NetBSD vs. Microkernels - From Kernel to Userspace and Abroad
A few weeks ago
I made a comment about NetBSD not being a "microkernel" despite
it's move to kernel modules. Antti Kantee wrote back to me (Hi Antti!)
reminding me of his work on RUMP, PUFFS and the like, which I think
does definitely deserve mentioning in that context:
With RUMP, PUFFS and the like, Antti is set on a mission to define
interfaces between kernel components, and move those kernel
components from inside the kernel to the userland. As a result,
the (once) kernel-code is now running as
processes that have all the benefits like memory protection
and not taking down the whole system in case of an error.
Examples that Antti has been bashing on started with
moving file systems to the userland, which resulted in PUFFS and
ReFUSE, an implementation of the Linux inferface of
File systems in USErland (FUSE). Not stopping at file systems
(which are traditionally used for accessing data on storage media,
like e.g. for ntfs-3g), Antti went further and moved into
getting network services like SSHFS going - in userland,
based on FUSE.
Not stopping there, more recent works include:
Remember when NetBSD got (re)FUSE? All of a sudden we got a
bazillion of filesystems back then. So why not turn this development around, and
make RUMP available as an interface for all sort of drivers
to other operating systems. That way, they can get our
file systems, usb stack and drivers, etc., and run them
in userspace as well. Developing a driver on one operating
system, and using it on many - a wet dream would come true!
Sounds impossible? Ye fear not, it's been done!
Arnaud 'stacktic' Ysmal already has ported RUMP to FreeBSD and Linux,
the work is available via
and there is also
Arnaud's page on
Rump on non-NetBSD Operating Systems for more information.
Whew... lots of research and development going on in this area,
and - getting back to the initial topic - we may well see an
operating system in the future that moves from the monolithic
to a microkernel approach, and it may or may not be called NetBSD.
Fact is, that a lot of research is going on in that area, on NetBSD,
here and now. Hats off, Antti!
[Tags: fuse, microkernel, nfs, ntfs-3f, puffs, refuse, rump, sshfs, tcp/ip, ukfs, usb]
Catching up: Webfwlog, git, vnd and sparse disk images, acpismbus
Here are two news items from the past few days:
Web-based firewall log reporting and analysis tool Webfwlog 0.94 released:
``Webfwlog is a flexible web-based firewall log analyzer and reporting tool. It supports standard system logs for linux, FreeBSD, OpenBSD, NetBSD, Solaris, Irix, OS X, etc. as well as Windows XP. Supported log file formats are netfilter, ipfilter, ipfw, ipchains and Windows XP. [...]
With Webfwlog you can design reports to use on your logged data in whatever configuration you desire. Included are example reports as a starting point. You can sort a report with a single click, "drill-down" on the reports all the way to the packet level, and save your reports for later use. You can also create a link directly to any saved report.''
See the webfwlog homepage
for more information.
- Git copies of cvs modules available -
spz@ writes that ``htdocs, othersrc, pkgsrc, src and xsrc are now available as
(bare) git repository copies at
These repositories are currently updated every 30 minutes.
They are not authoritative and are not meant to replace cvs,
but if you want to track your development that is not yet fit
for committing into cvs head or sending in as a PR, and want to
use git for that, they may serve as a convenient starting point
- Support for writing file systems on sparse disk images -
File system hacker Antti Kantee writes:
``Yesterday I wanted to write to a file system which was on a sparse
disk image. Normally I would have just used a rump mount, but since the
file system was not at offset = 0 in the file, this failed. vnd wasn't
helpful either: it allowed me to mount the image and then I got weird
errors when writing.
I just finished adding disklabel support to the various rump_fs utilities.
Due to them using the option parsing code of the real mount_fs utilities,
I decided to signal the label number with a magic parameter at the end
of the device (yes, this really simplifies things currently).
Let's assume you're looking at wd0.img. Here's how it works:
=== SNIP ===
golem> disklabel wd0.img
# size offset fstype [fsize bsize cpg/sgs]
a: 719712 63 4.2BSD 1024 8192 0 # (Cyl. 0*- 714*)
b: 66657 719775 swap # (Cyl. 714*- 780*)
c: 786369 63 unused 0 0 # (Cyl. 0*- 780*)
d: 786432 0 unused 0 0 # (Cyl. 0 - 780*)
golem> rump_ffs wd0.img%PART:a% /puffs
rump_ffs: "wd0.img" is a non-resolved or relative path.
rump_ffs: using "/usr/home/pooka/wd0.img" instead.
golem> df /puffs
Filesystem 1K-blocks Used Avail %Cap Mounted on
/usr/home/pooka/wd0.img%PART:a% 338471 256211 65337 79% /puffs
=== SNIP ===
So you specify the partition number as %PART:n%, where is n is obviously
the partition number. Other than that, things work as usual. No vnconfig
etc. necessary. ''
- New ACPI driver: acpismbus(4) - call for testers -
Paul Goyette writes that
``At the request of some folks off-list, I have created a driver for ACPI's
SMBus Control Method Interface. Basically, this is an acpi-based wrapper to
provide device-independant access to i2c/SMBus controllers.
(See spec at http://smbus.org/specs/smbus_cmi10.pdf for further info.)
To see if your system can use this driver, check the output of acpidump for
the existence of a Device(SMB0). If you have an SMB device, I'd appreciate
it if you could help test this driver!''
Continue with Paul's mail to learn on how to test the
driver, and what limitations there are currently.
[Tags: acpi, git, puffs, rump, smbus, webfwlog]
Catching up - what happened in NetBSD-land between mid-August and mid-November
OK, I've been slacking^Wbusy for the past weeks, but I hope things
will get a bit better now. For a start, here's a catch-up of the
things that accumulated in my inbox in the past ~two months:
So much for today. With the NetBSD 5.0 release cycle started, I'd like
to encourage everyone to test the release branch, report errors, send
patches as well as beer and choccolate to make this the best
release that we've ever had.
- Google Summer of Code is over for some time, but apparantly
no final report has emerged so far (shame!). Still, a number
of individual status reports came by on the official lists:
I know of at least one other project (uvc) that has completed but
that I didn't see a report here - maybe I've missed it. Anyways,
GSoC was another big success this year. Thanks, Google!
- Speaking of Adam Hamsik and Logical Volume Management (LVM), Adam
has continued his work in that are, and he has written a device
mapping library that interacts with his kernel driver. This
allows to interact with his GSoC project without using any GPL
See Adam's posting for more details.
- Force 10 Networks, producer of 10gbit switches that use an operating system
based on NetBSD, have added a new feature as part of their FTOS operating
system: VirtualView, which provides virtualization of Force 10 based equipment.
From the xchange article: ``Force10 Networks Inc. this week introduced VirtualView software for benchmaking, troubleshooting and managing virtualized environments based on Force10 gear.''
More information is available
from the Force 10 Networks homepage,
plus in articles by
- Following the latest hype in portable computers, NetBSD has
created a netbook
page that intends to list models and the extent to which they
are supported. Your contributions are most welcome here! (Contact
me for sending updates and hardware :-)
- Zafer Aydogan has made RSS feeds available for CVS commits to
single files - see his mail to netbsd-users
for more details.
- New security advisory were released that I've missed in my
- A project that's been ongoing for quite some time is the move from
"old-school" loadable kernel modules (LKMs) to new-style kernel modules.
Important changes include the fact that modules can be either linked
into the kernel at build time, or loaded into the kernel at
runtime from the same file. Also, the bootloader was modified to
load modules after the kernel, e.g. for a RAM-disk like the one
that is used by the INSTALL kernel.
In the same line, some parts are starting to be moved out of the
GENERIC kernel, and installed as modules that can be loaded by
the new framework then. The start is made
POSIX semaphores as a first step and proof-of concept,
some details are still under hot debate, e.g.
what the file system layout for modules is, and if the belong
to the kernel and its build process, or to the userland.
- While talking about splitting the kernel into modules, Antti
Kantee has continued his work to move parts of the kernel into
userspace, in particular running file system code as userland in
and puffs and (Re)FUSE works.
The idea is to provide the interfaces that file systems need in
the userland, and the result is that you can run code that used
to run inside the kernel in userland now.
Another subsystem running in the kernel that could be moved to
userland by providing appropriate interfaces with the rest of the
kernel is the network stack, and Antti has moved just that to the
userland. See Antti's
mail to tech-net@ for more
information on this impressive work.
- NetBSD has shipped XFree in previous releases, and people who
wanted to use X.org had to install it from pkgsrc. That's all
fine, but to get a modern X, one had to compile things, as no
precompiled binary packages are made available for many
platforms. This is changing now, and NetBSD is getting X.org
integrated via a reachover infrastructure which is also enabled
The "user interface" for this is still in flux, but after some
detour ("build.sh -V MKXORG=yes", without -x), "build.sh -x" now
builds whatever X is considered the default for the
platform. Some platforms already default to use X.org as X, and
more will come, as changes that were made to NetBSD's copy of
XFree are adopted to X.org.
Platforms that use X.org by default now are macppc (see
amd64 and i386.
As X.org is at Revision 7 now, it's installed in /usr/X11R7,
which will lead to a lot of interesting effects. pkgsrc is
already prepared for the new layout, but there are still many
minor details that will need adjusting to the new directory. If
you find one, post your patches to tech-x11.
- Besides the GNU C compiler, there's the BSD-licensed Portable C Compiler
around for some time now. It doesn't offer the same support as
its GNU cousin yet, but this may change now:
The BSD Fund
is currently doing a fund drive to get money to enhance PCC.
The goal is to raise $12,000US to improve support for core
compiler functionality as well as support for C99, gcc
compatibility and the amd64 architecture. See
the project page for further details.
- The NetBSD 5.0 release cycle has started! There's a netbsd-5 branch in CVS,
daily binaries are available for testing, and some of
the highlights of the upcoming release include file system journalling for FFS via WAPBL, and X.org.
To help testing of NetBSD on Cobalt machines, Izumi Tsutsui
has made a NetBSD 5.0_BETA based version of the Cobalt restore CD
- As the final point today, a word on NUMA support from Christoph
Egger. Non-Uniform Memory Access is needed in massive parallel
systems where some nodes have RAM more tightly associated than
others, where the RAM is further away, resulting in different
access times for different regions of memory. In order to support
this, Christop Egger has made first steps.
His example implementation uses information from ACPI, and shows
some heavy dmesg-pr0n from a 16-core machine with four
[Tags: force10, fuse, gcc, google-soc, kmod, lkm, lvm, netbook, numa, pcc, puffs, refuse, rump, Security, x11, xfree, xorg]
Recent development related to puffs, ReFUSE, rump, and more (Updated)
NetBSD's kernel is under very active development these days, and
while many changes are related to improve SMP, it's not the only area.
An area where very interesting and unique work is being done is the
filesystem interfaces that Antti Kantee is working. Things started
out as a past year's Google "userfs" SoC project to implement an interface
for running filesystem code in userland. The project was imported
into NetBSD some time ago. On top of that, a library that mimics the
Linux interface for filesystems in userland. Following the Linux
name FUSE, the re-implementation is called ReFUSE (pun intended :).
webpage about puffs, refuse, FUSE
on the NetBSD website for more information.
Another project that was started by Antti after his work to
run filesystem code in userland is "rump". The project allows to use
"ordinary" filesystems that usually run inside the kernel, and
mimic an environment similar to what's available inside the kernel,
and move the whole filesystem into userland - verbatime, with
no code changes! This allows to develop filesystem code in userland,
and later on move it inside the kernel with no further changes - a
bit step forward for filesystem development!
This all sounds rather easy, but as filesystems need to move data between
storage and memory, a big issue in filesystems is interfacing with the
virtual memory subsystem, and adding interfaces like puffs and ReFUSE
also needs to consider VM for efficient transfers and caching.
Work in this area is still ongoing, and I've asked Antti about his
recent achievements in this area. While the only user-visible
change is caching and performance improvements in the Secure
Shell filesystem's handler "mount_psshfs", most of the changes
are on the inside. Antti wrote me:
``The interesting ones from a programmer's perspective are probably:
Finally, while not really useful for anything except puffs development,
I think the following is cool from the perspective of completeness:
rump, there are two very interesting and active projects
doing research in filesystems on NetBSD, which may lead to changes in
the way filesystems are understood in the Unix world. While there,
a third project that may be worth watching in this regards is
this year's Google
Summer of Code project by Marek Dopiera, which aims at
implementing Hurd translators for NetBSD,
Antti dropped me a note that another project related to
filesystems is this year's "fs-utils"
SoC project. The goal is to create a userland tool to manipulate filesystem
images, and the idea is to reuse kernel code with the
ukfs library. That way, no redundancy between kernel sources
and userland sources are created, and both areas benefit from mutual
testing and code maturity.
[Tags: filesystem, fuse, google-soc, kernel, puffs, refuse]
AsiaBSDCon 2008 Papers
was held in March 2008 in Tokyo, Japan. There werea number of
papers and talks, and a number of them had a
focus on NetBSD:
- Christoph Badura: Gaols - Implementing Jails Under the kauth Frameworki (paper)
- Yuji IMAI, Takahiro KUROSAWA, Koichi SUZUKI, Eiichi MURAMOTO, Katsuomi HAMAJIMA, Hajimu UMEMOTO, and Nobuo KAWAGUTI: BSD implementations of XCAST6 (paper)
- Antti Kantee: Send and Receive of File System Protocols: Userspace Approach With puffs (paper)
- Kristaps Džonsons: Logical Resource Isolation in the NetBSD Kernel (paper)
- Alistair Crooks: A Portable iSCSI Initiator (paper)
- Jörg Sonnenberger, Jared D. McNeill: Sleeping Beauty---NetBSD on Modern Laptops(slides, paper)
[Tags: acpi, asiabsdcon, iscsi, jails, kauth, mult, puffs, xcast]
RUMP - Userspace kernel file system framework
One of this year's summer-of-Code projects is Antti Kantee's
Userspace Kernel File System framework,
which has the goal of creating an interface to run file system code
in userspace. Antti did a lot of work in his previous
Userspace filesystem hooks
which also resulted in
puffs and (re)fuse.
This year's project goes one step further as not only the
are passed from kernel to userspace, but the full filesystem code
is ran in userspace, including memory management (buffer cache!).
This allows developing filesystem code in userland with the "normal"
kernel interfaces, but no panics if something goes wrong -- a simple
core dump, and that's it. To cite from Antti's mail:
``If you want to give it a whirl, upgrade, go to sys/rump, type "make", go
to fs/bin/$foofs and run the file system. It should work to a certain
degree provided your system comes with puffs. Does it do anything a
kernel file system wouldn't do? No .. except the core dump may be smaller
and faster and less intrusive. Oh, actually it does one cool trick: you
can run it on non-block devices, so you don't need to vnconfig the file
system image first (provided, of course, that the file system starts right
from the beginning of the image and that you wouldn't need a disklabel).''
For more information, see
email and his
Summer-of-Code project page.
[Tags: google-soc, puffs, rump, ukfs]
Filesystems in User-Space: puffs, refuse vs. FUSE, and more (Updated)
[I'm taking the liberty to post this unquoted here, as I did the
editing on the news item, based on input from Antti
NetBSD now offers full support for running file systems in userspace.
The core component inside the kernel that exposes a file system
interface towards the userland programs is "puffs", and communicates
with vnodes, the kernel's own idea of files. The "libpuffs" library
is the interface between userland file systems and the kernel
component. To facilitate running the huge amount of file systems
already available for the FUSE interface, but not dictate the
capabilities of puffs by it, it was decided that FUSE support should
be provided as a compatibility layer on top of the native puffs
interface. This compatibility is offered by re-fuse, a BSD-licensed
re-implementation of FUSE. It is designed to be source code compatible
with FUSE, and more information can be found in the refuse(3) manpage.
While puffs is stable for users, the library programming interface and
the binary interfaces are still likely to change, and therefore puffs
and the dependant librefuse are not built by default. For people
tracking -current, the build of all relevant puffs components
(librefuse, psshfs, etc.) by "make build" can be enabled by adding
Using puffs also requires the kernel option "
file-system PUFFS", or alternatively loading the puffs.o kernel module,
which is included in a puffs-enabled build.
FUSE compatibility was added within pkgsrc, and besides the required
infrastructure work a number of FUSE packages were added to pkgsrc in the
new "filesystem" category. Example packages that are currently available
puffs was originally developed during the Google Summer of Code 2005
"userfs" project by Antti Kantee.
It was further polished using funding
from the Ulla Tuominen Foundation and committed
into the NetBSD source tree in October 2006.
The work was presented at AsiaBSDCon 2007 in a paper
entitled "puffs - Pass-to-Userspace Framework File System".
The "refuse" library was
written by Alistair Crooks and committed to NetBSD in February
2007. All components will be available in NetBSD releases starting
with NetBSD 5. Work for using FUSE-enabled packages via pkgsrc was
done by Juan Romero Pardines following import of the "refuse" library.
For more information, see NetBSD's webpage on file systems in userspace at
An in-depth technical description of puffs was presented at
in a paper entitled "puffs - Pass-to-Userspace Framework File System".
The paper and
[Tags: fuse, puffs, refuse]
ReFUSE - Linux-compatible filesystem in userspace interface
After Antti Kantee has picked up his previous
userfs: Userspace file system hooks
Summer-of-Code project, it has since been integrated into
NetBSD, together with a small number of example filesystems --
see my previous report on ssshfs.
Now while having a new interface for filesystems in userspace is all
nice and dandy, there's already such a thing which (of course)
differs in details and is not compatible with the puffs interface:
Filesystem in Userspace (FUSE).
Alistair Crooks has sat down and implemented
"refuse", a FUSE-compat library for puffs that allows
using Linux FUSE filesystems with NetBSD's puffs.
After compatibility with Linux on the source level was realized,
FUSE-based filesystems can be ported to NetBSD easily,
and a separate category was created for them in
NetBSD's Packages System:
pkgsrc/filesystems (link will work shortly ;).
Packages that are available right now:
Much of the work on pkgsrc was done by
Juan 'xtraeme' Romero Pardines, who also told me
his (spanish-language) blog.
- fuse: Filesystem in Userspace (compat headers, pkg-config files, etc.), needed for pkgsrc on Linux
- fuse-archivemount: FUSE gateway to libarchive
- fuse-cddfs: FUSE filesystem that uses libparanoia for audio CDs
- fuse-cryptofs: FUSE encrypted filesystem
- fuse-curlftpfs: FUSE filesystem for acessing FTP hosts
- fuse-httpfs: FUSE HTTP filesystem
- fuse-lzofs: Filesystem which allows you to transparently use compressed files
Please note that this is an area where heavy development is still going on,
and that this work is only available on NetBSD-current.
Upcoming work that we can look forward for are
improvements on FUSE compatibility and a port
filesystem, an open source, freely available NTFS driver for Linux with read and write support.
Many more FUSE modules/filesystems
are available, so it can be expected that there's more to come.
[Tags: filesystem, fuse, puffs]
ssshfs success (Updated)
I've taken the existance of ssshfs as a reason for upgrading
my kernel from the netbsd-4 branch (which will go through
re-birth from -current soon anyways) to today's -current,
and played with ssshfs a bit. As I didn't want to upgrade the
full userland of the machine, I had to do a bit of a dance
to get things going in src/obj/destdir, but after
things work fine, and I can access my $HOME on the remote machine
just like a local file (esp. from outside the chroot):
- chroot .../src/obj/destdir
- cd .../src/obj/destdir/dev ; sh MAKEDEV all puffs
- cd .../src/share/examples/puffs/ssshfs ; make
- ./ssshfs i@remotemachine:/path/to/my/home /mnt
miyu% df | grep destdir
puffs:ssshfs 0 0 0 100% /usr/src/obj/destdir/mnt
miyu% cd /usr/src/obj/destdir/mnt
AdobeFnt.lst OS bin public_html
Desktop OpenOffice.org1.1.0 in tmp
miyu% ls -l .cshrc
-rw-r--r-- 1 39068 2000 4706 Jun 16 01:01 .cshrc
miyu% head -2 .cshrc
# Default .cshrc fuer Solaris, Irix, ...
miyu% md5 .cshrc
MD5 (.cshrc) = 2ad1d2606a5678f312709a388376c2e5
miyu% ls -l test
ls: test: No such file or directory
miyu% date >test
miyu% ls -l test
-rw-r--r-- 1 39068 2000 29 Nov 23 01:19 test
miyu% cat test
Thu Nov 23 01:19:36 MET 2006
miyu% vi test
miyu% cat test
Thu Nov 23 01:19:36 MET 2006
hubertf was here
miyu% rm test
miyu% cat test
cat: test: No such file or directory
Neat! I've found one bug when running stat(2) -- e.g. via ls -l --
on a symlink. ssshfs then hangs and the mounting process needs to
be ^Cd, but I'm sure this is not a major problem.
The cause of the hang was identified: I tried this against
Solaris 9, which has a sshd that only supports
the SFTP File Transport Protocol Version2, but to properly
handle symlinks Version 3 is needed. A check for the
protocol version was added, to indicate the case can't be
[Tags: puffs, ssh]
Digest: ssshfs, NAMP VMware image, Segvguard, BSDtalk and a daemonic bag
OK, I'm too lazy to put this into separate items, so here's
the stuff from today in one digest:
- There was some progress on puffs, the userland filesystem
stemming from last year's Google SoC, some time ago.
More example userland filesystems are now available with
sysctlfs and ssshfs, see
Rumours say that ssshfs works pretty well, which is
a final reason to ditch the (abandoned first cut of the) netbsd-4
branch and make a -current kernel to play with this. BTW, for those
wondering what ssshfs is, see
* simple sshfs
* (silly sshfs? stupid sshfs? snappy sshfs? sucky sshfs? seven sshfs???)
* (sante sshfs? severed (dreams) sshfs? saucy sshfs? sauerkraut sshfs?)
- People complained that there's no ready-made VMware image
with NetBSD available, and this has changed now.
The #NetBSD blog
points at a
NAMP (NetBSD + Apache + MySQL + PostgreSQL + PHP)
image that has quite a lot of software installed in
187MB size. See the
for more information on NAMP.
- Elad, chief security hacker of NetBSD's infrastructure has proposed
to add PaX Segvguard as yet another building stone in NetBSD's
PaX Segvguard monitors the number of segfaults in a program
per-user, in an attempt to detect on-going exploitation attempts
and possibly prevent them. One common attack PaX Segvguard can
help mitigate is when an attacker tries to brute-force a function
return address, when wanting to perform a return-to-lib attack.
See Elad's proposal
for more details! Note that a start of the implementation is
but that this is still work-in-progress.
did an interview with
pkgsrc developer Johnny Lam (jlam@), it's available in
- Last, if you don't know what to wish for Xmas, there's something
for the average BSD geek: a
(which is probably not really authorized by the Daemon owner,
[Tags: bsdtalk, images, puffs, Security, segvguard, ssh, vmware]
Grab the RSS-feed,
or go back to my regular NetBSD page
Disclaimer: All opinion expressed here is purely my own.
No responsibility is taken for anything.