The Linux kernel already has cryptographic support for signature verification on data. This is used to digitally sign kernel modules at build time, and verify integrity and provenance at load time. Likewise the 802.11 subsystem on the Linux kernel had historically in parallel prior to Linux's own kernel signing facility implemented and integrated support to verify file integrity and provenance for use on the Linux regulatory database. The 802.11 subsystem's components that provide this facility are CRDA and wireless-regdb. CRDA and wireless-regdb technically are split up as two separate trees for development, wireless-regdb helps provide the 802.11 regulatory database while CRDA exists as a udev helper to feed to the Linux kernel a regulatory domain when needed. By using a regulatory database in userspace the Linux kernel is able to get updates for regulatory rules without requiring a rebuild. Linux distributions need the digitally signed regulatory.bin file from wireless-regdb tree and the CRDA binary from the CRDA tree. Linux distributions often combine both into one package, some distributions separate the two. The regulatory database is digitally signed by the wireless-regdb maintainer, and distributions that have have compiled in support for digital signature support on CRDA verify the integrity of the file before feeding a regulatory domain to the Linux kernel. Since the kernel module signing facility was merged upstream on Linux we could replace both CRDA and wireless-regdb distribution mechanism by adding cryptographic file signature verification support on Linux on the firmware_class module which provides the APIs to load firmware, and having the regulatory.bin file merged and updated through the linux-firmware tree.

I think AppArmor is a great tool to add an additional layer of security without much effort. While it is normally easy to create a profile for a simple server program it is much more complex in case of desktop applications.

Package open source tools used for radio controled models. Some of them needs patching, since they rely on pre-build binary blobs of open source tools. Also many of them bring the same libraries again.

Create a openSUSE 13.2 Live CD.

Write an Android app for children between 5 and 7 years. The app contains a story that the child can read and interact with.

We will have a series of short lightning talks to present what we have accomplished at Hack Week 12. In Nürnberg this will happen on Friday 17th Apr at 12:30 as part of the lunch session in the all-hands area. Lunch is served at 12:00, so you have a bit of time to settle in and satisfy your immediate needs before we go into presentation mode.

A new web UI for saltstack, possibly the future of systems management.

OBS source services can currenlty run on the developer workstation and some of them also on the OBS server side.

In previous Hackweeks, we've gone to warp speed in our virtualization CI testing through:

Create packages for SLES 12 s390x in obs.

Scaleway is a newly opened Cloud based in France (for now) offering ARM based servers. Those are BareMetal SSD cloud servers. They offer a range of operating systems to pick from (Debian, Ubuntu, ArchLinux...) as well as 'application images' (Docker, ownCloud...) but no openSUSE image yet.

Or at least, test as many of them as possible.

As a part of this hackweek, I'd like to take a look at Clojure and use it to solve as many problems as possible from the project euler.

Discourse is a really great opensource forum, written in Ruby on Rails and Ember.js.

Needing to learn git, I thought it would be a good time to clean up the code and create a git project for it.

Record two songs by the end of the week.

The docker way of updating containers is to build a new image with the updated binaries and files, which creates a security concern.

kGraft allows to patch kernel at runtime. It implements a consistency model that allows to modify semantic of functions. e.g. fix lock order. For this, we need to find a safe place when a process/thread might start using the new code.

I am a beginner: I have read 1½ books on Haskell. I want to practice.

Ionic + AngularJS + Node.js (http://ionicframework.com/)