FreeBSD Project Quarterly Status Report - Third Quarter 2019
Here is the third quarterly status report for 2019.
This quarter the reports team has been more active than usual thanks to
a better organization: calls for reports and reminders have been sent
regularly, reports have been reviewed and merged quickly (I would like
to thank debdrup@ in particular for his reviewing work).
Efficiency could still be improved with the help of our community. In
particular, the quarterly team has found that many reports have arrived
in the last days before the deadline or even after. I would like to
invite the community to follow the guidelines below that can help us
sending out the reports sooner.
Starting from next quarter, all quarterly status reports will be
prepared the last month of the quarter itself, instead of the first
month after the quarter's end. This means that deadlines for submitting
reports will be the 1st of January, April, July and October.
Next quarter will then be a short one, covering the months of November
and December only and the report will probably be out in mid January.
-- Lorenzo Salvadore
__________________________________________________________________
FreeBSD Team Reports
* Cluster Administration Team
* Continuous Integration
* FreeBSD Core Team
* FreeBSD Foundation
* FreeBSD Graphics Team status report
* FreeBSD Release Engineering Team
* FreeBSD Security Team
Projects
* FAT / msdosfs support for makefs(8)
* FUSE
* Google Summer of Code 2019
* GSoC'19 Project - MAC policy on IP addresses in Jail: mac_ipacl
* Improving laptop support
* NFS Version 4.2 implementation
* Rockchip RK3399 SoC's eMMC support
* syzkaller on FreeBSD
* TPM2 Software Stack (TSS2)
Kernel
* Casueword(9) livelock
* Kernel Mapping Protections
* Kernel ZLIB Update
* PROT_MAX mmap/mprotect maximum protections API
* Randomized Top of Stack pointer
* Signals delivered on unhandled Page Faults
Architectures
* Broadcom ARM64 SoC support
* FreeBSD support for the forthcoming Arm Morello CPU, SoC, and board
* FreeBSD/powerpc Project
* NXP ARM64 SoC support
Userland Programs
* gets(3) retirement
Ports
* FreshPorts
* Java on FreeBSD
* KDE on FreeBSD
* Ports Collection
* XFCE 4.14 update
Third-Party Projects
* ClonOS: virtualization platform on top of FreeBSD Operating System
* ENA FreeBSD Driver Update
* Nomad pot driver - Orchestrating jails via nomad
* sysctlinfo
__________________________________________________________________
FreeBSD Team Reports
Entries from the various official and semi-official teams, as found in
the Administration Page.
Cluster Administration Team
Contact: Cluster Administration Team <
clusteradm@FreeBSD.org>
The FreeBSD Cluster Administration Team consists of the people
responsible for administering the machines that the Project relies on
for its distributed work and communications to be synchronised. In this
quarter, the team has worked on the following:
* Change IPv6 address in TWN site.
* Solved hardware issues in KWC site (with hrs@).
* Moved remaining infrastructure from the YSV (Yahoo!) site to NYI
(New York Internet) (peter@).
* YSV hosted most of FreeBSD.org between 2000 and 2019.
Installed new machines for portmgr@ courtesy of the FreeBSD
Foundation.
Resolved outtages (thanks uqs@) with GitHub exporter, Bugzilla and
hg-beta (thanks bapt@).
PowerPC64 servers are online (power8) building pkgs and reference
hosts.
Ongoing systems administration work:
* Creating accounts for new committers.
* Backups of critical infrastructure.
* Keeping up with security updates in 3rd party software.
Work in progress:
* Review the service jails and service administrators operation.
* South Africa Mirror (JINX) in progress.
* NVME issues on PowerPC64 Power9 blocking dual socket machine from
being used as pkg builder.
* Drive upgrade test for pkg builders (SSDs) courtesy of the FreeBSD
Foundation.
* Boot issues with Aarch64 reference machines.
* New NYI.net sponsored colocation space in Chicago-land area.
* Setup new host for CI staging environment.
__________________________________________________________________
Continuous Integration
Links
FreeBSD Jenkins Instance
URL:
https://ci.FreeBSD.org
FreeBSD CI artifact archive
URL:
https://artifact.ci.FreeBSD.org/
FreeBSD Jenkins wiki
URL:
https://wiki.freebsd.org/Jenkins
freebsd-testing Mailing List
URL:
https://lists.FreeBSD.org/mailman/listinfo/freebsd-testing
FreeBSD CI Repository
URL:
https://github.com/freebsd/freebsd-ci
Tickets related to freebsd-testing@
URL:
https://preview.tinyurl.com/y9maauwg
Hosted CI wiki
URL:
https://wiki.freebsd.org/HostedCI
FreeBSD CI weekly report
URL:
https://hackmd.io/@FreeBSD-CI
Contact: Jenkins Admin <
jenkins-admin@FreeBSD.org>
Contact: Li-Wen Hsu <
lwhsu@FreeBSD.org>
The FreeBSD CI team maintains continuous integration system and related
tasks for the FreeBSD project. The CI system regularly checks the
committed changes can be successfully built, then performs various
tests and analysis of the results. The results from build jobs are
archived in an artifact server, for the further testing and debugging
needs. The CI team members examine the failing builds and unstable
tests, and work with the experts in that area to fix the code or adjust
test infrastructure. The details are of these efforts are available in
the weekly CI reports.
We had a testing working group at the 201909 DevSummit lwhsu@ has
presented the Testing/CI project status and "how to work with the
FreeBSD CI system", slides are available at the DevSummit page. Some
contents have been migrated to
https://wiki.freebsd.org/Jenkins/Debug ,
extending is welcomed.
We continue publishing CI Weekly Report and moved the archive to
https://hackmd.io/@FreeBSD-CI
Work in progress:
* Collecting and sorting CI tasks and ideas at
https://hackmd.io/bWCGgdDFTTK_FG0X7J1Vmg
* Setup the CI stage environment and put the experimental jobs on it
* Extending and publishing the embedded boards testbed
* Implementing automatic tests on bare metal hardware
* Adding drm ports building test against -CURRENT
* Testing and merging pull requests at
https://github.com/freebsd/freebsd-ci/pulls
* Planning for running ztest and network stack tests
* Help more 3rd software get CI on FreeBSD through a hosted CI
solution
Please see freebsd-testing@ related tickets for more WIP information.
This project was sponsored by The FreeBSD Foundation.
__________________________________________________________________
FreeBSD Core Team
Contact: FreeBSD Core Team <
core@FreeBSD.org>
The FreeBSD Core Team is the governing body of FreeBSD.
* Core has provisionally accepted the BSD+patent license for use in
some cases. The Core Team must approve the import of new BSD+Patent
licensed components or the change of license of existing components
to the BSD+Patent License.
https://opensource.org/licenses/BSDplusPatent
* Kernel Pseudo Random Number Generator (PRNG) maintainership was
updated to reduce the contribution barrier for committers who have
demonstrated competence in this part of the tree.
* Core approved a source commit bit for Pawel/ Biernacki. Konstantin
Belousov <kib@> will mentor Pawel/ and Mateusz Guzik <mjg@> will be
co-mentor.
* The Core-initiated Git Transition Working Group met over the last
quarter, however a report is still forthcoming. Discussions will
continue in the fourth quarter of 2019. There are many issues to
resolve including how to deal with contrib/, whether to re-generate
hashes in the current Git repository, and how to best implement
commit testing.
__________________________________________________________________
FreeBSD Foundation
Contact: Deb Goodkin <
deb@FreeBSDFoundation.org>
The FreeBSD Foundation is a 501(c)(3) non-profit organization dedicated
to supporting and promoting the FreeBSD Project and community
worldwide. Funding comes from individual and corporate donations and is
used to fund and manage software development projects, conferences and
developer summits, and provide travel grants to FreeBSD contributors.
The Foundation purchases and supports hardware to improve and maintain
FreeBSD infrastructure and provides resources to improve security and
quality assurance efforts; publishes marketing material to promote,
educate, and advocate for the FreeBSD Project; facilitates
collaboration between commercial vendors and FreeBSD developers; and
finally, represents the FreeBSD Project in executing contracts, license
agreements, and other legal arrangements that require a recognized
legal entity.
Here are some highlights of what we did to help FreeBSD last quarter:
Partnerships and Commercial User Support We help facilitate
collaboration between commercial users and FreeBSD developers. We also
meet with companies to discuss their needs and bring that information
back to the Project. In Q3, Ed Maste and Deb Goodkin met with a few
commercial users in the US. It is not only beneficial for the above,
but it also helps us understand some of the applications where FreeBSD
is used. We were also able to meet with a good number of commercial
users at vBSDCon and EuroBSDCon. These venues provide an excellent
opportunity to meet with commercial and individual users and
contributors to FreeBSD.
Fundraising Efforts Our work is 100% funded by your donations. We are
continuing to work hard to get more commercial users to give back to
help us continue our work supporting FreeBSD. More importantly, we'd
like to thank our individual donors for making $10-$1,000 donations
last quarter, for more than $16,000!
Please consider making a donation to help us continue and increase our
support for FreeBSD!
We also have the Partnership Program, to provide more benefits for our
larger commercial donors. Find out more information at
www.FreeBSDfoundation.org/FreeBSD-foundation-partnership-program/ and
share with your companies.
OS Improvements The Foundation supports software development projects
to improve the FreeBSD operating system through our full time technical
staff, contractors, and project grant recipients. They maintain and
improve critical kernel subsystems, add new features and functionality,
and fix problems.
Over the last quarter there were 345 commits to the FreeBSD base system
repository sponsored by the FreeBSD Foundation - this represents about
one fifth of all commits during this period. Many of these projects
have their own entries in this quarterly report (and are not repeated
here).
Foundation staff member Konstantin Belousov committed many improvements
to multiple kernel subsystems, as well as low-level 32-bit and 64-bit
x86 infrastructure. These included fixes for robust mutexes, unionfs,
the out of memory (OOM) handler, and per-cpu allocators.
Additional work included fixes for security issues and introduction and
maintenance of vulnerability mitigations, and improving POSIX
conformance.
Ed Maste committed a number of minor security bug fixes and
improvements, as well as the first iteration of a tool for editing the
mitigation control ELF note. Additional work included effort on build
infrastructure and the tool chain.
Clang's integrated assembler (IAS) is now used more widely, as part of
the path to retiring the assembler from GNU binutils 2.17.50. The
readelf tool now decodes some additional ELF note information.
Ed also enabled the Linuxulator (Linux binary support layer) on arm64,
and added a trivial implementation of the renameat2 system call
(handling common options).
Mark Johnston added Capsicum support to a number of ELF Tool Chain
utilities, and committed a number of other Capsicum kernel and userland
fixes.
Mark worked on a number of changes related to security improvements,
including integration and support of the Syzkaller automated system
call fuzzer, and fixing issues identified by Syzkaller. Other changes
included addressing failures caused by refcount wraparound,
improvements to the prot_max memory protection. Other work included
NUMA, locking, kernel debugging, RISC-V and arm64 kernel improvements.
Edward Napierala continued working on Linuxulator improvements over the
quarter. The primary focus continued to be tool improvements - strace
is now more usable for diagnosing issues with Linux binaries running
under the Linuxulator. That said, as with previous work a number of
issues have been fixed along the way. These are generally minor issues
with a large impact - for example, every binary linked against
up-to-date glibc previously segfaulted on startup. This is now fixed.
Continuous Integration and Quality Assurance The Foundation provides a
full-time staff member who is working on improving our automated
testing, continuous integration, and overall quality assurance efforts.
During the third quarter of 2019, Foundation staff continued to improve
the project's CI infrastructure, worked with contributors to fix the
failing build and test cases, and worked with other teams in the
Project for their testing needs. We added several new CI jobs and
worked on getting the hardware regression testing lab ready.
Li-Wen Hsu gave presentations "Testing/CI status update" and "How to
work with the FreeBSD CI system" at the 201909 DevSummit. Slides are
available at the DevSummit page.
We continue publishing the CI weekly report on the freebsd-testing@.
mailing list, and an archive is available.
See the FreeBSD CI section of this report for completed work items and
detailed information.
Supporting FreeBSD Infrastructure The Foundation provides hardware and
support to improve the FreeBSD infrastructure. Last quarter, we
continued supporting FreeBSD hardware located around the world.
FreeBSD Advocacy and Education A large part of our efforts are
dedicated to advocating for the Project. This includes promoting work
being done by others with FreeBSD; producing advocacy literature to
teach people about FreeBSD and help make the path to starting using
FreeBSD or contributing to the Project easier; and attending and
getting other FreeBSD contributors to volunteer to run FreeBSD events,
staff FreeBSD tables, and give FreeBSD presentations.
The FreeBSD Foundation sponsors many conferences, events, and summits
around the globe. These events can be BSD-related, open source, or
technology events geared towards underrepresented groups. We support
the FreeBSD-focused events to help provide a venue for sharing
knowledge, to work together on projects, and to facilitate
collaboration between developers and commercial users. This all helps
provide a healthy ecosystem. We support the non-FreeBSD events to
promote and raise awareness of FreeBSD, to increase the use of FreeBSD
in different applications, and to recruit more contributors to the
Project.
Check out some of the advocacy and education work we did last quarter:
* Sponsored USENIX 2019 Annual Technical Conference as an Industry
Partner
* Represented FreeBSD at OSCON 2019 in Portland, OR
* Represented FreeBSD at COSCUP 2019 in Taiwan
* Presented at the Open Source Summit, North American in San Diego,
CA
* Executive Director Deb Goodkin was interviewed by TFiR
https://www.freebsdfoundation.org/news-and-events/latest-news/tfir-interview-freebsd-meets-linux-at-the-open-source-summit/
* Sponsored FreeBSD Hackathon at vBSDcon 2019 in Reston, VA
* Sponsored the attendee bags and attended vBSDcon 2019 in Reston VA
* Represented FreeBSD at APNIC-48 in Chiang Mai, Thailand
* Represented FreeBSD at MNNOG-1 in Ulaanbaatar, Mongolia
* Served as an administrator for the Project's Google Summer of Code
Session. See the Google Summer of Code section of this report for
more information.
* Sponsored FreeBSD Developers Summit at EuroBSDCon in Lillehammer,
Norway
* Sponsored and attended EuroBSDcon 2019 in Lillehammer, Norway
* Applied and was accepted for a FreeBSD Miniconf at linux.conf.au,
in Gold Coast, Australia, Jan 14, 2020
* Our FreeBSD talk was accepted at seaGL, Seattle, WA, November 15
and 16.
We continued producing FreeBSD advocacy material to help people promote
FreeBSD. Learn more about our recent efforts to advocate for FreeBSD
around the world:
https://www.freebsdfoundation.org/blog/freebsd-around-the-world/
Our Faces of FreeBSD series is back. Check out the latest post: Roller
Angel.
Read more about our conference adventures in the conference recaps and
trip reports in our monthly newsletters:
https://www.freebsdfoundation.org/news-and-events/newsletter/
We help educate the world about FreeBSD by publishing the
professionally produced FreeBSD Journal. As we mentioned previously,
the FreeBSD Journal is now a free publication. Find out more and access
the latest issues at
https://www.FreeBSDfoundation.org/journal/.
You can find out more about events we attended and upcoming events.
We opened our official FreeBSD Swag Store. Get stickers, shirts, mugs
and more at ShopFreeBSD.
We have continued our work with a new website developer to help us
improve our website. Work has begun to make it easier for community
members to find information and to make the site more efficient.
Legal/FreeBSD IP The Foundation owns the FreeBSD trademarks, and it is
our responsibility to protect them. We also provide legal support for
the core team to investigate questions that arise.
Go to
http://www.FreeBSDfoundation.org to find out how we support
FreeBSD and how we can help you!
__________________________________________________________________
FreeBSD Graphics Team status report
Links
Project GitHub page
URL:
https://github.com/FreeBSDDesktop
Contact: FreeBSD Graphics Team <
x11@freebsd.org>
Contact: Niclas Zeising <
zeising@freebsd.org>
The FreeBSD X11/Graphics team maintains the lower levels of the FreeBSD
graphics stack. This includes graphics drivers, graphics libraries such
as the MESA OpenGL implementation, the X.org xserver with related
libraries and applications, and Wayland with related libraries and
applications.
During the last period, several changes have been made, but most of
them has been behind the scene. We have also worked on general clean up
of old xorg ports that have been deprecated upstream.
The ports infrastructure for xorg ports and ports that depend on xorg
ports have been updated. We have switched USE_XORG and XORG_CAT to use
the USES framework, instead of the old way of including bsd.xorg.mk
from bsd.port.mk. This infrastructure work has been fairly substantial,
and new ports depending on xorg ports should add USES=xorg to their
makefiles. As part of this bsd.xorg.mk was split up, and the XORG_CAT
part was split out to USES=xorg-cat. This is used for the xorg ports
themselves, and sets up a common environment for building all xorg
ports. In addition, framework for pulling xorg ports directly from
freedesktop.org gitlab was added, which will make improve development
and testing, since it makes it possible to create ports of unreleased
versions. Further improvements in this area includes framework for
using meson instead of autotools for building xorg ports. This is still
a work in progress.
We have also worked to clean up and deprecate several old xorg ports
and libraries. Some of these ports have already been removed, and some
are still waiting on removal after a sufficient deprecation period.
Most notably amongst the deprecations are x11/libXp, which required to
fix several dependencies. Several other old libraries have also been
deprecated, such as x11/Xxf86misc, x11-fonts/libXfontcache and
graphics/libGLw. Some applications and drivers have also been
deprecated during the period. With the remaining removals in this area,
we should be up to speed with deprecations upstream. We are currently
investigating if there are new software added upstream that we need to
port to FreeBSD.
We have also continued our regularly scheduled bi-weekly meetings.
People who are interested in helping out can find us on the
x11@FreeBSD.org mailing list, or on our gitter chat:
https://gitter.im/FreeBSDDesktop/Lobby. We are also available in
#freebsd-xorg on EFNet.
We also have a team area on GitHub where our work repositories can be
found:
https://github.com/FreeBSDDesktop
__________________________________________________________________
FreeBSD Release Engineering Team
Links
FreeBSD 11.3-RELEASE announcement
URL:
https://www.freebsd.org/releases/11.3R/announce.html
FreeBSD 12.1-RELEASE schedule
URL:
https://www.freebsd.org/releases/12.1R/schedule.html
FreeBSD 12.1-RELEASE BETA/RC builds
URL:
https://download.freebsd.org/ftp/releases/ISO-IMAGES/12.1/
FreeBSD development snapshots
URL:
https://download.freebsd.org/ftp/snapshots/ISO-IMAGES/
Contact: FreeBSD Release Engineering Team <
re@FreeBSD.org>
The FreeBSD Release Engineering Team is responsible for setting and
publishing release schedules for official project releases of FreeBSD,
announcing code freezes and maintaining the respective branches, among
other things.
During the third quarter of 2019, the FreeBSD Release Engineering team
finished the 11.3-RELEASE cycle, with the final release build started
on July 5th and the official announcement sent on July 9th.
FreeBSD 11.3-RELEASE is the fourth release from the stable/11 branch,
building on the stability and reliability of 11.2-RELEASE.
The FreeBSD Release Engineering Team also started work on the upcoming
12.1-RELEASE, which started September 6th. This release cycle is the
first "freeze-less" release from the Subversion repository, and the
test bed for eliminating the requirement of a hard code freeze on
development branches. Commits to the releng/12.1 branch still require
explicit approval from the Release Engineering Team, however.
At present, there have been three BETA builds, and so far, two RC
builds, with the final 12.1-RELEASE build scheduled for November 4th.
Additionally throughout the quarter, several development snapshots
builds were released for the head and stable/11 branches; snapshots for
stable/12 were released as well although not during the 12.1-RELEASE
cycle.
Much of this work was sponsored by Rubicon Communications, LLC
(Netgate) and the FreeBSD Foundation.
__________________________________________________________________
FreeBSD Security Team
Links
FreeBSD security information
URL:
https://www.freebsd.org/security/
Contact: Security Team <
secteam@FreeBSD.org>
Several members of the security team met at the Vendor Summit in
October to formalize team structure dedicated for architecture and
crypto engineering in addition to the existing product security
incident response function.
Since June we have started having fortnightly conference calls to
discuss important issues and to collaborate closely on advisories and
errata notices in the pipeline.
* Security advisories sent out in 2019-Q3: 7
* Errata Notices sent out in 2019-Q3: 5
__________________________________________________________________
Projects
Projects that span multiple categories, from the kernel and userspace
to the Ports Collection or external projects.
FAT / msdosfs support for makefs(8)
Contact: Ed Maste <
emaste@FreeBSD.org>
In order to streamline the process of creating install or virtual
machine system images we needed FAT filesystem support in makefs(8).
Makefs was originally developed in NetBSD, and FAT support was added
there not much later, but after the tool was ported to FreeBSD.
Siva Mahadevan, one of the FreeBSD Foundation's interns from the
University of Waterloo, worked on porting FAT support from NetBSD. I
rebased and updated Siva's work, and committed it during this quarter.
After a few follow-up fixes we are able to build FAT filesystem images
without using md(4) and without requiring root.
This project was sponsored by The FreeBSD Foundation.
__________________________________________________________________
FUSE
Contact: Alan Somers <
asomers@FreeBSD.org>
FUSE (File system in USErspace) allows a userspace program to implement
a file system. It is widely used to support out-of-tree file systems
like NTFS, as well as for exotic pseudo file systems like sshfs.
FreeBSD's fuse driver was added as a GSoC project in 2012. Since that
time, it has been largely neglected. The FUSE software is buggy and
out-of-date. Our implementation is about 11 years behind.
I completed this work during Q3. I fixed a few newly-introduced bugs,
fixed a long-standing sendfile bug that affects FUSE
([236466](
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=236466))
and merged everything to head and stable/12. Then I fixed the resulting
Coverity CIDs. There have been no new FUSE-related bug reports, so I
can only assume that everything is working great. Report any problems
to
asomers@FreeBSD.org.
This project was sponsored by The FreeBSD Foundation.
__________________________________________________________________
Google Summer of Code 2019
Links
2019 Summer of Code Project Wikis
URL:
https://wiki.freebsd.org/SummerOfCode2019Projects
2019 Summer of Code Projects
URL:
https://summerofcode.withgoogle.com/archive/2019/organizations/6504969929228288/
Contact: Summer of Code Admins <
soc-admins@freebsd.org>
The FreeBSD Project is pleased to have participated in Google Summer of
Code 2019 marking our 14th year of participation. This year we had six
successful projects:
* Dual-stack ping command by Ján Sucan
* Firewall test suite by Ahsan Barkati
* Kernel sanitizers by Costin Carabas
* MAC policy on IP addresses for FreeBSD Jail by Shivank Garg
* Separation of ports build process from local installation by Theron
Tarigo
* Virtual memory compression by Paavo-Einari Kaipila
We thank Google for the opportunity to work with these students and
hope they continue to work with FreeBSD in the future.
This project was sponsored by Google Summer of Code.
__________________________________________________________________
GSoC'19 Project - MAC policy on IP addresses in Jail: mac_ipacl
Links
FreeBSD's Phabricator Differential Link
URL:
https://reviews.freebsd.org/D20967
Github Diff Link
URL:
https://github.com/freebsd/freebsd/compare/master...shivankgarg98:shivank_MACPolicyIPAddressJail
Project Wiki Page
URL:
https://wiki.freebsd.org/SummerOfCode2019Projects/MACPolicyIPAddressJail
Contact: Shivank Garg <
shivank@FreeBSD.org>
About - With the introduction of VNET(9) in FreeBSD, Jails are free to
set their IP addresses. However, this privilege may need to be limited
by the host as per its need for multiple security reasons. This project
uses mac(9) for an access control framework to impose restrictions on
FreeBSD jails according to rules defined by the root of the host using
sysctl(8). It involves the development of a dynamically loadable kernel
module (mac_ipacl) based on The TrustedBSD MAC Framework to implement a
security policy for configuring the network stack. This project allows
the root of the host to define the policy rules to limit the root of a
jail to a set of IP (v4 or v6) addresses and/or subnets for a set of
interfaces.
Features this new MAC policy module are:
* The host can define one or more lists of IP addresses/subnets for
the jail to choose from.
* The host can restrict the jail from setting certain IP addresses or
prefixes (subnets).
* The host can restrict this privilege to a few network interfaces.
Implementation - The mac_ipacl module is a loadable kernel module. It
implements mac checks in netinet/in.c and netinet6/in6.c to check the
IP addresses requested by jail. The idea to implement these checks at
these places comes from the fact that SIOCAIFADDR (for IPv4) and
SIOCAIFADDR_IN6 (for IPv6) ioctl handlers are defined for adding the IP
addresses to an interface. This is used by ifconfig (in userspace) for
setting the IP address. The MAC Framework acts as multiplexer between
the netinet and the module. The requested IP and the credentials are
checked with the rules in mac_ipacl and output is returned accordingly
to netinet. The module can be tuned with various sysctl and similarly,
policy rules are also be defined with sysctl.
TestSuite - Test scripts integrated with kyua and ATF are included with
the module.
Using the module - I have written a man page for the module. Please
refer to the mac_ipacl(4) for using the new MAC module and various
examples.
Final Deliverables -
* A loadable kernel module - mac_ipacl in sys/security/mac_ipacl
* ATF tests for the module in tests/sys/mac/ipacl
* A man page for this new mac module - mac_ipacl.4 in
share/man/man4/mac_ipacl.4
This is a new project, developed as part of Google Summer of Code'19
under the guidance of Bjoern A. Zeeb <
bz@FreeBSD.org>. The module is
reviewed and Revision for this project is accepted and ready to land.
It is yet to be merged with FreeBSD HEAD, and waiting to be tested by
few more hands in the industry.
I'll be very thankful if you can give this module a try and share your
valuable experience about it. Please be free to share your ideas and
feedback on this module and please do not hesitate to send me an email.
__________________________________________________________________
Improving laptop support
Contact: Ed Maste <
emaste@FreeBSD.org>
The FreeBSD Foundation would like to ensure that running FreeBSD on
contemporary hardware, including laptops, remains viable. To that end
we plan to purchase the latest generation of one or more of a family of
laptops preferred by members of the FreeBSD community, evaluate the
existing state of hardware support, and implement missing hardware
support where possible.
As the first laptop for this project we have selected a 7th Generation
Lenovo X1 Carbon.
This project was sponsored by The FreeBSD Foundation.
__________________________________________________________________
NFS Version 4.2 implementation
Contact: Rick Macklem <
rmacklem@freebsd.org>
RFC-7862 describes a new minor revision to the NFS Version 4 protocol.
This project implements this new minor revision.
The NFS Version 4 Minor Version 2 protocol adds several optional
features to NFS, such as support for SEEK_DATA/SEEK_HOLE, file copying
done on the server that avoids data transfer over the wire and support
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)