item Exists since September 2009 + \item Two main versions: + \begin{itemize} + \item Replicant 6: + \begin{itemize} + \item Android 6, last security update: October 2017 + \cite{last-android-6-update} + \item based on LineageOS + \item Supports $\sim$ 10 devices (smartphones and tablets) + \end{itemize} + \item Replicant 11: + \begin{itemize} + \item Android 11, still work in progress\cite{porting-to-android-11} + \item based on official Android source code + \end{itemize} + \end{itemize} + \item Issue: $\sim$ 1 contributor (sometimes more, sometimes less) + and a community of users and contributors. + \end{itemize} +\end{frame} + +\begin{frame} + \begin{xtabular}{llll} + \includedevicepicture{i9100} & + \includedevicepicture{maguro} & + \includedevicepicture{i9300} & + \includedevicepicture{n7000} \\ + \includedevicepicture{n7100} & + \includedevicepicture{n5100} & + \includedevicepicture{p3100} & + \includedevicepicture{p5100} \\ + \end{xtabular} +\end{frame} + +\begin{frame} + \center{Best (and lot of) effort:} + \inlinepicture{output/worker.jpg}{right}{ + \begin{itemize} + \item Display working and graphics fast enough + \item Sound working + \item Be able to make calls + \item etc + \item GPS, Camera, and other non crucial hardware may not work, or work in + later releases + \end{itemize} + } +\end{frame} + +\begin{frame} + \center{Also:} + \begin{itemize} + \item Freedom privacy security page + \item Extensive documentation on the wiki, not always easy to find + \end{itemize} +\end{frame} + +\begin{frame} + \center{Why it is based on Android?} +\end{frame} + +\begin{frame} + \center{Android} + \inlinepicture{output/android_logo.jpg}{right}{ + \begin{itemize} + \item GUI and applications adapted to big fingers + \item $\rightarrow$ run on devices that: + \begin{itemize} + \item Lack keyboard + \item Have capacitve touchscreen and no stylus + \item Have very small displays with very high number of pixel + \end{itemize} + \end{itemize} + } +\end{frame} + +\begin{frame} + \center{Issues with Android?} + \inlinepicture{output/googlag_small.jpg}{right}{ + \begin{itemize} + \item Part of the GNU/Linux architecture is light years away: + package management and build system, graphics, audio, etc + \item Huge unknown code from Google + \item Meant to run proprietary software, not to empower users: + root, application data access + \end{itemize} + } +\end{frame} + +\begin{frame} + \center{F-Droid} + \inlinepicture{output/F-Droid_Logo_4.jpg}{right}{ + \begin{itemize} + \item Issues: + \begin{itemize} + \item F-Droid not FSDG compliant (example: Yalp Store) $\rightarrow$ Not reusable as-is. + \item Dependency rot (Gradle). + \item Requires nonfree Android SDK (Fdroid needs help to fix that) + \end{itemize} + \item But: + \begin{itemize} + \item has a strict licensing policy: https://f-droid.org/en/docs/Inclusion\_Policy/ + \item $\rightarrow$ Can guix help with dependency rot? + \end{itemize} + \end{itemize} + } +\end{frame} + +\section{Android architecture and building Replicant} + +\begin{frame} + \center{Android architecture and building Replicant} +\end{frame} + +\begin{frame} + \inlinepicture{output/smart_phones_shop_small.jpg}{right}{ + \center{Android architecture} + \begin{itemize} + \item Goals: time to market + \begin{itemize} + \item Write the code that work as fast as possible + \item Support as many hardware features as possible including new hardware + \item $\rightarrow$ Varying kernel drivers code quality + \item $\rightarrow$ Example: One driver rewritten 3 times + %% TODO: reference + \end{itemize} + \end{itemize} + } +\end{frame} + +\begin{frame} + \inlinepicture{output/framework.jpg}{right}{ + \center{How it's done?} + \begin{itemize} + \item Breaking Kernel API and ABI + \begin{itemize} + \item It can take time (years) to bring in a new framework in Linux + \item Example of API breakage: HTC dream audio driver + \item Solution: Apps $\leftrightarrow$ Android framework $\leftrightarrow$ + HAL $\leftrightarrow$ Kernel + \item Getting better in Android: Trebble and Generic Kernel images + \end{itemize} + \end{itemize} + } +\end{frame} + +\begin{frame} + \inline{ + \center{Most GNU/Linux distributions} + \begin{itemize} + \item Users can easily run applications + \item Users have root and access to their data + \item Compiler obtimizations (-fsanitize) + \item Secomp and privilege drop + \item Sometimes, daemons are sandboxed + \end {itemize} + }{right}{ + \center{Android: not made for 100\% free software} + \begin{itemize} + \item Malware often found (and removed) in App stores + \item Applications are Sandboxed + permission system + \item root discouraged or absent + \item User access to their data extremely difficult + \end {itemize} + } +\end{frame} + +\begin{frame} + \center{How Replicant makes a 100\% free Android} + \inline{ + \center{Replicant 11} + \begin{itemize} + \item Upstream what we can in Linux + \item Write/adapt libraries for the upstream kernel for supported + devices. + \item Try to share and/or reuse code from GNU/Linux or other Android + distributions using upstream kernels. + \item Find and remove nonfree software + \end {itemize} + }{right}{ + \center{Replicant 6.0} + \begin{itemize} + \item Tweak the source code not to depend on nonfree software (like 3D acceleration) + \item Write libraries that replace nonfree HAL libraries + \item Avoid libraries we can't replace easily (Broadcom GPS) + \item Find and remove nonfree software + \end {itemize} + } +\end{frame} + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +\section{Running Guix on top of Replicant?} + +\begin{frame} + \center{Running Guix on top of Replicant?} +\end{frame} + +\begin{frame} + \center{Replicant 6} + \begin{itemize} + \item Replicant 6 use vendor kernels based on Linux 3.0: + \begin{itemize} + \item Would require to use Linux 3.0 kenrel header and to rebuild everything + \item Quick try (changing libc headers and rebuilding Guix) didn't work + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} + \center{Replicant 11} + \begin{itemize} + \item Recent kernel based on upstream Linux + \item Guix pack works, no integration with Android at all + \item Replicant doesn't want to ship Guix (too big) but ship guix-install.sh instead. + \begin{itemize} + \item Can try to reuse information from https://lepiller.eu/en/guix-on-android.html + \item Work has started to modify Replicant 11 to support guix-install.sh: + \begin{itemize} + \item Bash and wget implementation (wrapper over curl) now shipped in Replicant 11 + \item Commands still missing: gpg (how to build it?), getent groupadd xz + \item Can ship /etc/protocols, /etc/services, create users and groups in Replicant, etc + \item Might need to send patches to install.sh to support Replicant + \item At some point, might need root, selinux integration, etc + \end{itemize} + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} + \center{\$ guix pack -f apk PACKAGE ?} + \begin{itemize} + \item Requires packaging Android NDK to be portable + \item Bionic libc instead of glibc + \item $\rightarrow$ New target like x86\_64-w64-mingw32 needed + \begin{itemize} + \item Probably a lot of work + \item Could be used to fix dependency rot issues + \end{itemize} + \end{itemize} +\end{frame} + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +\section{Using Guix for Replicant builds?} + +\begin{frame} + \center{Using Guix for Replicant builds?} +\end{frame} + +\center{Guix and Replicant main differences} +\begin{frame} + \begin{longtable}[!t]{|p{1cm}|p{3cm}|p{3cm}|p{3cm}|} + \hline + & Android + vendor kernel & Android + upstream Linux & Guix \\ + \hline + Libc & Bionic & Bionic & glibc but self contained \\ + \hline + Kernel & Vendor kernel & Upstream kernel & Upstream kernel \\ + \hline + Build system & No packages & No packages & Packages \\ + \hline + \end{longtable} +\end{frame} + +\begin{frame} + \center{Android Build system} + \begin{itemize} + \item No packages, one big build tree: + \begin{itemize} + \item Requires specific GNU/Linux distribution versions to build + \item Unclear licenses + \item No abstraction of lower level build systems like autotools, cmake, etc + \item Only Android.mk and Android.bp available, not very flexible (no ./configure --with-options) + \item Prebuilt toolchain and sometimes even linux kernel + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} + \center{Building requirements} + + \begin{longtable}[!t]{|p{2cm}|p{6cm}|p{1cm}|p{0.5cm}|p{1.5cm}|} + \hline + Replicant version & Distributions & arch & RAM & Space \\ + \hline + Replicant 6.0 & Debian 9 (stretch) & x86\_64 & 8G & 220GiB for ~10 devices \\ + \hline + Replicant 11 & Debian 10 (buster), Trisquel 9, Trisquel 10 & x86\_64 & 8G & 250GiB for 2 devices \\ + \hline + \end{longtable} +\end{frame} + +\begin{frame} + \center{Use Guix to replace Android build system completely?} + \begin{itemize} + \item Advantages: + \begin{itemize} + \item Reproducible and bootstrapable builds + \item Works on any distribution (no need to install Trisquel) + \item Packages (better licensing) + \item Substitutes: faster builds + \item Can mix and match Android and GNU/Linux components + \end{itemize} + \item Issues: + \begin{itemize} + \item Guix not ready for that (Fragile Android ndk build system) + \item Cannot go back easily + \item If there is no maintenance: Replicant is dead + \begin{itemize} + \item Android in Guix stuck to Android 7 due to dependency on Android.mk + \end{itemize} + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} + \center{Use Guix inside the Android build system} + \begin{itemize} + \item Advantages: + \begin{itemize} + \item Like previous slide + \item Can do it step by step + \item Can roll back to pure Android build system + \end{itemize} + \item Issues: + \begin{itemize} + \item Need to add support for generating Android.mk / + Android.bp in Guix + \item How to deploy (guix pack uses gnu/*) + \item Need to be careful not to depend too much on it + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} + \center{As host distribution to build Replicant} + \begin{itemize} + \item Advantages: + \begin{itemize} + \item Reproducible builds + \item Works in all distros + \end{itemize} + \item Looks doable for recent Android versions + \begin{itemize} + \item Guix shell has now an FHS option + \item Not that much dependencies due to prebuilt toolchain + \item Android build is isolated from host by default + \begin{itemize} + \item path interposer + \item can use namespaces isolation + \end{itemize} + \end{itemize} + \end{itemize} + \end{frame} + +\begin{frame} + \center{Current use of Guix for building Replicant} + \begin{itemize} + \item Replicant uses repo-tool and repo-tool updates itself + \item Replicant uses stable distributions that don't update python + \item $\rightarrow$ We use guix pack to release a recent repo-tool that works on older distributions + \end{itemize} +\end{frame} + +\section{Automatic Testing} +\begin{frame} + \center{Automatic Testing} +\end{frame} + +\begin{frame} + \inlinepicture{output/telephony-stack_hardware.jpg}{right}{ + \center{Telephony stack: Hardware} + \begin{itemize} + \item The modem uses a custom protocol + \item $\rightarrow$ Needs software to talk to it + \item $\rightarrow$ The protocol was reverse engineered and reimplemented by various people + \end{itemize} + } +\end{frame} + +\begin{frame} + \inlinepicture{output/telephony-stack_software.jpg}{right}{ + \center{Telephony stack: Software} + \begin{itemize} + \item libsamsung-ipc also works on GNU/Linux + \end{itemize} + } +\end{frame} + +\begin{frame} + \inlinepicture{output/telephony-stack_software.jpg}{right}{ + \center{Telephony stack: Software} + \begin{itemize} + \item Use of guix.scm for both libsamsung-ipc and libsamsung-ril: + \begin{itemize} + \item Can compile for various configuration (Android, GNU/Linux) and run + \item Supports static compilation and cross compilation (without transformation) + \item Supports PowerPC (big endian) + \end{itemize} + \end{itemize} + } +\end{frame} + +\begin{frame} + \inlinepicture{output/telephony-stack_software.jpg}{right}{ + \center{The code} + \begin{itemize} + \item "demo": scripts/guix.scm in + https://git.replicant.us/replicant/hardware\_replicant\_libsamsung-ipc + \item "optional demo": scripts/guix.scm in + https://git.replicant.us/replicant/hardware\_replicant\_libsamsung-ril + \end{itemize} + } +\end{frame} + + + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\section{Replicant infrastructure and Guix.} + +\begin{frame} + \center{Replicant infrastructure and Guix.} +\end{frame} + +\begin{frame} + \center{Infrastructure:} + \begin{itemize} + \item OSUOSL: Mailing list, Wordpress, website, Redmine, FTP + \item La Quadrature du net: Mastodon account on mamot.fr + \item 1 VM @ FSF: git, domain name, contact address, IRC bridge + \item Slow move to Mediawiki on FSF VM + \end{itemize} +\end{frame} + +\begin{frame} + \center{Guix?} + \begin{itemize} + \item OSUOSL: Mailing list, Wordpress, website, Redmine, FTP $\rightarrow$ Not possible + \item La Quadrature du net: Mastodon account on mamot.fr $\rightarrow$ Not possible + \item 1 VM @ FSF: git, domain name, contact address, IRC bridge + \end{itemize} +\end{frame} + +\begin{frame} + \center{Can we use Guix system in an VM @ FSF?} + \begin{itemize} + \item FSF Requirement: Encrypted rootfs + \begin{itemize} + \item Before: Required grub-crypt patches (In Ubuntu) + the FSF + used custom script with debootstrap. + \item Now (19 July 2022): (some of the) grub-crypt patches + upstreamed, encryption done outside of the VM $\rightarrow$ we can use guix + system image. + \item Remaining issue: How to install Guix? + \begin{itemize} + \item Convert Trisquel to Guix? + \item Provide a trusted image to the FSF? + \end{itemize} + \item Maintenance: automatic updates could work? (Rolling release but + maintained config system) + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} + \begin{itemize} + \item Guix advantages: + \begin{itemize} + \item Anybody can contribute (everything in git) + \item Clean and standard solution (no custom made deploy scripts, etc) + \item Can fork and re-deploy, system backups inside git + \item Question: Which license to use? GPLv3 or AGPLv3? + \begin{itemize} + \item Use case: Enable copyleft forks: Redirect scripts part of Replicant + \end{itemize} + \end{itemize} + \item Guix disadvantages: + \begin{itemize} + \item Require people to know Guix too + \item More work to package missing things + \item More work to make it work out of the box (letsencrypt, other services to add) + \end{itemize} + \end{itemize} +\end{frame} + +\begin{frame} + \center{VM Status:} + \begin{itemize} + \item Use Trisquel with automatic updates + \item Part of the configuration in git: + \begin{itemize} + \item Mail setup + \item Apache configuration + \begin{itemize} + \item The Apache configuration is a key component of Replicant + source code as it contains redirects necessary to build and + maintain several Replicant versions. + \end{itemize} + \item Matterbridge configuration + \end{itemize} + \item Uses Guix pack + systemd + config in git for matterbridge + \end{itemize} +\end{frame} + +\section{The end} +\begin{frame} + \center{Production usage by other projects} + \begin{itemize} + \item Lot of scientific use for reproducibility (source: guix conferences) + \item Bitcoin: https://github.com/bitcoin/bitcoin/tree/master/contrib/guix + \item Some software use guix.scm, many guile libraries/software, and Guix + \item https://github.com/alphagov/govuk-guix (deprecated) + \item (Part of?) Guix infrastructure + \item https://gitlab.com/zimoun/website-guix-10years.git + \item Probably many more but not much publicity around it. + \end{itemize} +\end{frame} + +\section{Licenses} +\begin{frame} + \center{Licenses} +\end{frame} + + +%% In order of appearance +\begin{frame} + \begin{itemize} + + \item Moblie phones electronic waste + \url{https://commons.wikimedia.org/wiki/File:Day_6_Warehouse_(25890985098).jpg} + CC-BY-SA 2.0 Generic + + \item anti-smartphone + \url{https://commons.wikimedia.org/wiki/File:Bia\%C5\%82a_Podlaska_~21ujcqtd.jpg} + CC-BY-SA 4.0 International + + \item Phone and phist + \url{https://wiki.rhizomatica.org/index.php/File:Phist.jpg} + CC-BY 3.0 + + \item The leader of the Luddites + \url{https://en.wikipedia.org/wiki/File:Luddite.jpg} + Public domain + + \item 4 freedoms + \url{https://www.gnu.org/graphics/amihud-4-freedoms.html} + CC-BY-SA 4.0 International License or GPLv3 or later + + \item anti-drm protest + \url{https://www.flickr.com/photos/bcatch/164393994/in/album-72157594161735152/} + CC-BY-SA 2.0 + + \item Raised fist: + \url{https://commons.wikimedia.org/wiki/File:Raised_fist.jpg} + Creative Commons Attribution 3.0 Unported + + \item We Can Do It: + \url{https://commons.wikimedia.org/wiki/File:We_Can_Do_It!_NARA_535413_-_Restoration_2.jpg} + Public domain + \end{itemize} +\end{frame} +\begin{frame} + \begin{itemize} + + \item GT-I9300 internals: Same author and license as this + presentation, probably also available on archive.org + + \item Replicant Logo + \url{https://git.replicant.us/replicant/vendor_replicant_artwork/plain/replicant_logo_alpha.svg?h=main&id=fc213d2ca94cef9047d1e4a71c21c4c4c87f349d} + CC-BY-SA 3.0 Unported + + \item Replicant devices + \url{https://git.replicant.us/infrastructure/www.replicant.us/tree/images/supported-devices?id=2a331698cead2677fa953c3e1ab5d78528e39ef9} + CC-BY-SA 3.0 Unported + + \item Worker + \url{https://commons.wikimedia.org/wiki/File:African_American_worker_Richmond_Shipyards.jpg} + Public domain + + \item Android logo + \url{https://commons.wikimedia.org/wiki/File:Android_Robot_Cleaner_(2014-2019).svg} + CC BY-SA 4.0 International + + \item Googlag + \url{https://wiki.fuckoffgoogle.de/index.php?title=File:IMG_20180428_200243.jpg} + CC BY-SA + + \item F-Droid logo + \url{https://commons.wikimedia.org/wiki/File:F-Droid_Logo_4.svg} + CC BY-SA 3.0 + + \end{itemize} +\end{frame} +\begin{frame} + \begin{itemize} + + \item Phone shop + %% File:HK WC 灣仔 Wan Chai 莊士敦道 Johnston Road shop window display smart phones August 2021 SS2.jpg + \url{https://commons.wikimedia.org/wiki/File:HK\_WC\_\%E7\%81\%A3\%E4\%BB\%94\_Wan\_Chai\_\%E8\%8E\%8A\%E5\%A3\%AB\%E6\%95\%A6\%E9\%81\%93\_Johnston\_Road\_shop\_window\_display\_smart\_phones\_August\_2021\_SS2.jpg} + CC-BY-SA 4.0 International + + \end{itemize} +\end{frame} + +%% \begin{thebibliography}{99} +%% \end{thebibliography} +\end{document} diff --git a/FOSDEM2023/Makefile b/FOSDEM2023/Makefile new file mode 100644 index 0000000..83d1add --- /dev/null +++ b/FOSDEM2023/Makefile @@ -0,0 +1,87 @@ +TEXFLAGS ?= -halt-on-error -output-format pdf -output-directory output +TITLE = How_Replicant_uses_Guix + +.PHONY: all clean medias archive + +############### +# Phony rules # +############### +all: output/$(TITLE).pdf + +archive: + git archive --format=tar --prefix=LibrePlanet2022/ HEAD -o LibrePlanet2022.tar + +clean: + rm -rf output + +################ +# Main targets # +################ +output: + mkdir -p output + +output/$(TITLE).pdf: \ + $(TITLE).tex \ + output \ + output/4-freedoms.jpg \ + output/android_logo.jpg \ + output/anti_drm_protest.jpg \ + output/anti_smartphones.jpg \ + output/electronic_waste_small.jpg \ + output/F-Droid_Logo_4.jpg \ + output/framework.jpg \ + output/googlag_small.jpg \ + output/i9300_hardware.jpg \ + output/phist.jpg \ + output/raised_fist_small.jpg \ + output/replicant_logo.jpg \ + output/smart_phones_shop_small.jpg \ + output/telephony-stack_hardware.jpg \ + output/telephony-stack_software.jpg \ + output/we_can_do_it_small.jpg \ + output/the_leader_of_the_luddites_small.jpg \ + output/wifi.jpg \ + output/worker.jpg + pdflatex $(TEXFLAGS) '\providecommand\locale{en}\input{$(TITLE).tex}' + @echo skipping pdflatex $(TEXFLAGS) '\providecommand\locale{en}\input{$(TITLE).tex}' + du -hs $@ + +############################## +# Automatic depdencies rules # +############################## +output/%.jpg: ../Guix-birthday-2022/dot/%.dot + mkdir -p output + dot -T jpg $< > $@ + +output/%.jpg: ../common/images/%.jpg output + gm convert $< $@ + +output/%.jpg: ../common/images/%.png output + gm convert $< $@ + +output/%.jpg: ../common/images/%.svg output + gm convert $< $@ + +# Space saved: +# - smart_phones_shop.jpg: from 3.0M to 243K +# - googlag.jpg: from 2.4M to 101K +output/%_small.jpg: ../common/images/%.jpg + gm convert -resize 25% -quality 80 $< $@ + +################################# +# Images with specific settings # +################################# +# -resize and -quality makes the image go from 1.1M to 48k +output/i9300_hardware.jpg: ../common/images/i9300_hardware.svg output + gm convert $< $@ + +output/replicant_logo.jpg: ../external_resources/vendor_replicant_artwork/replicant_logo_white.png output + gm convert $< $@ + + +output/wifi.jpg: \ + ../common/images/tehnoetic-n150-mini-wifi-adapter-back-500x500.png \ + ../common/images/tet-otg-side-500x500.jpg \ + ../common/images/Wifi.png + mkdir -p output + gm convert -append -gravity center $? $@ |