Date: Tue, 16 Jan 2007 23:52:37 +0100 From: Max Laier <max@love2party.net> To: freebsd-hackers@freebsd.org Cc: freebsd-current@freebsd.org Subject: FreeBSD Status Report Fourth Quarter 2006 Message-ID: <200701162352.39225.max@love2party.net>
next in thread | raw e-mail | index | archive | help
--Boundary-00=_3cVrFyZxpZGOqso Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline --Boundary-00=_3cVrFyZxpZGOqso Content-Type: text/plain; charset="us-ascii"; name="report-oct-2006-dec-2006.txt" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline; filename="report-oct-2006-dec-2006.txt" =46reeBSD Status Report Introduction Happy New Year. This Report covers the last quarter of a exciting year 2006 for FreeBSD development. FreeBSD 6.2 is finally out of the door and work towards FreeBSD 7.0 is gearing up. Some of the projects in this report will be part of that effort, others are already in the tree. Many projects need your help with testing and otherwise. Please see the "Open tasks" sections for more information. The BSD crowd will meet at AsiaBSDCon March 8-10th in Tokyo and a two day FreeBSD developer summit will be held at BSDCan May 16-19th in Ottawa. Finally, EuroBSDCon September 14-15th in Copenhagen is already looking for papers. Thanks to all the reporters for the excellent work! We hope you enjoy reading. _________________________________________________________________ Projects * FreeSBIE * iSCSI Initiator * Network Stack Virtualization * New USB Stack * Past and Future PR Closing Events * Porting ZFS to FreeBSD * TrustedBSD Audit * TrustedBSD MAC Framework * TrustedBSD priv(9) =46reeBSD Team Reports * FreeBSD Bugbusting Team * FreeBSD Security Officer and Security Team * Release Engineering * The FreeBSD Foundation Network Infrastructure * Automatic TCP Send and Receive Socket Buffer Sizing * FAST_IPSEC Upgrade * ipfw NAT and libalias * Multi-link PPP daemon (MPD) * Wireless Networking Kernel * Cryptographic Subsystem * GEOM Multipath * Interrupt Filtering * Sound Subsystem Improvements * Update of the Linux Compatibility Environment in the Kernel Hardware Drivers * Bt878 Audio Driver (aka FusionHDTV 5 Lite driver) * Intel 3945ABG Wireless LAN Driver: wpi * MPT LSI-Logic Host Adapters: mpt * QLogic SCSI and Fibre Channel: isp Documentation * Hungarian Translation of the Webpages * The FreeBSD Dutch Documentation Project Userland Programs * BSNMP - More Ongoing and Upcoming Work * BSNMP Bridge Module * BSNMP Client Tools * Libelf Architectures * ARM/XScale Port * FreeBSD/powerpc on Freescale MPC8555 Ports * FreeBSD GNOME Project * FreshPorts * Ports Collection * Updating X.org FreeBSD Ports to 7.2 Miscellaneous * BSDCan 2007 * EuroBSDCon 2007 _________________________________________________________________ ARM/XScale Port Contact: Olivier Houchard <cognet@FreeBSD.org> Contact: Sam Leffler <sam@FreeBSD.org> FreeBSD is running multi-user on a variety of Gateworks Avila boards with most of the on-board devices supported. These include the compact flash/IDE slot, wired network interfaces, realtime clock, and environmental sensors. Several different minipci cards have been tested including those supported by the ath(4) and hifn(4) drivers. Remaining devices that need support are the onboard flash, optional 4-port network switch, and optional USB interface. Crypto acceleration for IXP425 parts is planned but will likely be done at a later time. The Network Processor Engine (NPE) support is done with an entirely new replacement for the Intel Access Layer (IAL). The most important hardware facilities are supported (e.g. the hardware Q manager) and the wired NIC driver was also done from scratch. The resulting code is approximately 1/10th the number of lines of the equivalent IAL code. Open tasks: 1. Bootstrap support needs work to enable booting from the compact flash device. _________________________________________________________________ Automatic TCP Send and Receive Socket Buffer Sizing URL: http://people.FreeBSD.org/~andre/tcp_auto_buf-20061212.diff URL: http://people.FreeBSD.org/~andre/tcp_auto_buf-20061212-RELENG_6.diff Contact: Andre Oppermann <andre@FreeBSD.org> Normally the socket buffers are static (either derived from global defaults or set with setsockopt) and do not adapt to real network conditions. Two things happen: a) your socket buffers are too small and you can't reach the full potential of the network between both hosts; b) your socket buffers are too big and you waste a lot of kernel memory for data just sitting around. With automatic TCP send and receive socket buffers we can start with a small buffer and quickly grow it in parallel with the TCP congestion window to match real network conditions. FreeBSD has a default 32K send socket buffer. This supports a maximal transfer rate of only slightly more than 2Mbit/s on a 100ms RTT trans-continental link. Or at 200ms just above 1Mbit/s. With TCP send buffer auto scaling and the default values below it supports 20Mbit/s at 100ms and 10Mbit/s at 200ms. That's an improvement of factor 10, or 1000%. For the receive side it looks slightly better with a default of 64K buffer size. The automatic send buffer sizing patch is currently running on one half of the FTP.FreeBSD.ORG cluster w/o any problems so far. Against this machine with the automatic receive buffer sizing patch I can download at 5.7 MBytes per second. Without patch it maxed out at 1.6 MBytes per second as the delay bandwidth product became equal to the static socket buffer size without hitting the limits of the physical link between the machines. My test machine is about 35ms from that FTP.FreeBSD.ORG and connected through a moderately loaded 100Mbit Internet link. New sysctls are: * net.inet.tcp.sendbuf_auto=3D1 (enabled) * net.inet.tcp.sendbuf_inc=3D8192 (8K, step size) * net.inet.tcp.sendbuf_max=3D262144 (256K, growth limit) * net.inet.tcp.recvbuf_auto=3D1 (enabled) * net.inet.tcp.recvbuf_inc=3D16384 (16K, step size) * net.inet.tcp.recvbuf_max=3D262144 (256K, growth limit) _________________________________________________________________ BSDCan 2007 URL: http://www.bsdcan.org/2007/ Contact: Dan Langille <dan@langille.org> Folks! It is that time of year. You may have missed the call for papers , but please put in your proposal right away. This is often a busy time of year, but please take the time to consider presenting at BSDCan. Please read the submission instructions and send in your proposal today! You may be interested in our sister conference: PGCon. If you have an interest in PostgreSQL , a leading relational database, which just happens to be open source, then we have the conference for you! PGCon 2007 will be held immediately after BSDCan 2007, at the same venue, and will follow a similar format. Open tasks: 1. Waiting for papers _________________________________________________________________ BSNMP - More Ongoing and Upcoming Work URL: http://wikitest.FreeBSD.org/BsnmpTODO Contact: Shteryana Shopova <syrinx@FreeBSD.org> Contact: Harti Brandt <harti@FreeBSD.org> Contact: Bjoern A. Zeeb <bz@FreeBSD.org> In addition to other more detailed reports this is intended to give a summary about other ongoing or upcoming BSNMP related work. To collect some ideas from users and coordinate work a BSNMP TODO Wiki page was created. Feel free to add your ideas or let us know about them. * A contributor, Tsvetan Erenditsov, has volunteered to implement a VLAN module for BSNMP. Shteryana is helping him. * Sam Leffler has asked for a wireless networking monitoring module, which will most likely be the next module to be implemented. * Some major work is currently going on in the main BSNMP tree: + SNMP transports have been factored out into loadable modules. The old port tables are still there and will remain at least for the next release. Later they will be removed. The following modules and transports are already implemented as loadable modules: o snmp_trans_udp: SNMP over UDP over IPv4, IPv6 and scoped IPv6 o snmp_trans_tcp: SNMP over TCP over IPv4, IPv6 and scoped IPv6 o snmp_trans_ldgram: SNMP over local datagram sockets o snmp_trans_lstream: SNMP over local stream sockets + Some I/O functions have been moved from the daemon to libbsnmp. + libisa has been imported into the bsnmp tree. This library aims at easy implementation of command line tools for remote and local system administration with a special focus on administration via SNMP. The library contains command line parsing functions, a function for automatically handling help text. Actual administration modules are implemented as loadable modules. The atmconfig tool in the FreeBSD tree contains some old parts of this library. + lisa_snmp is a module which implements SNMP functionality for libisa. + lisa_snmpd is a module for remote administration of the bsnmpd. + The config file parser of bsnmpd has been rewritten so that each section of the file is handled as a transaction (in contrast to the previous behavior where the entire file was one transaction). _________________________________________________________________ BSNMP Bridge Module URL: http://wikitest.FreeBSD.org/SnmpBridgeModule Contact: Shteryana Shopova <syrinx@FreeBSD.org> The BSNMP bridge module for FreeBSD's BSNMP daemon, which was implemented during SoC 2006, was committed to HEAD. In addition to RFC 4188 single bridge support it also supports monitoring multiple bridges via a private MIB. Since SoC 2006 Rapid Spanning Tree (RSTP) support (RSTP-MIB defined in RFC4318 and additions to the private MIB) was added to the module as well. A patch for RELENG_6 is available and will be merged to STABLE the next weeks. Open tasks: 1. MFC to RELENG_6. 2. More feedback from users is always welcome. _________________________________________________________________ BSNMP Client Tools URL: http://wikitest.FreeBSD.org/BsnmpTools URL: http://perforce.FreeBSD.org/depotTreeBrowser.cgi?FSPC=3D//depot/user/syr inx/ bsnmp/contrib/bsnmp/snmptools URL: http://perforce.FreeBSD.org/depotTreeBrowser.cgi?FSPC=3D//depot/user/bz/ bsnmp%5fsyrinx/usr.sbin/bsnmpd/tools Contact: Shteryana Shopova <syrinx@FreeBSD.org> Contact: Bjoern A. Zeeb <bz@FreeBSD.org> During SoC 2005 BSNMP client tools (bsnmptools) were implemented and have since then been available via Shteryana's P4 tree or port net-mgmt/bsnmptools. In order to finally get the code committed some cleanup was needed which ended in a partly rewrite to minimize duplicate code and to reduce the size of the binaries. This ongoing work is available via Bjoern's P4 tree and will be merged back to upstream trees before it will be committed to HEAD. Open tasks: 1. Update Wiki Page to reflect latest work. 2. Finish cleanup and have it reviewed. 3. User feedback is always welcome. _________________________________________________________________ Bt878 Audio Driver (aka FusionHDTV 5 Lite driver) URL: http://perforce.freebsd.org/fileSearch.cgi?FSPC=3D%2F%2Fdepot%2Fuser%2Fj mg%2Fbktrau%2F...&ignore=3DGO%21 Contact: John-Mark Gurney <jmg@FreeBSD.org> Basic audio capture is working. All of the parameters are set by userland, while the RISC program generation is by kernel. No real audio has been captured as there are no drivers for the NTSC tuner yet. Someone with a real Bt878 NTSC card that is supported by bktr(4) could use this to capture audio without using the sound card. Due to lack of documentation from DViCO and LG, I have copied magic values from the Linux driver and managed to get ATSC capturing working. There was a bug in the capture driver that was releasing buffers to userland early causing what appeared to be reception issues. Now that we use the RISC status bits as buffer completion bits, capture works cleanly. This does mean that even if you provide more than 4 buffers to the driver, the buffers will be divided into four segments, and returned in segments. A Python module is available, along with a sample capture application using it. The module is now known to work well with threads so that tuning (expensive due to i2c ioctls) can happen in another thread without causing program slow down. The module is working well with a custom PVR backend. Additional ioctls have been added to get sibling devices. This allows one to open a bktrau device, and get the correct bktr(4) device that is in the same slot. This is necessary so that when adjusting GPIO pins or sending i2c commands, they are to the correct device. Open tasks: 1. Provide support for NTSC and FM tuning. 2. Add support for other cards and tuners that use the Bt878 chip. _________________________________________________________________ Cryptographic Subsystem Contact: Sam Leffler <sam@FreeBSD.org> Michael Richardson has been spearheading work to improve the crypto subsystem used by various parts of the kernel including Fast IPSec and geli. This work is sponsored by Hifn and has been happening outside the CVS repository. A main focus of this work is to add support for higher-level hardware operations that can significantly improve the performance of IPSec and SSL protocols. Results of this work are now being readied for CVS. These redesign the core/driver APIs to use the kobj facilities and recast software crypto drivers as pseudo devices. The changes greatly improve the system and permit new functionality such as specifying which crypto device to use when multiple are available. The redesign will also enable load balancing of crypto work across multiple devices and the addition of virtual crypto sessions by which small operations can be done in software when the overhead to set up a hardware device is too costly. In addition to the changes to the core crypto system several crypto drivers have been updated to improve their operation. Top of this list is the hifn(4) driver where many longstanding bugs have been fixed for 7955/756 parts. _________________________________________________________________ EuroBSDCon 2007 URL: http://2007.EuroBSDCon.org/ URL: http://www.EuroBSDCon.dk/ Contact: Sidsel Jensen <info@EuroBSDCon.dk> The sixth EuroBSDCon will take place in Copenhagen, Denmark on Friday the 14th and Saturday 15th of September 2007 . The conference will be held at Symbion Science Park . Sunday the 16th there will be an optional tour to LEGOland. The call for papers was sent out right after EuroBSDCon 2006 in Milan in November and abstracts are due February 1st! So hurry up and send in all your fantastic and amazing papers to papers at eurobsdcon dot dk. _________________________________________________________________ =46AST_IPSEC Upgrade URL: http://www.FreeBSD.org/~gnn/fast_ipv6.patch URL: http://blogs.FreeBSDish.org/gnn/ Contact: George Neville-Neil <gnn@FreeBSD.org> Contact: Bjoern Zeeb <bz@FreeBSD.org> Just this week I got routing working for the FAST_IPSEC and IPv6 code. Now there are memory smash problems, and then we need to remove the old GIANT lock. I hope to produce another patch with the routing code working in the next week. Open tasks: 1. Test the patch!!!! _________________________________________________________________ =46reeBSD Bugbusting Team URL: http://www.FreeBSD.org/doc/en/articles/pr-guidelines/ URL: http://www.FreeBSD.org/doc/en/articles/problem-reports/ Contact: Mark Linimon <linimon@FreeBSD.org> Contact: Ceri Davis <ceri@FreeBSD.org> Contact: Remko Lodder <remko@FreeBSD.org> The FreeBSD Bugbusting team is a team of volunteers keeping track of various PR tickets in the GNATS application. Currently the Bugbusting team is investigating old PR tickets, checking whether they are still accurate, checking what needs to be done to fix the issues reported and make sure that the developers team can focus on the latest releases. The team is always in need of volunteers willing to give a hand to resolve the old tickets and get the best feedback that is needed for the open tickets. Please contact FreeBSD-bugbusters@FreeBSD.org if you want more information about the things that need to be done. Open tasks: 1. Checkout old PR tickets, getting the proper feedback and finally fix and/or resolve the tickets. _________________________________________________________________ =46reeBSD GNOME Project URL: http://www.FreeBSD.org/gnome/ Contact: FreeBSD GNOME Project <gnome@FreeBSD.org> Where have we been?! Not doing status reports, that's for sure. But the FreeBSD GNOME project has been very busy with regular GNOME releases, and other side projects. We are currently shipping GNOME 2.16.2 in the ports tree, and we are testing GNOME 2.17.5 in the MarcusCom tree. Most recently, work has completed on a cleanup of the FreeBSD backend to libgtop. This module has needed a lot of work, and should now be reporting correct system statistics. The cleaned up version is currently being tested in the MarcusCom tree, and will make it into the FreeBSD ports tree along with GNOME 2.18. The GStreamer framework has been taken out of direct gnome@ maintainership, and put under a new multimedia@ umbrella. This will give multimedia-savvy developers a chance to collaborate on this important piece of the GNOME Desktop along with other important audio and video components. The biggest accomplishment of 2006 for the FreeBSD GNOME team had to have been the port of HAL . This effort was started to give FreeBSD users a richer desktop experience. Since the initial FreeBSD release of HAL with GNOME 2.16, it has been incorporated into the FreeBSD release of KDE 3.5.5 as well as PC-BSD 1.3. The FreeBSD backend has also made it upstream into the HAL git repository so future releases of HAL will have FreeBSD support out-of-the-box. Finally, it is with sadness that we say good-bye to one of our team members. Adam Weinberger stepped down from the FreeBSD GNOME team to save lives instead (priorities, man!). His splash screens and grammar nit-picking will be missed. Open tasks: 1. Now that HAL has been ported to FreeBSD, there is a strong desire to see NetworkManager ported. The big parts will be porting NM to use our 80211 framework, and extending some of the base utilities such as ifconfig. Contact marcus@FreeBSD.org if you are interested in helping. 2. Our system-tools-backends module needs some attention. This module is responsible for system configuration tasks in GNOME such as user management, network shares administration, etc. A knowledge of Perl is highly recommended. Contact marcus@FreeBSD.org if you are interested in helping. 3. We need good documentation writers to help update our FAQ and other documentation. If you would like to take on the responsibility full-time, or just contribute some pieces, please notify gnome@FreeBSD.org . 4. We are always in need of GNOME development testers. See our development branch FAQ for ways on how you can help make the next release of GNOME the best release. _________________________________________________________________ =46reeBSD Security Officer and Security Team URL: http://www.FreeBSD.org/security/ URL: http://www.FreeBSD.org/doc/en_US.ISO8859-1/articles/contributors/staff -listing.html#STAFF-SECTEAM URL: http://vuxml.FreeBSD.org/ Contact: Security Officer <security-officer@FreeBSD.org> Contact: Security Team <security-team@FreeBSD.org> In the time since the last status report, four security advisories have been issued concerning problems in the base system of FreeBSD (three in 2006 and one in 2007); of these, one problem was in "contributed" code, while the remaining three were in code maintained within FreeBSD. The Vulnerabilities and Exposures Markup Language (VuXML) document has continued to be updated by the Security Team and Ports Committers documenting new vulnerabilities in the FreeBSD Ports Collection; since the last status report, 55 new entries have been added, bringing the total up to 869. In order to streamline security team operations and ensure that incoming emails are promptly acknowledged, Remko Lodder has been appointed the security team secretary. The following FreeBSD releases are supported by the FreeBSD Security Team: FreeBSD 4.11, FreeBSD 5.5, FreeBSD 6.0, FreeBSD 6.1, and FreeBSD 6.2. The respective End of Life dates of supported releases are listed on the web site; of particular note, FreeBSD 4.11 and FreeBSD 6.0 will cease to be supported at the end of January 2007. _________________________________________________________________ =46reeBSD/powerpc on Freescale MPC8555 Contact: Rafal Jaworowski <raj@semihalf.com> Contact: Marcel Moolenaar <xcllnt@mac.com> Platform summary: * PowerQuiccIII integrated controller * e500 CPU core * compliant with PowerPC BookE specification (significantly different from the 'traditional' PowerPC architecture the current FreeBSD/powerpc supports, particularly in the areas of MMU design, exceptions model, specific e500 machine instructions etc.) Currently the machine is booting FreeBSD 6.1-RELEASE-p10 and operating both single- and multi-user modes; below are highlights of available functionality: 1. Low-level support 2. + booting from U-Boot bootloader + locore machine initialization + e500 exceptions + VM: a new pmap module developed 3. On-chip peripherals 4. + introduced ocpbus hierarchy (nexus and descendants) + interrupt controller: using generic OpenPIC driver + serial console: using uart(4) driver + barebones serial support using the QUICC's SCC + host/PCI bridge: a new driver developed for the built-in bridge + networking: a new driver developed for TSEC (3-speed Ethernet) 5. Booting 6. + from ATA disk and USB memory stick (both through a secondary PCI VIA82C686B controller) + from network (NFS-mounted rootfs) 7. Basic TCP/IP protocols and apps work (DHCP, NFS, SSH, FTP, Telnet etc.) 8. Userland 9. + integrated SoftFloat emulation lib (required due to e500 not being equipped with the old-style PowerPC FPU) + almost all applications seem to work Open tasks: 1. Work out extensible layout for sys/powerpc architecture directory so we can easily add support for new core variations and platforms to come in the future. 2. Integrate with FreeBSD source tree. 3. Release and tinderbox related options and settings. _________________________________________________________________ =46reeSBIE URL: http://www.FreeSBIE.org URL: http://users.gufi.org/~rionda/20relnotes/ URL: http://users.gufi.org/~rionda/20screen/ Contact: Matteo Riondato <matteo@FreeBSD.org> Contact: FreeSBIE Staff <staff@FreeSBIE.org> Contact: FreeSBIE Mailing List <freesbie@gufi.org> FreeSBIE is approaching the 2.0-RELEASE. The first release candidate proved to be good enough but a second one will probably be released. An external developer is working on integrating BSDInstaller in FreeSBIE 2.0 and this may cause a little delay of the release date. Release Notes were written and need to be updated with the current list of packages. A script which allows to switch Tor+Privoxy on and off was added and its usage was documented. The 2.0-RELEASE is near, hopefully near the end of January but this will also depend on when FreeBSD 6.2-RELEASE will be released. _________________________________________________________________ =46reshPorts URL: http://www.freshports.org/ URL: http://news.freshports.org/ Contact: Dan Langille <dan@langille.org> There have been a number of improvements to FreshPorts over the last quarter of 2006. The following are just a few of them. The links take you to the relevant article within the FreshPorts News website . * Better pagination of larger result sets * Listing of sanity test failures * Inclusion of latest vulnerabilities on the front page * Started working on adding tools to make FreshSource/FreshPorts more useful as a developer tool * The new dual opteron server has been deployed! My thanks to the many people who have contributed suggestions, ideas, and code over the years. Most of you are documented at the above URLs. Open tasks: 1. FreshPorts/FreshSource as a developer tool _________________________________________________________________ GEOM Multipath Contact: Matthew Jacob <mjacob@FreeBSD.org> A toy implementation of GEOM based active/passive multipath is now done and in a perforce repository. Seems to work. _________________________________________________________________ Hungarian Translation of the Webpages URL: http://www.FreeBSD.org/hu/ Contact: G=E1bor K=F6vesd=E1n <gabor@FreeBSD.org> Contact: Giorgos Keramidas <keramida@FreeBSD.org> G=E1bor K=F6vesd=E1n (gabor@) has submitted the Hungarian translation of= the webpages and Giorgos Keramidas (keramida@) has reviewed and committed the pages. The initial rendering issues have also been fixed and the webpage is in a pretty good shape now. As usual, this translation does not contain every part of the English version, but the most important and useful parts are there. G=E1bor will maintain this translation and regularly sync the content with the English version and add new translations if such become available. Open tasks: 1. Fix typos and mistakes that will be revealed after a deeper review by the public 2. Get more people involved _________________________________________________________________ Intel 3945ABG Wireless LAN Driver: wpi URL: http://perforce.FreeBSD.org/depotTreeBrowser.cgi?FSPC=3D//depot/user/ben jsc/wpi URL: http://www.clearchain.com/wiki/wpi Contact: Benjamin Close <benjsc@FreeBSD.org> An initial port of the NetBSD wpi driver has been done and development is happening fast to get this driver ready for the tree. At present basic functionality works. The driver can associate with a non encrypted peer and pass data in 11b and 11g modes. There is still lots to do and testing is welcome. Many thanks have to go to Sam, Max and Kip for helping the driver reach this point. Open tasks: 1. Solve bus dma alignment issues 2. Support WEP and WPA 3. Testing and more testing _________________________________________________________________ Interrupt Filtering URL: http://wikitest.FreeBSD.org/Interrupts Contact: Paolo Pisati <piso@FreeBSD.org> Contact: John Baldwin <jhb@FreeBSD.org> Contact: Scott Long <scottl@FreeBSD.org> Interrupt filtering is a new method to handle interrupts in FreeBSD that retains backward compatibility with the previous models (FAST and ITHREAD), while improving over them in some aspects. With interrupt filtering, the interrupt handler is divided into 2 parts: the filter (that checks if the actual interrupt belongs to a device) and a private per-handler ithread (that is scheduled in case some blocking work has to be done). The main benefits of this work are: * Feedback from filters (the operating system finally knows what's the state of an event and can react consequently). * Lower latency/overhead for shared interrupt line. * Previous experiments with interrupt filtering showed an increase in performance against the plain ithread model in some cases. * General shrink of the machine dependent code - part of the interrupting handling code was turned into machine independent code. During the last quarter many improvements were made up to the point where 3 archs (i386, amd64 and arm) are reported to work, and the project can be considered feature complete. I definitely want to make it part of the 7.0 release. Open tasks: 1. Define a road map to commit the code into the tree. 2. Rethink the interrupt stray handling (?!?!). 3. Finish off support for powerpc, sparc64 and ia64 (sun4v support is known to be broken now). _________________________________________________________________ ipfw NAT and libalias Contact: Paolo Pisati <piso@FreeBSD.org> Support for in-kernel NAT, redirect and LSNAT for ipfw was committed to HEAD, and i encourage people to test it so we can quickly discover/fix bugs. To add these features to ipfw, compile a new kernel adding "options IPFIREWALL_NAT" to your kernel config or, in case you use modules, add "CFLAGS +=3D -DIPFIREWALL_NAT" to your make.conf. Open tasks: 1. Teach libalias to handle mbufs (this will fix TSO-capable NICs). 2. Add support for hardware checksum offloading. _________________________________________________________________ iSCSI Initiator URL: ftp://ftp.cs.huji.ac.il/users/danny/freebsd/iscsi-2.0.1.tar.bz2 Contact: Daniel Braniss <danny@cs.huji.ac.il> Though it is still a work in progress, it now supports more targets, has login CHAP authentication and header/data digest. It will also recover from a lost connection - most of the time. Open tasks: 1. instrumentation 2. task management support 3. improve the error recovery _________________________________________________________________ Libelf URL: http://wiki.FreeBSD.org/LibElf URL: http://wiki.FreeBSD.org/PmcTools URL: http://people.FreeBSD.org/~jkoshy/projects/perf-measurement/ Contact: Joseph Koshy <jkoshy@FreeBSD.org> Libelf is a BSD-licensed library for ELF parsing & manipulation implementing the SysV/SVR4 (g)ELF[3] API. Current status: The library is now in -CURRENT. Work continues on its test suite and tutorial, and on deploying it in PmcTools. _________________________________________________________________ MPT LSI-Logic Host Adapters: mpt Contact: Matthew Jacob <mjacob@FreeBSD.org> The 'mpt' project is support for the MPT LSI-Logic Host Adapters (SCSI, Fibre Channel, SAS). The last quarter saw a lot of change supported by Yahoo! and LSI-Logic and many others as things settled out for better support for U320. Some initial Big Endian support was offered by John Birrel and Scott Long. Open tasks: 1. Finish SAS Integrated RAID support. 2. Try and get U320 RAID working better than it currently does. 3. Finish Big Endian support, including that for target mode. _________________________________________________________________ Multi-link PPP daemon (MPD) URL: http://sourceforge.net/projects/mpd/ URL: http://mpd.cvs.sourceforge.net/*checkout*/mpd/mpd/doc/changes.sgml Contact: Alexander Motin <mav@alkar.net> Contact: Archie Cobbs <archie@FreeBSD.org> MPD is moving to the next major release - mpd4_0. At the end of October one more beta version (4_0b5) was released and first RC is planned soon. Since 3_18 and 4_0b4 numerous bugs and cases of incorrect internal handling have been fixed. Performance has been increased and system requirements reduced. Many new features have been implemented: * IPv6 support * NAT (using the ng_nat(4) node) * integrated web server * Deflate and Predictor-1 CCP compression Some historically broken features have been reimplemented: * TCP and UDP link types * CCP compression * ECP encryption To support compression, two new Netgraph nodes ng_deflate and ng_pred1 have been created and the ng_ppp node has been modified. Open tasks: 1. ng_ppp node refactoring. 2. Implement packet loss notification in related Netgraph nodes (ng_ppp, ng_pptp, ng_async, ng_deflate, ng_pred1, ng_vjc, ...) to reduce recovery time and probability of incorrect packet decompression. 3. MPD auth subsystem refactoring. _________________________________________________________________ Network Stack Virtualization URL: http://imunes.tel.fer.hr/virtnet/ Contact: Marko Zec <zec@fer.hr> The network stack virtualization project aims at extending the FreeBSD kernel to maintain multiple independent instances of networking state. This will allow for complete networking independence between jails on a system, including giving each jail its own firewall, virtual network interfaces, rate limiting, routing tables, and IPSEC configuration. The prototype currently virtualizes the basic INET and INET6 kernel structures and subsystems, including the TCP machinery and the IPFW firewall. The focus is currently being kept on resolving bugs and sporadic lockups, and defining the internal and management APIs. It is expected that within the next month the code will become sufficiently complete and stable for testing by early adopters. _________________________________________________________________ New USB Stack URL: http://perforce.freebsd.org/depotTreeBrowser.cgi?FSPC=3D//depot/projects /usb/src/sys/dev/usb URL: http://www.turbocat.net/~hselasky/usb4bsd Contact: Hans Petter Sirevaag Selasky <hselasky@FreeBSD.org> During the last three months there has not been so much activity in the USB project. Some regression issues have been reported and fixed. Bernd Walter reports that he has got the new USB stack working on ARM processors with some minor tweaks. Markus Brueffer reports that he is working on the USB HID parser and support. A current issue with the new USB stack is that the EHCI driver does not work on the Sparc64 architecture. If someone has got a Sparc64 with FreeBSD 7-CURRENT on and can lend the USB project the root password, a serial console and a USB test device, for example a USB memory stick, that would be much appreciated. Another unresolved issue is that the ural(4) USB device driver does not always work. This is currently being worked on. If you want to test the new USB stack, check out the USB perforce tree or download the SVN version of the USB driver from my USB homepage. At the moment the tarballs are a little out of date. Ideas and comments with regard to the new USB API are welcome at freebsd-usb@FreeBSD.org . _________________________________________________________________ Past and Future PR Closing Events URL: http://wikitest.freebsd.org/Bugathons Contact: Florent Thoumie <flz@FreeBSD.org> Following the example of our NetBSD friends, we organized a couple of Bugathons to help decreasing the open PR count. At first, it was decided to make it a monthly event focused on both src, ports and doc. Audience decreased with each Bugathon organized and less non-ports committers attended the events. So from now on, we will focus on ports (making it a Portathon) and organize a new event after the end of each ports freeze (that should be twice a year, at most). _________________________________________________________________ Porting ZFS to FreeBSD URL: http://perforce.FreeBSD.org/depotTreeBrowser.cgi?FSPC=3D//depot/user/pjd /zfs URL: http://www.opensolaris.org/os/community/zfs/porting/ URL: http://docs.FreeBSD.org/cgi/mid.cgi?20060822104516.GB16033 Contact: Pawel Jakub Dawidek <pjd@FreeBSD.org> The ZFS file system works quite well on FreeBSD now. The first patchset has already been published on the freebsd-fs@FreeBSD.org mailing list . All file system methods are already implemented (except ACL-related). Basically all stress tests I tried work, even under very high load. There is still a problem with memory allocation, which can get out of control, but from what I know the SUN guys also work on this. Recently I have been working on a file system regression test suite. From what I found, there are no such test suites for free. I've already more than 3000 tests and I'm testing correctness of most file system related syscalls (chflags, chmod, chown, link, mkdir, mkfifo, open, rename, rmdir, symlink, truncate, unlink). I'm also working to make it usable on other operating systems (like Solaris, where it already works and Linux). Few days ago I also (almost) finished NFS support. You can't use the 'zfs share' command yet, but you can export file systems via /etc/exports and you can also access snapshots. It was quite hard, because snapshots are separate file systems and after exporting the main file system, we need to also serve data from snapshots under it. The one big thing which is missing is ACL support. This is not an easy task, because we first have to make some decisions. Currently we use POSIX ACLs in our UFS, but the market is moving slowly to NTFS/NFSv4-type ACLs. In Solaris they use POSIX ACLs for UFS and NFSv4-type ACLs for ZFS and we probably also want to use NFSv4-type ACLs in our ZFS, which requires some work outside ZFS. _________________________________________________________________ Ports Collection URL: http://www.FreeBSD.org/ports/ URL: http://www.FreeBSD.org/doc/en_US.ISO8859-1/articles/contributing-ports / URL: http://people.FreeBSD.org/~fenner/portsurvey/ URL: http://portsmon.FreeBSD.org/index.html URL: http://www.FreeBSD.org/portmgr/index.html URL: http://tinderbox.marcuscom.com Contact: Mark Linimon <linimon@FreeBSD.org> The ports count has jumped to 16347. The PR count, despite a jump, has gone back down to around 700. Not much work has been committed on the ports infrastructure due to the long 6.2 release cycle. However, many test runs have been done for several upcoming features, such as making sure that ports will work with the new release of gcc (4.1), and do not have /usr/X11R6 hard-coded into them. The intention of the latter is to move all ports to $LOCALBASE, which can then be selected by the user. This should help consistency going forwards, albeit at the cost of a one-time conversion. GNOME was updated to 2.16 during the release cycle. In addition, we are in the process of moving the FORTRAN default from f77 to gfortran. See the ports mailing list for details. The new xorg ports are still being worked on as well; they are intended to all live in $LOCALBASE. Hopefully this can get done in the early 6.3 development cycle. See the wiki for more information. A new version of the ports Tinderbox code is available, which is mostly a bugfix release. We have also added Pav Lucistnik as a new portmgr member, who we hope will help us work on the portmgr PR backlog. Welcome! We have also added 8 new committers since the last report. linimon continues to work on resetting committers who are no longer interested in their ports; as well, several ports commit bits have been stored for safekeeping. This is part of an attempt to keep the best match between volunteers and work to be done. Open tasks: 1. Most of the remaining ports PRs are "existing port/PR assigned to committer". Although the maintainer-timeout policy is helping to keep the backlog down, we are going to need to do more to get the ports in the shape they really need to be in. 2. Although we have added many maintainers, we still have many unmaintained ports. As well, the packages on amd64 and sparc64 are lagging behind. _________________________________________________________________ QLogic SCSI and Fibre Channel: isp Contact: Matthew Jacob <mjacob@FreeBSD.org> This project is for support for QLogic SCSI and Fibre Channel host adapters. The last quarter saw the addition of 4Gb Fibre Channel support and a complete rewrite of fabric management (which is still settling out). _________________________________________________________________ Release Engineering URL: http://www.FreeBSD.org/releng/ URL: http://www.FreeBSD.org/releases/6.2R/announce.html URL: http://www.FreeBSD.org/snapshots/ Contact: Release Engineering Team <re@FreeBSD.org> The recent activities of the Release Engineering team have centered around FreeBSD 6.2-RELEASE, which is now available for downloading. This is the latest release from the RELENG_6 branch, and includes many new performance and stability improvements, bug fixes, and new features. The release notes and errata notes for FreeBSD 6.2 contain more specific information about what's new in this version. We thank the FreeBSD developer and user community for their efforts towards making this release possible. The Release Engineering Team also produced snapshots of FreeBSD CURRENT in November 2006 and January 2007. These snapshots have not received extensive testing, and should not be used in production environments. However, they can be used for testing or experimentation, and show the kinds of functionality that can be expected in future FreeBSD releases. _________________________________________________________________ Sound Subsystem Improvements URL: http://people.FreeBSD.org/~ariff/ URL: http://www.FreeBSD.org/projects/ideas/ URL: http://wiki.FreeBSD.org/soundsystem Contact: Ariff Abdullah <ariff@FreeBSD.org> Contact: Alexander Leidinger <netchild@FreeBSD.org> Contact: Multimedia Mailinglist <multimedia@FreeBSD.org> Since the last status report there were improvements to the emu10kx driver for High Definition Audio (HDA) compatible chips. Some more chips are supported now and already supported chips should provide a better zero-configuration experience. The generic sound code got some very nice low latency changes, and fixes which make it multichannel/endian/format safe. We do not support multichannel operation yet, but this work is a prerequisite to work on implementing multichannel operation. This work also fixed some bugs which people may experience as clicks, hickups, truncation or similar behavior in the sound-output. So far there is no merge to 5.x or 6.x planned for this code, especially because there are API/ABI changes, e.g., several sysctls changed. People who do not care about this can download binary sound modules from Ariff's download page for 6.x and 5.x. We thank all people who tested the changes / submitted patches and thus helped improving the sound system. Open tasks: 1. Have a look at the sound related entries on the ideas list. 2. Add multichannel support. 3. sndctl(1): tool to control non-mixer parts of the sound system (e.g. spdif switching, virtual-3D effects) by a user (instead of the sysctl approach in -CURRENT); pcmplay(1), pcmrec(1), pcmutil(1). 4. Plugable FEEDER infrastructure. For ease of debugging various feeder stuff and/or as userland library and test suite. 5. Extend the wiki page. _________________________________________________________________ The FreeBSD Dutch Documentation Project URL: http://www.FreeBSD.org/doc/nl/books/handbook URL: http://www.evilcoder.org/content/section/6/39/ URL: http://www.FreeBSD-nl.org/doc/nl/ URL: http://www.FreeBSD-nl.org/www/ Contact: Remko Lodder <remko@FreeBSD.org> The FreeBSD Dutch Documentation Project is an ongoing project to translate the FreeBSD Handbook to the Dutch Language. Currently we almost translated the entire handbook, and we translated parts of the website, sadly the project went into a slush lately, so we seek out for fresh and new translators that are willing to join the team to continue the effort. Open tasks: 1. Translate the rest of the handbook 2. Make the documentation up to date 3. Translate the rest of the website _________________________________________________________________ The FreeBSD Foundation URL: http://www.FreeBSDFoundation.org Contact: Deb Goodkin <deb@FreeBSD.org> The FreeBSD Foundation ended 2006 raising over $100,000. We received commitments for another $55,000 in donations for the Fall Fundraiser. We fell short of our goal of raising $200,000. But, we are working hard to fill this gap, early in 2007, so we can continue with the same level of support for the project and community. Please go to http://www.freebsdfoundation.org/donate/ to find out how to make a donation to the foundation. We added a donors page to our website to acknowledge our generous donors. We negotiated and are now actively managing a joint technology project with NLNet and the University of Zagreb to develop virtualized network stack support for FreeBSD. We sponsored AsiaBSDCon and are now accepting travel grant applications for this conference. We are working to upgrade the project's network testbed with 10Gigabit interconnects. Cisco has generously donated a 10Gigabit switch and we have received network adapters from Myricom, Neterion, Intel, and Chelsio. Adapters from other vendors are being solicited so that we can do interoperability testing. For more information on what we've been up to, check out our end-of-year newsletter at http://www.freebsdfoundation.org/press/2006Dec-newsletter.shtml . _________________________________________________________________ TrustedBSD Audit URL: http://www.TrustedBSD.org/audit.html URL: http://www.OpenBSM.org/ Contact: Robert Watson <rwatson@FreeBSD.org> Contact: Christian Peron <csjp@FreeBSD.org> Contact: Wayne Salamon <wsalamon@FreeBSD.org> FreeBSD 6.2-RELEASE, the first release of FreeBSD with experimental audit support is now available. The plan is to make audit a full production feature as of FreeBSD 6.3-RELEASE, with "options AUDIT" compiled in by default. A TODO list has been posted to trustedbsd-audit. OpenBSM 1.0 alpha 13, which includes support for XML record printing, additional 64-bit token types, additional audit events, and more cross-platform build support, has been released. OpenBSM 1.0 alpha 14, which adds support for warnings clean building with gcc 4.1, will be released shortly. The new OpenBSM release will be merged to FreeBSD CVS in late January or early February. Open tasks: 1. Complete assignment of audit events to non-native and a few remaining native system calls. Add additional system call argument auditing. 2. Merge MAC Framework hooks allowing MAC modules to control access to kernel audit services. Refine and merge MAC labeling support in audit, including support for MAC annotations in the audit trail. 3. Complete pass through user space services adding audit support to system management tools (and ftpd). Work with third party software maintainers to add audit support for applications like xdm/kdm/gdm. 4. Merge latest OpenBSM, including XML output support. _________________________________________________________________ TrustedBSD MAC Framework URL: http://www.TrustedBSD.org/mac.html Contact: Robert Watson <rwatson@FreeBSD.org> Contact: <trustedbsd-discuss@TrustedBSD.org> Most work on the MAC Framework during this period, other than as relates to the priv(9) project described in a separate status report, has been in refinement of the structure of the framework. * Add two new entry points allowing MAC Framework policy modules to grant or limit fine-grained system privileges. * A sample mac_priv(4) policy module has been created demonstrating how a MAC Framework policy module can grant specific system privileges to specific users. * Commenting throughout the MAC Framework significantly extended. * Correct a bug in which the original ifnet label was copied to user space via ioctl, rather than the thread-local copy. * mac_enforce_subsystem debugging sysctls removed, as some policies rely on access control checks being called even when non-enforcing (specifically, information flow related policies). * Break out mac.h include file into mac.h (user API, system calls) and mac_framework.h (in-kernel interface to the MAC Framework). Move non-user MAC include files from src/sys to src/sys/security/mac. Move and break out kern_mac.c into mac_framework.c and mac_syscalls.c. The MAC Framework is now entirely located in src/sys/security/mac. * Export the MAC Framework version via a read-only sysctl and provide a #define version usable by policies. * MAC Framework locking optimized to optimistically expect no write lock contention during read locking. Open tasks: 1. Now that the MAC Framework has been fully moved to src/sys/security/mac, embark on the 'mac2' interface cleanup, in which many MAC Framework entry points are renamed for consistency. This will require most MAC Framework policy modules to be modified between FreeBSD 6.x and FreeBSD 7.x, although in a way that can be largely done using sed. 2. Add accessor functions for policies retrieving per-policy label data from labels, so that policy modules do not compile in the binary layout of struct label. This will allow future optimization of the label layout. 3. Complete integration of audit and MAC support, allowing MAC policy modules to control access to audit interfaces, and allowing them to annotate audit records. _________________________________________________________________ TrustedBSD priv(9) URL: http://www.TrustedBSD.org/ Contact: Robert Watson <rwatson@FreeBSD.org> TrustedBSD priv(9) replaces suser(9) as an in-kernel interface for checking privilege in FreeBSD 7.x. Each privilege check now takes a specific named privilege. This allows both centralization of jail logic relating to privilege, which is currently distributed around the kernel at the point of each call to suser(9), and allows instrumentation of the privilege logic by the MAC Framework. Two new MAC Framework entry points, one to grant and the other to limit privilege, are now available, providing fine-grained control of kernel privilege by policy modules. This lays the kernel infrastructure groundwork for further refinement and extension of the kernel privilege model. The priv(9) implementation has been committed to FreeBSD 7-CURRENT. This software was developed by Robert N. M. Watson for the TrustedBSD Project under contract to nCircle Network Security, Inc. Open tasks: 1. Complete review of kernel privilege checks, removal of suser(9) jail flag now that checks are centralized. 2. Explore possible changes to kernel privilege model along lines of POSIX.1e privileges, the Solaris privilege interface, etc. This has been explored previously as part of the TrustedBSD Capabilities project also. _________________________________________________________________ Update of the Linux Compatibility Environment in the Kernel URL: http://wiki.FreeBSD.org/linux-kernel Contact: Alexander Leidinger <netchild@FreeBSD.org> Contact: Roman Divacky <rdivacky@FreeBSD.org> Contact: Emulation Mailinglist <emulation@FreeBSD.org> Since the last status report we made good progress in improving the compatibility environment. We fixed more than 30 testcases on i386 (130 testcases =3D 16% still failing) and more than 60 testcases on amd64 (140 testcases =3D 17% still failing) in the Linux 2.4 compatibility. These numbers compare FreeBSD 6.2 with -CURRENT. Some of those fixes are edge cases in the error handling, and some of them fix real issues -- e.g. hangs -- and improve the stability and correctness of the emulation. Regarding the Linux 2.6 compatibility there are 140 testcases (17%) on i386 and 150 testcases (18%) on amd64 still failing in -CURRENT. After fixing some showstopper problems with real applications, we should be able to give the 2.6 emulation a more widespread exposure "soon" to find more bugs and to determine the importance of those Linux syscalls which we did not implement yet. The severity of the broken testcases varies, and some of them will never be fixed, e.g., we will never be able to load Linux kernel modules into a FreeBSD kernel, being able to add swap with a Linux command has very low priority, and fixing stuff which is used by applications like IPC type 17 has high priority. Some differences in the 2.6 compatibility are because not all i386 changes are merged into the amd64 code, and some testcases are already fixed in our perforce repository but need more review before they can be committed to -CURRENT. We need some more testers and bug reporters. So if you have a little bit of time and a favorite Linux application, please play around with it on -CURRENT. If there is a problem, have a look at the wiki if we already know about it and report on emulation@ . We are especially interested in reports about the 2.6 compatibility (sysctl compat.linux.osversion=3D2.6.16), but only with the most recent -CURRENT and maybe with some patches we have in the perforce repository (mandatory on amd64). We thank all people who tested the changes / submitted patches and thus helped improving the Linux compatibility environment. _________________________________________________________________ Updating X.org FreeBSD Ports to 7.2 URL: http://xorg.freedesktop.org/ URL: http://git.xbsd.org/?p=3Dfreebsd/ports.git;a=3Dshortlog;h=3Dxorg URL: http://blog.xbsd.org/ URL: http://lists.freebsd.org/pipermail/freebsd-x11/ Contact: Florent Thoumie <flz@FreeBSD.org> Contact: Eric Anholt <anholt@FreeBSD.org> Contact: Dejan Lesjak <lesi@FreeBSD.org> X.org 7.2 release has been delayed more than a month, which gave us more time to fix build failures, to work on a few runtime issues and to determine the easiest way to upgrade from 6.9 to 7.2 (mostly with the help of people on the freebsd-x11@ mailing list ). Everything is in a rather good shape but there's still a little amount of work to do. The merge of new ports is most likely to happen before the end of January. Open tasks: 1. Do a global review of the diff between the original tree and the experimental one (git-diff origin xorg for git users) 2. Fix the remaining (9 I think, 3 being lang/jdk's) build errors 3. Continue testing 4. Do another experimental build on pointyhat _________________________________________________________________ Wireless Networking Contact: Sam Leffler <sam@errno.com> Work on wireless support has continued to evolve in the public CVS tree while other work has been going on behind the scenes in the developer's perforce repository. Support was recently added to HEAD for half- and quarter-rate channels as found in the 4.9 GHz FCC Public Safety Band. This work was a prerequisite to adding similar support in the 900 MHz band as found in Ubiquiti's SR9 cards. Adding this functionality was straightforward due to the design of the net80211 layer, requiring only some additions to handle the unusual mapping between frequencies and IEEE channel numbers. The ath(4) driver currently supports hardware capable of operating on half- and quarter-rate channels. Kip Macy recently made significant advances preparing legacy drivers for the re-architected net80211 layer that has been languishing in perforce. With his efforts this code is nearly ready for public testing after which it can be merged into CVS. Our goal is to complete this merge in time for the 7.x branch (otherwise it will be forced to wait for 8.0 before it appears in a public release). This revised net80211 layer includes advanced station mode facilities such as background scanning and roaming and support for Atheros' SuperG extensions. Getting the revised scanning work into CVS will greatly simplify public distribution of the Virtual AP (VAP) code as a patch as well as enable addition of 802.11n support. Benjamin Close is working on support for the Intel 3945 parts commonly found in laptops. The work is going on in the perforce repository with public code drops for testing. Atheros PCI/Cardbus support was updated with a new HAL that fixes a few minor issues and corrects a problem that kept AR2424 parts from working. The new HAL also enables more efficient use of the hardware keycache for TKIP keys; on newer hardware you can now support up to 57 stations without faulting keys into the cache. Support for the latest 802.11n parts found in the new Lenovo and Apple laptops (among others) is in development; initial release will support only legacy operation. Support for Atheros USB devices is coming. Atheros has agreed to license their firmware with the same license applied to the HAL which means it can be committed to the tree and distributed as part of releases. The driver is still in development. wpa_supplicant and hostapd were updated to the latest stable build releases from Jouni Malinen. Shortly the in-tree code base will switch to the 0.5.x tree which will bring in much new functionality including dynamic VLAN tagging that will be especially useful once the multi-bss support is available. The support for injection of raw 802.11 frames was committed to HEAD. This work was done in collaboration with Andrea Bittau. At this point there are no plans to commit this to the STABLE branch as it requires API changes. _________________________________________________________________ Legal Notices | =A9 1995-2007 The FreeBSD Project. All rights reserved. --Boundary-00=_3cVrFyZxpZGOqso--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200701162352.39225.max>