| Room A | Room B | Room C |
09:50 - 10:00 |
Openning |
10:00 - 10:45 |
P01A: Understandings NFSv4 ACL's
John Hixson (john@ixsystems.com)
- Abstract
NFSv4 ACL's are hard. Many people have a hard time understanding them let alone how to utilize them. The purpose of this talk is to explain them in great detail and to demonstrate them in use to the audience so that all confusion is cleared. Demonstrations will be given in real time and questions will be answered so that everyone learns. All who attend should leave with a full understanding of NFSv4 ACL'S.
- Speaker
John Hixson is a BSD geek that resides in California. He has been using
open source software and operating systems since the middle 90's. He has
worked as both an engineer and systems administrator during the course
of his technical career. His employment with iXsystems keeps him busy
with FreeBSD, PC-BSD and FreeNAS. John enjoys working on anything that
is challenging and requires learning new things. In his spare time, he
likes to read, cook, make music and spend time with his family and play with new geek toys.
|
P01B: Bulk building in the many core era
Joerg Sonnenberger (joerg@bec.de)
- Abstract
bulk, the current generation of the pkgsrc bulk build infrastructure, was created during the GSoC 2007 and remained mostly unchanged. Increased processing power, affordable parallelization, signif- icantly more RAM and SSDs for storage have all changed the environment. This paper investigates different configuration choices and their perfor- mance and management impact. The current de- velopment towards looser coupling between clients and the build master are presented as well as the necessary changes for a secure integration of pack- age signatures. The impact of the changes is quan- tified for different native and virtualised setups. The measurements are used to identify improve- ments for the NetBSD kernel and pkgsrc.
- Speaker
Joerg Sonnenberger is a long term NetBSD developer. He has been working on a variety of topics from pkgsrc and the toolchain to power management.
|
P01C: OpenBSD - pf+rdomains create splendid multi-tenancy firewalls
Philipp Buehler (pbuehler@sysfive.com)
- Abstract
This paper presents a working OpenBSD environ- ment establishing a multi-tenant firewall with pf(4), rdomain/pair(4) and relayd(8) as work horses only.
The environment shows how to provision, operate, iso- late and manage all the components needed - and what isn't. I'll reveal how even complex setups can be devel- oped, tested and provisioned in a straightforward way.
Besides detailing on the OpenBSD bolts, there will be quick walkthrough how to create testing setups easily us- ing Vagrant in preparation for live usage.
For easy re-enacting all configuration of OpenBSD and Vagrant being used will be available online.
- Speaker
Philipp uses Unix since mid 1990s and OpenBSD since 2000. Born and working in
Germany mainly in Unix/Linux/BSD areas including ISP services and networking.
Been an OpenBSD developer from 2002 to 2005, trying to cleanup and test pf(4).
Co-founder of sysfive.com GmbH having the technical lead in designing and
operating FOSS-based business plattforms.
|
11:00 - 11:45 |
P02A: FreeBSD System Administration Using SysAdm
Dru Lavigne (dru.lavigne@att.net)
- Abstract
System administrators rely on a variety of built-in and third-party utilities to manage their FreeBSD systems. Management becomes more complex as the number of systems to administer increases, requiring the administrator to manage multiple connections and authorization keys. Third-party management utilities may rely on a configuration database which does not integrate manual edits to existing configuration files. Most third-party utilities require learning a new scripting language and do not provide hooks for ZFS management or FreeBSD-specific utilities such as jails. Further, the FreeBSD Project does not provide a REST API for management of remote systems.
SysAdm is a framework for administering a local or any number of remote FreeBSD or TrueOS systems. It is designed to complement FreeBSD's built-in configuration files, provides graphical and scriptable methods for performing routine system administration tasks, and includes a notification system to alert the administrator of events that require attention.
The SysAdm framework is built into TrueOS and is available as a FreeBSD package. In addition, the graphical component is cross-platform and available for the Windows and Mac OS X operating systems.
- Speaker
Dru Lavigne is the Director of Technical Documentation at iXsystems. She is author of BSD Hacks, The Best of FreeBSD Basics, and The Definitive Guide to PC-BSD. She is founder and current Chair of the BSD Certification Group Inc., a non-profit organization with a mission to create the standard for certifying BSD system administrators.
|
P02B: Addition of Ext4 Extent and Ext3 HTree DIR Read-Only Support in NetBSD
Hrishikesh (mhrishikesh@student.nitw.ac.in)
- Abstract
This paper discusses the project âImplementation of Ext4 and Ext3 Read Support for NetBSD kernelâ done as a part of Google Summer of Code 2016. The objective of this project was to add the support of Ext3 and Ext4 filesystem features viz., Ext4 Extents and Ext3 HTree DIR in read only mode by extending the code of existing Ext2fs implementation in NetBSD kernel,.
- Speaker
Hrishikesh is based from Rajasthan, India. He is a NetBSD source contributor, and currently working for D. E. Shaw & Co. (India) as a software engineer. He received his BTech in computer science and engineering from NIT Warangal (India) in 2016. Last summer, he has completed Googleâs summer of code-2016 for the project Implementation of Ext4 filesystem features in NetBSD kernel. He has a strong programming background and has done a number of programming project as the part of his graduation studies which includes MyFilesystem for Linux, Voice ChatApp for Linux, Another Compiler for C lang and Database schema evolution using machine learning.
|
P02C: Bidirectional Forwarding Detection (BFD) implementation and support in OpenBSD
Peter Hessler (phessler@openbsd.org)
- Abstract
That Internet links fail is a truism as old as Internet links. When a link fails, traffic gets dropped until the failure is detected and
traffic can be re-routed. Detection of failures can be quite tricky however, since they are not always directly visible. Most systems use link state or a form of keep-alives for detection of failures. Link state detection does not help when there are active devices between a router and the other system, such as a switch or long distance links which use MPLS. The in-protocol BGP timers can also be quite long (a common default is 90 seconds) which is a lot of traffic when one are
sending 10Gbps or even faster rates.
BFD is a new protocol that exists outside of existing routing protocols, but can communicate the status to all protocols. This allows for a single keep-alive to detect the health of a single link, without having to depend on a keep-alive in each and every protocol being used. As this is part of the "parent" interface, this does not introduce another layer
in the network configuration. And since the link-state is only per next-hop IP, one can mix and match BFD and non-BFD neighbours on the same interface. This is extremely useful for routers connected to an Internet Exchange Point, which can have hundreds of peers spread over 10 or more physical locations.
- Speaker
Peter Hessler has been a developer with the OpenBSD project since 2008.
Originally from San Francisco he has an interest in how things work. An OpenBSD user since 2000, he moved to Germany in 2008, to Switzerland in 2013, then back to Germany in 2015. In his spare time Peter enjoys drinking beer, filling out immigration documentation, and making bad puns.
|
12:00 - 13:30 |
Lunch |
13:30 - 14:45 |
Project Updates Session |
14:45 - 15:00 |
Break |
15:00 - 15:45 |
P03A: PC-BSD evolves into TrueOS
Kris Moore (kris@ixsystems.com)
- Abstract
In the summer of 2016 we announced that the PC-BSD project would be re-branding as TrueOS. Part of this re-branding has included some major changes to the operating system, in release philosophy, as well as technical changes both under the hood and end-user visible. This talk will detail much of the decision making process involved in the name changed, as well as a look at many of the technical changes which power the new TrueOS desktop. Lastly we will look at some of the new projects coming out of the lab that will power TrueOS into 2017 and beyond.
- Speaker
Kris Moore is the founder and lead developer of the most popular BSD based desktop, TrueOS, as well as the managing director for the FreeNAS/TrueNAS project(s). He resides in the Knoxville area of Eastern Tennessee (USA) with his wife and 5 children.
|
P03B: Hardening pkgsrc
Pierre Pronchery (pierre@defora.net)
- Abstract
pkgsrc is a package management system, developed as a community project and managed by the NetBSD Foundation. Its repository is the official source of third-party software packages on the NetBSD Operating System, but its portability and overall quality has allowed it to be adopted on other platforms as well. It is notably used in industrial and scientific contexts by major companies and organizations. Proper security management of the project is therefore critical, and existing managerial and technical processes are first summarized in this paper. A number of features helping with the security hardening of binary packages have been introduced in the past few months, and are described here. Additional mechanisms still under development are presented as well, with the hope of seeing them adopted and improving the overall security level further.
- Speaker
Pierre is an IT-Security consultant for over ten years now. Based in Berlin, Germany, he is a developer with the NetBSD Foundation since May 2012. Besides security, he also focuses on desktop & mobile integration. He leads the EdgeBSD Project since its inception in 2013, as a community platform for working on NetBSD with Git as the main VCS.
|
P03C: tcp synfloods - an old yet current problem, and improving pf to deal better with it
Henning Brauer (henning@openbsd.org)
- Abstract
TCP Synfloods have been with us basically since tcp is. They usually
render the attacked service unusable, thus are a Denial of Service
attack. They require relatively few ressources on the attacker side
and the source IP can be spoofed, making the attacker very hard to
track down.
Countermeasures have been implemented in TCP Stacks over the years, in
particular syncache and syncookies. Syncache just mitigates the
problem, or, like syncookies, comes with serious drawbacks.
And both only cover the tcp stack on an endpoint, but synfloods also
affect stateful firewalls.
For a stateful packet filter like pf, syfloods usually are are
ressource exhaustion problem, in this case, the state table. pf has a
lot on offer to fight generic state table exhaustion, but a synflood
can still affect normal operations considerably. By applying an
advanced syncookie implementation that mitigates the drawbacks to pf
and combining it with heuristics to detect synflood situations, we can
do better.
- Speaker
Henning has been an OpenBSD developer since 2002. He's the lead pf developer for many years now. Henning also started OpenBGPD and OpenNTPD, and the framework he wrote for them is the base of all newer network deamons in OpenBSD.
Aside from OpenBSD, Henning is the CEO of BS Web Services GmbH, an ISP, and net-activities GmbH, and he is a co-founder of Muniam, providing managed firewall services. He also is an elected member of the Hamburg Chamber of Commerce plenary, on the Board of Directors at the EuroBSDcon Foundation and co-chair of Standpunkt.Schanze e. V.
|
16:00 - 16:45 |
P04A: Case studies of sandboxing base system with Capsicum
Mariusz Zaborski (oshogbo@freebsd.org)
- Abstract
Capsicum is a lightweight OS capability and sand- box framework in the FreeBSD operating system im- plementing a hybrid capability system model. Cap- sicum continues to develop however at a very slow rate. We still struggle with porting for GNU/Linux or properly handling file system namespace. Aside from the above last year was very productive for Cap- sicum. More people got involved in the project and new interesting features were developed. However, most importantly a lot of applications from base sys- tems were sandboxed. In this article we will focus on the lessons learned from sandboxing base systems programs and new features which have been devel- oped over the past year. For this particular article we decided against describing Capsicum as a framework and the concepts behind it. If the reader is interested in Capsicumâs background we encourage reading our article from AsiaBSDCon from the past year [1] or more base articles: [3]. We recommend visiting the Capsicum website as well [2].
- Speaker
Mariusz Zaborski is a software developer at WHEEL Systems and student at
Warsaw University of Technology.
Mariusz's main ares of interest are OS security and low-level
programming. At Wheel Systems, Mariusz is developing a solution to
monitor, record and control traffic in an IT infrastructure.
He has been involved in the development of Capsicum and Casper since
Google Summer of Code 2013, which he successfully passed under
the mentorship of PaweÅ Jakub Dawidek.
Mariusz has been a FreeBSD project commiter since 2015.
|
P04B: The History and Future of Core Dumps in FreeBSD
Sam Gwydir (sam@samgwydir.com)
- Abstract
Crash dumps, also known as core dumps, have been a part of BSD since its beginnings in Research UNIX. Though 38 years have passed since doadump() came about in UNIX/32V, core dumps are still needed and uti- lized in much the same way they were then. However, as underlying assumptions about the ratio of swap to RAM have proven inappropriate for modern systems, several extensions have been made by those who needed core dumps on very large servers, or very small embedded systems. Frustratingly these extensions have not made it to upstream FreeBSD.
The following paper begins with a quick background on what core dumps are and why operators might need them. Following that the current state of the core dump facility and some of the more common extensions in use are examined. We conclude with a call to action for upstreaming these extensions and modularizing the core dump code such that different methods of core dump can be dynamically loaded into the kernel on demand.
In addition a complete history of core dumps in UNIX and BSD was produced as research for this paper and can be found in the appendix.
- Speaker
Sam Gwydir is a student at Texas A&M University working on an undergraduate degree in Computer Engineering and Mathematics. He is a systems engineer at Groupon in charge of their FreeBSD systems.
|
P04C: Everything you ever wanted to know about "hello, world"* (*but were afraid to ask.)
Brooks Davis (brooks.davis@sri.com)
- Abstract
The first example in the classic book "The C Programming Language" by Kernighan and Ritchie[1] is in fact a remarkably complete test of the C programming language. This paper provides a guided tour of a slightly more complex program, where printf() is called with multiple arguments. Along the way from the initial processes's call to exec() to the final _exit(), we'll tour the program loading code in the kernel, the basics of system-call implementation, the implementation of the memory allocator, and of course printf(). We'll also touch on localization, a little on threading support, and a brief overview of the dynamic linker.
- Speaker
Brooks Davis is a Senior Software Engineer in the Computer Science Laboratory at SRI International and a Visiting Research Fellow at the University of Cambridge Computer Laboratory. He has been a FreeBSD user since 1994, a FreeBSD committer since 2001, and was a core team member from 2006 to 2012.
Brooks earned a Bachelors Degree in Computer Science from Harvey Mudd College in 1998. His computing interests include security, operating systems, networking, high performance computing, and, of course, finding ways to use FreeBSD in all these areas. When not computing, he enjoys cooking, brewing, gardening, woodworking, blacksmithing, and hiking.
|
17:00 - 17:45 |
P05A: Continuous Integration of The FreeBSD Project
Li-Wen Hsu (lwhsu@freebsd.org)
- Abstract
The FreeBSD project's continuous integration project started in the late 2013. We use Jenkins automation server to build our continuous integration system. It monitors the svn repository for new commits and triggers a new build of it. In each build, the build machine compiles the latest code, creates disk image and creates a virtual machine to run test suite. In the meantime, we collect the compiler warnings and perform some further checks like clang analyzer. All these information are published to the developers and users to improve the quality of the FreeBSD project. In this paper, we describe the details of the system implementation.
- Speaker
Li-Wen Hsu is a FreeBSD ports committer since 2007 and part of FreeBSD continuous integration team since 2013. He is a software engineer and system administrator for fun and profit, whereas he is a scuba diver, biker, and snowboarder just for fun.
|
P05B: Towards a HVM-like Hardware Domain for Xen
Roger Pau Monne (royger@FreeBSD.org)
- Abstract
Xen is a hypervisor using a microkernel design that allows running multiple concurrent operating sys- tems on the same hardware. One of the key fea- tures of Xen is that it is OS agnostic, meaning that any OS (with proper support) can be used as a host. Xen has a long history going back to the 90s when it was designed and the early 2000s when it was released. As a consequence of this, many of the assumptions and virtualization techniques backed into it are now superseded by new hardware features, that make virtualization more transparent from an OS point of view.
This paper provides an analysis of the current inter- face provided by Xen to host OSes (hardware do- main), itâs limitations and the current work in order to improve it.
- Speaker
Roger Pau Monné is a Software Engineer at Citrix and a FreeBSD developer. He is currently working on maintaining and improving Xen support in FreeBSD. Apart from contributing to Xen and FreeBSD he also contributes to other related Open Source projects, like the Linux kernel and Qemu.
|
P05C: 10 Years with DragonFlyBSD network stack
Yanmin Qiao (sepherosa@gmail.com)
- Abstract
In this paper we are going to introduce the evolution of DragonFlyBSD's network stack in the past 10 years: what's the current state of its network stack, the important changes we did to it, why the important changes, and the lessons we learned. Finally, I'd like to list the areas that DragonFlyBSD's network stack can enjoy help hands.
- Speaker
Yanmin began his BSD journey since 2002, when he was still in college. He was granted DragonFlyBSD commit bit in 2005. He mainly works on DragonFlyBSD's networking stuffs and many other kernel and device driver stuffs to make network stack better.
|
18:30 - 21:00 |
Banquet (in Arcadia Ichigaya) |
| Room A | Room B | Room C |
09:00 - 09:45 |
P06A: Improving FreeBSD on Hyper-V/Azure
Yanmin Qiao (sepherosa@gmail.com)
- Abstract
In this paper we are going to introduce the improvement, enhancement and new functionalities that we have introduced for FreeBSD on Hyper-V/Azure in the past year.
- Speaker
Yanmin began his BSD journey since 2002, when he was still in college. He is a FreeBSD and DragonFlyBSD source committer. He is mainly interested in device drivers and networking stuffs, and he is currently working at Microsoft to improve the FreeBSD on Hyper-V and Azure.
|
P06B: Maintain the NetBSD Base System Using pkg_* Tools
Yuuki Enomoto (m2160020@photon.chitose.ac.jp)
- Abstract
This paper describes the script "basepkg.sh" for base system packaging to make NetBSD base system more granular.
Today, fine granular systems are expected to provide more rapid security update and more flexible customization in creating a very small base system for sensor network.
In "NetBSD", base system packaging mechanism called "syspkg" has been developed, but now, its development is stagnant. In addition, it is troubled to deal with "syspkg" consisting of a lot of Makefiles and shell scripts.
Thus we developed a shell script simpler than "syspkg" framework. This script uses src/distrib/sets/lists files and pkg create command to generate a fine granular base package. We verified our system can provide minimum functionality that our package can replace a part of NetBSD base system. It provides the first step for more granular NetBSD
- Speaker
Yuuki Enomoto was received the bachelor's degrees in science and engineering from Chitose Institute of Science and Technology, Hokkaido Japan, in 2016. He is now a master course student of Chitose Institute of Science and Technology. His research interest is package of NetBSD base system.
|
P06C: SSH Performance
Allan Jude (allanjude@freebsd.org)
- Abstract
Ongoing development to maximize performance of bulk data transfer over SSH. Development includes improvements to the HPN patch sets to resolve problems with dynamic window scaling (both TCP and SSH windows), new functionality to manually specify a larger remote send/receive socket buffer for high latency networks, and development of the new NONEMAC feature. The author also presents detailed benchmarks on the performance tuning required to maximize transfer rates over both local and long-haul networks. A comparative analysis of the performance of various ciphers on modern amd64 hardware is also presented.
- Speaker
Allan Jude is VP of Operations at ScaleEngine Inc. where he manages a global network of servers, and more than 1000 terabytes of ZFS, that make up the ScaleEngine CDN. He also hosts the weekly podcast BSDNow. A FreeBSD user since 2.2 and sysadmin since 4.5, became a FreeBSD docs committer in 2014, src committer in 2015, and was elected to the core team in 2016. In the spring of 2015, he published "FreeBSD Mastery: ZFS" with Michael W. Lucas, followed by "FreeBSD Mastery: Advanced ZFS" in 2016.
|
10:00 - 10:45 |
P07A: FreeBSD-powered LCD Advertising Displays in Some Waiting Rooms along High-speed Railway of China
Xiao Li (intron@intron.ac)
- Abstract
In 2011, 101 freestanding LCD advertising displays were installed inside eleven waiting rooms along high- speed railway between Shanghai and Xuzhou. In 2013, 7 LCD advertising display towers were installed inside four waiting rooms along high-speed railway between Shenyang and Dalian. Inside these devices, tailored FreeBSD images with Xorg run with Intel CPU's and flash memories. The strong body of FreeBSD ensures advertising pictures and videos are stably played and the electric motors in the towers act correctly under control of advertising programs, with attracting billions of eye looks from day and day, and even from year to year. This paper covers the business use case other than network server, the user experience on the stability and the pain point on GPU.
- Speaker
Li, Xiao is a software/hardware engineer living in China. He runs his tiny company in Beijing. He is an experienced FreeBSD developer. He worked on ports of LaTeX and Linux compatibility. He is enthusiastic in FreeBSD community of China. He is interested in design of printed circuit board and cross-platform software.
Kylie Liang is a senior program manager at Microsoft where she is leading FreeBSD related programs on public and private cloud, including FreeBSD Integration Service for Hyper-V development, FreeBSD based Virtual Appliance business engagement and promotion. Prior to Microsoft, Kylie started her career at Intel and led several software projects of kernel drivers and open source virtualization software. Kylie got her master degree from ICT (Institute of Computing Technology) at Chinese Academy of Sciences. Kylie has dedicated herself to Open Source areas and has been promoting collaboration with Open Source communities for years.
|
P07B: Applying Machine Learning to Improve apropos(1)
Abhinav Upadhyay (abhinav@NetBSD.org)
- Abstract
In 2011 NetBSD acquired a new implementation of apropos(1). This new implementation is capable of doing full text search using the Sqlite backend. One of the core components of this new implementation of apropos(1) is its ranking algorithm, which allows apropos(1) to show more relevant results at the top of the search results. This ranking algorithm uses a term weighting scheme called tf-idf. Its performance has largely proven to be quite satisfactory, however, there is still much room of improvement.
Playing around with the ranking model requires a dataset in order to evaluate and compare the performance of various models. This paper discusses the creation of a dataset in order to evaluate the performance of ranking models. It also discusses results of training machine learning models on this dataset with the task of improving the existing ranking algorithm used in apropos(1).
- Speaker
Abhinav Upadhyay is a NetBSD developer and works for Reve Marketing, a martech startup of Pramati Technologies, as a Senior Software Engineer. Abhinav first worked for The NetBSD Foundation during Google Summer of Code 2011. He is responsible for rewriting apropos(1) in NetBSD, implementing full text search for man pages. He has also created man-k.org - a web interface to NetBSD's apropos(1).
His interests lie in the areas of systems software and machine learning. He enjoys working in the cross section of the two domains to build novel tools and interface
|
P07C: FreeBSD ARM: Before Kernel
Emmanuel Vadot (manu@bidouilliste.com)
- Abstract
Booting FreeBSD on an ARM board relies on three things : U-Boot (An opensource bootloader for em- bedded devices), ubldr (a version of loader(8) using the U-Boot API) and a DTB (Devicetree Blob, a file that describe the hardware that we are running on). You, of course, also need drivers for the board Sys- tem On a Chip but this is beyond this paper. Therefore it is important to keep up with U-Boot re- lease as adding support for a new board will require support for it in U-Boot. It is also important to keep up with the DTS (Devicetree Syntax, the file that will be converted in a DTB) that we import from the Linux Kernel project as new board means new DTS file for it.
- Speaker
|
11:00 - 11:45 |
P08A: Challenges of TLS encryption at 100Gb line rate in the FreeBSD kernel
Scott Long (scottl@netflix.com)
|
P08B: Portable hotplugging: NetBSD's uvm hotplug(9) API development
Santhosh Narayanan Raju (santhosh.raju@gmail.com)
- Abstract
NetBSD has quietly re-engineered its virtual memory subsystem over the years via uvm(9). uvm(9) is portable|to the point where usermode kernels, paravirtualised kernels and monolithic kernels all share the same MI VM code. (The notable exception being rumpkernel(7), which brews its own stubs).
One sticky point in all these configurations is the early boot time system memory segment management. On NetBSD, this was till "managed" via a static array.
We show how this static implementation was transformed into a dynamically managed key/value pair system, almost entirely in userspace, and using Test Driven Development methodologies on NetBSD's testing framework.
We further show how this enabled us to measure the performance of our changes, within the limitations of NetBSD's testing framework by integrating load testing into our userspace development methodology.
- Speaker
Generic programmer, who loves tinkering around with stuff and playing games preferably on a PC.
|
P08C: Writing a FreeBSD IR driver for small ARM boards using evdev interface
Ganbold Tsagaankhuu (ganbold@gmail.com)
- Abstract
There are various input devices including keyboard, mouse and touchscreens exist these days. They need to have corresponding driver in operating system in order to work correctly. Input drivers in FreeBSD still have a lot of room for improvement, especially for new types of devices such as touchscreens and infrareds.
This paper describes the possible way of writing input driver in case of Consumer IR (CIR) controller using new Evdev interface recently committed by Oleksandr Tymoshenko. The paper also shows how to test CIR driver and demonstrates the use of it on small ARM boards.
- Speaker
Ganbold is working on various FreeBSD related projects. He is also promoting Unix like operating systems and Open Source in Mongolia. He is the one of the founders of Mongolian Unix User Group. He received his Masters degree in Computer science from Novosibirsk State Technical University in 1994. After graduating from university he worked for Secretariat office of Parliament of Mongolia, where he learned a lot, from repairing personal computers to installing and configuring LAN, tuning Windows, Netware and Linux servers. From 1998 to 2001 he worked as a national professional connecting government agencies and organizations to WAN for joint project that was implemented by Mongolian Government and United Nations Development Programme. Since 2002 to 2009 he worked for local ISP where he had to administer more than 30 FreeBSD servers and develop various software. He translated FreeBSD handbook to Mongolian language and started contributing to FreeBSD project since 2007. From April, 2009 to July, 2014 he worked for local mobile operator where he was in charge of IT division that had to develop software, administer servers and improve security of the company.
|
12:00 - 13:30 |
Lunch |
13:30 - 15:00 |
Keynote K01: Software Stacks to enable Software-Defined Networking and Network Functions Virtualization
Yoshihiro NAKAJIMA (nakajima.yoshihiro@lab.ntt.co.jp)
- Abstract
Software-defined networking (SDN) and network functions virtualization (NFV) are big trends to enhance flexibility and elasticity for traffic, configuration, management and operation in network infrastructure. NTT laboratories have led several open source projects for networking, Ryu, GoBGP, and Lagopus, to enable SDN and NFV. Ryu is a component-based SDN framework that supports various protocols for managing or controlling network devices, such as OpenFlow, Netconf, and basic routing functions. GoBGP is a BGP implementation designed from scratch for modern environment with Go language. Lagopus is an SDN software switch designed to achieve high-performance packet processing with DPDK on multicore CPUs modern servers. We introduce these projects and talk mainly about Lagopus SDN software switch in terms of its implementation and performance improvement techniques. We also share our recent trials and collaborations.
- Speaker
|
15:00 - 15:15 |
Break |
15:15 - 16:00 |
P09A: State of LibreSSL and OpenSSL in FreeBSD
Bernard Spil (brnrd@FreeBSD.org)
- Abstract
The OpenSSL libraries are an essential part of the FreeBSD base operating system and the ports collection. In the recent past there have been many, sometimes critical, flaws in OpenSSL. This has led to forks of OpenSSL by Google (BoringSSL) and OpenBSD (LibreSSL). This paper explores the state of LibreSSL and OpenSSL on the FreeBSD operating system and derivative products and demonstrates replacement of OpenSSL with LibreSSL for both the base operating system as well as the ports collection.
- Speaker
Bernard Spil has worked on l2k15 OpenBSD LibreSSL (use of LibreSSL outside of OpenBSD) and is a FreeBSD ports committer. He maintains the LibreSSL patch repository and is also a PC-BSD ports committer and maintainer of all LibreSSL related fixes. In addition, he is also a HardenedBSD base/ports committer where he also maintains the base LibreSSL changes and all LibreSSL related ports fixes.
|
P09B: Reproducible Builds in FreeBSD
Ed Maste (emaste@freebsd.org)
- Abstract
The goal of a reproducible build is to allow anyone to build an identical copy of a software package from given source code, to verify that no flaws have been introduced in the compilation process. This paper presents an introduction to reproducible builds, explains why build reproducibility is desirable, reports on the current state of build reproducibility in FreeBSD, and examines some of the techniques used to obtain repro- ducible builds.
- Speaker
Ed Maste manages project development for the FreeBSD Foundation and works in an engineering support role with the University of Cambridge Computer Laboratory. He is also a member of the elected FreeBSD Core Team. Aside from FreeBSD and LLVM projects, he is a contributor to several other open-source projects.
He received a grant from the Linux Foundation's Core Infrastructure Initiative to work on reproducible builds in FreeBSD.
He lives in Kitchener, Canada, with his wife, Anna, and sons, Pieter and Daniel.
|
P09C: GENERIC ARM -- Creating a single kernel configuration for FreeBSD/armv6
Andrew Turner (andrew@fubar.geek.nz)
- Abstract
During a talk at EuroBSDCon 2016 [46] it was men- tioned FreeBSD had no GENERIC kernel for armv6. While this was true at the time the claim was made a GENERIC kernel configuration was committed before the talk finished. This talk will provide a history of how this kernel configuration, common on other architectures, was added to armv6.
We will look at why having a common kernel on 32-bit ARM is so difficult, and what was needed to make this possible. This will include support for Flattened Device Tree, early page table handling, INTRNG, and the ARM platform and MULTIDELAY work.
With these changes a single FreeBSD can boot on at least six vendors SoCs, with more being added.
- Speaker
Andrew Turner works as a Freelance Software Engineer and a University of Cambridge Research Associate. For the last 4 years he has been working on the port of FreeBSD to arm64, and in his spare time hacks on the FreeBSD armv6 port.
Andrew has had is sanity questioned by an Emacs developer for removing functions from the arm64 libc POSIX deprecated many years before 64-bit ARM was even a concept.
|
16:15 - 17:00 |
P10A: Comprehensive and biaised comparison of OpenBSD and FreeBSD
Baptiste Daroussin (bapt@FreeBSD.org)
- Abstract
This paper will look at some of the differences between the FreeBSD and OpenBSD operating systems. It is not intended to be solely technical but will also show the different "visions" and design decisions that rule the way things are implemented. It is expected to be a subjective view from two BSD developers and does not pretend to represent these projects in any way.
We don't want it to be a troll talk but rather a casual and friendly exchange while nicely making fun of each other like we would do over a drink. Of course, we shall try and hit where it hurts when that makes sense. Obviously, we both have our personal subjective preferences and we will explain why. Showing some of the weaknesses may encourage people to contribute in some areas.
Most of the topics discussed here could warrant their own paper and talk and as such some may not get the deep analysis they deserve.
This is a totally biased talk from two different perspectives.
- Speaker
Antoine Jacoutot has been an OpenBSD developer since 2006. He is currently working as an open source evangelist for the French company D2SI.
Baptiste Daroussin has been a FreeBSD developer since 2010, member of the FreeBSD core team since 2014. He is working at Gandi.net
|
P10B: Holding onto things in a multiprocessor world
Taylor R Campbell (riastradh@NetBSD.org)
- Abstract
The NetBSD kernel is a complex multiprocessor system that manages many
kinds of hardware and software resources, such as network routes,
device drivers, and cached file system objects that may be destroyed or
freed from time to time when no longer in use.
We present three mechanisms -- passive serialization, passive
references, and local counts -- by which one thread can safely acquire,
use, release references to resources, while another thread may be
creating new ones or trying to free, destroy, or unload existing ones.
Unlike mutex locks, reader/writer locks, atomic operations for
reference counts, etc., these mechanisms all scale in parallel to many
cores.
We compare the different serial, parallel, and memory performance
characteristics of the three mechanisms to more traditional approaches,
and examine their impacts on API contracts and incremental development
of a parallel network stack.
- Speaker
Taylor `Riastradh' Campbell has been a NetBSD developer since 2011.
His first major contriution was to fix the synchronization of the
rename system call, which has to maintain a global tree structure while
juggling a lock order between four objects any pair of which might be
the same. Other major contributions include porting the DRM/KMS
graphics stack to NetBSD and implemented passive references to enable
incremental work on parallelizing the NetBSD network stack. He has
been a member of the board of directors of The NetBSD Foundation since
2016, and is under the constant supervision of two cats.
|
P10C: bhyve ARM - Current State Analysis and An Overview of the Porting Process to Hardware Platforms
Mihai Carabas (mihai.carabas@cs.pub.ro)
- Abstract
Since its beginning in the 1960, virtualization has been an intensively researched subject in Computer Science, with important discoveries in both software and hardware. Due to the rapid advances in hardware, embedded platforms have become a worthy candidate for hosting virtualized systems. FreeBSD hypervisor (bhyve) has been recently ported, as a proof of concept, to an ARMv7 platform that runs on an emulator provided by ARM (FastModels). This paper aims to make an overview of the bhyve-arm implementation, its current state and tries to do a port to a hardware platform.
- Speaker
My name is Mihai Carabas and I'm a PhD student at University POLITEHNICA of Bucharest in the domain of virtualization. I've contributed over the last four years in FreeBSD and DragonFlyBSD virtualization code.
I've started working on BSD systems four years ago, on DragonFly BSD, tweaking its scheduler to be SMT (or HT) aware. In the next year I've implemented hardware nested page table support (EPT for Intel) for the DragonFly BSD vkernels eliminating the need of shadow page tables.
In 2014 I've worked on a bhyve project where I've tried to minimize the impact of instruction emulation by caching the emulated instructions. Thus, at further usage, we use the hot cache instead of fetch-and-decode the faulted instruction again (the work has been presented during AsiaBSDCon 2015).
In 2015 I've started working on porting the bhyve hypervisor on ARM-based platforms. I had to write from scratch the low-level context switch code and adapt it to a Type-2 hypervisor: ARM, by its design, ensures support for Type-1 hypervisors (a hypervisor that runs without a host OS). bhyve is written to be part of the FreeBSD and use its management features and thus its a Type-2 hypervisor. Another problem was to fork the current bhyve code base and reuse it with minor modifications for ARM (basically to preserve the same API - in the near future to be able to create a generic code-base for bhyve and only the context switch code to reside in the machine-dependant code). Until now I've manage to run a virtual machine on top of the bhyve hypervisor using FastModels simulation platform. There is work in progress at the virtualization of the interrupts to have a fully functional GuestOS.
In 2014 and 2015 in parallel with the work at bhyve I've promoted bhyve in my university and coordinated students to do bhyve-related projects. One of the succesfull ones is the bhyve-ATA-emulation.
In 2016 I've been coordinating two FreeBSD/bhyve main projects:
- save/restore feature for x86_64 bhyve
- porting bhyve-ARM to hardware platforms
|
17:00 - 18:30 |
Work-in-Progress Session |
18:30 - 18:30 |
Closing |