Index: head/en_US.ISO8859-1/htdocs/news/status/report-2015-01-2015-03.xml =================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2015-01-2015-03.xml (revision 46521) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2015-01-2015-03.xml (revision 46522) @@ -1,346 +1,390 @@ January-March 2015
Introduction

This is a draft of the January–March 2015 status report. Please check back after it is finalized, and an announcement email is sent to the &os;-Announce mailing list.

This report covers &os;-related projects between January and March 2015. This is the first of four reports planned for 2015.

The first quarter of 2015... was a very busy and productive time.

Thanks to all the reporters for the excellent work!

The deadline for submissions covering the period from April to June 2015 is July 7th, 2015.

team &os; Team Reports proj Projects kern Kernel arch Architectures bin Userland Programs ports Ports doc Documentation misc Miscellaneous Address Space Layout Randomization (ASLR) Shawn Webb shawn.webb@hardenedbsd.org Oliver Pinter oliver.pinter@hardenedbsd.org HardenedBSD ASLR Call For Testing FreeBSD Code Review of ASLR

Address Space Layout Randomization (ASLR) is a computer security technique that aids in mitigating low-level vulnerabilities such as buffer overflows. ASLR randomizes the memory layout of running applications to prevent an attacker from knowing where a given exploitable vulnerability lies in memory.

We have been working hard the last few months to ensure the robustness of our ASLR implementation. We have written a helpful manpage. We have updated the patch on FreeBSD's code review system (Phabricator). Our ASLR implementation is in heavy use by the HardenedBSD team in production environments and is performing robustly.

The next task is to compile the base system applications as Position-Independent Executables (PIEs). In order for ASLR to be effective, applications must be compiled as PIEs. It is likely that this part will take a long time to accomplish, given the complexity surrounding building the libraries in the base system. Even if applications are not compiled as PIEs, having ASLR available still helps those applications (like HardenedBSD's secadm) which force compilation as PIE for themselves.

SoldierX

Test our patch against 11-CURRENT.

For &os; committers: work with us to get this merged into &os;.

 Xfce on &os; &os; Xfce Team xfce@FreeBSD.org

Xfce is a free software desktop environment for Unix and Unix-like platforms, such as &os;. It aims to be fast and lightweight, while still being visually appealing and easy to use.

This quarter was an exciting time for the Xfce Team. We imported the Xfce desktop environment 4.12 into the ports tree, after more than two years of development.

Overall, we have updated the following ports:

At the same time we switched to the USES framework, and a new plugin has been added, called audio/xfce4-pulseaudio-plugin.

We also follow the unstable releases (available in our experimental repository) of:

The following documentation patches are ready:

Work on support for Compact Disc Digital Audio (CD-DA) in multimedia/xfce4-parole.

Add a new property (through xfconf-query) in order to allow users to change the greyscale value of quicklaunch icons in x11/xfce4-dashboard (this feature is only available in the unstable release).

 Lua boot loader Rui Paulo rpaulo@FreeBSD.org Pedro Souza pedrosouza@FreeBSD.org Wojciech Koszek wkoszek@FreeBSD.org

The Lua boot loader project is in its final stage and it can be used on x86 already. The aim of this project is to replace the Forth boot loader with a Lua boot loader. All the scripts were re-written in Lua and are available in sys/boot/lua. Once all the Forth features have been tested and once the boot menus look exactly like in Forth, we will start merging this project to &os; HEAD. Both loaders can co-exist in the source tree with no problems because a pluggable loader functionality was introduced for this purpose.

The project was initially started by Wojciech Koszek, and Pedro Souza wrote most of the Lua code last year in his Google Summer of Code project.

To build a Lua boot loader just use:

WITH_LUA=y
 WITHOUT_FORTH=y

Feature/appearance parity with Forth.

Investigate use of floating point by Lua.

Test the EFI Lua loader.

Test the U-Boot Lua loader.

Test the serial console.

 More Michael Lucas &os; books Michael Lucas mwlucas@michaelwlucas.com

The &os; storage books are proceeding slower than expected. This is a complex project.

It appears that ZFS will be a two-book topic. The first book will cover basic ZFS, while the second will cover advanced cases like live and cold replication, sharing, performance, and using ZFS on top of less common GEOM providers. More details can be found in the links section.

Allan Jude (allanjude@) is co-authoring the ZFS books. Little did he know of the magnitude of the task ahead of him when he signed up....

 + + Opaque ifnet + + + + + Gleb + Smirnoff + + glebius@FreeBSD.org + + + + + Project wiki page + + + +

The project is to design a new KPI for network drivers + that would allow for the network stack to evolve, without + breaking compatibility with older drivers. The core idea is to + hide struct ifnet from drivers, thus the + project has the name "opaque ifnet". However, the + project will include more changes than just hiding the + struct's definition.

+ +

At present, the new KPI has been prototyped, most + important parts of network stack have been modified + appropriately, and several drivers have been converted to new + KPI.

+ +

The project needs more manpower, since there are many + network drivers in the tree, with a total of 245 sites where a + struct ifnet is allocated.

+ + + Netflix + + + +

Convert more drivers.

+ + +