Slashdot Mirror
New Scheduler Available for FreeBSD
flynn_nrg writes "Luigi Rizzo, one of the FreeBSD developers, has just finished the code for a new scheduler. From the announcement: '...as promised, a first version of the Proportional Share scheduler that we developed is available here. These are for a recent -STABLE (i think any version from 4.4 should work; the only 3 files modified are kern_synch.c, kern_switch.c and
proc.h, plus a one-line change to kern_exit.c).
I have tested it a little bit on a diskless system, and it seems to survive running a full X session with the usual set of xterm,
netscape etc. while i do a "renice" of the processes and even switch back and forth between schedulers. But do not trust this yet for a
production system!'
Read the full post here."
What is the purported advantage of the new scheduler?
Sigmund
what the hell happenned to developing SMP and UP capable schedulers ? or does BSD expect to run well on only UP systems ?
Why does this get on the main page, and why does the new Core Team does not?
:)
Either way, FreeBSD does fit the new trend now... more VM's means more freedom
No, that would decouple the heizenburg compensators and send the flux capacitor into yeager-loop.
Buying a Dell computer is equivalent to dropping the soap in a prison shower.
There's more info here.
Excerpt:
"There are compelling reasons to use proportional share scheduling techniques to support multimedia and other soft real-time applications on general-purpose operating systems. First, proportional share (PS) schedulers are a good match for existing infrastructure such as a periodic timer interrupt and mechanisms for assigning priorities to applications -- priorities can be mapped to shares in a proportional-share environment. Second, PS schedulers provide stronger guarantees to applications than do traditional time-sharing schedulers: they allocate a specific fraction of the CPU to each thread, and some schedulers provide error bounds on the allocation rate. Third, PS schedulers have clear semantics during underload: excess CPU time is allocated fairly, in contrast with some reservation-based schedulers that must idle or back off to a secondary scheduling policy once all application budgets are exhausted."
Im currently using linux with the low latency patch and pre-emptive multitasking. Does this help X seem a little smoother on BSD also?
Yes I know the openssh bug affected everyone, but only *BSD has it installed and running by default.
chris@xanadu:~$ whatis /.
/.: nothing appropriate.
Enabled by default? I don't think so!
/etc/defaults/rc.conf
matt@xena$ uname -sr
FreeBSD 4.6-RELEASE
matt@xena$ grep sshd_enable
sshd_enable="NO" # Enable sshd
matt@xena$
In all honesty FreeBSD as exploitable as any Linux distrobution. Sure, it does not use glibc but it does make a regualr appearance on bugtraq and vuln-dev.
And here is some revised code (joke):
if (FreeBSD == "Security") { pray.fortheworld(); }
You're so cute when you do that.
As my father lik@(munch munch)...
Is FreeBSD's new one a 0(1) scheduler?
0(1) is a "term" from computer science. When applied to schedulers, it basically means that no matter how many processes there are to schedule, a 0(1) scheduler's overhead will not significantly increase.
Of course, with a small number of threads/processes to schedule, the Linux 0(1) scheduler will have greater initial overhead. It isn't until there are quite a few processes that it starts to show its power, and the more processes there are, the more useful it is.
On a busy server with 4+ processors and thousands of processes, a standard scheduler's overhead is so great that it often exceeds the overhead of most of the individual server processes.
Computer Science is no more about computers than astronomy is about telescopes. --E. W. Dijkstra
Thank god for open source. Could you imagine trying to figure that out in hex?
I mean, wouldn't it be funny if companies did stuff like that, like they sold software that might be "server" software or "client" software depending on one bit. Like NT?
That'd be funny.
As my father lik@(munch munch)...
Just about every *nix distro I've seen now has SSH up and running by default.
What?
Anybody have any idea when/if Apple will integrate improvements from this scheduler in to Darwin/OSX?
I don't know about that, considering in the last month we had 2 big exploits (openssh, and libc resolve bug). The advice for the libc bug was to cvsup the whole system, cause lots of stuff depended on that.
The openssh bug had a one line workaround.
The libc resolver bug has not been successfully exploited yet (so it's not really an exploit). It SEEMS POSSIBLE to exploit it, yes, but it's not trivial (it involves messing up dns replies, so you'd have to have control over an ip block, force the resolver to try to resolve an ip in that block, send the bad response, and then hope it worked). If you know anything about the bsd source code, you know that you can cd
None of the FreeBSD releases, or the -STABLE branch were vulnerable to the openssh bug.
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/ FreeBSD-SA-02:31.openssh.asc
Note the absence of any released version of FreeBSD.
I am not going to claim that FreeBSD is perfect, but FreeBSD is more secure than the vast majority of Linux-based OSes. It has supported features like the new "GR Security" patch for years, and because it shares a great deal of code with OpenBSD which is audited frequently, it benefits from their work as well.
:)
Of note is that FreeBSD's libc is just over half the size of Linux's Glibc (not that has a thing to do with security)
With FreeBSD, for years, admins have been able to set certain files as "append only" (so even root can only add to, not remove from, log files) and "immutable" (so even root cannot modify or delete the file) and has been able to set firewall rules to the same (immutable) so that creative crackers can't add their personal favorites if they root the system.
This can of course be bypassed by restarting the machine in single-user mode and redusing the kernel security level, but that isn't going to be very easy for your average remote hacker.
Furthermore, since 4.0 you can multiple run complete but separate entire copies of FreeBSD on the same system, each with their own FreeBSD system files and such. You can have a single server run an instance of FreeBSD for Apache, one for Postfix, one for BIND, etc. and if any one of them does get compromised (say, BIND since that happens entirely too often) the cracker can not only not effect any of the other instances--he/she cannot even see that they exist! Very interesting stuff.
Of course, IMHO Linux is worlds ahead of FreeBSD on the desktop front, and the new GRsecurity and ACL features will be a real competitor for the *BSD family. It will be most fascinating to see how things turn out. I wish the best to both of them, and I use both of them every day.
Computer Science is no more about computers than astronomy is about telescopes. --E. W. Dijkstra
the only 3 files modified are kern_synch.c, kern_switch.c and proc.h, plus a one-line change to kern_exit.c
.. but that's 4 files modified. One-line or a thousand, it's still been modified.
I hate to be picky
</END-RANT>
I've been poking my newbie nose around in scheduling for a little while, and while I still know very little I've found the field very interesting. It's always neat to see new features and techniques being tried, but there's a feature that exists in the windows nt scheduler that (as far as I can tell) is absent in *nix operating systems. Winnt maintains (I think) four process queues (realtime, high, normal, and idle) into which all processes fall. Every time the scheduler is run, it checks to see if any "realtime" processes can be run, then "high", then "normal", and finally "idle". Processes in "less important" queues are only run if all processes in "more important" queues cannot be run (i.e. they're blocking on input or whatever), or those queues are empty. I find this very useful because I can set a long-running cpu dependent process to "idle" priority and it will be run at nearly 100% cpu usage when the machine is idle, but will instantly get out of the way and not be run at all if I choose to run something else (e.g. a game), no matter how high it's "goodness" value gets from not using any cpu time.
Is there any reason why something like this isn't implemented in Linux or FreeBSD? Low on the developers' feature priority list (har har)? Too difficult? Unnecessary?
Thanks. I'd appreciate any feedback.
"Linux-nazi empire. I can't believe it." Wasn't Goldwyns law supposed to stop this thread dead in it's tracks?
What? Me? Worry?
Right, that's what I did on some of the systems. You do have to restart the programs loading libc too.
chris@xanadu:~$ whatis /.
/.: nothing appropriate.
I think you need to re-read that file. +3 indeed.
Affects: FreeBSD-CURRENT between 2002-03-18 and 2002-06-25
None of the FreeBSD releases, or the -STABLE branch were vulnerable to the openssh bug.
e s/ FreeBSD-SA-02:31.openssh.asc
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisori
Note the absence of any released version of FreeBSD.
I think you need to re-read that file. +3 indeed.
Affects: FreeBSD-CURRENT between 2002-03-18 and 2002-06-25
No, you try re-reading it again. FreeBSD releases (which are based on FreeBSD-Stable) are NOT anywhere near being FreeBSD-Current!
FreeBSD-Current is not a release version. As a matter of fact, people are told NOT to use it unless they know what they are doing, and not just becuase they want one of the new features (which are nice, I've got a FreeBSD-Current SMP box here).
BWP
None of the FreeBSD releases, or the -STABLE branch were vulnerable to the openssh bug.
-Current isnt a release? I can download it, Seems like a release to me, maybe a beta release, but it IS a release if its been put out. But whatever you call it some version of FreeBSD DID have the bug.
Really get a kick out of you BSD guys trying to use the -Current and -Stable shit to try to say you dont have security holes. So you dont have this 1 bug on your -Stable, Lets check cert and see how many have been on -Stable. Same shit goes with OpenBSD, and "Never A Security bug" bullshit. PHP/SSH/Apache have a security hole, its "LINUX HAS A SECURITY HOLE", well FreeBSD uses the same damn software.
-
Try your Jedi mind tricks on a mircos~1 padawn... Go Go away...
-CURRENT isn't a release. It's a cvs repository. It's not even guaranteed to compile.
Yeah, that was my point, Linux's scheduler upgrade wasn't too graceful. Guess I was a little too "clever" in expressing myself.
Sounds like you're after a FreeBSD-centric site. Perhaps you should just jump on the FreeBSD mailing list or something.
Cheers
Stor
p.s. Ahh sheet, IHBT.
"Yeah well there's a lot of stuff that should be, but isn't"
Really get a kick out of you BSD guys trying to use the -Current and -Stable shit to try to say you dont have security holes.
Go find out what -CURRENT actually is before you comment further. You are in serious danger of choking on your own foot...
Just because -CURRENT is publicly available does not mean that it is released. An analogy is in order. -RELEASE is equivalent to linux-2.4.18. -STABLE is equivalent to linux-2.5.27. -CURRENT is equivalent to whatever is on Linus' harddrive at this very instant.
A Government Is a Body of People, Usually Notably Ungoverned
Hey, people, what are you doing with operating systems that they are crashing like a domino?
I use Linux as well as FreeBSD for awhile with Apache, Sendmail, X11 and lots of other software competing for memory, CPU, exotic devices, network bandwidth and just for disk I/O. No crashes. On linux I use also video, Oracle, Tomcat, JBoss - all works fine, besides own bugs (it's ok for userland, isn't it?).
For my experience, which doesn't meet crashes, it is more important what hardware, filesystems and protocols are supported. And of course I compare systems with only stable manually configured and re-compiled kernels passed "on-the-field" regression tests before I upgrade the production mode with that new kernel.
So, one more time, why should I prefer BSD?
Less is more !
The running time can vary for given N, just not for abtrirary N. As demonstrated by the following code. It runs fastest when n = 1, followed by n = 2, but is still O(1) when n is not 1 or 2, because the running time is constant for large n.
int orderOneButVarying(int n) {
if (n == 1) {
return n;
} else if (n == 2) {
for (int i = 0; i 3; i++) {
n*=n;
}
return n;
}
for (int i = 0; i 1000; i++) {
n+= n / 2;
}
return n;
}
It was all a ploy on Theo's part. I can't believe anyone with respect for the opensource community would have taken the approach he took to the latest big OpenSSH exploit. It basically went like this : Theo announces that there is some sort of problem, Theo urges everyone to upgrade to upgrade to the latest still vulnerable version, a patch is released, details are provided. I see this as an obvious attempt at bringing other platforms which were not previously vulnerable into the mess with OpenBSD.
scott
...or at least, schedule the funeral ;)
"Destroy science and religion. Science would re-emerge exactly the same; but not religion." - Penn Jillette, paraphrased
::shrugs::
Doesn't even come with it.
Black holes are where the Matrix raised SIGFPE
FreeBSD-CURRENT isn't a distinct release, it's a branch in the CVS tree.
(My email address is on my homepage)
http://uptime.netcraft.com/up/today/top.avg.html
You'll notice that 45 of those top 50 are BSD
machines. Of those 45, 19 are FreeBSD boxes.
You'll notice 1 Linux box. It's nice to see that
leading industry sites like bongload.com and
twobigirls.com have benefited so much from the
stability of BSD.
The most important thing any republican needs to know.
Right now I've got four systems running Linux (RH-7.3 and 7.2) and one system running FreeBSD 4.6. At times in the past I've run OpenBSD and NetBSD as well.
I can tell you firsthand that in terms of system stability that Linux and FreeBSD are comparable if not indistinguishable. FreeBSD does seem to be more efficient however. The pentium 200 that I have FreeBSD on loads up KDE 3.0 noticably faster than Redhat 7.2 did, and once loaded it is more responsive. On older hardware FreeBSD definitely seems to have an advantage. I consider FreeBSD to be a very fast and well designed operating system. I keep trying to find places where using it instead of Linux would be an advantage.
Not everything about it is all that rosey however. The features and abilities that Linux provides but FreeBSD lacks such as SMP, kernel pre-emption, fast journaling filesystems, certain commerical software packages, 3D acclerated X servers, and generally better device support, make actually using FreeBSD as anything but an interesting toy kind of difficult to justify in many situations.
I worry about FreeBSD. I'd love to see it grow and progress not as a competitor to Linux, but as something of a companion to it. So many people just don't seem to realize that open source isn't about operating systems alone. What Linux and FreeBSD do is provide a foundation, they aren't the whole house. Both provide a powerful and stable platform for running the actual programs that people want to use in the first place. The future of open source development is going to be 90% apps and userland and 10% OS. To have religious and political wars over the OS portion is immature and counterproductive. Linux and FreeBSD aren't genuine competitors from an economic standpoint because it is the applications that both run that make either compelling in the first place.
I want BOTH Linux and FreeBSD to do well, to grow and expand and be the best operating systems anyone has ever seen. I detest the infantile immaturity of those who seek to create division and conflict between FreeBSD and Linux that simply shouldn't be there. I've gotten flames from FreeBSD "advocates" in particular filled with such hatred and obvious zealousness that you'd think they were Mac freaks, all because I described FreeBSD in terms that weren't favorable enough for their religious views. The Linux crowd is full of just as many jackasses, if not more.
Computer enthusiasts are known for generally having high IQ's. Unfortunately our reputation for having low EQ's is equally well earned. There are far too many borderline autistics and asperger's sufferers among us with severely retarded social skills. That is really the only explanation I can come up with when grown men with extensive vocabularies use them to throw a fit on par with that of an eight year old.
Anyway I'm drifting way off from what I wanted to write about. The point that I really want to make is that BOTH Linux and FreeBSD are absolutely fabulous operating systems (save the linux is just a kernel messages for church). The goals and vision behind each are so similar that any ill will between them is manufactured by immature, short sighted assholes. Microsoft is the enemy, not those who prefer another free Unix derivative that runs Mozilla, gnome, kde, etc just as well if not better than what someone else is using.
Lee
Muslim community leaders warn of backlash from tomorrow morning's terrorist attack.
He wasn't wrong. The FreeBSD-CURRENT branch was vulnerable, but that is the development branch and few people use it. Developers are the only ones that use it, for the most part.
So, as he said, none of the releases or the -STABLE branch were vulnerable to the OpenSSH vulnerability from a few weeks back.
Please read what the guy says before you start jumping on his bones.
Yes. A Default install doesnt have telnet enabled either...
no remote access == more secure than any remote access.
(root@oracle)(3/ttyp0)(08:19P:07/23/02)-/ i386/conf)- grep SMP LINT
(#:/sys
# SMP OPTIONS:
# SMP enables building of a Symmetric MultiProcessor Kernel.
# An SMP kernel will ONLY run on an Intel MP spec. qualified motherboard.
# Be sure to disable 'cpu I386_CPU' && 'cpu I486_CPU' for SMP kernels.
# Check the 'Rogue SMP hardware' section to see if additional options
options SMP # Symmetric MultiProcessor Kernel
Indeed. If I had only known that BSD was dead I would have avoided having so many happy customers who paid me money.
Nail on the head bro' ! Ill probably get my ass kicked by penguin fans but my religion still tells me that FreeBSD kicks the penguin in the nuts.... The deamon gets just in front of the penguin in my book... Solaris and others are way below....
True ravers don't need drugs
Yeah! Power to the machines!! ./
True ravers don't need drugs
That's a weak point. It still doesn't explain
why BSD dominates this "table" and some other OS
doesn't. Why isn't it dominated with Linux or
some other OS that isn't being what you perceive as
"rapidly developed". So Linux can't handle the stress
of a non developed environment? You can FUD
around with your philosophies on the psychology
of sysadmins all you want, but this table shows
something very clear. As much as your love your
pet OS, BSD is the clear stability king.
The most important thing any republican needs to know.