Introduction

Index: head/en_US.ISO8859-1/htdocs/news/status/report-2015-01-2015-03.xml =================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2015-01-2015-03.xml (revision 46519) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2015-01-2015-03.xml (revision 46520) @@ -1,235 +1,312 @@ January-March 2015

Introduction

This is a draft of the January–March 2015 status report. Please check back after it is finalized, and an announcement email is sent to the &os;-Announce mailing list.

This report covers &os;-related projects between January and March 2015. This is the first of four reports planned for 2015.

The first quarter of 2015... was a very busy and productive time.

Thanks to all the reporters for the excellent work!

The deadline for submissions covering the period from April to June 2015 is July 7th, 2015.

team &os; Team Reports proj Projects kern Kernel arch Architectures bin Userland Programs ports Ports doc Documentation misc Miscellaneous Address Space Layout Randomization (ASLR) Shawn Webb shawn.webb@hardenedbsd.org Oliver Pinter oliver.pinter@hardenedbsd.org HardenedBSD ASLR Call For Testing FreeBSD Code Review of ASLR

Address Space Layout Randomization (ASLR) is a computer security technique that aids in mitigating low-level vulnerabilities such as buffer overflows. ASLR randomizes the memory layout of running applications to prevent an attacker from knowing where a given exploitable vulnerability lies in memory.

We have been working hard the last few months to ensure the robustness of our ASLR implementation. We have written a helpful manpage. We have updated the patch on FreeBSD's code review system (Phabricator). Our ASLR implementation is in heavy use by the HardenedBSD team in production environments and is performing robustly.

The next task is to compile the base system applications as Position-Independent Executables (PIEs). In order for ASLR to be effective, applications must be compiled as PIEs. It is likely that this part will take a long time to accomplish, given the complexity surrounding building the libraries in the base system. Even if applications are not compiled as PIEs, having ASLR available still helps those applications (like HardenedBSD's secadm) which force compilation as PIE for themselves.

SoldierX

Test our patch against 11-CURRENT.

For &os; committers: work with us to get this merged into &os;.

Xfce on &os; &os; Xfce Team xfce@FreeBSD.org

Xfce is a free software desktop environment for Unix and Unix-like platforms, such as &os;. It aims to be fast and lightweight, while still being visually appealing and easy to use.

This quarter was an exciting time for the Xfce Team. We imported the Xfce desktop environment 4.12 into the ports tree, after more than two years of development.

Overall, we have updated the following ports:

Xfce core (4.12)
audio/xfce4-mpc-plugin (0.4.5)
deskutils/xfce4-tumbler (0.1.31
deskutils/xfce4-xkb-plugin (0.7.1)
editors/mousepad (0.4.0)
graphics/ristretto (0.8.0)
multimedia/xfce4-parole (0.8.0)
sysutils/garcon (0.4.0)
sysutils/xfce4-diskperf-plugin (2.5.5)
sysutils/xfce4-fsguard-plugin (1.0.2)
sysutils/xfce4-power-manager (1.4.4)
sysutils/xfce4-wavelan-plugin (0.5.12)
textproc/xfce4-dict-plugin (0.7.1)
www/xfce4-smartbookmark-plugin (0.4.6)
x11/libexo (0.10.4)
x11-clocks/xfce4-timer-out-plugin (1.0.2)
x11-fm/thunar (1.6.6)
x11-themes/gtk-xfce-engine (3.2.0)

At the same time we switched to the USES framework, and a new plugin has been added, called audio/xfce4-pulseaudio-plugin.

We also follow the unstable releases (available in our experimental repository) of:

x11/xfce4-dashboard (0.3.91)
x11/xfce4-notes-plugin (1.8.0 beta)

The following documentation patches are ready:

PR197878, Update Xfce section in Porter's Handbook
D1305, FAQ

Work on support for Compact Disc Digital Audio (CD-DA) in multimedia/xfce4-parole.

Add a new property (through xfconf-query) in order to allow users to change the greyscale value of quicklaunch icons in x11/xfce4-dashboard (this feature is only available in the unstable release).

+ + Lua boot loader + + + + + Rui + Paulo + + rpaulo@FreeBSD.org + + + + + Pedro + Souza + + pedrosouza@FreeBSD.org + + + + + Wojciech + Koszek + + wkoszek@FreeBSD.org + + + + + + + + +

The Lua boot loader project is in its final stage and + it can be used on x86 already. The aim of this project is to + replace the Forth boot loader with a Lua boot loader. All the + scripts were re-written in Lua and are available in + sys/boot/lua. Once all the Forth features have been tested + and once the boot menus look exactly like in Forth, we will + start merging this project to &os; HEAD. Both loaders can + co-exist in the source tree with no problems because a + pluggable loader functionality was introduced for this + purpose.

+ +

The project was initially started by Wojciech + Koszek, and Pedro Souza wrote most of the Lua code last year in + his Google Summer of Code project.

+ +

To build a Lua boot loader just use:

WITH_LUA=y
+WITHOUT_FORTH=y

+ + + + +

Feature/appearance parity with Forth.

+ + + +

Investigate use of floating point by Lua.

+ + + +

Test the EFI Lua loader.

+ + + +

Test the U-Boot Lua loader.

+ + + +

Test the serial console.

+ + + +