Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Lipoti lachitukuko cha FreeBSD Q2019 XNUMX

Lipoti lachitukuko cha FreeBSD Q2019 XNUMX

Lofalitsidwa lipoti pakukula kwa projekiti ya FreeBSD kuyambira Julayi mpaka Seputembara 2019. Zina mwa zosintha zomwe tingazindikire:

  • General ndi zokhudza zonse
    • Gulu la Core nthawi zambiri lavomereza kuthekera kophatikiza ma code mu dongosolo lomwe limagawidwa pansi pa chilolezo cha BSD ndi mgwirizano wowonjezera wa patent (BSD + Patent), koma chigamulo chophatikizira gawo lililonse mudongosolo lomwe lili pansi pa chilolezochi liyenera kuvomerezedwa padera;
    • Msonkhano woyamba wa gulu logwira ntchito lomwe linapangidwa kuti likwaniritse kusamuka kwa magwero a magwero kuchokera ku centralized source control system Kutembenuzidwa ku dongosolo logawanika la Git kunachitika. Kukambitsirana za kuthekera kwa kusamuka kukupitirirabe ndipo zisankho pazovuta zambiri sizinapangidwebe (mwachitsanzo, chochita ndi contrib/, ngati kuli kofunikira kukonzanso ma hashes munkhokwe ya git yomwe ilipo komanso momwe angagwiritsire ntchito mayeso a kuchita);
    • Kuchokera ku NetBSD kunyamula KCSAN (Kernel Concurrency Sanitizer) chida, chomwe chimakulolani kuti muzindikire mtundu wamtundu pakati pa ulusi wa kernel womwe ukuyenda pama CPU osiyanasiyana;
    • Ntchito ikuchitika kuti agwiritse ntchito Clang's build-in assembler (IAS) m'malo mwa GNU binutils assembler;
    • Chitukuko cha Linux chilengedwe emulation (Linuxulator) chimasinthidwa kuti chigwire ntchito pamapangidwe a ARM64. Anakhazikitsa kuyimba kwa dongosolo la "renameat2". Chida cha strace chasinthidwa kuti chizindikire zovuta mu Linux executable yomwe ikuyenda mu Linuxulator. Vuto lakuwonongeka polumikiza mafayilo omwe angathe kuchitika ndi glibc yatsopano lathetsedwa. Madoko okhala ndi zigawo za Linux za Linuxulator asinthidwa kukhala CentOS 7.7;
    • Monga gawo la pulogalamu ya Google Summer of Code, ophunzira adamaliza bwino ntchito zisanu ndi chimodzi: kukhazikitsidwa kwa pulogalamu yolumikizana (IPv4/IPv6) idakonzedwa, zida zoyesera zozimitsa moto ndikuzindikira zolakwika mu kernel (Kernel sanitizer) zidapangidwa, mac_ipacl. gawo linaperekedwa, code inalembedwa kuti iwononge kukumbukira kukumbukira ndipo ntchito yachitidwa kuti alekanitse njira yomanga doko ndi kukhazikitsa kwanuko;
    • Pulojekiti yoyesa kusokoneza kernel ya FreeBSD pogwiritsa ntchito dongosolo ikupitilizabe syzkaller. Panthawi yopereka lipoti, zolakwika zoposa khumi zidadziwika ndikuchotsedwa pogwiritsa ntchito syzkaller. Kuthamanga syzkaller mu makina pafupifupi zochokera bhyve, osiyana seva ndi odzipereka, ndi ntchito
      syzbot yakhazikitsa kuyesa kwa ma subsystems osiyanasiyana a FreeBSD muzomangamanga za Google. Anakonza zosamutsa zidziwitso zonse zakuwonongeka kwa ntchito ya backtrace.io kuti muchepetse magulu awo ndikuwunika;

    • Ntchito ikuchitika yokonzanso kukhazikitsa kwa zlib pamlingo wa kernel.
      Khodi yokhudzana ndi kuponderezana yasamutsidwa kuchokera ku zlib 1.0.4, yotulutsidwa zaka 20 zapitazo, kupita ku zlib 1.2.11 codebase yamakono. Kuti mugwirizanitse mwayi wa zlib, ntchito compress, compress2 ndi uncompress zawonjezedwa ku kernel. Khodi yomwe imatsimikizira kugwira ntchito kwa protocol ya PPP kuchokera ku netgraph subsystem yasamutsidwa kuti igwiritse ntchito dongosolo la zlib, m'malo mwa kusindikiza kwake kwa laibulale iyi. Kern_ctf.c, opencryptodeflate, geom_uzip, subr_compressor, subsystems zasamutsidwanso ku zlib yatsopano.
      if_mxge, bxe kusinthidwa ndi ng_deflate;

    • Mawonekedwe atsopano a kernel akupangidwa sysclininfo, zomwe zimakulolani kuti mupeze zinthu mu sysctl parameter database, yokonzedwa mu mawonekedwe a MIB (Management Information Base), ndi kusamutsa zambiri za zinthu kumalo ogwiritsira ntchito.
  • Chitetezo
    • Kernel module idapangidwa mac_ipacl, kutengera TrustedBSD MAC Framework ndikukhazikitsa njira yowongolera zolumikizira pamanetiweki a ndende. Mwachitsanzo, pogwiritsa ntchito mac_ipacl, woyang'anira makina ogwiritsira ntchito amatha kuletsa wogwiritsa ntchito mizu m'ndende kuti asasinthe kapena kukhazikitsa ma adilesi a IP kapena ma subnet ma network ena. Dongosolo lovomerezeka lovomerezeka lovomerezeka timatha khazikitsani mndandanda wa ma adilesi a IP ndi ma subnet omwe amaloledwa kundende, amaletsa kuyika ma IP ndi ma subnets kundende, kapena kuchepetsa kusintha magawo pamaneti ena;
    • Intel yapereka doko la stack software ku polojekitiyi TPM 2.0 (Trusted Platform Module) kuti igwirizane ndi chipangizo chotetezedwa cha kompyuta, chomwe nthawi zambiri chimagwiritsidwa ntchito potsitsa firmware ndi OS bootloader. Zigawo za stack zimaperekedwa ngati madoko chitetezo/tpm2-tss, chitetezo/tpm2-zida ndi chitetezo/tpm2-abrmd. Doko la tpm2-tss limaphatikizapo malaibulale ogwiritsira ntchito TPM2 API, zida za tpm2 zimapereka zida zamalamulo pochita ntchito za TPM, ndipo tpm2-abrmd ili ndi njira yakumbuyo ya magawo a TPM Access Broker ndi Resource Manager omwe amachulukitsa zopempha kuchokera kwa ogwiritsa ntchito osiyanasiyana a TPM. ku chipangizo chimodzi . Kuphatikiza pa booting yotsimikizika pa FreeBSD, TPM ikhoza kugwiritsidwa ntchito kupititsa patsogolo chitetezo cha Strongswan IPsec, SSH ndi TLS pochita ntchito za cryptographic pa chip chosiyana;
    • Kernel ya zomangamanga za amd64 imasinthidwa kuti ikhale yoyambira pogwiritsa ntchito njira yotetezera ya W^ X (lembani XOR execute), zomwe zikutanthauza kuti masamba amakumbukiro sangapezeke nthawi imodzi kuti alembe ndi kuphedwa (kernel tsopano ikhoza kuyikidwa pogwiritsa ntchito masamba okumbukira omwe amalembedwa. ndizoletsedwa). Njira yatsopano yotetezera kernel ikuphatikizidwa mu nthambi ya HEAD ndipo idzaphatikizidwa mu FreeBSD 13.0 ndi 12.2 kumasulidwa;
    • Kwa mmap ndi mprotect system mafoni zakhazikitsidwa macro PROT_MAX(), yomwe imakupatsani mwayi wosankha mbendera zoletsa kulowa zomwe zimaloledwa kusintha zina (PROT_READ, PROT_WRITE, PROT_EXEC). Pogwiritsa ntchito PROT_MAX (), wopanga mapulogalamu amatha kuletsa kusamutsidwa kwa dera lokumbukira kupita kugulu lomwe lingathe kuchitidwa kapena kupempha kukumbukira komwe sikulola kuphedwa, koma pambuyo pake kumatha kusinthidwa kuti kuchitidwe. Mwachitsanzo, dera la kukumbukira likhoza kukhala lotseguka kuti lilembedwe kokha kwa nthawi yolumikizana mwamphamvu kapena kupanga ma code a JIT, koma zolembazo zikamalizidwa, zimaletsedwa kuwerenga ndi kuzichita kokha, ndipo mtsogolomo, ngati atasokonezedwa, wowukirayo amaloledwa. sadzatha kuloleza kulemba kwa block block. Kuphatikiza pa PROT_MAX(), sysctl vm.imply_prot_max imakhazikitsidwanso, yomwe ikayatsidwa, imatsimikizira gulu la mbendera zovomerezeka kutengera magawo oyamba a kuyimba koyamba kwa mmap;
    • Kupititsa patsogolo chitetezo ku kugwiritsidwa ntchito pachiwopsezo, kuphatikiza njira ya adilesi ya randomisation (ASLR), njira yosinthira zolozera zomwe zimayang'anizana ndi chimango choyambirira ndi zida zomwe zimayikidwa pachiwopsezo chokhala ndi chidziwitso cha chilengedwe, magawo oyambitsa pulogalamu ndi data. pazithunzi zomwe zingagwiritsidwe ntchito mumtundu wa ELF zikuperekedwa;
    • Ntchito yachitidwa kuti achotse zosatetezeka amapeza ntchito kuchokera ku libc (kuyambira pa muyezo wa C11, ntchitoyi idachotsedwapo) ndikuwongolera madoko omwe akugwiritsabe ntchito ntchitoyi. Kusinthaku kukukonzekera kuperekedwa mu FreeBSD 13.0;
    • Pulojekiti yoyesera yakhazikitsidwa kuti ipange zida zopangira malo andende potengera dongosolo mphika popanga ndi kutumiza kunja zithunzi, zokhazikitsidwa zofanana ndi Docker, ndi driver nomad, yomwe imapereka mawonekedwe otsegulira mapulogalamu m'ndende. Mtundu womwe waperekedwa umatilola kuti tilekanitse njira zopangira malo andende ndikuyika mapulogalamu m'menemo. Chimodzi mwazolinga za polojekitiyi ndikupereka njira zosinthira ndende ngati zotengera zamtundu wa Docker;
  • Makina osungira ndi mafayilo
    • Kuchokera ku NetBSD kupita ku "makefs" zofunikira kusunthidwa FAT file system thandizo (msdosfs). Zosintha zokonzeka zimakulolani kupanga zithunzi za FS ndi FAT popanda kugwiritsa ntchito dalaivala wa md komanso opanda mizu;
    • Kukonzanso kwa FUSE (File system in USerspace) dalaivala wa subsystem kwatha, kulola kukhazikitsidwa kwa machitidwe amafayilo pamalo ogwiritsira ntchito. Dalaivala yemwe adatumizidwa koyambirira anali ndi nsikidzi zambiri ndipo adachokera pa FUSE 7.8, yomwe idatulutsidwa zaka 11 zapitazo. Monga gawo la projekiti yoyendetsa madalaivala, kuthandizira kwa protocol ya FUSE 7.23 yakhazikitsidwa, code yowunikira ufulu wofikira kumbali ya kernel ("-o default_permissions") yawonjezedwa, mafoni ku VOP_MKNOD, VOP_BMAP ndi VOP_ADVLOCK awonjezedwa, Kutha kusokoneza ntchito za FUSE kwaperekedwa, chithandizo cha mapaipi osatchulidwa dzina ndi soketi za unix zawonjezedwa mu fusefs, zinatheka kugwiritsa ntchito kqueue kwa / dev / fuse, zinali zotheka kusintha magawo okwera kudzera pa "mount -u", chithandizo chowonjezera. potumiza ma fusefs kunja kudzera ku NFS, kugwiritsa ntchito RLIMIT_FSIZE kuwerengera ndalama, kuonjeza FOPEN_KEEP_CACHE ndi mbendera za FUSE_ASYNC_READ, kukhathamiritsa kwa magwiridwe antchito ndikuwongolera kasungidwe kachipangizo. Dalaivala watsopano akuphatikizidwa mumutu ndi nthambi zokhazikika / 12 (zophatikizidwa mu FreeBSD 12.1);
    • Kukhazikitsa kwa NFSv4.2 (RFC-7862) kwa FreeBSD kwatsala pang'ono kutha. Cholinga chachikulu pa nthawi yopereka lipoti chinali kuyesa. Mayesero atsirizidwa kuti atsimikizire kugwirizana ndi kukhazikitsidwa kwa Linux, koma kuyesa kwa seva ya pNFS ndi NFSv4.2 kukupitirirabe. Kawirikawiri, codeyo imatengedwa kuti ndi yokonzeka kuphatikizidwa mu FreeBSD mutu / nthambi zamakono. Mtundu watsopano wa NFS umawonjezera kuthandizira kwa posix_fadvise, posix_fallocate ntchito, mawonekedwe a SEEKHOLE/SEEKDATA mu lseek, kugwiritsa ntchito kukopera kwam'deralo kwa magawo a fayilo pa seva (popanda kusamutsa kwa kasitomala);
  • Thandizo la Hardware
    • Pulojekiti yakhazikitsidwa kuti ipititse patsogolo magwiridwe antchito a FreeBSD pama laputopu. Chipangizo choyamba chomwe chiyenera kufufuzidwa kuti chithandizidwe ndi hardware mu FreeBSD chinali laputopu ya Lenovo X1 Carbon yachisanu ndi chiwiri;
    • CheriBSD, foloko ya FreeBSD yomanga ma processor ofufuza CHERI (Capability Hardware Enhanced RISC Instructions), zosinthidwa kuti zithandizire purosesa ya ARM Morello yomwe ikubwera, yomwe ithandizira dongosolo la CHERI lofikira kukumbukira potengera mtundu wachitetezo wa Capsicum. Morello chip akukonzekera kumasulidwa mu 2021. Madivelopa a CheriBSD akupitilizabe kuyang'anira kakulidwe ka CHERI yotengera kamangidwe ka MIPS;
    • Thandizo lowonjezera la tchipisi cha RockChip RK3399 chomwe chimagwiritsidwa ntchito mu RockPro64 ndi NanoPC-T4 board. Kusintha kwakukulu kwambiri kunali kuthandizira eMMC ndi chitukuko cha dalaivala watsopano kwa wolamulira wa eMMC wogwiritsidwa ntchito pa bolodi;
    • Ntchito ikupitilizabe kugwiritsa ntchito thandizo la ARM64 SoC Broadcom BCM5871X yokhala ndi mapurosesa a ARMv8 Cortex-A57, omwe cholinga chake ndi kugwiritsa ntchito ma routers, zipata ndi kusungirako maukonde. Panthawi yopereka lipoti
      Thandizo la iProc PCIe lakulitsidwa ndipo kuthekera kogwiritsa ntchito zida za cryptographic kuti mufulumizitse IPsec wawonjezedwa.
      Kuphatikizidwa kwa ma code mu nthambi ya HEAD kukuyembekezeka mu gawo lachinayi;

    • Pakhala kupita patsogolo kwakukulu pakupanga doko la FreeBSD la nsanja ya powerpc64. Cholinga chake ndikupereka magwiridwe antchito pamakina omwe ali ndi ma processor a IBM POWER8 ndi POWER9, koma mwakufuna amathandizira kugwira ntchito pa Apple Power Macs akale, x500 ndi Amiga A1222. Nthambi ya powerpc */12 ikupitiriza kutumiza ndi gcc 4.2.1, ndipo nthambi ya powerpc */13 idzasamutsidwa ku llvm90 posachedwa. Kuchokera pa madoko a 33306, 30514 amasonkhanitsidwa bwino;
    • Kuyika kwa FreeBSD kumapitilira 64-bit SoC NXP LS1046A kutengera purosesa ya ARMv8 Cortex-A72 yokhala ndi injini yophatikizika yamapaketi opangira paketi, 10 Gb Ethernet, PCIe 3.0, SATA 3.0 ndi USB 3.0. Panthawi yopereka lipoti, thandizo la USB 3.0, SD/MMC, I2C, DPAA ndi GPIO network interface idakhazikitsidwa. Pali mapulani othandizira QSPI ndikuwongolera magwiridwe antchito a netiweki. Kutsirizitsa ntchito ndikuphatikizidwa mu nthambi ya HEAD ikuyembekezeka mu gawo la 4 la 2019;
    • Dalaivala wa ena wasinthidwa kuti athandizire m'badwo wachiwiri wa ma adapter a netiweki a ENAv2 (Elastic Network Adapter) omwe amagwiritsidwa ntchito mu Elastic Compute Cloud (EC2) kukonza kulumikizana pakati pa EC2 node pa liwiro la 25 Gb/s. Thandizo la NETMAP lawonjezeredwa ndikuyesedwa kwa dalaivala wa ena, ndipo mawonekedwe a kukumbukira asinthidwa kuti athe LLQ mode mu Amazon EC2 A1 mapangidwe;
  • Mapulogalamu ndi ma port system
    • Zida zosinthidwa zazithunzi ndi madoko okhudzana ndi xorg. Madoko ogwiritsira ntchito USE_XORG ndi XORG_CAT asunthidwa ku SEES framework m'malo moyimbira bsd.xorg.mk kudzera bsd.port.mk. Madoko oterowo akuphatikiza mbendera ya "USES=xorg" mumafayilo awo. Ntchito ya XORG_CAT yalekanitsidwa ndi bsd.xorg.mk ndipo tsopano yayatsidwa ndi mbendera ya "USES=xorg-cat". Zida zowonjezera zopangira ma doko a xorg kuchokera ku git repository
      freedesktop.org, yomwe, mwachitsanzo, imakupatsani mwayi wopanga madoko amitundu yomwe sinatulutsidwe. M'tsogolomu, tikukonzekera kukonzekera zida zogwiritsira ntchito makina a meson m'malo mwa autotools kuti amange madoko a xorg.

      Ntchito yachitidwa kuyeretsa madoko akale a xorg omangidwa ku zigawo zomwe sizikuthandizidwanso, mwachitsanzo, doko la x11/libXp lachotsedwa, ndipo x11/Xxf86misc, x11-fonts/libXfontcache ndi graphics/libGLw madoko achotsedwa. ;

    • Ntchito yachitidwa kuti ipititse patsogolo chithandizo cha Java 11 ndi zotulutsidwa zatsopano mu FreeBSD, komanso kutumiza zosintha zina ku nthambi ya Java 8. Pambuyo pothandizira zinthu zatsopano za Java 11 monga Java Flight Recorder, HotSpot Serviceability Agent, HotSpot Debugger inakhazikitsidwa. ya FreeBSD, DTrace, Javac Server, Java Sound ndi SCTP, ntchito yasintha ndikuwonetsetsa kuti mayeso onse ogwirizana adutsa. Chiwerengero cha zolephera podutsa mayeso chachepetsedwa kuchoka pa 50 mpaka 2;
    • KDE Plasma desktop, KDE Frameworks, KDE Applications ndi Qt zimasungidwa mpaka pano ndikusinthidwa mpaka zatsopano;
    • Madoko okhala ndi desktop ya Xfce asinthidwa kuti amasulidwe 4.14;
    • Mtengo wa madoko a FreeBSD wadutsa madoko a 38000, kuchuluka kwa ma PR osatsekedwa ndikupitilira pang'ono 2000, pomwe ma 400 PRs sanathenso. Panthawi yopereka lipoti, zosintha 7340 zidapangidwa ndi opanga 169. Otsatira awiri atsopano (Santhosh Raju ndi Dmitri Goutnik) adalandira ufulu wochita nawo ntchito. Kutulutsidwa kwatsopano kwa pkg 1.12 phukusi woyang'anira kwasindikizidwa, mothandizidwa ndi zokutira pamtengo wamadoko ndikuyeretsa bsd.sites.mk. Zina mwazosintha zofunikira pamadoko ndi: Lazarus 2.0.4, LLVM 9.0, Perl5.30, PostgreSQL 11, Ruby 2.6, Firefox 69.0.1, Firefox-esr 68.1.0, Chromium 76.0;
    • Ntchito yopititsa patsogolo ntchito ikupitirira ClonOS, kutukuka kugawa kwapadera poyika zida zopangira seva. Pankhani ya ntchito zomwe imathetsa, ClonOS imafanana ndi machitidwe monga Proxmox, Triton (Joyent), OpenStack, OpenNebula ndi Amazon AWS, kusiyana kwakukulu komwe ndiko kugwiritsa ntchito FreeBSD komanso kuthekera koyendetsa, kutumiza ndi kuyang'anira zida za FreeBSD Jail ndi malo enieni otengera Bhyve ndi Xen hypervisors. Zosintha zaposachedwa zikuphatikiza chithandizo
      cloud-init ya Linux/BSD VM ndi cloudbase-init ya Windows VM, kuyamba kusintha kugwiritsa ntchito zithunzi zachibadwidwe, pogwiritsa ntchito Jenkins CI poyesa kumanga ndi malo atsopano a pkg oyika.
      ClonOS kuchokera phukusi.

Source: opennet.ru

Kuwonjezera ndemanga