archive-org.com » ORG » N » NETBSD.ORG

Total: 1243

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • Secure-PLT - supporting RELRO binaries
    projects project Secure PLT supporting RELRO binaries Contact tech userlevel Mentors Christos Zoulas Duration estimate 3 months All architectures suffer from code injection issues because the only writable segment is the PLT GOT RELRO RELocation Read Only is a mitigation technique that is used during dynamic linking to prevent access to the PLT GOT There is partial RELRO which protects that GOT but leaves the PLT writable and full RELRO that protects both at the expense of performing a full symbol resolution at startup time The project is about making the necessary modifications to the dynamic loader ld elf so to make RELRO work If that is completed then we can also add the following improvement Currently kernels with options PAX MPROTECT can not execute dynamically linked binaries on most RISC architectures because the PLT format defined by the ABI of these architectures uses self modifying code New binutils versions have introduced a different PLT format enabled with secureplt for alpha and powerpc Milestones For all architectures we can improve security by implementing relro Once this is done we can improve security for the RISC architectures by adding support for the new PLT formats introduced in binutils 2 17 and

    Original URL path: http://wiki.netbsd.org/projects/project/secureplt/ (2016-02-01)
    Open archived version from archive


  • Port NetBSD to SGI Octane and Origin machines
    Cross reference Release engineering Projects list Ports History Emulators Packages Browse packages Release engineering Wiki Home Edit Comment Source History New RecentChanges NetBSD Wiki projects project Port NetBSD to SGI Octane and Origin machines Contact port sgimips NetBSD sgimips currently runs on a number of SGI hardware but support for IP27 Origin and IP30 Octane is not yet available An Octane for development is available for pickup in Hoboken NJ

    Original URL path: http://wiki.netbsd.org/projects/project/sgimips/ (2016-02-01)
    Open archived version from archive

  • Optimize for R10k CPUs in machines like the SGI O2
    Cross reference Release engineering Projects list Ports History Emulators Packages Browse packages Release engineering Wiki Home Edit Comment Source History New RecentChanges NetBSD Wiki projects project Optimize for R10k CPUs in machines like the SGI O2 Contact port sgimips NetBSD sgimips currently runs on O2s with R10k or similar CPUs but for example speculative loads are not handled correctly It is unclear if this is pure kernel work or the

    Original URL path: http://wiki.netbsd.org/projects/project/sgimipsr10k/ (2016-02-01)
    Open archived version from archive

  • Add a kernel API for timed power-on
    tech kern Certain real time chips and other related power hardware have a facility within them to allow the kernel to set a specific time and date at which time the machine will power itself on One such chip is the DS1685 RTC A kernel API should be developed to allow such devices to have a power on time set from userland Additionally the API should be made available through

    Original URL path: http://wiki.netbsd.org/projects/project/shutdowntime/ (2016-02-01)
    Open archived version from archive

  • Simpler, extent-based FFS
    RecentChanges NetBSD Wiki projects project Simpler extent based FFS Contact tech kern Duration estimate 8 12 months Remove the residual geometry code and datastructures from FFS keep some kind of allocation groups but without most of what cylinder groups now have and replace blocks and fragments with extents yielding a much simpler filesystem well suited for modern disks Note that this results in a different on disk format and will

    Original URL path: http://wiki.netbsd.org/projects/project/simplify-ffs/ (2016-02-01)
    Open archived version from archive

  • SMP Networking (aka remove the big network lock)
    You may choose to work on this particular proposal or come up with your own Tentative specification The future of NetBSD network infrastructure has to efficiently embrace two major design criteria Symmetric Multi Processing SMP and modularity Other design considerations include not only supporting but taking advantage of the capability of newer network devices to do packet classification payload splitting and even full connection offload You can divide the network infrastructure into 5 major components Interfaces both real devices and pseudo devices Socket code Protocols Routing code mbuf code Part of the complexity is that due to the monolithic nature of the kernel each layer currently feels free to call any other layer This makes designing a lock hierarchy difficult and likely to fail Part of the problem are asynchonous upcalls among which include ifa ifa rtrequest for route changes pr ctlinput for interface events Another source of complexity is the large number of global variables scattered throughout the source files This makes putting locks around them difficult Subtasks The proposed solution presented here include the following tasks in no particular order to achieve the desired goals of SMP support and modularity Lockless atomic FIFO LIFO queues Lockless atomic and generic Radix Patricia trees Fast protocol and port demultiplexing Implement per interface interrupt handling Kernel continuations Lazy receive processing Separate nexthop cache from the routing table Make TCP syncache optional Revamped struct protosw Virtual network stacks Work plan Aside from the list of tasks above the work to be done for this project can be achieved by following these steps Move ARP out of the routing table See the nexthop cache project Make the network interfaces MP which are one of the few users of the big kernel lock left This needs to support multiple receive and transmit queues to help reduce locking contention This also includes changing more of the common interfaces to do what the tsec driver does basically do everything with softints This also needs to change the input routines to use a table to do dispatch instead of the current switch code so domain can be dynamically loaded Collect global variables in the IP UDP TCP protocols into structures This helps the following items Make IPV4 ICMP IGMP REASS MP friendly Make IPV6 ICMP IGMP ND MP friendly Make TCP MP friendly Make UDP MP friendly Radical thoughts You should also consider the following ideas LWPs in user space do not need a kernel stack Those pages are only being used in case the an exception happens Interrupts are probably going to their own dedicated stack One could just keep a set of kernel stacks around Each CPU has one when a user exception happens that stack is assigned to the current LWP and removed as the active CPU one When that CPU next returns to user space the kernel stack it was using is saved to be used for the next user exception The idle lwp would just use the current kernel stack LWPs waiting

    Original URL path: http://wiki.netbsd.org/projects/project/smp_networking/ (2016-02-01)
    Open archived version from archive

  • Authentication server meta-package
    suitable to use in diverse environments ranging from small companies up to large enterprises While pkgsrc already contains most elements needed to build an authentication server or an authentication server failover pair in order to install one considerable knowledge about the neccessary elements is needed plus the correct configuration while in most cases pretty much identical is tedious and not without pitfalls The goal of this project is to create a meta package that will deploy and pre configure an authentication server suitable for a single sign on infrastructure Necessary tasks provide missing packages provide packages for initial configuration package or create corresponding tools to manage user accounts document The following topics should be covered PAM integration with OpenLDAP and DBMS Samba with PAM DBMS and directory integration Kerberos setup OpenLDAP replication DBMS PostgreSQL is a must MySQL optional if time permits replication master master if possible DNS server with a sane basic dynamic DNS update config using directory and database backend user account management tools web interface command line interface see user 8 manual page perhaps some scripting interface configuration examples for integration of services web services mail instant messaging PAM is a must DBMS and directory optional All

    Original URL path: http://wiki.netbsd.org/projects/project/sso/ (2016-02-01)
    Open archived version from archive

  • Revamped struct protosw
    tech kern tech net board core Funded by The NetBSD Foundation This project proposal is a subtask of smp networking and is elegible for funding independently The goal of this project is to split out obvious PR xxx that should have never been dispatched through the pr usrreq pr ctloutput Note that pr ctloutput should be replaced by pr getopt pr setopt PRU CONTROL pr ioctl PRU PURGEIF pr purgeif

    Original URL path: http://wiki.netbsd.org/projects/project/struct_protosw/ (2016-02-01)
    Open archived version from archive