|Og dreams of kernels||Greg KH||2 years 38 weeks ago|
|Re: Old IPSEC bug||Theo de Raadt||2 years 22 weeks ago|
|Re: Allegations regarding OpenBSD IPSEC||Rod Whitworth||2 years 22 weeks ago|
|Re: Allegations regarding OpenBSD IPSEC||Jason L. Wright||2 years 22 weeks ago|
|Re: Allegations regarding OpenBSD IPSEC||Bob Beck||2 years 23 weeks ago|
|Allegations regarding OpenBSD IPSEC||Theo de Raadt||2 years 23 weeks ago|
Luigi Rizzo recently announced on -current that he "has done an extensive rewrite of the IPFW code (userland + kernel) in an attempt to make it faster and more flexible." His announcement follows, and can also be found on the freebsdforums site.
IPFW, the software supplied with FreeBSD, is a packet filtering and accounting system which resides in the kernel, and has a user-land control utility, called ipfw(8).
KernelTrap has spoken with Peter Chubb who currently works for the Gelato Project. His efforts are presently focused on supporting large disks and partitions, utilizing 64-bits. Regarding the project's focus of improving Linux support for the Itanium 64-bit processor, Peter says, "Back in the days when the VAX was king, there was a general assumption amongst some programmers that `all the world's a vax'. In the Linux world, there's a similar assumption: `all the world's a pentium'."
Peter lives in New South Wales, Australia, with his wife, Lucy, also a kernel hacker, and two daughters. He earned a PhD under the late John Lions, author of the Lions Book. His UNIX kernel hacking experience is with an impressively large number of kernels.
Keith Owens recently announced the 3.0 release of kbuild 2.5. Major changes since release 2.0 [earlier story] include replacing the mdbm database engine with a custom engine for a performance increase, and removal of CML2 support. He followed up the release with some build time statistics comparing the existing build system to kbuild 2.5, saying, "I don't care how fast a build is, if it is not accurate then the time is wasted. Fortunately kbuild 2.5 is both fast and 100% accurate, unlike the existing build system."
In another thread, Linux creator and 2.5 kernel maintainer Linus Torvalds acknowledged that for now he was only accepting kbuild patches from Kai Germaschewski [earlier story], including those for kbuild 2.5. He offered several reasons, including the desire to avoid "flag day" patches preferring instead gradual merges of which Kai has demonstrated skill, that Kai is familiar with the build system, and finally that Kai is not a kbuild 2.5 supporter, "Which is a plus in my book: it means that whatever Kai tries to push my way I'll feel just that much more comfortable with as having had critical review."
"The Adeos nanokernel is based on research and publications made in the early '90s on the subject of nanokernels. Our basic method was to reverse the approach described in most of the papers on the subject. Instead of first building the nanokernel and then building the client OSes, we started from a live and known-to-be-functional OS, Linux, and inserted a nanokernel beneath it. Starting from Adeos, other client OSes can now be put side-by-side with the Linux kernel."
The announcement press release, dated today, describes the project as, "A novel approach to real-time Free Software". Philippe Gerum, main author of Xenomai and CarbonKernel, and also the main Adeos implementer says, "My primary motivation was to be able to keep contributing Free Software using a patent free technology. My work was directly inspired by Karim Yaghmour's paper published in February 2001. It grounded the implementation onto an original and solid theoretical background".
Though the first release is limited to running under a single copy of Linux, the intention is to expand to support multiple copies (such as is done by User Mode Linux), and eventually to even support multiple operating systems (known to adeos simply as 'domains'). Additional benefits include the ability to support patchless kernel debuggers and offering absolute priority to drivers when needed. Much of the related lkml thread follows.
The 1394 Trade Association (TA) and Apple today announced that the FireWire trademark, logo and symbol have been adopted as a brand identity for the IEEE 1394 connection standard in a no-fee license agreement between the TA and Apple. In conjuction with the anoucement the moderators of freebsdforums have posted a update on Firewire status on FreeBSD. The full post follows.
For those who haven't tried kbuild-2.5 (myself included), and want to know how much of an improvement it offers over the old system, Daniel Phillips offered some hard statistics. Here are the results:
old kbuild kbuild 2.5 Speedup
First time build: 7 min 8 sec 5 min 55 sec 17%
Incremental build: 25.94 sec 15.31 sec 41% :-)
Jeremy adds: Paul P Komkoff has picked up kbuild 2.5, and begun making available updated patches for the latest 2.4 kernel tree (x86 only so far). For those interested, he even created a kernel branch (-s) based on Alan Cox's -ac tree with kbuild 2.5 applied. He says, "Remember - I'm not Keith Owens - I'm just impressed by his work."
Recent 2.5 development kernel releases have included a string of kbuild 2.4 fixes by Kai Germashewski. For example, yesterday's release of 2.5.19 included a list of 13 kbuild patches. In a recent email, Kai offered an explanation of his recent efforts, "There is still quite a bit left to do (in particular improving dependency generation and modversions handling), but I think it makes sense to explain what happened so far."
In short order, the subject of kbuild 2.5 was brought up [earlier story]. Kai aknowledged kbuild 2.5 saying, "I believe kbuild-2.5 has lots of useful ideas and I'll go pick pieces". Linus evidently will not merge kbuild 2.5 until it is broken into smaller pieces, similar to his earlier request for CML2. Kai expressed his agreement, "Splitting things would at least allow for discussing whether these (and other) individual features are considered worthwhile or not, as opposed to getting the full bag or nothing."
Much of the recent thread follows.
Roland McGrath recently announced version 1.3 of the GNU Mach kernel, offering several bug fixes. He also noted, "We are no longer actively developing version 1.x of GNU Mach. We plan to make only necessary bug fixes or trivial enhancements in the 1.x line, and make further 1.x releases only as necessary for those purposes." A new 2.x version of GNU Mach is under development, utilizing the University of Utah's OSKit.
One notable change in 1.3 is the support of large disks (>= 10GB). Additionally, 1.3 provides direct kernel support for "boot scripts". Roland's full email follows with further details.
NetBSD 1.6 has been branched and the 1.6 release process has begun! Todd Vierlings posted the recent announcement to the currrent-users mailing list. With the recent -current CVS branch for 1.6, daily snaphots will be made available.
KernelTrap has spoken with Larry McVoy, BitMover founder and primary BitKeeper author. BitKeeper, a distributed source control system, has been adopted by Linux kernel creator Linus Torvalds and condemned by free software icon Richard Stallman.
In this interview, Larry looks back through the years, describing his exposure to computers and Linux. He also discusses the history of BitKeeper, from writing NSElite for Sun (which turned into their still used SCM, Teamware), to his desire to keep Linus from burning out, to the present day solution. The choice to not license BitKeeper under the GPL is also explained.
Larry discusses much beyond Bitkeeper as well, exploring some of his other interests. For the full interview, read on.
The WOLK project has for some time provided a "Working Overloaded Linux [2.4] Kernel", that is, one with an abundance of interesting patches applied. The result, though fun to play with have been labeled as "development kernels and for testing purpose only".
Project lead Marc-Christian Petersen recently announced a new patchset, this one for the 2.2 kernel. The current patch applies against the recently released 2.2.21 kernel [earlier story]. For a full listing of patches included, read on. This release was followed with the standard WOLK tag, "Want to see a patch included to this tree? Let me know! :-)".
On an OpenBSD mailing list, Kevin Lyda recently asked about a 1997 patent "on keeping state in a firewall". The patent #5,606,668, dated February 25, 1997 is titled "System for securing inbound and outbound data packet flow in a computer network", the abstract describing a packet filter.
Responses to how this patent might affect OpenBSD's packet filter, PF, and other firewall solutions were generally vague. However, OpenBSD creator Theo de Raadt offered, "We're not sure, but like everyone in the industry, we are not worried." He went on to explain that this is because the patent in question is quite specific, "See, a patent has many terms to it. And when they attack based on a patent, every single term must match our implimentation. We must be doing it exactly like their patent says. Most early patents had many many terms. New ones have only a few."