ProHoster > Blog > internet nhau > YemaharaBSD Q2019 XNUMX Progress Report

YemaharaBSD Q2019 XNUMX Progress Report

rakabudiswa Chirevo pamusoro pekuvandudzwa kweiyo FreeBSD chirongwa kubva muna Kubvumbi kusvika Chikumi 2019. Pakati pekuchinja kwatinogona kuona:

  • General uye systemic nyaya
    • Chikwata cheCore chakafunga kumisa boka rinoshanda kuti riongorore mukana wekufambisa sosi kodhi kubva kune yepakati Subversion sosi control system kuenda kune yakatemerwa Git system.
    • Yakaitisa fuzz kuyedzwa kweFreeBSD kernel uchishandisa system syzkaller uye nhamba yezvikanganiso zvakaonekwa zvakagadziriswa. Yakawedzera dhizaini yekuyedzwa kwefuzzing yemaraibhurari kuti ienderane neiyo 32-bit nharaunda pane masisitimu ane 64-bit kernel. Iko kugona kumhanya syzkaller mu-bhyve-based virtual machines kwaitwa. Padanho rinotevera, zvakarongwa kuwedzera kufukidzwa kwekuyedzwa kwekufona kwehurongwa, shandisa LLVM sanitizer kutarisa kernel, shandisa netdump kuchengetedza kernel dumps panguva yekupaza panguva yekuyedzwa kwefuzzing, nezvimwe.
    • Basa ratanga pakugadzirisa zlib kuitiswa padanho re kernel. Kuti kernel iwane zlib kodhi, iyo contrib/zlib dhairekitori yakatumidzwa zita rekuti sys/contrib/zlib, uye iyo crc.h musoro faira yakatumidzwa zvakare kuti kudzivirira kunetsana nezlib/crc.h. Yakacheneswa kodhi yenhaka yaienderana nezlib uye inflate. Zvadaro, zvakarongwa kupa kukwanisa kuvaka kernel panguva imwe chete neyekare uye itsva zlib yekuendesa zvishoma nezvishoma kune shanduro itsva yemabasa anoshandisa compression;
    • Iyo Linux nharaunda emulation infrastructure (Linuxulator) yakagadziridzwa. Kuwedzera rutsigiro rweLinux debugging zvishandiso senge strace utility. Iyo linux-c7-strace package yakawedzerwa kumadoko, ayo anogona kushandiswa kuteedzera Linux mafaera panzvimbo peyakajairwa truss uye ktrace zvishandiso, izvo zvisati zvave kudhidha mamwe maLinux-chaiwo mireza uye zvimiro. Pamusoro pezvo, iyo linux-ltp package ine Linux Test Project executables yawedzerwa uye nyaya dzekuenderana nezvinoitwa zvine chekuita neshanduro itsva dzeglibc dzakagadziriswa;
    • Kuitwa kwekunonoka kwekushanda kwekusagadziriswa kwemaitiro epmap kwakaendeswa kune kushandiswa kwemutsara wekugadzirisa algorithm inoshanda pasina kukiya, iyo yakaita kuti zvikwanise kugadzirisa matambudziko e scalability pakuita nhamba huru yeparallel unmap mashandiro;
    • Iyo nzira yekuvharisa vnode panguva yekuitwa kwehurongwa hwekufona kwe execve () mhuri yakashandurwa, izvo zvaita kuti zvikwanisike kuwana hunyanzvi hwekuwedzera panguva imwe chete kuita execve () yefaira rimwechete (semuenzaniso, paunenge uchiita mashandiro egungano neparallelization. yekutanga komputa);
  • Chengetedzo
    • Iyo bhyve hypervisor inoenderera mberi nekuvandudza rutsigiro rweKurarama kutama kwenzvimbo dzevaenzi kubva kune mumwe muenzi kuenda kune mumwe uye Chengetedza / Kudzoreredza mashandiro, ayo anobvumidza iwe kuomesa hurongwa hwevaenzi, kuchengetedza nyika kufaira, uye wobva watangazve kuuraya.
    • Kuburikidza nekushandiswa kwe libvdsk raibhurari, bhyve yakawedzera tsigiro yemifananidzo yedhisiki muiyo QCOW2 fomati. Inoda kuiswa kuti ishande
      yakanyatsogadziridzwa vhezheni ye bhyve, iyo yakashandurwa kuti ishandise faira mashandiro ekubata kwakavakirwa pa libvdsk. Munguva yekubika, libvdsk yakaitawo basa rekurerutsa kubatanidzwa kwerutsigiro rwemafomati matsva, kuvandudzwa kwekuverenga nekunyora kuita, uye yakawedzera rutsigiro rweCopy-On-Write. Pamabasa akasara, kubatanidzwa kwe libvdsk muchimiro chikuru che bhyve chinoonekwa;

    • Iyo sisitimu yekuunganidza ruzivo rwetraffic yawedzerwa kumachiteshi
      Maltrail, iyo inokubvumira kuti ugadzire misungo yezvikumbiro zvakashata zvetiweki (IPs uye domains kubva kune blacklists inotariswa) uye kutumira ruzivo pamusoro pebasa rakaonekwa kune centralized server yekuvhara kunotevera kana kuongororwa kwekuedza kurwisa;

    • Mapuratifomu akawedzerwa kumachiteshi ekuona kurwiswa, kuongorora matanda uye kutarisa kutendeseka kwefaira Wazuh (forogo yeOssec nerutsigiro rwekubatanidza ne ELK-Stack);
  • Network subsystem
    • Mutyairi weena akagadziridzwa kuti atsigire chizvarwa chechipiri cheENAv2 (Elastic Network Adapter) network adapters inoshandiswa muElastic Compute Cloud (EC2) zvivakwa kuronga kutaurirana pakati peEC2 node nekumhanya kunosvika 25 Gb/s. NETMAP rutsigiro rwakawedzerwa kune ena mutyairi.
    • FreeBSD HEAD inotora itsva MMC/SD stack, yakavakirwa paCAM chimiro uye ichikubvumidza kuti ubatanidze zvishandiso neSDIO (Yakachengeteka Digital I/O) interface. Semuenzaniso, SDIO inoshandiswa muWiFi uye Bluetooth modules kune akawanda mabhodhi, akadai seRaspberry Pi 3. Iyo itsva stack zvakare inobvumira iyo CAM interface kuti ishandiswe kutumira SD mirairo kubva kune zvikumbiro munzvimbo yemushandisi, izvo zvinoita kuti zvikwanise kugadzira mudziyo. vatyairi vanoshanda pamwero wevashandisi. Basa ratanga pakugadzira madhiraivha eBroadcom isina waya machipi anoshanda muFullMAC modhi (padivi re chip inomhanyisa senge yayo yekushandisa system ine mashandisiro eiyo 802.11 isina waya stack);
    • Basa riri kuenderera mberi rekushandisa NFSv4.2 (RFC-7862) yeFreeBSD. Iyo itsva vhezheni yeNFS inowedzera tsigiro ye posix_fadvise, posix_fallocate mabasa, SEEKHOLE/SEEKDATA modhi mulseek, uye kushanda kwekukopa kwenzvimbo kwezvikamu zvefaira paseva (pasina kuendeswa kune mutengi).

      FreeBSD parizvino inopa rubatsiro rwekutanga kune iyo LayoutError, IOAdvise, Allocate, uye Copy mashandiro. Chasara kuita mashandiro eKutsvaga anodiwa kushandisa lseek(SEEKHOLE/SEEKDATA) neNFS. NFSv4.2 rutsigiro rwakarongerwa FreeBSD 13;

  • Kuchengetedza uye mafaira maitiro
    • Iyo purojekiti yekugadzirazve mutyairi weFUSE (File system muUSerspace) subsystem, iyo inobvumira kugadzira mashandisirwo emafaira masisitimu munzvimbo yevashandisi, yave pedyo nekupedzwa. Mutyairi waakapihwa kare uye ane tsikidzi dzakawanda. Sechikamu chepurojekiti yekuvandudza mutyairi, rutsigiro rweFUSE 7.23 protocol yakaitwa (yaimbova vhezheni 7.8, yakaburitswa makore gumi nerimwe apfuura yakatsigirwa), kodhi yakawedzerwa kutarisa kodzero dzekuwana padivi rekernel ("-o default_permissions"). VOP_MKNOD, VOP_BMAP uye VOP_ADVLOCK yakawedzerwa, kugona kukanganisa FUSE mashandiro, yakawedzera tsigiro yemapombi asina kudomwa uye unix zvigadziko mumafusefs, kugona kushandisa kqueue ye / dev/fuse, inobvumidzwa kuvandudza mount paramita kuburikidza ne "mount -u", yakawedzera rutsigiro. yekutumira mafusef kunze kwenyika kuburikidza neNFS, yakaitwa RLIMIT_FSIZE accounting, yakawedzera FOPEN_KEEP_CACHE mireza uye FUSE_ASYNC_READ, mashandiro akakosha akaitwa uye caching sangano rakagadziridzwa;
    • Tsigiro yeBIO_DELETE oparesheni yakawedzerwa kune iyo swap pager kodhi, iyo inokutendera iwe kuti ushandise iyo TRIM kuraira paunenge uchibvisa zvidhinha kubva kune SSD madhiraivha kuti uwedzere hupenyu hwavo hwesevhisi.
  • Hardware rutsigiro
    • Basa rinoenderera mberi nekushandisa rutsigiro rweARM64 SoC Broadcom BCM5871X ine ARMv8 Cortex-A57 processors, ine chinangwa chekushandiswa mumarouter, magedhi uye network kuchengetedza. Munguva yekubika, rutsigiro rwemukati nekunze iProc PCIe mabhazi rwakavandudzwa, rutsigiro rweBNXT Ethernet rwakawedzerwa, uye basa riri kuenderera mberi rekushandisa yakavakirwa-mukati crypto injini kukurumidza IPsec. Kubatanidzwa kwekodhi mubazi reHEAD rinotarisirwa muhafu yechipiri yegore;
    • Basa ratanga parutsigiro rwe64-bit SoC NXP LS1046A yakavakirwa paARMv8 Cortex-A72 processor ine yakasanganiswa network packet processing acceleration engine, 10 Gb Ethernet, PCIe 3.0, SATA 3.0 uye USB 3.0. Tsigiro yepuratifomu (yakawanda-mushandisi SMP) uye SATA 3.0 yakatoitwa. Tsigiro ye USB 3.0, SD/MMC uye I2C iri mukuvandudzwa. Zvirongwa izvi zvinosanganisira rutsigiro rweEthernet, GPIO uye QSPI. Kupedzwa kwebasa uye kubatanidzwa mubazi reHEAD kunotarisirwa muchikamu chechina che4.
    • Yakagadziridzwa mlx5en uye mlx5ib madhiraivha eMellanox ConnectX-4 [Lx], ConnectX-5 [Ex], uye ConnectX-6 [Dx] Ethernet uye InfiniBand adapters. Yakawedzerwa rutsigiro rweMellanox Socket Direct (ConnectX-6) adapters, ichibvumira kubuda kweanosvika 200Gb/s paPCIe Gen 3.0 bhazi. Kune akawanda-musimboti BlueField machipisi, rutsigiro rweRShim mutyairi rwakawedzerwa. Iyo mstflint package ine seti yekuongorora zvinoshandiswa zveMellanox adapter yakawedzerwa kumadoko;
  • Zvishandiso uye port system
    • Graphics stack zvikamu zvakagadziridzwa. Iyo drm.ko (Direct Rendering Manager) mutyairi akatakurwa kubva kuLinux 5.0 kernel. Mutyairi uyu anoonekwa seyekuyedza uye akawedzerwa kumuti wechiteshi se graphics/drm-devel-kmod. Sezvo mutyairi achishandisa yakagadziridzwa Linux KPI chimiro kuti ienderane neLinux kernel DRM API, FreeBSD CURRENT inodiwa kumhanya. Iyo vboxvideo.ko drm mutyairi weVirtualBox virtual GPU yakatorwawo kubva kuLinux. Mesa package yakagadziridzwa kuburitsa 18.3.2 uye yakachinjirwa kushandisa LLVM kubva padevel/llvm80 port pachinzvimbo che devel/llvm60.
    • The FreeBSD ports tree yakapfuura 37000 ports, nhamba yePRs isina kuvharwa inoramba iri pa 2146. Munguva yekubika, 7837 shanduko dzakaitwa kubva kuvagadziri ve172. Vatatu vatori vechikamu vatsva vakagamuchira kodzero dzekuita. Pakati peakakosha vhezheni inogadziridzwa mumachiteshi ndeiyi: MySQL 5.7, Python 3.6, Ruby 2.5, Samba 4.8, Julia 1.0, Firefox 68.0, Chromium 75.0.3770.100. Yese Go ports yakashandurwa kuti ishandise "USES=go" mureza. Yakawedzera "USES=cabal" mureza kune Cabal package maneja inoshandiswa kuHaskell kodhi. Strict stack protection mode inogoneswa. Iyo yakasarudzika Python vhezheni ndeye 3.6 pane 2.7.
    • Kuburitswa kwekushandisa kwakagadzirirwa nsysctl 1.0, iyo inopa analogue ku /sbin/sysctl inoshandisa libxo yezvinobuda uye nekupa yakawedzera seti yezvisarudzo. Nsysctl inogona kushandiswa kutarisisa mamiriro e sysctl kukosha uye kupa ruzivo rwezvinhu muchimiro chakarongeka. Kubuda muXML, JSON uye HTML mafomati zvinogoneka;

Source: opennet.ru

Voeg