Stephen J. Kiernan
Email: <stevek AT SPAMFREE FreeBSD DOT org>
IRC: stevek on EFnet and hackagadget on Freenode
Areas that I work on
Security
- MAC modules
Verified execution - a.k.a. veriexec https://github.com/hackagadget/freebsd/tree/hackagadget/veriexec
- TODO
- Clean up meta-data store code to be MP-safe
- Determine ways to support FIPS mode
- TODO
- RNG driver for the RPi/RPi2
Committed as GRN 303035
- TODO
- Mark some DDB commands as not allowed in secure mode
- Also allow for disabling same DDB commands via kernel configuration option
- Maybe separate those out in source files so they could be added via a kernel module instead
- Mark some DDB commands as not allowed in secure mode
Networking
Network stack as a module https://github.com/hackagadget/freebsd/tree/hackagadget/netstack
Able to pre-load network stack as a module from the loader (GitHub tree not completely up to date with prototype sources yet.)
Slide deck from BSDCan 2016 PowerPoint (.pptx) PDF
Demo video FreeBSD-NO_NET.m4v
- TODO
- Allow for registering/deregistering protocol domains
- Allow for registering/deregistering ioctl groups
- Unwind the IPv4 and IPv6 bits from jails
- VNET support
- Load and unload of netstack module (with kldload and kldunload)
- Multiple network stack instances and association with processes/jails/etc.
File Systems
Tarball file system (tarfs) https://github.com/hackagadget/freebsd/tree/hackagadget/tarfs
- Able to mount uncompressed tarballs
- TODO
- Support for xz compressed tarballs
- Support for PAX format with extended headers
- Internationalization support
Boot Loader
Upgrade to Ficl4 https://github.com/hackagadget/freebsd/tree/hackagadget/ficl4
- Still needs some work on the memory management side (to grow the heap when necessary)
- Extensions for network loading and installation
- User space loader testing (work in progress)
My To-do List
It can be found on my /TODO page.