I-ProHoster > Блог > izindaba ze-inthanethi > Umbiko wenqubekelaphambili we-FreeBSD Q2019 XNUMX

Umbiko wenqubekelaphambili we-FreeBSD Q2019 XNUMX

eshicilelwe umbiko ngokuthuthukiswa kwephrojekthi ye-FreeBSD kusukela ngo-Ephreli kuya kuJuni 2019. Phakathi kwezinguquko singaziphawula:

  • Imibuzo ejwayelekile kanye nesistimu
    • Ithimba le-Core linqume ukusungula iqembu elisebenzayo ukuze lihlole ukuthi kungenzeka yini ukuhambisa ikhodi yomthombo isuke ohlelweni oluphakathi nendawo lokulawula umthombo we-Subversion iye ohlelweni lwe-Git olusabalalisiwe.
    • Kwenziwa ukuhlolwa kwe-fuzz kwe-FreeBSD kernel kusetshenziswa isistimu syzkaller futhi inani lamaphutha akhonjiwe alungiswa. Kwengezwe isendlalelo sokuhlola okufingqiwe kwemitapo yolwazi ukuze ihambisane nemvelo engu-32-bit kumasistimu ane-64-bit kernel. Ikhono lokusebenzisa i-syzkaller emishinini ebonakalayo esekwe ku-bhyve seliqalisiwe. Esigabeni esilandelayo, kuhlelwe ukuthi kunwetshwe ukumbozwa kokuhlolwa kwezingcingo zesistimu, sebenzisa i-sanitizer ye-LLVM ukuhlola i-kernel, sebenzisa i-netdump ukuze ulondoloze ukulahlwa kwe-kernel ngesikhathi sokuphahlazeka ngesikhathi sokuhlolwa kwe-fuzzing, njll.
    • Umsebenzi usuqalile ekubuyekezeni ukusetshenziswa kwe-zlib ezingeni le-kernel. Ukuze i-kernel ifinyelele ikhodi ye-zlib, inkomba ye-contrib/zlib yaqanjwa kabusha yaba yi-sys/contrib/zlib, futhi ifayela lesihloko se-crc.h laqanjwa kabusha ukuze kugwenywe ukungqubuzana ne-zlib/crc.h. Kuhlanzwe ikhodi yefa encike ku-zlib kanye ne-inflate. Okulandelayo, kuhlelwe ukunikeza ikhono lokwakha i-kernel ngesikhathi esisodwa ne-zlib endala nentsha ukuze kudluliselwe kancane kancane kunguqulo entsha yemisebenzi esebenzisa ukucindezela;
    • Ingqalasizinda yokulingisa imvelo ye-Linux (Linuxulator) ibuyekeziwe. Ukwesekwa okwengeziwe kwamathuluzi okulungisa amaphutha e-Linux njengensiza ye-strace. Iphakheji ye-linux-c7-strace yengeziwe emachwebeni, engasetshenziswa ukulandelela amafayela asebenzisekayo e-Linux esikhundleni sezinsiza ezijwayelekile ze-truss ne-ktrace, ezingakakwazi ukunquma amafulegi nezakhiwo ezithile ze-Linux. Ngaphezu kwalokho, iphakethe le-linux-ltp elinokuqaliswa kwe-Linux Test Project liye lanezelwa futhi izinkinga zokusebenzisana nezisebenzisekayo ezixhunywe nezinguqulo ezintsha ze-glibc sezixazululiwe;
    • Ukuqaliswa kokubambezeleka kokusebenza kokungavumelekile kumshini we-pmap kudluliselwe ekusetshenzisweni kwe-algorithm yokucubungula ulayini esebenza ngaphandle kokukhiya, okwenze kwaba nokwenzeka ukuxazulula izinkinga zokukala lapho kwenziwa inombolo enkulu yemisebenzi yokungamephuwi okuhambisanayo;
    • Indlela yokuvimbela i-vnode ngesikhathi kusetshenziswa izingcingo zesistimu yomndeni we-execve() ishintshiwe, okwenze kwaba nokwenzeka ukuzuza ukusebenza kahle okwengeziwe lapho ngesikhathi esifanayo kwenziwa i-execve() yefayela elifanayo (isibonelo, lapho kwenziwa imisebenzi yokuhlanganisa ngokufana. ukuqaliswa komhlanganisi);
  • Ukuphepha
    • I-hyve hypervisor iyaqhubeka nokuthuthukisa ukusekelwa kokufuduka okubukhoma kwezindawo zezihambeli zisuka komunye umsingathi ziye komunye kanye nomsebenzi Wokulondoloza/Buyisela, okuvumela ukuthi umise isistimu yesivakashi, ulondoloze isimo kufayela, bese uqalisa kabusha ukwenza.
    • Ngokusebenzisa umtapo wezincwadi we-libvdsk, i-bhyve yengeze ukusekelwa kwezithombe zediski ngefomethi ye-QCOW2. Idinga ukufakwa ukuze isebenze
      ilungiswe ngokukhethekile inguqulo ye-bhyve, eguqulelwe ukusebenzisa izibambi zokusebenza kwefayela ngokusekelwe ku-libvdsk. Ngesikhathi sokubika, i-libvdsk iphinde yenze umsebenzi wokwenza lula ukuhlanganisa kosekelo lwamafomethi amasha, ukusebenza okuthuthukisiwe kokufunda nokubhala, nokusekelwa okwengeziwe kokuthi Kopisha-Bhala. Emisebenzini esele, ukuhlanganiswa kwe-libvdsk esakhiweni esiyinhloko se-bhyve kuyaphawulwa;

    • Uhlelo lokuqoqa imininingwane yethrafikhi yengezwe ezikhumulweni zemikhumbi
      Maltrail, okukuvumela ukuthi udale izicupho zezicelo zenethiwekhi ezinonya (ama-IP nezizinda ezivela ohlwini lwabavinjelwe ziyahlolwa) futhi uthumele ulwazi mayelana nomsebenzi otholiwe kuseva ephakathi nendawo ukuze kuvinjwe noma kuhlaziywe imizamo yokuhlasela;

    • Izinkundla zengeziwe ezikhumulweni ukuze kutholwe ukuhlaselwa, ukuhlaziya amalogi nokuqapha ubuqotho befayela Wazuh (imfoloko ye-Ossec ngokusekelwa kokuhlanganiswa ne I-ELK-Stack);
  • Isistimu engaphansi yenethiwekhi
    • Isishayeli se-ena sibuyekeziwe ukuze sisekele isizukulwane sesibili sama-adaptha enethiwekhi e-ENAv2 (Elastic Network Adapter) asetshenziswa kungqalasizinda ye-Elastic Compute Cloud (EC2) ukuze kuhlelwe ukuxhumana phakathi kwamanodi e-EC2 ngesivinini esingafika ku-25 Gb/s. Usekelo lwe-NETMAP lwengeziwe kumshayeli we-ena.
    • I-FreeBSD HEAD yamukela isitaki esisha se-MMC/SD, esisekelwe ohlakeni lwe-CAM futhi ikuvumela ukuthi uxhume amadivayisi ngesixhumi esibonakalayo se-SDIO (Secure Digital I/O). Isibonelo, i-SDIO isetshenziswa kumamojula we-WiFi ne-Bluetooth kumabhodi amaningi, njenge-Raspberry Pi 3. Isitaki esisha siphinde sivumele isixhumi esibonakalayo se-CAM ukuthi sisetshenziselwe ukuthumela imiyalo ye-SD kusuka kuzinhlelo zokusebenza endaweni yomsebenzisi, okwenza kube nokwenzeka ukudala idivayisi. abashayeli abasebenza ezingeni lomsebenzisi. Usuqalile umsebenzi wokwakha abashayeli bama-chips angenawaya e-Broadcom asebenza ngemodi ye-FullMAC (ohlangothini lwe-chip isebenzisa ukufana kwesistimu yayo yokusebenza ngokusetshenziswa kwesitaki sayo esingenantambo esingu-802.11);
    • Umsebenzi uyaqhubeka ukuze kusetshenziswe i-NFSv4.2 (RFC-7862) ye-FreeBSD. Inguqulo entsha ye-NFS yengeza ukusekelwa kwe-posix_fadvise, imisebenzi ye-posix_fallocate, amamodi we-SEEKHOLE/SEEKDATA ku-lseek, kanye nokusebenza kokukopishwa kwendawo kwezingxenye zefayela kuseva (ngaphandle kokudluliselwa kuklayenti).

      I-FreeBSD okwamanje inikeza ukusekelwa okuyisisekelo kwe-LayoutError, i-IOAdvise, i-Allocate, kanye nemisebenzi ye-Copy. Okusele nje ukusebenzisa umsebenzi Wokufuna odingekayo ukuze usebenzise i-lseek(SEEKHOLE/SEEKDATA) nge-NFS. Ukusekelwa kwe-NFSv4.2 kuhlelelwe i-FreeBSD 13;

  • Isitoreji namasistimu wefayela
    • Iphrojekthi yokulungisa kabusha umshayeli wesistimu engaphansi ye-FUSE (Isistimu yefayela ku-USerspace), evumela ukudala ukuqaliswa kwezinhlelo zamafayela endaweni yomsebenzisi, isizophela. Umshayeli ohlinzekwe ekuqaleni uphelelwe yisikhathi futhi uqukethe iziphazamisi eziningi. Njengengxenye yephrojekthi yesimanje yomshayeli, ukusekelwa kwephrothokholi ye-FUSE 7.23 kwasetshenziswa (inguqulo yangaphambilini engu-7.8, eyakhululwa eminyakeni engu-11 edlule yayisekelwa), ikhodi yengeziwe ukuhlola amalungelo okufinyelela ohlangothini lwe-kernel (“-o default_permissions”), izingcingo ku I-VOP_MKNOD, VOP_BMAP kanye ne-VOP_ADVLOCK yengeziwe, amandla okuphazamisa ukusebenza kwe-FUSE, ukusekelwa okungeziwe kwamapayipi angashiwongo kanye nezisekelo ze-unix kuma-fusefs, ikhono lokusebenzisa i-kqueue ye-/dev/fuse, evunyelwe ukuvuselela amapharamitha we-mount nge-“mount -u”, ukwesekwa okwengeziwe. ukuze kuthekeliswe ama-fusefs nge-NFS, kusetshenziswe ukubala kwe-RLIMIT_FSIZE, kwengezwe amafulegi we-FOPEN_KEEP_CACHE kanye ne-FUSE_ASYNC_READ, ukuthuthukiswa kokusebenza okubalulekile kwenziwe futhi nokuhlelwa kwesikhashana sekuthuthukisiwe;
    • Ukusekelwa komsebenzi we-BIO_DELETE kwengezwe kukhodi ye-swap yekhasi, ekuvumela ukuthi usebenzise umyalo we-TRIM lapho ukhipha amabhlokhi kumadrayivu e-SSD ukuze wandise impilo yawo yesevisi.
  • Usekelo Lwezingxenyekazi zekhompuyutha
    • Umsebenzi uyaqhubeka nokusebenzisa ukusekelwa kwe-ARM64 SoC Broadcom BCM5871X enamaphrosesa e-ARMv8 Cortex-A57, okuhloswe ngawo ukusetshenziswa kumarutha, amasango kanye nesitoreji senethiwekhi. Phakathi nesikhathi sokubika, ukusekelwa kwamabhasi e-iProc PCIe angaphakathi nangaphandle kwathuthukiswa, ukusekelwa kwe-BNXT Ethernet kwengezwa, futhi umsebenzi uyaqhubeka wokusebenzisa injini ye-crypto eyakhelwe ngaphakathi ukusheshisa i-IPsec. Ukuhlanganiswa kwekhodi egatsheni le-HEAD kulindeleke engxenyeni yesibili yonyaka;
    • Umsebenzi usuqalile ekusekelweni kwe-64-bit SoC NXP LS1046A esekelwe kuphrosesa ye-ARMv8 Cortex-A72 enenjini ehlanganisiwe yokucubungula iphakethe lenethiwekhi, i-10 Gb Ethernet, i-PCIe 3.0, i-SATA 3.0 ne-USB 3.0. Ukusekelwa kweplathifomu eyisisekelo (i-SMP yabasebenzisi abaningi) kanye ne-SATA 3.0 sekuqaliwe ukusetshenziswa. Usekelo lwe-USB 3.0, SD/MMC ne-I2C luyathuthukiswa. Izinhlelo zihlanganisa ukusekelwa kwe-Ethernet, GPIO kanye ne-QSPI. Ukuphothulwa komsebenzi nokufakwa egatsheni le-HEAD kulindeleke ngekota yesi-4 ka-2019.
    • Kubuyekezwe abashayeli be-mlx5en kanye ne-mlx5ib be-Mellanox ConnectX-4 [Lx], i-ConnectX-5 [Ex], ne-ConnectX-6 [Dx] Ethernet ne-adaptha ye-InfiniBand. Ukwesekwa okwengeziwe kwama-adaptha e-Mellanox Socket Direct (ConnectX-6), okuvumela ukuphuma okufika ku-200Gb/s ebhasini le-PCIe Gen 3.0. Kuma-multi-core BlueField chips, ukwesekwa komshayeli we-RShim kungeziwe. Iphakheji ye-mstflint enesethi yezinsiza zokuxilonga zama-adaptha e-Mellanox yengezwe ezikhumulweni;
  • Izicelo kanye nohlelo lwamachweba
    • Izingxenye zesitaki sezithombe zibuyekeziwe. Umshayeli we-drm.ko (Direct Rendering Manager) ufakwe ku-Linux 5.0 kernel. Lo mshayeli uthathwa njengokuhlola futhi wengezwe esihlahleni samachweba njenge-graphics/drm-devel-kmod. Njengoba umshayeli esebenzisa uhlaka olubuyekeziwe lwe-Linux KPI ukuze luhambisane ne-Linux kernel DRM API, i-FreeBSD CURRENT iyadingeka ukuze isebenze. Umshayeli we-vboxvideo.ko drm we-VirtualBox virtual GPU naye uhanjiswe esuka ku-Linux. Iphakheji ye-Mesa ibuyekeziwe ukuze ikhulule i-18.3.2 futhi yashintsha ukuze isebenzise i-LLVM kusukela ku-devel/llvm80 port esikhundleni se-devel/llvm60.
    • Isihlahla samachweba we-FreeBSD sesidlule amachweba angu-37000, inani lama-PRs angavaliwe lihlala liku-2146. Phakathi nesikhathi sokubika, izinguquko ezingu-7837 zenziwe kubathuthukisi abangu-172. Abahlanganyeli abathathu abasha bathole amalungelo okuzinikela. Phakathi kwezibuyekezo zenguqulo ebalulekile emachwebeni yilezi: MySQL 5.7, Python 3.6, Ruby 2.5, Samba 4.8, Julia 1.0, Firefox 68.0, Chromium 75.0.3770.100. Zonke izimbobo ze-Go ziguqulelwe ukuze kusetshenziswe ifulegi elithi "USES=go". Kwengezwe ifulegi elithi "USES=cabal" kumphathi wephakheji ye-Cabal esetshenziselwa ikhodi ye-Haskell. Imodi yokuvikela isitaki eqinile ivuliwe. Inguqulo yePython ezenzakalelayo ingu-3.6 esikhundleni se-2.7.
    • Ukukhishwa kwensiza sekulungisiwe i-nssctl 1.0, enikeza i-analogue ku-/sbin/sysctl esebenzisa libxo ngokukhiphayo nokuhlinzeka ngesethi enwetshiwe yezinketho. I-Nsysctl ingasetshenziswa ukuqapha ngokubukeka isimo samanani e-sysctl futhi yethule imininingwane yezinto ngendlela ehlelekile. Okukhiphayo kumafomethi we-XML, JSON kanye ne-HTML kungenzeka;

Source: opennet.ru

Engeza amazwana