Introduction
Happy New Year. This Report covers the last quarter of a exciting year 2006 for FreeBSD development. FreeBSD 6.2 is finally out of the door and work towards FreeBSD 7.0 is gearing up. Some of the projects in this report will be part of that effort, others are already in the tree. Many projects need your help with testing and otherwise. Please see the "Open tasks" sections for more information.
The BSD crowd will meet at AsiaBSDCon March 8-10th in Tokyo and a two day FreeBSD developer summit will be held at BSDCan May 16-19th in Ottawa. Finally, EuroBSDCon September 14-15th in Copenhagen is already looking for papers.
Thanks to all the reporters for the excellent work! We hope you enjoy reading.
Projects
- FreeSBIE
- iSCSI Initiator
- Network Stack Virtualization
- New USB Stack
- Past and Future PR Closing Events
- Porting ZFS to FreeBSD
- TrustedBSD Audit
- TrustedBSD MAC Framework
- TrustedBSD priv(9)
FreeBSD Team Reports
- FreeBSD Bugbusting Team
- FreeBSD Security Officer and Security Team
- Release Engineering
- The FreeBSD Foundation
Network Infrastructure
- Automatic TCP Send and Receive Socket Buffer Sizing
- FAST_IPSEC Upgrade
- ipfw NAT and libalias
- Multi-link PPP daemon (MPD)
- Wireless Networking
Kernel
- Cryptographic Subsystem
- GEOM Multipath
- Interrupt Filtering
- Sound Subsystem Improvements
- Update of the Linux Compatibility Environment in the Kernel
Hardware Drivers
- Bt878 Audio Driver (aka FusionHDTV 5 Lite driver)
- Intel 3945ABG Wireless LAN Driver: wpi
- MPT LSI-Logic Host Adapters: mpt
- QLogic SCSI and Fibre Channel: isp
Documentation
Userland Programs
Architectures
Ports
Miscellaneous
ARM/XScale Port
Contact:
Olivier
Houchard
<[email protected]>
Contact:
Sam
Leffler
<[email protected]>
FreeBSD is running multi-user on a variety of Gateworks Avila boards with most of the on-board devices supported. These include the compact flash/IDE slot, wired network interfaces, realtime clock, and environmental sensors. Several different minipci cards have been tested including those supported by the ath(4) and hifn(4) drivers. Remaining devices that need support are the onboard flash, optional 4-port network switch, and optional USB interface. Crypto acceleration for IXP425 parts is planned but will likely be done at a later time.
The Network Processor Engine (NPE) support is done with an entirely new replacement for the Intel Access Layer (IAL). The most important hardware facilities are supported (e.g. the hardware Q manager) and the wired NIC driver was also done from scratch. The resulting code is approximately 1/10th the number of lines of the equivalent IAL code.
Open tasks:
- Bootstrap support needs work to enable booting from the compact flash device.
Automatic TCP Send and Receive Socket Buffer Sizing
URL:
http://people.FreeBSD.org/~andre/tcp_auto_buf-20061212.diff
URL:
http://people.FreeBSD.org/~andre/tcp_auto_buf-20061212-RELENG_6.diff
Contact: Andre Oppermann <[email protected]>
Normally the socket buffers are static (either derived from global defaults or set with setsockopt) and do not adapt to real network conditions. Two things happen: a) your socket buffers are too small and you can't reach the full potential of the network between both hosts; b) your socket buffers are too big and you waste a lot of kernel memory for data just sitting around.
With automatic TCP send and receive socket buffers we can start with a small buffer and quickly grow it in parallel with the TCP congestion window to match real network conditions.
FreeBSD has a default 32K send socket buffer. This supports a maximal transfer rate of only slightly more than 2Mbit/s on a 100ms RTT trans-continental link. Or at 200ms just above 1Mbit/s. With TCP send buffer auto scaling and the default values below it supports 20Mbit/s at 100ms and 10Mbit/s at 200ms. That's an improvement of factor 10, or 1000%. For the receive side it looks slightly better with a default of 64K buffer size.
The automatic send buffer sizing patch is currently running on one half of the FTP.FreeBSD.ORG cluster w/o any problems so far. Against this machine with the automatic receive buffer sizing patch I can download at 5.7 MBytes per second. Without patch it maxed out at 1.6 MBytes per second as the delay bandwidth product became equal to the static socket buffer size without hitting the limits of the physical link between the machines. My test machine is about 35ms from that FTP.FreeBSD.ORG and connected through a moderately loaded 100Mbit Internet link.
New sysctls are:
- net.inet.tcp.sendbuf_auto=1 (enabled)
- net.inet.tcp.sendbuf_inc=8192 (8K, step size)
- net.inet.tcp.sendbuf_max=262144 (256K, growth limit)
- net.inet.tcp.recvbuf_auto=1 (enabled)
- net.inet.tcp.recvbuf_inc=16384 (16K, step size)
- net.inet.tcp.recvbuf_max=262144 (256K, growth limit)
BSDCan 2007
URL: http://www.bsdcan.org/2007/
Contact: Dan Langille <[email protected]>
Folks!
It is that time of year. You may have missed the
call for papers
, but please put in your proposal right away. This is often a busy
time of year, but please take the time to consider presenting at
BSDCan.
Please read the submission instructions and send in your proposal today!
You may be interested in our sister conference: PGCon. If you have an interest in PostgreSQL , a leading relational database, which just happens to be open source, then we have the conference for you! PGCon 2007 will be held immediately after BSDCan 2007, at the same venue, and will follow a similar format.
Open tasks:
- Waiting for papers
BSNMP - More Ongoing and Upcoming Work
URL: http://wiki.FreeBSD.org/BsnmpTODO
Contact:
Shteryana
Shopova
<[email protected]>
Contact:
Harti
Brandt
<[email protected]>
Contact:
Bjoern A.
Zeeb
<[email protected]>
In addition to other more detailed reports this is intended to give a summary about other ongoing or upcoming BSNMP related work. To collect some ideas from users and coordinate work a BSNMP TODO Wiki page was created. Feel free to add your ideas or let us know about them.
- A contributor, Tsvetan Erenditsov, has volunteered to implement a VLAN module for BSNMP. Shteryana is helping him.
- Sam Leffler has asked for a wireless networking monitoring module, which will most likely be the next module to be implemented.
- Some major work is currently going on in the main BSNMP
tree:
- SNMP transports have been factored out into loadable
modules. The old port tables are still there and will remain
at least for the next release. Later they will be removed.
The following modules and transports are already implemented
as loadable modules:
- snmp_trans_udp: SNMP over UDP over IPv4, IPv6 and scoped IPv6
- snmp_trans_tcp: SNMP over TCP over IPv4, IPv6 and scoped IPv6
- snmp_trans_ldgram: SNMP over local datagram sockets
- snmp_trans_lstream: SNMP over local stream sockets
- Some I/O functions have been moved from the daemon to libbsnmp.
- libisa has been imported into the bsnmp tree. This library aims at easy implementation of command line tools for remote and local system administration with a special focus on administration via SNMP. The library contains command line parsing functions, a function for automatically handling help text. Actual administration modules are implemented as loadable modules. The atmconfig tool in the FreeBSD tree contains some old parts of this library.
- lisa_snmp is a module which implements SNMP functionality for libisa.
- lisa_snmpd is a module for remote administration of the bsnmpd.
- The config file parser of bsnmpd has been rewritten so that each section of the file is handled as a transaction (in contrast to the previous behavior where the entire file was one transaction).
- SNMP transports have been factored out into loadable
modules. The old port tables are still there and will remain
at least for the next release. Later they will be removed.
The following modules and transports are already implemented
as loadable modules:
BSNMP Bridge Module
URL: http://wiki.FreeBSD.org/SnmpBridgeModule
Contact: Shteryana Shopova <[email protected]>
The BSNMP bridge module for FreeBSD's BSNMP daemon, which was implemented during SoC 2006, was committed to HEAD. In addition to RFC 4188 single bridge support it also supports monitoring multiple bridges via a private MIB. Since SoC 2006 Rapid Spanning Tree (RSTP) support (RSTP-MIB defined in RFC4318 and additions to the private MIB) was added to the module as well.
A patch for RELENG_6 is available and will be merged to STABLE the next weeks.
Open tasks:
- MFC to RELENG_6.
- More feedback from users is always welcome.
BSNMP Client Tools
URL:
http://wiki.FreeBSD.org/BsnmpTools
URL:
http://perforce.FreeBSD.org/depotTreeBrowser.cgi?FSPC=//depot/user/syrinx/ bsnmp/contrib/bsnmp/snmptools
URL:
http://perforce.FreeBSD.org/depotTreeBrowser.cgi?FSPC=//depot/user/bz/ bsnmp%5fsyrinx/usr.sbin/bsnmpd/tools
Contact:
Shteryana
Shopova
<[email protected]>
Contact:
Bjoern A.
Zeeb
<[email protected]>
During SoC 2005 BSNMP client tools (bsnmptools) were implemented and have since then been available via Shteryana's P4 tree or port net-mgmt/bsnmptools.
In order to finally get the code committed some cleanup was needed which ended in a partly rewrite to minimize duplicate code and to reduce the size of the binaries. This ongoing work is available via Bjoern's P4 tree and will be merged back to upstream trees before it will be committed to HEAD.
Open tasks:
- Update Wiki Page to reflect latest work.
- Finish cleanup and have it reviewed.
- User feedback is always welcome.
Bt878 Audio Driver (aka FusionHDTV 5 Lite driver)
URL: http://perforce.freebsd.org/fileSearch.cgi?FSPC=%2F%2Fdepot%2Fuser%2Fjmg%2Fbktrau%2F...&ignore=GO%21
Contact: John-Mark Gurney <[email protected]>
Basic audio capture is working. All of the parameters are set by userland, while the RISC program generation is by kernel. No real audio has been captured as there are no drivers for the NTSC tuner yet. Someone with a real Bt878 NTSC card that is supported by bktr(4) could use this to capture audio without using the sound card.
Due to lack of documentation from DViCO and LG, I have copied magic values from the Linux driver and managed to get ATSC capturing working. There was a bug in the capture driver that was releasing buffers to userland early causing what appeared to be reception issues. Now that we use the RISC status bits as buffer completion bits, capture works cleanly. This does mean that even if you provide more than 4 buffers to the driver, the buffers will be divided into four segments, and returned in segments.
A Python module is available, along with a sample capture application using it. The module is now known to work well with threads so that tuning (expensive due to i2c ioctls) can happen in another thread without causing program slow down. The module is working well with a custom PVR backend.
Additional ioctls have been added to get sibling devices. This allows one to open a bktrau device, and get the correct bktr(4) device that is in the same slot. This is necessary so that when adjusting GPIO pins or sending i2c commands, they are to the correct device.
Open tasks:
- Provide support for NTSC and FM tuning.
- Add support for other cards and tuners that use the Bt878 chip.
Cryptographic Subsystem
Contact: Sam Leffler <[email protected]>
Michael Richardson has been spearheading work to improve the crypto subsystem used by various parts of the kernel including Fast IPSec and geli. This work is sponsored by Hifn and has been happening outside the CVS repository. A main focus of this work is to add support for higher-level hardware operations that can significantly improve the performance of IPSec and SSL protocols.
Results of this work are now being readied for CVS. These redesign the core/driver APIs to use the kobj facilities and recast software crypto drivers as pseudo devices. The changes greatly improve the system and permit new functionality such as specifying which crypto device to use when multiple are available. The redesign will also enable load balancing of crypto work across multiple devices and the addition of virtual crypto sessions by which small operations can be done in software when the overhead to set up a hardware device is too costly.
In addition to the changes to the core crypto system several crypto drivers have been updated to improve their operation. Top of this list is the hifn(4) driver where many longstanding bugs have been fixed for 7955/756 parts.
EuroBSDCon 2007
URL:
http://2007.EuroBSDCon.org/
URL:
http://www.EuroBSDCon.dk/
Contact: Sidsel Jensen <[email protected]>
The sixth EuroBSDCon will take place in Copenhagen, Denmark on Friday the 14th and Saturday 15th of September 2007 . The conference will be held at Symbion Science Park . Sunday the 16th there will be an optional tour to LEGOland.
The call for papers was sent out right after EuroBSDCon 2006 in Milan in November and abstracts are due February 1st! So hurry up and send in all your fantastic and amazing papers to papers at eurobsdcon dot dk.
FAST_IPSEC Upgrade
URL:
http://www.FreeBSD.org/~gnn/fast_ipv6.patch
URL:
http://blogs.FreeBSDish.org/gnn/
Contact:
George
Neville-Neil
<[email protected]>
Contact:
Bjoern
Zeeb
<[email protected]>
Just this week I got routing working for the FAST_IPSEC and IPv6 code. Now there are memory smash problems, and then we need to remove the old GIANT lock. I hope to produce another patch with the routing code working in the next week.
Open tasks:
- Test the patch!!!!
FreeBSD Bugbusting Team
URL:
http://www.FreeBSD.org/doc/en/articles/pr-guidelines/
URL:
http://www.FreeBSD.org/doc/en/articles/problem-reports/
Contact:
Mark
Linimon
<[email protected]>
Contact:
Ceri
Davies
<[email protected]>
Contact:
Remko
Lodder
<[email protected]>
The FreeBSD Bugbusting team is a team of volunteers keeping track of various PR tickets in the GNATS application. Currently the Bugbusting team is investigating old PR tickets, checking whether they are still accurate, checking what needs to be done to fix the issues reported and make sure that the developers team can focus on the latest releases.
The team is always in need of volunteers willing to give a hand to resolve the old tickets and get the best feedback that is needed for the open tickets.
Please contact [email protected] if you want more information about the things that need to be done.
Open tasks:
- Checkout old PR tickets, getting the proper feedback and finally fix and/or resolve the tickets.
FreeBSD GNOME Project
URL: http://www.FreeBSD.org/gnome/
Contact: FreeBSD GNOME Project <[email protected]>
Where have we been?! Not doing status reports, that's for sure. But the FreeBSD GNOME project has been very busy with regular GNOME releases, and other side projects. We are currently shipping GNOME 2.16.2 in the ports tree, and we are testing GNOME 2.17.5 in the MarcusCom tree.
Most recently, work has completed on a cleanup of the FreeBSD backend to libgtop. This module has needed a lot of work, and should now be reporting correct system statistics. The cleaned up version is currently being tested in the MarcusCom tree, and will make it into the FreeBSD ports tree along with GNOME 2.18.
The GStreamer framework has been taken out of direct gnome@ maintainership, and put under a new multimedia@ umbrella. This will give multimedia-savvy developers a chance to collaborate on this important piece of the GNOME Desktop along with other important audio and video components.
The biggest accomplishment of 2006 for the FreeBSD GNOME team had to have been the port of HAL . This effort was started to give FreeBSD users a richer desktop experience. Since the initial FreeBSD release of HAL with GNOME 2.16, it has been incorporated into the FreeBSD release of KDE 3.5.5 as well as PC-BSD 1.3. The FreeBSD backend has also made it upstream into the HAL git repository so future releases of HAL will have FreeBSD support out-of-the-box.
Finally, it is with sadness that we say good-bye to one of our team members. Adam Weinberger stepped down from the FreeBSD GNOME team to save lives instead (priorities, man!). His splash screens and grammar nit-picking will be missed.
Open tasks:
- Now that HAL has been ported to FreeBSD, there is a strong desire to see NetworkManager ported. The big parts will be porting NM to use our 80211 framework, and extending some of the base utilities such as ifconfig. Contact [email protected] if you are interested in helping.
- Our system-tools-backends module needs some attention. This module is responsible for system configuration tasks in GNOME such as user management, network shares administration, etc. A knowledge of Perl is highly recommended. Contact [email protected] if you are interested in helping.
- We need good documentation writers to help update our FAQ and other documentation. If you would like to take on the responsibility full-time, or just contribute some pieces, please notify [email protected] .
- We are always in need of GNOME development testers. See our development branch FAQ for ways on how you can help make the next release of GNOME the best release.
FreeBSD Security Officer and Security Team
URL:
http://www.FreeBSD.org/security/
URL:
http://www.FreeBSD.org/administration.html#t-secteam
URL:
http://vuxml.FreeBSD.org/
Contact:
Security
Officer
<[email protected]>
Contact:
Security
Team
<[email protected]>
In the time since the last status report, four security advisories have been issued concerning problems in the base system of FreeBSD (three in 2006 and one in 2007); of these, one problem was in "contributed" code, while the remaining three were in code maintained within FreeBSD. The Vulnerabilities and Exposures Markup Language (VuXML) document has continued to be updated by the Security Team and Ports Committers documenting new vulnerabilities in the FreeBSD Ports Collection; since the last status report, 55 new entries have been added, bringing the total up to 869.
In order to streamline security team operations and ensure that incoming emails are promptly acknowledged, Remko Lodder has been appointed the security team secretary.
The following FreeBSD releases are supported by the FreeBSD Security Team: FreeBSD 4.11, FreeBSD 5.5, FreeBSD 6.0, FreeBSD 6.1, and FreeBSD 6.2. The respective End of Life dates of supported releases are listed on the web site; of particular note, FreeBSD 4.11 and FreeBSD 6.0 will cease to be supported at the end of January 2007.
FreeBSD/powerpc on Freescale MPC8555
Contact:
Rafal
Jaworowski
<[email protected]>
Contact:
Marcel
Moolenaar
<[email protected]>
Platform summary:
- PowerQuiccIII integrated controller
- e500 CPU core
- compliant with PowerPC BookE specification (significantly different from the 'traditional' PowerPC architecture the current FreeBSD/powerpc supports, particularly in the areas of MMU design, exceptions model, specific e500 machine instructions etc.)
Currently the machine is booting FreeBSD 6.1-RELEASE-p10 and operating both single- and multi-user modes; below are highlights of available functionality:
- Low-level support
- booting from U-Boot bootloader
- locore machine initialization
- e500 exceptions
- VM: a new pmap module developed
- On-chip peripherals
- introduced ocpbus hierarchy (nexus and descendants)
- interrupt controller: using generic OpenPIC driver
- serial console: using uart(4) driver
- barebones serial support using the QUICC's SCC
- host/PCI bridge: a new driver developed for the built-in bridge
- networking: a new driver developed for TSEC (3-speed Ethernet)
- Booting
- from ATA disk and USB memory stick (both through a secondary PCI VIA82C686B controller)
- from network (NFS-mounted rootfs)
- Basic TCP/IP protocols and apps work (DHCP, NFS, SSH, FTP, Telnet etc.)
- Userland
- integrated SoftFloat emulation lib (required due to e500 not being equipped with the old-style PowerPC FPU)
- almost all applications seem to work
Open tasks:
- Work out extensible layout for sys/powerpc architecture directory so we can easily add support for new core variations and platforms to come in the future.
- Integrate with FreeBSD source tree.
- Release and tinderbox related options and settings.
FreeSBIE
URL:
http://www.FreeSBIE.org
URL:
http://users.gufi.org/~rionda/20relnotes/
URL:
http://users.gufi.org/~rionda/20screen/
Contact:
Matteo
Riondato
<[email protected]>
Contact:
FreeSBIE
Staff
<[email protected]>
Contact:
FreeSBIE
Mailing List
<[email protected]>
FreeSBIE is approaching the 2.0-RELEASE. The first release candidate proved to be good enough but a second one will probably be released. An external developer is working on integrating BSDInstaller in FreeSBIE 2.0 and this may cause a little delay of the release date. Release Notes were written and need to be updated with the current list of packages. A script which allows to switch Tor+Privoxy on and off was added and its usage was documented. The 2.0-RELEASE is near, hopefully near the end of January but this will also depend on when FreeBSD 6.2-RELEASE will be released.
FreshPorts
URL:
http://www.freshports.org/
URL:
http://news.freshports.org/
Contact: Dan Langille <[email protected]>
There have been a number of improvements to FreshPorts over the last quarter of 2006. The following are just a few of them. The links take you to the relevant article within the FreshPorts News website .
- Better pagination of larger result sets
- Listing of sanity test failures
- Inclusion of latest vulnerabilities on the front page
- Started working on adding tools to make FreshSource/FreshPorts more useful as a developer tool
- The new dual opteron server has been deployed!
My thanks to the many people who have contributed suggestions, ideas, and code over the years. Most of you are documented at the above URLs.
Open tasks:
- FreshPorts/FreshSource as a developer tool
GEOM Multipath
Contact: Matthew Jacob <[email protected]>
A toy implementation of GEOM based active/passive multipath is now done and in a perforce repository. Seems to work.
Hungarian Translation of the Webpages
URL: http://www.FreeBSD.org/hu/
Contact:
Gábor
Kövesdán
<[email protected]>
Contact:
Giorgos
Keramidas
<[email protected]>
Gábor Kövesdán (gabor@) has submitted the Hungarian translation of the webpages and Giorgos Keramidas (keramida@) has reviewed and committed the pages. The initial rendering issues have also been fixed and the webpage is in a pretty good shape now.
As usual, this translation does not contain every part of the English version, but the most important and useful parts are there. Gábor will maintain this translation and regularly sync the content with the English version and add new translations if such become available.
Open tasks:
- Fix typos and mistakes that will be revealed after a deeper review by the public
- Get more people involved
Intel 3945ABG Wireless LAN Driver: wpi
URL:
http://perforce.FreeBSD.org/depotTreeBrowser.cgi?FSPC=//depot/user/benjsc/wpi
URL:
http://www.clearchain.com/wiki/wpi
Contact: Benjamin Close <[email protected]>
An initial port of the NetBSD wpi driver has been done and development is happening fast to get this driver ready for the tree. At present basic functionality works. The driver can associate with a non encrypted peer and pass data in 11b and 11g modes. There is still lots to do and testing is welcome.
Many thanks have to go to Sam, Max and Kip for helping the driver reach this point.
Open tasks:
- Solve bus dma alignment issues
- Support WEP and WPA
- Testing and more testing
Interrupt Filtering
URL: http://wiki.FreeBSD.org/Interrupts
Contact:
Paolo
Pisati
<[email protected]>
Contact:
John
Baldwin
<[email protected]>
Contact:
Scott
Long
<[email protected]>
Interrupt filtering is a new method to handle interrupts in FreeBSD that retains backward compatibility with the previous models (FAST and ITHREAD), while improving over them in some aspects. With interrupt filtering, the interrupt handler is divided into 2 parts: the filter (that checks if the actual interrupt belongs to a device) and a private per-handler ithread (that is scheduled in case some blocking work has to be done). The main benefits of this work are:
- Feedback from filters (the operating system finally knows what's the state of an event and can react consequently).
- Lower latency/overhead for shared interrupt line.
- Previous experiments with interrupt filtering showed an increase in performance against the plain ithread model in some cases.
- General shrink of the machine dependent code - part of the interrupting handling code was turned into machine independent code.
During the last quarter many improvements were made up to the point where 3 archs (i386, amd64 and arm) are reported to work, and the project can be considered feature complete.
I definitely want to make it part of the 7.0 release.
Open tasks:
- Define a road map to commit the code into the tree.
- Rethink the interrupt stray handling (?!?!).
- Finish off support for powerpc, sparc64 and ia64 (sun4v support is known to be broken now).
ipfw NAT and libalias
Contact: Paolo Pisati <[email protected]>
Support for in-kernel NAT, redirect and LSNAT for ipfw was committed to HEAD, and i encourage people to test it so we can quickly discover/fix bugs.
To add these features to ipfw, compile a new kernel adding "options IPFIREWALL_NAT" to your kernel config or, in case you use modules, add "CFLAGS += -DIPFIREWALL_NAT" to your make.conf.
Open tasks:
- Teach libalias to handle mbufs (this will fix TSO-capable NICs).
- Add support for hardware checksum offloading.
iSCSI Initiator
URL: ftp://ftp.cs.huji.ac.il/users/danny/freebsd/iscsi-2.0.1.tar.bz2
Contact: Daniel Braniss <[email protected]>
Though it is still a work in progress, it now supports more targets, has login CHAP authentication and header/data digest. It will also recover from a lost connection - most of the time.
Open tasks:
- instrumentation
- task management support
- improve the error recovery
Libelf
URL:
http://wiki.FreeBSD.org/LibElf
URL:
http://wiki.FreeBSD.org/PmcTools
URL:
http://people.FreeBSD.org/~jkoshy/projects/perf-measurement/
Contact: Joseph Koshy <[email protected]>
Libelf is a BSD-licensed library for ELF parsing & manipulation implementing the SysV/SVR4 (g)ELF[3] API.
Current status: The library is now in -CURRENT. Work continues on its test suite and tutorial, and on deploying it in PmcTools.
MPT LSI-Logic Host Adapters: mpt
Contact: Matthew Jacob <[email protected]>
The 'mpt' project is support for the MPT LSI-Logic Host Adapters (SCSI, Fibre Channel, SAS).
The last quarter saw a lot of change supported by Yahoo! and LSI-Logic and many others as things settled out for better support for U320. Some initial Big Endian support was offered by John Birrel and Scott Long.
Open tasks:
- Finish SAS Integrated RAID support.
- Try and get U320 RAID working better than it currently does.
- Finish Big Endian support, including that for target mode.
Multi-link PPP daemon (MPD)
URL:
http://sourceforge.net/projects/mpd/
URL:
http://mpd.cvs.sourceforge.net/*checkout*/mpd/mpd/doc/changes.xml
Contact:
Alexander
Motin
<[email protected]>
Contact:
Archie
Cobbs
<[email protected]>
MPD is moving to the next major release - mpd4_0. At the end of October one more beta version (4_0b5) was released and first RC is planned soon.
Since 3_18 and 4_0b4 numerous bugs and cases of incorrect internal handling have been fixed. Performance has been increased and system requirements reduced.
Many new features have been implemented:
- IPv6 support
- NAT (using the ng_nat(4) node)
- integrated web server
- Deflate and Predictor-1 CCP compression
Some historically broken features have been reimplemented:
- TCP and UDP link types
- CCP compression
- ECP encryption
To support compression, two new Netgraph nodes ng_deflate and ng_pred1 have been created and the ng_ppp node has been modified.
Open tasks:
- ng_ppp node refactoring.
- Implement packet loss notification in related Netgraph nodes (ng_ppp, ng_pptp, ng_async, ng_deflate, ng_pred1, ng_vjc, ...) to reduce recovery time and probability of incorrect packet decompression.
- MPD auth subsystem refactoring.
Network Stack Virtualization
URL: http://imunes.tel.fer.hr/virtnet/
Contact: Marko Zec <[email protected]>
The network stack virtualization project aims at extending the FreeBSD kernel to maintain multiple independent instances of networking state. This will allow for complete networking independence between jails on a system, including giving each jail its own firewall, virtual network interfaces, rate limiting, routing tables, and IPSEC configuration.
The prototype currently virtualizes the basic INET and INET6 kernel structures and subsystems, including the TCP machinery and the IPFW firewall. The focus is currently being kept on resolving bugs and sporadic lockups, and defining the internal and management APIs. It is expected that within the next month the code will become sufficiently complete and stable for testing by early adopters.
New USB Stack
URL:
http://perforce.freebsd.org/depotTreeBrowser.cgi?FSPC=//depot/projects/usb/src/sys/dev/usb
URL:
http://www.turbocat.net/~hselasky/usb4bsd
Contact: Hans Petter Sirevaag Selasky <[email protected]>
During the last three months there has not been so much activity in the USB project. Some regression issues have been reported and fixed. Bernd Walter reports that he has got the new USB stack working on ARM processors with some minor tweaks. Markus Brueffer reports that he is working on the USB HID parser and support. A current issue with the new USB stack is that the EHCI driver does not work on the Sparc64 architecture. If someone has got a Sparc64 with FreeBSD 7-CURRENT on and can lend the USB project the root password, a serial console and a USB test device, for example a USB memory stick, that would be much appreciated. Another unresolved issue is that the ural(4) USB device driver does not always work. This is currently being worked on.
If you want to test the new USB stack, check out the USB perforce tree or download the SVN version of the USB driver from my USB homepage. At the moment the tarballs are a little out of date.
Ideas and comments with regard to the new USB API are welcome at [email protected] .
Past and Future PR Closing Events
URL: http://wiki.freebsd.org/Bugathons
Contact: Florent Thoumie <[email protected]>
Following the example of our NetBSD friends, we organized a couple of Bugathons to help decreasing the open PR count. At first, it was decided to make it a monthly event focused on both src, ports and doc. Audience decreased with each Bugathon organized and less non-ports committers attended the events. So from now on, we will focus on ports (making it a Portathon) and organize a new event after the end of each ports freeze (that should be twice a year, at most).
Porting ZFS to FreeBSD
URL:
http://perforce.FreeBSD.org/depotTreeBrowser.cgi?FSPC=//depot/user/pjd/zfs
URL:
http://www.opensolaris.org/os/community/zfs/porting/
URL:
http://docs.FreeBSD.org/cgi/mid.cgi?20060822104516.GB16033
Contact: Pawel Jakub Dawidek <[email protected]>
The ZFS file system works quite well on FreeBSD now. The first patchset has already been published on the [email protected] mailing list .
All file system methods are already implemented (except ACL-related). Basically all stress tests I tried work, even under very high load. There is still a problem with memory allocation, which can get out of control, but from what I know the SUN guys also work on this.
Recently I have been working on a file system regression test suite. From what I found, there are no such test suites for free. I've already more than 3000 tests and I'm testing correctness of most file system related syscalls (chflags, chmod, chown, link, mkdir, mkfifo, open, rename, rmdir, symlink, truncate, unlink). I'm also working to make it usable on other operating systems (like Solaris, where it already works and Linux).
Few days ago I also (almost) finished NFS support. You can't use the 'zfs share' command yet, but you can export file systems via /etc/exports and you can also access snapshots. It was quite hard, because snapshots are separate file systems and after exporting the main file system, we need to also serve data from snapshots under it.
The one big thing which is missing is ACL support. This is not an easy task, because we first have to make some decisions. Currently we use POSIX ACLs in our UFS, but the market is moving slowly to NTFS/NFSv4-type ACLs. In Solaris they use POSIX ACLs for UFS and NFSv4-type ACLs for ZFS and we probably also want to use NFSv4-type ACLs in our ZFS, which requires some work outside ZFS.
Ports Collection
URL:
http://www.FreeBSD.org/ports/
URL:
http://www.FreeBSD.org/doc/en_US.ISO8859-1/articles/contributing-ports/
URL:
http://people.FreeBSD.org/~fenner/portsurvey/
URL:
http://portsmon.FreeBSD.org/index.html
URL:
http://www.FreeBSD.org/portmgr/index.html
URL:
http://tinderbox.marcuscom.com
Contact: Mark Linimon <[email protected]>
The ports count has jumped to 16347. The PR count, despite a jump, has gone back down to around 700.
Not much work has been committed on the ports infrastructure due to the long 6.2 release cycle. However, many test runs have been done for several upcoming features, such as making sure that ports will work with the new release of gcc (4.1), and do not have /usr/X11R6 hard-coded into them. The intention of the latter is to move all ports to $LOCALBASE, which can then be selected by the user. This should help consistency going forwards, albeit at the cost of a one-time conversion.
GNOME was updated to 2.16 during the release cycle.
In addition, we are in the process of moving the FORTRAN default from f77 to gfortran. See the ports mailing list for details.
The new xorg ports are still being worked on as well; they are intended to all live in $LOCALBASE. Hopefully this can get done in the early 6.3 development cycle. See the wiki for more information.
A new version of the ports Tinderbox code is available, which is mostly a bugfix release.
We have also added Pav Lucistnik as a new portmgr member, who we hope will help us work on the portmgr PR backlog. Welcome!
We have also added 8 new committers since the last report.
linimon continues to work on resetting committers who are no longer interested in their ports; as well, several ports commit bits have been stored for safekeeping. This is part of an attempt to keep the best match between volunteers and work to be done.
Open tasks:
- Most of the remaining ports PRs are "existing port/PR assigned to committer". Although the maintainer-timeout policy is helping to keep the backlog down, we are going to need to do more to get the ports in the shape they really need to be in.
- Although we have added many maintainers, we still have many unmaintained ports. As well, the packages on amd64 and sparc64 are lagging behind.
QLogic SCSI and Fibre Channel: isp
Contact: Matthew Jacob <[email protected]>
This project is for support for QLogic SCSI and Fibre Channel host adapters.
The last quarter saw the addition of 4Gb Fibre Channel support and a complete rewrite of fabric management (which is still settling out).
Release Engineering
URL:
http://www.FreeBSD.org/releng/
URL:
http://www.FreeBSD.org/releases/6.2R/announce.html
URL:
http://www.FreeBSD.org/snapshots/
Contact: Release Engineering Team <[email protected]>
The recent activities of the Release Engineering team have centered around FreeBSD 6.2-RELEASE, which is now available for downloading. This is the latest release from the RELENG_6 branch, and includes many new performance and stability improvements, bug fixes, and new features. The release notes and errata notes for FreeBSD 6.2 contain more specific information about what's new in this version. We thank the FreeBSD developer and user community for their efforts towards making this release possible.
The Release Engineering Team also produced snapshots of FreeBSD CURRENT in November 2006 and January 2007. These snapshots have not received extensive testing, and should not be used in production environments. However, they can be used for testing or experimentation, and show the kinds of functionality that can be expected in future FreeBSD releases.
Sound Subsystem Improvements
URL:
http://people.FreeBSD.org/~ariff/
URL:
http://www.FreeBSD.org/projects/ideas/
URL:
http://wiki.FreeBSD.org/soundsystem
Contact:
Ariff
Abdullah
<[email protected]>
Contact:
Alexander
Leidinger
<[email protected]>
Contact:
Multimedia
Mailinglist
<[email protected]>
Since the last status report there were improvements to the emu10kx driver for High Definition Audio (HDA) compatible chips. Some more chips are supported now and already supported chips should provide a better zero-configuration experience.
The generic sound code got some very nice low latency changes, and fixes which make it multichannel/endian/format safe. We do not support multichannel operation yet, but this work is a prerequisite to work on implementing multichannel operation. This work also fixed some bugs which people may experience as clicks, hickups, truncation or similar behavior in the sound-output.
So far there is no merge to 5.x or 6.x planned for this code, especially because there are API/ABI changes, e.g., several sysctls changed. People who do not care about this can download binary sound modules from Ariff's download page for 6.x and 5.x.
We thank all people who tested the changes / submitted patches and thus helped improving the sound system.
Open tasks:
- Have a look at the sound related entries on the ideas list.
- Add multichannel support.
- sndctl(1): tool to control non-mixer parts of the sound system (e.g. spdif switching, virtual-3D effects) by a user (instead of the sysctl approach in -CURRENT); pcmplay(1), pcmrec(1), pcmutil(1).
- Plugable FEEDER infrastructure. For ease of debugging various feeder stuff and/or as userland library and test suite.
- Extend the wiki page.
The FreeBSD Dutch Documentation Project
URL:
http://www.FreeBSD.org/doc/nl/books/handbook
URL:
http://www.evilcoder.org/content/section/6/39/
URL:
http://www.FreeBSD-nl.org/doc/nl/
URL:
http://www.FreeBSD-nl.org/www/
Contact: Remko Lodder <[email protected]>
The FreeBSD Dutch Documentation Project is an ongoing project to translate the FreeBSD Handbook to the Dutch Language.
Currently we almost translated the entire handbook, and we translated parts of the website, sadly the project went into a slush lately, so we seek out for fresh and new translators that are willing to join the team to continue the effort.
Open tasks:
- Translate the rest of the handbook
- Make the documentation up to date
- Translate the rest of the website
The FreeBSD Foundation
URL: http://www.FreeBSDFoundation.org
Contact: Deb Goodkin <[email protected]>
The FreeBSD Foundation ended 2006 raising over $100,000. We received commitments for another $55,000 in donations for the Fall Fundraiser. We fell short of our goal of raising $200,000. But, we are working hard to fill this gap, early in 2007, so we can continue with the same level of support for the project and community. Please go to http://www.freebsdfoundation.org/donate/ to find out how to make a donation to the foundation.
We added a donors page to our website to acknowledge our generous donors. We negotiated and are now actively managing a joint technology project with NLNet and the University of Zagreb to develop virtualized network stack support for FreeBSD. We sponsored AsiaBSDCon and are now accepting travel grant applications for this conference.
We are working to upgrade the project's network testbed with 10Gigabit interconnects. Cisco has generously donated a 10Gigabit switch and we have received network adapters from Myricom, Neterion, Intel, and Chelsio. Adapters from other vendors are being solicited so that we can do interoperability testing.
For more information on what we've been up to, check out our end-of-year newsletter at http://www.freebsdfoundation.org/press/2006Dec-newsletter.shtml .
TrustedBSD Audit
URL:
http://www.TrustedBSD.org/audit.html
URL:
http://www.OpenBSM.org/
Contact:
Robert
Watson
<[email protected]>
Contact:
Christian
Peron
<[email protected]>
Contact:
Wayne
Salamon
<[email protected]>
FreeBSD 6.2-RELEASE, the first release of FreeBSD with experimental audit support is now available. The plan is to make audit a full production feature as of FreeBSD 6.3-RELEASE, with "options AUDIT" compiled in by default. A TODO list has been posted to trustedbsd-audit.
OpenBSM 1.0 alpha 13, which includes support for XML record printing, additional 64-bit token types, additional audit events, and more cross-platform build support, has been released. OpenBSM 1.0 alpha 14, which adds support for warnings clean building with gcc 4.1, will be released shortly. The new OpenBSM release will be merged to FreeBSD CVS in late January or early February.
Open tasks:
- Complete assignment of audit events to non-native and a few remaining native system calls. Add additional system call argument auditing.
- Merge MAC Framework hooks allowing MAC modules to control access to kernel audit services. Refine and merge MAC labeling support in audit, including support for MAC annotations in the audit trail.
- Complete pass through user space services adding audit support to system management tools (and ftpd). Work with third party software maintainers to add audit support for applications like xdm/kdm/gdm.
- Merge latest OpenBSM, including XML output support.
TrustedBSD MAC Framework
URL: http://www.TrustedBSD.org/mac.html
Contact:
Robert
Watson
<[email protected]>
Contact: <[email protected]>
Most work on the MAC Framework during this period, other than as relates to the priv(9) project described in a separate status report, has been in refinement of the structure of the framework.
- Add two new entry points allowing MAC Framework policy modules to grant or limit fine-grained system privileges.
- A sample mac_priv(4) policy module has been created demonstrating how a MAC Framework policy module can grant specific system privileges to specific users.
- Commenting throughout the MAC Framework significantly extended.
- Correct a bug in which the original ifnet label was copied to user space via ioctl, rather than the thread-local copy.
- mac_enforce_subsystem debugging sysctls removed, as some policies rely on access control checks being called even when non-enforcing (specifically, information flow related policies).
- Break out mac.h include file into mac.h (user API, system calls) and mac_framework.h (in-kernel interface to the MAC Framework). Move non-user MAC include files from src/sys to src/sys/security/mac. Move and break out kern_mac.c into mac_framework.c and mac_syscalls.c. The MAC Framework is now entirely located in src/sys/security/mac.
- Export the MAC Framework version via a read-only sysctl and provide a #define version usable by policies.
- MAC Framework locking optimized to optimistically expect no write lock contention during read locking.
Open tasks:
- Now that the MAC Framework has been fully moved to src/sys/security/mac, embark on the 'mac2' interface cleanup, in which many MAC Framework entry points are renamed for consistency. This will require most MAC Framework policy modules to be modified between FreeBSD 6.x and FreeBSD 7.x, although in a way that can be largely done using sed.
- Add accessor functions for policies retrieving per-policy label data from labels, so that policy modules do not compile in the binary layout of struct label. This will allow future optimization of the label layout.
- Complete integration of audit and MAC support, allowing MAC policy modules to control access to audit interfaces, and allowing them to annotate audit records.
TrustedBSD priv(9)
URL: http://www.TrustedBSD.org/
Contact: Robert Watson <[email protected]>
TrustedBSD priv(9) replaces suser(9) as an in-kernel interface for checking privilege in FreeBSD 7.x. Each privilege check now takes a specific named privilege. This allows both centralization of jail logic relating to privilege, which is currently distributed around the kernel at the point of each call to suser(9), and allows instrumentation of the privilege logic by the MAC Framework. Two new MAC Framework entry points, one to grant and the other to limit privilege, are now available, providing fine-grained control of kernel privilege by policy modules. This lays the kernel infrastructure groundwork for further refinement and extension of the kernel privilege model. The priv(9) implementation has been committed to FreeBSD 7-CURRENT.
This software was developed by Robert N. M. Watson for the TrustedBSD Project under contract to nCircle Network Security, Inc.
Open tasks:
- Complete review of kernel privilege checks, removal of suser(9) jail flag now that checks are centralized.
- Explore possible changes to kernel privilege model along lines of POSIX.1e privileges, the Solaris privilege interface, etc. This has been explored previously as part of the TrustedBSD Capabilities project also.
Update of the Linux Compatibility Environment in the Kernel
URL: http://wiki.FreeBSD.org/linux-kernel
Contact:
Alexander
Leidinger
<[email protected]>
Contact:
Roman
Divacky
<[email protected]>
Contact:
Emulation
Mailinglist
<[email protected]>
Since the last status report we made good progress in improving the compatibility environment. We fixed more than 30 testcases on i386 (130 testcases = 16% still failing) and more than 60 testcases on amd64 (140 testcases = 17% still failing) in the Linux 2.4 compatibility. These numbers compare FreeBSD 6.2 with -CURRENT. Some of those fixes are edge cases in the error handling, and some of them fix real issues -- e.g. hangs -- and improve the stability and correctness of the emulation.
Regarding the Linux 2.6 compatibility there are 140 testcases (17%) on i386 and 150 testcases (18%) on amd64 still failing in -CURRENT. After fixing some showstopper problems with real applications, we should be able to give the 2.6 emulation a more widespread exposure "soon" to find more bugs and to determine the importance of those Linux syscalls which we did not implement yet.
The severity of the broken testcases varies, and some of them will never be fixed, e.g., we will never be able to load Linux kernel modules into a FreeBSD kernel, being able to add swap with a Linux command has very low priority, and fixing stuff which is used by applications like IPC type 17 has high priority.
Some differences in the 2.6 compatibility are because not all i386 changes are merged into the amd64 code, and some testcases are already fixed in our perforce repository but need more review before they can be committed to -CURRENT.
We need some more testers and bug reporters. So if you have a little bit of time and a favorite Linux application, please play around with it on -CURRENT. If there is a problem, have a look at the wiki if we already know about it and report on emulation@ . We are especially interested in reports about the 2.6 compatibility (sysctl compat.linux.osversion=2.6.16), but only with the most recent -CURRENT and maybe with some patches we have in the perforce repository (mandatory on amd64).
We thank all people who tested the changes / submitted patches and thus helped improving the Linux compatibility environment.
Updating X.org FreeBSD Ports to 7.2
URL:
http://xorg.freedesktop.org/
URL:
http://git.xbsd.org/?p=freebsd/ports.git;a=shortlog;h=xorg
URL:
http://blog.xbsd.org/
URL:
http://lists.freebsd.org/pipermail/freebsd-x11/
Contact:
Florent
Thoumie
<[email protected]>
Contact:
Eric
Anholt
<[email protected]>
Contact:
Dejan
Lesjak
<[email protected]>
X.org 7.2 release has been delayed more than a month, which gave us more time to fix build failures, to work on a few runtime issues and to determine the easiest way to upgrade from 6.9 to 7.2 (mostly with the help of people on the freebsd-x11@ mailing list ). Everything is in a rather good shape but there's still a little amount of work to do. The merge of new ports is most likely to happen before the end of January.
Open tasks:
- Do a global review of the diff between the original tree and the experimental one (git-diff origin xorg for git users)
- Fix the remaining (9 I think, 3 being lang/jdk's) build errors
- Continue testing
- Do another experimental build on pointyhat
Wireless Networking
Contact: Sam Leffler <[email protected]>
Work on wireless support has continued to evolve in the public CVS tree while other work has been going on behind the scenes in the developer's perforce repository.
Support was recently added to HEAD for half- and quarter-rate channels as found in the 4.9 GHz FCC Public Safety Band. This work was a prerequisite to adding similar support in the 900 MHz band as found in Ubiquiti's SR9 cards. Adding this functionality was straightforward due to the design of the net80211 layer, requiring only some additions to handle the unusual mapping between frequencies and IEEE channel numbers. The ath(4) driver currently supports hardware capable of operating on half- and quarter-rate channels.
Kip Macy recently made significant advances preparing legacy drivers for the re-architected net80211 layer that has been languishing in perforce. With his efforts this code is nearly ready for public testing after which it can be merged into CVS. Our goal is to complete this merge in time for the 7.x branch (otherwise it will be forced to wait for 8.0 before it appears in a public release). This revised net80211 layer includes advanced station mode facilities such as background scanning and roaming and support for Atheros' SuperG extensions. Getting the revised scanning work into CVS will greatly simplify public distribution of the Virtual AP (VAP) code as a patch as well as enable addition of 802.11n support.
Benjamin Close is working on support for the Intel 3945 parts commonly found in laptops. The work is going on in the perforce repository with public code drops for testing.
Atheros PCI/Cardbus support was updated with a new HAL that fixes a few minor issues and corrects a problem that kept AR2424 parts from working. The new HAL also enables more efficient use of the hardware keycache for TKIP keys; on newer hardware you can now support up to 57 stations without faulting keys into the cache. Support for the latest 802.11n parts found in the new Lenovo and Apple laptops (among others) is in development; initial release will support only legacy operation.
Support for Atheros USB devices is coming. Atheros has agreed to license their firmware with the same license applied to the HAL which means it can be committed to the tree and distributed as part of releases. The driver is still in development.
wpa_supplicant and hostapd were updated to the latest stable build releases from Jouni Malinen. Shortly the in-tree code base will switch to the 0.5.x tree which will bring in much new functionality including dynamic VLAN tagging that will be especially useful once the multi-bss support is available.
The support for injection of raw 802.11 frames was committed to HEAD. This work was done in collaboration with Andrea Bittau. At this point there are no plans to commit this to the STABLE branch as it requires API changes.
News Home | Status Home