After some brief opening remarks, Wednesday, May 15th kicked off with a review of the FreeBSD.org security incident given by Peter Wemm, Erwin Lansing, and Simon Nielsen. In addition to a brief overview of the incident itself, this session covered several of the lessons learned and improvements made to cluster security as well as best practices for FreeBSD developers to follow to aid in maintaining cluster security.
Next up was a talk on how Netflix is using FreeBSD given by Scott Long and Alistair Crooks. One part of this I found interesting was the problem of making the most efficient use of RAM and I/O throughput. This was reminiscent of workloads I’ve dealt with at my current job that lead me to implement posix_fadvise(2).
After the Netflix talk the summit broke for lunch. We stuck with sandwich platters of food this year (rather than the box lunches from prior years) which were generally well received both last year and this year. After lunch, the second “stage” of the summit began with the first round of working groups during the afternoon.
For Wednesday afternoon I attended the UEFI working group chaired by Benno Rice. One area of discussion I participated in was a debate on how to handle the “active” bit on the EFI partition entry in the PMBR when using GPT. The root issue stems from BIOS writers who require non-standard behavior. Specifically, the BIOS on at least some systems refuses to boot from a hard drive if the first sector does not contain an MBR with an active partition. FreeBSD supports booting from GPT-partitioned disks from a BIOS boot (as opposed to an EFI boot) by storing a small bootstrap in the PMBR that loads the GPT table and searches for a special partition containing a larger bootstrap program. On systems with the broken BIOS, this small bootstrap in the PMBR never got a chance to run. Setting the active bit on the lone EFI partition in the PMBR worked around this BIOS bug. However, setting this bit now violates the GPT specification with the result that EFI firmwares do not consider a disk with such a PMBR valid. The best workaround seems to be that we should create GPT partitions according to the specification by default, but change the installer to set the active bit when installing onto an x86 machine that does not use EFI (the installer already knows this as it has to perform extra steps for systems booting from EFI). One final request I made was to have an easy way to toggle this active bit in the PMBR via gpart(8) (currently one can use fdisk(8) to set the active bit, but there is no way to clear it).
Wednesday evening I attended the Vendor Summit session chaired by George Neville-Neill. This session certainly had the most audience participation as George structured it as an open discussion. Unlike previous Vendor Summits, this session focused less on the features and patchsets vendors already had and more on a wish list of features and infrastructure that both FreeBSD vendors and users would like to see. One conclusion that arose multiple times is that for all the promise of OpenJDK, many software packages do not really work well with OpenJDK and insist on a Sun^WOracle-derived JDK instead.
Thursday morning I attended the VM I/O Concurrency working group chaired by Alan Cox and Jeff Roberson. In the latter half of this group we spent quite a while discussing what sort of APIs we should provide for NUMA support both in the kernel and in userland. FreeBSD 9 includes a very simple NUMA strategy that employs a simple “first touch” policy on all allocations. It is not really suitable for general purpose use (and is not enabled by default) though it can work fairly well for certain workloads. FreeBSD 10 will ship with a more mature NUMA implementation that supports multiple allocation policies and some set of in-kernel APIs for managing the policies used for allocations.
After another marshmallow-topped brownie to finish off lunch, I attended the Virtualization group chaired by Peter Grehan. It was encouraging to see all the progress that has been made on the virtualization front in FreeBSD. Xen support continues to improve with patches for PVHVM support being posted for testing in these threads. Bhyve continues to mature, and Peter demo’d booting a Linux guest during the session.
Thursday evening the devusmmit finished up the day with an informal group dinner of pizza and sodas. I chatted with several other attendees into the wee hours of the morning. There was still a hearty group of folks hacking away when I finally headed to bed at around 2am. Amazingly enough we finished the evening with several remaining pizzas, though they did vanish before the end of BSDCan itself.
Thank you to all the developers who chaired working groups, gave presentations, and participated in discussions. I look forward to seeing folks next year!