os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Update the Summer of Code 2007 page with more detail about each

Browse source 
project.  The summaries are provided by the students themselves and so
this still needs some cleanup before we add a newsflash and post to
announce@.  Also a few project summaries are still missing completely.
This commit is contained in:
Murray Stokely 2007-09-14 15:42:45 +00:00
parent 985193b94d
commit b0aca6c22a
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/www/; revision=30778
1 changed files with 294 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

330
en/projects/summerofcode-2007.sgml
View file

@ -1,6 +1,6 @@
<!DOCTYPE HTML PUBLIC "-//FreeBSD//DTD HTML 4.01 Transitional-Based Extension//EN" [
<!ENTITY base CDATA "..">
<!ENTITY date "$FreeBSD: www/en/projects/summerofcode-2007.sgml,v 1.4 2007/04/22 19:58:09 pav Exp $">
<!ENTITY date "$FreeBSD: www/en/projects/summerofcode-2007.sgml,v 1.5 2007/05/19 15:38:19 murray Exp $">
<!ENTITY title "FreeBSD Summer of Code 2007">
<!ENTITY % navinclude.developers "INCLUDE">
<!ENTITY % developers SYSTEM "../developers.sgml"> %developers;
@ -9,15 +9,26 @@
<html>
&header;
<p>The FreeBSD Project is proud to be taking part in the Google <a
<p>The FreeBSD Project is proud to have taken part in the Google <a
href="http://code.google.com/soc">Summer of Code
2007</a>. We received more high quality applications this year than
ever before. In the end it was a very tough decision to narrow it
down to the 25 students selected for funding by Google. The student
projects are listed below. For more detailed information about the
plans for each project, please see the <a
href="http://wiki.freebsd.org/moin.cgi/SummerOfCode2007">FreeBSD
Summer of Code 2007 wiki</a>.</p>
down to the 25 students selected for funding by Google.
These student projects included security research,
improved installation tools, new utilities, and more. Many of the
students have continued working on their FreeBSD projects even after
the official close of the program.</p>
<p>We are happy to report than all students made some progress towards
their goals for the summer, and the 22 students listed below
completed the program successfully.</p>
<p>Information about the student projects is available from our <a
href="http://wiki.freebsd.org/SummerOfCode2007">Summer of Code
wiki</a> and all of the code is checked into <a
href="http://perforce.freebsd.org/depotTreeBrowser.cgi?FSPC=//depot/projects/soc2007/">Perforce</a>.
The summaries below were submitted by the individual students and
their mentors.</p>
<a name="students"></a>
<h2>2007 Student Projects</h2>
@ -25,108 +36,355 @@
<ul>
<li><strong>Project:</strong> GNOME front-end to freebsd-update(8)<br>
<strong>Student:</strong> Andrew Turner<br>
<strong>Mentor:</strong> &a.marcus;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.marcus;<br>
<strong>Summary:</strong>
<p>A front-end to freebsd-update using GTK+. It includes:</p>
<ul>
<li>A daemon that waits for freebsd-update to find new updates</li>
<li>A GTK+/Gnome front-end</li>
</ul>
</li>
<li><strong>Project:</strong> Multicast DNS responder (BSD-licensed)<br>
<strong>Student:</strong> Fredrik Lindberg<br>
<strong>Mentor:</strong> &a.bms;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.bms;<br>
<strong>Summary:</strong>
<p>Multicast DNS (mDNS) is a part of Zero Configuration
Networking (Zeroconf) and provides the ability to address
hosts using DNS-like names without the need of an existing
(unicast), managed DNS server.</p>
<p>The Multicast DNS responder (mdnsd), is more or less feature
complete and is currently in a bug fixing and testing phase.
A few more features are planned, most notably mdns proxy
support. The daemon performs multicast dns queries on behalf
of clients and acts as a unified cache to all clients.
Provides the ability to announce its own mdns records onto the
network.</p>
<p>The daemons abilities are exposed to clients through libmdns,
it provides an API to do mDNS queries and to add/remove/list
records and view/flush cache. Two consumers exists, one
console based basic debugging and administrative utility
(mdns) which simply provides whatever libmdns provides and a
NSS module (nss_mdns) which integrates mDNS lookups with the
systems name lookup routines.</p>
</li>
<li><strong>Project:</strong> Unified ports / package system database backend<br>
<strong>Student:</strong> Garrett Cooper<br>
<strong>Mentor:</strong> &a.krion;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.krion;<br>
<strong>Summary:</strong>
<p>This project aims to revise FreeBSD's package tools
(/usr/src/usr.sbin/pkg_install) to use Berkeley DB files for
storing information held in /var/db/pkg/*, and use Hash table
structures. It also aims to devise a frontend for dealing
with package and ports installation and management and insert
virtuals into ports infrastructure to support modular
components functionality, for dealing with ports installed
components vs base installed components (OpenSSL, OpenSSH,
Kerberos).</p></li>
<li><strong>Project:</strong> Super Tunnel Daemon<br>
<strong>Student:</strong> Matus Harvan<br>
<strong>Mentor:</strong> &a.mlaier;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.mlaier;<br>
<strong>Summary:</strong>
<p>The aim of this project is to implement the Super Tunnel
Daemon, a tunneling daemon using plugins for different
encapsulations and automagically selecting the best
encapsulation in each environment. Should the environment
change, the user would not notice the transition to a
different encapsulation except for a small delay. Connections
estabilished within the tunnel would seamlessly be migrated to
a different encapsulation. In this way, mobility would be
supported as well, even to the extent of changing between
different physical network interfaces, e.g. disabling the
wireless interface and plugging in an ethernet cable. New
encapsulations could easily be added in the future using the
plugin interface.</p></li>
<li><strong>Project:</strong> Rewriting lockmgr(9)<br>
<strong>Student:</strong> Attilio Rao<br>
<strong>Mentor:</strong> &a.jeff;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.jeff;<br>
<strong>Summary:</strong>
<p>This project involves rewriting the lockmgr syncronization
primitive since recent efforts (in particular sun4v porting)
evicted that this is a strong bottleneck for fs workloads (due
to its spreadness in VFS land). One of the main goal of the
rewriting is offering a more customed interface, trimming all
unused (and possibily bugged) features of lockmgr and offering
a more intelligent interface (that would help a lot in
debugging and lock assertions).</p></li>
<li><strong>Project:</strong> Apple's MacBook on FreeBSD<br>
<strong>Student:</strong> Rui Paulo<br>
<strong>Mentor:</strong> &a.andre;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.andre;<br>
<strong>Summary:</strong>
<p>Apple's MacBook computers are nicely designed and have neat
features that other laptops don't. While Mac OS X is a nice
operating system, UNIX folks (like me) would prefer to run
other operating systems like FreeBSD. This project aims to
bring bug fixes and new drivers to FreeBSD that would help
running this OS on this platform.</p></li>
<li><strong>Project:</strong> Security regression tests<br>
<strong>Student:</strong> Zhouyi ZHOU<br>
<strong>Mentor:</strong> &a.rwatson;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.rwatson;<br>
<strong>Summary:</strong>
<p>This project involved testing the correctness of FreeBSD
Mandatory Access Control Framework including correctly passing
the security label from userland to kernel and
non-bypassibility of Mandatory Access Control Hooks.
Specific contributions include:</p>
<ol>
<li>Constructed a pair of pseudo ethernet drivers used for
testing network related hooks. To avoid the packet go
through the lo interface, the IP address in the packet is
twisted in the driver.</li>
<li>Constructed a framework for logging Mandatory Access Control
hooks which is called during a period of time.
<ul>
<li>In kernel, every non-null label is got externalized
into human readable string and recorded in a tail queue
together with the name of hook that got called and
possible flags or modes (etc. VREAD/VWRITE for
mac_check_vnode_open hook). There is a thread much like
audit subsystem's audit_worker logging the queue into a
userspace file. The userland program use open, ioctl and
close the /dev/mactest node to trigger and stop the
logging. The logging file is truncated to zero every
time the logging mechanism is triggered.</li>
<li>In userland, a bison based parsing tool is used to
parse the logged file and reconstruct the record chain
which will be compared with testsuite supplied
configuration file to examine if expected hooks is got
called and the label/flags/modes are correct. The
testsuite mainly follows src/tools/regression/fstest,
modified to adapt to test Mandatory Access Control
Framework and include tests for signals</li>
</ul>
</li>
<li>The test cases about mandatory access control hooks for
fifo, link, mdconfig, netinet, open, pipe, rename, rmdir,
signal, symlink, sysvshm and truncate are written. Two
security vulnerabilities are found during the test case
writing.</li>
</ol>
</li>
<li><strong>Project:</strong> GVinum Enhancements<br>
<strong>Student:</strong> Ulf Lilleengen<br>
<strong>Mentor:</strong> &a.le;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.le;<br>
<strong>Summary:</strong> <p> </p></li>
<!--
<li><strong>Project:</strong> Parallelization of the Ports Collection<br>
<strong>Student:</strong> Wade Wesolowsky<br>
<strong>Mentor:</strong> &a.pav;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.pav;<br>
<strong>Summary:</strong> <p> </p></li>
-->
<li><strong>Project:</strong> TCP/IP regression test suite<br>
<strong>Student:</strong> Nanjun Li<br>
<strong>Mentor:</strong> &a.gnn;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.gnn;<br>
<strong>Summary:</strong>
<p>This project aims at a testing suite for any host's
perform-ability in TCP/IP networks. N. Li implemented it on a
FreeBSD machine using libpcap (a library of BSD Packet Filter)
to sniff frames on MAC layer, decode them into human-readable
format, and send crafted ones to exam if the target host
follows RFC793's requirements.</p></li>
<li><strong>Project:</strong> Avoiding syscall overhead<br>
<strong>Student:</strong> Jesper Brix Rosenkilde<br>
<strong>Mentor:</strong> &a.scottl;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.scottl;<br>
<strong>Summary:</strong>
<p>At the moment the setproctitle call is implemented with a
sysctl, this has the unfortunate side effect that this simple
call locks the Giant-lock. As this call is a simple matter of
setting a value, it could be better implemented with shared
memory between the kernel and user-space.</p>
<p>This project purposes a scheme to securely share process
specific data, between the kernel and a user-space
process. This is done by having each process allocate a
special memory page, on which the kernel and user-space
process can share data. This will give the security needed, as
the VM-system will make sure that no outside processes can
fiddle with a process' data. As everything is going on it
user-space, there is no concern about a rogue process could
write inside the kernel memory. There is still a locking
concern, which will be addressed either by locking the entire
page, or micro-locking each data field on the page. To test
the scheme, I will implement the setproctitle call with share
memory as oppose to the current syscall version.</p>
<p>Update: Howard Su has sugested a a multi page scheme, where a
read/write page is used for things like get/setproctitle and a
read-only page for things like getpid. And maybe a system wide
read-only page for things like getdomain, gethostname
etc. More on this to follow.</p></li>
<!--
<li><strong>Project:</strong> msdosfs Infrastructure<br>
<strong>Student:</strong> Brian Chu<br>
<strong>Mentor:</strong> &a.kib;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.kib;<br>
<strong>Summary:</strong> <p> </p></li>
-->
<li><strong>Project:</strong> Port OpenBSD's sysctl Hardware Sensors framework<br>
<strong>Student:</strong> Constantine A. Murenin<br>
<strong>Mentor:</strong> &a.syrinx;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.syrinx;<br>
<strong>Summary:</strong>
<p>This project involves porting sysctl hw.sensors framework and
related utilities from OpenBSD to FreeBSD. Apart from the
framework itself, lm(4) and it(4) will be ported, and patches
to FreeBSD's internal drivers that have temperature sensors
will be provided, e.g. dev/iicbus/ad7418.c. The goal is to
enable users to access temperature and other sensors in a
unified fashion from sysctl, systat, sensorsd and
ports/sysutils/symon.</p></li>
<li><strong>Project:</strong> Distributed audit daemon<br>
<strong>Student:</strong> Alexey Mikhailov<br>
<strong>Mentor:</strong> &a.bz;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.bz;<br>
<strong>Summary:</strong>
<p>The basic idea behind this project is to implement secure and
reliable log file shipping to remote hosts. While the
implementation focuses on audit logs, the goal is to build
tools that will make it possible to perform distributed
logging for any application by using a simple API and linking
with a shared library.</p></li>
<li><strong>Project:</strong> Generic input device layer<br>
<strong>Student:</strong> Maxim Zhuravlev<br>
<strong>Mentor:</strong> &a.philip;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.philip;<br>
<strong>Summary:</strong>
<p>Originally selected to design and implement common way to
retrieve and process data from input devices, the project
resulted in code base of a bigger and more generic project
<b>Enhanced NewBus</b>. The following features are introduced by
now: basic functional devices support, filter drivers and
NewBus input/output subsystem. Functional devices
(ex. demuxing, muxing, terminals) are supposed to coordinate
real devices. Each device is handled by a stack of drivers
(low-level and filters). Filter drivers are to simplify code
reuse. The NewBus input/output subsystem is designed to push
io requests through the NewBus graph.</p></li>
<li><strong>Project:</strong> bus_alloc_resources() Code Update<br>
<strong>Student:</strong> Christopher Davis<br>
<strong>Mentor:</strong> &a.imp;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.imp;<br>
<strong>Summary:</strong>
<p>Currently, many devices in FreeBSD's source tree use
excessively verbose methods of resource allocation and
deallocation. Numerous calls to bus_alloc_resource() or
bus_alloc_resource_any() are used to allocate resources, and
subsequently, multiple calls to bus_release_resource() are
used to free the resources after an error in allocation or
when the device is detached.</p>
<p>Recently, however, the bus_alloc_resources() and
bus_release_resources() functions have been added. These
simple wrappers around bus_alloc_resource_any() and
bus_release_resource() both operate on the same resource
description, so that much of the repetition once needed to
allocate and free resources can be mitigated.</p>
<p>This project is to update driver source code where necessary
using the new functions to make the code related to allocation
and deallocation simpler and clearer, while making other
refinements as needed.</p></li>
<li><strong>Project:</strong> BSD bintools project (Part I)<br>
<strong>Student:</strong> Kai Wang<br>
<strong>Mentor:</strong> &a.jkoshy;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.jkoshy;<br>
<strong>Summary:</strong>
<p>This project plans to re-implement part of the GNU binutils
based on the libelf and libarchive libraries. It will bring
FreeBSD a BSD Licensed toolchain for processing ELF binary
file. First part of the project, which is scheduled to
complete within this summer, mainly concentrate on
re-implementing tools including ar(1), ranlib(1), objcopy(1),
strip(1) and composing corresponding manual pages.</p></li>
<li><strong>Project:</strong> Update of Linuxulator for Linux 2.6<br>
<strong>Student:</strong> Roman Divacky<br>
<strong>Mentor:</strong> &a.kib;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.kib;<br>
<strong>Summary:</strong> <p> </p></li>
<li><strong>Project:</strong> FreeBSD 'safety net' IO logging utility<br>
<strong>Student:</strong> Sonja Milicic<br>
<strong>Mentor:</strong> &a.le;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.le;<br>
<strong>Summary:</strong> <p> </p></li>
<li><strong>Project:</strong> Provide an audit log analysis tool<br>
<strong>Student:</strong> Liu Dongmei<br>
<strong>Mentor:</strong> &a.rwatson;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.rwatson;<br>
<strong>Summary:</strong> <p>A GTK+ graphical audit log
analysis tool.</p></li>
<li><strong>Project:</strong> Improve the FreeBSD Ports Collection Infrastructure<br>
<strong>Student:</strong> &a.gabor;<br>
<strong>Mentor:</strong> &a.sat;<br>&nbsp;</li>
<strong>Mentor:</strong> &a.sat;<br>
<strong>Summary:</strong> <p> </p></li>
<!--
<li><strong>Project:</strong> PMC GUI<br>
<strong>Student:</strong> Mathieu Prevot<br>
<strong>Mentor:</strong> Joseph Koshy<br>&nbsp;</li>
<strong>Mentor:</strong> Joseph Koshy<br>
<strong>Summary:</strong> <p> </p></li>
-->
<li><strong>Project:</strong> http support for PXE<br>
<strong>Student:</strong> Alexey Tarasov<br>
<strong>Mentor:</strong> Ed Maste<br>&nbsp;</li>
<strong>Mentor:</strong> Ed Maste<br>
<strong>Summary:</strong>
<p>Main purpose of this project - to write extendable (as much
as possible - C) code wrappers to provided by PXE and UNDI
APIs to support downloading of files via TCP-based protocols
in preboot environment. Goal - to introduce code, able to
download and prepare booting of FreeBSD kernel from remote
server via direct connection or http proxy.</p></li>
<li><strong>Project:</strong> Graphical installer for FreeBSD (finstall)<br>
<strong>Student:</strong> Ivan Voras<br>
<strong>Mentor:</strong> Murray Stokely<br>&nbsp;</li>
<strong>Mentor:</strong> Murray Stokely<br>
<strong>Summary:</strong>
<p>This project aims to create a user-friendly graphical
installer for FreeBSD & FreeBSD-derived systems. The project
should yield something usable for 7.0-RELEASE, but the
intention is to keep it as a "second" installer system during
7.x, alongside sysinstall. In any case, sysinstall will be
kept for architectures not supported by finstall (e.g. all
except i386 and amd64).</p></li>
<li><strong>Project:</strong> Porting Linux KVM to FreeBSD<br>
<strong>Student:</strong> Fabio Checconi<br>
<strong>Mentor:</strong> Luigi Rizzo<br>&nbsp;</li>
</ul>
<strong>Mentor:</strong> Luigi Rizzo<br>
<strong>Summary:</strong>
<p>Linux KVM is a Virtual Machine Monitor, part of the Linux
kernel, that uses Intel VT-x Intel VT-x or AMD-V extensions
for x86 processors to create a full virtualization
environment. This project will consist in porting Linux KVM to
the FreeBSD kernel.</p>
<p>We would also like to recognize Christopher Lindsay who was
originally selected for his BSD-licensed Text-Processing Tools
project but had to withdraw from the program this summer.</p>
<p>Since Linux KVM has a structure similar to that of a device
driver (actually, it is a device driver, from many points of
view,) core kernel changes will not be required, and the final
product of this project will be an external loadable kernel
module, exporting an interface based on ioctl() calls to a
device descriptor. Part of the project will be also the
porting of the userspace client for that interface, a modified
qemu that uses KVM for host execution.</p></li>
</ul>
<a name="press"></a>
<h2>FreeBSD Summer of Code Links</h2>