Section Navigation
FreeBSD Quarterly Status Report
Introduction:
Another busy pair of months at the FreeBSD Project have brought substantial maturity and feature completeness to the fledgeling 5.0-CURRENT branch. And just in time too, because by the time you read the next status report, we hope that you'll have FreeBSD 5.0 running on your desktop! Over the past two months, we've seen an upgrade of sparc64 to Tier 1 (Fully Supported) status, integration of a high quality storage encryption module, the commit of hardware-accelerated IPsec support, the addition of a general-purpose "Device Daemon" to process hardware attach/detach events to replace earlier single-purpose and bus-specific daemons, the commit of RAIDFrame, and the improved maturity of the TrustedBSD work. We've also seen another successful release of the 4.x branch, 4.7-RELEASE, which will continue to be the production supported platform as 5.X is brought in for landing.
Over the next two months, the FreeBSD Project will be focused almost entirely on making 5.0 a success: improving system stability and performance, as well as increasing the pool of applications that build and run on 5.0. The Release Engineering team will have announced the 5.0 code freeze, and released DP2 by the time you read this. Following DP2 will be a series of Release Candidates (RC's), and then the release itself. If you're interested in getting involved in the testing process, please lend a hand -- a spare box and a copy of the DP and RC ISOs burnt onto CD will make a difference. The normal caveats associated with pre-release versions of operating systems apply! You may also be interested in reading the Early Adopter's guide produced by the Release Engineering team to help determine when a transition from the 4.x branch to the 5.x branch will be appropriate for you and your organization.
Thanks,
Robert Watson, Scott Long
- Bluetooth stack for FreeBSD (Netgraph implementation)
- BSDCon 2003
- C99 & POSIX Conformance Project
- DEVD Status Report
- Fast IPsec Status
- FreeBSD GNOME Project
- FreeBSD Java Project
- FreeBSD/MIPS
- FreeBSD/sparc64 Status Report
- GBDE - Geom Based Disk Encryption
- GEOM - generalized block storage manipulation
- Hardware Crypto Support Status
- jp.FreeBSD.org daily SNAPSHOTs project
- jpman project
- KDE FreeBSD Project
- KSE Project Status
- LibH
- NEWCARD Status Report
- OSF DCE 1.1 RPC UUIDs
- PowerPC Port
- RAIDFrame for FreeBSD
- Release Engineering
- TrustedBSD Project
- Wireless Networking Status
Bluetooth stack for FreeBSD (Netgraph implementation)
URL: http://www.geocities.com/m_evmenkin/
URL: http://bluez.sf.net
URL: http://sourceforge.net/projects/openobex
Contact: Maksim Yevmenkin <[email protected]>
I'm very pleased to announce that another engineering release is available for download at http://www.geocities.com/m_evmenkin/ngbt-fbsd-20021104.tar.gz
This release features minor bug fixes and new OpenOBEX library port. The snapshot includes support for H4 UART and H2 USB transport layers, Host Controller Interface (HCI), Link Layer Control and Adaptation Protocol (L2CAP) and Bluetooth sockets layer. It also comes with several user space utilities that can be used to configure and test Bluetooth devices. Also there are several man pages.
Service Discovery Protocol (SDP) port has been updated to version 0.8. (ported from BlueZ-sdp-0.8). Most of the RFCOMM issues have been resolved and now rfcommd works with Windows (3COM, Xircom and Widcomm) and Linux stacks.
New supported USB device - EPoX BT-DG02 dongle. Also I have received successful report about Mitsumi USB dongle and C413S Bluetooth enabled cell phone (L2CAP and SDP works, waiting on RFCOMM report).
I'm currently working on OBEX server (Push and File Transfer profiles) which will be based on OpenOBEX library (included in the snapshot).
BSDCon 2003
URL: http://www.usenix.org/events/bsdcon03/cfp/
Contact: Gregory Shapiro <[email protected]>
The BSDCon 2003 Program Committee invites you to contribute original and innovative papers on topics related to BSD-derived systems and the Open Source world. Topics of interest include but are not limited to:
- Embedded BSD application development and deployment
- Real world experiences using BSD systems
- Using BSD in a mixed OS environment
- Comparison with non-BSD operating systems; technical, practical, licensing (GPL vs. BSD)
- Tracking open source development on non-BSD systems
- BSD on the desktop
- I/O subsystem and device driver development
- SMP and kernel threads
- Kernel enhancements
- Internet and networking services
- Security
- Performance analysis and tuning
- System administration
- Future of BSD
Submissions in the form of extended abstracts are due by April 1, 2003. Be sure to review the extended abstract expectations before submitting. Selection will be based on the quality of the written submission and whether the work is of interest to the community.
We look forward to receiving your submissions!
C99 & POSIX Conformance Project
URL: http://www.FreeBSD.org/projects/c99/
Contact: Mike Barcroft <[email protected]>
Contact: FreeBSD-Standards Mailing List <[email protected]>
October 10, 2002 marked the one year anniversary of our project. During that time we have made significant advances in FreeBSD's standards conformance. FreeBSD 5.0-RELEASE will be the showcase for most of our hard work. We hope that our tireless effort has had a positive effect on FreeBSD and software vendors that maintain or are considering porting their software to FreeBSD.
On the API front, _Exit(3) (an alias for _exit(2)) was added, sysconf(3) was update for POSIX.1-2001, and some of the glob(3) additions were MFC'd. The insque(), lsearch(), and remque() family of functions were reimplemented and moved to libc from libcompat. Several wide character functions were implemented, including all printf() and scanf() variants. Finally, support for wide character format types (%C, %S, %lc, %ls) were added to printf(3).
Work on utility conformance continued as getconf(1)'s compliance was updated, c99(1) (a new version of c89(1)) was implemented, and cd(1) and command(1) changes were MFC'd.
Almost 20 headers were brought up to conformance with applicable standards. Not much work remains to fix conformance issues in the remaining standard headers. Work in this area, as well as others, has slowed down in preparation for 5.0-RELEASE.
DEVD Status Report
Contact: Warner Losh <[email protected]>
DEVD has been integrated into FreeBSD current. It was integrated in an incomplete state. However, it is useful in the state that it is in for doing simple things like running camcontrol rescan when a SCSI pcmcia card is inserted, or running /etc/pccard_ether with an ethernet card is inserted. The more sophisticated regular expression matching is not yet complete. Devd only does actions on device arrival and departure, but does not yet do anything with unknown devices. In addition to listening for device events, there is some desire to have /dev/devctl also allow for some direct control of the device tree.
Fast IPsec Status
Contact: Sam Leffler <[email protected]>
The main goal of this project is to modify the IPsec protocols to use the kernel-level crypto subsystem imported from OpenBSD (see elsewhere). A secondary goal is to do general performance tuning of the IPsec protocols.
This work was committed to -current. To configure it for use specify options FAST_IPSEC in your system configuration file. At present support is limited to IPv4.
FreeBSD GNOME Project
URL: http://www.FreeBSD.org/gnome/
Contact: Joe Marcus <[email protected]>
Contact: Maxim Sobolev <[email protected]>
Contact: Adam Weinberger <[email protected]>
These last two months have seen quite a lot of GNOME activity. GNOME has started releasing development snapshots of the upcoming GNOME 2.2 desktop. FreeBSD porting has begun outside of the main ports tree in the MarcusCom CVS repository. If you are interested in testing the new desktop, follow the instructions on the aforementioned cvsweb URL, and checkout the "ports" module.
Evolution 1.2 is also close at hand. Ximian has posted its first release candidate, 1.1.90, which has been ported to FreeBSD, and is available from the MarcusCom CVS repo listed above. As soon as Ximian officially releases Evolution 1.2, it will be placed in the FreeBSD ports tree.
The Mozilla ports have received numerous updates. We are now tracking all three released Mozilla versions. The mozilla-vendor port is tracking the 1.0.x branch, mozilla is tracking 1.1.x, and mozilla-devel is tracking 1.2.x. The mozilla-devel port now has support for anti-aliased fonts as well as a GTK+-2 interface
Finally, the GNOME team would like to welcome its newest team member, Adam Weinberger. Adam has been submitting patches for both GNOME ports as well as documentation. Currently, he has been active in the GNOME 2.2 porting effort. We are happy to have him.
FreeBSD Java Project
URL: http://www.FreeBSD.org/java/
Contact: Greg Lewis <[email protected]>
Since the last status report the BSD Java Porting Team has continued to make steady progress. The most exciting news we have is courtesy of our newest team member, Alexey Zelkin of FreeBSD committer fame.
- Thanks to a lot of hard work, primarily by Alexey, the project is very close to being able to release our first patch set for the 1.4 JDK. Things are reportedly working quite well under -CURRENT, with -STABLE support being only marginally behind (thanks in part to the libc_r MFC by Max Khon).
- The project has released another patchset for the 1.2.2 JDK, mainly to add support for OpenBSD and for JPDA. Most of the projects energy at the moment is focused on 1.3 and 1.4, however we still hope to back port relevant fixes if appropriate to 1.2.2.
- Nate Williams has been hard at work behind the scenes migrating us to a new CVS server which has kindly been donated by the FreeBSD Foundation. The Project appreciates the continued support of the Foundation. Please support them so they can continue to support us and other important FreeBSD efforts!
FreeBSD/MIPS
Contact: Juli Mallett <[email protected]>
A mailing list was created, freebsd-mips, and a Perforce branch was created in //depot/projects/mips. Changes which will be necessary to allow multiple MIPS (and PowerPC) metaports to exist under one architecture port were made, and are being pushed back into the main FreeBSD tree. Some preliminary header work has been done, and porting the ARCBIOS interfaces to the kernel has begun. The toolchain in tree was updated and modified in places to support a FreeBSD/MIPS (Big Endian) target, in the Perforce branch. Some early boot code has proven the GDB MIPS simulator to work, for at least R3000 code, though whether R3000 will be supported has been under discussion. Some initial architectural decisions were also made, to steer current work.
FreeBSD/sparc64 Status Report
Contact: Jake Burkholder <[email protected]>
Contact: Thomas Moestl <[email protected]>
A lot has happened recently for the sparc64 port. Sysinstall and make release work and can be used to build installable snapshots. The gdb5.3 port now works, and, thanks to Thomas Moestl, kernel crash dumps are supported which can be analyzed by gdb. These 2 items are the last things considered necessary by the Core team for FreeBSD/sparc64 to be a Tier 1 architecture, which means that 5.0-RELEASE for sparc64 will be officially supported by the release engineering team and by the security officer team.
Recently Jake Burkholder has been working on alternate installation methods other than bootable iso, including a mini-root filesystem which can be written to the swap partition of an existing machine. Thomas Moestl has been putting some finishing touches on the release process, ensuring that the release documentation can be built properly, and that the port readme files can be generated by the release process.
An experimental iso built with make release is now available on the freebsd ftp site and mirrors in /pub/FreeBSD/development/sparc64/5.0-20021031-SNAP. It is expected that by the middle of November new 5.0-SNAP releases will be available every few days for download and for ftp install, cpu power and bandwidth permitting.
GBDE - Geom Based Disk Encryption
Contact: Poul-Henning Kamp <[email protected]>
GBDE has been committed to -current.
The "Geom Based Disk Encryption" module provides a mechanism for very strong encryption of a GEOM "disk". The algorithm has passed informal review by a couple of seasoned crypto heavy-weights. Any GEOM device can be protected with GBDE, entire physical disks, MBR slices, BSD partitions etc etc. Booting from an encrypted partition is not possible, however.
The focus of GBDE is to protect a "cold" disk media. (FreeBSD is not equipped well for protecting key material on a running system from being compromised.) For a cold media, the only feasible attack on a GBDE protected media is guessing the pass-phrase.
Summary of the GBDE multilevel protection scheme: Up to four separate pass-phrases can unlock their own separate copies of the 2048 bit masterkey. The master-keys are protected using AES/256/CBC keyed with a SHA-2 hash derived from the pass-phrase. A salted MD5 hash over the sectoroffset "cherry-picks" which masterkey bytes participate in the MD5 hash which generates the "kkey" for each particular sector. The kkey AES/128/CBC encrypts the PRNG produced single-use key which AES/128/CBC encrypts the actual sector data.
GBDE has features for master-key destruction and pass-phrase invalidation.
See gbde(4) and gbde(8) for more details.
This software was developed for the FreeBSD Project by Poul-Henning Kamp and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research program.
GEOM - generalized block storage manipulation
URL: http://www.FreeBSD.org/~phk/Geom/
Contact: Poul-Henning Kamp <[email protected]>
The GEOM code is now the default on most (if not all ?) architectures and the few remaining issues in libdisk/sysinstall is being hashed out.
Although we are far from finished developing GEOM, its current feature set is a significant step forward for FreeBSD, providing not only immediate relief for new architectures (sparc64, ia64 etc) but also because it is designed as SMPng code from the start.
This software was developed for the FreeBSD Project by Poul-Henning Kamp and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research program.
Hardware Crypto Support Status
Contact: Sam Leffler <[email protected]>
The goal of this project is to import the OpenBSD kernel-level crypto subsystem. This facility provides kernel- and user-level access to hardware crypto devices for the calculation of cryptographic hashes, ciphers, and public key operations. The main clients of this facility are the kernel RNG (/dev/random), network protocols (e.g. IPsec), and OpenSSL (through the /dev/crypto device).
This work was committed to the -current tree. To configure it for use specify device crypto in your system configuration file or you can load the crypto module. The /dev/crypto device support is brought in with device cryptodev or by loading the cryptodev module. Two crypto device drivers exist: ubsec for Broadcom-based PCI hardware and hifn for Hifn-based PCI hardware.
Integration of this work into the -stable source tree should be completed by the time this report is published.
jp.FreeBSD.org daily SNAPSHOTs project
URL: http://snapshots.jp.FreeBSD.org/
URL: http://www.jp.FreeBSD.org/snapshots/
Contact: Makoto Matsushita <[email protected]>
Recent 5-current release procedure troubles prevent the project from releasing a new snapshots. But 5-current FreeBSD/i386 release is back again in late Oct/2002! I have a plan to build daily FreeBSD/sparc64 snapshots for 5-current. Stay tuned...
jpman project
URL: http://www.jp.FreeBSD.org/man-jp/
URL: ftp://daemon.jp.FreeBSD.org/pub/FreeBSD-jp/man-jp/packages-4.7.0/ja-man-doc-4.7.tgz
Contact: Kazuo Horikawa <[email protected]>
For 4.7-RELEASE, we privately published package ja-man-doc-4.7.tgz which consists of man[1256789] entries 10 days after the 4.7-RELEASE release date. Man3 update god no progress, as updating other sections busied us. We decided to suspend man3 update officially, as we need to spend most of our time to catch up with the forthcoming 5.0-RELEASE.
KDE FreeBSD Project
URL: http://freebsd.kde.org
URL: http://rabarber.fruitsalad.org/
Contact: Will Andrews <[email protected]>
Contact: KDE-FreeBSD Mailinglist <[email protected]>
The KDE/FreeBSD team has been working on two major goals during the last two months, Maintenance of the KDE 3.0.x ports and Preparing the upcoming KDE 3.1 Release.
Maintenance KDE 3.0 conducted by Alan Eldrige: September started with the Removal of the KDE 2.x Ports from the FreeBSD-Repository. Later Packages of KDE 3.0.4 were released and the FreeBSD Ports were updated.
Preparing for KDE 3.1 conducted by Will Andrews: A lot of effort was spent on Improving the Fruitsalad-Build-System. We are now able to create packages directly from the KDE CVS.
KSE Project Status
URL: http://www.FreeBSD.org/kse/
URL: http://www.FreeBSD.org/~julian
Contact: Julian Elischer <[email protected]>
Contact: David Xu <[email protected]>
Contact: Jonathon Mini <[email protected]>
Contact: Daniel Eischen <[email protected]>
The KSE code has now all the basic kernel functionality to start being used by the userland. There are still things to be done for testing and familiarization.
General system utilities have not yet been changed. e.g. ps and top etc. need to know about threads.
There is quite a lot of code in the kernel that still assumes that there is one thread in a process. Signals are not yet handled in the final manner (though they are delivered to a random thread in the process :-/ ).
The system calls and datastructures are now however in place. The test program successfully starts several threads that can be scheduled on different processors, and closes them down again. The userland is probably going to be able to do simple scheduling of pthread threads using KSE by the time that this report is published.
I still need someone to take over the "official" web page since jason left. LaTeX sure isn't my thing.
LibH
URL: http://www.FreeBSD.org/projects/libh.html
URL: http://rtp1.slowblink.com/~libh/
Contact: Antoine Beaupré <[email protected]>
Contact: Alexander Langer <[email protected]>
Not much since the last status report, except that we now have the repo and development web page back online, thanks to the services of John De Boskey who freely provided the necessary hardware and bandwidth to host the project. We have also ported LibH to GCC 3.x, so that it can compile on -CURRENT correctly. This, however, broke tvision, which doesn't compile under GCC 3.x, so we moved to rhtvision but this caused linking problems so we're stuck with no console front end, for now.
Work on a Hui rewrite and SWIG bindings stalled. Alex was able to come up with a simple patch to make the ports system use LibH's pkg_create script to build libh packages, so we're getting closer to a real pkg_create(1) drop-in replacement. I rewrote the milestone list to show a bit more relevant and encouraging tasks that will be dealt with in order to really push LibH forward.
NEWCARD Status Report
Contact: Warner Losh <[email protected]>
Work on newcard continues. A number of bugs have been fixed in the last few months. You are now able to load and unload drivers (including the bridge) to test changes to pccard and/or cardbus bus code. It is now possible to load a driver that has a pccard attachment and have a previously inserted card probe and attach. This is also true for CardBus. A number of issues remain to be solved before 5.0. However, with the integration of devd into the tree nearly all of old functionality of OLDCARD is now present in NEWCARD (the biggest remaining parts are power control for the sockets, as well as pccardc dumpcis).
OSF DCE 1.1 RPC UUIDs
URL: http://www.FreeBSD.org/cgi/cvsweb.cgi/src/lib/libc/uuid
Contact: Marcel Moolenaar <[email protected]>
Universally Unique Identifiers (UUIDs) are 128 bit values that may be generated independently on separate nodes (hosts), which result in globally unique strings. UUIDs are also known as Globally Unique Identifiers (GUIDs). The UUID support for FreeBSD (libc) conforms to the DCE 1.1 RPC specification.
UUID support has been added to FreeBSD -CURRENT, and will be available in version 5.0. It is being extensively used in GPT partition handling for IA-64 platform. For now, a simple manual page has been provided, which outlines information about the provided uuid routines. Many documentation additions and enhancements to uuidgen(1) are in the pipeline.
PowerPC Port
Contact: Peter Grehan <[email protected]>
The PowerPC port has been running diskless on NewWorld G3/G4 machines for a while now. A GEOM module to support Apple Partition Maps is being written. There should be an installable ISO image available in the near future.
RAIDFrame for FreeBSD
URL: http://people.FreeBSD.org/~scottl/rf
Contact: Scott Long <[email protected]>
RAIDFrame was imported into FreeBSD-current in late October, a major milestone after 18 months. It is still very experimental and not suitable for production environments. The website contains a lengthy TODO list which I hope to start attending to soon. Still, I encourage everyone to try it out and report bugs back to me.
Release Engineering
URL: http://www.FreeBSD.org/releng/
URL: http://www.FreeBSD.org/relnotes.html
Contact: <[email protected]>
The Release Engineering (RE) team completed and released FreeBSD 4.7 on 10 October 2002. This release features updates for a number of contributed software programs in the base system, as well as all of the security and bug fixes from FreeBSD 4.6.2. The next release in the 4.X series will be FreeBSD 4.8, which has a scheduled release date of 1 February 2003.
Before that time, however, will be the release of FreeBSD 5.0. Thus far, we have not been able to release the 5.0-DP2 developer snapshot due to various stability issues. Thanks to much effort from many of our fellow developers, we believe that most of these have been resolved. The RE team wishes to emphasize that FreeBSD 5.0 will involve new code and features that have not seen widespread testing, and that more conservative users may wish to continue to track the 4.X series for the near-term future. To provide more information on these issues, we have added an Early Adopter's Guide to the release documentation for 5.0.
Brian Somers has resigned from the RE team due to increased time pressures. We thank him for all of his help with FreeBSD 4.5, 4.6, 4.6.2, and 4.7, and we hope to continue working with him as a fellow developer.
Scott Long has graciously offered to help improve the communication between the RE team and the rest of the developer community. We greatly appreciate his assistance.
TrustedBSD Project
URL: http://www.TrustedBSD.org/
Contact: Robert Watson <[email protected]>
Contact: TrustedBSD Discussion Mailing List <[email protected]>
Most progress on TrustedBSD over the last two months related to improving the maturity of the ACL and MAC implementations, and merging new aspects of those features into the primary FreeBSD CVS Repository for inclusion in FreeBSD 5.0. This included fixes to run better on sparc64, improved tuning of what system objects are mediated, locking fixes and optimizations especially relating to the vnode and pipe implementations, improved support for MAC labeling on symlinks, support for asynchronous process label changes as required in some locking situations, remove use of "temporary labels" and prefer use of object type specific labels reducing redundant and/or confusing label management code in policies, improve avoidance of memory allocation in M_NOWAIT scenarios for socket allocation in the syncache, mediation of link operations, race condition fixes for devfs involving label creation, improve handling of VM events such as mmaping, improve mediation of socket send/receive events (as distinguished from socket transmit/deliver events), support for manipulating EAs on symlinks using new system calls, support for MNT_ACLS and MNT_MULTILABEL flags at mount time, as well as FS_ACLS and FS_MULTILABEL superblock flags to key useful defaults using tunefs, correction of a memory leak in the UFS ACL code, enable UFS ACL support by default in GENERIC, mediation points for file creation, deletion, and rename, support for a mac_execve() execution interface in the style of SELinux's execve_secure() permitting a label transition request as part of the exec operation for policies that support it, more consistent handling of NFS lookups, support for labeling of multicast encapsulated packets, ATM packet labeling, FDDI packet labeling, STF packet labeling, revised label interface that avoids userland parsing of per-policy elements, reducing us to a single instance of parsing and printing for each policy (and further abstracting policy implementation details from the library code).
Also, change to single-level sockets for Biba and MLS policies, support for partial label updates for Biba and MLS, addition of mac.9 man page, revised user API system calls, implementation of mac_get_pid(), and various other related bits, creation of mac.conf(5) to specify label defaults, checks for various system operations including swapon(), settime(), and sysctl(), reboot(), acct(), introduction of command line utilities for maintaining file and process labels, support for user labels tied to login class, su support for label changes, ifconfig support for interface labels, ps support for process labels, ls support for file labels, ftpd support for login labels, development of the Biba and MLS notions of privilege, and a move to C99 sparse structure initialization, restoring full type checking for policy entry points.
Wireless Networking Status
Contact: Sam Leffler <[email protected]>
The goal of this project is to improve the wireless networking support in the system. The initial work will incorporate the 802.11 link layer done by Atsushi Onoe for NetBSD. This core support code implements the basic 802.11 protocols required for Station and AP operation in BSS, IBSS, and Ad Hoc modes of operation. Wireless device drivers will then be revised to use this common code instead of their private implementations.
Following this initial stage the wireless networking support will be extended to support functionality needed for workgroup, enterprise, and metropolitan (e.g. mesh) networking environments. This will include full power management support, the 802.1D spanning tree protocol for running multiple AP's in a bridged configuration, QoS support, and enhanced security protocols (LEAP, AES, EAP). Support for new hardware devices is also planned.
News Home | Status Home