Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Linux Software

2.4 Kernel Maintainer Marcelo Tosatti Interviewed 105

Jeremy Andrews writes "KernelTrap has an interview with Marcelo Tosatti. Marcelo became the maintainer of the 2.4 stable kernel when he was 18 years old, releasing his first kernel, 2.4.16, on November 26'th of 2001. Two years later, he recently released 2.4.23 and plans to soon put the 2.4 stable kernel tree into maintenance mode, only addressing bugs and security issues. Living in Brazil, Marcelo currently works for Cyclades Corporation. In this interview he looks at how he became the 2.4 maintainer, the challenges involved, and brings us up to date with the current status of the 2.4 kernel."
This discussion has been archived. No new comments can be posted.

2.4 Kernel Maintainer Marcelo Tosatti Interviewed

Comments Filter:
  • by fruey ( 563914 ) on Tuesday December 23, 2003 @08:20AM (#7793736) Homepage Journal

    Don't show his photo to your boss as you talk about the 2.4 kernels you're probably still running. The kernel maintainer for your corporate servers is a 20 year old guy who was 18 when he started maintaining. Whoah.

    In the corporate world, even if there was some kind of genius kid really running the show, he'd be hidden behind grey haired puppets so that it didn't look like some genius kid was really running the show.

    Kudos to Marcello, even though child labour laws (if he was paid to work with the ISP in Brazil when he was 13 years old) and human rights issues might get a mention if the press could ever see beyond Linus as a Linux hacker.

    • No no, you wait until your manager starts commenting on how much better everything's running since you made the switch to linux, and then you show him the picture... improving the credibility of young guys with dreadlocks everywhere!

      This is very cool... child labour laws don't really enter into it, I don't think... I don't know what the laws are in Brazil, but you can work in the U.S. at 14... and I think there should be exceptions for working for an ISP, anyway... it's not exactly a textile mill. If you'r

      • The child labour law thing was really just a joke. Although in the UK until you're 16 you cannot work more than a certain number of hours, because you're supposed to be using your free time to do school homework and stuff... you have to be present in school until you are 16 years old.

        For the anecdote, the school year in the UK runs September-August. If you are born in August 1988 you cannot leave school until the end of the current academic year, and would pretty much finish your GCSE (final exams before

        • That's valid for England and Wales. In Scotland it's a little different, but substantially similar. You can start school when you're 4, depending on when your birthday is. My birthday is in November, bang in the middle, so I could have started school at 5 (in 1978) or at 4 (in 1977).


          In any case, in the UK at least you don't need to go to school at all. You need to have some form of structured education that meets a certain standard.

    • by Anonymous Coward
      It wasn't illegal at the time, and as far as I know Marcelo was a registered worker with full benefits.

      Since then the labor code has changed, and the minimal age was raised. Marcelo wouldn't be allowed to do today what he's done in the past.

      Before Marcelo was "the guy that mantains the 2.4 kernel", he was known as "the guy that works since he was 13". He had such a reputation as a 14 years-old hacker that a running joke among his friends is answering "14" whenever anyone asks his age. It is rummored that
    • by koekepeer ( 197127 ) on Tuesday December 23, 2003 @08:47AM (#7793837)
      18 or not, dreadlocks or not, i think he did a great job! i have a big respect for this guy.

      and the dreadlocks: well, look at alan cox. maybe kernel maintainers *should* look a bit different as compared to "ordinary" people :)

      i mean, they're not exactly salesmen or lawyers or anything, right?
    • Uhh.. SCUSE me.. who gives a shit about child labor laws? This is an interview about the linux 2.4 release dude. And why would Linus be considered EVIL for this is beyond me... I'm confused but then again, I guess I should know better than to expect logic from /.ers.
    • by Anonymous Coward
      Don't show his photo to your boss as you talk about the 2.4 kernels you're probably still running. The kernel maintainer for your corporate servers is a 20 year old guy who was 18 when he started maintaining. Whoah.

      Oh great. Who is going to be the maintainer for the 2.6 series, a homeless guy they find on the streets of Moscow? This is ridiculous. Can't they find a nice clean-cut American boy to be the 2.6 maintainer? How about Darl McBride? It could be a compromise and I'm sure he'd be thrilled that

    • Child Labor (Score:3, Interesting)

      by The Tyro ( 247333 )
      is probably a misplaced concern for a guy like this.

      He's working at an ISP, not a sweat shop or factory floor (what most child labor laws were designed to prevent, if I recall my history correctly).

      He's working with his head, not his back... bully for him (I can think of a few places that could use a teenage prodigy or two).
    • What does a new hire at a place like SCO look like?

      Putting the young guys on an old, stable, project allows the more experienced developers to move on to newer, and more exciting development projects, seems to be a reasonable strategy for software development.

      The project management skills he will learn will help him in his future endevours.
    • Here in Brazil you can work are as a "pupil" or "apprentice" until you are 16, the law project is calles "Pupil's Law". You can work up to 20 hours per weak if I recall so the kid can dedicate the rest of the time to school.
    • Awwww. Come on. The guy's clearly a genius. This kind of people must be encouraged to use and discover their full potential.

      He got the job mostly because he wanted to. See, I'm pretty sure he had options, like spending the rest of his school days (in Brazil, school usually begins at 7 AM and ends by 12:30PM) playing soccer or videogames but he chose to learn C instead.

      Child labour laws protect those kids who do not have an option and, clearly, that was not the case.

    • Don't show his photo to your boss as you talk about the 2.4 kernels you're probably still running. The kernel maintainer for your corporate servers is a 20 year old guy who was 18 when he started maintaining. Whoah.

      In the corporate world, even if there was some kind of genius kid really running the show, he'd be hidden behind grey haired puppets so that it didn't look like some genius kid was really running the show.

      Kudos to Marcello, even though child labour laws (if he was paid to work with the ISP i

    • What's the problem with dreadlocks? We are in Brasil. Not all persons here need to use a suit. It maybe really on Sao Paulo but not in Rio for example.
  • by Anonymous Coward on Tuesday December 23, 2003 @08:33AM (#7793778)
    JA: During the 2.4.23 release cycle, a bug was fixed in the do_brk() function. This bug was recently exploited in a high profile break-in of four Debian Project Linux servers. Why was 2.4.23 not released sooner when this bug was first fixed?

    Marcelo Tosatti: When I first applied the fix (sent from Andrew Morton), I didn't realize it was an exploitable bug (I understood it could crash the box).


    This guy just took responsibility for sitting on a known fix, which directly led to Debian compromise.

    It also led to a rapid patch cycle all over the place, as opposed to a more stable and controlled cycle, since everyone who saw Andrew Morton's patch could research the vuln and create the exploit.

    This delay gave blackhats a lot more time than whitehats.

    Perhaps this argues strongly for closed security bug reporting a la OIS' "responsible disclosure" model.
    • by bizcoach ( 640439 ) on Tuesday December 23, 2003 @08:49AM (#7793844) Homepage
      This guy just took responsibility

      I hope you'll do the same when something goes wrong in your area of responsibility.

      This delay gave blackhats a lot more time than whitehats.

      Not true. Blame the whitehats for not looking at the patches closely enough.

      Perhaps this argues strongly for closed security bug reporting a la OIS' "responsible disclosure" mode

      No. That doesn't help in cases like this where the security impact of a bug isn't recognized at the time of bug reporting.

    • Perhaps this argues strongly for closed security bug reporting a la OIS' "responsible disclosure" model.

      Or, always keeping your kernel up to date, download a pre patch everyweek and recompile. It's not harder than that.
    • The debian compromise really bothered me when it happened because I never heard about any security hole (related to the compromise) in the Linux kernel before it happened. Suppose MT and anyone else looking at the patch didn't realise it was exploitable... since when is an easy DOS (ie crash) not a security problem? If you can take out a machine that is providing some sort of security to other machines or even simply services to other machines, it *is* a security problem.

      I would venture to say that any bug
      • A local-only DOS bug is a LOT different, severeity wise, than a remote root exploit.

        Answer me this: On your linux machine, if a user has a shell account, can they affect the service of the machine? Do you have hard memory and CPU limits for every single user, so that no matter what, those users can't hurt the machine?

        If your system is like most, a two line shell script can bring the system to it's knees or eat up all remaining memory and swap, or often eat up some critical disk space (like /tmp), bringing
    • This guy just took responsibility for sitting on a known fix, which directly led to Debian compromise.

      That's a small failure on his part, yes. But it's more so the failure of the person who found and submitted the patch. By not researching and explaining the full effect of the patch, the submitter has shown that he isn't fully aware of the changes he makes. Marcelo's job is to make sure a patch doesn't break anything new, and to listen if someone tells him that it fixes something very very important.

  • by Anonymous Coward on Tuesday December 23, 2003 @08:36AM (#7793793)
    I became the official maintainer of my brother's Playboy collection.

    During my stewardship, I too put the collection in maintenance mode, had to deal with security problems, and I certainly issued several...er..releases.
    • and don't go into detail about all the "cleaning up" of the filesystem you had to do.

  • I'm jealous (Score:5, Funny)

    by Anonymous Coward on Tuesday December 23, 2003 @08:40AM (#7793812)
    20 years old, wife, kernel maintainer, kernel job, and the hair... damn him!
    • Are you kidding?! Why would you get married when in such a powerful position? He can get millions of girls just by telling them that he's the Lunix Kernal 4.2 Janitor :) -- he should be out on the prowl hittin on the girls!
  • by agoliveira ( 188870 ) <adilson@adilson. n e t> on Tuesday December 23, 2003 @08:52AM (#7793853)
    I worked with Marcelo at Conectiva (man, I missed that place but...) and that's *not* his real hair :)
    He probably just went to a hair stylist and made that... thing :-D
    I swear I never imagined Marcelo doing this kind of stuff but he's a kernel developer so you can expect anything!
    • He's been like that for a while, I've seen him with that kind of hair at HispaLinux (big spanish Linux conference) which was in September. At the beginning I though he was one of the people who came to attend to his talk :-)

      Unfortunately, he's not the right person to talk in public, he seemed to be really nervous and didn't tell anything very new. Nobody can do everything though. I'm really happy with how the 2.4 kernel evolved.
      • Unfortunately, he's not the right person to talk in public, he seemed to be really nervous and didn't tell anything very new. Nobody can do everything though. I'm really happy with how the 2.4 kernel evolved.

        In my physics days, I had a one-on-one lunch with a guy whose work at a young age was clearly going to give him a Nobel Prize. He spoke so softly and hesitantly that I didn't get much out of the meeting. Yet 15 years later, several years after he won the Nobel Prize, I heard him talk and he was eloqu

        • Oh, of course I'm sure that with some practice he could do pretty well at it.

          Don't get me wrong, I have lots of respect for him, and his talk wasn't *that* bad. Now, it wasn't really good either. I mean, seeing Marcelo show slides of the 2.4 kernel changelog and saying "in 2.4.whatever we fixed the scheduler" isn't really exciting, especially when you go to listen to people like Miguel de Icaza. Then, I have no idea of how to talk about that in a more exciting way, and would certainly not done it any bette
        • Situation is also part of it. I have no problem whatsoever giving talks and presentations, but can't keep up a conversation to save me.
    • He probably just went to a hair stylist and made that... thing :-D

      No, that is his real hair. He has always had long hair, he just dreaded it about a year ago.
    • Those aren't dreadlocks... those are posix threads! Or deadlocks. Or ... or...
  • by EggSausageBaconAndSp ( 718656 ) on Tuesday December 23, 2003 @09:41AM (#7794149)
    Not a Linux expert, but it sounds weird to put 2.4 in a feature freeze mode "soon" (whatever that means), with 2.6 just released days ago ... was the timeframe similar between 2.2 and 2.4?
    • by The One KEA ( 707661 ) on Tuesday December 23, 2003 @10:27AM (#7794520) Journal
      It's not too early - Marcelo understands that 2.6 is where all of the new development should be taking place. 2.4 needs to become what 2.2 and 2.0 have become - the ultra-stable, thoroughly tested kernel that you use on boxes that simply cannot go down.

      I think 2.2 was also closed down pretty fast when 2.4 was released. Then it was reopened, IIRC, for a while because early 2.4 was so horrible. Check the linux-kernel archives for more info.
  • Dreadlocks (Score:5, Funny)

    by RevMike ( 632002 ) <revMike@gmail. c o m> on Tuesday December 23, 2003 @09:49AM (#7794222) Journal

    I'm in the final stages of the recruitment and hiring process for a silicon valley startup. I live in NY, and I'd be doing "Professional Services" for their NY clients.

    After a series of phone interviews, they told me "Our founder and CTO is going to be in NYC. We'll set up a face to face meeting."

    My hair is closely cropped - mostly because I'm quite bald on top, and if I let it grow at all I look like Krusty the Clown. I put on my best navy blue interview suit, iron a really nice shirt, have my wife pick a tie, etc. I hop the train to Manhattan and meet my (hopefully) future boss.

    He's got dreadlocks and a goattee!

    During the interview we were chatting about some of the people that I had spoken with on the phone. He mention someone as having very long hair. That gave me the opportunity to say "And here I am wearing my best interview suit!" that got a good laugh from him. "That is East Coast vs West Coast, I guess." was his reply.

    • I'm in the final stages of the recruitment and hiring process for a silicon valley startup.

      Perhaps it's time to update your sig. :) Did it work, btw?
  • by Anonymous Coward on Tuesday December 23, 2003 @09:53AM (#7794258)
    For most people (read: desktop, small server stuff) the 2.4 kernel might be the right thing and having no problems. If have highmem-machines (>= 1GB RAM) things look very different.
    I run a very big (2 HT CPUs, 4GB RAM, 620 GB RAID5, 2x 1GBit links) file-server and all 2.4 kernels (.19-.22) weren't able to run the thing stably for more than 1 week, under heavy I/O load not more that 2 days.
    Changing to the -aa tree helped and that thing is now up, stable and fast for past 4 months.

    The problem lies in still unmerged code for highmem and slabcache reclaim (check /proc/slabinfo or use slabtop [kerneltrap.org]), which is in the -aa tree for ages.
    I reported that to Marcello, but he seemed very uninterested in tracking down (many, many thanks to Andrea and Rik, who helped) and applying those particular fixes in the -aa tree.

    • If marcelo is not interested, post to the lkml (Linux Kernel Mailing List). If you have real, useful bugreports (it sounds like you do) people will listen, and if you get more actual kernel developers on your side, changes are more likely to happen.

      I can assure you there are many people out there who WANT to make the Linux kernel as good as it can be, and if you can provide useful info (important point) then i'm sure they will WANT to help you, track down bugs, and get things working.
  • my complaint is echoed by MILLIONS.
  • Picture of his wife (Score:1, Interesting)

    by Anonymous Coward
    I found it [conectiva.com.br].
  • by mantera ( 685223 )

    i don't why i misread it as "2.4 kernel maintainer marcelo tosatti died"....

    for once at least i'm wishing i don't prove to be psychic....

There is very little future in being right when your boss is wrong.

Working...