Open Source Summit India 2026

Efficient interrupt handling is at the heart of modern operating systems, enabling hardware devices to communicate seamlessly with the kernel. In the Linux ecosystem, the evolution from legacy line based interrupts to advanced mechanisms like Message Signaled Interrupts (MSI) and MSI X has significantly improved scalability, performance, and reliability. Yet, for many developers and practitioners, the inner workings of these mechanisms remain opaque.
This talk aims to demystify PCI interrupt handling in Linux, with a focus on MSI/MSI X. We will begin by revisiting the limitations of traditional interrupt models, then explore how MSI/MSI X leverage in band signaling to overcome them. Attendees will gain insights into:
• The architectural differences between legacy interrupts and MSI/MSI X.
• How the Linux kernel configures and manages these interrupts.
• Practical debugging techniques for PCI devices using MSI/MSI X.
• Real world performance implications in networking, storage, and virtualization workloads.

The Linux kernel is now a CVE Numbering Authority, a change that has driven an unprecedented increase in reported kernel vulnerabilities. In Kubernetes environments, this shift has amplified compliance requirements that mandate per-CVE tracking, remediation, or justification.

This talk presents a methodology for kernel CVE pruning via static code reachability analysis. We map CVEs to vulnerable kernel functions and evaluate whether those functions are reachable under a specific kernel configuration and execution environment. The analysis incorporates build-time configuration (Kconfig), loadable modules, and inter-procedural call graphs to approximate practical exploitability.

We present an open-source tool that automates this analysis and evaluate it with representative workloads. Our results show that many kernel CVEs are in unreachable code, yielding a high reduction in reported exposure. We also discuss limitations and implications for compliance-driven vulnerability management.

Modern CPUs rely on spatial locality when fetching fixed-size cache lines, but kernel structures are often laid out without reflecting runtime access patterns. Frequency-based reordering groups hot fields together but misses a key insight: two high-frequency fields accessed at different times can still waste cache capacity through eviction between accesses. We propose access-affinity-based reordering fields accessed close together in time should be placed close together in memory.

We trace field-level accesses on struct rq, compute co-access frequencies within a short time window, and build an access-affinity graph where edge weights reflect temporal co-access. Hierarchical clustering derives reorderings that collocate temporally correlated fields within cache lines. Evaluated on waitstressor, cache misses dropped from 36.2B (13.9%) to 25.1B (9.4%), with idle_cpu() misses falling from 6.40% to 3.11%. Tool automates this analysis across kernel structures. We explore HTM-based tracing and MemFriend for scalable profiling. Key discussion areas: workload selection per structure, 64B vs 128B line layouts, false-sharing avoidance, and extending this methodology beyond struct rq.

FRED (Flexible Return and Event Delivery) represents a modernization of x86 processor event handling, replacing the decades-old IDT (Interrupt Descriptor Table) mechanism and eliminating its inherent design flaws. This advancement introduces new low-latency ring transitions that establish complete supervisor or user context. FRED uses stack-based event delivery with integrated event data and introduces dedicated ERETU and ERETS return instructions.

These enhancements resolve longstanding issues related to atomicity, consistency, and nested exception handling in x86 architecture. This results in faster, more reliable and robust event processing through simplified system software and reduced attack surface.

The talk will start with a look at traditional IDT event delivery and the issues it creates. Then, we’ll dive into the FRED overview, covering briefly its terminology, design, and core mechanisms. To wrap up, we’ll touch advanced topics like virtualization and GS segment handling, highlighting why FRED is a major leap forward for modern x86 architecture.

Pressure Stall Information (PSI) is excellent for detecting CPU/memory/I/O contention via trigger windows and user-space polling, but it intentionally avoids attributing pressure to individual tasks. In practice, during severe pressure the “who did it?” question is hardest to answer: systems are sluggish, logs are noisy, and user-space observers can be delayed or miss the critical moment.
Building on PSI work presented at LPC 2024, this session introduces an optional, configurable, lightweight In-Kernel PSI Auto Monitor that captures thread-level contributors exactly when configured PSI thresholds are breached. The design avoids changes to PSI fast paths, requires no always-on daemon, and records contending tasks using existing kernel mechanisms and tracepoints.
I will share upstream patch status and experimental results from real embedded workloads, including PREEMPT_RT scenarios, quantifying trigger latency, overhead, and improvements in root-cause identification. Finally, I will demo a GenAI-assisted pipeline that parses monitor logs, generates timelines, and produces actionable summaries to speed up pressure-event debugging.

Hardware cryptographic accelerators have been essential in embedded SoCs for decades, yet upstream Linux maintainers are removing/rejecting them. The extinction is underway.

In 2025, maintainers began removing async crypto API support, targeting engines from major SoC vendors for deprecation.[1][2] Software wins on throughput for typical payloads. ARMv8/v9 Crypto Extensions amplify this advantage. Performance-wise, maintainers have a point.

But benchmarks miss critical security. Hardware provides what software cannot: DPA/EMA side-channel attack resistance[3], hardware-backed wrapped key isolation, and secure boundaries essential for physically accessible devices. With PQC transition, hardware crypto becomes more essential.

The crisis: maintainers remove features certifications require and contracts mandate, forcing vendor forks from mainline.

We address making the security case and finding compromises satisfying both maintainability and embedded security.

[1] https://lore.kernel.org/all/[email protected]/
[2] https://lore.kernel.org/all/[email protected]/
[3] https://lore.kernel.org/all/[email protected]/