FreeBSD Quarterly Status Report - First Quarter 2019
Edward Tomasz Napierała
trasz at freebsd.org
Tue Jun 4 14:01:40 UTC 2019
FreeBSD Project Quarterly Status Report - 1st Quarter 2019
As spring leads into summer, we reflect back on what the FreeBSD
project has accomplished in the first quarter of 2019. Events included
FOSDEM and AsiaBSDCon, the FreeBSD Journal is now free to everyone,
ASLR is available in -CURRENT and KPTI can be controlled per-process.
The run up to 11.3-RELEASE has begun, and a team is applying syzkaller
guided fuzzing to the kernel, plus so much more. Catch up on many new
and ongoing efforts throughout the project, and find where you can
pitch in.
__________________________________________________________________
FreeBSD Team Reports
* Continuous Integration
* FreeBSD Core Team
* FreeBSD Foundation
* FreeBSD Release Engineering Team
* Ports Collection
Projects
* AXP803 PMIC driver update
* Broadcom ARM64 SoC support
* C Runtime changes
* Capsicum
* CFT - Package Base
* ENA FreeBSD Driver Update
* FreeBSD boot security improvements
* FUSE
* Kernel ZLIB Update
* LLVM's lld as the FreeBSD system linker
* mlx5 Drivers Update
* PCI Express Resets
* Security-Related changes
Architectures
* FreeBSD/RISC-V Update
Ports
* FreeBSD GNOME status report
* FreeBSD KDE status report
Third-Party Projects
* FreeBSD Wiki Apple Intel Mac mini update
* Fuzzing FreeBSD with syzkaller
* sysctlmibinfo API 1.0
* sysctlview 1.0
* University of Waterloo Co-operative Education Students
__________________________________________________________________
FreeBSD Team Reports
Entries from the various official and semi-official teams, as found in
the Administration Page.
Continuous Integration
Links
FreeBSD Jenkins Instance
URL: https://ci.FreeBSD.org
FreeBSD CI artifact archive
URL: https://artifact.ci.FreeBSD.org/
FreeBSD Jenkins wiki
URL: https://wiki.freebsd.org/Jenkins
freebsd-testing Mailing List
URL: https://lists.FreeBSD.org/mailman/listinfo/freebsd-testing
freebsd-ci Repository
URL: https://github.com/freebsd/freebsd-ci
Tickets related to freebsd-testing@
URL: https://preview.tinyurl.com/y9maauwg
Hosted CI wiki
URL: https://wiki.freebsd.org/HostedCI
FreeBSD CI weekly report
URL: https://hackfoldr.org/freebsd-ci-report/
Contact: Jenkins Admin <jenkins-admin at FreeBSD.org>
Contact: Li-Wen Hsu <lwhsu at FreeBSD.org>
The FreeBSD CI team maintains continuous integration system and related
tasks for the FreeBSD project. The CI system regularly checks the
changes committed to the project's Subversion repository can be
successfully built, and performs various tests and analysis of the
results. The results from build jobs are archived in an artifact
server, for the further testing and debugging needs. The CI team
members examine the failing builds and unstable tests, and work with
the experts in that area to fix the code or adjust test infrastructure.
Starting from this quarter, we started to publish CI weekly report at
freebsd-testing@ mailing list. The archive is available at
https://hackfoldr.org/freebsd-ci-report/
We also worked on extending test executing environment to improve the
code coverage, temporarily disabling flakey test cases, and opening
tickets to work with domain experts. The details are of these efforts
are available in the weekly CI reports.
We published the draft FCP for CI policy and are ready to accept
comments.
Please see freebsd-testing@ related tickets for more information.
Work in progress:
* Fixing the failing test cases and builds
* Adding drm ports building test against -CURRENT
* Implementing automatic tests on bare metal hardware
* Implementing the embedded testbed
* Planning for running ztest and network stack tests
* Help more 3rd software get CI on FreeBSD through a hosted CI
solution
__________________________________________________________________
FreeBSD Core Team
Contact: FreeBSD Core Team <core at FreeBSD.org>
The FreeBSD Core Team is the governing body of FreeBSD.
Core initiated a Release Engineering Charter Modernization working
group. The purpose of the working group is to present (to Core) a
modernized version of the Release Engineering Charter and a first
version of a new Release Engineering Team Operations Plan. The group
hopes to complete its goals and dissolve by 2019-06-30.
The Core Team invites all members of the FreeBSD community to complete
the 2019 FreeBSD Community Survey.
https://www.research.net/r/freebsd2019
The purpose of the survey is to collect quantitative data from the
public in order to help guide the project's priorities and efforts. It
will remain open for 17 days and close at midnight May 13 UTC (Monday
5pm PDT). (Editor's note: Survey has finished)
Core voted to approve source commit bits for Johannes Lundberg
(johalun@) and Mitchell Horne (mhorne@) and associate membership for
Philip Jocks. Core also voted to revoke Michael Dexter's documentation
bit.
After a long lapse of not closing idle source commit bits, core has
taken in the commit bit for these developers. We thank each for
contributing to the project as a source committer.
* Alfred Perlstein (alfred@)
* Eric Badger (badger@)
* Daniel Eischen (deischen@)
* Ermal Luçi (eri@)
* Tony Finch (fanf@)
* Justin T. Gibbs (gibbs@)
* Imre Vadász (ivadasz@)
* Julio Merino (jmmv@)
* John W. De Boskey (jwd@)
* Kai Wang (kaiw@)
* Luigi Rizzo (luigi@)
* Neel Natu (neel@)
* Craig Rodrigues (rodrigc@)
* Stanislav Sedov (stas@)
* Thomas Quinot (thomas@)
* Andrew Thompson (thompsa@)
* Pyun YongHyeon (yongari@)
* Zbigniew Bodek (zbb@)
__________________________________________________________________
FreeBSD Foundation
Contact: Deb Goodkin <deb at FreeBSDFoundation.org>
The FreeBSD Foundation is a 501(c)(3) non-profit organization dedicated
to supporting and promoting the FreeBSD Project and community
worldwide. Funding comes from individual and corporate donations and is
used to fund and manage software development projects, conferences and
developer summits, and provide travel grants to FreeBSD contributors.
The Foundation purchases and supports hardware to improve and maintain
FreeBSD infrastructure and provides resources to improve security,
quality assurance, and release engineering efforts; publishes marketing
material to promote, educate, and advocate for the FreeBSD Project;
facilitates collaboration between commercial vendors and FreeBSD
developers; and finally, represents the FreeBSD Project in executing
contracts, license agreements, and other legal arrangements that
require a recognized legal entity.
Here are some highlights of what we did to help FreeBSD last quarter:
We kicked off the year with an all-day board meeting in Berkeley, where
FreeBSD began, to put together high-level plans for 2019. This included
prioritizing technologies and features we should support, long-term
planning for the next 2-5 years, and philosophical discussions on our
purpose and goals.
Partnerships and Commercial User Support
We began the year by meeting with a few commercial users, to help them
navigate working with the Project, and understanding how they are using
FreeBSD. We're also in the process of setting up meetings for Q2 and
throughout the rest of 2019. Because we're a 501(c)(3) non-profit, we
don't directly support commercial users. However, these meetings allow
us to focus on facilitating collaboration with the community.
Fundraising Efforts
Our work is 100% funded by your donations. We kicked off the year with
many individual and corporate donations, including donations and
commitments from NetApp, Netflix, Intel, Tarsnap, Beckhoff Automation,
E-Card, VMware, and Stormshield. We are working hard to get more
commercial users to give back to help us continue our work supporting
FreeBSD. Please consider making a donation to help us continue and
increase our support for FreeBSD at: www.FreeBSDfoundation.org/donate/.
We also have the Partnership Program, to provide more benefits for our
larger commercial donors. Find out more information at
https://www.FreeBSDfoundation.org/FreeBSD-foundation-partnership-program/
and share with your companies!
OS Improvements
The Foundation improves the FreeBSD operating system by employing our
technical staff to maintain and improve critical kernel subsystems, add
features and functionality, and fix problems. This also includes
funding separate project grants like the arm64 port, porting the
blacklistd access control daemon, and the integration of VIMAGE
support, to make sure that FreeBSD remains a viable solution for
research, education, computing, products and more.
Over the quarter there were 241 commits from nine Foundation-sponsored
staff members and grant recipients.
We kicked off or continued the following projects last quarter:
* FUSE file system kernel support (update and bug fixes)
* Linuxulator testing and diagnostics improvements
* SDIO and WiFi infrastructure improvements
* x86-64 scalability and performance improvements
* OpenZFS Online RAID-Z Expansion
Having software developers on staff has allowed us to jump in and work
directly on projects to improve FreeBSD like:
* amd64 and i386 pmap improvements and bugfixes
* address userland threading library issues
* improve i386 support to keep the platform viable
* improve FreeBSD on RISC-V
* application of the Capsicum sandboxing framework
* build system improvements and bug fixes
* respond to reports of security issues
* implement vulnerability mitigations
* tool chain updates and improvements
* adding kernel code coverage support for the Syzkaller
coverage-guided system call fuzzer
* improved Syzkaller support for FreeBSD
* improve the usability of freebsd-update
* improve network stack stability and address race conditions
* ensure FreeBSD provides userland interfaces required by
contemporary applications
* implement support for machine-dependent optimized subroutines
* update and correct documentation and manpages
* DTrace bug fixes
* update the FreeBSD Valgrind port and try to upstream the changes
Continuous Integration and Quality Assurance
The Foundation provides a full-time staff member who is working on
improving our automated testing, continuous integration, and overall
quality assurance efforts.
During the first quarter of 2019, Foundation staff continued improving
the project's CI infrastructure, working with contributors to fix
failing build and test cases, and working with other teams in the
project for their testing needs. In this quarter, we started publishing
the CI weekly report on the freebsd-testing@ mailing list.
See the FreeBSD CI section of this report for more information.
Release Engineering
The Foundation provides a full-time staff member to oversee the release
engineering efforts. This has provided timely and reliable releases
over the last five years.
During the first quarter of 2019, the FreeBSD Release Engineering team
continued providing weekly development snapshots for 13-CURRENT,
12-STABLE, and 11-STABLE.
In addition, the Release Engineering team published the schedule for
the upcoming 11.3-RELEASE cycle, the fourth release from the stable/11
branch, which builds on the stability and reliability of 11.2-RELEASE.
The upcoming 11.3-RELEASE schedule can be found at:
https://www.freebsd.org/releases/11.3R/schedule.html
FreeBSD 11.3 is currently targeted for final release in early July
2019.
Please see the FreeBSD Release Engineering Team section of this
quarterly status report for additional details surrounding the above
mentioned work.
Supporting FreeBSD Infrastructure
The Foundation provides hardware and support to improve FreeBSD
infrastructure. Last quarter, we continued supporting FreeBSD hardware
located around the world.
FreeBSD Advocacy and Education
A large part of our efforts are dedicated to advocating for the
Project. This includes promoting work being done by others with
FreeBSD; producing advocacy literature to teach people about FreeBSD
and help make the path to starting using FreeBSD or contributing to the
Project easier; and attending and getting other FreeBSD contributors to
volunteer to run FreeBSD events, staff FreeBSD tables, and give FreeBSD
presentations.
The FreeBSD Foundation sponsors many conferences, events, and summits
around the globe. These events can be BSD-related, open source, or
technology events geared towards underrepresented groups. We support
the FreeBSD-focused events to help provide a venue for sharing
knowledge, to work together on projects, and to facilitate
collaboration between developers and commercial users. This all helps
provide a healthy ecosystem. We support the non-FreeBSD events to
promote and raise awareness of FreeBSD, to increase the use of FreeBSD
in different applications, and to recruit more contributors to the
Project.
Check out some of the advocacy and education work we did last quarter:
* Attended FOSDEM 2019 where we: staffed the FreeBSD Stand, sponsored
the co-located FreeBSD Developer Summit, and gave the 25 Years of
FreeBSD presentation in the BSD Dev room.
* Sponsored and presented at SANOG33 in Thimphu, Bhutan
* Represented FreeBSD at APRICOT 2019 in Yuseong-gu, Daejeon South
Korea
* Sponsored the USENIX FAST conference in Boston, MA as an Industry
Partner
* Ran our first ever FreeBSD track at SCALE 17x, which included an
all-day Getting Started with FreeBSD workshop. We were thrilled
with the turnout of almost 30 participants and received a lot of
positive feedback. Thanks to Roller Angel who taught the class with
the help of Deb Goodkin and Gordon Tetlow. We also promoted FreeBSD
at the FreeBSD table in the Expo Hall.
* Sponsored, presented, and exhibited at FOSSASIA in Singapore
* Sponsored AsiaBSDCon 2019
* Committed to sponsoring Rootconf, BSDCan, and EuroBSDcon
* Created registration systems for the Aberdeen Hackathon and the
upcoming 2019 Vienna FreeBSD Security Hackathon
* Provided FreeBSD advocacy material
* Provided 3 travel grants to FreeBSD contributors to attend many of
the above events.
We continued producing FreeBSD advocacy material to help people promote
FreeBSD around the world.
Read more about our conference adventures in the conference recaps and
trip reports in our monthly newsletters.
We help educate the world about FreeBSD by publishing the
professionally produced FreeBSD Journal. We're excited to announce that
with the release of the January/February 2019 issue, the FreeBSD
Journal is now a free publication. Find out more and access the latest
issues at www.FreeBSDfoundation.org/journal/.
You can find out more about events we attended and upcoming events at
www.FreeBSDfoundation.org/news-and-events/.
We also engaged with a new website developer to help us improve our
website to make it easier for community members to find information
more easily and to make the site more efficient.
Legal/FreeBSD IP
The Foundation owns the FreeBSD trademarks, and it is our
responsibility to protect them. We also provide legal support for the
core team to investigate questions that arise.
Go to www.FreeBSDfoundation.org to find out how we support FreeBSD and
how we can help you!
__________________________________________________________________
FreeBSD Release Engineering Team
Links
FreeBSD 11.3-RELEASE schedule
URL: https://www.freebsd.org/releases/11.3R/schedule.html
FreeBSD development snapshots
URL: https://download.freebsd.org/ftp/snapshots/ISO-IMAGES/
Contact: FreeBSD Release Engineering Team <re at FreeBSD.org>
The FreeBSD Release Engineering Team is responsible for setting and
publishing release schedules for official project releases of FreeBSD,
announcing code freezes and maintaining the respective branches, among
other things.
During the first quarter of 2019, the FreeBSD Release Engineering team
published the initial schedule for the upcoming the 11.3-RELEASE.
FreeBSD 11.3-RELEASE will be the fourth release from the stable/11
branch, building on the stability and reliability of 11.2-RELEASE.
FreeBSD 11.3-RELEASE is currently targed for release in early July,
2019.
Additionally throughout the quarter, several development snapshots
builds were released for the head, stable/12, and stable/11 branches.
Much of this work was sponsored by the FreeBSD Foundation.
__________________________________________________________________
Ports Collection
Links
About FreeBSD Ports
URL: https://www.FreeBSD.org/ports/
Contributing to Ports
URL: https://www.freebsd.org/doc/en_US.ISO8859-1/articles/contributing/ports-contributing.html
FreeBSD Ports Monitoring
URL: http://portsmon.freebsd.org/index.html
Ports Management Team
URL: https://www.freebsd.org/portmgr/index.html
Contact: René Ladan <portmgr-secretary at FreeBSD.org>
Contact: FreeBSD Ports Management Team <portmgr at FreeBSD.org>
As always, below is a summary of what happened in the Ports Tree during
the last quarter.
During 2019q1, the number of ports dropped slightly to just over
32,500. At the end of the quarter, we had 2092 open port PRs. The last
quarter saw 8205 commits from 167 committers. So more PRs were closed
and more commits were made than in 2018q4.
During the last quarter, we welcomed Kai Knoblich (kai@) and said
goodbye to Matthew Rezny (rezny@).
On the infrastructure side, two new USES were introduced (azurepy and
sdl) and USES=gecko was removed. The default versions of Lazarus and
LLVM were bumped to 2.0.0 and 8.0 respectively. Some big port
frameworks that were end-of-life were removed: PHP 5.6, Postgresql 9.3,
Qt4, WebKit-Gtk and XPI. Firefox was updated to 66.0.2, Firefox-ESR to
60.6.1, and Chromium was updated to 72.0.3626.121.
During the last quarter, antoine@ ran 30 exp-runs for package updates,
moving from GNU ld to LLVM ld, and switching clang to DWARF4.
__________________________________________________________________
Projects
Projects that span multiple categories, from the kernel and userspace
to the Ports Collection or external projects.
AXP803 PMIC driver update
Contact: Ganbold Tsagaankhuu <ganbold at FreeBSD.org>
The AXP803 is a highly integrated PMIC that targets Li-battery (Li-ion
or Li-polymer) applications. It provides flexible power management
solution for processors such as the Allwinner A64 SoC. This SoC is used
by Pinebook.
The following updates were performed on the AXP803 driver:
* Enabled necessary bits when activating interrupts. This allows
reading some events from the interrupt status registers. These
events are reported to devd via system "PMU" and subsystem
"Battery", "AC" and "USB" such as plugged/unplugged, battery
absent, charged and charging.
* Added sensors support for AXP803/AXP813. Sensor values such as
battery charging, charge state, voltage, charging current,
discharging current, battery capacity can be obtained via sysctl.
* Added sysctl for setting battery charging current. The charging
current can be set using steps from 0 to 13. These steps correspond
to 200mA to 2800mA, with a granularity of 200mA/step.
__________________________________________________________________
Broadcom ARM64 SoC support
Contact: Michal Stanek <mst at semihalf.com>
Contact: Marcin Wojtas <mw at semihalf.com>
The Semihalf team continued working on FreeBSD support for the Broadcom
BCM5871X SoC series
BCM5871X are quad-core 64-bit ARMv8 Cortex-A57 communication processors
targeted for networking applications such as 10G routers, gateways,
control plane processing and NAS.
Completed since the last update:
* iProc PCIe root complex (internal and external buses)
* OTP (One Time Programmable memory) driver
In progress:
* BNXT Ethernet support
* Crypto engine acceleration for IPsec offloading.
Todo:
* Upstreaming of work. This work is expected to be submitted/merged
to HEAD in the second half of 2019.
This project was sponsored by Juniper Networks, Inc.
__________________________________________________________________
C Runtime changes
Contact: Konstantin Belousov <kib at freebsd.org>
Several changes where made to the C runtime which generally improves
the environment provided to an application.
Fix for libraries with initial exec TLS mode
Some libraries, most prominent of which is NVidia-provided and thus
binary-only libGL.so.1, use so called initial exec mode for TLS
variables access. This is the fastest mode of TLS access, but its
drawback is that it only reliably work when the main binary is linked
against the library, i.e. dlopen-ing the library to load it at runtime
is not guaranteed to work.
This mode works by placing the TLS variables for objects in one area
allocated during the executable initialization, which somewhat explains
the name of the mode. An obvious consequence is that if such library is
loaded later, there is no space in the TLS area for an application to
put its TLS variables.
The FreeBSD dynamic linker is aware of misbehaviour of the app
builders, and provides some amount of slack in the TLS area to give
space for such libraries. But it appeared that the initial content of
the TLS segment from libraries was not distributed among the threads'
TLS areas, still breaking libraries which use initial exec mode for
TLS.
Another issue that somewhat mitigates mis-use of the mode is the
DF_STATIC_TLS flag in the dynamic section. This flag allows the linker
to check for the space earlier and avoid loading dependencies if there
is no total required space. This linker flag was implemented by the BFD
ld linker, but not by the LLVM lld linker.
The FreeBSD dynamic linker was fixed to properly distribute TLS
initialization data to all threads' initial segments, which required
reasonably extensive per-architecture changes to libc and libthr.
Simultaneously, LLD was improved to mark libraries using initial exec
TLS mode with the appropriate flag.
These measures should make FreeBSD more resilent to improperly linked
libraries. The most interesting fix is to users of the nvidia libgl
library, because it cannot be fixed by relinking.
Use rtld malloc in libthr
The FreeBSD implementation of mutexes in libthr allocates some memory
to keep the mutex data needed for mutex initialization. In contrast,
the malloc implementation used by FreeBSD, jemalloc(3), requires
working pthread mutexes for operation.
This creates a chicken-and-egg problem during executable startup, and
requires jemalloc to provide fragile hacks to make it possible to
initialize mutexes. This has been a constant source of mismatches on
imports of new versions of jemalloc.
The FreeBSD rtld implementation already contained a very light-weight
malloc implementation, suitable for limited use in pre-C-runtime
environments. This seemed to be the ideal fit for an allocator for the
pthread private mutexes memory. By using this allocator, a method to
address the cyclic dependencies between jemalloc and libthr could
finally be implemented.
The entry points in the rtld malloc.c were renamed to avoid a clash
with the libc exported symbols, and now the file is linked statically
into libthr, providing an allocator for private mutexes and pthread key
storage. The later was already switched to direct use of mmap(2) for
similar reasons. Now less memory is wasted when key storage requires
less than a page.
Destructors order bug
Alexander Kabaev (kan@) noted that C++ destructors for the static
objects from the linked shared libraries are executed before C++
destructors of the static objects from the main binary. This was
verified both for clang++ and g++, but amusingly not for
__attribute__(((destructor))).
The bug was introduced when init functions and init arrays for main
binary startup are called from the rtld instead of csu (C startup code
linked to the binary, typically from crt1.o). The cause is due to the
somewhat complicated way of how destructors are called both by
fini/fini arrays and rtld-registered atexit(3) handler.
Solution is to register rtld atexit(3) handler before main binary init
functions are called, using new internal ABI __libc_atexit() function.
It is amusing that the bug was not noticed for so many years.
This project was sponsored by The FreeBSD Foundation.
__________________________________________________________________
Capsicum
Links
Capsicum Wiki Page
URL: https://wiki.FreeBSD.org/Capsicum
Contact: Enji Cooper <ngie at freebsd.org>
Contact: Mark Johnston <markj at FreeBSD.org>
Contact: Ed Maste <emaste at FreeBSD.org>
Contact: Mariusz Zaborski <oshogbo at FreeBSD.org>
Contact: Bora Özarslan <borako.ozarslan at gmail.com>
Three themes for Capsicum work were:
* Importing Google's Capsicum test suite into FreeBSD
* Porting and sandboxing openrsync for FreeBSD
* Applying capsicum to additional base system utilities
The Googletest-based Capsicum test cases are now integrated into
FreeBSD. After some discussion with David Drysdale - the main
maintainer and developer for the Capsicum port on Linux - we decided
that from now the FreeBSD will be upstream for Capsicum test cases.
The next major step was sandboxing openrsync. In the course of that
work we extended our fileargs service with two new functionalities. We
modified the fileargs service to allow limiting the operations which
can be performed, and can now delegate lstat to the Casper service.
Furthermore, openrsync highly depends on the fts API. We spend some
time in optimizing fts and making it sandbox friendly by introducing
fts_openat function and removing the need to change the working
directory to traverse the paths. The changes to the fts API are now in
the tests phase.
Moreover, we improved bootstrapping for non-FreeBSD machines. Thanks to
this work we can now build tools needed to bootstrap FreeBSD which use
Casper services. In the base system strings is now sandboxed as a
result.
We also sandboxed rtsol, rtsold, and savecore.
We host biweekly Capsicum calls. The notes from the meetings are
published in FreeBSD's Capsium meeting repository on GitHub. If you
would like to join the call do not hesitate to send us an email.
__________________________________________________________________
CFT - Package Base
Links
Package Base CFT - FAQ
URL: https://trueos.github.io/pkgbase-docs/
Contact: Kris Moore <kmoore at FreeBSD.org>
The TrueOS project has been working on a Package Base implementation,
and is pleased to issue its first CFT to the FreeBSD community.
The TrueOS packaging work has been in development for close to 6
months, and differs from the original FreeBSD package base effort, in
that it is an "out of tree" implementation. It allows any version of
FreeBSD to be packaged, and only requires a patch to poudriere, as well
as some minor ports enhancements, the first which is currently in
review. For more information on the current status, please refer to the
FAQ page.
Additionally there will be a working-group at BSDCan 2019, and we
encourage porters to attend and join the discussion.
This project was sponsored by iXsystems Inc.
__________________________________________________________________
ENA FreeBSD Driver Update
Links
ENA README
URL: https://github.com/amzn/amzn-drivers/blob/master/kernel/fbsd/ena/README
Contact: Michal Krawczyk <mk at semihalf.com>
Contact: Marcin Wojtas <mw at semihalf.com>
ENA (Elastic Network Adapter) is the smart NIC available in the
virtualized environment of Amazon Web Services (AWS). The ENA driver
supports multiple transmit and receive queues and can handle up to 100
Gb/s of network traffic, depending on the instance type on which it is
used.
ENAv2 has been under development for FreeBSD, similar to Linux and
DPDK. Since the last update internal review and improvements of the
patches were done, followed by validation on various AWS instances.
To do:
* Upstream of the ENAv2 patches
Recently, AWS released the A1 instances which are arm64 instances. The
FreeBSD kernel was fixed, so the ENA can be used on those instances
with no issues. There were changes required in resource activation in
the ENA driver r345371 and the addition of a missing bus release method
to the nexus module for aarch64 r345373. With these changes, the ENA
driver can run on A1 instances without any known issues.
This project was sponsored by Amazon.com Inc.
__________________________________________________________________
FreeBSD boot security improvements
Links
Veriexec manifest verification in kernel
URL: https://svnweb.freebsd.org/changeset/base/345830
TPM as entropy source
URL: https://svnweb.freebsd.org/changeset/base/345438
UEFI support in libsecureboot
URL: https://svnweb.freebsd.org/changeset/base/344840
Contact: Michal Stanek <mst at semihalf.com>
Contact: Marcin Wojtas <mw at semihalf.com>
Contact: Kornel Duleba <mindal at semihalf.com>
FreeBSD gained TPM 2.0 (Trusted Platform Module) support at the end of
2018. A kernel configuration option, TPM_HARVEST, was also added to use
the TPM RNG as system entropy source. When used this way, the TPM can
be harvested every ten seconds for entropy which is mixed into the OS
entropy pool. The kernel option is currently disabled by default in
amd64 GENERIC kernel configuration.
UEFI Secure Boot support, developed by Semihalf, has been merged with
sjg's Veriexec support, resulting in a unified library named
libsecureboot. This library is used for verification of kernel and
modules by the loader. The library uses BearSSL as the cryptographic
backend. The library supports loading trusted and blacklisted
certificates from UEFI (DB/DBx databases) and can use them as trust
anchors for the verification.
The library is also used by Veriexec to verify and parse the
authentication database (called 'manifest') in the kernel. Previously
the manifest was verified and parsed by a userspace application, then
sent to the kernel via /dev/veriexec, which was a significant
limitation and a security weakness.
To do:
* Backport to stable branches.
Special thanks to sjg and Juniper for fruitful cooperation around
Veriexec and the libsecureboot development.
This project was sponsored by Stormshield.
__________________________________________________________________
FUSE
Contact: Alan Somers <asomers at FreeBSD.org>
FUSE (File system in USErspace) allows a userspace program to implement
a file system. It is widely used to support out-of-tree file systems
like NTFS, as well as for exotic pseudo file systems like sshfs.
FreeBSD's fuse driver was added as a GSoC project in 2012. Since that
time, it has been largely neglected. The FUSE software is buggy and
out-of-date. Our implementation is about 11 years behind.
The FreeBSD Foundation has agreed to fund a project to improve the
state of the FreeBSD FUSE driver. So far I've written a test suite for
the fusefs(5) module, fixed 1 previously reported bug, discovered and
fixed 6 new bugs, fixed all of fusefs's Coverity CIDs, made some minor
performance enhancements and done some general cleanup. During the next
quarter I plan to continue fixing bugs, and I'll also raise the
driver's API level as high as I can before the quarter runs out. We're
currently at 7.8; the highest defined level is 7.28.
This project was sponsored by The FreeBSD Foundation.
__________________________________________________________________
Kernel ZLIB Update
Links
Review D19706
URL: https://reviews.freebsd.org/D19706
Contact: Yoshihiro Ota <ota at j.email.ne.jp>
The FreeBSD system still uses an ancient (over 20 year-old) version of
zlib (version 1.0.4). The FreeBSD kernel zlib implementation has
special enhancements only used by netgraph. There is a separate version
of code derived from unzip 5.12 used to inflate gzip files in the
kernel which could be replaced with a more modern zlib. More detailed
information is written in sys/modules/zlib/README in the review.
In order to use the latest zlib, version 1.2.11, work has been done to
revisit all existing zlib uses in the system. Most of the code works
with the newer version of zlib as is. The unzip code will need some
conversion work to use the newer zlib. A few callers will be made
simplier by using some newer APIs available in the updated zlib. There
are some zombie programs that have been broken and I would like to
delete.
This will clean up zombie programs and duplicated zlib code. This will
also make future zlib version updates easier.
These changes touch some very sensitive areas of the system, such as
kernel loading, or are architecture specific like armv6/armv7, and also
touch some legacy code like kgzip+kgzldr on i386. Testers and active
users of these legacy zlib code are welcomed.
* armv elf_trampoline Arm up to v5 can boot from gzipped kernel. This
code is modified to use newer API for simplicity. Please verify
gzipped kernel still boots with new code (Current code has fall
back to legacy zlib in case of failure). Please also elaborate how
to link such kernel, too. I'm still trying to figure that out.
* netgraph compression/decompression Please help testing and/or teach
how to test. Netgraph compiles in the FreeBSD zlib version inside.
* gzipped a.out Does anyone use gzipped a.out executables, still? If
so, does someone have an easy and safe program to run? Is a.out
format i386 only?
* zfs boot Can we boot from gzipped file system today?
* CTF Checking how I can test.
__________________________________________________________________
LLVM's lld as the FreeBSD system linker
Links
LLD on the FreeBSD Wiki
URL: https://wiki.freebsd.org/LLD
lld exp-run
URL: https://bugs.freebsd.org/214864
Contact: Ed Maste <emaste at freebsd.org>
In FreeBSD-HEAD and 12.0 the default FreeBSD system linker (i.e.,
/usr/bin/ld) is LLVM's lld, on amd64, arm64, and armv7. For i386 in
12.0 lld is used as the bootstrap linker (i.e., to build the kernel and
base system) but it is not enabled as the system linker because of
multiple issues building FreeBSD ports with it enabled.
The primary issue affecting i386 with lld is that many ports build
position-dependent code (i.e., non-PIC) for use in shared libraries.
This either comes from omitting the -fPIC compiler flag, or using
hand-written position-dependent assembly. Compared with other CPU
architectures i386 position-independent code is rather inefficient,
which may be responsible for port authors making an explicit decision
to avoid PIC.
By default lld does not allow position-dependent code in shared objects
(in particular, it does not permit relocations against read-only
segments - typically containing the`.text` section).
Over the last quarter many commits were made to the ports tree to fix
the build when the system linker is lld - either building PIC code, or
adding the -znotext linker flag to permit relocations against read-only
segments, or just switching the port to link with GNU ld if it is
incompatible with lld in some other way.
At this point there are only a few dozen open bug reports for issues
linking ports with lld as the system linker, and I expect FreeBSD 12.1
to use lld as the system linker on i386 as well.
Tasks:
* Fix freepascal/Lazarus ports with lld
* Triage and address remaining port failures
* Holistic review of lld workarounds in the ports tree, to identify
changes that are no longer needed, should be addressed in lld, or
should be sent upstream
This project was sponsored by The FreeBSD Foundation.
__________________________________________________________________
mlx5 Drivers Update
Links
Mellanox OFED for FreeBSD Documentation
URL: http://www.mellanox.com/page/products_dyn?product_family=193&mtag=freebsd_driver
Contact: Slava Shwartsman, Hans Petter Selasky, Konstantin Belousov <freebsd-drivers at mellanox.com>
The mlx5 driver provides support for PCI Express adapters based on
ConnectX-4(LX), ConnectX-5(EX) and ConnectX-6(DX). The mlx5en driver
provides support for Ethernet and the mlx5ib driver provides support
for InfiniBand and RDMA over Converged Ethernet, RoCE.
Following updates done in mlx5 drivers:
* Added support for ConnectX-6 and ConnectX-6dx devices, which
support of up to 200Gb/s interface speeds!
* Added TLS hardware offload support for ConnectX-6dx devices. TLS Tx
crypto offload is a new feature for network devices. It enables the
kernel TLS socket to skip encryption and authentication operations
on the transmit side of the data path, delegating those to the NIC.
In turn, the network adapter encrypts packets that belong to an
offloaded TLS socket on the fly. The Mellanox network adapter does
not modify any packet headers. It expects to receive fully framed
TCP packets with TLS records as payload. The NIC replaces plaintext
with ciphertext and fills the authentication tag. The adapter does
not hold any state beyond the context needed to encrypt the next
expected packet, i.e. expected TCP sequence number and crypto
state.
* Add support for Dynamic Receive Queue Interrupt Moderation. Dynamic
Interrupt Moderation (DIM) refers to any action made by hardware
and/or software on run time to control interrupt rate on the
system. The moderation action itself should not interfere with the
system's operation and should not require any human interaction. In
networking, dynamic interrupt moderation is used for controlling
the rate of interrupts generated by the hardware for multiple
traffic scenarios.
* Enhanced support for self-healing mechanism: In a rare occasion
when Mellanox network adapters fail, due to a firmware bug for
example, the driver will sense the catastrophic error. As a result
of this failure detection, the device driver can trigger a firmware
reset for the device so it can recover - without the need to reboot
the entire host.
* Added support for in-driver firmware updating using mlx5tool.
This project was sponsored by Mellanox Technologies.
__________________________________________________________________
PCI Express Resets
Contact: Konstantin Belousov <konstantinb at mellanox.com>
Sometimes the need to reset a device attached to the system presents
itself. Preferrably this device reset can be accomplished without
causing the whole machine to reboot. It is easy to do with USB devices
if the physical access is available -- you can just re-plug the device.
For in-chassis devices, built-in, or on add-on cards, it is not
possible to reset the device with physical action, unless the device is
hot-plugged. Nonetheless, for typical modern PCIe devices, and most
built-in PCI-emulation devices, the reset can be initiated using
software actions.
If device is a real plugged-in PCIe device, then reset can be initiated
by disabling and then re-training PCIe-link by the upstream port
controls. For most PCI devices, which support the PCI power management
specification, the proven way to accomplish the reset is to put the
device into state D3 (off) and then return to the previous power state.
FreeBSD was missing a way to conveniently request user- or
driver-initiated reset of devices. While it was possible to manually
fiddle with registers using pciconf, this is impractical for users, and
requires a lot of boilerplate code from drivers.
A new BUS_RESET_CHILD() method was added to the newbus bus interface,
and implementations added for PCIe bridges and PCI devices. The
libdevctl(3) library call and devctl(8) command provide convenient
userspace accessors for applications and administrators.
During the reset, the device driver must stop its operations with the
device. One way to achieve this is to detach drivers before reset, and
re-attach after the device afterwards. This is mostly fine for network
interfaces, but other devices require more coordination to handle
properly. For example, an NVMe disk device being detached it means that
all mounted volumes abruptly disapper from VFS view. Due to this, the
BUS_RESET_CHILD() method allows the caller to select either
detach/re-attach or suspend/resume driver actions around the reset.
Mellanox uses the infrastructure to perform reset of the mlx(5) card
after firmware reset without server reboot. It is believed that 'devctl
reset' will be more widely useful.
This project was sponsored by Mellanox Technologies.
__________________________________________________________________
Security-Related changes
Contact: Konstantin Belousov <kib at freebsd.org>
ASLR
The ASLR (Address Space Layout Randomization) patch from review D5603
was committed into svn. While debate continues about the current and
forward-looking value ASLR provides, having an implementation in the
FreeBSD source tree makes it easily available to those who wish to use
it. This also moves the conversation past the relative merits to more
comprehensive security controls.
KPTI per-process control
The KPTI (Kernel Page Table Isolation) implementation was structured so
that most selections of page isolation mode were local to the current
address space. In other words, the global control variable pti was
almost unused in the code paths, instead the user/kernel %cr3 values
were directly loaded into registers or compared to see if the user page
table was trimmed. Some missed bits of code were provided by Isilon,
and then bugs were fixed and last places of direct use of pti were
removed.
Now when the system starts in the pti-enabled mode, proccontrol(1) can
be used by root to selectively disable KPTI mode for children of a
process. The motivation is that if you trust the program that you run,
you can get the speed of non-pti syscalls back, but still run your
normal user session in PTI mode. E.g., firefox would be properly
isolated.
Feature-control bits
Every FreeBSD executable now contains a bit mask intended for
enabling/disabling security-related features which makes sense for the
binary. This mask is part of the executable segments loaded on image
activation, and thus is part of any reasonable way to authenticate the
binary content.
For instance, the ASLR compatibility is de-facto the property of the
image and not of the process executing the image. The first (zero) bit
in the mask controls ASLR opt-out. Other OSes (e.g. Solaris) used an
OS-specific dynamic flag, which has the same runtime properties but
leaves less bits to consume in the feature-control mask.
The feature-control mask is read both by kernel and by rtld during
image activation. It is expected that more features will be added to
FreeBSD and the mask can be used for enabling/disabling those
features..
It is expected that a tool to manipulate the mask will be provided
shortly, see review D19290.
This project was sponsored by The FreeBSD Foundation.
__________________________________________________________________
Architectures
Updating platform-specific features and bringing in support for new
hardware platforms.
FreeBSD/RISC-V Update
Contact: Ruslan Bukin <br at FreeBSD.org>
Contact: Mitchell Horne <mhorne at FreeBSD.org>
Contact: Mark Johnston <markj at FreeBSD.org>
Work has continued on RISC-V port in the past quarter.
Support for transparent superpage promotion was added to the RISC-V
port, meaning that applications will now automatically use large page
mappings when possible. Per-CPU pmap activation tracking was added,
reducing the overhead of various pmap operations. This noticeably
improves the responsiveness of FreeBSD when running in a multi-CPU
virtual machine.
A RISC-V implementation of minidumps was completed. Support for
debugging RISC-V kernel dumps will land in devel/gdb after the next GDB
release.
It is now possible to compile the in-tree LLVM's RISC-V target by
setting WITH_LLVM_TARGET_RISCV=YES in /etc/src.conf. The use of LLVM to
compile the RISC-V port is currently experimental and further
investigation is ongoing.
Work is ongoing to bring up FreeBSD on SiFive's HiFive Unleashed
development board now that one has been obtained by a FreeBSD
developer. We also expect to work on support for a new version of the
SBI specification.
This project was sponsored by The FreeBSD Foundation, DARPA, AFRL.
__________________________________________________________________
Ports
Changes affecting the Ports Collection, whether sweeping changes that
touch most of the tree, or individual ports themselves.
FreeBSD GNOME status report
Links
GNOME FreeBSD
URL: https://freebsd.org/gnome/
GNOME development Repo
URL: https://github.com/freebsd/freebsd-ports-gnome
Contact: Koop Mast <kwm at FreeBSD.org>
Contact: Eric Turgeon <ericbsd at FreeBSD.org>
Ports activity in this quarter were:
* The x11-toolkits/gtk30 port updated to 3.24.5 and later to 3.24.7.
* The www/webkit2-gtk3 port was updated to 2.24.0.
* And the old insecure webkit-gtk2 and webkit-gtk3 where finally
removed.
Work in progress, the branches are available in the GNOME development
repo, see the link above.
* Eric Turgeon is working on MATE 1.22 in the mate-1.22 branch. And
is almost complete.
* Charlie Li (IRC: vishwin) is working on a long overdue update of
the cinnamon desktop. This update is almost complete. The only real
blocker is that the screensaver can't be unlocked after it
activates. The work is in the cinnamon branch.
* Koop Mast works on GNOME 3.32. The desktop is usable apart from gdm
which is currently non-functional. Due to lack of free time the
work is going slowly. This work is available in the gnome-3.32
branch.
People who are willing to contribute can find us on #freebsd-gnome on
freenode.
__________________________________________________________________
FreeBSD KDE status report
Links
KDE FreeBSD
URL: https://freebsd.kde.org/
Contact: Adriaan de Groot <adridg at FreeBSD.org>
Contact: Tobias C. Berner <tcberner at FreeBSD.org>
The two biggest accomplishements this quarter were:
* Qt4 and all its consumers have been removed from the ports tree.
* www/qt5-webengine has been updated from the ancient 5.9.4 to 5.12.x
by kai@
Further we have kept the KDE Frameworks, Plasma and Applications ports
up to date with upstreams releases, which thanks to upstreams'
FreeBSD-CI uses less and less patches.
All the kde@ maintained ports (including cmake) have been kept up to
date with their releases.
The plans for the next quarter are in no particular order
* Cleanup PyQt ports and pyqt.mk
* Improve qt.mk components
* Update sddm to 0.18.x
* Implement user management functionality in system settings (write
non-logind backend)
People who are willing to contribute can find us on #kde-freebsd on
freenode, and the kde at FreeBSD.org mailing list. Further we accept
pull-requests and contributions on
github.com/freebsd/freebsd-ports-kde.
__________________________________________________________________
Third-Party Projects
Many projects build upon FreeBSD or incorporate components of FreeBSD
into their project. As these projects may be of interest to the broader
FreeBSD community, we sometimes include brief updates submitted by
these projects in our quarterly report. The FreeBSD project makes no
representation as to the accuracy or veracity of any claims in these
submissions.
FreeBSD Wiki Apple Intel Mac mini update
Links
FreeBSD Wiki
URL: https://wiki.freebsd.org/IntelMacMini
Contact: Trevor Roydhouse <fbsdwiki at gmx.net>
The FreeBSD Wiki page for the Apple Intel Mac minis has been
comprehensively updated over the last quarter to drag it from 2009 into
2019.
There are now detailed instructions for installing FreeBSD as the only
operating system on models from 2007 through 2014 and itemised model
specific information detailing FreeBSD support.
If anyone is interested, help is needed to provide more specific
information for the macmini 1,1 and 6,1 through 8,1 models and to test
patches for the asmc(4) driver for temperature sensor feedback and for
setting fan speed. If you would like to help and have access to these
Mac minis, please contact me.
Future tasks:
* Create and test more patches for asmc(4) to cover all Intel Mac
minis
* Provide more information for 2006, 2012, 2014 and 2018 Mac minis
* Instructions for dual boot (macOS/FreeBSD) installations
__________________________________________________________________
Fuzzing FreeBSD with syzkaller
Links
syzkaller
URL: https://github.com/google/syzkaller
Contact: Mark Johnston <markj at FreeBSD.org>
Contact: Andrew Turner <andrew at FreeBSD.org>
Contact: Michael Tuexen <tuexen at FreeBSD.org>
Contact: Ed Maste <emaste at FreeBSD.org>
Syzkaller is a coverage-guided system call fuzzer. It was originally
developed for Linux. It programmatically creates programs consisting of
sequences of random system calls and executes them in a VM (virtual
machine). Using feedback from a kernel code coverage facility called
kcov, syskaller mutates the generated test programs in an attempt to
expand the executed coverage of code paths within the kernel. Sometimes
exercising a seldom or infrequently used code path will crash the
kernel. When syzkaller manages to crash the running kernel in the VM,
it attempts to generate a minimal test case which reproduces the crash,
simplifying debugging. Syzkaller is very effective at finding kernel
bugs and has uncovered hundreds of issues in Linux. Over the past
couple of years, syzkaller's author, Dmitry Vyukov, has added support
for other operating systems, including FreeBSD.
Recently, a number of FreeBSD developers have been using syzkaller to
find and fix bugs in the FreeBSD kernel. If interested, one can search
the commit logs for "syzkaller" to find examples. Syzkaller can be run
on a FreeBSD or Linux host to fuzz FreeBSD running in QEMU instances.
It can also fuzz FreeBSD instances running on GCE (Google Compute
Engine). Additionally, Google maintains a dedicated cluster of GCE
hosts to continuously fuzz the latest builds of several different OS
kernels. A FreeBSD target was recently added. Subscribe to the
syzkaller-freebsd-bugs Google Group to receive notifications for newly
discovered bugs.
Work is ongoing to improve syzkaller's coverage of FreeBSD's system
calls. In particular, syzkaller needs to be taught about all of the
target kernel's entry points and argument types in order to be useful.
Many of the standard POSIX system calls are already covered, but most
FreeBSD-specific system calls are not. Similarly, many ioctl(2)
definitions are missing.
Some in-progress work aims to add support for bhyve as a VM backend for
syzkaller, making it easier to fuzz FreeBSD VMs hosted on FreeBSD.
Currently that can be done using QEMU, but QEMU on FreeBSD lacks
support for hardware acceleration. See the PR for the implementation.
Finally, a number of bugs identified by syzkaller have yet to be fixed.
If you are interested in helping out with any of the above, please mail
the contacts listed above.
This project was sponsored by The FreeBSD Foundation.
__________________________________________________________________
sysctlmibinfo API 1.0
Links
gitlab.com/alfix/sysctlmibinfo
URL: https://gitlab.com/alfix/sysctlmibinfo
Contact: Alfonso Sabato Siciliano <alfonso.siciliano at email.com>
Port: devel/libsysctlmibinfo
The sysctl() system call can get or set the value of a 'property' of
the system. A 'property' has others info (description, type, label,
etc.), they are necessary to build an utility like /sbin/sysctl,
example:
% sysctl -d kern.ostype
kern.ostype: Operating system type
% sysctl -t kern.ostype
kern.ostype: string
Primarily sysctlmibinfo wraps the undocumented kernel interface and
provides an easy C API: sysctlmif_name(), sysctlmif_description(),
sysctlmif_info(), sysctlmif_label(), sysctlmif_nextnode() and
sysctlmif_nextleaf(), to retrieve the info of a 'property'.
Moreover sysctlmibinfo provides a high level API: defines a struct
sysctlmif_object and has some function: sysctlmif_filterlist(),
sysctlmif_grouplist() and sysctlmif_tree(), to build lists and trees of
objects.
You can use this library to quickly build a custom sysctl utility. For
example, the core of deskutils/sysctlview (a graphical explorer for the
sysctl MIB Tree) is just a call to sysctlmif_tree() and a visit to the
resulting tree to show its sysctlmif_object nodes.
Note, actually a 'property' is an OID of the sysctl MIB, it is
implemented by a struct sysctl_oid defined in sys/sysctl.h.
__________________________________________________________________
sysctlview 1.0
Links
gitlab.com/alfix/sysctlview
URL: https://www.gitlab.com/alfix/sysctlview
Contact: Alfonso Sabato Siciliano <alfonso.siciliano at email.com>
Port: deskutils/sysctlview
The FreeBSD's kernel maintains a Management Information Base where the
objects are properties to tuning the system using the sysctl() syscall
and the /sbin/sysctl utility. The sysctlview utility is a "graphical
sysctl MIB explorer", it depends on gtkmm (to build a GUI) and
sysctlmibinfo (to retrieve the info from the kernel).
The version 1.0 provides two "TreeView":
* "Main" to show 'name', 'description', 'type', 'format' and 'value'
* "Flags" to show 'name' and a column for each 'flag' defined in
sys/sysctl.h
The rows are "clickable" to display others info (e.g., 'label').
Currently sysctlview can show numeric and string values, the support
for some opaque value will be added in the future.
__________________________________________________________________
University of Waterloo Co-operative Education Students
Contact: Ed Maste <emaste at freebsd.org>
For the January-April 2019 term the FreeBSD Foundation has again
brought on two co-operative education (co-op) students from the
University of Waterloo.
Gerald Aryeetey is a 2nd year Computer Engineering student. Gerald
started looking at a FreeBSD tool chain issue - our static library
archiver (ar) did not read or write archives in the 64-bit format.
Gerald submitted a libarchive change to support 64-bit archives
followed by change to FreeBSD's ar to add 64-bit support.
Gerald later looked at a number of freebsd-update issues in FreeBSD's
bugzilla database, and submitted many fixes. Around a dozen have been
committed to FreeBSD, and more are in review.
Gerald also worked on the FreeBSD Foundation's hardware continuous
integration effort. The prototype installation is building FreeBSD on a
commit-by-commit basis and testing on a BeagleBone Black and a Pine64
LTS. The prototype will be converted to a permanent, public
installation in the near future, after which additional test devices
will be added.
For his final project Gerald intends to write a device driver for the
Microchip LAN743x PCIe NIC.
Bora Özarslan is a 3rd year student in Computing and Financial
Management. Bora's initial focus was also on tool chain issues in
FreeBSD, starting with improvements or bug fixes in FreeBSD's readelf
(from the ELF Tool Chain project).
Bora developed a tool to modify feature control bits in ELF binaries -
for example, allowing binaries incompatible with ASLR to request to
opt-out. As part of his readelf work Bora also added support to report
the status of the feature control bits.
Bora continued investigating security topics, looking at applying
Capsicum sandboxing to Kristaps' BSD licensed rsync implementation,
openrsync. This work required first implementing fileargs_lstat support
in cap_fileargs (which as now been committed) as well as changes to the
fts directory hierarchy routines (which have not yet been committed to
FreeBSD).
For the rest of the work term Bora will investigate and test unmodified
Linux Docker containers on FreeBSD, to evaluate the state of
Linuxulator support.
This project was sponsored by The FreeBSD Foundation.
__________________________________________________________________
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 642 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20190604/8f53285a/attachment.sig>
More information about the freebsd-current
mailing list