diff --git a/en/news/status/report-2010-07-2010-09.xml b/en/news/status/report-2010-07-2010-09.xml
index 7c72cfbefd..bd57eb28d8 100644
--- a/en/news/status/report-2010-07-2010-09.xml
+++ b/en/news/status/report-2010-07-2010-09.xml
@@ -1,2536 +1,2639 @@
-
+
This report covers &os;-related projects between July and
September 2010. It is the third of the four reports planned for
- 2010. During this period, we were
- victims of one of the biggest BSD events of the year - EuroBSDCon.
+ 2010. During this period, we were victims of one
+ of the biggest BSD events of the year — EuroBSDCon.
We hope that the ones of you who have been able to attend it
have enjoyed your stay. Another good news is that work on the
new minor versions of &os;, 7.4 and 8.2, is progressing well. This report, with 52 entries, is the longest report in
+ This report, with 54 entries, is the longest report in
the whole history and shows a good condition of the &os;
community. Thanks to all the reporters for the excellent work! We hope you
- enjoy the reading.
Please note that the deadline for submissions covering the period between October and December 2010 is January 15th, 2011.
&os;-CURRENT runs on the AR9132 SoC. Minor platform-specific tweaks are needed to use it on a given piece of hardware (eg., where in flash the Ethernet MAC address is stored.) The AR910x wireless MAC/PHY is supported. The only available test platform uses a 2.4GHz radio; 5GHz 11a mode has not been tested. As with other atheros chipset support in &os;, 11n support is not yet finished. The current development platform is the TP-Link TP-WN1043ND 802.11n wireless bridge/router. It is currently being successfully used as a 11bg access point.
pkg_patch is a tool meant to be used with the rest of the pkg_* utilities whose job is to create and apply binary patches to &os; package archives. The SoC project was successfully completed but there are some open issues about the integration of the tool in the &os; system. Some changes are necessary to the port/patch infrastructure to support the "update" mode instead of "remove+add".
This project has two goals: pre-allocation algorithm for ext2fs and ext4 read-only mode. The aim of pre-allocation algorithm is to implement a reservation window mechanism. This mechanism has been implemented and I have submitted a patch file to mailing list (fs@FreeBSD.org). The aim of ext4 read-only mode is to make it possible to read ext4 file systems in read-only mode when the disk is formatted with default features. Until now it can read data from ext4 file systems with default features in read-only mode. I have submitted a patch to mailing list (fs@FreeBSD.org) and am building a new kernel module for it, which is called ext4fs.
The BSD# Project is devoted to porting the Mono .NET framework and applications to the &os; operating system.
Mono 2.8 has been released a few days ago and is already available in the BSD# repository. The update breaks a few ports so the lang/mono update in the &os; ports tree will be delayed until those programs are fixed for a smoother update experience.
Work is in progress to include some long-awaited ports such as deskutils/gnome-do but they require a lot of testing and hacking because they have clearly been designed to run on GNU/Linux and portability has never been a priority (which is quite amusing if you consider portability is the main reason to be for mono).
We recently imported the 2.8 release of Clang into head. This +
We recently imported the 2.8 release of Clang into CURRENT. This release contains many new features and improvements. The integrated assembler ships with this version, but it is not ready for general use yet.
Since r212979, all necessary changes have been committed to be able to build world with Clang, at least on amd64 and i386. It can also be installed and run, and we are now starting the process of shaking out the inevitable bugs.
Because LLVM and Clang are still being improved continuously, we want to import new versions regularly, approximately every two months, to gain access to new features, bug fixes and performance improvements.
There is also an effort on behalf of the ports people, to make as many ports as possible compile and run properly with Clang. Most of the time, this means fixing the incorrect assumption that gcc is the only existing compiler, but sometimes more complicated issues pop up. Help in this area is greatly appreciated.
The goal of the project is to allow easier extension of base system tools by the ports system. Ideally, no files in /etc should need to be modified by a port installation.
The man toolset was recently reimplemented as a BSDL version instead of the old GPL version. It is also a single shell script instead of multiple C programs. Ports can extend the man functionality by dropping files into /usr/local/etc/man.d/portname.conf.
Next up on the list is to finish the implementation for newsyslog thereby allowing ports that need logs rotated to take advantage of that tool.
All Octeon development is now ongoing in 9.0-CURRENT and most Octeon-specific and general MIPS changes from the old Octeon branch have been checked in. The Simple Executive from the Cavium Octeon SDK has been checked into Subversion and most of the Octeon port has been updated to use it where appropriate, including moving to a port of the Linux Ethernet driver, octe. SMP support is stable on 2-core systems and has seen some testing on systems with up to 16 cores.
Work on new event timers infrastructure continues. In HEAD +
Work on new event timers infrastructure continues. In CURRENT amd64, arm (Marvell), i386, mips, pc98, powerpc, sparc64, sun4v architectures were refactored to use new timers API.
New machine-independent timers management code was written. It can utilize both legacy periodic and new one-shot timer operation modes.
Using one-shot mode allows to significantly reduce the number of timer interrupts and respectively increase CPU sleep time during idle periods. Timer interrupts on idle CPUs are now generated only when they are needed to handle registered time-based events. Busy CPUs unluckily still receive the full interrupt rate for purposes of resource accounting, scheduling and timekeeping.
With some additional tuning it is now possible to have an 8-core system, receiving only about 100 interrupts per second and respectively have CPU idle periods up to 100ms. This allows to effectively use any supported CPU idle states (C-states), that reduces power consumption and increases effect of the Intel TurboBoost technology.
New manual pages were written to document this functionality: eventtimers(7), attimer(4), atrtc(4), hpet(4).
Given the current status of fenner's Distfiles Survey, a new distfile checker was written in order to have an overview for the state of each distfile in the ports tree. The distfile checker is also able to verify WWW entries in pkg-descr files. This is an attempt to weed out broken MASTER_SITES and outdated WWW entries.
The current version uses a MySQL database backend and is able to verify 432512 distfiles (30 concurrent threads) within 24 hours.
Userland DTrace support was a &os; Foundation sponsored project that was developed during this summer. The project aimed to bring the userland DTracing functionality to &os; as it is available on OpenSolaris. &os; now supports the pid provider and the usdt probes. plockstat is available with a separate patch. Dtruss, a DTrace script that works similarly to ktrace, but with other advantages was imported into &os;. The mysql-server and postgresql-server ports also have DTrace support.
&os;/powerpc64 now boots multi-user SMP and is self-hosting on the Playstation 3. Booting requires a PS3 console with the OtherOS capability (fat model console with firmware < 3.21). The only supported hardware at present is the Ethernet controller.
We are still in the beginning of the project since we started it after the summer of code.
The ports tree count now exceeds 22,000. With the assistance of many people, especially Philip Gollucci, the open PR count is below 1000 for the first time in quite a while. This is very encouraging progress.
Since the last report, we added five new committers, and took in two commit bits for safe keeping.
With onsite assistance from jhb@, gnn@, skreuzer@, and pgollucci@, we now have 11 new servers at NYI. The machines still need testing for stability and will soon be assigned for package building.
The Ports Management team have been running -exp runs on an ongoing basis, verifying how base system updates may affect the ports tree, as well as providing QA runs for major ports updates. Of note, -exp runs were done for:
We were happy to have more than 40 &os; developers and guests attending the &os; Developer Summit prior to EuroBSDCon 2010 in Karlsruhe, Germany. This workshop-style event was hosted at Karlsruhe Institute of Technology, and included prepared presentations in the morning, as well as group hacking and discussion sections in the afternoon. We had various talks on several topics, covering the USB subsystem, state of the toolchain, the &os; documentation, NanoBSD improvements, &os; port of PF, jails, Virtual Private Systems, cooperation with the PC-BSD Project, FreeNAS, the new event timers subsystems, bugbusting discussions and Ports Tinderbox presentations, and many of this year's and last year's Google Summer of Code projects. Photos, videos, and slides for most of the talks are available on the wiki page.
During the last two months the USB stack in &os;-current has +
During the last two months the USB stack in &os;-CURRENT has been enhanced to support USB 3.0 and the XHCI USB 3.0 chipset from Intel. The XHCI chip will eventually replace the EHCI, OHCI and UHCI chips.
&os;/mips has been ported to D-Link DAP-1350, wireless AP/router based on Ralink RT3052F SoC.
Drivers status:
&os;/mips D-Link DIR-320 project(BCM5354 SoC).
New profile openvpn-router available for testing.
updating.versia.com features web feeds for UPDATING files from ports, head, stable/7 and stable/8. These feeds provide an easy way to track important changes in the ports tree and the base system.
Apart from the constant bug fixing and adaptions to machine-independent changes that pretty much always take place, not much has happened in the area of sparc64 since the last status report. The only noteworthy exception are some performance optimizations which take advantage of features of Fujitsu SPARC64 CPUs. These were a bit too risky for putting them in shortly before &os; 8.1-RELEASE but will be part of 7.4-RELEASE and 8.2-RELEASE now that they have received the necessary testing.
Part of reasons why not much has happened in this spot was some lack of time on my side but also due to nobody showing up with a not yet supported sun4u machine lately and me delving in the network land instead, which yielded some things to report about in the next status report. On the other hand I recently got a hold of a Sun Fire 3800, so these and other models from the same family likely will be supported by &os; at some point in the future.
The committers to the German Documentation Project were mostly trying to keep the documents and the website translations in sync with the ones on &os;.org. Fabian Ruch was helpful in catching up with the changes to the Porters Handbook. Benedict translated the Solid State article into German because this is becoming a good addition to traditional hard drive storage.
We tried to re-activate committers who did not contribute for some time but most of them are currently unable to free up enough time. We hope to gain fresh contributor blood as we are getting occasional reports about bugs and grammar in the German translation.
Kristaps' groff-replacement (for rendering manpages, only) is already available in NetBSD and OpenBSD, and used to render the base system manpages for the latter. This project aims to do similar things for &os;.
mandoc(1) is more strict in what it accepts as input and is still lacking some features that are used by some selected few manpages.
Getting manpage fixes accepted by upstream vendors has been challenging. Waiting for them to round-trip back into &os; will take even longer. Future work will therefore result in direct commits to our contrib/ and gnu/ repository areas, in the hope this will not impact future vendor imports too much.
pkg_upgrade was (to my knowledge) the first binary packages only update tool for the &os; ports. Using it does not require a copy of the ports tree.
Currently the tool is in the final stages of a recode, that will greatly improve support for sharing packages over NFS or nullfs mounts (e.g. for distributing packages into jails) and also offers improved dependency tracking and performance, more in line with how pointyhat and Tinderbox build packages.
I recently had the opportunity to present my work at the EuroBSDCon2010.
All work is now in Perforce. Rich set of features is added to the kernel, userland tools and libc modifications are ready, documentation is ready.
PEFS is a kernel level stacked cryptographic filesystem, i.e. it stacks on top of existing mounted filesystems. AES and Camellia algorithms in XTS mode are supported. The project has matured since Summer of Code 2009, most important improvements for last few months include: switch to use XTS encryption mode, implementation of sparse file support, fixing rename bugs including race and livelock conditions, addition of ext2 support. PEFS suite contains pam module facilitating user authentication with filesystem key and adding keys to mounted filesystem on login. PEFS passes fsx, pjdfstest, blogbench and dbench tests running on top of UFS and ZFS.
Ringmap is a complete &os; packet capturing stack specialized for very high-speed networks. The goal of this project is to develop the software for efficient packet capturing and integrate it with the generic network drivers and libpcap.
Current Status:
We were proud to be a sponsor for MeetBSD 2010 Poland and KyivBSD 2010 in Kiev, Ukraine. We also committed to sponsoring BSDDay Argentina 2010, MeetBSD California 2010, and NYBSDCon 2010 all in November. The Foundation was also represented at MeetBSD Poland and Ohio LinuxFest.
Completed the Foundation funded projects: &os; Jail Based Virtualization by Bjoern Zeeb and DTrace Userland by Rui Paulo.
We kicked off a new project by Swinburne University called Five New TCP Congestion Control Algorithms for &os;.
We continued our work on infrastructure projects to beef up hardware for package-building, network-testing, etc. This includes purchasing equipment as well as managing equipment donations.
We are three quarters of the way through the year and we have raised around $160,000 towards our goal of $350,000. Find out how to make a donation at http://www.FreeBSDFoundation.org/donate/
Stop by and visit with us at MeetBSD California (Nov 5-6), LISA (Nov 10-11), and NYCBSDCon (Nov 12-14).
Chromium is a Webkit-based web browser that is largely BSD licensed and was recently committed to ports. It has been working well on &os; and supports new features like HTML 5 video. Newer builds use the Clang compiler, Clang first compiled a non-debug build of Chromium, a very large C++ project, on &os;. This porting effort employs a new hybrid-source model: portions of the latest &os; patches are kept closed for a limited time and new builds are made available only to paying subscribers, while older builds are eventually spun off to ports. Further work remains to port all of Chromium to &os;, I am now porting the task manager to use &os;'s libkvm and the ALSA audio backend needs to be ported to OSS. There are other issues listed at the porting summary, contact me if you would like to pitch in.
The purpose of this one-day event is to gather Central European developers of today's open-source BSD systems to popularize their work and their organizations, and to meet each other in the real life. We would also like to motivate potential future developers and users, especially undergraduate university students to work with BSD systems. This year's BSD-Day will be held in Budapest, Hungary at Eötvös Loránd University, Faculty of Informatics on November 20, 2010. Everybody is welcome!
Work has commenced on a newly funded &os; Foundation project to bring six modular TCP congestion control (CC) algorithm implementations (the existing NewReno and five new algorithms: HTCP, CUBIC, Vegas, HD and CHD) to the &os; kernel. See the CAIA 5cc and NewTCP websites for more details on the algorithms.
To support the project's primary deliverable, we will also be incorporating the CAIA modular CC and Khelp frameworks into the &os; kernel, along with the Enhanced Round Trip Time Khelp module.
The project will make a sizable, state-of-the-art contribution to &os; and in certain areas, add completely novel work unavailable in any other operating system known to us.
We anticipate a number of benefits, including vastly improved researcher friendliness, reduced work for TCP oriented vendors of &os;-based appliances, and greater choice for system administrators who operate &os; systems in atypical network scenarios.
Keep an eye on the freebsd-net@FreeBSD.org mailing list for project related announcements.
All outstanding patches have been committed to the svn "head" branch after a lengthy review process. I anticipate merging all of the project's SIFTR and reassembly queue related patches from head to the stable branches in time for the upcoming 7.4 and 8.2 releases.
The goal of this project is to implement resource containers and a simple per-jail resource limits mechanism. Resource containers are also a prerequisite for other resource management mechanisms, such as Hierarchical Resource Limits, for "Collective Limits on Set of Processes (aka. Jobs)" Google Summer of Code 2010 project, for implementing mechanism similar to Linux cgroups, and might be also used to e.g. provide precise resource usage accounting for administrative or billing purposes. So far, a generic resource usage framework has been developed, along with limit enforcement for most resources. Work is ongoing on adding limits for remaining resources, debugging and generally improving the implementation. This project is being sponsored by The &os; Foundation.
During the previous few months several additions were developed to &os;'s built-in SNMP daemon - bsnmpd(1). First a snmp_wlan(3) module was developed that allows monitoring and configuration of wlan(4) interfaces operating in various modes, including statistics, attached/neighboring station information, MAC access control entries and mesh routing information. The module's code was submitted in SVN and is now a part of the &os; base system. Next, SNMPv3 authentication and encryption support were added to bsnmplib(3), bsnmpd(1) and bsnmptools (which are available via the ports system currently). The message digest and cipher calculation calls use the implementation of the relevant cryptographic algorithm implementation in OpenSSL's crypto(3) library. bsnmpd(1) may still optionally be compiled without the crypto(3) library, in which case only unauthenticated plain-text SNMPv3 PDUs may be processed. In addition, a snmp_usm(3) module was developed that is used to configure SNMPv3 users parameters (name, authentication & encryption algorithms used and relevant keys, etc.) into bsnmpd(1) as per RFC 3414. Finally, a snmp_vacm(3) module was developed that allows configuration of view-based access control as per RFC 3415, and relevant checks are made by bsnmpd(1) that allow or restrict access to specific SNMPv1/SNMPv2 communities or SNMPv3 users to certain MIB subtrees as per the configuration in the snmp_vacm(3) module. If none of the SNMPv3-related modules is loaded, bsnmpd(1) preserves its current behavior with SNMPv1/SNMPv2c PDUs. This work is being funded by the &os; Foundation.
&os; Services Control is a mix of binaries which integrate into the rc.d system and provide for service (daemon) monitoring. It knows about signals, pidfiles, and uses very little resources.
The fsc daemon (fscd) runs in the background once the system has started. Services are then added to this daemon via the fscadm control utility and from there they will be monitored. When they die, depending on the reason, they will be restarted. Certain signals may be ignored (list not decided), and fscd will remove that service from monitoring. Every action is logged to the system logging daemon. Additionally, the fscadm utility may be used to inquire about what services are monitored, their pidfile location, and current process id.
FSC provides several advantages over the third party daemontools package. For example, fscd uses push notifications instead of polling; fscd is an internal, &os; maintained software package accessible to all developers where daemontools would have to be a port and require us to maintain patches; fscd could be easily integrated with the current rc.d infrastructure.
Partially based on the ideas of daemontools and Solaris Service Management Facility (SMF), this could be an extremely useful tool for &os; systems.
Since the last status report, two bugs have been fixed and the documentation has been updated. In the coming weeks we hope to get more developer attention and review, perhaps even push to commit the code into &os;.
Netdump provides kernel core dumping over the network, instead of to a local disk. It implements a very minimal TCP/IPv4 stack and uses a custom UDP protocol to transmit the dump to the netdump server running on another host. Network interfaces selected for dumping perform I/O in polling mode.
Netdump should find its use in diskless workstation clusters, PXE-booted test machines, and perhaps when doing disk driver development.
Work is progressing quickly on a major re-factoring of PC-BSD tools and the PBI format for 9.0. Our GUI tools have been converted to compile / run within native QT without KDE now, allowing us to begin offering support for other desktop environments for 9.0, such as Gnome, XFCE, LXDE, KDE, etc. The PBI format has undergone a complete evolution, and is now entirely command-line based for all aspects of it, with only a few dependencies upon curl & xdg-utils. This will allow us to begin offering PBIs for traditional &os; users starting with 9.0, who will be able to install the pbi-manager from ports in the near future.
Support for xz compression has been enabled in bsdtar (HEAD, - 8-STABLE) and added to pkg_create(1) and pkg_add(1) (HEAD). +
Support for xz compression has been enabled in bsdtar (CURRENT + 8-STABLE) and added to pkg_create(1) and pkg_add(1) (CURRRENT). Packages with the .txz suffix can be created and installed. Logfile compression using xz in newsyslog(8) will be integrated soon. Benchmarks show 15-30% better compression ratios and up to halved decompression times when compared to bzip2. A switch from the default package format from .tbz to .txz is to be considered.
We will be having a developers summit meeting at meetBSD California 2010 on November 4th, the day before the conference. Based on who is in attendance, we will be talking about the status of pressing issues; working on pressing problems and using the opportunity for face to face meetings to work out issues that are difficult in email. This is an invitation only event, but any developer can invite people they think would help drive this meeting forward. An agenda will be published closer to the date. For more information, please contact Warner Losh.
One problem that the project has with its push towards embedded platforms is with the toolchain. The compilers and linkers and such in the current &os; support the architectures generically, but often times silicon vendors produce specialized toolchains to wring the most performance out of their silicon. Right now, it is difficult to compile &os; with these tools, as many manual steps are required to make things 'just so'. The external toolchain project will leverage some of the work done by the clang team to support clang in the base system (breaking the strict dependency on CC=cc (except for the broken intel CC support)). In addition, the orchestration of the build (make buildworld) will change to avoid bootstrapping certain tools, or compiling the compilers at all. In addition, support for using alternate assemblers, linkers, etc., will be added. The work will be done in subversion in projects/xtc (for eXternal Tool Chain).
The "tbemd" or Target Big Endian Must Die effort is nearing completion. Most of the big sweeping changes to the tree have been committed. The last change, actually pulling the switch, is stalled waiting for make universe improvements. This work will change the TARGET_ARCH from a plain 'mips' to 'mipsel' or 'mipseb' based on which endian the platform has. It introduces the concept of multiple architectures being implemented with one set of files, and regularizes that design pattern into the &os; build process. In the past, you had to set TARGET_BIG_ENDIAN=t to compile for big endian, but that had a number of problems: can not share /usr/obj between little and big endian targets, sometimes the produced compilers will not work right unless TARGET_BIG_ENDIAN is defined in the environment, etc.
The &os; KDE team has been actively keeping pace with development cycle as it is released by the KDE developers. Often having KDE in the ports tree within the same week it has been released.
An integral part of maintaining KDE exists in supporting the Qt toolchain. As Nokia releases Qt, our team is keeping pace making it available in our development repository.
We are fortunate to have a strong contributor base that helps to keep the process moving along. Our heartfelt thanks go out to all that have helped with patches, maintaining ports, and responding with help on the mailing lists.
pc-sysinstall was imported into HEAD recently. For the moment +
pc-sysinstall was imported into CURRENT recently. For the moment it is feature complete, although progress on the text front end for it may expose additional functionality it needs.
The purpose of DAHDI/&os; project is to make it possible to use &os; as a base system for software PBX solutions.
DAHDI (Digium/Asterisk Hardware Device Interface) is an open-source device driver framework and a set of hardware drivers for E1/T1, ISDN digital, and FXO/FXS analog cards [1]. Asterisk is one of the most popular open-source software PBX solutions [2].
The project includes porting DAHDI framework and hardware drivers for E1/T1, FXO/FXS analog, and ISDN digital cards to &os;. This also includes TDMoE support, software and hardware echo cancellation (Octasic, VPMADT032), and hardware transcoding support (TC400B). The work is ongoing in the official DAHDI SVN repository with the close collaboration with DAHDI folks at Digium.
DAHDI/&os; project is completed. ports/misc/dahdi now contains the most recent DAHDI/&os; version and additional stuff that is not available in DAHDI/&os; SVN repository due to licensing and copyright restrictions (OSLEC echo canceler, experimental zaphfc driver). Experimental sparc64 support is also implemented and is currently being tested.
There is a pile of minor changes in queue that will be handled soon:
I will continue periodic merges from DAHDI/Linux SVN on a regular basis and roll out new DAHDI/&os; releases (most likely synchronized with DAHDI/Linux releases).
The V4L support in the Linux emulator has been MFC'd to 8-STABLE allowing use of video in skype calls using a camera supported by the pwcbsd or video4bsd drivers. A known issue for skype is that your camera must support YUV420 mode which is what skype uses. Note that V4L2 support is not included in the current work, and remains as a project for anyone interested.
This work is based on OpenBSD 4.5 state of pf(4). It includes many improvements over the code currently present in &os;. The actual new feature present in pf45 repository is support for divert(4), which should allow tools like snort_inline to work with pf(4) too. This work also enables pfsync(4) to be loaded as a module as well.
Currently, this work is considered stable and a patch against - -CURRENT has been released on freebsd-pf@ mailing list.
+ CURRENT has been released on freebsd-pf@ mailing list.The reason why this work is based off of OpenBSD 4.5 is that after this release they have changed the syntax which is not backwards compatible.
After importing this one the work will go on the newest version and decisions on it will then be done.
AFS is a distributed network filesystem that originated from the Andrew Project at Carnegie-Mellon University; the OpenAFS - client implementation has not been particularly useful on FreeBSD - since the FreeBSD 4.X releases. The previous status report + client implementation has not been particularly useful on &os; + since the &os; 4.X releases. The previous status report brought the OpenAFS client to a useful form on 9.0-CURRENT, though with many rough edges. Only a couple of those edges have been smoothed out during the past few months, as developer time was scarce. A mismatch between file size and vmobject size tracking was resolved (allowing executables to be run from AFS), - and our system call entry has been updated on HEAD and RELENG_8 + and our system call entry has been updated on CURRENT and 8-STABLE to match reality. Thanks to kib@ for both of those! The code is useful enough that we plan to submit an openafs-devel port to the Ports Collection in the coming cycle.
There are several known outstanding issues that are being worked on, but detailed bug reports are welcome at port-freebsd@openafs.org.
The gptboot now fully follows GPT specification (verifies checksums and falls back to backup header and table if primary is corrupted).
One can now use new attributes to configure partition that gptboot will try to boot only once from and in case of a failure it will fall back to the previous one.
For more information check out the commit message.
HAST is now better than ever!:) Some recent improvements include:
ZFS v28 which includes data deduplication and plenty of other shiny new features is ready for testing. For more information check out the announcement.
There are three new GELI (a disk encryption GEOM class) - features available in FreeBSD HEAD:
+ features available in &os;-CURRENT:Valgrind is a tool for detecting memory management and threading bugs, and profiling. Version 3.6.0 has recently been - released, while we have a working port of 3.5.0 now. Work is - now underway to update the &os; port to 3.6.0, with the eventual - goal of having our changes integrated upstream.
+ released and the &os; port has now been updated. + +Development of the Valgrind port has moved from perforce to + bitbucket.org, in order to make it easier for others to track + changes as we progress towards getting the port into shape to + commit upstream. You can access the repository at the bitbucket + URL at the beginning of this report.
A bugzilla entry has been submitted to track the &os; Valgrind port. You can see the status and vote for the bug to express your interest at https://bugs.kde.org/show_bug.cgi?id=208531.
Capsicum is a lightweight OS capability and sandbox framework developed at the University of Cambridge Computer Laboratory, supported by a grant from Google. Capsicum extends the POSIX API, providing several new OS primitives to support object-capability security on UNIX-like operating systems: capabilities, a new sandboxed capability mode for processes, anonymous shared memory objects, process descriptors, and a modified C runtime able to support distributed applications within sandboxes. Capsicum has been prototyped on &os; 9-CURRENT, with a 8-STABLE backport.
Capsicum is intended to supplement existing system-centric mandatory access control protections by providing an application-centric protection model, which better supports compartmentalised user programs that set up one (or many) sandboxes to process untrustworthy data in. A number of applications, from tcpdump to the Chromium web browser, have been modified to use sandboxing to confine risky activities such as the parsing of untrusted packets and HTML/JavaScript rendering.
We plan to begin merging the core Capsicum kernel features to &os; 9-CURRENT in November/December 2010 once a number of known problems have been resolved. Following a KBI analysis, we will consider merging our 8-STABLE backport to Subversion. For the time being, and while APIs stabilise, we plan to distribute the Capsicum libraries via ports. However, simply having the kernel features in place is sufficient to support sandboxing in tcpdump and Chromium.
The Capsicum paper by Robert Watson / Jonathan Anderson (Cambridge) and Ben Laurie/ Kris Kennaway (Google) won a best paper award at the 2010 USENIX Security Symposium!
The bugbusting team continue work on trying to make the contents of the GNATS PR database cleaner, more accessible and easier for committers to find and resolve PRs, by tagging PRs to indicate the areas involved, and by ensuring that there is sufficient info within each PR to resolve each issue.
July saw the addition of Alexander Best (arundel@) to this bugbusting team, he is helping with the triaging PRs as they come in, creating patches for problems and working with submitters to get the solutions tested, and working through the PR backlog.
Also in July, Gavin Atkinson worked with Hans Petter Selasky on the USB PRs, attempting to go through many of them and determine the status of each of them. As a result, nearly 10% of the USB PRs were determined to be closeable, with many more either being marked as patched already or able to be committed quickly. Several PRs that only affect the old (pre-8.0) USB stack were also identified and marked as such. More work will take place in this area in the future.
August saw us host another bugathon, with an aim of investigating and getting into a committable state several of the PRs with patches. Turnout was not as great as in the past - mainly believed to be die to the short notice, but still several PRs were progressed, with several commits made and several PRs closed.
The number of PRs has held steady over the last three months, with improvements in numbers in some categories (especially usb and bin) being offset by slight increases in others.
Reports continue to be produced from the PR database, all of which can be found from the links above. Committers interested in custom reports are encouraged to discuss requirements with bugmeister@ - we are happy to create new reports where needs are identified.
As always, anybody interested in helping out with the PR queue is welcome to join us in #freebsd-bugbusters on EFnet. We are always looking for additional help, whether your interests lie in triaging incoming PRs, generating patches to resolve existing problems, or simply helping with the database housekeeping (identifying duplicate PRs, ones that have already been resolved, etc). This is a great way of getting more involved with &os;!
The Release Engineering Team has announced the schedule for the - upcoming joint release of FreeBSD 7.4 and 8.2. The schedules + upcoming joint release of &os; 7.4 and 8.2. The schedules are available on the Web site:
It is expected that 7.4 will be the last of the 7.X releases.
The www/ja and doc/ja_JP.eucJP/ have been updated constantly + since the last status report. We committed a big patch for + the "Installing &os;" chapter of the &os; Handbook which was + contributed by many people since a long time. This chapter is + still outdated and needs more work. Some progress was made in + the Porter's Handbook as well.
+ + +EuroBSDCon 2010 happened in Karslruhe, Germany, with many + users, developers, friends, and others. We had many tutorials, + and 22 interesting presentations on various topics connected to + &os;, OpenBSD, NetBSD, like the new USB stack, jail + improvements, Virtual Private Systems, SSH and PGP convergence, + ZFS, journaled Soft-Updates, BSD certification, porting to the + latest ARM processors, and pc-sysinstall. The event was opened by + a keynote speech from Poul-Henning Kamp on software tools and + their future, and it was closed by short status reports on + different BSD flavors. Next year's event in 2011 will take place + in the Netherlands from 6th to 9th October 2011.
+ +