FreeBSD Device Drivers: a guide for the intrepid (book)

“Device drivers make it possible for your software to communicate with your hardware, and because every operating system has specific requirements, driver writing is nontrivial.

When developing for FreeBSD, you’ve probably had to scour the Internet and dig through the kernel sources to figure out how to write the drivers you need. Thankfully, that stops now.

In FreeBSD Device Drivers, Joseph Kong will teach you how to master everything from the basics of building and running loadable kernel modules to more complicated topics like thread synchronization. After a crash course in the different FreeBSD driver frameworks, extensive tutorial sections dissect real-world drivers like the parallel port printer driver.”

The book has been reviewed by beginlinux

Buy this book on Amazon or nostarch press  (use DRIVERS for 40% discount)

HOWTO: Run pfSense nanobsd in VirtualBox

There’s a very useful howto on the pfsense forums showing step-by-step how to run pfSense in virtualbox:

  1. Get Oracle VirtualBox from https://www.virtualbox.org/ or from the repo of your distribution. Works in Windows, Linux too.
  2. Download a VGA-enabled nanobsd version of pfSense from here. For example pfSense-2.0.1-RELEASE-4g-i386-nanobsd_vga.img.gz.
  3. Decompress the .gz to get a plain disk image .img file (you need pfSense-2.0.1-RELEASE-4g-i386-nanobsd_vga.img)
  4. Convert the disk image to a virtual hard disk using this command:
    1. Code: VBoxManage convertfromraw pfSense-2.0.1-RELEASE-4g-i386-nanobsd_vga.img pfSense-2.0.1-RELEASE-4g-i386-nanobsd_vga.vdi
    2. Don’t worry if the .vdi file will be much smaller. It will actually be a dynamic virtual disk, which physically occupies only the amount of data which is not empty.
  5. Create a new virtual machine in VirtualBox, using these settings:
    1. Enable IO APIC
    2. 512MB of RAM (or more, I guess)
    3. no audio, no USB
    4. 2 network adapters, first bridged to your physical NIC, second “Host-Only Adapter”, both Intel PRO/1000 T Server. Untick “Cable connected”
    5. a serial port, just to be sure
    6. use as hard disk the .vdi image you created in step 4
  6. Boot up the virtual machine, let pfSense start up
  7. Assign network interfaces as usual, to simulate cable connection open “Network Adapters” window and tick back  ”Cable connected” when appropriate. Make the first (em0) as WAN, the second (em1) as LAN.
  8. Set manually IP address of LAN to 192.168.56.10 (or any IP within your “Host-Only Adapter network”)
  9. Type your LAN address in your browser and you’re in!

FreeBSD and Microsoft Hyper-V Interoperability

Microsoft and its partnering companies are finalizing a project that will enable FreeBSD interoperability with Windows Server Hyper-V.

News about the project, which started in October, was announced last week at the BSDCan 2012 event in Ottawa, Canada. The project will produce drivers that will enable the open source FreeBSD server to run as a guest on Microsoft’s hypervisor. The drivers will be licensed under the BSD license, meaning freely usable open source code, with delivery expected “early this summer,” according to Microsoft’s announcement. The drivers will work with Windows Server 2008 R2 and FreeBSD versions 8.2 and 8.3.

… For this project, Microsoft is working with a technical staffing company, Insight Global, to develop a VMBUS driver, which will serve as the interface between Hyper-V and FreeBSD. It also partnered with Citrix and NetApp on the project, which are both contributors to FreeBSD and users of the FreeBSD technology. Citrix is focusing on network aspects of FreeBSD interoperability, while NetApp is handing storage aspects, according to Joe CaraDonna, NetApp’s technical director of core operating systems, in a Microsoft-conducted interview.

CaraDonna said that NetApp has been collaborating with Microsoft on various projects for more than 10 years. NetApp uses FreeBSD in its Data ONTAP-v virtual storage appliance. The company also has developed its own FreeBSD hypervisor, called “BHyVe,” which NetApp released as open source code last year.

Full article and source (redmondmag.com) (via)

FreeBSD Quarterly Status Report (January – March 2012)

The FreeBSD project has released its quarterly project update. The latest report covers FreeBSD related projects between January and March 2012, and is the first of the four reports planned for 2012.

This quarter was highlighted by releasing the next major version of FreeBSD, 9.0, which was finally released in the beginning of January 2012. The FreeBSD Project dedicates the FreeBSD 9.0-RELEASE to the memory of Dennis M. Ritchie, one of the founding fathers of the UNIX operating system.

Projects

User-land Programs

FreeBSD Team Reports

Kernel

Network Infrastructure

Documentation

Architectures

Ports

Soure and full report: FreeBSD Quarterly Status Report (January – March 2012)

PC-BSD 9-STABLE-20120505 Snapshot Available for Testing

Kris has announced the availability of the next testing snapshot. If you are using Intel video or would like to upgrade from a previous snapshot, read the Errata section below.

The next snapshot in the PC-BSD 9-STABLE branch has just been released
for i386 and amd64 architectures. This snapshot provides both users and developers a means to test out new features in the upcoming PC-BSD 9.1 release. This snapshot may contain buggy code and features, so users are encouraged to run it only on non-critical systems.

Changes since the previous Snapshot:

* FreeBSD 9-STABLE from 05-01-2012
* Xorg 7.5.2 / Xorg-server 1.10.6
* Includes the GEM kernel support patches
* Added fail2ban for SSH brute force blocking
* Added ossec to base system
* Added support for all i18n languages currently in Pootle
* Fixed sorting of installed Applications in AppCafe
* Fixed some bugs in server install causing CLI apps to fail
* Fixed stamping boot on BootCamp partitions.
* Enable starting Warden jails at system bootup
* Enable booting installer on systems with < 512MB of RAM
* Enabled splash screen support
* Multiple bugfixes to included utilities / apps

Highlights for the upcoming 9.1:

* New system installer! Greatly simplified for desktop and server installs.
* New “PC-BSD Server” installation option. Includes command-line
utilities like pbi-manager, warden, metapkgmanager and more.
* Support for ZFS mirror / raidz(1,2,3) during installation.
* Support for SWAP on ZFS, allowing entire disk ZFS installation.
* Support for setting additional ZFS data-set options, such as compression, noexec, etc.
* Warden jail management integrated into system. Allows creating jails
via GUI, adding packages and other administration.
* First boot setup wizard allows OEM installs to be easily performed.
* New Bluetooth paring tray / GUI utilities.
* New AppCafe improvements and preferences
* Improvements to wifi utility
* Fixed bug causing untranslated strings to show up empty.
* Numerous bug-fixes to PC-BSD related utilities
* And much more!

Errata

* Due to some port changes the updated Xorg Intel driver did not get
automatically included. You add it post-install by adding the line
“WITH_NEW_XORG=yes” to /etc/make.conf and then building the
/usr/ports/x11-drivers/xf86-video-intel port. This will be corrected in the next snapshot.

* It is possible to update from the previous snapshot to the current version, however you will manually need to update the
/usr/local/bin/pc-updatemanager command first.

(As root)
# fetch
http://?trac?.pcbsd?.org/?e?x?p?o?r?t?/?1?6?6?6?2?/?p?c?b?s?d?/?c?u?r?r?e?n?t?/?s?r?c?-?s?h?/?p?c?-?u?p?d?a?t?e?m?a?n?a?g?e?r?/?p?c?-?u?p?d?a?t?e?m?a?n?a?ger –o /usr/local/bin/pc-updatemanager
# chmod 755 /usr/local/bin/pc-updatemanager

You may now update via the system updater GUI.

Protect Your BSD – BSD Magazine (May 2012)

April’s issue of the BSD Magazine is now available: BSD Security – Protect Your BSD (free PDF download).

Covering the following topics:

- A Fresh Look at the Warden for PC-BSD 9.1
- Intro to DTrace
- A Web Application Firewall for Nginx
- Introducing EasyPBI – Making PBI Modules With a Few Mouse Clicks
- Mysql-zrm: Enterprise Level Backups for MySQL
- Anatomy of FreeBSD Compromise (Part 5)
- Hardening FreeBSD with TrustedBSD and Mandatory Access Controls (MAC)
- Security Best Practice for DNS Servers