diff --git a/en/news/status/Makefile b/en/news/status/Makefile
index 5b3937f470..2e1063dfc7 100644
--- a/en/news/status/Makefile
+++ b/en/news/status/Makefile
@@ -1,45 +1,46 @@
-# $FreeBSD: www/en/news/status/Makefile,v 1.34 2006/08/19 21:20:39 hrs Exp $
+# $FreeBSD: www/en/news/status/Makefile,v 1.35 2006/10/19 06:37:53 brd Exp $
.if exists(../Makefile.conf)
.include "../Makefile.conf"
.endif
.if exists(../Makefile.inc)
.include "../Makefile.inc"
.endif
DOCS= status.sgml
XMLDOCS= report-june-2001
XMLDOCS+= report-july-2001
XMLDOCS+= report-august-2001
XMLDOCS+= report-september-2001
XMLDOCS+= report-november-2001
XMLDOCS+= report-dec-2001-jan-2002
XMLDOCS+= report-feb-2002-apr-2002
XMLDOCS+= report-may-2002-june-2002
XMLDOCS+= report-july-2002-aug-2002
XMLDOCS+= report-sept-2002-oct-2002
XMLDOCS+= report-nov-2002-dec-2002
XMLDOCS+= report-jan-2003-feb-2003
XMLDOCS+= report-mar-2003-sep-2003
XMLDOCS+= report-oct-2003-dec-2003
XMLDOCS+= report-jan-2004-feb-2004
XMLDOCS+= report-mar-2004-apr-2004
XMLDOCS+= report-may-2004-june-2004
XMLDOCS+= report-july-2004-dec-2004
XMLDOCS+= report-jan-2005-mar-2005
XMLDOCS+= report-mar-2005-june-2005
XMLDOCS+= report-july-2005-oct-2005
XMLDOCS+= report-oct-2005-dec-2005
XMLDOCS+= report-jan-2006-mar-2006
XMLDOCS+= report-apr-2006-jun-2006
XMLDOCS+= report-june-2006-oct-2006
+XMLDOCS+= report-oct-2006-dec-2006
XSLT.DEFAULT= report.xsl
# Install a sample Happy New Year. This Report covers the last quarter of a exciting
+ year 2006 for FreeBSD development. FreeBSD 6.2 is finally out of the
+ door and work towards FreeBSD 7.0 is gearing up. Some of the projects
+ in this report will be part of that effort, others are already in the
+ tree. Many projects need your help with testing and otherwise. Please
+ see the "Open tasks" sections for more information. The BSD crowd will meet at
+ AsiaBSDCon
+ March 8-10th in Tokyo and a two day FreeBSD developer summit will be
+ held at
+ BSDCan
+
+ May 16-19th in Ottawa. Finally,
+ EuroBSDCon
+
+ September 14-15th in Copenhagen is already looking for papers. Thanks to all the reporters for the excellent work! We hope you
+ enjoy reading. A toy implementation of GEOM based active/passive multipath is
+ now done and in a perforce repository. Seems to work. There have been a number of improvements to FreshPorts over the
+ last quarter of 2006. The following are just a few of them. The
+ links take you to the relevant article within the
+ FreshPorts News website
+
+ .
+
+
+
My thanks to the many people who have contributed suggestions, + ideas, and code over the years. Most of you are documented at the + above URLs.
+ + +Folks!
+
+
+ It is that time of year. You may have missed the
+ call for papers
+
+ , but please put in your proposal right away. This is often a busy
+ time of year, but please take the time to consider presenting at
+ BSDCan.
Please read the + submission + instructions + + and send in your proposal today!
+ +You may be interested in our sister conference: PGCon. If you + have an interest in + PostgreSQL + + , a leading relational database, which just happens to be open + source, then we have the conference for you! + PGCon 2007 + + will be held immediately after BSDCan 2007, at the same venue, and + will follow a similar format.
+ + +FreeSBIE is approaching the 2.0-RELEASE. The first release + candidate proved to be good enough but a second one will probably + be released. An external developer is working on integrating + BSDInstaller in FreeSBIE 2.0 and this may cause a little delay of + the release date. Release Notes were written and need to be updated + with the current list of packages. A script which allows to switch + Tor+Privoxy on and off was added and its usage was documented. The + 2.0-RELEASE is near, hopefully near the end of January but this + will also depend on when FreeBSD 6.2-RELEASE will be released.
+ +The 'mpt' project is support for the MPT LSI-Logic Host Adapters + (SCSI, Fibre Channel, SAS).
+ +The last quarter saw a lot of change supported by Yahoo! and + LSI-Logic and many others as things settled out for better support + for U320. Some initial Big Endian support was offered by John + Birrel and Scott Long.
+ + +This project is for support for QLogic SCSI and Fibre Channel + host adapters.
+ +The last quarter saw the addition of 4Gb Fibre Channel support + and a complete rewrite of fabric management (which is still + settling out).
+ +Basic audio capture is working. All of the parameters are set by + userland, while the RISC program generation is by kernel. No real + audio has been captured as there are no drivers for the NTSC tuner + yet. Someone with a real Bt878 NTSC card that is supported by + bktr(4) could use this to capture audio without using the sound + card.
+ +Due to lack of documentation from DViCO and LG, I have copied + magic values from the Linux driver and managed to get ATSC + capturing working. There was a bug in the capture driver that was + releasing buffers to userland early causing what appeared to be + reception issues. Now that we use the RISC status bits as buffer + completion bits, capture works cleanly. This does mean that even if + you provide more than 4 buffers to the driver, the buffers will be + divided into four segments, and returned in segments.
+ +A Python module is available, along with a sample capture + application using it. The module is now known to work well with + threads so that tuning (expensive due to i2c ioctls) can happen in + another thread without causing program slow down. The module is + working well with a custom PVR backend.
+ +Additional ioctls have been added to get sibling devices. This + allows one to open a bktrau device, and get the correct bktr(4) + device that is in the same slot. This is necessary so that when + adjusting GPIO pins or sending i2c commands, they are to the + correct device.
+ + +Following the example of our NetBSD friends, we organized a + couple of Bugathons to help decreasing the open PR count. At first, + it was decided to make it a monthly event focused on both src, + ports and doc. Audience decreased with each Bugathon organized and + less non-ports committers attended the events. So from now on, we + will focus on ports (making it a Portathon) and organize a new + event after the end of each ports freeze (that should be twice a + year, at most).
+ +X.org 7.2 release has been delayed more than a month, which gave + us more time to fix build failures, to work on a few runtime issues + and to determine the easiest way to upgrade from 6.9 to 7.2 (mostly + with the help of people on the + + freebsd-x11@ mailing list + + ). Everything is in a rather good shape but there's still a little + amount of work to do. The merge of new ports is most likely to + happen before the end of January.
+ + +During the last three months there has not been so much activity + in the USB project. Some regression issues have been reported and + fixed. Bernd Walter reports that he has got the new USB stack + working on ARM processors with some minor tweaks. Markus Brueffer + reports that he is working on the USB HID parser and support. A + current issue with the new USB stack is that the EHCI driver does + not work on the Sparc64 architecture. If someone has got a Sparc64 + with FreeBSD 7-CURRENT on and can lend the USB project the root + password, a serial console and a USB test device, for example a USB + memory stick, that would be much appreciated. Another unresolved + issue is that the ural(4) USB device driver does not always work. + This is currently being worked on.
+ +If you want to test the new USB stack, check out the USB + perforce tree or download the SVN version of the USB driver from my + USB homepage. At the moment the tarballs are a little out of + date.
+ +Ideas and comments with regard to the new USB API are welcome at + + + freebsd-usb@FreeBSD.org + + .
+ +MPD is moving to the next major release - mpd4_0. At the end of + October one more beta version (4_0b5) was released and first RC is + planned soon.
+ +Since 3_18 and 4_0b4 numerous bugs and cases of incorrect + internal handling have been fixed. Performance has been increased + and system requirements reduced.
+ +Many new features have been implemented: +
Some historically broken features have been reimplemented: +
To support compression, two new Netgraph nodes ng_deflate and + ng_pred1 have been created and the ng_ppp node has been + modified.
+ + +Since the last status report we made good progress in improving + the compatibility environment. We fixed more than 30 testcases on + i386 (130 testcases = 16% still failing) and more than 60 testcases + on amd64 (140 testcases = 17% still failing) in the Linux 2.4 + compatibility. These numbers compare FreeBSD 6.2 with -CURRENT. + Some of those fixes are edge cases in the error handling, and some + of them fix real issues -- e.g. hangs -- and improve the stability + and correctness of the emulation.
+ +Regarding the Linux 2.6 compatibility there are 140 testcases + (17%) on i386 and 150 testcases (18%) on amd64 still failing in + -CURRENT. After fixing some showstopper problems with real + applications, we should be able to give the 2.6 emulation a more + widespread exposure "soon" to find more bugs and to determine the + importance of those Linux syscalls which we did not implement + yet.
+ +The severity of the broken testcases varies, and some of them + will never be fixed, e.g., we will never be able to load Linux + kernel modules into a FreeBSD kernel, being able to add swap with a + Linux command has very low priority, and fixing stuff which is used + by applications like IPC type 17 has high priority.
+ +Some differences in the 2.6 compatibility are because not all + i386 changes are merged into the amd64 code, and some testcases are + already fixed in our perforce repository but need more review + before they can be committed to -CURRENT.
+ +We need some more testers and bug reporters. So if you have a + little bit of time and a favorite Linux application, please play + around with it on -CURRENT. If there is a problem, have a look at + the wiki if we already know about it and report on + + emulation@ + + . We are especially interested in reports about the 2.6 + compatibility (sysctl compat.linux.osversion=2.6.16), but only with + the most recent -CURRENT and maybe with some patches we have in the + perforce repository (mandatory on amd64).
+ +We thank all people who tested the changes / submitted patches + and thus helped improving the Linux compatibility environment.
+ +Since the last status report there were improvements to the + emu10kx driver for High Definition Audio (HDA) compatible chips. + Some more chips are supported now and already supported chips + should provide a better zero-configuration experience.
+ +The generic sound code got some very nice low latency changes, + and fixes which make it multichannel/endian/format safe. We do not + support multichannel operation yet, but this work is a prerequisite + to work on implementing multichannel operation. This work also + fixed some bugs which people may experience as clicks, hickups, + truncation or similar behavior in the sound-output.
+ +So far there is no merge to 5.x or 6.x planned for this code, + especially because there are API/ABI changes, e.g., several sysctls + changed. People who do not care about this can download binary + sound modules from Ariff's download page for 6.x and 5.x.
+ +We thank all people who tested the changes / submitted patches + and thus helped improving the sound system.
+ + +Gábor Kövesdán (gabor@) has submitted the Hungarian translation + of the webpages and Giorgos Keramidas (keramida@) has reviewed and + committed the pages. The initial rendering issues have also been + fixed and the webpage is in a pretty good shape now.
+ +As usual, this translation does not contain every part of the + English version, but the most important and useful parts are there. + Gábor will maintain this translation and regularly sync the content + with the English version and add new translations if such become + available.
+ + +An initial port of the NetBSD wpi driver has been done and + development is happening fast to get this driver ready for the + tree. At present basic functionality works. The driver can + associate with a non encrypted peer and pass data in 11b and 11g + modes. There is still lots to do and testing is welcome.
+ +Many thanks have to go to Sam, Max and Kip for helping the + driver reach this point.
+ + +Though it is still a work in progress, it now supports more + targets, has login CHAP authentication and header/data digest. It + will also recover from a lost connection - most of the time.
+ + +Platform summary: +
Currently the machine is booting FreeBSD 6.1-RELEASE-p10 and + operating both single- and multi-user modes; below are highlights + of available functionality: +
The network stack virtualization project aims at extending the + FreeBSD kernel to maintain multiple independent instances of + networking state. This will allow for complete networking + independence between jails on a system, including giving each jail + its own firewall, virtual network interfaces, rate limiting, + routing tables, and IPSEC configuration.
+ +The prototype currently virtualizes the basic INET and INET6 + kernel structures and subsystems, including the TCP machinery and + the IPFW firewall. The focus is currently being kept on resolving + bugs and sporadic lockups, and defining the internal and management + APIs. It is expected that within the next month the code will + become sufficiently complete and stable for testing by early + adopters.
+ +The BSNMP bridge module for FreeBSD's BSNMP daemon, which was + implemented during SoC 2006, was committed to HEAD. In addition to + RFC 4188 single bridge support it also supports monitoring multiple + bridges via a private MIB. Since SoC 2006 Rapid Spanning Tree + (RSTP) support (RSTP-MIB defined in RFC4318 and additions to the + private MIB) was added to the module as well.
+ +A patch for RELENG_6 is available and will be merged to STABLE + the next weeks.
+ + +During SoC 2005 BSNMP client tools (bsnmptools) were implemented + and have since then been available via Shteryana's P4 tree or port + net-mgmt/bsnmptools.
+ +In order to finally get the code committed some cleanup was + needed which ended in a partly rewrite to minimize duplicate code + and to reduce the size of the binaries. This ongoing work is + available via Bjoern's P4 tree and will be merged back to upstream + trees before it will be committed to HEAD.
+ + +In addition to other more detailed reports this is intended to + give a summary about other ongoing or upcoming BSNMP related work. + To collect some ideas from users and coordinate work a BSNMP TODO + Wiki page was created. Feel free to add your ideas or let us know + about them.
+ ++
The recent activities of the Release Engineering team have + centered around FreeBSD 6.2-RELEASE, which is now available for + downloading. This is the latest release from the RELENG_6 branch, + and includes many new performance and stability improvements, bug + fixes, and new features. The release notes and errata notes for + FreeBSD 6.2 contain more specific information about what's new in + this version. We thank the FreeBSD developer and user community for + their efforts towards making this release possible.
+ +The Release Engineering Team also produced snapshots of FreeBSD + CURRENT in November 2006 and January 2007. These snapshots have not + received extensive testing, and should not be used in production + environments. However, they can be used for testing or + experimentation, and show the kinds of functionality that can be + expected in future FreeBSD releases.
+ +Libelf is a BSD-licensed library for ELF parsing & + manipulation implementing the SysV/SVR4 (g)ELF[3] API.
+ +Current status: The library is now in -CURRENT. Work continues + on its test suite and tutorial, and on deploying it in + PmcTools.
+ +The FreeBSD Dutch Documentation Project is an ongoing project to + translate the FreeBSD Handbook to the Dutch Language.
+ +Currently we almost translated the entire handbook, and we + translated parts of the website, sadly the project went into a + slush lately, so we seek out for fresh and new translators that are + willing to join the team to continue the effort.
+ + +Where have we been?! Not doing status reports, that's for sure. + But the FreeBSD GNOME project has been very busy with regular GNOME + releases, and other side projects. We are currently shipping GNOME + 2.16.2 in the ports tree, and we are testing GNOME 2.17.5 in the + + MarcusCom + + tree.
+ +Most recently, work has completed on a cleanup of the FreeBSD + backend to libgtop. This module has needed a lot of work, and + should now be reporting correct system statistics. The cleaned up + version is currently being tested in the MarcusCom tree, and will + make it into the FreeBSD ports tree along with GNOME 2.18.
+ +The GStreamer framework has been taken out of direct + + gnome@ + + maintainership, and put under a new + + multimedia@ + + umbrella. This will give multimedia-savvy developers a chance to + collaborate on this important piece of the GNOME Desktop along with + other important audio and video components.
+ +The biggest accomplishment of 2006 for the FreeBSD GNOME team + had to have been the port of + HAL + + . This effort was started to give FreeBSD users a richer desktop + experience. Since the initial FreeBSD release of HAL with GNOME + 2.16, it has been incorporated into the FreeBSD release of KDE + 3.5.5 as well as PC-BSD 1.3. The FreeBSD backend has also made it + upstream into the HAL git repository so future releases of HAL will + have FreeBSD support out-of-the-box.
+ +Finally, it is with sadness that we say good-bye to one of our + team members. Adam Weinberger stepped down from the FreeBSD GNOME + team to save lives instead (priorities, man!). His splash screens + and grammar nit-picking will be missed.
+ + +Support for in-kernel NAT, redirect and LSNAT for ipfw was + committed to HEAD, and i encourage people to test it so we can + quickly discover/fix bugs.
+ +To add these features to ipfw, compile a new kernel adding + "options IPFIREWALL_NAT" to your kernel config or, in case you use + modules, add "CFLAGS += -DIPFIREWALL_NAT" to your make.conf.
+ + +Interrupt filtering is a new method to handle interrupts in + FreeBSD that retains backward compatibility with the previous + models (FAST and ITHREAD), while improving over them in some + aspects. With interrupt filtering, the interrupt handler is divided + into 2 parts: the filter (that checks if the actual interrupt + belongs to a device) and a private per-handler ithread (that is + scheduled in case some blocking work has to be done). The main + benefits of this work are: +
During the last quarter many improvements were made up to the + point where 3 archs (i386, amd64 and arm) are reported to work, and + the project can be considered feature complete.
+ +I definitely want to make it part of the 7.0 release.
+ + +The FreeBSD Bugbusting team is a team of volunteers keeping + track of various PR tickets in the GNATS application. Currently the + Bugbusting team is investigating old PR tickets, checking whether + they are still accurate, checking what needs to be done to fix the + issues reported and make sure that the developers team can focus on + the latest releases.
+ +The team is always in need of volunteers willing to give a hand + to resolve the old tickets and get the best feedback that is needed + for the open tickets.
+ +Please contact + + FreeBSD-bugbusters@FreeBSD.org + + if you want more information about the things that need to be + done.
+ + +The FreeBSD Foundation ended 2006 raising over $100,000. We + received commitments for another $55,000 in donations for the Fall + Fundraiser. We fell short of our goal of raising $200,000. But, we + are working hard to fill this gap, early in 2007, so we can + continue with the same level of support for the project and + community. Please go to + + http://www.freebsdfoundation.org/donate/ + + to find out how to make a donation to the foundation.
+ +We added a donors page to our website to acknowledge our + generous donors. We negotiated and are now actively managing a + joint technology project with NLNet and the University of Zagreb to + develop virtualized network stack support for FreeBSD. We sponsored + AsiaBSDCon and are now accepting travel grant applications for this + conference.
+ +We are working to upgrade the project's network testbed with + 10Gigabit interconnects. Cisco has generously donated a 10Gigabit + switch and we have received network adapters from Myricom, + Neterion, Intel, and Chelsio. Adapters from other vendors are being + solicited so that we can do interoperability testing.
+ +For more information on what we've been up to, check out our + end-of-year newsletter at + + http://www.freebsdfoundation.org/press/2006Dec-newsletter.shtml + + .
+ +The ports count has jumped to 16347. The PR count, despite a + jump, has gone back down to around 700.
+ +Not much work has been committed on the ports infrastructure due + to the long 6.2 release cycle. However, many test runs have been + done for several upcoming features, such as making sure that ports + will work with the new release of gcc (4.1), and do not have + /usr/X11R6 hard-coded into them. The intention of the latter is to + move all ports to $LOCALBASE, which can then be selected by the + user. This should help consistency going forwards, albeit at the + cost of a one-time conversion.
+ +GNOME was updated to 2.16 during the release cycle.
+ +In addition, we are in the process of moving the FORTRAN default + from f77 to gfortran. See the ports mailing list for details.
+ +The new xorg ports are still being worked on as well; they are + intended to all live in $LOCALBASE. Hopefully this can get done in + the early 6.3 development cycle. See the wiki for more + information.
+ +A new version of the ports Tinderbox code is available, which is + mostly a bugfix release.
+ +We have also added Pav Lucistnik as a new portmgr member, who we + hope will help us work on the portmgr PR backlog. Welcome!
+ +We have also added 8 new committers since the last report.
+ +linimon continues to work on resetting committers who are no + longer interested in their ports; as well, several ports commit + bits have been stored for safekeeping. This is part of an attempt + to keep the best match between volunteers and work to be done.
+ + +In the time since the last status report, four security + advisories have been issued concerning problems in the base system + of FreeBSD (three in 2006 and one in 2007); of these, one problem + was in "contributed" code, while the remaining three were in code + maintained within FreeBSD. The Vulnerabilities and Exposures Markup + Language (VuXML) document has continued to be updated by the + Security Team and Ports Committers documenting new vulnerabilities + in the FreeBSD Ports Collection; since the last status report, 55 + new entries have been added, bringing the total up to 869.
+ +In order to streamline security team operations and ensure that + incoming emails are promptly acknowledged, Remko Lodder has been + appointed the security team secretary.
+ +The following FreeBSD releases are supported by the FreeBSD + Security Team: FreeBSD 4.11, FreeBSD 5.5, FreeBSD 6.0, FreeBSD 6.1, + and FreeBSD 6.2. The respective End of Life dates of supported + releases are listed on the web site; of particular note, FreeBSD + 4.11 and FreeBSD 6.0 will cease to be supported at the end of + January 2007.
+ +Michael Richardson has been spearheading work to improve the + crypto subsystem used by various parts of the kernel including Fast + IPSec and geli. This work is sponsored by Hifn and has been + happening outside the CVS repository. A main focus of this work is + to add support for higher-level hardware operations that can + significantly improve the performance of IPSec and SSL + protocols.
+ +Results of this work are now being readied for CVS. These + redesign the core/driver APIs to use the kobj facilities and recast + software crypto drivers as pseudo devices. The changes greatly + improve the system and permit new functionality such as specifying + which crypto device to use when multiple are available. The + redesign will also enable load balancing of crypto work across + multiple devices and the addition of virtual crypto sessions by + which small operations can be done in software when the overhead to + set up a hardware device is too costly.
+ +In addition to the changes to the core crypto system several + crypto drivers have been updated to improve their operation. Top of + this list is the hifn(4) driver where many longstanding bugs have + been fixed for 7955/756 parts.
+ +FreeBSD is running multi-user on a variety of Gateworks Avila + boards with most of the on-board devices supported. These include + the compact flash/IDE slot, wired network interfaces, realtime + clock, and environmental sensors. Several different minipci cards + have been tested including those supported by the ath(4) and + hifn(4) drivers. Remaining devices that need support are the + onboard flash, optional 4-port network switch, and optional USB + interface. Crypto acceleration for IXP425 parts is planned but will + likely be done at a later time.
+ +The Network Processor Engine (NPE) support is done with an + entirely new replacement for the Intel Access Layer (IAL). The most + important hardware facilities are supported (e.g. the hardware Q + manager) and the wired NIC driver was also done from scratch. The + resulting code is approximately 1/10th the number of lines of the + equivalent IAL code.
+ + +The ZFS file system works quite well on FreeBSD now. The first + patchset has already been published on the + + freebsd-fs@FreeBSD.org mailing list + + .
+ +All file system methods are already implemented (except + ACL-related). Basically all stress tests I tried work, even under + very high load. There is still a problem with memory allocation, + which can get out of control, but from what I know the SUN guys + also work on this.
+ +Recently I have been working on a file system regression test + suite. From what I found, there are no such test suites for free. + I've already more than 3000 tests and I'm testing correctness of + most file system related syscalls (chflags, chmod, chown, link, + mkdir, mkfifo, open, rename, rmdir, symlink, truncate, unlink). I'm + also working to make it usable on other operating systems (like + Solaris, where it already works and Linux).
+ +Few days ago I also (almost) finished NFS support. You can't use + the 'zfs share' command yet, but you can export file systems via + /etc/exports and you can also access snapshots. It was quite hard, + because snapshots are separate file systems and after exporting the + main file system, we need to also serve data from snapshots under + it.
+ +The one big thing which is missing is ACL support. This is not + an easy task, because we first have to make some decisions. + Currently we use POSIX ACLs in our UFS, but the market is moving + slowly to NTFS/NFSv4-type ACLs. In Solaris they use POSIX ACLs for + UFS and NFSv4-type ACLs for ZFS and we probably also want to use + NFSv4-type ACLs in our ZFS, which requires some work outside + ZFS.
+ +TrustedBSD priv(9) replaces suser(9) as an in-kernel interface + for checking privilege in FreeBSD 7.x. Each privilege check now + takes a specific named privilege. This allows both centralization + of jail logic relating to privilege, which is currently distributed + around the kernel at the point of each call to suser(9), and allows + instrumentation of the privilege logic by the MAC Framework. Two + new MAC Framework entry points, one to grant and the other to limit + privilege, are now available, providing fine-grained control of + kernel privilege by policy modules. This lays the kernel + infrastructure groundwork for further refinement and extension of + the kernel privilege model. The priv(9) implementation has been + committed to FreeBSD 7-CURRENT.
+ +This software was developed by Robert N. M. Watson for the + TrustedBSD Project under contract to nCircle Network Security, + Inc.
+ + +Most work on the MAC Framework during this period, other than as + relates to the priv(9) project described in a separate status + report, has been in refinement of the structure of the framework. +
FreeBSD 6.2-RELEASE, the first release of FreeBSD with + experimental audit support is now available. The plan is to make + audit a full production feature as of FreeBSD 6.3-RELEASE, with + "options AUDIT" compiled in by default. A TODO list has been posted + to trustedbsd-audit.
+ +OpenBSM 1.0 alpha 13, which includes support for XML record + printing, additional 64-bit token types, additional audit events, + and more cross-platform build support, has been released. OpenBSM + 1.0 alpha 14, which adds support for warnings clean building with + gcc 4.1, will be released shortly. The new OpenBSM release will be + merged to FreeBSD CVS in late January or early February.
+ + +Just this week I got routing working for the FAST_IPSEC and IPv6 + code. Now there are memory smash problems, and then we need to + remove the old GIANT lock. I hope to produce another patch with the + routing code working in the next week.
+ + +Normally the socket buffers are static (either derived from + global defaults or set with setsockopt) and do not adapt to real + network conditions. Two things happen: a) your socket buffers are + too small and you can't reach the full potential of the network + between both hosts; b) your socket buffers are too big and you + waste a lot of kernel memory for data just sitting around.
+ +With automatic TCP send and receive socket buffers we can start + with a small buffer and quickly grow it in parallel with the TCP + congestion window to match real network conditions.
+ +FreeBSD has a default 32K send socket buffer. This supports a + maximal transfer rate of only slightly more than 2Mbit/s on a 100ms + RTT trans-continental link. Or at 200ms just above 1Mbit/s. With + TCP send buffer auto scaling and the default values below it + supports 20Mbit/s at 100ms and 10Mbit/s at 200ms. That's an + improvement of factor 10, or 1000%. For the receive side it looks + slightly better with a default of 64K buffer size.
+ +The automatic send buffer sizing patch is currently running on + one half of the FTP.FreeBSD.ORG cluster w/o any problems so far. + Against this machine with the automatic receive buffer sizing patch + I can download at 5.7 MBytes per second. Without patch it maxed out + at 1.6 MBytes per second as the delay bandwidth product became + equal to the static socket buffer size without hitting the limits + of the physical link between the machines. My test machine is about + 35ms from that FTP.FreeBSD.ORG and connected through a moderately + loaded 100Mbit Internet link.
+ +New sysctls are: +
Work on wireless support has continued to evolve in the public + CVS tree while other work has been going on behind the scenes in + the developer's perforce repository.
+ +Support was recently added to HEAD for half- and quarter-rate + channels as found in the 4.9 GHz FCC Public Safety Band. This work + was a prerequisite to adding similar support in the 900 MHz band as + found in Ubiquiti's SR9 cards. Adding this functionality was + straightforward due to the design of the net80211 layer, requiring + only some additions to handle the unusual mapping between + frequencies and IEEE channel numbers. The ath(4) driver currently + supports hardware capable of operating on half- and quarter-rate + channels.
+ +Kip Macy recently made significant advances preparing legacy + drivers for the re-architected net80211 layer that has been + languishing in perforce. With his efforts this code is nearly ready + for public testing after which it can be merged into CVS. Our goal + is to complete this merge in time for the 7.x branch (otherwise it + will be forced to wait for 8.0 before it appears in a public + release). This revised net80211 layer includes advanced station + mode facilities such as background scanning and roaming and support + for Atheros' SuperG extensions. Getting the revised scanning work + into CVS will greatly simplify public distribution of the Virtual + AP (VAP) code as a patch as well as enable addition of 802.11n + support.
+ +Benjamin Close is working on support for the Intel 3945 parts + commonly found in laptops. The work is going on in the perforce + repository with public code drops for testing.
+ +Atheros PCI/Cardbus support was updated with a new HAL that + fixes a few minor issues and corrects a problem that kept AR2424 + parts from working. The new HAL also enables more efficient use of + the hardware keycache for TKIP keys; on newer hardware you can now + support up to 57 stations without faulting keys into the cache. + Support for the latest 802.11n parts found in the new Lenovo and + Apple laptops (among others) is in development; initial release + will support only legacy operation.
+ +Support for Atheros USB devices is coming. Atheros has agreed to + license their firmware with the same license applied to the HAL + which means it can be committed to the tree and distributed as part + of releases. The driver is still in development.
+ +wpa_supplicant and hostapd were updated to the latest stable + build releases from Jouni Malinen. Shortly the in-tree code base + will switch to the 0.5.x tree which will bring in much new + functionality including dynamic VLAN tagging that will be + especially useful once the multi-bss support is available.
+ +The support for injection of raw 802.11 frames was committed to + HEAD. This work was done in collaboration with Andrea Bittau. At + this point there are no plans to commit this to the STABLE branch + as it requires API changes.
+ +The sixth EuroBSDCon will take place in Copenhagen, Denmark on + Friday the 14th and Saturday 15th of September + 2007 + + . The conference will be held at + Symbion Science Park + + . Sunday the 16th there will be an optional tour to LEGOland.
+ +The + call for papers + + was sent out right after EuroBSDCon 2006 in Milan in November and + abstracts are due February 1st! So hurry up and send in all your + fantastic and amazing papers to papers at eurobsdcon dot dk.
+ +Happy New Year. This Report covers the last quarter of a exciting + year 2006 for FreeBSD development. FreeBSD 6.2 is finally out of the + door and work towards FreeBSD 7.0 is gearing up. Some of the projects + in this report will be part of that effort, others are already in the + tree. Many projects need your help with testing and otherwise. Please + see the "Open tasks" sections for more information.
+ +The BSD crowd will meet at + AsiaBSDCon + March 8-10th in Tokyo and a two day FreeBSD developer summit will be + held at + BSDCan + + May 16-19th in Ottawa. Finally, + EuroBSDCon + + September 14-15th in Copenhagen is already looking for papers.
+ +Thanks to all the reporters for the excellent work! We hope you + enjoy reading.
+A toy implementation of GEOM based active/passive multipath is + now done and in a perforce repository. Seems to work.
+ +There have been a number of improvements to FreshPorts over the + last quarter of 2006. The following are just a few of them. The + links take you to the relevant article within the + FreshPorts News website + + . +
My thanks to the many people who have contributed suggestions, + ideas, and code over the years. Most of you are documented at the + above URLs.
+ + +Folks!
+
+
+ It is that time of year. You may have missed the
+ call for papers
+
+ , but please put in your proposal right away. This is often a busy
+ time of year, but please take the time to consider presenting at
+ BSDCan.
Please read the + submission + instructions + + and send in your proposal today!
+ +You may be interested in our sister conference: PGCon. If you + have an interest in + PostgreSQL + + , a leading relational database, which just happens to be open + source, then we have the conference for you! + PGCon 2007 + + will be held immediately after BSDCan 2007, at the same venue, and + will follow a similar format.
+ + +FreeSBIE is approaching the 2.0-RELEASE. The first release + candidate proved to be good enough but a second one will probably + be released. An external developer is working on integrating + BSDInstaller in FreeSBIE 2.0 and this may cause a little delay of + the release date. Release Notes were written and need to be updated + with the current list of packages. A script which allows to switch + Tor+Privoxy on and off was added and its usage was documented. The + 2.0-RELEASE is near, hopefully near the end of January but this + will also depend on when FreeBSD 6.2-RELEASE will be released.
+ +The 'mpt' project is support for the MPT LSI-Logic Host Adapters + (SCSI, Fibre Channel, SAS).
+ +The last quarter saw a lot of change supported by Yahoo! and + LSI-Logic and many others as things settled out for better support + for U320. Some initial Big Endian support was offered by John + Birrel and Scott Long.
+ + +This project is for support for QLogic SCSI and Fibre Channel + host adapters.
+ +The last quarter saw the addition of 4Gb Fibre Channel support + and a complete rewrite of fabric management (which is still + settling out).
+ +Basic audio capture is working. All of the parameters are set by + userland, while the RISC program generation is by kernel. No real + audio has been captured as there are no drivers for the NTSC tuner + yet. Someone with a real Bt878 NTSC card that is supported by + bktr(4) could use this to capture audio without using the sound + card.
+ +Due to lack of documentation from DViCO and LG, I have copied + magic values from the Linux driver and managed to get ATSC + capturing working. There was a bug in the capture driver that was + releasing buffers to userland early causing what appeared to be + reception issues. Now that we use the RISC status bits as buffer + completion bits, capture works cleanly. This does mean that even if + you provide more than 4 buffers to the driver, the buffers will be + divided into four segments, and returned in segments.
+ +A Python module is available, along with a sample capture + application using it. The module is now known to work well with + threads so that tuning (expensive due to i2c ioctls) can happen in + another thread without causing program slow down. The module is + working well with a custom PVR backend.
+ +Additional ioctls have been added to get sibling devices. This + allows one to open a bktrau device, and get the correct bktr(4) + device that is in the same slot. This is necessary so that when + adjusting GPIO pins or sending i2c commands, they are to the + correct device.
+ + +Following the example of our NetBSD friends, we organized a + couple of Bugathons to help decreasing the open PR count. At first, + it was decided to make it a monthly event focused on both src, + ports and doc. Audience decreased with each Bugathon organized and + less non-ports committers attended the events. So from now on, we + will focus on ports (making it a Portathon) and organize a new + event after the end of each ports freeze (that should be twice a + year, at most).
+ +X.org 7.2 release has been delayed more than a month, which gave + us more time to fix build failures, to work on a few runtime issues + and to determine the easiest way to upgrade from 6.9 to 7.2 (mostly + with the help of people on the + + freebsd-x11@ mailing list + + ). Everything is in a rather good shape but there's still a little + amount of work to do. The merge of new ports is most likely to + happen before the end of January.
+ + +During the last three months there has not been so much activity + in the USB project. Some regression issues have been reported and + fixed. Bernd Walter reports that he has got the new USB stack + working on ARM processors with some minor tweaks. Markus Brueffer + reports that he is working on the USB HID parser and support. A + current issue with the new USB stack is that the EHCI driver does + not work on the Sparc64 architecture. If someone has got a Sparc64 + with FreeBSD 7-CURRENT on and can lend the USB project the root + password, a serial console and a USB test device, for example a USB + memory stick, that would be much appreciated. Another unresolved + issue is that the ural(4) USB device driver does not always work. + This is currently being worked on.
+ +If you want to test the new USB stack, check out the USB + perforce tree or download the SVN version of the USB driver from my + USB homepage. At the moment the tarballs are a little out of + date.
+ +Ideas and comments with regard to the new USB API are welcome at + + + freebsd-usb@FreeBSD.org + + .
+ +MPD is moving to the next major release - mpd4_0. At the end of + October one more beta version (4_0b5) was released and first RC is + planned soon.
+ +Since 3_18 and 4_0b4 numerous bugs and cases of incorrect + internal handling have been fixed. Performance has been increased + and system requirements reduced.
+ +Many new features have been implemented: +
Some historically broken features have been reimplemented: +
To support compression, two new Netgraph nodes ng_deflate and + ng_pred1 have been created and the ng_ppp node has been + modified.
+ + +Since the last status report we made good progress in improving + the compatibility environment. We fixed more than 30 testcases on + i386 (130 testcases = 16% still failing) and more than 60 testcases + on amd64 (140 testcases = 17% still failing) in the Linux 2.4 + compatibility. These numbers compare FreeBSD 6.2 with -CURRENT. + Some of those fixes are edge cases in the error handling, and some + of them fix real issues -- e.g. hangs -- and improve the stability + and correctness of the emulation.
+ +Regarding the Linux 2.6 compatibility there are 140 testcases + (17%) on i386 and 150 testcases (18%) on amd64 still failing in + -CURRENT. After fixing some showstopper problems with real + applications, we should be able to give the 2.6 emulation a more + widespread exposure "soon" to find more bugs and to determine the + importance of those Linux syscalls which we did not implement + yet.
+ +The severity of the broken testcases varies, and some of them + will never be fixed, e.g., we will never be able to load Linux + kernel modules into a FreeBSD kernel, being able to add swap with a + Linux command has very low priority, and fixing stuff which is used + by applications like IPC type 17 has high priority.
+ +Some differences in the 2.6 compatibility are because not all + i386 changes are merged into the amd64 code, and some testcases are + already fixed in our perforce repository but need more review + before they can be committed to -CURRENT.
+ +We need some more testers and bug reporters. So if you have a + little bit of time and a favorite Linux application, please play + around with it on -CURRENT. If there is a problem, have a look at + the wiki if we already know about it and report on + + emulation@ + + . We are especially interested in reports about the 2.6 + compatibility (sysctl compat.linux.osversion=2.6.16), but only with + the most recent -CURRENT and maybe with some patches we have in the + perforce repository (mandatory on amd64).
+ +We thank all people who tested the changes / submitted patches + and thus helped improving the Linux compatibility environment.
+ +Since the last status report there were improvements to the + emu10kx driver for High Definition Audio (HDA) compatible chips. + Some more chips are supported now and already supported chips + should provide a better zero-configuration experience.
+ +The generic sound code got some very nice low latency changes, + and fixes which make it multichannel/endian/format safe. We do not + support multichannel operation yet, but this work is a prerequisite + to work on implementing multichannel operation. This work also + fixed some bugs which people may experience as clicks, hickups, + truncation or similar behavior in the sound-output.
+ +So far there is no merge to 5.x or 6.x planned for this code, + especially because there are API/ABI changes, e.g., several sysctls + changed. People who do not care about this can download binary + sound modules from Ariff's download page for 6.x and 5.x.
+ +We thank all people who tested the changes / submitted patches + and thus helped improving the sound system.
+ + +Gábor Kövesdán (gabor@) has submitted the Hungarian translation + of the webpages and Giorgos Keramidas (keramida@) has reviewed and + committed the pages. The initial rendering issues have also been + fixed and the webpage is in a pretty good shape now.
+ +As usual, this translation does not contain every part of the + English version, but the most important and useful parts are there. + Gábor will maintain this translation and regularly sync the content + with the English version and add new translations if such become + available.
+ + +An initial port of the NetBSD wpi driver has been done and + development is happening fast to get this driver ready for the + tree. At present basic functionality works. The driver can + associate with a non encrypted peer and pass data in 11b and 11g + modes. There is still lots to do and testing is welcome.
+ +Many thanks have to go to Sam, Max and Kip for helping the + driver reach this point.
+ + +Though it is still a work in progress, it now supports more + targets, has login CHAP authentication and header/data digest. It + will also recover from a lost connection - most of the time.
+ + +Platform summary: +
Currently the machine is booting FreeBSD 6.1-RELEASE-p10 and + operating both single- and multi-user modes; below are highlights + of available functionality: +
The network stack virtualization project aims at extending the + FreeBSD kernel to maintain multiple independent instances of + networking state. This will allow for complete networking + independence between jails on a system, including giving each jail + its own firewall, virtual network interfaces, rate limiting, + routing tables, and IPSEC configuration.
+ +The prototype currently virtualizes the basic INET and INET6 + kernel structures and subsystems, including the TCP machinery and + the IPFW firewall. The focus is currently being kept on resolving + bugs and sporadic lockups, and defining the internal and management + APIs. It is expected that within the next month the code will + become sufficiently complete and stable for testing by early + adopters.
+ +The BSNMP bridge module for FreeBSD's BSNMP daemon, which was + implemented during SoC 2006, was committed to HEAD. In addition to + RFC 4188 single bridge support it also supports monitoring multiple + bridges via a private MIB. Since SoC 2006 Rapid Spanning Tree + (RSTP) support (RSTP-MIB defined in RFC4318 and additions to the + private MIB) was added to the module as well.
+ +A patch for RELENG_6 is available and will be merged to STABLE + the next weeks.
+ + +During SoC 2005 BSNMP client tools (bsnmptools) were implemented + and have since then been available via Shteryana's P4 tree or port + net-mgmt/bsnmptools.
+ +In order to finally get the code committed some cleanup was + needed which ended in a partly rewrite to minimize duplicate code + and to reduce the size of the binaries. This ongoing work is + available via Bjoern's P4 tree and will be merged back to upstream + trees before it will be committed to HEAD.
+ + +In addition to other more detailed reports this is intended to + give a summary about other ongoing or upcoming BSNMP related work. + To collect some ideas from users and coordinate work a BSNMP TODO + Wiki page was created. Feel free to add your ideas or let us know + about them.
+ ++
The recent activities of the Release Engineering team have + centered around FreeBSD 6.2-RELEASE, which is now available for + downloading. This is the latest release from the RELENG_6 branch, + and includes many new performance and stability improvements, bug + fixes, and new features. The release notes and errata notes for + FreeBSD 6.2 contain more specific information about what's new in + this version. We thank the FreeBSD developer and user community for + their efforts towards making this release possible.
+ +The Release Engineering Team also produced snapshots of FreeBSD + CURRENT in November 2006 and January 2007. These snapshots have not + received extensive testing, and should not be used in production + environments. However, they can be used for testing or + experimentation, and show the kinds of functionality that can be + expected in future FreeBSD releases.
+ +Libelf is a BSD-licensed library for ELF parsing & + manipulation implementing the SysV/SVR4 (g)ELF[3] API.
+ +Current status: The library is now in -CURRENT. Work continues + on its test suite and tutorial, and on deploying it in + PmcTools.
+ +The FreeBSD Dutch Documentation Project is an ongoing project to + translate the FreeBSD Handbook to the Dutch Language.
+ +Currently we almost translated the entire handbook, and we + translated parts of the website, sadly the project went into a + slush lately, so we seek out for fresh and new translators that are + willing to join the team to continue the effort.
+ + +Where have we been?! Not doing status reports, that's for sure. + But the FreeBSD GNOME project has been very busy with regular GNOME + releases, and other side projects. We are currently shipping GNOME + 2.16.2 in the ports tree, and we are testing GNOME 2.17.5 in the + + MarcusCom + + tree.
+ +Most recently, work has completed on a cleanup of the FreeBSD + backend to libgtop. This module has needed a lot of work, and + should now be reporting correct system statistics. The cleaned up + version is currently being tested in the MarcusCom tree, and will + make it into the FreeBSD ports tree along with GNOME 2.18.
+ +The GStreamer framework has been taken out of direct + + gnome@ + + maintainership, and put under a new + + multimedia@ + + umbrella. This will give multimedia-savvy developers a chance to + collaborate on this important piece of the GNOME Desktop along with + other important audio and video components.
+ +The biggest accomplishment of 2006 for the FreeBSD GNOME team + had to have been the port of + HAL + + . This effort was started to give FreeBSD users a richer desktop + experience. Since the initial FreeBSD release of HAL with GNOME + 2.16, it has been incorporated into the FreeBSD release of KDE + 3.5.5 as well as PC-BSD 1.3. The FreeBSD backend has also made it + upstream into the HAL git repository so future releases of HAL will + have FreeBSD support out-of-the-box.
+ +Finally, it is with sadness that we say good-bye to one of our + team members. Adam Weinberger stepped down from the FreeBSD GNOME + team to save lives instead (priorities, man!). His splash screens + and grammar nit-picking will be missed.
+ + +Support for in-kernel NAT, redirect and LSNAT for ipfw was + committed to HEAD, and i encourage people to test it so we can + quickly discover/fix bugs.
+ +To add these features to ipfw, compile a new kernel adding + "options IPFIREWALL_NAT" to your kernel config or, in case you use + modules, add "CFLAGS += -DIPFIREWALL_NAT" to your make.conf.
+ + +Interrupt filtering is a new method to handle interrupts in + FreeBSD that retains backward compatibility with the previous + models (FAST and ITHREAD), while improving over them in some + aspects. With interrupt filtering, the interrupt handler is divided + into 2 parts: the filter (that checks if the actual interrupt + belongs to a device) and a private per-handler ithread (that is + scheduled in case some blocking work has to be done). The main + benefits of this work are: +
During the last quarter many improvements were made up to the + point where 3 archs (i386, amd64 and arm) are reported to work, and + the project can be considered feature complete.
+ +I definitely want to make it part of the 7.0 release.
+ + +The FreeBSD Bugbusting team is a team of volunteers keeping + track of various PR tickets in the GNATS application. Currently the + Bugbusting team is investigating old PR tickets, checking whether + they are still accurate, checking what needs to be done to fix the + issues reported and make sure that the developers team can focus on + the latest releases.
+ +The team is always in need of volunteers willing to give a hand + to resolve the old tickets and get the best feedback that is needed + for the open tickets.
+ +Please contact + + FreeBSD-bugbusters@FreeBSD.org + + if you want more information about the things that need to be + done.
+ + +The FreeBSD Foundation ended 2006 raising over $100,000. We + received commitments for another $55,000 in donations for the Fall + Fundraiser. We fell short of our goal of raising $200,000. But, we + are working hard to fill this gap, early in 2007, so we can + continue with the same level of support for the project and + community. Please go to + + http://www.freebsdfoundation.org/donate/ + + to find out how to make a donation to the foundation.
+ +We added a donors page to our website to acknowledge our + generous donors. We negotiated and are now actively managing a + joint technology project with NLNet and the University of Zagreb to + develop virtualized network stack support for FreeBSD. We sponsored + AsiaBSDCon and are now accepting travel grant applications for this + conference.
+ +We are working to upgrade the project's network testbed with + 10Gigabit interconnects. Cisco has generously donated a 10Gigabit + switch and we have received network adapters from Myricom, + Neterion, Intel, and Chelsio. Adapters from other vendors are being + solicited so that we can do interoperability testing.
+ +For more information on what we've been up to, check out our + end-of-year newsletter at + + http://www.freebsdfoundation.org/press/2006Dec-newsletter.shtml + + .
+ +The ports count has jumped to 16347. The PR count, despite a + jump, has gone back down to around 700.
+ +Not much work has been committed on the ports infrastructure due + to the long 6.2 release cycle. However, many test runs have been + done for several upcoming features, such as making sure that ports + will work with the new release of gcc (4.1), and do not have + /usr/X11R6 hard-coded into them. The intention of the latter is to + move all ports to $LOCALBASE, which can then be selected by the + user. This should help consistency going forwards, albeit at the + cost of a one-time conversion.
+ +GNOME was updated to 2.16 during the release cycle.
+ +In addition, we are in the process of moving the FORTRAN default + from f77 to gfortran. See the ports mailing list for details.
+ +The new xorg ports are still being worked on as well; they are + intended to all live in $LOCALBASE. Hopefully this can get done in + the early 6.3 development cycle. See the wiki for more + information.
+ +A new version of the ports Tinderbox code is available, which is + mostly a bugfix release.
+ +We have also added Pav Lucistnik as a new portmgr member, who we + hope will help us work on the portmgr PR backlog. Welcome!
+ +We have also added 8 new committers since the last report.
+ +linimon continues to work on resetting committers who are no + longer interested in their ports; as well, several ports commit + bits have been stored for safekeeping. This is part of an attempt + to keep the best match between volunteers and work to be done.
+ + +In the time since the last status report, four security + advisories have been issued concerning problems in the base system + of FreeBSD (three in 2006 and one in 2007); of these, one problem + was in "contributed" code, while the remaining three were in code + maintained within FreeBSD. The Vulnerabilities and Exposures Markup + Language (VuXML) document has continued to be updated by the + Security Team and Ports Committers documenting new vulnerabilities + in the FreeBSD Ports Collection; since the last status report, 55 + new entries have been added, bringing the total up to 869.
+ +In order to streamline security team operations and ensure that + incoming emails are promptly acknowledged, Remko Lodder has been + appointed the security team secretary.
+ +The following FreeBSD releases are supported by the FreeBSD + Security Team: FreeBSD 4.11, FreeBSD 5.5, FreeBSD 6.0, FreeBSD 6.1, + and FreeBSD 6.2. The respective End of Life dates of supported + releases are listed on the web site; of particular note, FreeBSD + 4.11 and FreeBSD 6.0 will cease to be supported at the end of + January 2007.
+ +Michael Richardson has been spearheading work to improve the + crypto subsystem used by various parts of the kernel including Fast + IPSec and geli. This work is sponsored by Hifn and has been + happening outside the CVS repository. A main focus of this work is + to add support for higher-level hardware operations that can + significantly improve the performance of IPSec and SSL + protocols.
+ +Results of this work are now being readied for CVS. These + redesign the core/driver APIs to use the kobj facilities and recast + software crypto drivers as pseudo devices. The changes greatly + improve the system and permit new functionality such as specifying + which crypto device to use when multiple are available. The + redesign will also enable load balancing of crypto work across + multiple devices and the addition of virtual crypto sessions by + which small operations can be done in software when the overhead to + set up a hardware device is too costly.
+ +In addition to the changes to the core crypto system several + crypto drivers have been updated to improve their operation. Top of + this list is the hifn(4) driver where many longstanding bugs have + been fixed for 7955/756 parts.
+ +FreeBSD is running multi-user on a variety of Gateworks Avila + boards with most of the on-board devices supported. These include + the compact flash/IDE slot, wired network interfaces, realtime + clock, and environmental sensors. Several different minipci cards + have been tested including those supported by the ath(4) and + hifn(4) drivers. Remaining devices that need support are the + onboard flash, optional 4-port network switch, and optional USB + interface. Crypto acceleration for IXP425 parts is planned but will + likely be done at a later time.
+ +The Network Processor Engine (NPE) support is done with an + entirely new replacement for the Intel Access Layer (IAL). The most + important hardware facilities are supported (e.g. the hardware Q + manager) and the wired NIC driver was also done from scratch. The + resulting code is approximately 1/10th the number of lines of the + equivalent IAL code.
+ + +The ZFS file system works quite well on FreeBSD now. The first + patchset has already been published on the + + freebsd-fs@FreeBSD.org mailing list + + .
+ +All file system methods are already implemented (except + ACL-related). Basically all stress tests I tried work, even under + very high load. There is still a problem with memory allocation, + which can get out of control, but from what I know the SUN guys + also work on this.
+ +Recently I have been working on a file system regression test + suite. From what I found, there are no such test suites for free. + I've already more than 3000 tests and I'm testing correctness of + most file system related syscalls (chflags, chmod, chown, link, + mkdir, mkfifo, open, rename, rmdir, symlink, truncate, unlink). I'm + also working to make it usable on other operating systems (like + Solaris, where it already works and Linux).
+ +Few days ago I also (almost) finished NFS support. You can't use + the 'zfs share' command yet, but you can export file systems via + /etc/exports and you can also access snapshots. It was quite hard, + because snapshots are separate file systems and after exporting the + main file system, we need to also serve data from snapshots under + it.
+ +The one big thing which is missing is ACL support. This is not + an easy task, because we first have to make some decisions. + Currently we use POSIX ACLs in our UFS, but the market is moving + slowly to NTFS/NFSv4-type ACLs. In Solaris they use POSIX ACLs for + UFS and NFSv4-type ACLs for ZFS and we probably also want to use + NFSv4-type ACLs in our ZFS, which requires some work outside + ZFS.
+ +TrustedBSD priv(9) replaces suser(9) as an in-kernel interface + for checking privilege in FreeBSD 7.x. Each privilege check now + takes a specific named privilege. This allows both centralization + of jail logic relating to privilege, which is currently distributed + around the kernel at the point of each call to suser(9), and allows + instrumentation of the privilege logic by the MAC Framework. Two + new MAC Framework entry points, one to grant and the other to limit + privilege, are now available, providing fine-grained control of + kernel privilege by policy modules. This lays the kernel + infrastructure groundwork for further refinement and extension of + the kernel privilege model. The priv(9) implementation has been + committed to FreeBSD 7-CURRENT.
+ +This software was developed by Robert N. M. Watson for the + TrustedBSD Project under contract to nCircle Network Security, + Inc.
+ + +Most work on the MAC Framework during this period, other than as + relates to the priv(9) project described in a separate status + report, has been in refinement of the structure of the framework. +
FreeBSD 6.2-RELEASE, the first release of FreeBSD with + experimental audit support is now available. The plan is to make + audit a full production feature as of FreeBSD 6.3-RELEASE, with + "options AUDIT" compiled in by default. A TODO list has been posted + to trustedbsd-audit.
+ +OpenBSM 1.0 alpha 13, which includes support for XML record + printing, additional 64-bit token types, additional audit events, + and more cross-platform build support, has been released. OpenBSM + 1.0 alpha 14, which adds support for warnings clean building with + gcc 4.1, will be released shortly. The new OpenBSM release will be + merged to FreeBSD CVS in late January or early February.
+ + +Just this week I got routing working for the FAST_IPSEC and IPv6 + code. Now there are memory smash problems, and then we need to + remove the old GIANT lock. I hope to produce another patch with the + routing code working in the next week.
+ + +Normally the socket buffers are static (either derived from + global defaults or set with setsockopt) and do not adapt to real + network conditions. Two things happen: a) your socket buffers are + too small and you can't reach the full potential of the network + between both hosts; b) your socket buffers are too big and you + waste a lot of kernel memory for data just sitting around.
+ +With automatic TCP send and receive socket buffers we can start + with a small buffer and quickly grow it in parallel with the TCP + congestion window to match real network conditions.
+ +FreeBSD has a default 32K send socket buffer. This supports a + maximal transfer rate of only slightly more than 2Mbit/s on a 100ms + RTT trans-continental link. Or at 200ms just above 1Mbit/s. With + TCP send buffer auto scaling and the default values below it + supports 20Mbit/s at 100ms and 10Mbit/s at 200ms. That's an + improvement of factor 10, or 1000%. For the receive side it looks + slightly better with a default of 64K buffer size.
+ +The automatic send buffer sizing patch is currently running on + one half of the FTP.FreeBSD.ORG cluster w/o any problems so far. + Against this machine with the automatic receive buffer sizing patch + I can download at 5.7 MBytes per second. Without patch it maxed out + at 1.6 MBytes per second as the delay bandwidth product became + equal to the static socket buffer size without hitting the limits + of the physical link between the machines. My test machine is about + 35ms from that FTP.FreeBSD.ORG and connected through a moderately + loaded 100Mbit Internet link.
+ +New sysctls are: +
Work on wireless support has continued to evolve in the public + CVS tree while other work has been going on behind the scenes in + the developer's perforce repository.
+ +Support was recently added to HEAD for half- and quarter-rate + channels as found in the 4.9 GHz FCC Public Safety Band. This work + was a prerequisite to adding similar support in the 900 MHz band as + found in Ubiquiti's SR9 cards. Adding this functionality was + straightforward due to the design of the net80211 layer, requiring + only some additions to handle the unusual mapping between + frequencies and IEEE channel numbers. The ath(4) driver currently + supports hardware capable of operating on half- and quarter-rate + channels.
+ +Kip Macy recently made significant advances preparing legacy + drivers for the re-architected net80211 layer that has been + languishing in perforce. With his efforts this code is nearly ready + for public testing after which it can be merged into CVS. Our goal + is to complete this merge in time for the 7.x branch (otherwise it + will be forced to wait for 8.0 before it appears in a public + release). This revised net80211 layer includes advanced station + mode facilities such as background scanning and roaming and support + for Atheros' SuperG extensions. Getting the revised scanning work + into CVS will greatly simplify public distribution of the Virtual + AP (VAP) code as a patch as well as enable addition of 802.11n + support.
+ +Benjamin Close is working on support for the Intel 3945 parts + commonly found in laptops. The work is going on in the perforce + repository with public code drops for testing.
+ +Atheros PCI/Cardbus support was updated with a new HAL that + fixes a few minor issues and corrects a problem that kept AR2424 + parts from working. The new HAL also enables more efficient use of + the hardware keycache for TKIP keys; on newer hardware you can now + support up to 57 stations without faulting keys into the cache. + Support for the latest 802.11n parts found in the new Lenovo and + Apple laptops (among others) is in development; initial release + will support only legacy operation.
+ +Support for Atheros USB devices is coming. Atheros has agreed to + license their firmware with the same license applied to the HAL + which means it can be committed to the tree and distributed as part + of releases. The driver is still in development.
+ +wpa_supplicant and hostapd were updated to the latest stable + build releases from Jouni Malinen. Shortly the in-tree code base + will switch to the 0.5.x tree which will bring in much new + functionality including dynamic VLAN tagging that will be + especially useful once the multi-bss support is available.
+ +The support for injection of raw 802.11 frames was committed to + HEAD. This work was done in collaboration with Andrea Bittau. At + this point there are no plans to commit this to the STABLE branch + as it requires API changes.
+ +The sixth EuroBSDCon will take place in Copenhagen, Denmark on + Friday the 14th and Saturday 15th of September + 2007 + + . The conference will be held at + Symbion Science Park + + . Sunday the 16th there will be an optional tour to LEGOland.
+ +The + call for papers + + was sent out right after EuroBSDCon 2006 in Milan in November and + abstracts are due February 1st! So hurry up and send in all your + fantastic and amazing papers to papers at eurobsdcon dot dk.
+ +Happy New Year. This Report covers the last quarter of a exciting + year 2006 for FreeBSD development. FreeBSD 6.2 is finally out of the + door and work towards FreeBSD 7.0 is gearing up. Some of the projects + in this report will be part of that effort, others are already in the + tree. Many projects need your help with testing and otherwise. Please + see the "Open tasks" sections for more information.
+ +The BSD crowd will meet at + AsiaBSDCon + March 8-10th in Tokyo and a two day FreeBSD developer summit will be + held at + BSDCan + + May 16-19th in Ottawa. Finally, + EuroBSDCon + + September 14-15th in Copenhagen is already looking for papers.
+ +Thanks to all the reporters for the excellent work! We hope you + enjoy reading.
+A toy implementation of GEOM based active/passive multipath is + now done and in a perforce repository. Seems to work.
+ +There have been a number of improvements to FreshPorts over the + last quarter of 2006. The following are just a few of them. The + links take you to the relevant article within the + FreshPorts News website + + . +
My thanks to the many people who have contributed suggestions, + ideas, and code over the years. Most of you are documented at the + above URLs.
+ + +Folks!
+
+
+ It is that time of year. You may have missed the
+ call for papers
+
+ , but please put in your proposal right away. This is often a busy
+ time of year, but please take the time to consider presenting at
+ BSDCan.
Please read the + submission + instructions + + and send in your proposal today!
+ +You may be interested in our sister conference: PGCon. If you + have an interest in + PostgreSQL + + , a leading relational database, which just happens to be open + source, then we have the conference for you! + PGCon 2007 + + will be held immediately after BSDCan 2007, at the same venue, and + will follow a similar format.
+ + +FreeSBIE is approaching the 2.0-RELEASE. The first release + candidate proved to be good enough but a second one will probably + be released. An external developer is working on integrating + BSDInstaller in FreeSBIE 2.0 and this may cause a little delay of + the release date. Release Notes were written and need to be updated + with the current list of packages. A script which allows to switch + Tor+Privoxy on and off was added and its usage was documented. The + 2.0-RELEASE is near, hopefully near the end of January but this + will also depend on when FreeBSD 6.2-RELEASE will be released.
+ +The 'mpt' project is support for the MPT LSI-Logic Host Adapters + (SCSI, Fibre Channel, SAS).
+ +The last quarter saw a lot of change supported by Yahoo! and + LSI-Logic and many others as things settled out for better support + for U320. Some initial Big Endian support was offered by John + Birrel and Scott Long.
+ + +This project is for support for QLogic SCSI and Fibre Channel + host adapters.
+ +The last quarter saw the addition of 4Gb Fibre Channel support + and a complete rewrite of fabric management (which is still + settling out).
+ +Basic audio capture is working. All of the parameters are set by + userland, while the RISC program generation is by kernel. No real + audio has been captured as there are no drivers for the NTSC tuner + yet. Someone with a real Bt878 NTSC card that is supported by + bktr(4) could use this to capture audio without using the sound + card.
+ +Due to lack of documentation from DViCO and LG, I have copied + magic values from the Linux driver and managed to get ATSC + capturing working. There was a bug in the capture driver that was + releasing buffers to userland early causing what appeared to be + reception issues. Now that we use the RISC status bits as buffer + completion bits, capture works cleanly. This does mean that even if + you provide more than 4 buffers to the driver, the buffers will be + divided into four segments, and returned in segments.
+ +A Python module is available, along with a sample capture + application using it. The module is now known to work well with + threads so that tuning (expensive due to i2c ioctls) can happen in + another thread without causing program slow down. The module is + working well with a custom PVR backend.
+ +Additional ioctls have been added to get sibling devices. This + allows one to open a bktrau device, and get the correct bktr(4) + device that is in the same slot. This is necessary so that when + adjusting GPIO pins or sending i2c commands, they are to the + correct device.
+ + +Following the example of our NetBSD friends, we organized a + couple of Bugathons to help decreasing the open PR count. At first, + it was decided to make it a monthly event focused on both src, + ports and doc. Audience decreased with each Bugathon organized and + less non-ports committers attended the events. So from now on, we + will focus on ports (making it a Portathon) and organize a new + event after the end of each ports freeze (that should be twice a + year, at most).
+ +X.org 7.2 release has been delayed more than a month, which gave + us more time to fix build failures, to work on a few runtime issues + and to determine the easiest way to upgrade from 6.9 to 7.2 (mostly + with the help of people on the + + freebsd-x11@ mailing list + + ). Everything is in a rather good shape but there's still a little + amount of work to do. The merge of new ports is most likely to + happen before the end of January.
+ + +During the last three months there has not been so much activity + in the USB project. Some regression issues have been reported and + fixed. Bernd Walter reports that he has got the new USB stack + working on ARM processors with some minor tweaks. Markus Brueffer + reports that he is working on the USB HID parser and support. A + current issue with the new USB stack is that the EHCI driver does + not work on the Sparc64 architecture. If someone has got a Sparc64 + with FreeBSD 7-CURRENT on and can lend the USB project the root + password, a serial console and a USB test device, for example a USB + memory stick, that would be much appreciated. Another unresolved + issue is that the ural(4) USB device driver does not always work. + This is currently being worked on.
+ +If you want to test the new USB stack, check out the USB + perforce tree or download the SVN version of the USB driver from my + USB homepage. At the moment the tarballs are a little out of + date.
+ +Ideas and comments with regard to the new USB API are welcome at + + + freebsd-usb@FreeBSD.org + + .
+ +MPD is moving to the next major release - mpd4_0. At the end of + October one more beta version (4_0b5) was released and first RC is + planned soon.
+ +Since 3_18 and 4_0b4 numerous bugs and cases of incorrect + internal handling have been fixed. Performance has been increased + and system requirements reduced.
+ +Many new features have been implemented: +
Some historically broken features have been reimplemented: +
To support compression, two new Netgraph nodes ng_deflate and + ng_pred1 have been created and the ng_ppp node has been + modified.
+ + +Since the last status report we made good progress in improving + the compatibility environment. We fixed more than 30 testcases on + i386 (130 testcases = 16% still failing) and more than 60 testcases + on amd64 (140 testcases = 17% still failing) in the Linux 2.4 + compatibility. These numbers compare FreeBSD 6.2 with -CURRENT. + Some of those fixes are edge cases in the error handling, and some + of them fix real issues -- e.g. hangs -- and improve the stability + and correctness of the emulation.
+ +Regarding the Linux 2.6 compatibility there are 140 testcases + (17%) on i386 and 150 testcases (18%) on amd64 still failing in + -CURRENT. After fixing some showstopper problems with real + applications, we should be able to give the 2.6 emulation a more + widespread exposure "soon" to find more bugs and to determine the + importance of those Linux syscalls which we did not implement + yet.
+ +The severity of the broken testcases varies, and some of them + will never be fixed, e.g., we will never be able to load Linux + kernel modules into a FreeBSD kernel, being able to add swap with a + Linux command has very low priority, and fixing stuff which is used + by applications like IPC type 17 has high priority.
+ +Some differences in the 2.6 compatibility are because not all + i386 changes are merged into the amd64 code, and some testcases are + already fixed in our perforce repository but need more review + before they can be committed to -CURRENT.
+ +We need some more testers and bug reporters. So if you have a + little bit of time and a favorite Linux application, please play + around with it on -CURRENT. If there is a problem, have a look at + the wiki if we already know about it and report on + + emulation@ + + . We are especially interested in reports about the 2.6 + compatibility (sysctl compat.linux.osversion=2.6.16), but only with + the most recent -CURRENT and maybe with some patches we have in the + perforce repository (mandatory on amd64).
+ +We thank all people who tested the changes / submitted patches + and thus helped improving the Linux compatibility environment.
+ +Since the last status report there were improvements to the + emu10kx driver for High Definition Audio (HDA) compatible chips. + Some more chips are supported now and already supported chips + should provide a better zero-configuration experience.
+ +The generic sound code got some very nice low latency changes, + and fixes which make it multichannel/endian/format safe. We do not + support multichannel operation yet, but this work is a prerequisite + to work on implementing multichannel operation. This work also + fixed some bugs which people may experience as clicks, hickups, + truncation or similar behavior in the sound-output.
+ +So far there is no merge to 5.x or 6.x planned for this code, + especially because there are API/ABI changes, e.g., several sysctls + changed. People who do not care about this can download binary + sound modules from Ariff's download page for 6.x and 5.x.
+ +We thank all people who tested the changes / submitted patches + and thus helped improving the sound system.
+ + +Gábor Kövesdán (gabor@) has submitted the Hungarian translation + of the webpages and Giorgos Keramidas (keramida@) has reviewed and + committed the pages. The initial rendering issues have also been + fixed and the webpage is in a pretty good shape now.
+ +As usual, this translation does not contain every part of the + English version, but the most important and useful parts are there. + Gábor will maintain this translation and regularly sync the content + with the English version and add new translations if such become + available.
+ + +An initial port of the NetBSD wpi driver has been done and + development is happening fast to get this driver ready for the + tree. At present basic functionality works. The driver can + associate with a non encrypted peer and pass data in 11b and 11g + modes. There is still lots to do and testing is welcome.
+ +Many thanks have to go to Sam, Max and Kip for helping the + driver reach this point.
+ + +Though it is still a work in progress, it now supports more + targets, has login CHAP authentication and header/data digest. It + will also recover from a lost connection - most of the time.
+ + +Platform summary: +
Currently the machine is booting FreeBSD 6.1-RELEASE-p10 and + operating both single- and multi-user modes; below are highlights + of available functionality: +
The network stack virtualization project aims at extending the + FreeBSD kernel to maintain multiple independent instances of + networking state. This will allow for complete networking + independence between jails on a system, including giving each jail + its own firewall, virtual network interfaces, rate limiting, + routing tables, and IPSEC configuration.
+ +The prototype currently virtualizes the basic INET and INET6 + kernel structures and subsystems, including the TCP machinery and + the IPFW firewall. The focus is currently being kept on resolving + bugs and sporadic lockups, and defining the internal and management + APIs. It is expected that within the next month the code will + become sufficiently complete and stable for testing by early + adopters.
+ +The BSNMP bridge module for FreeBSD's BSNMP daemon, which was + implemented during SoC 2006, was committed to HEAD. In addition to + RFC 4188 single bridge support it also supports monitoring multiple + bridges via a private MIB. Since SoC 2006 Rapid Spanning Tree + (RSTP) support (RSTP-MIB defined in RFC4318 and additions to the + private MIB) was added to the module as well.
+ +A patch for RELENG_6 is available and will be merged to STABLE + the next weeks.
+ + +During SoC 2005 BSNMP client tools (bsnmptools) were implemented + and have since then been available via Shteryana's P4 tree or port + net-mgmt/bsnmptools.
+ +In order to finally get the code committed some cleanup was + needed which ended in a partly rewrite to minimize duplicate code + and to reduce the size of the binaries. This ongoing work is + available via Bjoern's P4 tree and will be merged back to upstream + trees before it will be committed to HEAD.
+ + +In addition to other more detailed reports this is intended to + give a summary about other ongoing or upcoming BSNMP related work. + To collect some ideas from users and coordinate work a BSNMP TODO + Wiki page was created. Feel free to add your ideas or let us know + about them.
+ ++
The recent activities of the Release Engineering team have + centered around FreeBSD 6.2-RELEASE, which is now available for + downloading. This is the latest release from the RELENG_6 branch, + and includes many new performance and stability improvements, bug + fixes, and new features. The release notes and errata notes for + FreeBSD 6.2 contain more specific information about what's new in + this version. We thank the FreeBSD developer and user community for + their efforts towards making this release possible.
+ +The Release Engineering Team also produced snapshots of FreeBSD + CURRENT in November 2006 and January 2007. These snapshots have not + received extensive testing, and should not be used in production + environments. However, they can be used for testing or + experimentation, and show the kinds of functionality that can be + expected in future FreeBSD releases.
+ +Libelf is a BSD-licensed library for ELF parsing & + manipulation implementing the SysV/SVR4 (g)ELF[3] API.
+ +Current status: The library is now in -CURRENT. Work continues + on its test suite and tutorial, and on deploying it in + PmcTools.
+ +The FreeBSD Dutch Documentation Project is an ongoing project to + translate the FreeBSD Handbook to the Dutch Language.
+ +Currently we almost translated the entire handbook, and we + translated parts of the website, sadly the project went into a + slush lately, so we seek out for fresh and new translators that are + willing to join the team to continue the effort.
+ + +Where have we been?! Not doing status reports, that's for sure. + But the FreeBSD GNOME project has been very busy with regular GNOME + releases, and other side projects. We are currently shipping GNOME + 2.16.2 in the ports tree, and we are testing GNOME 2.17.5 in the + + MarcusCom + + tree.
+ +Most recently, work has completed on a cleanup of the FreeBSD + backend to libgtop. This module has needed a lot of work, and + should now be reporting correct system statistics. The cleaned up + version is currently being tested in the MarcusCom tree, and will + make it into the FreeBSD ports tree along with GNOME 2.18.
+ +The GStreamer framework has been taken out of direct + + gnome@ + + maintainership, and put under a new + + multimedia@ + + umbrella. This will give multimedia-savvy developers a chance to + collaborate on this important piece of the GNOME Desktop along with + other important audio and video components.
+ +The biggest accomplishment of 2006 for the FreeBSD GNOME team + had to have been the port of + HAL + + . This effort was started to give FreeBSD users a richer desktop + experience. Since the initial FreeBSD release of HAL with GNOME + 2.16, it has been incorporated into the FreeBSD release of KDE + 3.5.5 as well as PC-BSD 1.3. The FreeBSD backend has also made it + upstream into the HAL git repository so future releases of HAL will + have FreeBSD support out-of-the-box.
+ +Finally, it is with sadness that we say good-bye to one of our + team members. Adam Weinberger stepped down from the FreeBSD GNOME + team to save lives instead (priorities, man!). His splash screens + and grammar nit-picking will be missed.
+ + +Support for in-kernel NAT, redirect and LSNAT for ipfw was + committed to HEAD, and i encourage people to test it so we can + quickly discover/fix bugs.
+ +To add these features to ipfw, compile a new kernel adding + "options IPFIREWALL_NAT" to your kernel config or, in case you use + modules, add "CFLAGS += -DIPFIREWALL_NAT" to your make.conf.
+ + +Interrupt filtering is a new method to handle interrupts in + FreeBSD that retains backward compatibility with the previous + models (FAST and ITHREAD), while improving over them in some + aspects. With interrupt filtering, the interrupt handler is divided + into 2 parts: the filter (that checks if the actual interrupt + belongs to a device) and a private per-handler ithread (that is + scheduled in case some blocking work has to be done). The main + benefits of this work are: +
During the last quarter many improvements were made up to the + point where 3 archs (i386, amd64 and arm) are reported to work, and + the project can be considered feature complete.
+ +I definitely want to make it part of the 7.0 release.
+ + +The FreeBSD Bugbusting team is a team of volunteers keeping + track of various PR tickets in the GNATS application. Currently the + Bugbusting team is investigating old PR tickets, checking whether + they are still accurate, checking what needs to be done to fix the + issues reported and make sure that the developers team can focus on + the latest releases.
+ +The team is always in need of volunteers willing to give a hand + to resolve the old tickets and get the best feedback that is needed + for the open tickets.
+ +Please contact + + FreeBSD-bugbusters@FreeBSD.org + + if you want more information about the things that need to be + done.
+ + +The FreeBSD Foundation ended 2006 raising over $100,000. We + received commitments for another $55,000 in donations for the Fall + Fundraiser. We fell short of our goal of raising $200,000. But, we + are working hard to fill this gap, early in 2007, so we can + continue with the same level of support for the project and + community. Please go to + + http://www.freebsdfoundation.org/donate/ + + to find out how to make a donation to the foundation.
+ +We added a donors page to our website to acknowledge our + generous donors. We negotiated and are now actively managing a + joint technology project with NLNet and the University of Zagreb to + develop virtualized network stack support for FreeBSD. We sponsored + AsiaBSDCon and are now accepting travel grant applications for this + conference.
+ +We are working to upgrade the project's network testbed with + 10Gigabit interconnects. Cisco has generously donated a 10Gigabit + switch and we have received network adapters from Myricom, + Neterion, Intel, and Chelsio. Adapters from other vendors are being + solicited so that we can do interoperability testing.
+ +For more information on what we've been up to, check out our + end-of-year newsletter at + + http://www.freebsdfoundation.org/press/2006Dec-newsletter.shtml + + .
+ +The ports count has jumped to 16347. The PR count, despite a + jump, has gone back down to around 700.
+ +Not much work has been committed on the ports infrastructure due + to the long 6.2 release cycle. However, many test runs have been + done for several upcoming features, such as making sure that ports + will work with the new release of gcc (4.1), and do not have + /usr/X11R6 hard-coded into them. The intention of the latter is to + move all ports to $LOCALBASE, which can then be selected by the + user. This should help consistency going forwards, albeit at the + cost of a one-time conversion.
+ +GNOME was updated to 2.16 during the release cycle.
+ +In addition, we are in the process of moving the FORTRAN default + from f77 to gfortran. See the ports mailing list for details.
+ +The new xorg ports are still being worked on as well; they are + intended to all live in $LOCALBASE. Hopefully this can get done in + the early 6.3 development cycle. See the wiki for more + information.
+ +A new version of the ports Tinderbox code is available, which is + mostly a bugfix release.
+ +We have also added Pav Lucistnik as a new portmgr member, who we + hope will help us work on the portmgr PR backlog. Welcome!
+ +We have also added 8 new committers since the last report.
+ +linimon continues to work on resetting committers who are no + longer interested in their ports; as well, several ports commit + bits have been stored for safekeeping. This is part of an attempt + to keep the best match between volunteers and work to be done.
+ + +In the time since the last status report, four security + advisories have been issued concerning problems in the base system + of FreeBSD (three in 2006 and one in 2007); of these, one problem + was in "contributed" code, while the remaining three were in code + maintained within FreeBSD. The Vulnerabilities and Exposures Markup + Language (VuXML) document has continued to be updated by the + Security Team and Ports Committers documenting new vulnerabilities + in the FreeBSD Ports Collection; since the last status report, 55 + new entries have been added, bringing the total up to 869.
+ +In order to streamline security team operations and ensure that + incoming emails are promptly acknowledged, Remko Lodder has been + appointed the security team secretary.
+ +The following FreeBSD releases are supported by the FreeBSD + Security Team: FreeBSD 4.11, FreeBSD 5.5, FreeBSD 6.0, FreeBSD 6.1, + and FreeBSD 6.2. The respective End of Life dates of supported + releases are listed on the web site; of particular note, FreeBSD + 4.11 and FreeBSD 6.0 will cease to be supported at the end of + January 2007.
+ +Michael Richardson has been spearheading work to improve the + crypto subsystem used by various parts of the kernel including Fast + IPSec and geli. This work is sponsored by Hifn and has been + happening outside the CVS repository. A main focus of this work is + to add support for higher-level hardware operations that can + significantly improve the performance of IPSec and SSL + protocols.
+ +Results of this work are now being readied for CVS. These + redesign the core/driver APIs to use the kobj facilities and recast + software crypto drivers as pseudo devices. The changes greatly + improve the system and permit new functionality such as specifying + which crypto device to use when multiple are available. The + redesign will also enable load balancing of crypto work across + multiple devices and the addition of virtual crypto sessions by + which small operations can be done in software when the overhead to + set up a hardware device is too costly.
+ +In addition to the changes to the core crypto system several + crypto drivers have been updated to improve their operation. Top of + this list is the hifn(4) driver where many longstanding bugs have + been fixed for 7955/756 parts.
+ +FreeBSD is running multi-user on a variety of Gateworks Avila + boards with most of the on-board devices supported. These include + the compact flash/IDE slot, wired network interfaces, realtime + clock, and environmental sensors. Several different minipci cards + have been tested including those supported by the ath(4) and + hifn(4) drivers. Remaining devices that need support are the + onboard flash, optional 4-port network switch, and optional USB + interface. Crypto acceleration for IXP425 parts is planned but will + likely be done at a later time.
+ +The Network Processor Engine (NPE) support is done with an + entirely new replacement for the Intel Access Layer (IAL). The most + important hardware facilities are supported (e.g. the hardware Q + manager) and the wired NIC driver was also done from scratch. The + resulting code is approximately 1/10th the number of lines of the + equivalent IAL code.
+ + +The ZFS file system works quite well on FreeBSD now. The first + patchset has already been published on the + + freebsd-fs@FreeBSD.org mailing list + + .
+ +All file system methods are already implemented (except + ACL-related). Basically all stress tests I tried work, even under + very high load. There is still a problem with memory allocation, + which can get out of control, but from what I know the SUN guys + also work on this.
+ +Recently I have been working on a file system regression test + suite. From what I found, there are no such test suites for free. + I've already more than 3000 tests and I'm testing correctness of + most file system related syscalls (chflags, chmod, chown, link, + mkdir, mkfifo, open, rename, rmdir, symlink, truncate, unlink). I'm + also working to make it usable on other operating systems (like + Solaris, where it already works and Linux).
+ +Few days ago I also (almost) finished NFS support. You can't use + the 'zfs share' command yet, but you can export file systems via + /etc/exports and you can also access snapshots. It was quite hard, + because snapshots are separate file systems and after exporting the + main file system, we need to also serve data from snapshots under + it.
+ +The one big thing which is missing is ACL support. This is not + an easy task, because we first have to make some decisions. + Currently we use POSIX ACLs in our UFS, but the market is moving + slowly to NTFS/NFSv4-type ACLs. In Solaris they use POSIX ACLs for + UFS and NFSv4-type ACLs for ZFS and we probably also want to use + NFSv4-type ACLs in our ZFS, which requires some work outside + ZFS.
+ +TrustedBSD priv(9) replaces suser(9) as an in-kernel interface + for checking privilege in FreeBSD 7.x. Each privilege check now + takes a specific named privilege. This allows both centralization + of jail logic relating to privilege, which is currently distributed + around the kernel at the point of each call to suser(9), and allows + instrumentation of the privilege logic by the MAC Framework. Two + new MAC Framework entry points, one to grant and the other to limit + privilege, are now available, providing fine-grained control of + kernel privilege by policy modules. This lays the kernel + infrastructure groundwork for further refinement and extension of + the kernel privilege model. The priv(9) implementation has been + committed to FreeBSD 7-CURRENT.
+ +This software was developed by Robert N. M. Watson for the + TrustedBSD Project under contract to nCircle Network Security, + Inc.
+ + +Most work on the MAC Framework during this period, other than as + relates to the priv(9) project described in a separate status + report, has been in refinement of the structure of the framework. +
FreeBSD 6.2-RELEASE, the first release of FreeBSD with + experimental audit support is now available. The plan is to make + audit a full production feature as of FreeBSD 6.3-RELEASE, with + "options AUDIT" compiled in by default. A TODO list has been posted + to trustedbsd-audit.
+ +OpenBSM 1.0 alpha 13, which includes support for XML record + printing, additional 64-bit token types, additional audit events, + and more cross-platform build support, has been released. OpenBSM + 1.0 alpha 14, which adds support for warnings clean building with + gcc 4.1, will be released shortly. The new OpenBSM release will be + merged to FreeBSD CVS in late January or early February.
+ + +Just this week I got routing working for the FAST_IPSEC and IPv6 + code. Now there are memory smash problems, and then we need to + remove the old GIANT lock. I hope to produce another patch with the + routing code working in the next week.
+ + +Normally the socket buffers are static (either derived from + global defaults or set with setsockopt) and do not adapt to real + network conditions. Two things happen: a) your socket buffers are + too small and you can't reach the full potential of the network + between both hosts; b) your socket buffers are too big and you + waste a lot of kernel memory for data just sitting around.
+ +With automatic TCP send and receive socket buffers we can start + with a small buffer and quickly grow it in parallel with the TCP + congestion window to match real network conditions.
+ +FreeBSD has a default 32K send socket buffer. This supports a + maximal transfer rate of only slightly more than 2Mbit/s on a 100ms + RTT trans-continental link. Or at 200ms just above 1Mbit/s. With + TCP send buffer auto scaling and the default values below it + supports 20Mbit/s at 100ms and 10Mbit/s at 200ms. That's an + improvement of factor 10, or 1000%. For the receive side it looks + slightly better with a default of 64K buffer size.
+ +The automatic send buffer sizing patch is currently running on + one half of the FTP.FreeBSD.ORG cluster w/o any problems so far. + Against this machine with the automatic receive buffer sizing patch + I can download at 5.7 MBytes per second. Without patch it maxed out + at 1.6 MBytes per second as the delay bandwidth product became + equal to the static socket buffer size without hitting the limits + of the physical link between the machines. My test machine is about + 35ms from that FTP.FreeBSD.ORG and connected through a moderately + loaded 100Mbit Internet link.
+ +New sysctls are: +
Work on wireless support has continued to evolve in the public + CVS tree while other work has been going on behind the scenes in + the developer's perforce repository.
+ +Support was recently added to HEAD for half- and quarter-rate + channels as found in the 4.9 GHz FCC Public Safety Band. This work + was a prerequisite to adding similar support in the 900 MHz band as + found in Ubiquiti's SR9 cards. Adding this functionality was + straightforward due to the design of the net80211 layer, requiring + only some additions to handle the unusual mapping between + frequencies and IEEE channel numbers. The ath(4) driver currently + supports hardware capable of operating on half- and quarter-rate + channels.
+ +Kip Macy recently made significant advances preparing legacy + drivers for the re-architected net80211 layer that has been + languishing in perforce. With his efforts this code is nearly ready + for public testing after which it can be merged into CVS. Our goal + is to complete this merge in time for the 7.x branch (otherwise it + will be forced to wait for 8.0 before it appears in a public + release). This revised net80211 layer includes advanced station + mode facilities such as background scanning and roaming and support + for Atheros' SuperG extensions. Getting the revised scanning work + into CVS will greatly simplify public distribution of the Virtual + AP (VAP) code as a patch as well as enable addition of 802.11n + support.
+ +Benjamin Close is working on support for the Intel 3945 parts + commonly found in laptops. The work is going on in the perforce + repository with public code drops for testing.
+ +Atheros PCI/Cardbus support was updated with a new HAL that + fixes a few minor issues and corrects a problem that kept AR2424 + parts from working. The new HAL also enables more efficient use of + the hardware keycache for TKIP keys; on newer hardware you can now + support up to 57 stations without faulting keys into the cache. + Support for the latest 802.11n parts found in the new Lenovo and + Apple laptops (among others) is in development; initial release + will support only legacy operation.
+ +Support for Atheros USB devices is coming. Atheros has agreed to + license their firmware with the same license applied to the HAL + which means it can be committed to the tree and distributed as part + of releases. The driver is still in development.
+ +wpa_supplicant and hostapd were updated to the latest stable + build releases from Jouni Malinen. Shortly the in-tree code base + will switch to the 0.5.x tree which will bring in much new + functionality including dynamic VLAN tagging that will be + especially useful once the multi-bss support is available.
+ +The support for injection of raw 802.11 frames was committed to + HEAD. This work was done in collaboration with Andrea Bittau. At + this point there are no plans to commit this to the STABLE branch + as it requires API changes.
+ +The sixth EuroBSDCon will take place in Copenhagen, Denmark on + Friday the 14th and Saturday 15th of September + 2007 + + . The conference will be held at + Symbion Science Park + + . Sunday the 16th there will be an optional tour to LEGOland.
+ +The + call for papers + + was sent out right after EuroBSDCon 2006 in Milan in November and + abstracts are due February 1st! So hurry up and send in all your + fantastic and amazing papers to papers at eurobsdcon dot dk.
+ +Use the xml generator or download and edit the xml-template.
One of the benefits of the FreeBSD development model is a focus on centralized design and implementation, in which the operating system is maintained in a central repository, and discussed on centrally maintained lists. This allows for a high level of coordination between authors of various components of the system, and allows policies to be enforced over the entire system, covering issues ranging from architecture to style. However, as the FreeBSD developer community has grown, and the rate of both mailing list traffic and tree modifications has increased, making it difficult even for the most dedicated developer to remain on top of all the work going on in the tree.
The FreeBSD Quarterly Development Status Report attempts to address this problem by providing a vehicle that allows developers to make the broader community aware of their on-going work on FreeBSD, both in and out of the central source repository. For each project and sub-project, a one paragraph summary is included, indicating progress since the last summary. If it is a new project, or if a project has not submitted any prior status reports, a short description may precede the status information.
These status reports may be reproduced in whole or in part, as long as the source is clearly identified and appropriate credit given.