os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

- add introduction

Browse source 
- fix typos/grammar [1]
- add mandoc/mdocml submission [2]
- add capsicum submission [3]
- add bugbusting team submission [4]
- add re@ team submission [5]

Submitted by:	plunket [1], gavin [4], uqs [1,2], rwatson [3], kensmith [5]

The report is mostly complete. The only one I would still like to get is a
submission covering EuroBSDCon 2010, but I haven't found anyone interested
in writing one yet.
This commit is contained in:
Daniel Gerzo 2010-10-23 18:23:48 +00:00
parent 9b1d3bf400
commit b64fa52045
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/www/; revision=36519
1 changed files with 357 additions and 66 deletions
Download patch file Download diff file Expand all files Collapse all files

423
en/news/status/report-2010-07-2010-09.xml
View file

@ -1,7 +1,7 @@
<?xml version="1.0" encoding="ISO-8859-1" ?>
<!DOCTYPE report PUBLIC "-//FreeBSD//DTD FreeBSD XML Database for
Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<!-- $FreeBSD: www/en/news/status/report-2010-07-2010-09.xml,v 1.1 2010/10/22 10:03:42 danger Exp $ -->
<!-- $FreeBSD: www/en/news/status/report-2010-07-2010-09.xml,v 1.2 2010/10/23 17:02:05 bcr Exp $ -->
<report>
<date>
@ -13,10 +13,23 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<section>
<title>Introduction</title>
<p>SUMMARY GOES HERE</p>
<p>This report covers &os;-related projects between July and
September 2010. It is the third of the four reports planned for
2010. During this period, we were
victims of one of the biggest BSD events of the year - EuroBSDCon.
We hope that the ones of you who have been able to attend it
have enjoyed your stay. Another good news is that work on the
new minor versions of &os;, 7.4 and 8.2, is progressing well.</p>
<p>This report, with 52 entries, is the longest report in
the whole history and shows a good condition of the &os;
community.</p>
<p>Thanks to all the reporters for the excellent work! We hope you
enjoy reading.</p>
enjoy the reading.</p>
<p>Please note that the deadline for submissions covering the period
between October and December 2010 is January 15th, 2011.</p>
</section>
<category>
@ -102,10 +115,10 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<body>
<p>&os;-CURRENT runs on the AR9132 SoC. Minor platform-specific
tweaks are needed to use it on a given piece of hardware (eg
where in flash the ethernet MAC address is stored.) The AR910x
tweaks are needed to use it on a given piece of hardware (eg.,
where in flash the Ethernet MAC address is stored.) The AR910x
wireless MAC/PHY is supported. The only available test platform
uses a 2.4ghz radio; 5ghz 11a mode has not been tested. As with
uses a 2.4GHz radio; 5GHz 11a mode has not been tested. As with
other atheros chipset support in &os;, 11n support is not yet
finished. The current development platform is the TP-Link
TP-WN1043ND 802.11n wireless bridge/router. It is currently being
@ -138,7 +151,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
</links>
<body>
<p>pkg_patch is an tool meant to be used with the rest of the
<p>pkg_patch is a tool meant to be used with the rest of the
pkg_* utilities whose job is to create and apply binary patches
to &os; package archives. The SoC project was successfully
completed but there are some open issues about the integration of
@ -182,15 +195,15 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<body>
<p>This project has two goals: pre-allocation algorithm for
ext2fs and ext4 read-only mode. The aim of pre-allocation
algorithm is to implement a reservation window mechanism. Now
this mechanism has been implemented and I have submitted a patch
algorithm is to implement a reservation window mechanism.
This mechanism has been implemented and I have submitted a patch
file to mailing list (fs@FreeBSD.org). The aim of ext4 read-only
mode is to make it possible to read ext4 file system in read-only
mode when disk is formatted with default features. Until now it
can read data from ext4 filesystem with default features in
mode is to make it possible to read ext4 file systems in read-only
mode when the disk is formatted with default features. Until now it
can read data from ext4 file systems with default features in
read-only mode. I have submitted a patch to mailing list
(fs@FreeBSD.org). I am building a new kernel module for it, which
calls ext4fs.</p>
(fs@FreeBSD.org) and am building a new kernel module for it, which
is called ext4fs.</p>
</body>
<help>
@ -224,8 +237,8 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
and applications to the &os; operating system.</p>
<p>Mono 2.8 has been released a few days ago and is already
available in the BSD# repository. The updates breaks a few ports
so the lang/mono updated in the &os; ports tree will be delayed
available in the BSD# repository. The update breaks a few ports
so the lang/mono update in the &os; ports tree will be delayed
until those programs are fixed for a smoother update
experience.</p>
@ -245,7 +258,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<task>Currently low priority, some mono hackers who do not use
&os; would be interested in a debug live-image of &os; to help us
diagnose and fix bugs more efficiency.</task>
diagnose and fix bugs more effectively.</task>
</help>
</project>
@ -301,7 +314,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<body>
<p>We recently imported the 2.8 release of Clang into head. This
release contains many new features and improvements. The
integrated assembler is in this version too, but it is not ready
integrated assembler ships with this version, but it is not ready
for general use yet.</p>
<p>Since r212979, all necessary changes have been committed to be
@ -362,7 +375,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<p>Next up on the list is to finish the implementation for
newsyslog thereby allowing ports that need logs rotated to take
advantage of that tool</p>
advantage of that tool.</p>
</body>
</project>
@ -439,26 +452,26 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
amd64, arm (Marvell), i386, mips, pc98, powerpc, sparc64, sun4v
architectures were refactored to use new timers API.</p>
<p>New machine-independent timers management code written. It
<p>New machine-independent timers management code was written. It
can utilize both legacy periodic and new one-shot timer
operation modes.</p>
<p>Using one-shot mode allows significantly reduce number of
<p>Using one-shot mode allows to significantly reduce the number of
timer interrupts and respectively increase CPU sleep time
during idle periods. Timer interrupts on idle CPUs now
during idle periods. Timer interrupts on idle CPUs are now
generated only when they are needed to handle registered
time-based events. Busy CPUs unluckily still receiving full
time-based events. Busy CPUs unluckily still receive the full
interrupt rate for purposes of resource accounting, scheduling
and timekeeping.</p>
<p>With some additional tuning it is now possible to have
8-core system, receiving only about 100 interrupt per second
and respectively have CPUs idle periods up to 100ms. This
<p>With some additional tuning it is now possible to have an
8-core system, receiving only about 100 interrupts per second
and respectively have CPU idle periods up to 100ms. This
allows to effectively use any supported CPU idle states
(C-states), that reduces power consumption and increases effect
of the Intel TurboBoost technology.</p>
<p>New manual pages written to document this functionality:
<p>New manual pages were written to document this functionality:
eventtimers(7), attimer(4), atrtc(4), hpet(4).</p>
</body>
@ -473,11 +486,10 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
precision, allowing to group close events.</task>
<task>Make schedulers tickless, or at least less depending on
time events to make possible skip timer interrupts when CPUs are
busy.</task>
time events to make skipping timer interrupts possible when CPUs
are busy.</task>
<task>Merge code into 8-STABLE when it will be considered
ready.</task>
<task>Merge code into 8-STABLE when it is considered ready.</task>
</help>
</project>
@ -499,7 +511,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
</links>
<body>
<p>Given the current status of fenner@'s Distfiles Survey, a new
<p>Given the current status of fenner's Distfiles Survey, a new
distfile checker was written in order to have an overview for the
state of each distfile in the ports tree. The distfile checker is
also able to verify WWW entries in pkg-descr files. This is an
@ -578,7 +590,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<p>&os;/powerpc64 now boots multi-user SMP and is self-hosting on
the Playstation 3. Booting requires a PS3 console with the
OtherOS capability (fat model console with firmware &lt; 3.21).
The only supported hardware at present is the ethernet
The only supported hardware at present is the Ethernet
controller.</p>
</body>
@ -861,8 +873,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
</links>
<body>
<p><a
href="http://updating.versia.com/">updating.versia.com</a>
<p><a href="http://updating.versia.com/">updating.versia.com</a>
features web feeds for UPDATING files from ports, head, stable/7
and stable/8. These feeds provide an easy way to track important
changes in the ports tree and the base system.</p>
@ -893,7 +904,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
8.2-RELEASE now that they have received the necessary testing.</p>
<p>Part of reasons why not much has happened in this spot was some
lack of time on my side but also due to nobody showing up with an
lack of time on my side but also due to nobody showing up with a
not yet supported sun4u machine lately and me delving in the
network land instead, which yielded some things to report about
in the next status report. On the other hand I recently got a
@ -934,25 +945,74 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
trying to keep the documents and the website translations in sync
with the ones on &os;.org. Fabian Ruch was helpful in catching up
with the changes to the Porters Handbook. Benedict translated the
Solid State article into german because this is becoming a good
Solid State article into German because this is becoming a good
addition to traditional hard drive storage.</p>
<p>We tried to re-activate committers who did not contribute for
some time but most of them are currently unable to free up enough
time. We hope to gain fresh contributor blood as we are getting
occasional reports about bugs and grammar in the german
occasional reports about bugs and grammar in the German
translation.</p>
</body>
<help>
<task>Submit grammar, spelling or other errors you find in the
german documents and the website.</task>
German documents and the website.</task>
<task>Translate more articles and other open handbook
sections.</task>
</help>
</project>
<project cat='docs'>
<title>mandoc/mdocml - groff replacement for rendering manpages in &os;</title>
<contact>
<person>
<name>
<given>Ulrich</given>
<common>Sp&ouml;rlein</common>
</name>
<email>uqs@FreeBSD.org</email>
</person>
</contact>
<links>
<url href="http://mdocml.bsd.lv/">Kristaps' mdocml project page.</url>
<url href="https://www.spoerlein.net/cgit/cgit.cgi/freebsd.work/log/?h=mdocml">
Git branch for &os; mdocml related work.</url>
</links>
<body>
<p>Kristaps' groff-replacement (for rendering manpages, only) is
already available in NetBSD and OpenBSD, and used to render the base
system manpages for the latter. This project aims to do similar
things for &os;.</p>
<p>mandoc(1) is more strict in what it accepts as input and is still
lacking some features that are used by some selected few manpages.</p>
<p>Getting manpage fixes accepted by upstream vendors has been
challenging. Waiting for them to round-trip back into &os; will take
even longer. Future work will therefore result in direct commits to
our contrib/ and gnu/ repository areas, in the hope this will not
impact future vendor imports too much.</p>
</body>
<help>
<task>Finish the Big Manpage Cleanup of 2010.</task>
<task>Write a textproc/groff port for the latest groff version.</task>
<task>Import mandoc(1), switch to catpages for base.</task>
<task>Supply necessary ports infrastructure to opt-in to mandoc(1).
</task>
<task>Discuss future of groff(1) in base wrt. share/doc.</task>
</help>
</project>
<project cat='ports'>
<title>pkg_upgrade (sysutils/bsdadminscripts)</title>
@ -1061,7 +1121,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<p>PEFS is a kernel level stacked cryptographic filesystem, i.e.
it stacks on top of existing mounted filesystems. AES and
Camellia algorithms in XTS mode are supported. The project has
matured since Summer of Code'2009, most important improvements
matured since Summer of Code 2009, most important improvements
for last few months include: switch to use XTS encryption mode,
implementation of sparse file support, fixing rename bugs
including race and livelock conditions, addition of ext2 support.
@ -1143,7 +1203,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<body>
<p>We were proud to be a sponsor for MeetBSD 2010 Poland and
KvivBSD 2010 in Kiev, Ukraine. We also committed to sponsoring
KyivBSD 2010 in Kiev, Ukraine. We also committed to sponsoring
BSDDay Argentina 2010, MeetBSD California 2010, and NYBSDCon 2010
all in November. The Foundation was also represented at MeetBSD
Poland and Ohio LinuxFest.</p>
@ -1309,7 +1369,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
administrators who operate &os; systems in atypical network
scenarios.</p>
<p>Keep and eye on the freebsd-net@FreeBSD.org mailing list for
<p>Keep an eye on the freebsd-net@FreeBSD.org mailing list for
project related announcements.</p>
</body>
</project>
@ -1413,7 +1473,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
developed to &os;'s built-in SNMP daemon - bsnmpd(1). First a
snmp_wlan(3) module was developed that allows monitoring and
configuration of wlan(4) interfaces operating in various modes,
including statistics, attached/neighboring station infomation,
including statistics, attached/neighboring station information,
MAC access control entries and mesh routing information. The
module's code was submitted in SVN and is now a part of the &os;
base system. Next, SNMPv3 authentication and encryption support
@ -1421,12 +1481,12 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
available via the ports system currently). The message digest and
cipher calculation calls use the implementation of the relevant
cryptographic algorithm implementation in OpenSSL's crypto(3)
library. bsnmpd(1) may still optionally be compiled wihtout the
library. bsnmpd(1) may still optionally be compiled without the
crypto(3) library, in which case only unauthenticated plain-text
SNMPv3 PDUs may be processed. In addition, a snmp_usm(3) module
was developed that is used to configure SNMPv3 users parameters
(name, authentication &amp; encryption algorithms used and relevant
keys, etc) into bsnmpd(1) as per RFC 3414. Finally, a
keys, etc.) into bsnmpd(1) as per RFC 3414. Finally, a
snmp_vacm(3) module was developed that allows configuration of
view-based access control as per RFC 3415, and relevant checks
are made by bsnmpd(1) that allow or restrict access to specific
@ -1474,13 +1534,13 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
has started. Services are then added to this daemon via the
fscadm control utility and from there they will be monitored.
When they die, depending on the reason, they will be restarted.
Certain signals, may be ignored (list not decided) and fscd
Certain signals may be ignored (list not decided), and fscd
will remove that service from monitoring. Every action is
logged to the system logging daemon. Additionally, the fscadm
utility may be used to inquire about what services are
monitored, their pidfile location, and current process id.</p>
<p>FSC provides several some advantages over the third party
<p>FSC provides several advantages over the third party
daemontools package. For example, fscd uses push notifications
instead of polling; fscd is an internal, &os; maintained
software package accessible to all developers where daemontools
@ -1535,9 +1595,9 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
of to a local disk. It implements a very minimal TCP/IPv4 stack
and uses a custom UDP protocol to transmit the dump to the
netdump server running on another host. Network interfaces
selected for dumping, perform I/O in polling mode.</p>
selected for dumping perform I/O in polling mode.</p>
<p>Netdump should find use in diskless workstation clusters,
<p>Netdump should find its use in diskless workstation clusters,
PXE-booted test machines, and perhaps when doing disk driver
development.</p>
</body>
@ -1560,7 +1620,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
</help>
</project>
<project cat='proj'>
<project cat='misc'>
<title>PC-BSD</title>
<contact>
@ -1653,7 +1713,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<body>
<p>We will be having a developers summit meeting at meetBSD
California 2010 on November 4th, the day before the conference.
Based on who is in attendance, we will be taking about the status
Based on who is in attendance, we will be talking about the status
of pressing issues; working on pressing problems and using the
opportunity for face to face meetings to work out issues that are
difficult in email. This is an invitation only event, but any
@ -1690,7 +1750,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
support)). In addition, the orchestration of the build (make
buildworld) will change to avoid bootstrapping certain tools, or
compiling the compilers at all. In addition, support for using
alternate assemblers, linkers, etc will be added. The work will
alternate assemblers, linkers, etc., will be added. The work will
be done in subversion in projects/xtc (for eXternal Tool
Chain).</p>
</body>
@ -1719,7 +1779,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
the concept of multiple architectures being implemented with one
set of files, and regularizes that design pattern into the &os;
build process. In the past, you had to set TARGET_BIG_ENDIAN=t to
compile for big endian, but that had a number of problems: ca not
compile for big endian, but that had a number of problems: can not
share /usr/obj between little and big endian targets, sometimes
the produced compilers will not work right unless TARGET_BIG_ENDIAN
is defined in the environment, etc.</p>
@ -1731,7 +1791,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
</help>
</project>
<project cat='ports'>
<project cat='team'>
<title>&os; KDE Team</title>
<contact>
@ -1800,7 +1860,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
our team is keeping pace making it available in our <a
href="http://area51.pcbsd.org/">development repository</a>.</p>
<p>We are fortunate to have a strong contributor base that help
<p>We are fortunate to have a strong contributor base that helps to
keep the process moving along. Our heartfelt thanks go out to all
that have helped with patches, maintaining ports, and responding
with help on the mailing lists.</p>
@ -1852,11 +1912,11 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<body>
<p>pc-sysinstall was imported into HEAD recently. For the moment
it is feature complete, although progress on the text front end
for it may exposes additional functionality it needs</p>
for it may expose additional functionality it needs.</p>
</body>
<help>
<task>the automated/scripted install features of pc-sysinstall
<task>The automated/scripted install features of pc-sysinstall
need wider testing and use to expose potential weaknesses, bugs,
and additional features it may require.</task>
@ -1895,15 +1955,14 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<p>DAHDI (Digium/Asterisk Hardware Device Interface) is an
open-source device driver framework and a set of hardware drivers
for E1/T1, ISDN digital, and FXO/FXS analog cards [<a
ref="http://www.asterisk.org/dahdi/">1</a>]
ref="http://www.asterisk.org/dahdi/">1</a>].
Asterisk is one of the most popular open-source software PBX
solutions [<a
href="http://www.asterisk.org/">2</a>].</p>
solutions [<a href="http://www.asterisk.org/">2</a>].</p>
<p>The project includes porting DAHDI framework and hardware
drivers for E1/T1, FXO/FXS analog, and ISDN digital cards to
&os;. This also includes TDMoE support, software and HW echo
cancellation (Octasic, VPMADT032), and hardware transcoding
&os;. This also includes TDMoE support, software and hardware
echo cancellation (Octasic, VPMADT032), and hardware transcoding
support (TC400B). The work is ongoing in the official DAHDI SVN
repository with the close collaboration with DAHDI folks at
Digium.</p>
@ -2000,7 +2059,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
backwards compatible.</p>
<p>After importing this one the work will go on the newest
version and decisions on it will than be done.</p>
version and decisions on it will then be done.</p>
</body>
<help>
@ -2187,7 +2246,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<li>Multiple encryption keys. GELI will use one encryption key
for at most 2^20 blocks (sectors), as it is not recommended to
use the same encryption key for too much data. It generates keys
use the same encryption key for too much data. It generates a key
array from the master key on attach and uses it accordingly. This
is the default now.</li>
@ -2197,7 +2256,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
</body>
</project>
<project cat='proj'>
<project cat='ports'>
<title>Valgrind port</title>
<contact>
@ -2221,7 +2280,7 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<body>
<p>Valgrind is a tool for detecting memory management and
threading bugs, and profiling. Version 3.6.0 has recently been
released, while we we have a working port of 3.5.0 now. Work is
released, while we have a working port of 3.5.0 now. Work is
now underway to update the &os; port to 3.6.0, with the eventual
goal of having our changes integrated upstream.</p>
@ -2242,4 +2301,236 @@ Status Report//EN" "http://www.FreeBSD.org/XML/www/share/sgml/statusreport.dtd">
<task>Integrate our patches upstream.</task>
</help>
</project>
<project>
<title>Capsicum: practical capabilities for UNIX</title>
<contact>
<person>
<name>
<given>Robert</given>
<common>Watson</common>
</name>
<email>rwatson@FreeBSD.org</email>
</person>
<person>
<name>
<given>Jonathan</given>
<common>Anderson</common>
</name>
<email>anderson@FreeBSD.org</email>
</person>
<person>
<name>
<given>Ben</given>
<common>Laurie</common>
</name>
<email>benl@google.com</email>
</person>
<person>
<name>
<given>Kris</given>
<common> Kennaway </common>
</name>
<email>kennaway@google.com</email>
</person>
</contact>
<links>
<url href="http://www.cl.cam.ac.uk/research/security/capsicum/">
Capsicum: practical capabilities for UNIX</url>
<url href="https://lists.cam.ac.uk/mailman/listinfo/cl-capsicum-discuss">
Capsicum project mailing list</url>
<url href="http://www.cl.cam.ac.uk/research/security/capsicum/papers/2010usenix-security-capsicum-website.pdf">
USENIX Security 2010 paper on Capsicum</url>
</links>
<body>
<p>Capsicum is a lightweight OS capability and sandbox framework
developed at the University of Cambridge Computer Laboratory,
supported by a grant from Google. Capsicum extends the POSIX API,
providing several new OS primitives to support object-capability
security on UNIX-like operating systems: capabilities, a new
sandboxed capability mode for processes, anonymous shared memory
objects, process descriptors, and a modified C runtime able to
support distributed applications within sandboxes. Capsicum
has been prototyped on &os; 9-CURRENT, with a 8-STABLE
backport.</p>
<p>Capsicum is intended to supplement existing system-centric
mandatory access control protections by providing an
application-centric protection model, which better supports
compartmentalised user programs that set up one (or many)
sandboxes to process untrustworthy data in. A number of
applications, from tcpdump to the Chromium web browser, have been
modified to use sandboxing to confine risky activities such as
the parsing of untrusted packets and HTML/JavaScript
rendering.</p>
<p>We plan to begin merging the core Capsicum kernel features
to &os; 9-CURRENT in November/December 2010 once a number of
known problems have been resolved. Following a KBI analysis, we
will consider merging our 8-STABLE backport to Subversion. For
the time being, and while APIs stabilise, we plan to distribute
the Capsicum libraries via ports. However, simply having the
kernel features in place is sufficient to support sandboxing in
tcpdump and Chromium.</p>
<p>The Capsicum paper by Robert Watson / Jonathan Anderson
(Cambridge) and Ben Laurie/ Kris Kennaway (Google) won a best
paper award at the 2010 USENIX Security Symposium!</p>
</body>
<help>
<task>More aggressively test (and as needed, fix) possible UNIX
domain socket garbage collector interactions with Capsicum.</task>
<task>Using results of our recent model checking analysis of the
namei() sandboxing approach, make robustness improvements.</task>
<task>Merge to &os; 9-CURRENT in November/December.</task>
<task>KBI analysis for possible 8-STABLE merge.</task>
<task>Convert more applications to use Capsicum sandboxing!</task>
</help>
</project>
<project cat='team'>
<title>FreeBSD Bugbusting Team</title>
<contact>
<person>
<name>
<given>Gavin</given>
<common>Atkinson</common>
</name>
<email>gavin@FreeBSD.org</email>
</person>
<person>
<name>
<given>Mark</given>
<common>Linimon</common>
</name>
<email>linimon@FreeBSD.org</email>
</person>
<person>
<name>
<given>Remko</given>
<common>Lodder</common>
</name>
<email>remko@FreeBSD.org</email>
</person>
<person>
<name>
<given>Volker</given>
<common>Werth</common>
</name>
<email>vwe@FreeBSD.org</email>
</person>
</contact>
<links>
<url href="http://www.FreeBSD.org/support.html#gnats" />
<url href="http://wiki.FreeBSD.org/BugBusting" />
<url href="http://people.FreeBSD.org/~linimon/studies/prs/" />
</links>
<body>
<p>The bugbusting team continue work on trying to make the contents
of the GNATS PR database cleaner, more accessible and easier for
committers to find and resolve PRs, by tagging PRs to indicate the
areas involved, and by ensuring that there is sufficient info
within each PR to resolve each issue.</p>
<p>July saw the addition of Alexander Best (arundel@) to this
bugbusting team, he is helping with the triaging PRs as they come
in, creating patches for problems and working with submitters to
get the solutions tested, and working through the PR backlog.</p>
<p>Also in July, Gavin Atkinson worked with Hans Petter Selasky on
the USB PRs, attempting to go through many of them and determine
the status of each of them. As a result, nearly 10% of the USB
PRs were determined to be closeable, with many more either being
marked as patched already or able to be committed quickly.
Several PRs that only affect the old (pre-8.0) USB stack were
also identified and marked as such. More work will take place
in this area in the future.</p>
<p>August saw us host another bugathon, with an aim of
investigating and getting into a committable state several of the
PRs with patches. Turnout was not as great as in the past -
mainly believed to be die to the short notice, but still several
PRs were progressed, with several commits made and several PRs
closed.</p>
<p>The number of PRs has held steady over the last three months,
with improvements in numbers in some categories (especially usb
and bin) being offset by slight increases in others.</p>
<p>Reports continue to be produced from the PR database, all of
which can be found from the links above. Committers interested
in custom reports are encouraged to discuss requirements with
bugmeister@ - we are happy to create new reports where needs are
identified.</p>
<p>As always, anybody interested in helping out with the PR queue is
welcome to join us in #freebsd-bugbusters on EFnet. We are
always looking for additional help, whether your interests lie in
triaging incoming PRs, generating patches to resolve existing
problems, or simply helping with the database housekeeping
(identifying duplicate PRs, ones that have already been resolved,
etc). This is a great way of getting more involved with
&os;!</p>
</body>
<help>
<task>Try to find ways to get more committers helping us with
closing PRs that the team has already analyzed.</task>
<task>Try to get more non-committers involved with the triaging
of PRs as they come in, and generating patches to fix reported
problems.</task>
</help>
</project>
<project cat='team'>
<title>&os; Release Engineering Team</title>
<contact>
<person>
<name>
<given>Release Engineering Team</given>
</name>
<email>re@FreeBSD.org</email>
</person>
</contact>
<links>
<url href="http://www.FreeBSD.org/releng/" />
</links>
<body>
<p>The Release Engineering Team has announced the schedule for the
upcoming joint release of FreeBSD 7.4 and 8.2. The schedules
are available on the Web site:</p>
<ul>
<li><a href="http://www.freebsd.org/releases/7.4R/schedule.html">
7.4-RELEASE schedule</a></li>
<li><a href="http://www.freebsd.org/releases/8.2R/schedule.html">
8.2-RELEASE schedule</a></li>
</ul>
<p>It is expected that 7.4 will be the last of the 7.X releases.</p>
</body>
</project>
</report>