1. 1

    It’s hard to say how the future will develop. There are only three open-source operating systems in the entire world that really pull it together on having a complete, modern, SMP kernel: Linux, DragonFlyBSD, and FreeBSD. And that’s it. We also have NetBSD and OpenBSD and I’d kinda like to know what their plans are, because the future is clearly going not only multi-core, but many-core. For everything. But as I like to say, for SMP there are only three at the moment. One can’t dispute that Linux has nearly all the eyeballs, and DragonFly has very few.

    I like how Dillon throws OpenBSD and NetBSD under the bus w.r.t. real SMP support. What’s the maximum number of cores that DragonFly BSD has ever ran on? What about NetBSD and OpenBSD?

    Of course, performance is a totally different animal than merely hardware support showing hundreds of CPUs in dmesg and top(1). Would be interesting to see any followups confirming or disproving these claims.

    1. 4

      Pretty sure OpenBSD has had giant locks in the network code since smp was first supported (2004-ish?). It improves nearly every release (gets finer grained), but not all gone yet from what I understand. Their focus seems to be more on security over performance though, it should be noted.

      1. 1

        What’s the maximum number of cores that DragonFly BSD has ever ran on?

        At least 48. According to the post, this has been their production build machine for years. There was also a benchmark on 32 core / 64 threads AMD [1]

        Just from a cursory read, I get a feeling that core DBSD dev spend a good amount of time testing/optimizing/experimenting with modern AMD hardware. And this will continue, according to the post.

        Would be good if AMD would support them. Matt D even found an AMD CPU bug [2]

        Their focus on SSD, many-core CPUs, many disks, no-ECC-required hardware platforms, even years back, when those were still exotic, seems to be paying some dividend.

        I originally started follow DBSD because somewhere in their early vision statement, it was talked about Single System Image Clustering (SSI-c) – but 12 years later, I do not think that portion has materialized. [3]

        WRT comment on NetBSD, it seems that NetBSD is well ahead of others (including dbsd) as a platform for Unikernels (rumpkernel) due to NetBSDs long-term vision of modular/abstracted driver subsystem. [4]

        I personally, would like to see ‘specialization’ of OSes more, not less, as long as they are able to maintain and offer compatible OS API (and general-purpose language runtimes .net, .java, c++, d) for us, application developers.

        [1] https://www.phoronix.com/scan.php?page=article&item=dragonfly-55-threadripper&num=1

        [2] https://it.slashdot.org/story/12/03/06/0136243/amd-confirms-cpu-bug-found-by-dragonfly-bsds-matt-dillon

        [3] https://www.dragonflybsd.org/history/

        [4] https://research.csiro.au/tsblog/using-rump-kernels-to-run-unmodified-netbsd-drivers-on-sel4/

        1. 1

          You have the NetBSD Developer hat, so you might know more about how scalable NetBSD is today, how many giant locks are still in place and so on :)

          Honestly, unless something changed like yesterday, my biggest gripe with OpenBSD and NetBSD kernels is that they’re still not tickless. It’s 2019, come on, wasting CPU time when just idling is not cool.

          1. 1

            If there’s something interesting with NetBSD or OpenBSD SMP support he doesn’t know about, tell him. Or us?

          1. 15

            The best ones ever:

            • X220
            • T420s
            • T420

            EDIT: if 15” size is welcomed then also these:

            • W520
            • T520
            1. 3

              I’ll add there’s a bunch of those on eBay right now, refurbished, that are as cheap as netbooks.

              EDIT: Does anyone know if the CPU’s in these got updates for side channel vulnerabilities? Or they out of support? The Core i5 I looked at in a T420 had a microcode update posted in August on Intel’s website. Researchers are still finding more stuff, though.

              EDIT 2: Wait, they got X220 i7’s w/ 8GB RAM for $230 at a seller I could probably drive to. That sounds promising. Yo, vermaden, is that a good setup without any known issues?

              EDIT 3: Tried to bypass eBay’s charges on sellers by offering to drive the 5 miles or so to them to pay cash. They replied they’re in Rochester, NY. Epic, geolocation fail. Yeah, I’m not driving over there…

              1. 9

                I use ThinkPad T420s daily and everything is supported and works. I got ‘uptimes’ of 15-20 days for most of the time. I wrote uptime in ’ chars because I use suspend/resume all the time so its not ‘typical’ uptime :)

                About X220, I also have it and use it as laptop for FreeBSD Desktop series so yes, its as well supported as T420s: https://vermaden.wordpress.com/2018/04/11/freebsd-desktop-part-2-install/

                When buying X220 remember that only ones with i7 CPU have USB 3.0 port and also make sure to get X220 with IPS screen which is a lot better then TN one.

                These ThinkPads are also last ones with real 7-row keyboard which is VERY pleasant to use. You will literally hate every other laptop after using it. The only modern ThinkPad that has such keyboard is the ThinkPad 25 but its costs $1200 used and $1800 new, which is too much IMHO. But new ThinkPads were never cheap.

                I can also recommend T520 (for FullHD screen) and W520 (same FullHD screen and USB 3.0 ports and also powerful graphics cards if you need it), but they are 15”.

                EDIT: … and yes, all Core i3/i5/i7/i9 CPUs have updates for side channel vulnerabilities. Core Duo and Core 2 Duo (and older CPUs) will not get the updates for side channel vulnerabilities.

                1. 1

                  Thanks for the tips!

                  1. 1

                    Ok, after looking at a lot of them, the only thing that bothers me about X220 is all the cheap ones I’m seeing have a tiny screen. All the others are 14-15” like my current laptop. In search, some programmers are complaining about lower resolution, too, affecting how code looks in IDE’s and such. One mentioned external monitor for X220.

                    Is there a bigger display on X220’s? And does T420 solve whatever resolution problems they’re griping about?

                    1. 2

                      Maximum X220 resolution is 1366x768 but you can get an IPS one.

                      Maximum T420/T420s resolution is 1600x900 which is ok.

                      Maximum T520/W520 resolution is 1920x1080.

                      X220 is ‘hard’ to mod to use 1080p screen, but its possible.

                      T420s is ‘easy’ to mod to use 1080p screen, check ebay for details.

                      1. 1

                        What sort of battery life do you get on your x220? I have an x230T that I enjoy well enough, but its battery life leaves a bit to be desired.

                        1. 1

                          Depends with which batteries :)

                          X220 have 3 types for internal battery:

                          • 4-cell
                          • 6-cell - with this one I get about 3+ hours, sometimes 4
                          • 9-cell - with this one I get about 5+ hours, sometimes 6

                          … and 2 types for additional battery:

                          • 3-cell ultrabay battery that you can put into Lenovo ThinkPad UltraBase Series 3 - about 1+ to 2 hours
                          • 9-cell slice/bottom battery - this one gives additional 5+ to 6 hours

                          … but I limit my CPU speed up to 1.6 GHz to not drain the power too much.

                  2. 4

                    If it’s Rochester, then they are within a few miles of me. If it’s the recycler across from my workplace, it’d be stupid easy to get. Mail me (justin@shiningsilence) if that is useful for you…

                    1. 2

                      Emailed you the seller info.

                  3. 2

                    I’ve got an old T510 that runs openbsd like a dream. It’s bulky but otherwise it’s a good machine and keyboard is great. I picked mine up as a refurb at a local microcenter for a little over $200, but you should be able to get one for less.

                    1. 2

                      The Sandy/Ivy Bridge model ThinkPads are overrated. The build quality on them feels really bad compared to the previous generation, and the generations that came after. The screen and battery life in particular are weakpoints.

                      Source: I use an X230T as my daily driver on the go, and have an X201 and X61t to compare with. In retrospect, ThinkPads as a whole are overrated - maybe back in the 90s and early 2000s they were the “only good laptops,” but there’s choices nowadays. I just wish I imported a Let’s Note from Japan instead, or saved up enough for an rMBP/Surface Pro.

                      1. 2

                        For me its not their build quality or best screen or things like that.

                        For me its the keyboard layout alone with additional things like screen/battery not interupting.

                        One of my favorite laptops was Dell Latitude D630 with extended 9-cell battery that sticked out from front and also used ultrabay 3-cell battery for maximum of 9 hours battery time, but it was ‘only’ Core 2 Duo system and TN 1400x900 with 14” screen size is also not great.

                        Dell D630. http://www.preturibune.ro/imagini/foto/902.jpg

                        I also like/use Dell Latitude D6400/D6500 and D6410/D6510 - the last Dell laptops with REAL 7-row keyboards.

                        … but for me its the keyboard.

                        1. 2

                          Even on these counts, ThinkPads are problematic. The screen on my X201 was so awful I simply couldn’t use it in many situations. (The X230T at least has an IPS panel, so it’s far better on this count.) Battery life isn’t as good as 9-cell users would let you think; (My X61T with a new 9-cell battery only manages 4 hours; the X230T with a 6-cell that juts out of the rear and bottom can barely manage 2.) the battery decay from poor power management means even if you do get good battery life now, you won’t in a year. (My friends with Let’s Notes and MacBooks still are on their original batteries and still get near-stock battery life.)

                          The keyboard’s nice, but it’s not that nice that I want to sacrifice everything else that makes a useful laptop.

                      2. 1

                        I’ll definitely check them out. Thanks!

                      1. 21

                        Is anyone else bothered by the use of the term ricing? As far as I know it is co-opting the automotive term which has racist origins.

                        1. 21

                          If somebody brings up ricing and linux, I have to think of this old site making fun of gentoo users w/o a clue:

                          https://web.archive.org/web/20080830031318/http://funroll-loops.info/

                          1. 16

                            This thread got pretty ugly. It started out good talking about the history of the term and what it means to people but has sunk into personal attacks. If someone would like to cite academic sources on the history of the term in tech or racing, go ahead, but otherwise we’ve stopped adding new information and this thread is done. Please don’t post further comments.

                            I’m also going to delete the comments with personal attacks. Please don’t do this. If you’re right, being mean doesn’t make you more right. Nobody has ever taken incoming vitriol and abuse are a sign that someone must really be worth listening to and seriously considering, and they’re not appropriate here.

                            Tagging so everyone in the thread sees this: @fimad @fs111 @voronoipotato @djsumdog @mjtorn @nebkor @brendes @btaitelb @dz @vhodges @leolambda

                            1. 5

                              Sorry, I missed this because I was writing the post and went out to the food truck. honest mistake, wasn’t trying to be a butt. I got a little reactionary there, it won’t happen again.

                              1. 3

                                Nobody has ever taken incoming vitriol and abuse are a sign that someone must really be worth listening to and seriously considering, and they’re not appropriate here.

                                Let’s etch that in bronze and hang that over every discussion area on the Internet, please.

                                1. 2

                                  Exactly.

                              2. 13

                                Hmm, I didn’t know about that at all. Would be nice to have a better term. Customization seems too general.

                                1. 10

                                  “Tweaking” seems to capture it pretty well.

                                  1. 9

                                    I considered that, but “tweaking” also means being high on stimulants, which is just common enough in the hacker community that I think it would be confusing.

                                    Perhaps modding, but that’s already a massively overloaded term: game modding, hardware modding, etc.

                                    I’m inclined to use “dotting”, as in “dotfile”, but also with the connotation of meticulousness (as in “dotting i’s and crossing t’s”. Its alternate definitions are pretty tame, as well.

                                    1. 1

                                      Dotting sounds what a dotard does, but I guess that’d be “doting”.

                                      1. 1

                                        Yeah, good point. I like “styling”.

                                  2. 7

                                    tuning, maybe?

                                    1. 1

                                      That looks more apropriate: https://en.wikipedia.org/wiki/Tuning

                                      Fine tuning a computer environment” could be your job. “Like car tuning but for software” would be the hobby.

                                    2. 5

                                      from other communities: Hot Rodding (cars - more Chip Foose than useless spoilers on the back) and Modding (computer cases)

                                      1. 3

                                        Given that there’s a lot of style at work, maybe “peacocking”, spiffing up”, “turning out”, something riffing on fashion.

                                        1. 2

                                          It’s like styling, but like even more so. Stylizing?

                                          1. 4

                                            Styling is good, yeah. “Stylize” actually means “to depict or treat in a mannered and nonrealistic style”, so I don’t think it’s really applicable here.

                                        2. 3

                                          I had never seen it used in the Linux desktop. The term ricer may not have the same racist meanings as before but two things are common about ricers in my area:

                                          1. mostly second hand Japanese cars because they are cheap but American pickup trucks are also part of it
                                          2. many ricers seem to be of Hispanic ethnicity so it’s no longer a racist slang about Asians

                                          My personal view is that, even when a word has no racist origins, if there is a specific ethnicity that it applies to, it will quickly become a racist word anyway. Luckily there are more and more white dudes who bought their first car and became a ricer 🍚

                                          1. 5

                                            I had never seen it used in the Linux desktop.

                                            My perspective is exactly the opposite – I have never heard this term in connection to cars, just with *nix customization, especially in and around the Linux/Unix community. In over 4 years I’ve never heard anyone use it in any other context, nor was I in any sense aware that it had this other meaning. And I would suppose that most people, especially non-car enthusiasts like me would have probably never found out, nor use the term with this connotation.

                                            All in all, it seems like a fantastic starting point for a horrible confusion…

                                          2. 5

                                            Yes, and yes. :( . It’s unfortunate when a racist term becomes so normalized that it’s just vernacular. Then the people who want to use it xenophobically basically get to do so and nobody speaks up because it’s just a word everyone uses. The term in guns is “Tacticool”. Perhaps there’s a good word for this that is less regressive and a little more general.

                                            1. 6

                                              It doesn’t have racist origins; or at least not in the context we used it in back when I was in various SCCA and use to race. A ricer is just someone who adds all kinds of shit to their car. Each sticker adds 2hp. The K&N air filter adds 10hp. Big cardboard wing adds 90hp. Fart can exhaust adds 30hp. That carbon fibre hood? 120hp right there.

                                              Most ricers were white. They were just kids who didn’t know dick about cars and pretended they did. They’d fill the parking lot and hang out in their riced out Hondas while the rest of us raced. I mean if you stretch, some people might trace ricer back to the term wigger referring to white people enacting black culture.

                                              Ricers had nothing to do with race and more to do with shitty car mods like these: https://www.reddit.com/r/Shitty_Car_Mods/

                                              1. 12

                                                Ricer aka rice burner kinda does though because it was about japanese cars. Yes this is where the term comes from and no I’m not shitting you.

                                                Rice burner is a pejorative, used as early as the 1960s, originally describing Japanese motorcycles, then later applied to Japanese cars, and eventually to Asian-made motorcycles and automobiles in general. The term most often refers to vehicles manufactured in East Asia, where rice is a staple food.

                                                I’ll be honest terms like wigger are also regressive. I’m not telling you how to speak or trying to say this is what you meant by it. Obviously you can use a word with racist or ethnocentric origins non-racistly. Just keep in mind that not everyone who uses it is using it the way you’re using it. Also keep in mind that someone who sees you using it might think you have it out for a specific ethnicity until they get to know you a bit better.

                                                Frankly the title evokes a “Yikes” from me but in a “Yikes they don’t even know how bad that sounds” way. Like people who know you will probably go “Oh but that’s djsumdog, he doesn’t mean it in a racist way”, but wow it is just a really bad idea to lead with a racially loaded term in your article title to the general public.

                                                1. 3

                                                  You quoted it yourself: it’s pejorative, not racist. The difference is significant, yet the whole point is moot, because so few people are neurotic about political correctness in slang etymology[citation needed]

                                                  1. 5

                                                    Things can be both pejorative and racist? Many racist things are pejorative. The term is racist because it uses East Asian products as a way to describe inferiority. To put in in a more personal way it would be like me saying “oh that’s snake code” as a pejorative for python programmers.It tries to illogically assert that since you’ve seen a python programmer make bad code, that a python programmer can never write good code. This is of course is horseshit, and is bigoted against python programmers. I’m merely trying to dislodge bullshit like that from the public consciousness.

                                                2. 7

                                                  From my experience it is probably racist. Case in point: In Edmonton they call riced cars ‘Nip’d up’ (racial slang for Japanese) since it would be mostly Asian drivers doing the mods.

                                              1. 1

                                                How about Drip?

                                                1. 6

                                                  very surprising that the BSDs weren’t given heads up from the researchers. Feels like would be a list at this point of people who could rely on this kind of heads up.

                                                  1. 13

                                                    The more information and statements that come out, the more it looks like Intel gave the details to nobody beyond Apple, Microsoft and the Linux Foundation.

                                                    Admittedly, macOS, Windows, and Linux covers almost all of the user and server space. Still a bit of a dick move; this is what CERT is for.

                                                    1. 5

                                                      Plus, the various BSD projects have security officers and secure, confidential ways to communicate. It’s not significantly more effort.

                                                      1. 7

                                                        Right.

                                                        And it’s worse than that when looking at the bigger picture: it seems the exploits and their details were released publicly before most server farms were given any head’s up. You simply can’t reboot whole datacenters overnight, even if the patches are available and you completely skip over the vetting part. Unfortunately, Meltdown is significant enough that it might be necessary, which is just brutal; there have to be a lot of pissed ops out there, not just OS devs.

                                                        To add insult to injury, you can see Intel PR trying to spin Meltdown as some minor thing. They seem to be trying to conflate Meltdown (the most impactful Intel bug ever, well beyond f00f) with Spectre (a new category of vulnerability) so they can say that everybody else has the same problem. Even their docs say everything is working as designed, which is totally missing the point…

                                                    2. 7

                                                      Wasn’t there a post on here not long ago about Theo breaking embargos?

                                                      https://www.krackattacks.com/#openbsd

                                                      1. 12

                                                        Note that I wrote and included a suggested diff for OpenBSD already, and that at the time the tentative disclosure deadline was around the end of August. As a compromise, I allowed them to silently patch the vulnerability.

                                                        He agreed to the patch on an already extended embargo date. He may regret that but there was no embargo date actually broken.

                                                        @stsp explained that in detail here on lobste.rs.

                                                        1. 10

                                                          So I assume Linux developers will no longer receive any advance notice since they were posting patches before the meltdown embargo was over?

                                                          1. 3

                                                            I expect there’s some kind of risk/benefit assessment. Linux has lots of users so I suspect it would take some pretty overt embargo breaking to harm their access to this kind of information.

                                                            OpenBSD has (relatively) few users and a history of disrespect for embargoes. One might imagine that Intel et al thought that the risk to the majority of their users (not on OpenBSD) of OpenBSD leaking such a vulnerability wasn’t worth it.

                                                            1. 5

                                                              Even if, institutionally, Linux were not being included in embargos, I imagine they’d have been included here: this was discovered by Google Project Zero, and Google has a large investment in Linux.

                                                        2. 2

                                                          Actually, it looks like FreeBSD was notified last year: https://www.freebsd.org/news/newsflash.html#event20180104:01

                                                          1. 3

                                                            By late last year you mean “late December 2017” - I’m going to guess this is much later than the other parties were notified.

                                                            macOS 10.13.2 had some related fixes to meltdown and was released on December 6th. My guess is vendors with tighter business relationships (Apple, ms) to Intel started getting info on it around October or November. Possibly earlier considering the bug was initially found by Google back in the summer.

                                                            1. 2

                                                              Windows had a fix for it in November according to this: https://twitter.com/aionescu/status/930412525111296000

                                                          2. 1

                                                            A sincere but hopefully not too rude question: Are there any large-scale non-hobbyist uses of the BSDs that are impacted by these bugs? The immediate concern is for situations where an attacker can run untrusted code like in an end user’s web browser or in a shared hosting service that hosts custom applications. Are any of the BSDs widely deployed like that?

                                                            Of course given application bugs these attacks could be used to escalate privileges, but that’s less of a sudden shock.

                                                            1. 1

                                                              DigitalOcean and AWS both offer FreeBSD images.

                                                              1. 1

                                                                there are/were some large scale deployments of BSDs/derived code. apple airport extreme, dell force10, junos, etc.

                                                                people don’t always keep track of them but sometimes a company shows up then uses it for a very large number of devices.

                                                                1. 1

                                                                  Presumably these don’t all have a cron job doing cvsup; make world; reboot against upstream *BSD. I think I understand how the Linux kernel updates end up on customer devices but I guess I don’t know how a patch in the FreeBSD or OpenBSD kernel would make it to customers with derived products. As a (sophisticated) customer I can update the Linux kernel on my OpenWRT based wireless router but I imagine Apple doesn’t distribute the Airport Extreme firmware under a BSD license.

                                                            1. 1

                                                              Needs an RSS feed!

                                                              1. 1

                                                                It now has an RSS feed an a sitemap :)

                                                                  1. 1

                                                                    ttrss-ified!

                                                                1. 4

                                                                  FYI - the bug is somewhere over 6 months old; fixed in released version. The article doesn’t mention this until the end.

                                                                  1. 6

                                                                    I’m going to start investigating fixes tonight for HardenedBSD. It seems more than just portsnap and freebsd-update would be affected (anything that uses libarchive. hint: the ports extract target). So any FreeBSD box that handles tarballs obtained through (now untrusted) third parties.

                                                                    On a slightly unrelated note but still worthy of a mention, downloading tarballs through HTTPS wouldn’t help, either. The problem’s not the transport layer, but the file itself. If the server hosting the content is compromised, it could serve up malicious tarballs.

                                                                    I wonder if DragonFlyBSD is affected as well.

                                                                    1. 3

                                                                      DragonFly doesn’t use portsnap (well, you probably can, but you’d have to add it yourself), so that immediate avenue is closed.

                                                                      I don’t know if pkg checks the downloaded, unextracted file, but that would be safer, too.

                                                                      If someone’s downloading a compromised file that also has the correct checksum, well… not much you can do about it on the client side at that point.

                                                                    1. 1

                                                                      Interesting to see the project brag about the integration of GCC 5 in such a manner.

                                                                      1. 4

                                                                        In DragonFly not that much attention is paid to licensing and GPL avoidance as in the other BSDs.

                                                                        1. 2

                                                                          Just curious, do you know why the newer GCC was chosen over Clang? Familiarity? Performance?

                                                                          1. 6

                                                                            DragonFly has always had 2 compilers in the base system - before GCC5, it was GCC 4.4 and GCC 4.7. With this change, it’s 4.7 and 5.0. The next change will probably be GCC 5 and clang (i.e. GCC 4.7 out, clang in) . So, it wasn’t that GCC was chosen over clang, it’s more just “not yet”. Compiler work ain’t easy.

                                                                        2. 1

                                                                          In what sense do you mean that? I don’t know anything about GCC 5.

                                                                          1. 1

                                                                            Most BSDs have moved to LLVM or retained GCC 4.2.1 over GPLv3 licensing. Nothing wrong with the compiler on a technical level, that I know of.