Skip to main content.

Episode 182: Bloaty McBloatface

2017-02-22

Direct Download:

  • Video
  • HD Video
  • MP3 Audio
  • OGG Audio
  • This episode was brought to you by

    iXsystems - Enterprise Servers and Storage for Open SourceDigitalOcean - Simple Cloud Hosting, Built for DevelopersTarsnap - Online Backups for the Truly Paranoid


    Headlines

    OpenBSD changes of note 6

    • OpenBSD can now be cross built with clang. Work on this continues

    Build ld.so with -fno-builtin because otherwise clang would optimize the local versions of functions like dlmemset into a call to memset, which doesn’t exist. Add connection timeout for ftp (http). Mostly for the installer so it can error out and try something else. Complete https support for the installer.

    • I wonder how they handle certificate verification. I need to look into this as I’d like to switch the FreeBSD installer to this as well

    New ocspcheck utility to validate a certificate against its ocsp responder. net lock here, net lock there, net lock not quite everywhere but more than before. More per cpu counters in networking code as well. Disable and lock Silicon Debug feature on modern Intel CPUs. Prevent wireless frame injection attack described at 33C3 in the talk titled “Predicting and Abusing WPA2/802.11 Group Keys” by Mathy Vanhoef. Add support for multiple transmit ifqueues per network interface. Supported drivers include bge, bnx, em, myx, ix, hvn, xnf. pledge now tracks when a file as opened and uses this to permit or deny ioctl. Reimplement httpd’s support for byte ranges. Fixes a memory DOS.


    FreeBSD 2016Q4 Status Report

    • An overview of some of the work that happened in October - December 2016
    • The ports tree saw many updates and surpassed 27,000 ports
    • The core team was busy as usual, and the foundation attended and/or sponsored a record 24 events in 2016.
    • CEPH on FreeBSD seems to be coming along nicely. For those that do not know, CEPH is a distributed filesystem that can sit on top of another filesystem. That is, you can use it to create a clustered filesystem out of a bunch of ZFS servers. Would love to have some viewers give it a try and report back.
    • OpenBSM, the FreeBSD audit framework, got some updates
    • Ed Schouten committed a front end to export sysctl data in a format usable by Prometheus, the open source monitoring system. This is useful for other monitoring software too.
    • Lots of updates for various ARM boards
    • There is an update on Reproducible Builds in FreeBSD, “ It is now possible to build the FreeBSD base system (kernel and userland) completely reproducibly, although it currently requires a few non-default settings”, and the ports tree is at 80% reproducible
    • Lots of toolchain updates (gcc, lld, gdb)
    • Various updates from major ports teams

    Amazon rolls out IPv6 support on EC2

    A few hours ago Amazon announced that they had rolled out IPv6 support in EC2 to 15 regions — everywhere except the Beijing region, apparently. This seems as good a time as any to write about using IPv6 in EC2 on FreeBSD instances. First, the good news: Future FreeBSD releases will support IPv6 "out of the box" on EC2. I committed changes to HEAD last week, and merged them to the stable/11 branch moments ago, to have FreeBSD automatically use whatever IPv6 addresses EC2 makes available to it. Next, the annoying news: To get IPv6 support in EC2 from existing FreeBSD releases (10.3, 11.0) you'll need to run a few simple commands. I consider this unfortunate but inevitable: While Amazon has been unusually helpful recently, there's nothing they could have done to get support for their IPv6 networking configuration into FreeBSD a year before they launched it.

    • You need the dual-dhclient port:

    pkg install dual-dhclient

    • And the following lines in your /etc/rc.conf:

    ifconfigDEFAULT="SYNCDHCP acceptrtadv" ipv6activateallinterfaces="YES" dhclientprogram="/usr/local/sbin/dual-dhclient" + It is good to see FreeBSD being ready to use this feature on day 0, not something we would have had in the past

    Finally, one important caveat: While EC2 is clearly the most important place to have IPv6 support, and one which many of us have been waiting a long time to get, this is not the only service where IPv6 support is important. Of particular concern to me, Application Load Balancer support for IPv6 is still missing in many regions, and Elastic Load Balancers in VPC don't support IPv6 at all — which matters to those of us who run non-HTTP services. Make sure that IPv6 support has been rolled out for all the services you need before you start migrating.

    • Colin’s blog also has the details on how to actually activate IPv6 from the Amazon side, if only it was as easy as configuring it on the FreeBSD side

    FreeBSD’s George Neville-Neil tries valiantly for over an hour to convince a Linux fan of the error of their ways

    In today's episode of the Lunduke Hour I talk to George Neville-Neil -- author and FreeBSD advocate. He tries to convince me, a Linux user, that FreeBSD is better. + They cover quite a few topics, including: + licensing, and the motivations behind it + vendor relations + community + development model + drivers and hardware support + George also talks about his work with the FreeBSD Foundation, and the book he co-authored, “The Design and Implementation of the FreeBSD Operating System, 2nd Edition”


    News Roundup

    An interactive script that makes it easy to install 50+ desktop environments following a base install of FreeBSD 11

    • And I thought I was doing good when I wrote a patch for the installer that enables your choice of 3 desktop environments...

    This is a collection of scripts meant to install desktop environments on unix-like operating systems following a base install. I call one of these 'complete' when it meets the following requirements: + A graphical logon manager is presented without user intervention after powering on the machine + Logging into that graphical logon manager takes the user into the specified desktop environment + The user can open a terminal emulator

    • I need to revive my patch, and add Lumina to it

    Firefox 51 on sparc64 - we did not hit the wall yet

    • A NetBSD developers tells the story of getting Firefox 51 running on their sparc64 machine
    • It turns out the bug impacted amd64 as well, so it was quickly fixed
    • They are a bit less hopeful about the future, since Firefox will soon require rust to compile, and rust is not working on sparc64 yet
    • Although there has been some activity on the rust on sparc64 front, so maybe there is hope
    • The post also look at a few alternative browsers, but it not hopeful

    Introducing Bloaty McBloatface: a size profiler for binaries

    I’m very excited to announce that today I’m open-sourcing a tool I’ve been working on for several months at Google. It’s called Bloaty McBloatface, and it lets you explore what’s taking up space in your .o, .a, .so, and executable binary files.

    Bloaty is available under the Apache 2 license. All of the code is available on GitHub: github.com/google/bloaty. It is quick and easy to build, though it does require a somewhat recent compiler since it uses C++11 extensively. Bloaty primarily supports ELF files (Linux, BSD, etc) but there is some support for Mach-O files on OS X too. I’m interested in expanding Bloaty’s capabilities to more platforms if there is interest!

    • I need to try this one some of the boot code files, to see if there are places we can trim some fat

    We’ve been using Bloaty a lot on the Protocol Buffers team at Google to evaluate the binary size impacts of our changes. If a change causes a size increase, where did it come from? What sections/symbols grew, and why? Bloaty has a diff mode for understanding changes in binary size

    • The diff mode looks especially interesting. It might be worth setting up some kind of CI testing that alerts if a change results in a significant size increase in a binary or library

    A BSD licensed mdns responder

    • One of the things we just have to deal with in the modern world is service and system discovery. Many of us have fiddled with avahi or mdnsd and related “mdns” services.
    • For various reasons those often haven’t been the best-fit on BSD systems.
    • Today we have a github project to point you at, which while a bit older, has recently been updated with pledge() support for OpenBSD.
    • First of all, why do we need an alternative? They list their reasons:

    This is an attempt to bring native mdns/dns-sd to OpenBSD. Mainly cause all the other options suck and proper network browsing is a nice feature these days.

    Why not Apple's mdnsd ? 1 - It sucks big time. 2 - No BSD License (Apache-2). 3 - Overcomplex API. 4 - Not OpenBSD-like.

    Why not Avahi ? 1 - No BSD License (LGPL). 2 - Overcomplex API. 3 - Not OpenBSD-like 4 - DBUS and lots of dependencies.

    • Those already sound like pretty compelling reasons. What makes this “new” information again is the pledge support, and perhaps it’s time for more BSD’s to start considering importing something like mdnsd into their base system to make system discovery more “automatic”

    Beastie Bits


    Feedback/Questions


    • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

Latest News

New announcement

2017-05-25

Hi, Mr. Dexter...

Two Year Anniversary

2015-08-08

We're quickly approaching our two-year anniversary, which will be on episode 105. To celebrate, we've created a unique t-shirt design, available for purchase until the end of August. Shirts will be shipped out around September 1st. Most of the proceeds will support the show, and specifically allow us to buy...

New discussion segment

2015-01-17

We're thinking about adding a new segment to the show where we discuss a topic that the listeners suggest. It's meant to be informative like a tutorial, but more of a "free discussion" format. If you have any subjects you want us to explore, or even just a good name...

How did you get into BSD?

2014-11-26

We've got a fun idea for the holidays this year: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we'll read and play some of them for...


Episode 207: Bridge over the river Cam

2017-08-16

Direct Download:HD VideoMP3 AudioTorrent This episode was brought to you by Headlines BSDCam recap The 2017 Cambridge DevSummit took place from 2-4 August 2017. The event took place over three days including a formal dinner at St John's College, and was attended by 55 registered developers and guests. Prior to the start of...

Episode 206: To hier is UNIX

2017-08-09

HD VideoMP3 AudioTorrent This episode was brought to you by Headlines Lumina Desktop v1.3 released Notable Changes: New Utility: lumina-mediaplayer. Lumina Media Player is a graphic interface for the Qt QMediaPlayer Class, with Pandora internet radio streaming integration. Lumina Media Player supports many audio formats, including .ogg, .mp3, .mp4, .flac, and .wmv. It is also...

Episode 205: FreeBSD Turning it up to 11.1

2017-08-02

Direct Download:HD VideoMP3 AudioTorrent This episode was brought to you by Headlines FreeBSD 11.1-RELEASE FreeBSD 11.1 was released on July 26th You can download it as an ISO or USB image, a prebuilt VM Image (vmdk, vhd, qcow2, or raw), and it is available as a cloud image (Amazon EC2, Microsoft Azure, Google Compute Engine,...

Episode 204: WWF - Wayland, Weston, and FreeBSD

2017-07-26

Direct Download:HD VideoMP3 AudioTorrent This episode was brought to you by Headlines Matt Ahrens answers questions about the “Scrub of Death” In working on the breakdown of that ZFS article last week, Matt Ahrens contacted me and provided some answers he has given to questions in the past, allowing me to answer them using...