March 29, 2017

187: Catching up to BSD

1 hour 15 minutes

Catching up to BSD, news about the NetBSD project, a BSD Phone, and a bunch of OpenBSD and TrueOS News.

This episode was brought to you by

href="http://www.digitalocean.com/" title="DigitalOcean">

href="http://www.tarsnap.com/bsdnow" title="Tarsnap">

Headlines

NetBSD 7.1 released

This update represents a selected subset of fixes deemed important for security or stability reasons, as well as new features and enhancements.

Kernel

compat_linux(8): Fully support sched_setaffinity and sched_getaffinity, fixing, e.g., the Intel Math Kernel Library.

DTrace:

Avoid redefined symbol errors when loading the module.

Fix module autoload.

IPFilter:

Fix matching of ICMP queries when NAT'd through IPF.

Fix lookup of original destination address when using a redirect rule. This is required for transparent proxying by squid, for example.

ipsec(4): Fix NAT-T issue with NetBSD being the host behind NAT.

Drivers

Add vioscsi driver for the Google Compute Engine disk.

ichsmb(4): Add support for Braswell CPU and Intel 100 Series.

wm(4):

Add C2000 KX and 2.5G support.

Add Wake On Lan support.

Fixed a lot of bugs

Security Fixes

NetBSD-SA2017-001 Memory leak in the connect system call.

NetBSD-SA2017-002 Several vulnerabilities in ARP.

ARM related

Support for Raspberry Pi Zero.

ODROID-C1 Ethernet now works.

Summary of the preliminary LLDB support project

What has been done in NetBSD

Verified the full matrix of combinations of wait(2) and ptrace(2) in the following

GNU libstdc++ std::call_once bug investigation test-cases

Improving documentation and other minor system parts

Documentation of ptrace(2) and explanation how debuggers work

Introduction of new siginfo(2) codes for SIGTRAP

New ptrace(2) interfaces

What has been done in LLDB

Native Process NetBSD Plugin

The MonitorCallback function

Other LLDB code, out of the NativeProcessNetBSD Plugin

Automated LLDB Test Results Summary

Plan for the next milestone

fix conflict with system-wide py-six

add support for auxv read operation

switch resolution of pid -> path to executable from /proc to sysctl(7)

recognize Real-Time Signals (SIGRTMIN-SIGRTMAX)

upstream !NetBSDProcessPlugin code

switch std::call_once to llvm::call_once

add new ptrace(2) interface to lock and unlock threads from execution

switch the current PT_WATCHPOINT interface to PT_GETDBREGS and PT_SETDBREGS

Actually building a FreeBSD Phone

There have been a number of different projects that have proposed building a FreeBSD based smart phone

This project is a bit different, and I think that gives it a better chance to make progress

It uses off-the-shelf parts, so while not as neatly integrated as a regular smartphone device, it makes a much better prototype, and is more readily available.

Hardware overview: X86-based, long-lasting (user-replaceable) battery, WWAN Modem (w/LTE), 4-5" LCD Touchscreen (Preferably w/720p resolution, IPS), upgradable storage.

Currently targeting the UDOO Ultra platform. It features Intel Pentium N3710 (2.56GHz Quad-core, HD Graphics 405 [16 EUs @ 700MHz], VT-x, AES-NI), 2x4GB DDR3L RAM, 32GB eMMC storage built-in, further expansion w/M.2 SSD & MicroSD slot, lots of connectivity onboard.

Software: FreeBSD Hypervisor (bhyve or Xen) to run atop the hardware, hosting two separate hosts.

One will run an instance of pfSense, the "World's Most Popular Open Source Firewall" to handle the WWAN connection, routing, and Firewall (as well as Secure VPN if desired).

The other instance will run a slimmed down installation of FreeBSD. The UI will be tweaked to work best in this form factor & resources tuned for this platform. There will be a strong reliance on Google Chromium & Google's services (like Google Voice).

The project has a detailed log, and it looks like the hardware it is based on will ship in the next few weeks, so we expect to see more activity.

***

News Roundup

NVME M.2 card road tests (Matt Dillon)

DragonFlyBSD’s Matt Dillon has posted a rundown of the various M.2 NVMe devices he has tested

SAMSUNG 951

SAMSUNG 960 EVO

TOSHIBA OCZ RD400

INTEL 600P

WD BLACK 256G

MYDIGITALSSD

PLEXTOR M8Pe

It is interesting to see the relative performance of each device, but also how they handle the workload and manage their temperature (or don’t in a few cases)

The link provides a lot of detail about different block sizes and overall performance

***

ZREP ZFS replication and failover

"zrep", a robust yet easy to use ZFS based replication and failover solution. It can also serve as the conduit to create a simple backup hub.

The tool was originally written for Solaris, and is written in ksh

However, it seems people have used it on FreeBSD and even FreeNAS by installing the ksh93 port

Has anyone used this? How does it compare to tools like zxfer?

There is a FreeBSD port, but it is a few versions behind, someone should update it

We would be interested in hearing some feedback

***

Catching up on some TrueOS News

TrueOS Security and Wikileaks revelations

New Jail management utilities

Ken Moore's talk about Sysadm from Linuxfest 2016

The Basics of using ZFS with TrueOS

***

Catching up on some OpenBSD News

OpenBSD 6.1 coming May 1

OpenBSD Foundation 2016 Fundraising (goal: $250K actual: $573K)

The OpenBSD Foundation 2017 Fundraising Campaign

OpenBSD MitM attack against WPA1/WPA2

OpenBSD vmm/vmd Update

***

Beastie Bits

HardenedBSD News: Introducing CFI

New version of Iocage (Python 3) on FreshPorts

DragonFly BSD Network performance comparison as of today

KnoxBUG recap

***

Feedback/Questions

Noel asks about moving to bhyve/jails

***

...more

View all episodes

By JT Pennington

4.9

8989 ratings