Try   HackMD

14.0 Final Review BSDcan 2023

GOTTA HAVE

  • OpenSSL
    • Pierre has a branch for Userland in base at https://github.com/freebsd/freebsd-src/pull/740; issues remaining:
      • Missing modules libcrypto needs to get build before OpenSSL engines / modules.
      • Ordering issues in builds (maybe fixed today?)
      • Security fixes after the 3.0.8 release
      • libmd vs libcrypto
    • When possible, add the API define in CFLAGS
  • For Ports
    • LLVM 15 broke a lot of things(BOFH has been working on fixing as much as possible but noone else is working on this. BOFH has fixed around 100+ports but there are still 500+ ports broken due to LLVM15)
    • Current BROKEN ports
    • LLVM 16 causes silent failures at configure due to no type being an error causing issues with not detecting features that should be there.
      • Gotta review config.status for each port to make sure it's not happening
      • As a project, we could do better
      • Dmitry wants 16 into base, but until the ports issues are in a reasonable state there's questions
      • How do we deal with this?
    • OpenSSL 3 ExpRuns
      • BOFH Last exp-run and fixed/mark broken a bunch of ports
      • USES=ssl needs some love
    • Need active management of ports and to solicit help and get people to signup.
    • Critical that we get people working on this to get
  • Serial Port fixes for EFI boot loader (imp)
  • MAXCPU bump (userland bhyve mismatch needs to be fixed) (emaste)
  • /usr/home -> /home (karels)

if possible

  • https://reviews.freebsd.org/D39873 to enable arm64 on GCP (google compute platform)
    • this is the gve nic driver to enable, which is the only nic available on arm64 VMs in GCP
  • vAES extensions for ossl(4) (markj)
    • There is a port isa-l that takes precedence over aesni
      • Likely want to do the same for ossl(4) to replace aesni(4)
      • Deprecate aesni(4) once it is fully replaces
      • Same for armv8crypto(4)
    • armv7 and armv8 crypto acceleration
  • armv6 not building packages and release bundles (imp)
  • armv7 release bundles like other architectures (and maybe poudriere fixes, but that can be async) (imp)
  • it'd also be nice to fix this arm64/hyper-v bug (https://reviews.freebsd.org/D40112 + some other small patches at a minimum, but still trying to work out what's still borked since it panics when trying to boot it once installed)
  • oh, should we also use 115200 by default? https://reviews.freebsd.org/D36295
Last changed by 
Warner Losh
0
384
Published on HackMD