bayar da rahoto game da ci gaban aikin FreeBSD daga Yuli zuwa Satumba 2019. Daga cikin canje-canje za mu iya lura:
- Batutuwa na gabaɗaya da na tsari
- Ƙungiyar Core gabaɗaya ta amince da yiwuwar haɗa lamba a cikin tsarin da aka rarraba ƙarƙashin lasisin BSD tare da ƙarin yarjejeniyar haƙƙin mallaka (), amma shawarar haɗa kowane sashi a cikin tsarin ƙarƙashin wannan lasisi dole ne a amince da shi daban;
- Taron farko na ƙungiyar aiki da aka ƙirƙira don aiwatar da ƙaura na lambobin tushe daga tsarin kula da tushen tushen karkatarwa zuwa tsarin da aka raba Git ya faru. Tattaunawa kan yuwuwar ƙaura yana ci gaba da gudana kuma har yanzu ba a ƙaddamar da yanke shawara kan batutuwa da yawa ba (misali, abin da za a yi tare da ba da gudummawa /, ko yana da mahimmanci don sabunta hashes a cikin ma'ajin git na yanzu da kuma yadda mafi kyawun aiwatar da gwaji na aikata);
- daga NetBSD KCSAN (Kernel Concurrency Sanitizer) kayan aiki, wanda ke ba ku damar gano yanayin tsere tsakanin zaren kernel da ke gudana akan CPUs daban-daban;
- Ana ci gaba da aiki don amfani da haɗin ginin Clang (IAS) maimakon GNU binutils mai tarawa;
- Kayan aikin kwaikwayo na muhalli na Linux (Linuxulator) an daidaita shi don aiki akan gine-ginen ARM64. An aiwatar da kiran tsarin “renameat2”. An inganta mai amfani don gano matsaloli a cikin Linux executables da ke gudana a cikin Linuxulator. Matsalar hadarurruka lokacin haɗa fayilolin da za a iya aiwatarwa tare da sabobin glibc an warware su. An sabunta tashoshin jiragen ruwa tare da abubuwan haɗin Linux don Linuxulator zuwa CentOS 7.7;
- A matsayin wani ɓangare na shirin Google Summer na Code, ɗalibai sun sami nasarar kammala ayyuka shida: an shirya aiwatar da haɗin kai (IPv4/IPv6) ping utility, kayan aikin gwajin wuta da gano kurakurai a cikin kernel (Kernel sanitizer) an haɓaka, mac_ipacl. An gabatar da tsarin, an rubuta lambar don matsawa ƙwaƙwalwar ajiya kuma an yi aiki don raba tsarin gina tashar tashar jiragen ruwa daga shigarwa na gida;
- Aikin don gwajin fuzzing na FreeBSD kwaya ta amfani da tsarin yana ci gaba da haɓakawa . A lokacin rahoton, an gano kurakurai sama da goma kuma an kawar da su ta amfani da syzkaller. Don gudanar da syzkaller a cikin injunan kama-da-wane bisa bhyve, an sadaukar da uwar garken daban, da amfani
syzbot ya kafa gwaji na tsarin tsarin FreeBSD daban-daban a cikin kayan aikin Google. Shirya canja wurin bayanai game da duk hadura zuwa sabis na backtrace.io don sauƙaƙe ƙungiyoyin su da bincike; - Ana ci gaba da aiki don sabunta aiwatar da zlib a matakin kernel.
An yi ƙaura lambar da ke da alaƙa da matsawa daga zlib 1.0.4, wanda aka saki sama da shekaru 20 da suka gabata, zuwa lambar lambar zlib 1.2.11 na yanzu. Don haɗa damar zuwa zlib, damfara ayyuka, damfara2 da uncompress an ƙara su zuwa kernel. An canza lambar da ke tabbatar da aiki na yarjejeniya ta PPP daga tsarin netgraph don amfani da tsarin aiwatar da zlib, maimakon bugun kansa na wannan ɗakin karatu. kern_ctf.c, opencryptodeflate, geom_uzip, subr_compressor, subsystems an kuma canza su zuwa sabon zlib.
if_mxge, bxe sabunta da ng_deflate; - Ana haɓaka sabon ƙirar kwaya , wanda ke ba ka damar nemo abubuwa a cikin bayanan ma'auni na sysctl, wanda aka sarrafa ta hanyar MIB (Base Information Base), da kuma canja wurin bayanai game da abubuwa zuwa sararin mai amfani.
- Tsaro
- Kernel module ya haɓaka , dangane da Amintaccen Tsarin MAC na Amintaccen BSD da kuma aiwatar da tsarin kulawa da samun dama ga saitunan tari na cibiyar sadarwa don yanayin kurkuku. Misali, ta amfani da mac_ipacl, mai gudanar da tsarin mai masaukin baki zai iya hana tushen mai amfani a cikin gidan yari canza ko saita adiresoshin IP ko saitunan subnet don wasu musaya na cibiyar sadarwa. Tsarin kulawar samun dama ta tilas saita jerin adireshi na IP da ƙananan ramukan da aka ba da izini ga Jail, hana shigar da wasu IPs da subnets a cikin Jail, ko iyakance canza sigogi kawai don wasu hanyoyin sadarwa na cibiyar sadarwa;
- Intel ya ba da gudummawar tashar tashar jiragen ruwa ga aikin (Trusted Platform Module) don yin mu'amala tare da amintaccen guntun kwamfuta, wanda galibi ana amfani da shi don tabbatar da ɗaukar nauyin firmware da bootloader na OS. An gabatar da abubuwan da aka tattara a cikin hanyar tsaro ta tashar jiragen ruwa / tpm2-tss, tsaro / tpm2-kayan aikin da tsaro / tpm2-abrmd. Tashar tpm2-tss ta haɗa da dakunan karatu don amfani da TPM2 API, tpm2-kayan aiki suna ba da kayan aikin layin umarni don aiwatar da ayyukan TPM, kuma tpm2-abrmd ya ƙunshi aiwatar da tsarin baya na TPM Access Broker da abubuwan Manager Resource Manager waɗanda ke yawan buƙatu daga masu amfani da TPM daban-daban. zuwa na'ura guda ɗaya . Baya ga tabbatar da booting akan FreeBSD, ana iya amfani da TPM don haɓaka tsaro na Strongswan IPsec, SSH da TLS ta hanyar aiwatar da ayyukan sirri akan guntu daban;
- An daidaita kernel don gine-ginen amd64 don yin taya ta amfani da dabarar kariya ta W^X (rubuta XOR aiwatar), wanda ke nufin cewa ba za a iya isa ga shafukan ƙwaƙwalwar ajiya lokaci guda don rubutawa da aiwatarwa ba (ana iya loda kernel ta amfani da shafukan ƙwaƙwalwar ajiya masu aiwatarwa don rubutawa. haramun ne). Sabuwar hanyar kariyar kwaya an haɗa shi a cikin reshen HEAD kuma za a haɗa shi cikin sakin FreeBSD 13.0 da 12.2;
- Don mmap da kiran tsarin da ba daidai ba macro PROT_MAX(), wanda ke ba ka damar tantance saitin ƙayyadaddun tutocin da aka yarda don ƙarin canje-canje (PROT_READ, PROT_WRITE, PROT_EXEC). Yin amfani da PROT_MAX(), mai haɓakawa na iya hana canja wurin yankin ƙwaƙwalwar ajiya zuwa nau'in da za'a iya aiwatarwa ko buƙatar ƙwaƙwalwar ajiya wanda baya bada izinin aiwatarwa, amma daga baya ana iya canzawa zuwa aiwatarwa. Misali, yankin ƙwaƙwalwar ajiya na iya buɗewa don rubutawa kawai don tsawon lokacin haɗin gwiwa mai ƙarfi ko tsara lambar lambar JIT, amma da zarar rubutun ya cika, an iyakance shi don karantawa da aiwatarwa kawai, kuma a nan gaba, idan aka daidaita, maharin. ba zai iya ba da damar rubutu don wannan block ɗin ƙwaƙwalwar ajiya ba. Baya ga PROT_MAX(), sysctl vm.imply_prot_max kuma ana aiwatar da shi, wanda idan an kunna shi, yana ƙayyade saitin ingantattun tutoci dangane da sigogin farko na kiran farko zuwa mmap;
- Don haɓaka kariya daga amfani da lahani, ban da fasahar bazuwar adireshin sararin samaniya (ASLR), wata hanya don bazuwar ɓarna na masu nuni da ke magance firam ɗin tari na farko da tsarin da aka sanya akan tari tare da bayanai game da muhalli, sigogin ƙaddamar da shirin da bayanai. don hotuna masu aiwatarwa a cikin tsarin ELF an ba da shawarar;
- An yi aiki don cire ayyukan da ba su da aminci daga libc (farawa daga ma'aunin C11, an cire wannan aikin daga ƙayyadaddun bayanai) da kuma gyara tashoshin jiragen ruwa waɗanda har yanzu suke amfani da wannan aikin. Ana shirin bayar da canjin a cikin FreeBSD 13.0;
- An ƙaddamar da wani aikin gwaji don ƙirƙirar kayan aiki don tsara yanayin gidan yari bisa tsarin don ƙirƙira da fitar da hotuna, aiwatar da kama da Docker, da direba , wanda ke ba da hanyar sadarwa don ƙaddamar da aikace-aikacen a hankali a cikin yanayin kurkuku. Samfurin da aka tsara ya ba mu damar raba hanyoyin samar da yanayin kurkuku da kuma tura aikace-aikace a cikinsu. Daya daga cikin manufofin aikin shine samar da hanyar sarrafa gidajen yari a matsayin kwantena irin na Docker;
- Adana da tsarin fayil
- Daga NetBSD zuwa mai amfani "makefs". Tallafin tsarin fayil ɗin FAT (msdosfs). Canje-canjen da aka shirya suna ba ku damar ƙirƙirar hotunan FS tare da FAT ba tare da amfani da direban md ba kuma ba tare da ikon tushen ba;
- An kammala aikin sake yin aikin FUSE (Tsarin Fayil a cikin USERspace) direban subsystem, yana ba da damar ƙirƙirar tsarin aiwatar da tsarin fayil a sararin mai amfani. Direban da aka tura da farko yana dauke da kwari da yawa kuma ya dogara ne akan FUSE 7.8, wanda aka saki shekaru 11 da suka gabata. A matsayin wani ɓangare na aikin sabunta direba, an aiwatar da goyan bayan ka'idar FUSE 7.23, an ƙara lambar don bincika haƙƙin shiga a gefen kernel ("-o default_permissions"), an ƙara kira zuwa VOP_MKNOD, VOP_BMAP da VOP_ADVLOCK, An ba da damar katse ayyukan FUSE, goyon baya ga bututun da ba a ambata ba da kuma soket ɗin unix a cikin fusefs, ya zama mai yiwuwa a yi amfani da kqueue don / dev / fuse, yana yiwuwa a sabunta sigogin dutsen ta hanyar "Mount -u", ƙarin tallafi. don fitar da fusefs ta hanyar NFS, aiwatar da lissafin RLIMIT_FSIZE, an ƙara tutocin FOPEN_KEEP_CACHE da FUSE_ASYNC_READ, sun inganta ingantaccen aiki da haɓaka ƙungiyar caching. An haɗa sabon direba a cikin kai da barga / rassan 12 (an haɗa a cikin FreeBSD 12.1);
- An kusan kammala aiwatar da NFSv4.2 (RFC-7862) don FreeBSD. Babban abin da aka fi mayar da hankali a lokacin rahoton shine akan gwaji. An kammala gwaje-gwaje don tabbatar da dacewa tare da aiwatar da Linux, amma gwajin sabar pNFS tare da NFSv4.2 yana ci gaba da gudana. Gabaɗaya, an riga an ɗauki lambar a shirye don haɗawa cikin shugaban FreeBSD / rassan na yanzu. Sabuwar sigar NFS tana ƙara tallafi ga posix_fadvise, ayyukan posix_fallocate, hanyoyin SEEKHOLE/SEEKDATA a cikin lseek, aikin kwafin gida na sassan fayil akan sabar (ba tare da canja wurin abokin ciniki ba);
- Hardware goyon baya
- An ƙaddamar da wani aiki don inganta aikin FreeBSD akan kwamfyutocin. Na'urar farko da za a bincika don tallafin kayan aiki a cikin FreeBSD ita ce kwamfutar tafi-da-gidanka ta Lenovo X1 Carbon ƙarni na bakwai;
- CheriBSD, cokali mai yatsa na FreeBSD don gine-ginen aikin bincike (Karfafa Hardware Ingantattun Umarnin RISC), sabunta don tallafawa mai zuwa ARM Morello processor, wanda zai goyi bayan tsarin kula da damar ƙwaƙwalwar ajiya na CHERI dangane da ƙirar tsaro na ƙirar Capsicum. Morello guntu saki a 2021. Masu haɓakawa na CheriBSD kuma suna ci gaba da sa ido kan haɓakar ƙirar CHERI bisa tsarin gine-ginen MIPS;
- Fadada tallafi don kwakwalwan kwamfuta na RockChip RK3399 da aka yi amfani da su a cikin allon RockPro64 da NanoPC-T4. Mafi mahimmancin haɓakawa shine goyon baya ga eMMC da haɓaka sabon direba don mai kula da eMMC da aka yi amfani da shi a kan jirgi;
- Aiki yana ci gaba da aiwatar da tallafi don ARM64 SoC Broadcom BCM5871X tare da na'urori masu sarrafawa na ARMv8 Cortex-A57, da nufin amfani da su a cikin hanyoyin sadarwa, ƙofofin ƙofofin da ajiyar cibiyar sadarwa. A lokacin rahoton lokaci
An faɗaɗa tallafin iProc PCIe kuma an ƙara ikon yin amfani da ayyukan sirri na kayan aiki don hanzarta IPsec.
Ana sa ran haɗa lamba a cikin reshen HEAD a cikin kwata na huɗu; - An sami gagarumin ci gaba a cikin haɓaka tashar tashar FreeBSD don dandalin powerpc64. An mayar da hankali kan samar da ingantaccen aiki akan tsarin tare da IBM POWER8 da na'urori masu sarrafawa POWER9, amma zaɓin yana goyan bayan aiki akan tsofaffin Apple Power Macs, x500 da Amiga A1222. Reshen powerpc*/12 yana ci gaba da aikawa da gcc 4.2.1, kuma reshen powerpc*/13 za a yi ƙaura zuwa lvm90 nan ba da jimawa ba. Daga cikin tashoshin jiragen ruwa 33306, 30514 an samu nasarar harhada su;
- Tashar tashar FreeBSD tana ci gaba don 64-bit SoC NXP LS1046A dangane da mai sarrafa ARMv8 Cortex-A72 tare da ingin haɓaka aikin fakitin cibiyar sadarwa, 10 Gb Ethernet, PCIe 3.0, SATA 3.0 da USB 3.0. A lokacin lokacin rahoton, an aiwatar da goyan bayan USB 3.0, SD/MMC, I2C, DPAA da GPIO cibiyar sadarwa. Akwai tsare-tsare don tallafawa QSPI da haɓaka aikin haɗin yanar gizo. Ana sa ran kammala aiki da haɗawa a cikin reshen HEAD a cikin kwata na 4th na 2019;
- An sabunta direban ena don tallafawa ƙarni na biyu na ENAv2 (Elastic Network Adapter) adaftar hanyar sadarwa da aka yi amfani da su a cikin kayan aikin Elastic Compute Cloud (EC2) don tsara sadarwa tsakanin nodes na EC2 a cikin sauri har zuwa 25 Gb/s. An ƙara tallafin NETMAP kuma an gwada shi ga direban ena, kuma an daidaita tsarin ƙwaƙwalwar ajiya don ba da damar yanayin LLQ a cikin yanayin Amazon EC2 A1;
- Aikace-aikace da tsarin tashar jiragen ruwa
- Abubuwan da aka sabunta tari mai hoto da tashar jiragen ruwa masu alaƙa da xorg. An matsar da tashoshin jiragen ruwa masu amfani da USE_XORG da XORG_CAT zuwa tsarin USES maimakon kiran bsd.xorg.mk ta bsd.port.mk. Irin waɗannan tashoshin jiragen ruwa yanzu sun haɗa da tutar "USES=xorg" a cikin kayan aikinsu. An raba aikin XORG_CAT daga bsd.xorg.mk kuma yanzu an kunna shi ta tutar "USES=xorg-cat". Ƙara kayan aikin don samar da tashar jiragen ruwa kai tsaye daga wurin ajiyar git
freedesktop.org, wanda, alal misali, yana ba ku damar ƙirƙirar tashoshin jiragen ruwa don nau'ikan da ba a fitar da su ba tukuna. A nan gaba, muna shirin shirya kayan aiki don amfani da tsarin taro na meson maimakon autotools don gina tashoshin xorg.An yi aiki don tsaftace tsoffin tashoshin xorg da ke daure da abubuwan da ba a tallafawa ba, alal misali, an cire tashar x11/libXp, kuma an soke tashar x11/Xxf86misc, x11-fonts/libXfontcache da graphics/libGLw. ;
- An yi aiki don inganta goyon baya ga Java 11 da sababbin sakewa a cikin FreeBSD, da kuma kawo wasu canje-canje zuwa reshe na Java 8. Bayan goyon baya ga sababbin abubuwan Java 11 kamar Java Flight Recorder, HotSpot Serviceability Agent, HotSpot Debugger an aiwatar da shi. don FreeBSD , DTrace, Javac Server, Java Sound da SCTP, an canza aikin don tabbatar da cewa duk gwaje-gwajen dacewa sun wuce. An rage yawan gazawar lokacin cin jarabawar daga 50 zuwa 2;
- KDE Plasma tebur, KDE Frameworks, KDE Aikace-aikace da Qt ana kiyaye su na yau da kullun kuma ana sabunta su zuwa sabbin abubuwan fitarwa;
- Tashoshi tare da tebur na Xfce an sabunta su don fitarwa ;
- Bishiyar tashar tashar jiragen ruwa ta FreeBSD ta zarce tashoshi 38000, adadin PRs da ba a rufe ba ya wuce 2000, wanda har yanzu PRs 400 ba a warware su ba. A lokacin rahoton, masu haɓaka 7340 sun yi canje-canje 169. Sabbin mahalarta guda biyu (Santhosh Raju da Dmitri Goutnik) sun sami haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin haƙƙin da Santhosh Raju da Dmitri Goutnik Dmitri Goutnik. An buga sabon sakin mai sarrafa fakitin pkg 1.12, tare da tallafi don overlays a cikin bishiyar tashar jiragen ruwa da tsaftace bsd.sites.mk. Daga cikin mahimman abubuwan sabuntawa a cikin tashoshin jiragen ruwa sune: Li'azaru 2.0.4, LLVM 9.0, Perl5.30, PostgreSQL 11, Ruby 2.6, Firefox 69.0.1, Firefox-esr 68.1.0, Chromium 76.0;
- Ci gaban ayyukan yana ci gaba , rarraba na musamman don ƙaddamar da kayan aikin uwar garken kama-da-wane. Dangane da ayyukan da yake warwarewa, ClonOS yayi kama da tsarin kamar Proxmox, Triton (Joyent), OpenStack, OpenNebula da Amazon AWS, babban bambanci daga wanda shine amfani da FreeBSD da ikon sarrafawa, turawa da sarrafa kwantena na FreeBSD da kuma mahallin kama-da-wane bisa Bhyve da Xen hypervisors. Canje-canje na kwanan nan sun haɗa da tallafi
Cloud-init don Linux/BSD VM da Cloudbase-init don Windows VM, fara canzawa zuwa amfani da hotuna na asali, ta amfani da Jenkins CI don ginin gwaji da sabon wurin ajiyar pkg don shigarwa.
ClonOS daga fakiti.
- Abubuwan da aka sabunta tari mai hoto da tashar jiragen ruwa masu alaƙa da xorg. An matsar da tashoshin jiragen ruwa masu amfani da USE_XORG da XORG_CAT zuwa tsarin USES maimakon kiran bsd.xorg.mk ta bsd.port.mk. Irin waɗannan tashoshin jiragen ruwa yanzu sun haɗa da tutar "USES=xorg" a cikin kayan aikinsu. An raba aikin XORG_CAT daga bsd.xorg.mk kuma yanzu an kunna shi ta tutar "USES=xorg-cat". Ƙara kayan aikin don samar da tashar jiragen ruwa kai tsaye daga wurin ajiyar git
source: budenet.ru