Index: head/en_US.ISO8859-1/htdocs/news/status/report-2016-07-2016-09.xml =================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2016-07-2016-09.xml (revision 49553) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2016-07-2016-09.xml (revision 49554) @@ -1,727 +1,796 @@ July-September 2016
Introduction

This is a draft of the July–September 2016 status report. Please check back after it is finalized, and an announcement email is sent to the &os;-Announce mailing list.

This report covers &os;-related projects between July and September 2016. This is the third of four reports planned for 2016.

The third quarter of 2016 was another productive quarter for the &os; project and community. [...]

Thanks to all the reporters for the excellent work!

The deadline for submissions covering the period from October to December 2016 is January 7, 2016.

?>
team &os; Team Reports proj Projects kern Kernel gsoc Google Summer of Code arch Architectures bin Userland Programs ports Ports doc Documentation misc Miscellaneous ClonOS: New &os;-Based Free/Open Hosting Platform Oleg Ginzburg olevole@olevole.ru ClonOS Homepage

Currently, &os; is well proven as a base for routers (pfSense, OPNSense, BSDRP) and NAS (FreeNAS, zfsGuru, Nas4Free). However, &os;-based solutions are almost completely absent in the virtualization area, and ClonOS is one of the attempts to change it.

ClonOS is a new free open-source &os;-based platform for virtual environment creation and management. In the core platform are:

We would like to see ClonOS in real-world use. In this regard we are interested in finding more people and companies who used &os; in hosting tasks. In addition, it could be great to work with the developers of existing NAS solutions (zfsGuru, Nas4Free) Google Summer of Code 2016 Gavin Atkinson gavin@FreeBSD.org Pedro Giffuni pfg@FreeBSD.org GSoC 2016 Projects GSoC Ideas page

As in all previous editions of the Google Summer of Code, &os; was an accepted organization, and we had the chance to mentor 15 projects. Huge thanks to all our mentors for keeping the high quality standards that make our community shine.

This year was rather unique in that we accepted for the first time well-known members of the community that are not src committers to co-mentor. We also accepted projects that have a different upstream than &os;. Both are clear signs that &os; is growing and adapting to the wider community.

This year we are also had administrative issues with Perforce and have accepted officially the use of external repositories, in particular github, as requested by students.

12 of 15 projects were successful, which we think is an excellent result for a Google Summer of Code.

Google Inc. The FreeBSD Foundation The world is changing and we need fresh project ideas. We need to start looking for those ideas now. The project ideas wiki page has been reset and we need to get it populated before applying for the next Google Summer of Code. Please help unleash the next stream of projects you want to see in &os;. CloudABI: Running Untrusted Programs Directly on top of &os; Ed Schouten ed@FreeBSD.org The CloudABI mailing list cloudabi-devel@googlegroups.com Official CloudABI Website. Using CloudABI on &os;. Python for CloudABI. CloudABI on GitHub.

CloudABI is a compact UNIX-like runtime environment inspired by &os;'s Capsicum security framework. It allows you to safely run potentially untrusted programs directly on top of &os;, Linux and macOS, without requiring the use of virtualisation, jails, etc. This makes it a useful building block for cluster/cloud computing.

Over the last couple of months, several new libraries and applications have been ported over to CloudABI, the most important addition being Python 3.6. This means that you can now write strongly sandboxed apps in Python!

Support for different hardware platforms has also improved. In addition to amd64 and arm64, we now support i686 and armv6. The release of LLVM 3.9 was important to us, as it has integrated all the necessary changes to support the first three platforms. Full armv6 support is still blocked on some issues with LLVM's linker, LLD.

Nuxi, the Netherlands Play around with CloudABI and let us know what you think of it! Full support for amd64 and arm64 is part of &os; 11.0. i686 and armv6 support is only available on HEAD, but will be merged to the stable/11 branch in the future. Interested in Python programming? Give our copy of Python a try and share your experiences! Do you maintain pieces of software that could benefit from strong sandboxing? Try building them using the CloudABI cross compiler! &os; on Hyper-V and Azure Sepherosa Ziehau sepherosa@gmail.com Hongjiang Zhang honzhan@microsoft.com Dexuan Cui decui@microsoft.com Kylie Liang kyliel@microsoft.com &os; Virtual Machines on Microsoft Hyper-V Supported Linux and &os; virtual machines for Hyper-V on Windows

This quarter, the Hyper-V storage driver was greatly improved: its performance was increased by a factor of 1.2-2 by applying BUS_DMA and UNMAP_IO, enlarging the request queue, and selecting the outgoing channel with the LUN considered; TRIM/UNMAP was enabled; and some critical bugs (PRs 209443, 211000, 212998) were fixed so that disk hot add/remove and VHDX online resizing should work now.

The VMBus driver also received attention, with enhancements made for the handling of device hot add/remove.

In the Hyper-V network driver, configurable RSS key and dynamic MTU change are now supported.

&os; images on Azure continue to be updated — after publishing the &os; 10.3 VM image on the global Microsoft Azure in June, Microsoft also published the VM image on the Microsoft Azure operated by 21Vianet in China in September.

Patches have been developed to support PCIe pass-through (also known as Discrete Device Assignment); this feature allows physical PCIe devices to be passed through to &os; VMs running on Hyper-V (Windows Server 2016), giving them near-native performance with low CPU utilization. The patch to enable the feature will be posted for review soon.

Microsoft ptnet Driver and bhyve Device Model Vincenzo Maffione v.maffione@gmail.com &os; Wiki Page for Project Overview Conference Paper Subversion Repository

This project provides:

The ptnet device and driver has been introduced to overcome the performance limitations of TCP/IP networking between bhyve VMs. Prior to this work, the most performant solution for VM-to-VM intra-host TCP communication provided less than 2 Gbps TCP throughput. With ptnet, in the same VM-to-VM TCP communication scenario, it is possible to obtain up to 20 Gbps.

Google Summer of Code Share virtio-net header management code with the if_vtnet driver. In the current code, about 100 lines of code have been copied and pasted from if_vtnet.c. LXQt on &os; Olivier Duchateau olivierd@FreeBSD.org Jesper Schmitz Mouridsen jesper@schmitz.computer &os; LXQt Project LXQt Project LXQt Development Repository

LXQt is the Qt port of and the upcoming version of LXDE, the Lightweight Desktop Environment. It is the product of a merge between the LXDE-Qt and Razor-qt projects.

The porting effort remains very much a work in progress: it requires some components of Plasma 5, the new major KDE workspace.

The porting of the 0.11 branch is now complete, with new ports (compared to the previous release). See our wiki page for a complete list of applications.

We also have updates for:

Improve &os; support in sysutils/lxqt-admin, especially with respect to user management. Add additional panel plugins. Xfce on &os; &os; Xfce Team xfce@FreeBSD.org &os; Xfce Project &os; Xfce Repository

Xfce is a free software desktop environment for Unix and Unix-like platforms such as &os;. It aims to be fast and lightweight, while still being visually appealing and easy to use.

During this quarter, the team has kept the following applications up-to-date:

We also follow the unstable releases; the current unstable release brings support for Gtk3 (available in our experimental repository) to:

Currently, the unstable releases work fine with our Gtk3 ports available in the ports tree, but in the future, support for 3.18 will be removed in preference of 3.20.x.

Continue working on unstable releases. Non-BSM to BSM Conversion Tools Mateusz Piotrowski 0mp@FreeBSD.org Wiki Page GitHub Repository Pull Request With Consolidated Patch

This project was started during Google Summer of Code this year. The aim was to create a library which can convert the audit trail files in Linux Audit format or the format used by Windows to the BSM format (the format &os; uses for its audit logs). Apart from that, I wanted to create a simple command-line tool and extend auditdistd so that it is possible to send non-BSM logs to auditdistd over a secure connection and save those audit logs on disk, preferably in the BSM format.

So far, it is possible to reasonably convert some of the most common Linux audit log events to BSM, but it still needs a lot of work. Secondly, I was able to configure auditdistd to communicate with CentOS over an insecure connection. Thirdly, the command-line tool is usable but not perfect.

The present work focuses on configuring the secure TLS connection between CentOS and auditdistd. I've already tried using rsyslogd but wasn't able to make it work.

Google Summer of Code I need more examples of rare Linux Audit logs; please send me some examples if you have any. It is much easier to improve the conversion process with real-life examples of the audit events you try to convert. Configure auditdistd to be able to communicate with some software on CentOS over TLS in order to receive audit logs. I wasn't able to come up with a simple solution for that. Additional open tasks are listed on the Wiki page and in the TODO file in the root directory of the project. Improvements to Non-Transparent Bridge Subsystem Alexander Motin mav@FreeBSD.org

Non-Transparent Bridges allow creation of memory windows between different systems, using the regular PCIe links of CPUs as a transport. During the last quarter, the NTB subsystem gained a significant set of improvements and fixes:

The code is committed to the &os; head, stable/11 and stable/10 branches.

The project is sponsored by iXsystems, Inc. Support for the next generation of Intel hardware. Support for non-Intel hardware (AMD, PLX, etc.). Support for I/OAT and other DMA offloads. Creating a more efficient packet transport protocol. Creating a greater variety of NTB applications. ZFS Code Sync with Latest OpenZFS/Illumos Alexander Motin mav@FreeBSD.org Andriy Gapon avg@FreeBSD.org

The ZFS code base in &os; regularly gets merges of new code, staying in sync with latest OpenZFS/Illumos sources. Among other things, the latest merge included the following improvements:

 + + + &os; on Marvell Armada38x + + + + + Marcin + Wojtas + + mw@semihalf.com + + + + + Bartosz + Szczepanek + + bsz@semihalf.com + + + + + +

&os; includes support for the Marvell Armada38x platform, which + has been tested and improved in order to gain production quality. + Most of this effort has been invested in development and + benchmarking of the on-chip Gigabit Ethernet (NETA) functionality. + Numerous bug fixes, as well as some new features, have been + introduced.

+ +

Work completed this quarter includes:

+ + + +

Along with support for new boards (SolidRun ClearFog and + DB-88F6285-AP), all changes will be submitted upstream.

+ + + + Stormshield + + + + Semihalf + + + + Finalize NETA and prepare for submission. + + Submit remaining fixes and drivers. + +