Cover art for podcast BSD Now

BSD Now

316 EpisodesProduced by JT PenningtonWebsite

Created by three guys who love BSD, we cover the latest news and have an extensive series of tutorials, as well as interviews with various people from all areas of the BSD community. It also serves as a platform for support and questions. We love and advocate FreeBSD, OpenBSD, NetBSD, DragonFlyBSD a… read more

1:13:25

311: Conference Gear Breakdown

NetBSD 9.0 release process has started, xargs, a tale of two spellcheckers, Adapting TriforceAFL for NetBSD, Exploiting a no-name freebsd kernel vulnerability, and more.

Headlines NetBSD 9.0 release process has started

If you have been following source-changes, you may have noticed the creation of the netbsd-9 branch! It has some really exciting items that we worked on:

  • New AArch64 architecture support:
    • Symmetric and asymmetrical multiprocessing support (aka big.LITTLE)
    • Support for running 32-bit binaries
    • UEFI and ACPI support
    • Support for SBSA/SBBR (server-class) hardware.
  • The FDT-ization of many ARM boards:
    • the 32-bit GENERIC kernel lists 129 different DTS configurations
    • the 64-bit GENERIC64 kernel lists 74 different DTS configurations
    • All supported by a single kernel, without requiring per-board configuration.
  • Graphics driver update, matching Linux 4.4, adding support for up to Kaby Lake based Intel graphics devices.
  • ZFS has been updated to a modern version and seen many bugfixes.
  • New hardware-accelerated virtualization via NVMM.
  • NPF performance improvements and bug fixes. A new lookup algorithm, thmap, is now the default.
  • NVMe performance improvements
  • Optional kernel ASLR support, and partial kernel ASLR for the default configuration.
  • Kernel sanitizers:
    • KLEAK, detecting memory leaks
    • KASAN, detecting memory overruns
    • KUBSAN, detecting undefined behaviour
    • These have been used together with continuous fuzzing via the syzkaller project to find many bugs that were fixed.
  • The removal of outdated networking components such as ISDN and all of its drivers
  • The installer is now capable of performing GPT UEFI installations.
  • Dramatically improved support for userland sanitizers, as well as the option to build all of NetBSD's userland using them for bug-finding.
  • Update to graphics userland: Mesa was updated to 18.3.4, and llvmpipe is now available for several architectures, providing 3D graphics even in the absence of a supported GPU.

We try to test NetBSD as best as we can, but your testing can help NetBSD 9.0 a great release. Please test it and let us know of any bugs you find.

xargs wtf

xargs is probably one of the more difficult to understand of the unix command arsenal and of course that just means it’s one of the most useful too.
I discovered a handy trick that I thought was worth a share. Please note there are probably other (better) ways to do this but I did my stackoverflow research and found nothing better.
xargs — at least how I’ve most utilized it — is handy for taking some number of lines as input and doing some work per line. It’s hard to be more specific than that as it does so much else.
It literally took me an hour of piecing together random man pages + tips from 11 year olds on stack overflow, but eventually I produced this gem:
This is an example of how to find files matching a certain pattern and rename each of them. It sounds so trivial (and it is) but it demonstrates some cool tricks in an easy concept.

News Roundup PkgSrc: A Tale of Two Spellcheckers

This is a transcript of the talk I gave at pkgsrcCon 2019 in Cambridge, UK. It is about spellcheckers, but there are much more general software engineering lessons that we can learn from this case study.
The reason I got into this subject at all was my paternal leave last year, when I finally had some more time to spend working on pkgsrc. It was a tiny item in the enormous TODO file at the top of the source tree (“update enchant to version 2.2”) that made me go into this rabbit hole.

Adapting TriforceAFL for NetBSD, Part 2

I have been working on adapting TriforceAFL for NetBSD kernel syscall fuzzing. This blog post summarizes the work done until the second evaluation.
For work done during the first coding period, check out this post.

  • Summary > So far, the TriforceNetBSDSyscallFuzzer has been made available in the form of a pkgsrc package with the ability to fuzz most of NetBSD syscalls. In the final coding period of GSoC. I plan to analyse the crashes that were found until now. Integrate sanitizers, try and find more bugs and finally wrap up neatly with detailed documentation. > Last but not least, I would like to thank my mentor, Kamil Rytarowski for helping me through the process and guiding me. It has been a wonderful learning experience so far!
Exploiting a no-name freebsd kernel vulnerability
  • A new patch has been recently shipped in FreeBSD kernels to fix a vulnerability (cve-2019-5602) present in the cdrom device. In this post, we will introduce the bug and discuss its exploitation on pre/post-SMEP FreeBSD revisions. > A closer look at the commit 6bcf6e3 shows that when invoking the CDIOCREADSUBCHANNEL_SYSSPACE ioctl, data are copied with bcopy instead of the copyout primitive. This endows a local attacker belonging to the operator group with an arbitrary write primitive in the kernel memory.
[Allan and Benedicts Conference Gear Breakdown] Beastie Bits Feedback/Questions
  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
Your browser does not support the HTML5 video tag.
Educational emoji reaction

Educational

Interesting emoji reaction

Interesting

Funny emoji reaction

Funny

Agree emoji reaction

Agree

Love emoji reaction

Love

Wow emoji reaction

Wow

Are you the creator of this podcast?

Verify your account

and pick the featured episodes for your show.

Listen to BSD Now

RadioPublic

A free podcast app for iPhone and Android

  • User-created playlists and collections
  • Download episodes while on WiFi to listen without using mobile data
  • Stream podcast episodes without waiting for a download
  • Queue episodes to create a personal continuous playlist
RadioPublic on iOS and Android
Or by RSS
RSS feed
https://feeds.fireside.fm/bsdnow/rss

Connect with listeners

Podcasters use the RadioPublic listener relationship platform to build lasting connections with fans

Yes, let's begin connecting
Browser window

Find new listeners

  • A dedicated website for your podcast
  • Web embed players designed to convert visitors to listeners in the RadioPublic apps for iPhone and Android
Clicking mouse cursor

Understand your audience

  • Capture listener activity with affinity scores
  • Measure your promotional campaigns and integrate with Google and Facebook analytics
Graph of increasing value

Engage your fanbase

  • Deliver timely Calls To Action, including email acquistion for your mailing list
  • Share exactly the right moment in an episode via text, email, and social media
Icon of cellphone with money

Make money

  • Tip and transfer funds directly to podcastsers
  • Earn money for qualified plays in the RadioPublic apps with Paid Listens