I-ProHoster > Π‘Π»ΠΎΠ³ > izindaba ze-inthanethi > I-FreeBSD Development Report Q2019 XNUMX

I-FreeBSD Development Report Q2019 XNUMX

eshicilelwe umbiko ngokuthuthukiswa kwephrojekthi ye-FreeBSD kusukela ngoJulayi kuya kuSepthemba 2019. Izinguquko zihlanganisa:

  • Imibuzo ejwayelekile kanye nesistimu
    • Ithimba le-Core ngokuvamile ligunyaze ukufakwa kwekhodi enelayisensi ye-BSD nesivumelwano esengeziwe selungelo lobunikazi (I-BSD+Patent), kodwa isinqumo sokufaka ingxenye ngayinye ngaphansi kwale layisensi ohlelweni kufanele sigunyazwe ngokwehlukana;
    • Umhlangano wokuqala weqembu elisebenzayo owakhiwe ukuze wenze ukuthuthwa kwamakhodi omthombo kusukela ohlelweni lokuphatha amakhodi omthombo ophakathi Ukuguqulwa kusistimu ye-Git ehlukaniselwe indawo kwenzeka. Ingxoxo yokufaneleka kokufuduka isaqhubeka, futhi izindaba eziningi kusazonqunywa ngazo (isibonelo, ukuthi kusingathwa kanjani ne-contrib/, ukuthi kungavuselelwa ama-hashes endaweni yamanje ye-git, kanye nendlela engcono kakhulu yokuqalisa ukuhlolwa kokuzibophezela);
    • Kusuka ku-NetBSD ported ikhithi yamathuluzi ye-KCSAN (Kernel Concurrency Sanitizer), ekuvumela ukuthi ubone ukwenzeka kwezimo zomjaho phakathi kwemicu ye-kernel egijima kuma-CPU ahlukene;
    • Umsebenzi uyaqhubeka wokusebenzisa i-assembler eyakhelwe ngaphakathi ka-Clang (IAS) esikhundleni sesihlanganisi esisuka kumabhinuthi e-GNU;
    • Ingqalasizinda ye-Linux yokulingisa imvelo (i-Linuxulator) iguqulelwe ukuze isebenze ekwakhiweni kwe-ARM64. Ucingo lwesistimu lwe-"renameat2" selusetshenzisiwe. Insiza ye-strace ithuthukisiwe ukuze kuhlonzwe izinkinga ku-Linux esebenzisekayo esebenza ku-Linuxulator. Kulungiswe ukuphahlazeka lapho kuxhunywa okusebenzisekayo ne-glibc entsha. Amachweba anezingxenye ze-Linux ze-Linuxulator avuselelwe ku-CentOS 7.7;
    • Njengengxenye yohlelo lwe-Google Summer of Code, abafundi baphothule ngempumelelo amaphrojekthi ayisithupha: ukuqaliswa kokusetshenziswa kwe-ping okuhlanganisiwe (IPv4 / IPv6) kwalungiselelwa, kwathuthukiswa amathuluzi okuhlola izindonga zomlilo nokubona amaphutha ku-kernel (Kernel sanitizer), i-mac_ipacl. imodyuli yahlongozwa, futhi ikhodi yabhalwa ukucindezela inkumbulo ebonakalayo futhi umsebenzi wenziwe ukuhlukanisa inqubo yokwakha amachweba ekufakweni kwendawo;
    • Iphrojekthi yokuhlola i-fuzz kernel ye-FreeBSD usebenzisa isistimu syzkaller. Phakathi nesikhathi sokubika, ngosizo lwe-syzkaller, amaphutha angaphezu kweshumi ahlonziwe futhi aqedwa. Ukuze usebenzise i-syzkaller emishinini ebonakalayo esekelwe ku-bhyve, iseva ehlukile yabelwe, futhi isebenzisa
      I-syzbot ihlola amasistimu angaphansi ahlukahlukene e-FreeBSD kungqalasizinda ye-Google. Ukudluliswa kolwazi mayelana nakho konke ukuphahlazeka kusevisi ye-backtrace.io kuhlelwe ukuze kube lula ukuqoqa nokuhlaziya;

    • Umsebenzi uyaqhubeka wokuvuselela ukuqaliswa kwe-zlib ezingeni le-kernel.
      Ikhodi ehlobene nokucindezelwa isusiwe ku-zlib 1.0.4, eyakhululwa eminyakeni engu-20 edlule, yayiswa ku-zlib 1.2.11 codebase yamanje. I-compress, compress2, kanye nemisebenzi ye-uncompress yengezwe ku-kernel ukuhlanganisa ukufinyelela ku-zlib. Ikhodi ehlinzeka ngephrothokholi ye-PPP esuka kusistimu engaphansi ye-netgraph ishintshiwe ukuze kusetshenziswe ukuqaliswa kwesistimu ye-zlib, esikhundleni sohlelo lomdabu lwale labhulali. I-subsystems kern_ctf.c, opencryptodeflate, geom_uzip, subr_compressor,
      if_mxge, bxe ibuyekeziwe futhi ng_deflate;

    • I-kernel interface entsha iyathuthukiswa sysclininfo, ekuvumela ukuthi uthole izakhi kusisekelo sepharamitha ye-sysctl, ecutshungulwe ngendlela ye-MIB (Isisekelo Solwazi Lokuphatha), futhi udlulisele ulwazi olumayelana nezinto endaweni yomsebenzisi.
  • Ukuphepha
    • Imojuli ye-Kernel ithuthukisiwe mac_ipacl, ngokusekelwe ku-TrustedBSD MAC Framework nokusebenzisa isistimu yokulawula ukufinyelela kuzilungiselelo zenethiwekhi yezindawo zasejele. Isibonelo, usebenzisa i-mac_ipacl, umlawuli wesistimu yokusingatha angavimbela umsebenzisi wempande endaweni yejele ekuguquleni noma ekusetheni amakheli e-IP noma izilungiselelo ze-subnet yezindawo ezithile zenethiwekhi. Uhlelo Lokulawula Ukufinyelela Okuphoqelekile oluhlongozwayo kuvumela setha izinhlu zamakheli e-IP namanethi angaphansi avunyelwe Ejele, unqabele ukufakwa kwama-IP athile namanethi angaphansi Ejele, noma ukhawulele izinguquko zepharamitha kuphela kokusebenzelana kwenethiwekhi okuthile;
    • I-Intel inikele ngembobo yesitaki sesofthiwe kuphrojekthi I-TPM 2.0 (I-Trusted Platform Module) yokusebenzelana ne-chip yekhompuyutha evikelekile, evame ukusetshenziselwa ukuqalisa okuqinisekisiwe kwe-firmware ne-OS bootloader. Izingxenye zesitaki zinikezwa ngohlobo lwe-securtity/tpm2-tss, security/tpm2-tools, kanye nezimbobo zokuphepha/tpm2-abrmd. Imbobo ye-tpm2-tss ifaka phakathi imitapo yolwazi yokusebenzisa i-TPM2 API, i-tpm2-tools ihlinzeka ngezinsiza zomugqa womyalo wokwenza imisebenzi ye-TPM, futhi i-tpm2-abrmd iqukethe inqubo yangemuva ngokusetshenziswa kwezingxenye ze-TPM Access Broker kanye neSiphathi Sensiza ezicela okuningi kuzo. abasebenzisi abahlukene be-TPM kudivayisi eyodwa. Ngaphezu kwe-boot eqinisekisiwe ku-FreeBSD, i-TPM ingasetshenziswa ukuthuthukisa ukuphepha kwe-Strongswan IPsec, SSH, ne-TLS ngokwenza imisebenzi ye-cryptographic ku-chip ehlukile;
    • I-kernel ye-amd64 architecture ishintshwa ukuze ilayishwe kusetshenziswa indlela yokuvikela i-W^X (bhala XOR execute), okusho ukuthi amakhasi enkumbulo awakwazi ukutholakala ngesikhathi esisodwa ukuze kubhalwe futhi kusetshenziswe (i-kernel manje ingalayishwa kusetshenziswa amakhasi enkumbulo asebenzisekayo asetshenziswayo). ukubhala kukhutshaziwe). Indlela entsha yokuvikela i-kernel ifakiwe egatsheni le-HEAD futhi izoba yingxenye yokukhishwa kwe-FreeBSD 13.0 kanye ne-12.2;
    • Okwezingcingo ze-mmap ne-mprotect system kwenziwe i-PROT_MAX() macro, evumela ukunquma isethi yamafulegi akhawulelwe ukufinyelela (PROT_READ, PROT_WRITE, PROT_EXEC) avumeleke kwezinye izinguquko. Ngokusebenzisa i-PROT_MAX(), umthuthukisi angavimbela ukudluliswa kwendawo yenkumbulo esigabeni esisebenzisekayo noma acele inkumbulo engakuvumeli ukuqaliswa, kodwa kamuva engadluliselwa kokuthi okusebenzisekayo. Isibonelo, indawo yenkumbulo ingase ivulekele ukubhala kuphela isikhathi sokuxhumanisa okuguquguqukayo noma ukukhiqizwa kwekhodi ye-JIT, kodwa ngemva kokuqedwa kokubhala, ilinganiselwe kuphela ekufundeni nasekusebenziseni, futhi esikhathini esizayo, uma kwenzeka ebucayini, umhlaseli ngeke akwazi ukuvumela ukubhala kwale block yememori. Ngokungeziwe kokuthi PROT_MAX(), i-sysctl vm.imply_prot_max nayo iyasetshenziswa, okuthi, lapho yenziwe isebenze, inqume isethi yamafulegi avumelekile ngokusekelwe kumapharamitha okuqala ocingo lokuqala lwe-mmap;
    • Ukuze kuqiniswe ukuvikeleka ekuxhashazweni ngobungozi, ngaphezu kwenqubo ye-space randomisation (ASLR), kuhlongozwa indlela yokwenza okungahleliwe kwezinkomba ezibhekana nohlaka lwesitaki sokuqala kanye nezakhiwo ezibekwe esitakini ngolwazi olumayelana nemvelo, imingcele yokuqalisa uhlelo, kanye nedatha yezithombe ezisebenzisekayo ngefomethi ye-ELF;
    • Umsebenzi wenziwe ukususa okungaphephile uthola umsebenzi ku-libc (kusukela ngezinga le-C11, lo msebenzi awubandakanyi ekucacisweni) kanye nokulungisa izimbobo ezisasebenzisa lo msebenzi. Ushintsho luhlelelwe ukuthi lunikezwe kuFreeBSD 13.0;
    • Kwasungulwa iphrojekthi yokuhlola ukuze kwakhiwe amathuluzi okuhlelwa kwezindawo zasejele ngokusekelwe ohlakeni Ibhodlela ukudala nokuthekelisa izithombe, ezisetshenziswa ngokufanayo ku-Docker, kanye nomshayeli nomad, okunikeza isixhumi esibonakalayo sokuqalisa ngokuguqukayo izinhlelo zokusebenza endaweni yejele. Imodeli ehlongozwayo ivumela ukuhlukanisa izinqubo zokudala izindawo zejele kanye nokufaka izicelo kuzo. Enye yezinjongo zale phrojekthi ukuhlinzeka ngezindlela zokuxhaphaza amajele afana namakhonteyina e-Docker;
  • Isitoreji namasistimu wefayela
    • Ukusuka ku-NetBSD kuya kuhlelo lokusebenza lwe-"makefs". ihlelwe kabusha ukwesekwa kohlelo lwefayela le-FAT (msdosfs). Izinguquko ezilungiselelwe zikuvumela ukuthi udale izithombe ze-FS nge-FAT ngaphandle kokusebenzisa umshayeli we-md futhi ngaphandle kwamalungelo empande;
    • Umshayeli wesistimu engaphansi ye-FUSE (Isistimu yefayela ku-USerspace) usetshenzwe kabusha, okuvumela ukudala ukuqaliswa kwezinhlelo zamafayela endaweni yomsebenzisi. Umshayeli owathunyelwa ekuqaleni wayequkethe izimbungulu eziningi futhi wayesekelwe ku-FUSE 7.8 ekhishwe eminyakeni engu-11 edlule. Njengengxenye yephrojekthi yokuthuthukisa umshayeli, ukusekelwa kwephrothokholi ye-FUSE 7.23 kwaqaliswa, ikhodi yengezwa ukuhlola izimvume ohlangothini lwe-kernel ("-o default_permissions"), VOP_MKNOD, VOP_BMAP kanye nezingcingo ze-VOP_ADVLOCK zengeziwe, ikhono lokuphazamisa ukusebenza kwe-FUSE lenziwe. kwengezwe, ukusekelwa kwamapayipi angashiwongo kanye nezisekelo ze-unix kwengezwe kuma-fusefs, kwaba nokwenzeka ukusebenzisa i-kqueue ye-/dev/fuse, ukuvuselela amapharamitha wokukhweza nge-"mount -u" kuvunyelwe, ukusekelwa kokuthekelisa ama-fusefs nge-NFS kwengeziwe, ukubalwa kwe-RLIMIT_FSIZE esetshenzisiwe, amafulegi we-FOPEN_KEEP_CACHE kanye ne-FUSE_ASYNC_READ engeziwe, ukuthuthukiswa kokusebenza okubalulekile kwenziwa futhi nokuhlelwa kokulondoloza kwathuthukiswa. Umshayeli omusha ufakwe ekhanda nasemagatsheni azinzile/12 (kufakwe ne-FreeBSD 12.1);
    • Ukuqaliswa kwe-NFSv4.2 (RFC-7862) kwe-FreeBSD sekuzoqedwa. Ngesikhathi sokubika, bekugxilwe ekuhloleni. Ukuhlolwa kokuhambisana nokusetshenziswa kwe-Linux kuqediwe, kodwa ukuhlolwa kweseva ye-pNFS nge-NFSv4.2 kusaqhubeka. Sekukonke, ikhodi isivele icatshangwa ukuthi isilungele ukuhlanganiswa nekhanda/amagatsha amanje eFreeBSD. Inguqulo entsha ye-NFS yengeza ukusekelwa kwe-posix_fadvise, imisebenzi ye-posix_fallocate, izindlela ze-SEEKHOLE/SEEKDATA ku-lseek, ukukopishwa kwendawo kwezingxenye zefayela kuseva (ngaphandle kokudluliselwa kuklayenti);
  • Usekelo Lwezingxenyekazi zekhompuyutha
    • Uqale iphrojekthi yokuthuthukisa i-FreeBSD kumakhompyutha aphathekayo. Ithuluzi lokuqala elizohlolwa ukuze lithole ukwesekwa kwehadiwe kuFreeBSD kwakuyisizukulwane sesikhombisa iLenovo X1 Carbon laptop;
    • I-CheriBSD, imfoloko ye-FreeBSD yokwakhiwa kwephrosesa yocwaningo I-CHERI (Iziqondiso Ze-RISC Ezithuthukisiwe Ze-Hardware Ethuthukisiwe), ithuthukisiwe ukuze isekele iphrosesa ye-ARM Morello ezayo, ezosekela isistimu yokulawula ukufinyelela kwenkumbulo ye-CHERI ngokusekelwe kumodeli yezokuphepha ye-Capsicum. Morello chip bayahlela ikhishwe ngo-2021. Abathuthukisi be-CheriBSD futhi bayaqhubeka nokuqapha ukuthuthukiswa kwe-CHERI prototype esekelwe ekwakhiweni kwe-MIPS;
    • Ukusekelwa okunwetshiwe kwama-chips e-RockChip RK3399 asetshenziswa kumabhodi e-RockPro64 kanye ne-NanoPC-T4. Ukuthuthukiswa okuphawulekayo kwaba ukwesekwa kwe-EMMC kanye nokuthuthukiswa komshayeli omusha wesilawuli se-EMMC esisetshenziswe ebhodini;
    • Umsebenzi uqhubekile ekusebenziseni ukusekelwa kwe-ARM64 SoC Broadcom BCM5871X enamaphrosesa e-ARMv8 Cortex-A57 okuhloswe ngawo ukusetshenziswa kumarutha, amasango, kanye ne-NAS. Ngesikhathi sokubika
      ukwesekwa okunwetshiwe kwe-iProc PCIe futhi yengeza amandla okusebenzisa i-hardware cryptographic operations ukusheshisa i-IPsec.
      Ukuhlanganiswa kwekhodi egatsheni le-HEAD kulindeleke kwikota yesine;

    • Sekwenziwe inqubekelaphambili enkulu ekuthuthukisweni kwembobo yeFreeBSD yesikhulumi se-powerpc64. Okugxilwe ekuhlinzekeni ukusebenza kwekhwalithi kumasistimu ane-IBM POWER8 kanye ne-POWER9 processors, kodwa kusekelwa ngokuzikhethela kuma-Apple Power Mac amadala, i-x500 ne-Amiga A1222. Igatsha le-powerpc*/12 liyaqhubeka nokuthunyelwa nge-gcc 4.2.1, futhi igatsha le-powerpc*/13 maduze lizothuthelwa ku-llvm90. Kumachweba angama-33306, angama-30514 ahlanganiswe ngempumelelo;
    • Ukuthuthwa kwe-FreeBSD ku-NXP LS64A 1046-bit SoC okusekelwe ku-ARMv8 Cortex-A72 processor enenjini ehlanganisiwe yokucubungula iphakethe lenethiwekhi, i-10 Gb Ethernet, i-PCIe 3.0, i-SATA 3.0 ne-USB 3.0 kuqhubekile. Phakathi nesikhathi sokubika, ukusekelwa kwe-USB 3.0, SD/MMC, I2C, DPAA network interface kanye ne-GPIO kwasetshenziswa. Sihlela ukusekela i-QSPI futhi sithuthukise ukusebenza kwesixhumi esibonakalayo senethiwekhi. Ukuqedwa nokufakwa egatsheni le-HEAD kulindeleke ku-Q4 2019;
    • Umshayeli we-ena ubuyekeziwe ukuze asekele isizukulwane sesibili sama-adaptha enethiwekhi we-ENAv2 (Elastic Network Adapter) asetshenziswa kungqalasizinda ye-Elastic Compute Cloud (EC2) ukuze kuhlelwe ukuxhumana phakathi kwamanodi e-EC2 ngesivinini esingafika ku-25 Gb/s. Kwengezwe futhi kwavivinywa ukwesekwa kwe-NETMAP kumshayeli we-ena, futhi kwalungiswa ukwakheka kwememori ukuze kunikwe amandla imodi ye-LLQ ezindaweni ze-Amazon EC2 A1;
  • Izicelo kanye nohlelo lwamachweba
    • Izingxenye zesitaki sezithombe ezibuyekeziwe nezimbobo ezihlobene ne-xorg. Izimbobo ezisebenzisa i-USE_XORG ne-XORG_CAT zithuthelwe kuhlaka lwe-USES esikhundleni sokubiza bsd.xorg.mk nge-bsd.port.mk. Izimbobo ezinjalo manje zihlanganisa ifulegi elithi "USES=xorg" kuma-makefiles azo. Umsebenzi we-XORG_CAT ukhishiwe ku-bsd.xorg.mk futhi manje usunikwe amandla ngefulegi elithi "USES=xorg-cat". Amathuluzi angeziwe okukhiqiza ngokuqondile izimbobo ze-xorg kusuka endaweni yokugcina ye-git
      freedesktop.org, okuthi, ngokwesibonelo, ikuvumela ukuthi ukhiqize izimbobo zezinguqulo ezingakakhululwa. Ngokuzayo, kuhlelwe ukuthi kulungiswe ikhithi yamathuluzi ukuze kusetshenziswe isistimu yokwakha i-meson esikhundleni sama-autotools ukwakha amachweba we-xorg.

      Kwenziwe umsebenzi wokuhlanza izimbobo ze-xorg ezindala eziboshelwe ezingxenyeni ezingasasekelwa, njengokususa imbobo ye-x11/libXp nokuhoxiswa kwe-x11/Xxf86misc, x11-fonts/libXfontcache kanye nezimbobo zegraphic/libGLw;

    • Umsebenzi wenziwe ukuthuthukisa ukusekelwa kwe-Java 11 nokukhishwa okusha ku-FreeBSD, kanye nokuthumela izinguquko ezithile egatsheni le-Java 8. Njengoba i-FreeBSD isebenzise ukusekelwa kwezici ezintsha ze-Java 11 ezifana ne-Java Flight Recorder, i-HotSpot Serviceability Agent, i-HotSpot Debugger , I-DTrace, iseva ye-Javac, i-Java Sound ne-SCTP, umsebenzi usushintshele ekuqinisekiseni ukuthi zonke izivivinyo zokusebenzisana ziyaphumelela. Isibalo sokwehluleka uma uphumelela izivivinyo sehlisiwe sisuka ku-50 saya ku-2;
    • Ideskithophu ye-KDE Plasma, i-KDE Frameworks, i-KDE Applications kanye ne-Qt igcinwa isesikhathini samanje futhi ithuthukela ekukhishweni kwakamuva;
    • Amachweba anedeskithophu ye-Xfce avuselelwe ukuze akhishwe 4.14;
    • Isihlahla samachweba weFreeBSD sesidlule ingqophamlando yamachweba angama-38000, inani lamachweba avulekile lingaphezudlwana kuka-2000, lapho ama-PRs angama-400 asalindile. Phakathi nesikhathi sokubika, izinguquko ezingu-7340 zenziwe ngabathuthukisi abangu-169. Abanikeli ababili abasha (u-Santhosh Raju no-Dmitri Goutnik) bathole amalungelo omsebenzi. Ukukhishwa okusha komphathi wephakheji we-pkg 1.12 kushicilelwe ngokusekelwa kokumbondelana esihlahleni samachweba kanye nokuhlanza i-bsd.sites.mk. Izibuyekezo ezibalulekile zenguqulo yembobo zihlanganisa: Lazarus 2.0.4, LLVM 9.0, Perl5.30, PostgreSQL 11, Ruby 2.6, Firefox 69.0.1, Firefox-esr 68.1.0, Chromium 76.0;
    • Ukuthuthukiswa kwephrojekthi kuyaqhubeka I-ClonOS, ukuthuthukisa ikhithi yokusabalalisa ekhethekile yokuthumela ingqalasizinda yeseva ebonakalayo. Mayelana nemisebenzi okufanele ixazululwe, i-ClonOS ifana nezinhlelo ezifana ne-Proxmox, i-Triton (Joyent), i-OpenStack, i-OpenNebula ne-Amazon AWS, umehluko omkhulu kuwo ukusetshenziswa kwe-FreeBSD kanye nekhono lokuphatha, ukuthumela nokuphatha iziqukathi ze-FreeBSD Jail izindawo ezibonakalayo ezisuselwe ku-Bhyve kanye ne-Xen hypervisors. Ezinguqukweni zakamuva, kukhona ukwesekwa
      I-cloud-init ye-Linux/BSD VM kanye ne-cloudbase-init ye-Windows VM, ukuqala kokushintshela ezithombeni zomdabu, ukusetshenziswa kwe-Jenkins CI yokuhlola ukwakha kanye nekhosombe entsha ye-pkg ukuze ifakwe.
      I-ClonOS kusuka kumaphakheji.

Source: opennet.ru

Engeza amazwana