Today the NetBSD Project announced 8.1 release. It already follows the new release cycle without teeny releases and represents selected changes to improve stability and security plus some new enhancements and features. Main highlights include INTEL-SA-00233 (MDS) mitigation, various kernel data leak fixes, smtoff property to disable SMT explicitly in rc.conf(5), addition of mfii(4) and bwfm(4) drivers, DRM/KMS improvements, performance regression fix in tmpfs, updated dhcpcd(8) and httpd(8), fixes for sh(1), reproducible builds, network drivers, thread local storage (TLS) in position independent executables (PIE). All changes can be found here. Source and binaries can be downloaded from the project CDN or any other mirrors.

The NetBSD project released the first and possibly the only release candidate for 8.1 release. As usual this release represents a subset of selected security and stability fixes, additionally with some selected new drivers and enhancements. It has workarounds for the latest CPU vulnerabilities, rc.conf(5) has a new property to disable smt (Simultaneous Multi-Threading). dhcpcd(8) was updated to 7.2.2, along with httpd(8). Full list of changes can be found here. You can download it from NetBSD project CDN or any of the project mirrors.

Since I didn’t write any news update for a while, lately some interesting developments were happening in few NetBSD areas which I would like to share.

Virtualization is one of these areas, it received few interesting updates recently. The first one is Intel HAXM hardware-accelerated support. You can also read an independently written how-to here. It works with Intel CPUs with VTx only. Another one is NetBSD Virtual Machine Monitor or NVVM. Initially it supported AMD CPUs only, but recently it was updated to support Intel CPUs too. You can read It is a good time to start testing them. Update: the developer recently added the detailed NVVM presentation article to the official NetBSD blog.

Another area was LLVM sanitizers and improved LLVM support (reports can be found in NetBSD blog here, here, here and here).

One more hot topic is RISC-V architecture recently. Especially, once WD released their SweRW core on GitHub. The NetBSD project developers started work on RISC-V support as well:

* port-riscv is alive. (hunting for development boards for devs in a possible group buy)
* pkgsrcCon is July 13th (details forthcoming)#netbsd #pkgsrc

— CRYO💫🥃🛸 // FIX: need tech employment, DMs open (@Cryo) February 13, 2019

Finally, you can watch an interesting FOSDEM’19 video by Benny Siegert who provided more info on various updates.

The NetBSD team released the second feature update of the NetBSD 7 release branch on 29 of August, 2018. It contains security and bug fixes as well as new features and enhancements. Release notes can be found here, full is of changes here. Main highlights of the release are USB 3.0 support, enhancements to Linux emulation subsystem, Raspberry PI 3 support, iwm(4) driver for Intel Wireless 726x, 316x, 826x and 416x series added, various USB stability enhancements, bug fixes and stability improvements. You can download it from any of NetBSD mirrors. In case you can’t upgrade to NetBSD 8.0,  it is recommended to update to 7.2.

In case you have a board with VIA CPU supporting padlock security engine and VIA (Chrome) integrated graphics,  NetBSD generic kernel doesn’t support them by default. Because of this, I was building the custom NetBSD kernel manually for many years by uncommenting one of these lines in GENERIC configuration:

#padlock0 at cpu0 # VIA PadLock
…
# DRMUMS drivers
#viadrmums* at drm?
or
#viadrm* at drm? # VIA DRM driver

* viadrmums driver is preferred over viadrm one, because it is newer and more stable  compared to viadrm.  Actually viadrm is already removed from the current branch, however it still available in NetBSD 8 release, thus may still confuse unaware users…

There is an easier option to load them though. Starting NetBSD 6 dynamic kernel modules were introduced in the system. This presentation has a nice introduction on how to use and develop them. Both padlock and viadrmums modules are already provided by the NetBSD. In order to load them these lines need to be added to /boot.cfg file:

# load padlock module
load=padlock
# load VIA DRM UMS driver and required dependencies
load=drmkms_linux
load=drmkms
load=drmkms_pci
load=viadrmums

If everything went OK, these (or similar) lines should be present  in system’s dmesg after reboot:

padlock0 at cpu0: VIA PadLock
padlock0: RNG ACE
…
viadrmums0 at vga0drm: Supports vblank timestamp caching Rev 2 (21.10.2013).

There is one small caveat though, prior NetBSD 8 release above configuration would still likely end up with “bootinfo too big” error during the boot process (if all mentioned modules are enabled at the same time and rndseed /var/db/entropy-file is used, which is default behavior). This was solved with the following commit (bootloader needs to be updated),  NetBSD 8 successfully loads all modules and boot process doesn’t fail. Custom kernel is not required anymore, it just takes few additional lines in the boot configuration file.