"With great sadness, I regret to inform you that Itojun will not be presenting his great knowledge of IPv6 at PacSec. I have been informed by several sources that he passed away yesterday," Dragos Ruiu announced the unhappy news on the OpenBSD -misc mailing list. He noted, "funeral services will be held on Nov 7th at Rinkai-Saijo in Tokyo. There aren't many details of his passing, so please let his family and relatives mourn in peace for now." Dragos offered the following words about Itojun:

"I knew Itojun as one of the smartest and kindest persons I have ever met. He helped everyone around him. He graciously hosted and assisted many foreigners new to Japan at the PacSec conferences, and was a good friend to all. He would go to extraordinary lengths to help anyone around him. We will all miss him - and his work on IPv6 will continue to help us for a long time.."

"If you knew or respected him, he would have wanted any energy you put towards grief to be spent on speeding the adoption and the robustness of the version 6 internet to which he devoted so much of his extraordinary life to."

"I am going to start committing bits and pieces of the HAMMER filesystem over the next two months," announced Matthew Dillon on the Dragonfly BSD kernel mailing list. He noted that the filesystem should be functional by the 2.0 release in December, "I am making good progress and I believe it will be beta quality by the release. It took nearly the whole year to come up with a workable design. I thought I had it at the beginning of the year but I kept running into issues and had to redesign the thing several times since then." Matthew then posted a detailed design document for the new filesystem.

During the followup discussion, Matthew was asked if HAMMER would be a ZFS killer. He responded, "ZFS serves a different purpose and I think it is cool, but as time has progressed I find myself liking ZFS's design methodology less and less, and I am very glad I decided against trying to port it." He noted it is essential to have redundant copies of data, but added, "the problem ZFS has is that it is TOO redundant. You just don't need that scale of redundancy if you intend to operate in a multi-master replicated environment because you not only have wholely independant (logical) copies of the filesystem, they can also all be live and online at the same time." As for how Dragonfly's new filesystem will address redundancy, he explained:

"HAMMER's approach to redundancy is logical replication of the entire filesystem. That is, wholely independant copies operating on different machines in different locations. Ultimately HAMMER's mirroring features will be used to further our clustering goals. The major goal of this project is transparent clustering and a major requirement for that is to have a multi-master replicated environment. That is the role HAMMER will eventually fill. We wont have multi-master in 2.0, but there's a good chance we will have it by the end of next year."

Mark Weinem offered a summary of NetBSD's six 2007 Summer of Code development projects. The projects included: the Automated Testing Framework, "the goal of the ATF project was to develop a testing framework to easily define test cases and run them in a completely automated way"; porting ZFS, "the primary goal of this project was to port volume emulation (ZVOL) functionality in order to mount ZFS file systems"; QoS framework for NetBSD's virtual memory system, "for delay sensitive systems such as streaming multimedia servers and back-end database systems, servicing the reader processes in a timely fashion is more important than the servicing the writers"; kernel file systems in userspace, as a result of the project, "almost all NetBSD kernel file systems can be compiled, mounted and run in userspace"; and hardware monitoring, "the aim of this project was to develop a kernel event notification framework to notify userland of hardware changes e.g. a new USB device being added". Mark added:

"NetBSD has been involved in the Google Summer of Code since its conception in 2005. This year we were glad to once again have the oppertunity to introduce six students to our operating system, to Open Source software development and get them sponsored by Google to work on projects defined by the NetBSD developers."

Andrew Doran posted some threading benchmark results to NetBSD's tech-kern mailing list, following up to some benchmarks he'd posted earlier. The results compared NetBSD -current with FreeBSD -current, and the Linux 2.6.21 kernel. Kris Kennaway was surprised by the results, and ran his own benchmarks with minimal configuration changes, summarizing, "this measurement shows that FreeBSD is performing 70-80% better than NetBSD in this 4 CPU configuration. This is in contrast to Andrew's findings which seem to show NetBSD performing 10% better than FreeBSD on a 4 CPU system (a very old one though)." He added, "the drop-off above 8 threads on FreeBSD is due to non-scalability of mysql itself. i.e. it comes from pthread mutex contention in userland."

Kris ran additional benchmarks with PostgreSQL instead of MySQL, showing much improved scalability above 8 threads, "postgresql is much more scalable than mysql on this workload and doesn't have silly scaling bottlenecks inside the application (cf the tail of the FreeBSD curve for mysql which is where pthread mutex contention kicked in)." He continued his testing, and found that on older 4CPU P3 hardware NetBSD did outperform FreeBSD, "but only by 3-4% (in particular I am not seeing the ~10% difference that Andrew observes on his 4*p3 700MHz). Given the age of the hardware and the fact that I am not seeing it on other workloads or on modern hardware it might just be due to a small scheduling difference on this configuration."

The OpenBSD project maintains a six month release cycle, with the upcoming 4.2 release officially scheduled for November 1'st. Each release includes a song relevant to current issues faced by the project. For this release the song is titled "100001 1010101", about which OpenBSD creator Theo de Raadt notes, "it is designed to sound like a mid-era Rush song, ie. something from Grace Under Pressure or such. And there's a few easter eggs hidden in the song as well. It also explains the inside sleeve image..." The referenced image shows a marathon between some of the different operating system mascots, running a a race through often hostile looking surroundings, fraught with distractions. Toward the bottom is an obvious reference to the recent issue of relicensing BSD code under the GPL, in which Puffy, the OpenBSD mascot, shows a map to Tux, the Linux mascot, and the latter takes off with it. The OpenBSD lyrics page explains that BSD code is shared with all, even non-open-sourced projects who respect the license and frequently return code, "we fully admit that some BSD licensed software has been taken and used by many commercial entities, but contributions come back more often than people seem to know, and when they do, they're always still properly attributed to the original authors, and given back in the same spirit that they were given in the first place." Theo noted, "that's the best we can expect from companies," going on to add, "but we can expect more from projects who talk about sharing -- such as the various Linux projects." He explained:

"Now rather than seeing us as friends who can cooperatively improve all codebases, we are seen as foes who oppose the GPL. The participants of "the race" are being manipulated by the FSF and their legal arm, the SFLC, for the FSF's aims, rather than the goal of getting good source into Linux (and all other code bases). We don't want this to come off as some conspiracy theory, but we simply urge those developers caution -- they should ensure that the path they are being shown by those who have positioned themselves as leaders is still true. Run for yourself, not for their agenda.

"The Race is there to be run, for ourselves, not for others. We do what we do to run our own race, and finish it the best we can. We don't rush off at every distraction, or worry how this will affect our image. We are here to have fun doing right."

"On behalf of the NetBSD Release Engineering team, I am happy to announce the availability of NetBSD 4.0 Release Candidate 2," stated Pavel Cahyna on the NetBSD -announce mailing list. The lower portion of the changelog lists numerous bug fixes since Release Candidate 1, the most important ones highlighted as: "ICH9 support in wm(4); Enhanced Speedstep support for VIA C7/Eden and amd64; many bugfixes for IPF; FAST_IPSEC fixes; wpi(4) bugfix; proplib local DoS fix; fix procfs exposing the real path of an executable inside chroot; msdosfs bugfix; fix of crash dumps on sparc64; ACPI SCI (system control interrupt) bug fix, addresses interrupt storms seen on some machines."

Pavel went on to note, "please note that in this release candidate, the sparc platform has been accidentally omitted. This will be corrected in the next RC cycle. We plan to release another release candidate next week." He concluded, "please help us test these release candidates as much as possible to make NetBSD 4.0 a solid release."

"Based on the new guidelines posted by the SFLC on 'Maintaining Permissive-Licensed Files in a GPL-Licensed Project: Guidelines for Developers', specifically section 5, we are introducing a new tag for use with patches which deal with files licensed under permissive licenses (BSD, ISC) on Linux wireless in our larger GPL project, the Linux kernel," explained Luis Rodriguez in an email titled, "new 'Changes-licensed-under' tag introduced for Linux-wireless". The web pages linked in the email appear to be an official response by the SFLC regarding the recent BSD vs. GPL licensing controversy surrounding the Atheros wireless device driver. Luis continued:

"Although some developers have a practice of implying their patches for a permissive licensed file abides by the respective permissive license of the file being patched, and although some changes are obviously not copyrightable, we would like to 'err on the side of caution', take the advice from SFLC, and introduce Changes-licensed-under in order to help the BSD family reap benefits of our contributions to permissive licensed files."

There were only a few brief replies to Luis' email. Stephen Hemminger suggested a simpler solution, "no, please don't [go] down this legal rat hole. It would cause bullshit like people submitting dual licensed patches to the scheduler or GPL only patches to the ath5k or ACPI code. Instead, add a section to Documentation/SubmittingPatches that clearly states that all changes to a file are licensed under the same license as the original file." Krzysztof Halasa pointed out that this was already the case, quoting a line from the Developer's Certificate of Origin contained in the SubmittingPatches file which says, "the contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file".

A thread on the OpenBSD-misc mailing list compared the security of SELinux in the 2.6 Linux kernel to what's available in OpenBSD. The general opinion was that SELinux and its policy language are too complex, leading Damien Miller to note, "every medium to large Linux deployment that I am aware off has switched SELinux off. Once you stray from the default configurations that the system distributors ship with, the default policies no longer work and things start to break." Ted Unangst summarized, "the problem with security by policy is that the policy is always wrong."

Darrin Chandler suggested, "security should not be grafted on, it should be integrated into the main development process. I'm sure the patch maintainers are doing their best, but this doesn't change the fundamental flaw in the process. It's not a flaw of their making, it's inherent in the situation. But it's still a flaw." It was pointed out again that SELinux is part of the 2.6 kernel via LSM, to which Jason Dixon noted, "SELinux is a button. Buttons are easy to turn off. Darrin went on to say, "compare that to a complete operating system (OpenBSD) where security is part of code quality, and part of the normal mainline development." The security features in OpenBSD that were then discussed included propolice stack protection, random library mappings, proactive privilege separation, W^X, and systrace.

"We, the MadWifi team, announce our decision to move away from the binary-only HAL and change the focus of our future development towards ath5k, a completely free (as in freedom) driver which will eventually become an integral part of the Linux kernel," Michael Renzmann posted to the MadWifi development mailing list. The decision comes during continued debate surrounding what is and what is not allowed by the BSD license, and with no official statement yet from the SFLC. Much of the debate was due to an attempt to release BSD licensed files under the GPL, visible for example in the ath5k_hw.c source file which is still labeled as available "under the terms of the GNU General Public License" in the latest version of the file checked into the source repository linked from the MadWifi project page. It appears that actual development of the ath5k driver has been moved to Linville's git tree, where the license is now purely BSD, though debate remains as to what's required to be able to add additional copyrights to source code as have been added to the reverse engineered HAL code originally written by Reyk Floeter. In an earlier confrontation with Atheros, the work done by Reyk was determined to be free of copyright infringement:

"A driver for Atheros wireless cards is available in OpenBSD that talks directly to the hardware, based on reverse engineering efforts done by Reyk Floeter. Relevant parts of the driver have been ported to Linux by Nick Kossifidis to start OpenHAL, a free (as in freedom) replacement of the proprietary HAL. Claims that the OpenBSD driver (and thus also OpenHAL) contains stolen code slowed down the OpenHAL efforts but finally could be voided. The Software Freedom Law Center (SFLC), with the help of Atheros, performed a thorough code review and concluded "that OpenHAL does not infringe copyrights held by Atheros". In other words, the way is clear now for the inclusion of an OpenHAL-based driver into the Linux kernel."

Ulrich Drepper noted a difference between the Linux connect(2) man page and the POSIX specification. The former states, "connectionless sockets may dissolve the association by connecting to an address with the sa_family member of sockaddr set to AF_UNSPEC." The latter reads, "if address is a null address for the protocol, the socket's peer address shall be reset." Ulrich explained that he preferred the description in the Linux man page, but the Linux kernel seems to actually follow the POSIX specification, "is this functionality which got lost over time? Or is the man page wrong and this never was the case? Is this a worthwhile change?"

Alan Cox noted, "we got it from the 1003.4g draft socket specification if I remember rightly." David Miller suggested, "the whole AF_UNSPEC thing I'm almost certain comes from BSD, which has behaved that way for centuries." Alan concurred, "its entirely plausible that [the 1003.4g draft socket specification] got it from 4BSE." Ulrich concluded, "I guess I'll just go ahead and file a problem report with the spec. Maybe the Unix vendors will test their implementations and provide feedback."

"What is going on whenever someone changes code is that they make a 'derivative work'," began Theodore Ts'o. "Whether or not you can even make a derivative work, and under what terms the derivative work can be licensed, is strictly up to the license of the original. For example, the BSD license says: 'redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met....' Note the 'with or without modification'. This is what allows people to change BSD licensed code and redistribute said changes." Regarding code that is GPL'd, he added, "it is not a relicencing, per se, since the original version of the file is still available under the original copyright; it is only the derived work which is under the more restrictive copyright."

Disagreement continued as to whether or not the BSD license allows the addition of new copyrights on unmodified or minimally modified code. Another disagreement was over the continued existence of improperly licensed files in developer source code repository histories from when BSD licensed files had been changed to the GPL, a problem since fixed. Jeff Garzik explained:

"In a purely open development environment, even personal developer trees are made public. That's the way we _want_ development to occur. Out in public, with a full audit trail. Your implied ideal scenario is tantamount to guaranteeing that mistakes are never committed to a public repository anywhere. Mistakes will happen. Even legal mistakes. In public.

"What you are seeing is an example of mistakes that were caught in review, and corrected. That's how any scalable review process works... the developer reviews his own work. the team reviews the developer's work. the maintainer reviews the team's work. the next maintainer reviews. and so on, to the top."

"Congratulations to the successful students and their FreeBSD Project mentors for participating in another productive Google Summer of Code," Murray Stokely noted on the -announce FreeBSD mailing list. He offered an interesting summary of all of this year's student projects, adding:

"This program encourages students to contribute to an open source project over the summer break with generous funding from Google. We have had a total of over 50 successful students working on FreeBSD as part of this program in 2005, 2006, and 2007. These student projects included security research, improved installation tools, filesystems work, new utilities, and more. Many of the students have continued working on their FreeBSD projects even after the official close of the program. We have gained many new FreeBSD committers from previous summer of code projects already, and more are in the process."

As the Atheros driver issue continues to simmer on the OpenBSD -misc mailing list and the Linux Kernel mailing list, with debate continuing over when the license of source code can be altered or added to, Eben Moglen made a statement for the Software Freedom Law Center. He began by defending their own actions, "it might be useful to recall the first stage of this process, when OpenBSD developers were accused of misappropriating Atheros code, and SFLC investigated and proved that no such misappropriation had occurred? Wild accusations about our motives are even more silly than they are false." He went on to acknowledge, "we understand that attribution issues are critically important to free software developers; we are accustomed to the strong feelings that are involved in such situations. In the fifteen years I have spent giving free legal help to developers throughout the community, attribution disputes have been, always, the most emotionally charged." He added that the SFLC would be making no further statements until their work on this matter was complete, noting:

"Also, and again for the last time, let me state that SFLC's instructions from its clients are to establish all the facts concerning the development of the current relevant code (which means the painstaking reconstruction of several independent and overlapping lines of development, including forensic reconstruction through line-by-line code reviews where version control system information is not available), as well as to resolve all outstanding legal issues, and to make policy recommendations, if possible, that would result in all projects, under both GPL and ISC, having full access to all code on their preferred terms, on an *ongoing* basis, with full respect for everyone's legal rights. We continue to believe those policy goals are achievable in this situation. The required work has been made more arduous because some people have chosen not to cooperate in good faith. But we will complete the work as soon as we can, and we will, as Mr Garvik says, follow the community's practice of complete publication, so everyone can see all the evidence."

"Reyk and I have decided to show something from the private handling of this Atheros copyright violation issue," OpenBSD creator Theo de Raadt began in a posting to the OpenBSD -misc mailing list referring to the recent relicensing of OpenBSD's BSD licensed Atheros driver under the GPL. He noted, "it has been like pulling teeth since (most) Linux wireless guys and the SFLC do not wish to admit fault. I think that the Linux wireless guys should really think hard about this problem, how they look, and the legal risks they place upon the future of their source code bodies." He stressed that the theory that BSD code can simply be relicensed to the GPL without making significant changes to the code is false, adding, "in their zeal to get the code under their own license, some of these Linux wireless developers have broken copyright law repeatedly. But to even get to the point where they broke copyright law, they had to bypass a whole series of ethical considerations too." Theo went on to explain:

"I believe these people have received bogus advice from Eben Moglen regarding how copyright law actually works in a global setting. Perhaps the internationally based developers should rethink their approach of taking advice from a US-based lawyer who apparently knows nothing about the Berne Convention. Furthermore, those developers are getting advice freely from ex-FSF people who have formed an agency with an agenda. Some have suggested that the SFLC was formed to avoid smearing the FSF with dirt whenever the SFLC does something risky. Don't get trampled; there could be penalties besides looking unethical and guilty. Be really cautious, especially with things like this coming to mess with our communities."

Author of OpenBSD's hardware driver layer for wireless Atheros devices, Reyk Floeter, sent a query to the Linux Kernel mailing list regarding the recent licensing debate surrounding the Linux "ath5k" driver, "I'm still trying to get an idea about the facts and the latest state of the incidence that violated the copyright of my code, because I just returned from vacation." He continued:

"I'm very disappointed about this and I hope that it was a mistake, because it is very unfair and malicious against me and the OpenBSD community. I invested a lot of time to write the code and to make it work with as many chipsets as possible. And during the last years, the OpenBSD community helped to test and to improve the driver. I always liked the idea to port it to other operating systems, but now somebody harmed these efforts by violating the license."

Reyk explained that he has cooperated with developers porting his free Atheros driver from OpenBSD to other operating systems, "because it is a clear sign against hardware companies attacking the free software 'community' by releasing binary-only driver objects instead of free code or hardware documentation." He explained that he had worked with the developers who ported his driver to Linux as "OpenHAL", "we exchanged ideas, bug fixes, and small code snippets. They sent me some bug reports and I also looked at their changes and reported some functional problems. This was possible because they kept the license in place." Finally he expressed concern that this would no longer be possible if the license was changed, "somebody wants to cancel any options to cooperate by locking me out with a prepended GPL and an invalid copyright on top of it."