Ryan Dooley’s patch giving stack-smashing protection in libc is in. It’s not on by default. It adds some overhead but little binary size when turned on.
Matt Dillon posted 2 scripts he finds handy for searching in the source tree. The first one is used on its own, with the argument being the search target:
#!/bin/csh
#
# /usr/local/bin/search
find . -type f -and -not -name '*.*o' -and -not -name '*.a' -and -not -name '*.kld' | fgrep -v ./compile | xargs egrep "$argv" | egrep -v 'Binary'
And the other script, used to pull files containing the searchterm into an editor like so: ‘vi `pullout searchterms`’
#!/bin/csh
#
# /usr/local/bin/pullout
/usr/local/bin/search $argv | awk -F : '{ print $1; }' | sort | uniq
Dave Leimbach pointed at Cyclone during a discussion of dealing with insecure functions like sprintf() and strcopy()
Craig Dooley submitted a patch to add a number of improvements to agp, from FreeBSD5.
Ryan Dooley proposed adding ProPolice to the base system, and already has a potential patch.
Matt Dillon will be finishing up IPC using the model mocked up in libcaps. This will enable functions like getpwuid() as an IPC serviceand out of libc. If I recall correctly, IPC = Inter-Process Communication, as acronyms are a common question lately.
Jos Backus pointed at buildtool as an alternative to the various auto* tools.
Code to add the lnc and vx network drivers from FreeBSD-5 is in, put together by Joerg Sonnenberger. This is part of the PCI compat cleanup, though these just-added drivers just use newbus.
Libcaps, the library for userland threading, has been updated. Work is still proceeding on fp stave/restore, and some other tasks, including Galen Sampson’s work. Matt Dillon’s commit message sums it up as neatly as possible, so I’ll just paste it:
Major update to libcaps. Implement support for virtual cpus using
rfork_thread() and implement IPIs, per-virtual-cpu globaldata areas,
and per-virtual-cpu LWKT scheduling.
Boeing’s X-50A rotor craft is apparently named the “Dragonfly“. No real relation to this project, but it’s fun to see other places the name is used.
David Rhodus noted that rsync is now at version 2.5.7 because of a remotely-exploitable heap overflow. Anyone running a rsync mirror, especially of DragonFly, should update. This is in part the exploit that damaged a Gentoo mirror and a GNU server.
Galen Sampson and Matt Dillon have committed the first stage of the userland threading – globaldata structure and thread primitives are connected, and libcaps can lock in a fashion similar to the existing kernel locks.
Peter Kadau noted that if you are building a program such as XFree86 and it complains about not being able to find a particular library that you know exists on your system, you can use cpdup to move it (between, for instance, /usr/local/lib and /usr/X11R6/lib).
This is a temporary fix. However, if you are experiencing this right now, it’s probably because of an out-of-date dfports. Delete all packages, update, and reinstall packages, and you should be OK.
I haven’t had any posts for the past day or so because there’s not been a lot of activity on the mailing lists, and I’m working up an ‘end-of-year’ report similar to the FreeBSD Status Reports. No link yet, cause it’s not done.
Matt Dillon’s updated his diary.
/usr/src/nrelease has the ability to build the new ‘live’ CD iso images. Listed here is what Matt Dillon listed as possible make targets in that directory:
“release: This will do a full buildworld and buildkernel (GENERIC)
with the current source tree, then generate the release
ISO and directory structure in /usr/release.quickrel: This will do a ‘quick’ buildworld and buildkernel (i.e.
-DNOCLEAN) and then generate the release ISO and directory
structure in /usr/release.realquickrel: This is even faster. It assumes that the buildkernel and
buildworld have already been done and just generates the ISO
directory structure and ISO file in /usr/release.”
Matt Dillon has created ‘live CD’ features, so you can boot from a DragonFly CD and get to a useable prompt. To support this, cpdup is now included in /bin, and mount_mfs now has the -C option, which will automatically copy a read-only filesystem into a MFS mount. An experimental ISO is available on the download page.
Be warned that you will have to lay out filesystems on your own with fdisk, disklabel, etc., and this is largely undocumented, except in the README.
Continue reading “‘live CD’ available”
David Rhodus has checked in a new version of BIND, which may correct the recently discovered possible DoS. (commit notes don’t specify.)
So, it looks like this:
From an offhand comment Matt Dillon made, the first ‘release’ of Dragonfly is planned at least several months from now. (No definite date yet.) FreeBSD-5 should be entering a stable branch (5.3) around the same time, and the stable 2.6 Linux kernel should be appearing around mid-December, close to the same time as FreeBSD 5.2. KDE 3.2 should also be out in February. Gnome 2.6 is due in March.
So, early 2004 looks like it will have much to play with.
Not much to report, in part because of the U.S. holiday, so here’s a link to a recently-announced OpenBSD variant: ekkoBSD.