Introduction
This report covers FreeBSD related projects for the period between January and March, and is the first of four planned reports for 2021.
The first quarter of 2021 has been very active in both FreeBSD-CURRENT and -STABLE, with 13.0-RELEASE work starting in January and finishing up mid-April. It provides lots of new features, and there’s even a good chance that some workloads will experience performance improvements.
The number of entries is slightly down, and this is probably due to a combination of factors like code slush as well as the ongoing issues with COVID-19, but we naturally hope that things will look up next quarter. This combined with a switch-over to AsciiDoctor and a decision to make full use of the status report work schedule to avoid stress, means that the report can now be expected to come out at the end of the first month after the quarter has finished, rather than in the middle.
This report in particular includes a number of interesting entries, covering everything from the linuxulator, various mitigation work, long-awaited work on OpenBSM, work on kernel sanitizers, and many more things that it is hoped you will enjoy reading about.
Yours,
Daniel Ebdrup Jensen, with a status hat on.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Table of Contents
• FreeBSD Team Reports
□ FreeBSD Foundation
□ FreeBSD Release Engineering Team
□ Cluster Administration Team
□ Continuous Integration
□ Ports Collection
• Projects
□ Git Migration Working Group
□ LLDB Debugger Improvements
□ Linux compatibility layer update
□ Vulnerability Mitigations
□ OpenBSM Synchronisation
• Kernel
□ ENA FreeBSD Driver Update
□ Intel wireless update
□ Kernel Sanitizers
□ Marvell ARM64 SoCs support
□ nv(9)-based audio device enumeration
• Ports
□ KDE on FreeBSD
□ FreeBSD Office team 2021Q1 status report
□ VirtualBox FreeBSD port
• Documentation
□ DOCNG on FreeBSD
□ FreeBSD Translations on Weblate
□ WebApps working group
• Miscellaneous
□ Discord Server & Community Growth
• Third-Party Projects
□ CBSD Project
□ helloSystem
□ PkgBase.live
□ Potluck & Potman
□ sysctl improvements
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
FreeBSD Team Reports
Entries from the various official and semi-official teams, as found in the Administration Page.
FreeBSD Foundation
Contact: Deb Goodkin <
deb@FreeBSDFoundation.org>
The FreeBSD Foundation is a 501(c)(3) non-profit organization dedicated to supporting and promoting the FreeBSD Project and community worldwide. Funding comes from individual and corporate donations and is used to fund and manage software development projects, conferences and developer summits, and provide travel grants to FreeBSD contributors. The Foundation purchases and supports hardware to improve and maintain FreeBSD infrastructure and provides resources to improve security, quality assurance, and release engineering efforts; publishes marketing material to promote, educate, and advocate for the FreeBSD Project; facilitates collaboration between commercial vendors and FreeBSD developers; and finally, represents the FreeBSD Project in executing contracts, license agreements, and other legal arrangements that require a recognized legal entity.
Here are some highlights of what we did to help FreeBSD last quarter:
COVID-19 Impact to the Foundation
Like most organizations, our team continued to work from home. Our temporary ban on travel for staff members remains in effect, but continues to not affect our output too much, since most conferences are still virtual. We continued supporting the community and Project, even though some of our work and responses may have been delayed because of changes in some of our priorities and the impact of limited childcare for a few of our staff members.
Partnerships and Commercial User Support
We help facilitate collaboration between commercial users and FreeBSD developers. We also meet with companies to discuss their needs and bring that information back to the Project. Not surprisingly, the stay at home orders, combined with our company ban on travel during Q1 made in-person meetings non-existent. However, the team was able to continue meeting with our partners and commercial users virtually. These meetings help us understand some of the applications where FreeBSD is used.
We were thrilled for the opportunity to work with AMD early on to ensure FreeBSD worked on their recently released third generation EPYC series. You can read more about that here:
https://freebsdfoundation.org/news-and-events/ latest-news/freebsd-well-prepared-for-amd-epyc-7003-series-processors/.
Fundraising Efforts
First, we’d like to say thank you to everyone who has given us a financial contribution this year! Last quarter we raised $88,237, which includes donations from organizations like Facebook and Tarsnap, as well as many individuals. We also have a few donation commitments for this quarter.
Going forward this quarter, we will be reaching out to FreeBSD commercial users to help support our growing efforts. At the beginning of 2021, we opened two job positions in our software development team, to increase the amount of support we are able to provide in this area. That includes increasing the amount of code reviews and bug fixes we do and adding some major features to FreeBSD, to help keep FreeBSD the innovative, secure, and reliable operating system you rely on.
You’ll find out how we used your donations for Q1 in our report, as well as individual reports throughout this status report.
We are excited about our plans for 2021, which include more FreeBSD online advocacy and training, operating system course content, and the software development work mentioned above. While we are still in this pandemic, we’re working hard to help connect folks within the community with more virtual opportunities.
Please consider making a donation to help us continue and increase our support for FreeBSD in 2021:
https://www.freebsdfoundation.org/donate/.
We also have the Partnership Program, to provide more benefits for our larger commercial donors. Find out more information and share with your companies!
https://www.freebsdfoundation.org/FreeBSD-foundation-partnership-program/
OS Improvements
Over the quarter a total of 264 base system commits, 63 ports commits, and 10 doc tree commits were tagged as sponsored by the FreeBSD Foundation. The Foundation also sponsored work that was committed to third-party repositories, including 26 commits to LLDB (the LLVM project debugger). This includes work from staff members, interns, and grant recipients. In other quarterly report entries you can read more about some of these sponsored projects, such as LLDB and other kernel debugging improvements, and kernel sanitizers.
As usual, staff members committed numerous bug fixes, minor improvements, and security patches. Focus areas in the kernel included virtual memory, x86 pmap, uma, tmpfs, nullfs, ffs and ufs, and job control improvements.
User space work included changes to the libc, libcasper, and libthr libraries, the run-time linker, as well as the ldd, cmp, diff, makefs, elfctl, growfs, and bhyve utilities.
Foundation staff also participated in many Phabricator code reviews, supported bug triage, integrated a number of submissions from third parties, and supported the Git transition working group.
Foundation staff also supported the promotion of the AArch64 (arm64) architecture to Tier-1 status. Work included additions to freebsd-update, integration of various bug fixes, and test run issue triage.
Continuous Integration and Quality Assurance
The Foundation provides a full-time staff member and funds projects on improving continuous integration, automated testing, and overall quality assurance efforts for the FreeBSD Project.
During the first quarter of 2021, the work was focused on pre-commit tests and building release artifacts in the CI staging environment.
The other main working item is following the VCS migration to change the src source from Subversion to Git and doc changed to AsciiDoc format.
See the FreeBSD CI section of this report for completed work items and detailed information.
Supporting FreeBSD Infrastructure
The Foundation provides hardware and support to improve the FreeBSD infrastructure. Last quarter, we continued supporting FreeBSD hardware located around the world. We coordinated efforts between the new NYI Chicago facility and clusteradm to start working on getting the facility prepared for some of the new FreeBSD hardware we are planning on purchasing. NYI generously provides this for free to the Project. We also worked on connecting with the new owners of the NYI Bridgewater site, where most of the FreeBSD infrastructure is located.
FreeBSD Advocacy and Education
A large part of our efforts are dedicated to advocating for the Project. This includes promoting work being done by others with FreeBSD; producing advocacy literature to teach people about FreeBSD and help make the path to starting using FreeBSD or contributing to the Project easier; and attending and getting other FreeBSD contributors to volunteer to run FreeBSD events, staff FreeBSD tables, and give FreeBSD presentations.
The FreeBSD Foundation sponsors many conferences, events, and summits around the globe. These events can be BSD-related, open source, or technology events geared towards underrepresented groups. We support the FreeBSD-focused events to help provide a venue for sharing knowledge, to work together on projects, and to facilitate collaboration between developers and commercial users. This all helps provide a healthy ecosystem. We support the non-FreeBSD events to promote and raise awareness of FreeBSD, to increase the use of FreeBSD in different applications, and to recruit more contributors to the Project. While we were still unable to attend in-person meetings due to covid-19, we were able to attend virtual events and began planning for the online Spring FreeBSD Developer Summit. In addition to attending and planning virtual events, we are continually working on new training initiatives and updating our selection of how-to guides to facilitate getting more folks to try out FreeBSD.
https:// www.freebsdfoundation.org/freebsd/how-to-guides/
Check out some of the advocacy and education work we did last quarter:
• Presented a workshop at Apricot 2021
• Staffed a virtual stand at FOSDEM 2021 and created a what’s new in 13.0
video to accompany the stand
• Staffed a virtual booth and was a community sponsor for FOSSASIA 2021
• Participated as an Industry Partner for USENIX FAST ‘21
• Committed to be an Industry Partner for USENIX Annual Tech, USENIX OSDI,
USENIX Security and USENIX LISA
• Continued to promote the FreeBSD Office Hours series Videos from the one
hour sessions can be found on the Project’s YouTube Channel:
https://
www.youtube.com/c/FreeBSDProject. See the Office Hours section of this
report for more information.
• Worked with the organizing committee to begin planning the Spring FreeBSD
Developers Summit.
• Continued recruiting for the FreeBSD Fridays series. The series will return
in May.
• Participated in an interview with The Register about FreeBSD 13.0
highlights.
https://www.theregister.com/2021/03/10/the_state_of_freebsd/
Keep up to date with our latest work in our newsletters:
https:// freebsdfoundation.org/our-work/latest-updates/?filter=newsletter
We help educate the world about FreeBSD by publishing the professionally produced FreeBSD Journal. As we mentioned previously, the FreeBSD Journal is now a free publication. Find out more and access the latest issues at
https:// www.freebsdfoundation.org/journal/.
You can find out more about events we attended and upcoming events at
https:// www.freebsdfoundation.org/news-and-events/.
Legal/FreeBSD IP
The Foundation owns the FreeBSD trademarks, and it is our responsibility to protect them. We also provide legal support for the core team to investigate questions that arise.
Go to
http://www.freebsdfoundation.org to find out how we support FreeBSD and how we can help you!
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
FreeBSD Release Engineering Team
Links:
FreeBSD 13.0-RELEASE schedule URL:
https://www.freebsd.org/releases/13.0R/ schedule.html
FreeBSD development snapshots URL:
https://download.freebsd.org/ftp/snapshots/ ISO-IMAGES/
Contact: FreeBSD Release Engineering Team, <
re@FreeBSD.org>
The FreeBSD Release Engineering Team is responsible for setting and publishing release schedules for official project releases of FreeBSD, announcing code freezes and maintaining the respective branches, among other things.
During the first quarter of 2021, the Release Engineering Team started work on the 13.0-RELEASE cycle, the first release from the stable/13 branch. As of this writing, the release is progressing smoothly, with one additional BETA build and two additional RC builds added to the schedule. The schedule has been updated on the FreeBSD Project website to reflect the updates.
Additionally throughout the quarter, several development snapshots builds were released for the head, stable/12, and stable/11 branches. Development snapshot builds for stable/13 will be available after the 13.0 release.
Thank you to all that have helped test the 13.0 builds up until this point and have reported issues. As always, we strive for quality over quantity.
Sponsor: Rubicon Communications, LLC ("Netgate") Sponsor: The FreeBSD Foundation
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Cluster Administration Team
Contact: Cluster Administration Team <
clusteradm@FreeBSD.org>
Links:
Cluster Administration Team members URL:
https://www.freebsd.org/administration /#t-clusteradm
The FreeBSD Cluster Administration Team consists of the people responsible for administering the machines that the Project relies on for its distributed work and communications to be synchronised. In this quarter, the team has worked on the following:
• Installed a new package builder
• Added Git support to cluster management scripts
• Put local Git mirrors on the universe machines
• Replaced disks in the UK mirror
• Replaced a disk in pointyhat (
https://pkg-status.freebsd.org)
• Recycled some old dead-weight servers eating up rackspace and power at our
primary cluster site
• Upgraded developer reference platforms
□ ref{11,12,13,14}-{amd64,i386}
□ universe*
• Installed two new aarch64 machines
□ ref12-aarch64, ref13-aarch64, ref14-aarch64
□ security-officer aarch64 freebsd-update builder
• Worked with asciidoc project to update
https://www.freebsd.org and
https://
docs.freebsd.org
• Installed a new mirror server in Brazil, sponsored by nic.br
□ gdns points everyone from South America to this mirror
□ complete {download,ftp,pkg}.freebsd.org mirror
• Helped rmacklem@ participate in this year’s NFS Bakeathon interoperability
testing event by providing a cluster machine to the testing VPN
• Ongoing day to day cluster management activity
□ Putting out fires
□ Babysitting pkgsync
Work in progress:
• Move pkg-master.nyi to new hardware
• Fix git fallouts
• Upgrade cluster hardware
• Upgrade developer-facing machines to 14-CURRENT
□ Install ref14* machines
• Improve to the package building infrastructure
• Research and test migration away from mailman2
• Work with Git migration working group for ports tree migration
• Review the service jails and service administrators operation
• Improve the web service architecture
• Improve the cluster backup plan
• Setup powerpc pkgbuilder/ref/universal machines
• Prepare for a new mirror site in Australia, to be hosted by IX Australia
• Search for more providers that can fit the requirements for a generic
mirrored layout or a tiny mirror
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Continuous Integration
Links:
FreeBSD Jenkins Instance URL:
https://ci.FreeBSD.org
FreeBSD Hardware Testing Lab URL:
https://ci.FreeBSD.org/hwlab
FreeBSD CI artifact archive URL:
https://artifact.ci.FreeBSD.org
FreeBSD CI weekly report URL:
https://hackmd.io/@FreeBSD-CI
FreeBSD Jenkins wiki URL:
https://wiki.freebsd.org/Jenkins
Hosted CI wiki URL:
https://wiki.freebsd.org/HostedCI
3rd Party Software CI URL:
https://wiki.freebsd.org/3rdPartySoftwareCI
Tickets related to freebsd-testing@ URL:
https://preview.tinyurl.com/y9maauwg FreeBSD CI Repository URL:
https://github.com/freebsd/freebsd-ci
Contact: Jenkins Admin <
jenkins-admin@FreeBSD.org>
Contact: Li-Wen Hsu <
lwhsu@FreeBSD.org>
Contact: freebsd-testing Mailing List
Contact: IRC #freebsd-ci channel on EFNet
The FreeBSD CI team maintains the continuous integration system of the FreeBSD project. The CI system firstly checks the committed changes can be successfully built, then performs various tests and analysis over the newly built results. The artifacts from those builds are archived in the artifact server for further testing and debugging needs. The CI team members examine the failing builds and unstable tests and work with the experts in that area to fix the code or adjust test infrastructure. The details of these efforts are available in the weekly CI reports.
During the first quarter of 2021, we continued working with the contributors and developers in the project to fulfil their testing needs and also keep collaborating with external projects and companies to improve their products and FreeBSD.
Important changes:
• All src jobs were changed to use git to follow VCS migration. Thanks
Brandon Bergren (bdragon@) again.
• Doc job was updated for following the AsciiDoc migration.
New jobs added:
• TCP test suite for main on amd64
• GCC 9 build for main on amd64
Work in progress and open tasks:
• Designing and implementing pre-commit CI building and testing
• Designing and implementing use of CI cluster to build release artifacts as
release engineering does
• Collecting and sorting CI tasks and ideas here
• Testing and merging pull requests in the FreeBSD-ci repo
• Reducing the procedures of CI/test environment setting up for contributors
and developers
• Setting up the CI stage environment and putting the experimental jobs on it
• Setting up public network access for the VM guest running tests
• Implementing automatic tests on bare metal hardware
• Adding drm ports building tests against -CURRENT
• Planning to run ztest and network stack tests
• Adding more external toolchain related jobs
• Improving the hardware lab to be more mature and adding more hardware
• Helping more software get FreeBSD support in their CI pipeline Wiki pages:
3rdPartySoftwareCI, HostedCI
• Working with hosted CI providers to have better FreeBSD support
• The build and test results will be sent to the dev-ci mailing list soon.
Feedback and help with analysis is very appreciated!
Please see freebsd-testing@ related tickets for more WIP information, and don’t
hesitate to join the effort!
Sponsor: The FreeBSD Foundation
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Ports Collection
Links:
About FreeBSD Ports URL:
https://www.FreeBSD.org/ports/
Contributing to Ports URL:
https://docs.freebsd.org/en/articles/contributing/ ports-contributing/
FreeBSD Ports Monitoring URL:
http://portsmon.freebsd.org/
Ports Management Team URL:
https://www.freebsd.org/portmgr/
Ports Tarball URL:
http://ftp.freebsd.org/pub/FreeBSD/ports/ports/
Contact: René Ladan <
portmgr-secretary@FreeBSD.org>
Contact: FreeBSD Ports Management Team <
portmgr@FreeBSD.org>
The Ports Management Team is responsible for overseeing the overall direction of the Ports Tree, building packages, and personnel matters. Below is what happened in the last quarter.
As always, first the quarterly dashboard: * we currently have around 43,800 ports (including flavors). * the open PR count for ports is currently 2477, of which 532 are unassigned. * during the last quarter, 9481 commits were made by 168 committers on the main branch, and 620 commits by 64 committers on the 2021Q1 branch. Compared to 2020Q4, the number of ports again grew by five percent, the number of open PRs dropped a bit, and the number of commits on the main branch grew with almost nine percent.
During the last quarter, we welcomed Neel Chauhan (nc@), Lewis Cook (lcook@), and Nuno Teixeira (eduardo@). Adrian Chadd (adrian@) who is already a src committer got a ports commit bit extension. Tobias Berner (tcberner@) asked if he could join the portmgr-lurker program and was shortly added afterwards.
We sent another mail to the ports@ mailing list outlining further plans for removing Python 2.7 from the Ports Tree. Currently all ports recursively depending on Python 2.7 are marked to expire on 2021-06-23, which unfortunately includes a lot of KDE ports due to the qt5-webengine port. We are evaluating various mitigation strategies.
portmgr has been collaborating with the Git Working Group over the last year to prepare the Ports Tree to be converted to Git. Tasks included: * converting various scripts and tools to support Git * attending Git Working Group meetings * updating documentation * updating various internal and public third-party services * evaluating numerous test conversion (git-beta) results
Regarding the Ports Tree itself, two new USES were introduced: * kodi to ease porting of Kodi add-ons * mpi for dependencies of MPICH and OpenMPI A new default version for ImageMagick was added and the default version for Julia was removed as no Julia port currently exists. pkg was updated to 1.16.3, Firefox to 87.0, and Chromium to 89.0.4389.114
The Cluster Administration Team assisted with getting three new package building machines running in the build cluster. Two are for arm64 builds and one is a general builder.
antoine@ was again busy with exp-runs, 28 this time, to: * test various ports updates * update the clang/LLVM version from 6 to 10 in USES=compiler * reduce includes in /usr/include/crypto
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Projects
Projects that span multiple categories, from the kernel and userspace to the Ports Collection or external projects.
Git Migration Working Group
Links:
Git transition wiki URL:
https://wiki.freebsd.org/git
doc git repo URL:
https://cgit.FreeBSD.org/doc
ports git repo URL:
https://cgit.FreeBSD.org/ports
src (base system) git repo URL:
https://cgit.FreeBSD.org/src
Committers guide Git primer URL:
https://docs.freebsd.org/en/articles/ committers-guide/#git-primer
Handbook Using Git appendix URL:
https://docs.freebsd.org/en/books/handbook/ mirrors/#git
Game of Trees URL:
http://gameoftrees.org/
gitup URL:
https://github.com/johnmehr/gitup
Contact: Li-Wen Hsu <
lwhsu@FreeBSD.org>
Contact: Warner Losh <
imp@FreeBSD.org>
Contact: Ed Maste <
emaste@FreeBSD.org>
Contact: Ulrich Spörlein <
uqs@FreeBSD.org>
Contact: FreeBSD-git mailing list
Contact IRC #gitcvt channel on EFnet
The doc and src trees were migrated from Subversion to Git at the end of 2020, with some additional work extending into the first quarter of 2021. The Git Working Group implemented or updated commit hooks, and prepared for FreeBSD 13 to be built from Git. We converted draft documentation from Markdown to AsciiDoc and merged it into the committer’s guide and handbook.
The ports repository migration to Git started at the end of the quarter, beginning with a final Subversion commit on March 31st to indicate that the conversion started. We are working on portsnap and other ports infrastructure and they will be finished before or soon after the migration.
The Git Working Group continues to track progress on two permissively-licensed git compatible tools: Gitup and Game of Trees. Gitup is a small, dependency-free tool to clone and update git repositories. It is used only to keep a local tree up-to-date, and has no support for local commits.
Game of Trees is a version control client that is compatible with Git repositories. It provides a user interface and workflow that is distinct from that of Git. It is in no way intended to be a drop-in replacement for git, but can be used to develop software maintained in a Git repository.
Gitup and Game of Trees are currently available as ports and packages. Future work will evaluate them as candidates for the base system.
In the second quarter of 2021 we expect to complete some minor remaining migration tasks. This will complete the initial phase of the Git migration, and the working group will wind down. The core team will then begin a new effort to investigate and evaluate new workflow changes.
Sponsor: The FreeBSD Foundation (in part)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
LLDB Debugger Improvements
Links:
Moritz Systems Project Description URL:
https://www.moritz.systems/blog/ lldb-freebsd-cpu-target-support-and-userland-debugging-improvements/
Progress Report 1 URL:
https://www.moritz.systems/blog/ freebsd-remote-process-plugin-on-non-x86-architectures/
Progress Report 2 URL:
https://www.moritz.systems/blog/ freebsd-legacy-process-plugin-removed/
Progress Report 3 URL:
https://www.moritz.systems/blog/ lldb-support-for-fork-and-vfork/
Git Repository URL:
https://github.com/moritz-systems/llvm-project
Contact: Kamil Rytarowski <
kamil@moritz.systems>
Contact: Michał Górny <
mgorny@moritz.systems>
The LLDB project builds on libraries provided by LLVM and Clang to provide a great modern debugger. It uses the Clang ASTs and the expression parser, LLVM JIT, LLVM disassembler, etc so that it provides an experience that “just works”. It is also blazingly fast and more permissively licensed than GDB, the
GNU Debugger.
FreeBSD includes LLDB in the base system. At present, it has some limitations in comparison with the GNU GDB debugger, and does not yet provide a complete replacement. This project aimed to finish porting the FreeBSD platform support in LLDB to the modern client-server model on all architectures originally supported by LLDB on FreeBSD and removing the obsolete plugin.
After switching to the new process model, the project focused on implementing support for tracing fork(2) and vfork(2) syscalls. The proposed model is compatible with the follow-fork-mode setting from GDB. On fork, the debugger can either continuing tracing the parent and detach the child, or switch to tracing the child and detach the parent. The new code makes it possible to debug child processes. It also prevents software breakpoints from leaking to child processes and causing them to crash.
The introduced changes are expected to be shipped with LLDB 13.0.
The overall experience of FreeBSD/LLDB developers and advanced users on this rock solid Operating System reached the state known from other environments. Furthermore, the FreeBSD-focused work also resulted in generic improvements, enhancing the LLDB support for Linux and NetBSD.
TODO: we are currently working on adding a ptrace(2) request to create a core dump of the stopped program without crashing it. Afterwards, we are planning to improve LLDB test coverage for core dump support and work on any issues we might hit.
Sponsor: The FreeBSD Foundation
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Linux compatibility layer update
Contact: Edward Tomasz Napierala, <
trasz@FreeBSD.org>
Linuxulator improvements have been ongoing for the last two years, with support from the FreeBSD Foundation over a few distinct project grants as well as contributions from the community. The goal of this project is to improve FreeBSD’s ability to execute unmodified Linux binaries. Current support status
of specific Linux applications is being tracked at the Linux app status Wiki page.
The work this quarter focused on making sure the 13.0-RELEASE ships with Linuxulator in a good shape, and fixing problems reported by users. There are some new directories provided by linsysfs(5), the lack of which, through a curious chain of events, broke installation of make(1) in Ubuntu Focal. The getcwd(2) syscall was fixed to no longer return the wrong error value for certain conditions, which was breaking Mono. The getsockopt(2) syscall now supports SO_PEERSEC and SO_PEERGROUPS, which are being used by su(8) and sudo (8). Other fixes include flag handling for 32-bit send(2) syscall, and several ptrace(2) problems, which were affecting Steam games. The kernel version was bumped to 3.17.0 to unbreak Qt applications from Focal. The sysutils/ debootstrap port, and its corresponding debootstrap package, now correctly handle Ubuntu’s GPG keys. The debootstrap utility now installs the mremap(2) workaround for apt(8). This reduces the number of steps required to set up Linux chroot or jail. Finally there have been some improvements to the startup scripts.
Sponsor: The FreeBSD Foundation
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Vulnerability Mitigations
Contact: Ed Maste <
emaste@FreeBSD.org>
Contact: Konstantin Belousov <
kib@FreeBSD.org>
Contact: Marcin Wojtas <
mw@FreeBSD.org>
Contact: Dawid Górecki <
dgr@semihalf.com>
We added support for enforcing a write XOR execute mapping policy. It is enabled by setting the kern.elf64.allow_wx and/or kern.elf32.allow_wx sysctls to 0 (for 64-bit and 32-bit binaries, respectively). Binaries can indicate that they requre writeable and executable mappings by setting the NT_FREEBSD_FCTL_WXNEEDED ELF feature bit, set via elfctl.
In addition, elfctl received a few usability improvements to support use by ports, targeting different FreeBSD base system versions. We added a -i flag to
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)