Category: Committed Code
John Marino is working on versioning libc, and as part of that process, libc is no longer loaded into executable memory. Here is I think an explanation of lib versioning that may apply, and of course moving things that aren’t supposed to execute, out of executable memory areas, is good for security. There’s more on that topic, too – W^X may be a similar example.
This is a complicated topic that I’m not part of, so suggest better descriptions in the comments, please.
I don’t note it enough, but Tomohiro Kusumi has been making constant updates to HAMMER, the version we have now. Often they are the sort of update that makes the code more readable, or fixes possible problems, and so on. Very essential, but hard to post about it. In any case, I’m using his recent improvements to hammer volume-del to note his contributions, of which there are much more than the day’s worth I link here.
hostapd, for creating a wireless access point, has been included in DragonFly along with wpa_supplicant, for a long time. Like wpa_supplicant, there’s a version in dports that is the latest version and is easier to update (e.g. no system update required to get a newer version.) Unlike wpa_supplicant, there’s no chicken-and-egg installation problem if it’s not in the base system – so out it goes.
The more eagle-eyed may have noticed a branching for DragonFly 4.2, and for DragonFly 4.0.6. The 4.2 branch is currently only a release candidate, so don’t necessarily change over yet – it’s for testing, not release.
Note that packages for 4.2 are not yet built, so you’ll have to manually specify a package path to install with pkg on 4.2 – for now.. That won’t be the case for the actual release, of course. DragonFly 4.3 users will have to specify PKG_PATH manually to use 4.2 images until new ones are built. 4.2 release candidate users will be fine. (see comments for correction.)
The 4.0.6 release is mostly to get the recent OpenSSL update into a 4.0.x build.
I am working on image building for both.
Even sysctl accesses can be made to handle multiprocessor environments. This can actually make a difference when you’ve got a lot of processors building a lot of software, as in all of dports.
Those changes I mentioned yesterday for text console support? They’re in DragonFly-master now, along with a loader tunable to turn it on and off.
Hammer will perform daily housekeeping tasks each night. If you’re up late enough, it may kick off while you are working. If you want to stop the process after it’s already started (since it’s disk-intensive), John Marino has added the ‘abort-cleanup‘ command.
Sepherosa Ziehau has introduced a new sysctl:
Set this to zero and you won’t get endless ARP events from networks you aren’t on. For example, I’m hooked up to a cable modem. I only get a public routable IP address, but the network used for the cable modem network itself bleeds ARP packets out where my DragonFly machine can see it. Since it’s on a different network segment than the address I receive through DHCP, it always fails and the system logs it. For example:
May 11 05:20:52 www kernel: arplookup 100.68.112.145 failed: host is not on local network
I can’t do much about it since that layer 2 leakiness is going to happen, but I can shut it up with this sysctl – and thank goodness, cause I’ve been seeing these messages since first using a DOCSIS modem in… 2001 or so?
Tomohiro Kusumi has been quietly making a lot of commits to Hammer. I haven’t been linking them because they don’t necessarily equate to new features, but here’s an recent exception: the -A argument will make your Hammer command run on every PFS. It only affects reblocking/rebalancing – for now.
You can now export Hammer slave volumes as NFS mounts – but since slave volumes are updated from master, you’re mounting a snapshot of that point in time. That may actually be an advantage.
DragonFly builds two compilers by default. If you weren’t interesting in building both, there were switches to build only the default, like NO_GCC47. This changed with every compiler update.
With the switch to GCC 5, the new switch is “NO_ALTCOMPILER”. That will last through compiler changes. I’m mentioning this now because sooner or later, you’ll want to gain back some time on a buildworld.
I haven’t been drawing enough attention to it, but there’s been a bunch of HAMMER filesystem activity lately: First, Tomohiro Kusumi has been working on HAMMER – these posts are a small subset of his commits. Second, Matthew Dillon has been working full steam ahead on HAMMER2. The HAMMER2 design document has been updated (read this!), and he’s already accomplished master->slave disk syncing.
It’s not ready for production, of course, which you may already realize, so don’t install it unless you want to work on the code.
DragonFly 4.0.3 has been tagged; you can look at the tagging message for details, but the major reason for doing so is to include OpenSSL-1.0.1l. I will have images up soon.
The CAM layer in DragonFly has had its big lock removed/been marked MPSAFE, so you will notice a performance increase when using multiple disks. (assuming you aren’t throughput-limited, of course.)
Sepherosa Ziehau has posted a note that V4-mapped addressing is no longer supported in DragonFly. You will need to do a full buildworld/buildkernel if you are running master. Also, TCP MTU path discovery is on by default. Also also, he’s added a SOL_SOCKET/SO_CPUINT socket option for use to reduce load in heavy network activity. As usual, I don’t quite comprehend.
It’s possible, if you are several releases (years) behind, to end up with a DragonFly system that can’t compile and install the current release, due to incremental changes over time. It’s rare, but it could happen now between, say, version 3.4 and 4.0. The usual solution would be to incrementally upgrade in order, which is a lot of building and updating. The alternative is the new installworld-force option from Matthew Dillon that forces a new set of binaries into place. Use as a last resort.
In an effort to reduce my backlog of DragonFly things to post about, here’s quick notes:
- The path to xauth is now configurable, though correct by default. (that’s bit me in the past)
- There’s a new callout*() implementation.
- cpuctl(4) has been imported to allow CPU microcode updates.
- libm has been updated with math functions from FreeBSD and NetBSD, which because of library versioning support, won’t cause compatibility problems for older vs. newer DragonFly versions.
- C++11 support is also now available.
With a recent commit from Sascha Wildner, DragonFly now loads XHCI (meaning USB3) by default. If you had previously tried to install DragonFly via USB stick, and it inexplicably refused to mou t the installer drive… It may work much better now.
Chrome runs on DragonFly now, apparently possible now because of this ported fix from Joris Giovannangeli.
John Marino updated wpa_supplicant (in dports). He then suggested moving it out of base into dports, so that it could be updated independently of the base system. (this update, for instance, took years.) Since wpa_supplicant is necessary to get some systems online – and it can’t be installed if missing if you don’t have a network link – it may be too risky. I think other packages could be moved out, myself.
Markus Pfeiffer has imported FreeBSD’s if_lagg to DragonFly. It’s for talking LACP over multiple network ports, so that the traffic from those multiple ports can be aggregated – if what’s on the other end generally understands LACP. (Failover mode may not count.) Please test if you have that sort of surfeit of network ports.
This very long commit message from Sepherosa Ziehau details the UDP changes he’s made. It’s mostly technical details, but at the end he mentions this little tidbit:
“For ‘kq_connect_client -u’ test, this commit gives 400% performance improvement (31Kconns/s -> 160Kconns/s).”
You can now start moused with an argument, so it will look at the right device. In most cases, I imagine “
/etc/rc.d/moused start ums0” will be what anyone wants. Credit to Michael Neumann for the update. Perhaps
moused_flags="ums0" will do it too? I haven’t tried yet.
This will overwrite your /etc/devd.conf.
Because of some structure changes made by Matthew Dillon while chasing a pf bug, you will need to do a full buildworld/buildkernel on your next update – if you are running DragonFly-master. 3.8 users are unaffected by the bug or the change.
DragonFly’s dhclient will now retry failed interfaces and handle being re-run gracefully. This is a blessing for anyone who has had a flaky link. Matthew Dillon’s made two other improvements for booting that will also improve boot time when networks go missing.
Thanks to Zachary Crownover, rcreload is available in DragonFly. (It’s always good to see a new contributor name.)
Nuno Antunes brought in a significant number of fixes for libradius. He’s been doing other work recently on netgraph7 support, so I’m linking to this as a ‘signpost’ commit.
While Matthew Dillon was testing the new up-to-256-processor support for DragonFly, he added a few sysctls, one of which helps qemu performance when emulating a lot of processors. I note it here in case it’s helpful to someone else.
DRM (Direct Rendering, not Digital Rights) on DragonFly will normally eat all the memory it thinks it needs. However, vm.dma_reserved can now be set to a fixed limit in /boot/loader.conf. By default, vm.dma_reserved on DragonFly is set to 16M, and can be set higher. I think this is necessary when running higher-resolution screens… Don’t quote me on that, though.
Matthew Dillon changed the default keep-policy in DragonFly to:
set keep-policy keep state (pickups, sloppy)
This is to match other BSDs (which? I don’t know) and reduce overhead, according to the commit.
The obvious joke should be “how can you tell?” Anyway, the csprng in DragonFly has been updated and IBAA is being used more often, and there’s more updates on the way.
ATM support is gone in DragonFly, and frankly, I’m surprised it was still there.
DragonFly now has a ‘rescue’ system added in, which also functions as a way to mount encrypted filesystems. Does PAM work yet? I don’t know; I may be linking to this earlier than I need to.
A recent commit from Sepherosa Ziehau has a 5% improvement in the number of network connections per second a x86_64 machine can accept. He’s also reducing the number of IPIs during network activity. If this seems somewhat esoteric, it’s because network speeds are getting so fast that the benefits come from reducing the accompanying CPU load.
If you’re on DragonFly 3.7, you will need to build world before building the kernel again if you are updating to some point in the last 24 hours. Sascha Wildner points out the related commit.
Sascha Wildner brought in ACPICA 20140214, and his commit message has a list of the updates.
There seems to be a lot of ACPI-related updates lately: Sascha Wildner has updated ACPICA in DragonFly to what I think is the very latest version. See his commit for the differences.
John Marino updated daemon(8) on DragonFly. For some reason, I didn’t know it was a standalone program. I knew about the idea of daemons as helpers based inside the computer, which is why so many server programs end with a ‘d’ – sshd, ftpd, and so on. Inexplicably, I never actually saw the program itself.
Markus Pfieffer has committed Larisa Grigore’s Google Summer of Code work, “SysV IPC in userspace”. It’s been a bit since the event finished, but it’s in DragonFly now.