On January 31st, FreeBSD 6.3 will reach its End of Life and will no longer be supported by the FreeBSD Security Team. Users of this release are strongly encouraged to upgrade to a newer release before that date — more conservative users will probably wish to upgrade to FreeBSD 6.4 or FreeBSD 7.1 (which are both extended-support branches), while others will probably wish to upgrade to FreeBSD 7.2 or the upcoming FreeBSD 8.0.
A couple of developers are working to replace GCC in the FreeBSD base system with clang/LLVM. Clang is a compiler built on the Low Level Virtual Machine compiler infrastructure. Both clang and llvm are released under a BSD like license, unlike GCC that’s GPL licensed.
Roman Divacky has an update on the project:
The situation as of late September:
- i386 – kernel boots, world needs little hacks but works
- amd64 – kernel compiles but does not boot, world needs little hacks
- ppc – broken because of unknown RTLD bug
All other platforms are untested. Ie. this is a regression from the situation in early spring when we could boot amd64 as well…
A lot has happened over the spring/summer – amd64 got proper mcmodel=kernel support, compiler-rt was introduced (paving the way for libgcc replacement), we ran two experimental ports build to see how clang does there, C++ support is able to parse devd.cc without warnings, we got kernel working with -O2, we promoted FreeBSD to be officially supported plaform in LLVM etc. etc.
The developers could do with a bit of support and help with the testing. Can you?
We have problems though: we don’t have manpower for testing (thats why amd64 kernel stopped booting) and developers for integrating stuff into FreeBSD (maintaining ports etc.). So if you are interested in helping please contact me or join us on IRC in #freebsd-clang on irc.oftc.net. We especially need amd64 testers (because of the amd64 kernel bug) and people with minor platforms like arm/mips/sparc to see how clang/llvm performs there and improve that
The FreeBSD Project has released it’s ‘quarterly’ update with an overview of current and finished projects:
This report covers FreeBSD related projects between April and September 2009. During that time a lot of work has been done on wide variety of projects, including the Google Summer of Code projects. The BSDCan conference was held in Ottawa, CA, in May. The EuroBSDCon conference was held in Cambridge, UK, in September. Both events were very successful. A new major version of FreeBSD, 8.0 is to be released soon
Table of contents:
Google Summer of Code
- About Google Summer of Code 2009
- BSD-licensed iconv (Summer of Code 2009)
- BSD-licensed text-processing tools (Summer of Code 2008)
- Ext2fs Status report (Summer of Code 2009)
- libnetstat(3) – networking statistics (Summer of Code 2009)
- pefs – stacked cryptographic filesystem (Summer of Code 2009)
- BSD# Project
- Clang replacing GCC in the base system
- FreeBSD TDM Framework
- Grand Central Dispatch – FreeBSD port
- libprocstat(3) – process statistics
- New BSD licensed debugger
- NFSv4 ACLs
- The Newcons project
- VirtualBox on FreeBSD
FreeBSD Team Reports
- FreeBSD Bugbusting Team
- FreeBSD KDE Team
- FreeBSD Ports Management Team
- Release Engineering Status Report
- The FreeBSD Foundation Status Report
- Enhancing the FreeBSD TCP Implementation
- Modular Congestion Control
- Network Stack Virtualization
- Stream Control Transmission Protocol (SCTP)
- The FreeBSD Dutch Documentation Project
- The FreeBSD German Documentation Project
- The FreeBSD Hungarian Documentation Project
- The FreeBSD Spanish Documentation Project
- FreeBSD Gecko Project
- Portmaster – utility to assist users with managing ports
- Valgrind suite on FreeBSD
The Debian Project has announced that it sees the port of the Debian system to the FreeBSD kernel fit to be handled equal with the other release ports. The upcoming release codenamed ‘Squeeze’ is planned to be the first Debian distribution to be released with Linux and FreeBSD kernels.
The kFreeBSD architectures for the AMD64/Intel EM64T and i386 processor architectures are now release architectures. Severe bugs on these architectures will be considered release critical the same way as bugs on other architectures like armel or i386 are. If a particular package does not build or work properly on such an architecture this problem is considered release-critical.
Debian’s main motivation for the inclusion of the FreeBSD kernel into the official release process is the opportunity to offer to its users a broader choice of kernels and also include a kernel that provides features such as jails, the OpenBSD Packet Filter and support for NDIS drivers in the mainline kernel with full support.
As usual some think it’s an odd match and a waste of time and resource, others see it as a nice combination a development.
One may think that this is just another ported software to the already huge collection of FreeBSD’s ports. But this is something more, as FreeBSD has just expanded its possibilities in the commercial streaming area.
The port was made by talented Polish engineers from InnerVision who are devoted to free and open source communities. It’s not the first FreeBSD port they have created, and as they say, definitely not the last.
Gleb Kurtsou has been working this summer working on FreeBSD kernel level cryptographic filesystem pefs as part of the Google Summer of Code. He thinks the project is now mature enough for public review and comments.
I’m using it to encrypt my mailbox for some time already without any issues. For testing I use mostly dbench and fsx tools.
Some of pefs features (comparing to other stacked filesystems):
- Kernel level implementation (no fuse and similar stuff)
- Random per file tweak value used for encryption
- Saves metadata only in encrypted file name (doesn’t change file content)
- Doesn’t change encrypted file size
- Arbitrary number of keys
- Mixing files encrypted with different keys in single directory
- Transparent mode of operation (no encryption, read-only, allows accessing filesystem snapshots easily)
- Key chaining (though user level utility)
- Modern encryption algorithms (AES and Camellia in CTR mode, Salsa20)
Is it worth upgrading to 8.0 to run mySQL or PostgreSQL databases? Graphs say more than 1000 words
…what causes this massive speedup? FreeBSD 8 have superpages support turned on by default, and there was some hacking on the ULE schedulet too, which now can recognize the CPUs’ and their caches’ hierarchy and take those into account during its work.
For for performance graphs, go here.
The FreeBSD Security Team has issued the following security warnings:
For background info, problem description, impact, workaround and solutions, have a look at the individual advisory pages.