[FUGSPBR] FreeBSD Development Status Report, February 2002 - April 2002 (fwd)
Edson Brandi
ebrandi.home em uol.com.br
Dom Maio 19 02:03:56 BRT 2002
PSC
---------- Forwarded message ----------
Date: Sat, 18 May 2002 12:53:51 -0400 (EDT)
From: Robert Watson <rwatson em FreeBSD.ORG>
To: developers em FreeBSD.ORG, hackers em FreeBSD.ORG
Subject: FreeBSD Development Status Report, February 2002 - April 2002
Attached, please find the status report covering activity from February
2002 - April 2002. This may also be found on the FreeBSD.org web page
(once the site rebuilds sometime today) at:
http://www.FreeBSD.org/news/status/
The next status report will cover May and June of 2002; solicitations for
content will be made during the first week of July.
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
robert em fledge.watson.org NAI Labs, Safeport Network Services
February - April 2002 Status Report
Introduction
This report covers FreeBSD development activities from February, 2002
through April, 2002. It's been a busy few months -- BSDCon in San
Francisco, the FreeBSD Developer Summit, a first development preview of
5.0-CURRENT, not to mention lots of progress on the 5.0 feature set
(SMPng, sparc64, GEOM, ... the list goes on).
In the next two months, the USENIX ATC occurs (highly recommended event
for both developers and users), and a number of new software components
will hit the tree, including UFS2 and the TrustedBSD MAC framework. We'll
also complete the elections for the FreeBSD Core Team, and should have the
next Core Team online by the time the next report rolls around. Stay tuned
for more!
Robert Watson
* "GEOM" - generalized block storage manipulation
* Athlon MTRR Problems
* Bluetooth stack for FreeBSD (Netgraph implementation)
* Fibre Channel
* FreeBSD ARM Port
* FreeBSD C99 & POSIX Conformance Project
* FreeBSD Developer Summit
* FreeBSD Package-building Cluster
* FreeBSD/KGI
* GCC 3.1
* GNOME Project
* IA64 Port
* Improving FreeBSD Startup Scripts
* IPMI Tools for FreeBSD
* jp.FreeBSD.org daily SNAPSHOTs project
* jpman project
* KAME
* KSE
* Libh
* locking up pcb's in the networking stack
* Netgraph ATM
* Network interface cloning and modularity
* New mount(2) API
* NEWCARD
* OpenSSH
* PAM
* PowerPC Port
* ppp RADIUS/MS-CHAP support
* Release Engineering
* SMPng
* TrustedBSD Audit
* TrustedBSD MAC
* UMA
* Universal Disk Filesystem for FreeBSD
* Wi Hostap
* Zero Copy Sockets
"GEOM" - generalized block storage manipulation
URL: http://www.FreeBSD.org/~phk/Geom/
Contact: Poul-Henning Kamp <phk em FreeBSD.org>
The GEOM code has gotten so far that it beats our current code in some
areas while stil lacking in others. Work continues on a generalized
interface for "magic data" (boot blocks, disklabels MBR's etc)
manipulation from userland.
With GEOM enabled in the kernel any FreeBSD platform will now recognize PC
style MBR's, i386 disklabels, alpha disklabels, PC98 extended MBRs and
SUN/Solaris style disklabels.
----------------------------------------------------------------------
Athlon MTRR Problems
Contact: David Malone <dwmalone em FreeBSD.org>
The FreeBSD MTRR code has been made more robust against unexpected values
sometimes found in the Athlon's Memory Type Range Registers. Problems with
these values had prevented XFree 4.2 running on some motherboards.
Experimentation indicates that these undocumented values may control the
mapping of BIOS/ROMs or have something to do with SMM. If anyone can
provide details of what these values mean, can they please let me know, so
the MTRR code can be completed.
----------------------------------------------------------------------
Bluetooth stack for FreeBSD (Netgraph implementation)
Contact: Maksim Yevmenkin <m_evmenkin em yahoo.com>
I'm slowly making progress. The second engineering release is available
for download at
http://www.geocities.com/m_evmenkin/ngbt-fbsd-20020506.tar.gz
This release includes support for H4 UART transport layer, Host Controller
Interface (HCI), Link Layer Control and Adaptation Protocol (L2CAP) and
Bluetooth sockets layer. It also comes with several user space utilities
that can be used to configure and test Bluetooth devices.
I'm currently working on RFCOMM protocol implementation (Serial port
emulation over Bluetooth link). My next goal is to port Service Discovery
Protocol (SDP) implementation from BlueZ (http://bluez.sf.net). I'm also
thinking about adding USB device support (as soon as i find/buy hardware).
Issues: 1) Bluetooth hardware; I have couple PC-CARDs that i use for
development and testing purposes, but i'd love to have more. 2) Time; My
regular day job kicked in, so i will be spending more time doing stuff i'm
getting paid for.
----------------------------------------------------------------------
Fibre Channel
URL: http://people.FreeBSD.org/~mjacob/fibre_channel.html
Contact: Matthew Jacob <mjacob em FreeBSD.org>
Continued bug fixing and hardening for this last few months.
Future work will include making target mode work correctly and fast.
The LSI-Logic chipset's MPT Fusion driver is also being evaluated.
----------------------------------------------------------------------
FreeBSD ARM Port
URL: http://pages.infinit.net/sepotvin.
Contact: Stephane E. Potvin <sepotvin em videotron.ca>
Since the last progress report, the initialization code was much cleaned
(thanks to NetBSD's acort32 port) and partial DDB support as been added.
I'm now struggling to put the pmap module into a working state. The latest
patch set only includes the initialization changes. I did some tries to
get what I had so far working on my iPAQ without much successes
(downloading a kernel over a serial link is way too painful). If anyone
has had success in getting any iPAQ to work as a USB storage device under
*BSD please contact me.
----------------------------------------------------------------------
FreeBSD C99 & POSIX Conformance Project
URL: http://www.FreeBSD.org/projects/c99/
Contact: Mike Barcroft <mike em FreeBSD.org>
Contact: FreeBSD-Standards Mailing List <standards em FreeBSD.org>
Since the last status report, two developers working on utility
conformance were given commit access to the FreeBSD CVS repository to help
expedite development. As a result, the following utilities have been
brought up to conformance, they include: csplit(1), env(1), expr(1),
fold(1), join(1), m4(1), mesg(1), paste(1), patch(1), pr(1), uuencode(1),
uuexpand(1), and xargs(1). The printf(1) utility was brought up to
conformance with the 1992 edition of POSIX.2, with further development
planned.
On the header front, much progress has been made. Specically,
infrastructure to control visiblity of components of a header, based on
the standard requested by an application, has been added to <sys/cdefs.h>.
Some work has been completed on renovating the way types are defined. This
has lead to the creation of <sys/_types.h>. Further improvements such as
the merger of <machine/ansi.h> and <machine/types.h> are planned.
Additionally, the headers: <strings.h>, <string.h>, and <sys/un.h> have
been made to conform to POSIX.1-2001.
On the API front, scanf(3) has received support for 5 new length modifiers
(hh, j, ll, t, and z). A patch to implement two additional conversion
specifiers (j and z) has been developed for printf(9) and is expected to
be committed soon.
In other news, the project's web site has been moved to the main FreeBSD
site. It is now available at the URL at the top of this status report.
Please update your bookmarks.
----------------------------------------------------------------------
FreeBSD Developer Summit
URL: http://www.FreeBSD.org/news/events/2002/bsdcon-devsummit.html
Contact: Robert Watson <rwatson em FreeBSD.org>
The second FreeBSD Developer Summit, held following the BSD Conference in
San Francisco in February, was a great success. Around 40 developers
attended in person, another five by phone, and many others by webcast.
During a marathon-esque eight hour session, a variety of development
topics were discussed, including adding inheritence to the KOBJ system,
ports to new architectures, adaptations of the toolchain for new
architectures, the GEOM extensible storage device framework, upcoming
changes to the network stack, TrustedBSD features, KSE, SMPng, and the
release engineering schedule. This event was sponsored by DARPA and NAI
Labs, with webcasting provided by Joe Karthauser, bandwidth provided by
Yahoo!. Planning for future such events is now underway; a
summary/transcript of discussion may be found at the URL above.
----------------------------------------------------------------------
FreeBSD Package-building Cluster
Contact: Kris Kennaway <kris em FreeBSD.org>
Packages are built from the FreeBSD Ports Collection on a cluster of i386
and alpha machines using scripts available in /usr/ports/Tools/portbuild/.
Over the past few months I have been cleaning up and extending these
scripts to improve efficiency and allow for greater flexibility in how
package builds are performed. Major improvements so far have been:
cleaning up and modularizing the scripts to avoid code duplication and
reduce the need for ongoing maintenance; optimizing the build process and
making it much more robust against client machine failure; and allowing
package builds to be restarted if they are interrupted. The i386 package
cluster is currently running FreeBSD 5.0-CURRENT, and it has proven to be
a useful testing ground for exposing kernel bugs, especially those which
only manifest under system load.
Future plans include the ability to perform incremental package rebuilds
which only build packages that have changed since the last run. This will
allow packages to be made available on the FTP site within an hour or two
of the CVS commit to the ports collection. We also hope to set up a
sparc64 package cluster in the near future, but this is contingent on
suitable hardware.
----------------------------------------------------------------------
FreeBSD/KGI
URL: http://www.FreeBSD.org/~nsouch/ggiport.html
Contact: Nicholas Souchu <nsouch em FreeBSD.org>
FreeBSD/KGI started last year after the port of GGI to VGL. KGI (Kernel
Graphic Interface) is a kernel infrastructure providing user applications
with access to hardware graphic resources (dma, irqs, mmio). KGI is
already available under Linux as a seperate project. The FreeBSD/KGI
project aims at integrating KGI in the FreeBSD kernel. Mostly a port for
now, but optimized for FreeBSD in the future. Currently FreeBSD/KGI is
under development and the code is only available for reading, compiling
but not running. More interesting are design hints found at the project
URL.
----------------------------------------------------------------------
GCC 3.1
Contact: David O'Brien <obrien em FreeBSD.org>
As of Thur May 9th, 2002 FreeBSD 5-CURRENT is now using a GCC 3.1
prerelease snapshot as the system C compiler. At this time of cutting
over, the compiler is working well on i386, Alpha, Sparc64, and IA-64 for
building world. There is a known problem with our atomic ops on Alpha that
prevents a GCC 3.1 built kernel from booting.
Currently the C++ support libraries (libstdc++, et.al.) does not build and
thus prevents the system C++ compiler from being used.
----------------------------------------------------------------------
GNOME Project
URL: http://www.FreeBSD.org/gnome
Contact: Joe Marcus <marcus em FreeBSD.org>
The GNOME project has seen quite a few changes lately. For one, the author
of this update has recently been given "The Bit." Joe Marcus Clarke now
has CVS access, and is working primarily on the GNOME project. Joe has
been closing a good deal of GNOME PRs, as well as patching some of the
existing GNOME 1.4 components.
The GNOME 2 porting effort continues on. We have completed porting of the
GNOME 2.0 API, and are 75% complete on porting the full GNOME 2.0 desktop.
When complete, GNOME 1.4 and GNOME 2.0 will be co-resident in the ports
tree. Both APIs can be installed concurrently in the same PREFIX, but the
respective desktops will remain mutually independent. Maxim Sobolev is
working on adapting bsd.gnome.mk to handle both versions of the desktop in
an elegant fashion.
Not to be left out, the existing GNOME 1.4 components have received
numerous updates to keep them in sync with the stable distfiles on
gnome.org. We have seen many "1.0" milsestone releases including the most
recent AbiWord 1.0.0. In the next few weeks, we will be making sure all
the GNOME 1.4 components build correct packages on bento so that GNOME 1.4
will be on the 4.6-RELEASE CD.
----------------------------------------------------------------------
IA64 Port
Contact: Peter Wemm <peter em FreeBSD.org>
IA64 has had a busy few months. Aside from gcc, we are now fully self
hosting on IA64. Doug Rabson has performed his magic and implemented the
execution of 32 bit i386 application binaries although more work remains
to be done to make ld-elf.so.1 happy with the different underlying page
size. We have been using the i386 perforce binary to do actual development
work and submit from the ia64 systems themselves. Marcel Moolenaar has
been working on SMP and machine-check support. We have been running SMP
kernels amazingly reliably on our development boxes for quite some time
now. syscons is now functional. We have produced a self-booting
run-root-on-cdrom ISO image (idea taken from the sparc64 folks) that has
been used to manually self install an IA64 system from a blank disk. Aside
from a few minor loose ends we now have complete 'make world'
functionality. sysinstall works on ia64. We plan on producing a
semi-respectable boot/install cdrom image shortly.
----------------------------------------------------------------------
Improving FreeBSD Startup Scripts
URL: http://home.pacbell.net/makonnen/rcng.html
URL: http://groups.yahoo.com/group/FreeBSD-rc/
URL: http://www.mewburn.net/luke/bibliography.html
URL: http://www.netbsd.org/Documentation/rc/
Contact: Doug Barton <dougb em FreeBSD.org>
Contact: Mike Makonnen <makonnen em pacbell.net>
Contact: Gordon Tetlow <gordont em gnf.org>
Mike Makonnen has done quite a bit of excellent work on porting the
scripts from FreeBSD into the NetBSD framework. The next step seems to be
to try to reduce the amount of diffs between our implementation and the
original set from NetBSD.
----------------------------------------------------------------------
IPMI Tools for FreeBSD
URL: http://www.FreeBSD.org/~dwhite/ipmi/
Contact: Doug White <dwhite em FreeBSD.org>
IPMI Tools for FreeBSD is a collection of C and Python applications and
modules for exploring the information available via the Intelligent
Platform Management Interface (IPMI), as implemented on server
motherboards by Intel and HP. IPMI is an open standard with patent
protection for adopters which defines standard interfaces to on-board
management hardware. The management hardware consists of a CPU, sensors
such as temperature probes and fan speeds, and repositories such as the
System Event Log and Field-Replaceable Unit (FRU) inventory, and other
system information.
A basic set of tools was recently made available which uses the KCS and
SMIC system interfaces to retrieve the System Event Log, FRU repository,
and system sensors. Additional features are currently under research.
Suggestions for additional features and programs are greatly appreciated.
----------------------------------------------------------------------
jp.FreeBSD.org daily SNAPSHOTs project
URL: http://snapshots.jp.FreeBSD.org/
URL: http://www.jp.FreeBSD.org/snapshots/
Contact: Makoto Matsushita <matusita em jp.FreeBSD.org>
There are several new topics, including: Source Code Tour is now separated
into kernel part and userland part, yet another snapshots from RELENG_4_x
branch (currently 4.5-RELEASE-p4), add several packages including XFree86
4.x to installation CD-ROM, new cdboot-only ISO image, fix breackage of
duplex.iso, etc. See also the project webpage for more detail. Also, I
have a plan to add FreeBSD/alpha distribution to this project -- stay
tuned.
----------------------------------------------------------------------
jpman project
URL: http://www.jp.FreeBSD.org/man-jp/
Contact: Kazuo Horikawa <horikawa em FreeBSD.org>
4.5-RELEASE Japanese manapge package, ja-man-doc-4.5.tgz, once published
with OpenSSH 2.3 (as reported by previous status report) on January 31, is
replaced with new package with OpenSSH 2.9 based manpages on March 3.
Since then, we have been updating Japanese manpages for 4.6-RELEASE. For
new translation and massive update, we have been making a lot of effort.
Continuing section 3 updating has 73% finished.
----------------------------------------------------------------------
KAME
URL: http://www.kame.net/
URL: http://www.kame.net/roadmap-2002.html
Contact: Shinsuke SUZUKI <suz em kame.net>
KAME Project has been extended until March 2004, and we decided the
project roadmap for these two years. The first one year is for
implementation, and the remaining year is for feedback of our results into
other BSD projects (please refer to the above URL for further detail).
Great change is lack of NAT-PT support due to a lack of human resource,
although KAME snap still contains it as it is.
SUZUKI Shinsuke (suz em kame.net) has begun working for KAME and FreeBSD
merge task in cooperation with Umemoto-san (ume em FreeBSD.org). Some of KAME
stuff (critical bug fix, newest ports for pim6sd and racoon, etc) has been
merged into 4-stable in this April.
----------------------------------------------------------------------
KSE
URL: http://www.FreeBSD.org/~julian/
URL: http://www.FreeBSD.org/~jasone/kse/
Contact: Julian Elischer <julian em FreeBSD.org>
Contact: Jonthan Mini <mini em FreeBSD.org>
The KSE project had floundered due to lack of development time for awhile,
but has been picked up recently by Jonathan Mini. Currently, the main
focus is to prepare the "milestone 3" code for inclusion into -CURRENT.
The project is still working towards "milestone 4" (allowing threads from
the same process to run on multiple CPUs), which should be significantly
easier now due to work done by the SMPng project over the past several
months.
Help could be used in several areas of the project, especially with
porting the libc_r (pthreads) library to KSE's threading model.
----------------------------------------------------------------------
Libh
URL: http://www.FreeBSD.org/projects/libh.html
Contact: Antoine Beauprs <anarcat em anarcat.ath.cx>
Contact: Alexander Langer <alex em FreeBSD.org>
Contact: Nathan Ahlstrom <nra em FreeBSD.org>
We now have a loadable mfsroot floppy. It contains just the diskeditor
(which is really a disk partitioner) which has been enhanced and is
probably in his final form. It's been geared towards making the newfs(1)
and mount(1) step seperate dialogs, so it reduced its complexity. A basic
fstab class has been implemented to manipulate /etc/fstab and mountpoint.
This might find a use outside libh, by the way. Libh package format is
still incomplete and somehow buggy, so it's my next target.
There is a API documentation effort underway with the help of doxygen(1),
so there's now more documentation for people that want to get started with
libh.
All this lead me to prepare the release of another alpha preview of libh
that will shortly be available in the ports collection (0.2.2). Also, a
new committer (okumoto) has joined the project (as well as I) and he is
currently working on cleaning up the build system. It's been a few months
without news, so this probably seemed a bit long, but don't worry, we
still need your help to really get this going!
----------------------------------------------------------------------
locking up pcb's in the networking stack
URL: http://www.FreeBSD.org/smp/
Contact: Jeffrey Hsu <hsu em FreeBSD.org>
I've been mentoring someone on locking up the protocol control blocks in
the networking stack. She has already finished TCP and UDP and I'm
currently reviewing the patch with her and going over some networking lock
order issues. Locking up raw protocol interface control blocks follows
next.
----------------------------------------------------------------------
Netgraph ATM
URL:
http://www.fokus.fhg.de/research/cc/cats/employees/hartmut.brandt/ngatm/index.html
Contact: Harti Brandt <brandt em fokus.fhg.de>
Version 1.1 for FreeBSD-current is now available. It includes the
SNMP-daemon package bsnmp, the driver package ngatmbase, the UNI4.0
signaling package ngatmsig and the network emulation package ngatmnet.
NgAtm allows both to build applications running directly on top of ATM and
to use ATM-Forum LAN emulation to use IP over ATM. Currently we are
working on a simple switch module, that implements the network side
signaling and ILMI as well as simple routing and call admission control.
----------------------------------------------------------------------
Network interface cloning and modularity
Contact: Brooks Davis <brooks em FreeBSD.org>
Support for stf(4), faith(4), and loopback interfaces has been committed
to current. The stf and faith support has been MFC'd. In current the API
has changed to move unit allocation into the generic cloning code reducing
the amount of support code required in each driver. Code improvements to
increase our API compatability with NetBSD will be commited soon along
with cloning support for discard interfaces and ppp(4) interfaces.
Thanks to mux em FreeBSD.org for the loopback support and unit allocation
cleanups.
----------------------------------------------------------------------
New mount(2) API
Contact: Poul-Henning Kamp <phk em FreeBSD.org>
Contact: Maxime Henrion <mux em FreeBSD.org>
The patch for the new mount API has now been committed to the tree.
Several filesystems also have been converted to this new mount API, namely
procfs, linprocfs, fdescfs and devfs. I'm working on converting more
filesystems to nmount, and actually already have UFS done. It has not been
committed yet to avoid conflicting with the UFS2 work, but it should hit
the tree soon. Manpages are still missing at the moment because I had to
modify the API slightly. I hope to have them done soon now.
----------------------------------------------------------------------
NEWCARD
Contact: Warner Losh <imp em FreeBSD.org>
NEWCARD support tried to merge CardBus functions with PCI functions, but
that failed to properly route interrupts. A branch for the merge was
created and will be merged into the main line at a later date. Too many
other things going on in my life to make much progress.
----------------------------------------------------------------------
OpenSSH
Contact: Dag-Erling SmUrgrav <des em FreeBSD.org>
OpenSSH has been upgraded to 3.1, and the kinks seem to have been worked
out by now. OpenSSH will now use PAM for both ssh1 and ssh2
authentication.
----------------------------------------------------------------------
PAM
URL: http://people.FreeBSD.org/~des/pam/pam-2002-03.html
URL: http://people.FreeBSD.org/~des/pam/pam-2002-04.html
Contact: Mark Murray <markm em FreeBSD.org>
Contact: Dag-Erling SmUrgrav <des em FreeBSD.org>
The painful parts are now completed, with all authentication- related
utilities converted to PAM (except for those cases where it doesn't make
sense, like Kerberos- or OPIE-specific commands). OpenPAM is complete
(except for a few missing man pages) and seems to work well.
For more details, see the activity reports linked to above.
----------------------------------------------------------------------
PowerPC Port
URL: http://jeamland.net/~benno/powerpc-boot.txt
Contact: Benno Rice <benno em FreeBSD.org>
The PowerPC port is moving ahead. It can now mount a root file system and
exec init, but fails when trying to map init's text segment in. I'm hoping
to have it starting my fake "Hello, world!" init soon, after which I plan
to try and get some libc bits in place so that I can build /bin and /sbin
and try to get to actual single-user.
----------------------------------------------------------------------
ppp RADIUS/MS-CHAP support
Contact: Brian Somers <brian em FreeBSD.org>
libradius now supports RADIUS vendor attribute extensions and user-ppp is
now capable of doing MS-CHAP authentication via a RADIUS server. A new
net/freeradius port has been created for support of MS-CHAP in a RADIUS
server.
MS-CHAPv2 support will be added soon.
The work is sponsored by Monzoon.
----------------------------------------------------------------------
Release Engineering
URL: http://www.FreeBSD.org/releng/
Contact: Release Engineering <re em FreeBSD.org>
The release engineering team released FreeBSD 5.0-DP1 on 8 April 2002.
This Developer Preview gives developers and other interested parties a
chance to help test some of the new features to appear in 5.0-RELEASE.
This distribution has known bugs and areas of instability, and should only
be used for (non-production) testing and development.
The next releases of FreeBSD will be 4.6-RELEASE (scheduled for 1 June
2002) and 5.0-DP2 (scheduled for 25 June 2002). Information on the release
schedules and more can be found on the team's new area on the FreeBSD Web
site (see the URL above).
Finally, the team has gained two new members: Brian Somers and Bruce A.
Mah.
----------------------------------------------------------------------
SMPng
URL: http://www.FreeBSD.org/smp/
Contact: John Baldwin <jhb em FreeBSD.org>
Contact: <smp em FreeBSD.org>
The SMPng project has been picking up steam in the last few months
thankfully. In February, Seigo Tanimura-san committed the first round of
process group and session locking. Alfred Perlstein also added locking to
most of the pipe implementation. In March, Alfred fixed several problems
with the locking for select() and pushed down Giant some in several system
calls. Andrew Reiter added locking for kernel module metadata, and Jeff
Roberson wrote a new SMP-friendly slab allocator to replace both the zone
allocator and the in-kernel malloc(). The use of the critical section API
was cleaned up to not be abused as replacements for disabling and enabling
interrupts. Also, Matt Dillon optimized the MD portion of the critical
section code on the i386 architecture. Several other subsystems were also
locked in April as well. See the SMPng website and todo list for more
details.
Some of the current works in progress include locking for the kernel
linker by Andrew Reiter and light-weight interrupt threads for the i386 by
Bosko Milekic. Seigo Tanimura-san, Alfred Perlstein, and Jeffrey Hsu are
also working on locking down various pieces of the networking stack. Alan
Cox has started working on fixing the existing locking in the VM subsystem
and moving bits of it out from under Giant. John Baldwin has written an
implementation of turnstiles as well as adaptive mutexes in the jhb_lock
Perforce branch. The adaptive mutexes appear to be stable on i386, alpha,
and sparc64, but the turnstile code still contains several tricky lock
order reversals. John also plans to commit the p_canfoo() API change to
use td_ucred in the very near future and then finish the task of making
ktrace(4) use a worker thread.
----------------------------------------------------------------------
TrustedBSD Audit
URL: http://www.TrustedBSD.org/
Contact: Andrew Reiter <arr em FreeBSD.org>
Contact: TrustedBSD Audit Mailing List <trustedbsd-audit em TrustedBSD.org>
Over the past couple of months, progress has pretty much stopped until
very recently. The past few changes to the audit code were update the
usage of zones to UMA zones, cleanup some old cruft, and start toying with
the idea of having an audit write thread implemented as an ithd. The next
step is to decide two realistic approaches to the where the records will
be dumped -- whether that is to a local disk or fed up to userland and
then dealt with. After that, the goal will be to expand the number of
events that are being audited, while also working in some performance
testing procedures. I will be posting to trustedbsd-audit about the recent
changes shortly.
----------------------------------------------------------------------
TrustedBSD MAC
URL: http://www.TrustedBSD.org/
Contact: Robert Watson <rwatson em FreeBSD.org>
Contact: TrustedBSD Discussion Mailing List
<trustedbsd-discuss em TrustedBSD.org>
Over the last three months, there has been a lot of activity in the
TrustedBSD MAC tree. An initial commit of the SEBSD code (NSA FLASK and
SELinux implementation) was made; many MAC policies previously linked
directly to the kernel via kernel options were moved to kernel modules;
the flexibility of the framework was improved relating to the life cycle
of object labels; additional labeling and access control hooks were
introduced; new policies were introduced to demonstrate the flexibility of
the framework (including a cleanup of inter-process authorization,
additional VFS hooks, improved support for multilabel filesystems, network
booting, IPv6, IPsec, support for "peer" labels on stream sockets).
Current modules include Biba integrity policy, MLS confidentiality policy,
Type Enforcement, "BSD Extended" (permitting firewall-like rulesets for
filesystem protection), "ifoff" (limit interface communication by policy),
mac_seeotheruids (limit visibility of processes/etc of other users),
"babyaudit" (a simple audit implementation), and SEBSD (FLASK/SELinux
port).
Over the next month, a final move to completely dynamic labeling will be
made, permitting policies to introduce new state relating to process
credentials, vnodes, sockets, mounts, interfaces, and mbufs at run-time,
allowing a broad range of flexible label-driven policies to be developed.
In addition, application APIs will be re-designed and re-implemented so as
to better support a fully dynamic policy framework. We plan to make an
initial prototype patchset available for review in June, with the intent
of committing that patchset in mid-June.
Updated prototype code may be retrieved from the TrustedBSD CVS trees on
cvsup10.FreeBSD.org.
----------------------------------------------------------------------
UMA
Contact: Jeff Roberson <jeff em FreeBSD.org>
FreeBSD's new kernel memory allocator has been commited to 5.0. UMA is a
slabs derived allocator that supports memory reclaiming, object caching,
type stable storage, and per cpu free lists for optimal SMP performance.
It has both a malloc(9) interface and a zone style interface for specific
object types. uma(9) will be available shortly.
----------------------------------------------------------------------
Universal Disk Filesystem for FreeBSD
URL: http://people.FreeBSD.org/~scottl/udf
Contact: Scott Long <scottl em FreeBSD.org>
Contact: Jeroen Ruigrok <asmodai em wxs.ml>
Read-only support for UDF filesystems was checked into the 5-CURRENT
branch in April. Backporting for 4-STABLE is being conducted by Jeroen.
The next phase is to write a newfs_udf, then move on to adding write
support to the filesystem. I'm still looking for a volunteer to handle
read and write support for write-once media (e.g. CD-R).
----------------------------------------------------------------------
Wi Hostap
Contact: Warner Losh <imp em FreeBSD.org>
Work on the host access point support for the Prism2 and Prism2.5 based
wireless cards has been integrated into the kernel. This work is largely
based on Thomas Skibo's initial implementation.
----------------------------------------------------------------------
Zero Copy Sockets
URL: http://people.FreeBSD.org/~ken/zero_copy/
Contact: Ken Merry <ken em FreeBSD.org>
I have released a new zero copy sockets snapshot, the first since
November, 2000. The code has been ported up to the latest -current, and
the jumbo code now has mutex protection. Also, zero copy send and receive
can be selectively turned on and off via sysctl to make it easier to
compare performance with and without zero copy. Reviews and comments are
welcome.
To Unsubscribe: send mail to majordomo em FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
______________________________________________
http://www2.fugspbr.org/mailman/listinfo/fugspbr
Mais detalhes sobre a lista de discussão freebsd