EFI Refactoring, GELI Support

From owner-svn-doc-all@freebsd.org Fri Jul 22 05:19:46 2016 Return-Path: Delivered-To: svn-doc-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D523FBA1A50; Fri, 22 Jul 2016 05:19:46 +0000 (UTC) (envelope-from bjk@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6775F1331; Fri, 22 Jul 2016 05:19:46 +0000 (UTC) (envelope-from bjk@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u6M5JjIR023480; Fri, 22 Jul 2016 05:19:45 GMT (envelope-from bjk@FreeBSD.org) Received: (from bjk@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u6M5JjIP023479; Fri, 22 Jul 2016 05:19:45 GMT (envelope-from bjk@FreeBSD.org) Message-Id: <201607220519.u6M5JjIP023479@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: bjk set sender to bjk@FreeBSD.org using -f From: Benjamin Kaduk Date: Fri, 22 Jul 2016 05:19:45 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r49144 - head/en_US.ISO8859-1/htdocs/news/status X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Jul 2016 05:19:46 -0000 Author: bjk Date: Fri Jul 22 05:19:45 2016 New Revision: 49144 URL: https://svnweb.freebsd.org/changeset/doc/49144 Log: Make an editing pass through the 2016Q2 report Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2016-04-2016-06.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2016-04-2016-06.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2016-04-2016-06.xml Fri Jul 22 00:03:44 2016 (r49143) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2016-04-2016-06.xml Fri Jul 22 05:19:45 2016 (r49144) @@ -97,8 +97,8 @@

The &os; Release Engineering Team completed the 10.3-RELEASE cycle late April, led by &a.marius;. The release was one week - behind the original schedule, to accommodate for a few last - minute critical issues that were essential to include in the + behind the original schedule, to accommodate for a few + last-minute critical issues that were essential to include in the final release.

The &os; 11.0-RELEASE cycle started late May, one month @@ -106,10 +106,10 @@ to accommodate for packaging the &os; base system with the pkg(8) utility. However, as work on this progressed, it became apparent that there were too many outstanding - issues. As a result, packaged base will be a "beta" feature + issues. As a result, packaged base will be a "beta" feature for 11.0-RELEASE, with the goal of promoting it to a - first-class feature in 11.1-RELEASE, with additional - provisions to ensure a seamless transition for earlier + first-class feature in 11.1-RELEASE. It is expected that + provisions will be made to ensure a seamless transition from older supported releases.

Despite the fact that packaged base is not going to be a @@ -120,7 +120,7 @@ - The &os; Foundation + The &os; Foundation @@ -144,10 +144,10 @@ come to switch to 4.2.

While there is ongoing progress to remove Rails 3.2 from - the ports tree, there are some major updates blocking this - process. The most recent blocker was the outstanding update - of www/redmine from 2.6 to 3.2. This has completed - successfully, so we can now move on.

+ the ports tree, there are some ports for which this is a major + update that block the overall process. The most recent blocker + was the outstanding update of www/redmine from 2.6 to + 3.2. This has completed successfully, so we can now move on.

To help with porting or testing, feel free to contact me or the ruby@FreeBSD.org mailing list.

@@ -180,26 +180,26 @@

Allwinner SoCs are used in multiple hobbyist devboards and - single board computers. Recently, support for these SoCs + single-board computers. Recently, support for these SoCs received many updates.

Theses tasks were completed during the second quarter of 2016:

Switch to upstream DTS is complete
Switch to upstream DTS
A83T SoC support
H3 SoC support
Switch to new clock framework
Switch to the new clock framework
Convert A10 interrupt controller to INTRNG
Convert the A10 interrupt controller to INTRNG
OHCI support
Generic ALLWINNER kernel config file
A generic ALLWINNER kernel config file
A20/A31 NMI support
A83T Security ID support
Allwinner Gigabit Ethernet controller found in - H3/A83T/A64
Support for the Allwinner Gigabit Ethernet controller found + in H3/A83T/A64
USB OTG (in review)

Now that the process-shared locks are implemented for our - POSIX threads implementation library, libthr, - the only major lacking feature for POSIX compliance is robust - mutexes. Robust mutexes allow the application to detect, and +

Now that process-shared locks are implemented for our + POSIX threads implementation, libthr, + the only major feature lacking for POSIX compliance is robust + mutexes. Robust mutexes allow applications to detect, and theoretically, recover from crashes which occur while modifying the shared state. The supported model is to protect shared state by a pthread_mutex, and the crash is @@ -284,7 +284,7 @@ recover from failures. The pthread_mutex_lock() function may return new error EOWNERDEAD, which indicates that the previous owner of the lock terminated while - still owning the lock. Despite returning the non-zero value, + still owning the lock. Despite returning this non-zero value, the lock is granted to the caller. In the simplest form, an application may detect the error and refuse to operate until the persistent shared data is recovered, such as by manual @@ -299,22 +299,22 @@

It is curious but not unexpected that this interface is not used widely. The only real-life application which utilizes it - is Samba. Using Samba with an updated FreeBSD base uncovered - minor bugs both in the FreeBSD robustness implementation, and + is Samba. Using Samba with an updated &os; base uncovered + minor bugs both in the &os; robust mutex implementation, and in Samba itself.

It is believed that libthr in FreeBSD 11 is - POSIX-compliant for large features. Further work is planned - to look at the lock structures inlining to remove overhead - and improve performance of the library.

It is believed that libthr in &os; 11 is + POSIX-compliant for major features. Further work is planned + to look at inlining the lock structures to remove overhead + and improve the performance of the library.

Most of the implementation of the robustness feature consisted of making small changes in the lock and unlock paths, both in libthr and in kern_umtx.c. This literally required reading all of the code dealing with - mutexes and conditional variables, which was something I + mutexes and condition variables, which was something I wanted to help future developers with. In the end, with the - help of Ed Maste, the man pages for umtx(2) and all + help of Ed Maste, man pages for umtx(2) and all thr*(2) syscalls were written and added to the base system's documentation set.

- EFI Refactoring, GELI Support + EFI Refactoring and GELI Support @@ -357,16 +357,17 @@ too much effort.

Both boot1 and loader have been refactored - to talk through the EFI_SIMPLE_FILE_SYSTEM interface. - In loader, this is accomplished with a dummy + to utilize the EFI_SIMPLE_FILE_SYSTEM interface. + In the loader, this is accomplished with a dummy filesystem driver that is just a translation layer between the - loader filesystem interface and + loader filesystem interface and EFI_SIMPLE_FILE_SYSTEM. A reverse translation layer allows the existing filesystem drivers to function as EFI drivers.

The EFI refactoring by itself exists in - this branch.

The EFI refactoring by itself exists in a + branch + on github.

Additionally, GELI support has been added using the EFI refactoring. This allows booting from a GELI-encrypted @@ -376,7 +377,7 @@ framework, which allows injection of keys directly into a loaded kernel, without the need to pass them through arguments or environment variables. This patch only uses the - intake buffer for EFI GELI support as legacy BIOS GELI support + intake buffer for EFI GELI support, as legacy BIOS GELI support still uses environment variables.

EFI GELI support depends on the @@ -404,7 +405,7 @@

Install an EFI shell on the ESP.

Install an EFI shell on the EFI System Partition (ESP).

@@ -439,7 +440,7 @@

Try switching over to an encrypted main partition once - everything else has worked.

+ everything else is working.

@@ -447,9 +448,8 @@ Testing is needed. - Code will need review and some style(9) - normalization must occur before this code goes into - FreeBSD. + The code will need review, and some style(9) + normalization must occur before it goes into &os;.

The port has been updated to GDB 7.11.1.

The devel/gdb port has been updated to GDB 7.11.1.

Support for system call catchpoints has been committed upstream. Support for examining ELF auxiliary vector data via @@ -484,12 +484,12 @@ - Figure out why the powerpc kgdb targets are not + Figure out why the powerpc kgdb targets are not able to unwind the stack past the initial frame. Add support for more platforms, such as arm, - mips, and aarch64, to upstream gdb for both - userland and kgdb. + mips, and aarch64, to upstream gdb for both + userland and kgdb. Add support for debugging powerpc vector registers. @@ -516,11 +516,11 @@ - Projects workspace (all merged to head now). + Project workspace (all merged to head now). -

VIMAGE is a virtualization framework on top of FreeBSD jails +

VIMAGE is a virtualization framework on top of &os; jails that was introduced to the kernel about eight years ago with the vnet virtualized network stack.

The vnet teardown has been changed to be from top to bottom, trying to tear down layer by layer. This is preferable to removing interfaces first and then cleaning - everything up, as no more packets could flow. Along with this - work, various parts with potential memory leaks were plugged. + everything up, as no more packets could flow once the + interfaces are gone. Along with this + work, various paths with potential memory leaks were plugged. Lastly, vnet support was added to formerly unvirtualized components, such as the pf and ipfilter firewalls and some virtual interfaces.

The FreeBSD Foundation

- Please test FreeBSD 11.0-ALPHA6 or later. When reporting + Please test &os; 11.0-ALPHA6 or later. When reporting a problem, use the vimage keyword in the FreeBSD bug tracker.

Half a year ago, I started a promotion campaign to improve support for fetching ports via IPv6. Research performed in - December, 2015 showed that 10,308 of 25,522 ports are not - fetchable when using IPv6-only as these ports ignore the FreeBSD.org pkg mirror.

FreeBSD.org pkg mirror

As a result of the campaign, the following servers now successfully support IPv6:

This enables 711 more ports to be fetched via IPv6.

I would like to thank Wolfgang Zenker who is very active in +

I would like to thank Wolfgang Zenker, who is very active in supporting the adoption of IPv6. During the latest RIPE meeting, he brought up the topic of non-support of IPv6 being a hindrance to business. I am hopeful that his talk @@ -637,15 +638,15 @@ - FreeBSD Virtual Machines on Microsoft Hyper-V - Supported Linux and FreeBSD virtual machines for Hyper-V on Windows + &os; Virtual Machines on Microsoft Hyper-V + Supported Linux and &os; virtual machines for Hyper-V on Windows

During BSDCan 2016, Microsoft announced - the global availability of FreeBSD 10.3 images in Azure. - There are many FreeBSD-based Azure virtual appliances in the + the global availability of &os; 10.3 images in Azure. + There are many &os;-based Azure virtual appliances in the Azure Marketplace, including Citrix Systems' NetScaler and Netgate's pfSense. Microsoft also made an in-depth technical presentation to introduce how the performance of the Hyper-V @@ -659,11 +660,11 @@ performance of Hyper-V network and storage device drivers. Work is ongoing to replace the internal data structure in the LRO kernel API from a singly-linked list to a double-linked - list, to speed up the LRO lookup by hash table, and to compare + list, to speed up the LRO lookup by hash table, and to evaluate the performance with tcp_lro_queue_mbuf().

The handling of SCSI inquiry in the Hyper-V storage driver is - enhanced to make sure disk hotplug and smartctl(8) + enhanced to make sure that disk hotplug and smartctl(8) work reliably. Refer to PR 210425 and Ceph main site Main repository My Fork - The git PULL with all changes + Pull request with &os;-specific changes to Ceph -

Ceph is a distributed object store and file system designed - to provide excellent performance, reliability, and +

Ceph is a distributed object store and filesystem designed + to provide excellent performance, reliability, and scalability. It provides the following features:

File System: Ceph provides a POSIX-compliant network file - system that aims for high performance, large data storage, +
File System: Ceph provides a POSIX-compliant network + filesystem that aims for high performance, large data storage, and maximum compatibility with legacy applications.

I started looking into Ceph as using HAST with CARP and +

I started looking into Ceph because using HAST with CARP and ggate did not meet my requirements. My primary goal with Ceph is to run a storage cluster of ZFS storage nodes - where the clients run bhyve on RBD disks stored in Ceph.

+ where the clients run bhyve on RBD disks stored in Ceph.

The &os; build process can build most of the tools in - Ceph. However, the RBD-dependent items do not work since + Ceph. However, the RBD-dependent items do not work, since &os; does not yet provide RBD support.

Since the last quarterly report, the following progress was made:

The changeover from using CMake to Automake results in a +
Switching to using CMake from Automake results in a much cleaner development environment and better test output. The changes can be found in the wip-wjw-freebsd-cmake branch.
Throttling code has been overhauled to prevent live locks. +
The throttling code has been overhauled to prevent live locks. These mainly occur on &os; but also manifest on Linux.
Fixed a few more tests. On one occasion, I was able to - complete the full test set without errors.
A few more tests were fixed. On one occasion, I was able to + complete the full test suite without errors.

11-CURRENT is used to compile and build test Ceph. The - Clang toolset needs to be at least version 3.7 as Clang 3.4 + Clang toolset needs to be at least version 3.7, as Clang 3.4 does not have all of the capabilities required to compile everything.

@@ -755,7 +756,7 @@

-
Install bash and link it in /bin +
Install bash and link to it in /bin (requires root privileges):

sudo pkg install bash
@@ -787,33 +788,33 @@
- RBD: Rados Block Devices are currently implemented in the - Linux kernel but there used to be a userspace + Linux kernel, but there used to be a userspace implementation. It is possible that ggated could - be used as a template since it provides some of the same + be used as a template, since it provides some of the same functionality and it has a userspace counterpart.
- BlueStore: &os; and Linux have a different AIO API which - needs to be made compatible. There has been some + needs to be bridged. There has been some discussion about aio_cancel not working for all device types in &os;.
- CephFS: Cython tries to access an internal field in dirent - which does not compile.
- CephFS: Cython tries to access an internal field in + struct dirent, which fails to compile.
- Tests that verify the correct working of the above are - also excluded from the testset.
- Tests that verify the correct functionality of these are + also excluded from the test suite.
Tests Not Yet Included:
Our efforts have almost exclusively focused on issues in the - "Ports & Packages" component as that is the easiest - starting point. Other categories like "Base System" require + "Ports & Packages" component as that is the easiest + starting point. Other categories like "Base System" require more knowledge and experience with problem content and workflow.

During this time, Rodrigo was inactive due to lack of - available time and Vladimir was unable to commit enough time + available time, and Vladimir was unable to commit enough time during the first quarter of the year, but provided active contribution during the second. It became obvious that the Issue Triage Team must concentrate on additional recruitment @@ -1537,17 +1549,17 @@ Wiki page. A summary of those issues is given here:
1. Issue triage, defined as "ensure an issue is summarized, - classified, and assigned to appropriate people", is too time +
2. Issue triage, defined as "ensure that an issue is summarized, + classified, and assigned to appropriate people", is too time consuming. Bugzilla automation through auto-assign helps, but is insufficient. If the triage process is extended to - include "track the issue through its entire life to - resolution", the time and effort required grows + include "track the issue through its entire life to + resolution", the time and effort required grows exponentially. Fortunately, there are many things the community can do, with minimum effort, that help greatly. Part of the recruitment and education process is educating users on how to properly treat their own issues and issues - they interact with in order to maximize the efficiency of + they interact with, in order to maximize the efficiency of issue tracking and problem resolution.
3. Various timeouts are inadequate. For example, the @@ -1577,13 +1589,13 @@ track and quickly find issue categories and, more importantly, their states. Another example is ensuring that various flags and keywords are unambiguous - and well understood. For instance, "patch" and - "patch-ready", can often be misunderstood or + and well understood. For instance, "patch" and + "patch-ready", can often be misunderstood or misapplied.
4. Issue statistics are lacking and for the next quarter we +
5. Issue statistics are lacking, and for the next quarter we intend to change that. Statistics help to provide insight - into potential bottlenecks and inform the priority of + into potential bottlenecks and inform the prioritization of improvements to the issue tracker and workflows.
@@ -1705,7 +1717,8 @@ the idea is that building the same binary, software package, document, or other binary artifact twice from the same source produces identical output. The reproducible-builds.org website + href="https://reproducible-builds.org/">reproducible-builds.org + website provides background information and documentation on making builds reproducible.
@@ -1724,7 +1737,7 @@ Ed investigated the state of build reproducibility in the ports tree, and presented Reproducible Builds in &os; at BSDCan 2016. With - some work in progress patches, over 80% of the &os; ports tree + some work-in-progress patches, over 80% of the &os; ports tree builds reproducibly.

The Diffoscope tool performs in-depth comparison of files, @@ -1795,11 +1808,11 @@
Qt Creator was updated to 3.4.0, 3.5.0, 3.5.1, 3.6.0, 4.0.0, 4.0.1, and 4.0.2.
Added the new port misc/qt5-examples for the +
A new port misc/qt5-examples was added for the project examples provided by Qt. This makes Qt Creator more functional.
Added the new port misc/qt5-doc for Qt's API +
A new port misc/qt5-doc was added for Qt's API documentation, used by Qt Creator and other programs.
The base KDE4 ports were updated to 4.14.10.

René

Ladan

portmgr-secretary@FreeBSD.org

A lot of work was done on modernizing the infrastructure of - the Ports Tree, by introducing 6 new USES, one new + the Ports Tree, by introducing 6 new USES knobs, one new keyword, and splitting out the larger targets of bsd.port.mk into separate scripts. There were a total of 42 exp-runs to validate these and other @@ -1889,7 +1901,7 @@ the package building infrastructure.

During BSDCan, mat worked on various items, - including updating the Porter's Handbook, and portmgr held a + including updating the Porter's Handbook, and portmgr held a meeting to discuss various items.

intrng

Busdma was updated to handle the cache. The updated code - assumes the device is non-coherent by default, unless the + assumes that devices are non-coherent by default, unless the device driver marks the DMA tag as coherent when creating it. The generic and ThunderX PCIe drivers have been updated to create coherent mappings when the device tree marks the @@ -1935,37 +1947,37 @@ the sync operation where it was missing memory barriers.

A number of issues with hwpmc have been fixed. This - improves the stability of hwpmc on arm64 + improves the stability of hwpmc on arm64, with no known software issues. There is a single known issue - which seems to be hardware-related, however further testing is + which seems to be hardware-related, however, further testing is required.

NEW_PCIB has been enabled on arm64. This includes handling the PCI_RES_BUS resource type.

Old interfaces replaced before 11 have been removed from the +

Old interfaces replaced before &os;-11 have been removed from the arm64 kernel and libraries. This includes support for compatibility with libc from releases prior to - 11. The brk and sbrk functions have also + 11.0. The brk and sbrk functions have also been removed. This allows a workaround for these functions in the arm64 C runtime to be removed.

loader.efi has been updated to use an event timer to - implement its internal time function. This is needed as many - UEFI implementations do not handle The GetTime - runtime service method. This means loader.efi will + implement its internal time function. This is needed, as many + UEFI implementations do not handle the GetTime + runtime service method. This means that loader.efi will now correctly count down before automatically booting.

Initial support for the ARM Juno reference platform has been added. This hardware is common within ARM, and has been useful for finding assumptions on cpuids. Booting on the Juno - required fixing the kernel to remove the assumption it is + required fixing the kernel to remove the assumption that it is booting from CPU zero. This included assigning cpuids and fixing assumptions within the GICv2 driver that the cpuid is the same as the GIC cpuid. &os; can now - boot on the 4 Cortex-A53 CPUs. Further investigation is - needed to track down why the boot fails when the 2 Cortex-A57 - CPUs are enabled.

Initial work has started on booting &os; on the Pine64 and Raspberry Pi 3 boards. Both can boot to multiuser mode with