All the information on using uefi with qemu seems to aged out as projects have been abandoned.

On FreeBSD (around 15-beta2) we need to get the uefi edk2 firmware, which is packaged:

# pkg install qemu edk2-qemu-x64

This will provide three images, one of which we need to give to qemu with the bios option.

$ pkg info -l    edk2-qemu-x64
edk2-qemu-x64-g202308_5:
        /usr/local/share/edk2-qemu/QEMU_UEFI-x86_64.fd
        /usr/local/share/edk2-qemu/QEMU_UEFI_CODE-x86_64.fd
        /usr/local/share/edk2-qemu/QEMU_UEFI_VARS-x86_64.fd
        /usr/local/share/licenses/edk2-qemu-x64-g202308_5/BSD3CLAUSE
        /usr/local/share/licenses/edk2-qemu-x64-g202308_5/LICENSE
        /usr/local/share/licenses/edk2-qemu-x64-g202308_5/catalog.mk

I picked QEMU-UEFI-x86_64 which worked.

qemu-system-x86_64 will take a bios to use with the --bios flag (or if you are bored and want to write 16 bit assembly you can give it your own bios )

I spent quite a while debugging a minimal boot flow, I think qemu is stashing nvram somewhere, but I can't for the life of me figure out if it really is or where it might be. In the end I used the efi shell to reconfigure the boot order and I started getting complaints about there not being enough memory with the default qemu flags. I added -m 2048M to get around this.

qemu-system-x86_64 -display none -serial mon:stdio \
    -m 2048M --bios /usr/local/share/edk2-qemu/QEMU_UEFI-x86_64.fd \
    -drive file=fbsd.raw,format=raw,if=virtio

I am trying so hard to not acquire more computers, but the need to test a ton of stuff and have a good reference platform forced my hand. Rather than do any research I took trasz@'s recommended Dell laptop as test target and picked one up from eBay, a Dell Latitude 7280.

It was 65 quid with about a fiver in postage and there are a ton of them. So many that I wasn't super discerning when reading the listing.

The Dell Latitude 7280 is ~12 inch Intel laptop with a 1366x768 display, it has USB ports, will take USB-C power (vital considering how few come with power supplies), HDMI out, Ethernet and a nice surprise a USB smart card reader builtin (I even have some java card smart cards somewhere I could try, I won't, but I could).

I let it boot windows to verify it came up and then started about installing. I couldn't break into the bios with a key press and used the windows "reboot to firmware" hidden menu to get into Dell's firmware.

Out of the box all of the hardware works:

The bios doesn't lock which WiFI cards you can use - the main reason for getting this machine was that trasz@ said suspend/resume worked until he used iwx and I needed a platform to debug iwx suspend on.

I had no issue swapping out the builtin WiFI for an iwx card and now I'm portable for testing I could get pretty close to my attic AP and pull/push ~400 Mbit with iwx.

This computer is really well supported, but its a bit of a dog. I didn't read the eBay listing well, it doesn't have the rubber feet, but that's fine I put it on a silicon matt on my desk. The battery is absolutely goosed, the bios lists battery health as 9%, this was in the listing I just, well didn't really care.

apciconf says it should get an hour on battery, but I haven't let it run to nothing. I got a replacement battery so I can use this thing as a test platform for an upcoming GSoC power management project and it being a Dell part meant getting replacement was quite easy.

I wouldn't recommend this exact laptop, maybe a Latitude 7280 with a working battery and feet would be okay. It is slow as hell, building a kernel took 1838 seconds, 30 minutes is a long time for real development work.

The screen resolution is quite low compared to modern 2k displays, but its probably fine for programming tasks and writing. I wouldn't want to do builds on it.

The hardware seems quite nice apart from the rubber surface which seems to be degrading. I don't think I got a representative laptop, if you want a test FreeBSD machine this might be a great choice at well under 100 quid even if you have to replace the battery.

--

Update

Working on the Latitude 7280 is a really nice experience. I have replaced the WiFi and just after publishing this post a new battery arrived. There are 8 captive screws on the bottom which give access to quite a well laid out board. In mine there is space for a wwan modem.

The battery replacement was excellent, a replacement was 25GBP. The battery is held in with 2 extra screws (1 case screw also secures it), the cable has a pull chord from the motherboard connector. The battery side for the cable is a little harder to remove, but no challenge compared to a glued down thing. Sure it is a plastic laptop, but it is light and thin enough. I don't really get Apples excuse for their stuff not being this maintainable.

I have had thinkpads before and they've never been great while they have been expensive. This 2018 computer is much nicer than any thinkpad I had.

With the new battery this looks to be a great machine for sitting in vim:

Design capacity:    7895 mAh
Last full capacity: 7895 mAh
Technology:     secondary (rechargeable)
Design voltage:     7600 mV
Capacity (warn):    789 mAh
Capacity (low):     239 mAh
Low/warn granularity:   78 mAh
Warn/full granularity:  78 mAh
Model number:       DELL DW3WC64
Serial number:      44280
Type:           LION
OEM info:       SMP
State:          discharging
Remaining capacity: 100%
Remaining time:     8:17
Present rate:       953 mA (8124 mW)
Present voltage:    8525 mV

You can find a full dmesg here.

Here we are 8% of the way through the year and the end of January. Perfect time to check in with what is going on in FreeBSD.

Goings on

BSD Devroom at FOSDEM 2024

I'm writing today above the North Sea on my flight to AMS on the way to Brussels for FOSDEM. The BSD Devroom is running tomorrow (Saturday the 1st of Feb) and there is a great line up of talks. If you are within a reasonable travel distance head over, its a free event and there is a ton of stuff going on.

Beyond the talks there will be a FreeBSD table for the project and the foundation. We have stickers and I'll be there if you want to chat about goings on in the project or to complain about some of the bugs I've written recently.

Stab week

This was the first stab week of the year and two regressions were picked up through repeatided stabbings:

• Compilation failure on 32-bit platforms. Fix [5289625dfecb] (https://cgit.freebsd.org/src/commit/?id=5289625dfecb)
• Instant panic with SO_REUSEPORT_LB and nginx. Fix 06bf119f265c

glebius@ is adding scripts to make it easier to know when it is time to stab. I'm hoping more tooling involves and we start getting more testing in the stab weeks. The work Netflix is doing here is incredibly helpful for the quality of FreeBSD, but other workloads should also be represented.

Network Stack

Caught in stab week was a regression in the TCP listen operation when it is called multiple times on a socket. This was harmless generating multiple TCP state changes until last week after a clean up fixing races where started to call LIST_REMOVE() twice on the same entry.

• 63efd7f5ac66 socket tests: Add a test which calls listen() twice on an lb socket
• 06bf119f265c sockets/tcp: quick fix for regression with SO_REUSEPORT_LB

Style and small fixes for netlink and netlink/route support.

• cdacb12065e4 netlink/route: validate family attribute
• 031fbf8dc962 netlink/route: fix fib number validation in old Linux compat mode
• 49a6e213416b netlink/route: fix nlattr_get_multipath() to check length
• 876b88a44829 netlink: consistently use unsigned types in the parser
• 810c122695d7 netlink: use u_int as argument for ifnet_byindex()
• 8b094a9801ed netlink: style(9) pass over message parsing code

ip6addrctl manages address selection policy for outgoing packets. With some improvements teach it how to run in a jail.

• 6dcdd79a251b ip6addrctl(8): Teach ip6addrctl to attach and run itself in a jail
• 13ce55b66fad ip6addrctl(8): Strictly check the number of arguments
• 7bb9ba61d357 ip6addrctl(8): Use static initializer

Netdev

Replace the single global admin taskqueue with a per interface admin taskqueue. This should resolve timeouts when long operations are performed without using too much more in resources.

• 3ad01642fe9e iflib(4): Replace admin taskqueue group with per-interface taskqueues

Add a device id to ure, otherwise it will use the CDC mode driver. If you have issues with USB Ethernet you might want to look to see if moving from the CDC driver will help.

• dc273058cb0b ure(4): Add support for ELECOM EDC-QUA3C

Wireless

Some further fixes around firmware loading for iwm and its integrated bluetooth controller.

• 0feaf865ce8e iwmbtfw(8): fix getopt flags, unify usage()/manual page contents
• ff4116313eb4 iwmbtfw(8): don't program hardware without existing firmware image
• 06969db31202 Refactor iwmbtfw: modularize and de-constify
• f466ba4ca479 Refactor iwmbtfw: set default firmware_dir after argument parsing

Add support for Blueooth Secure Simple Pairing - which I didn't manage to look up before getting on a plane.

• 4ae0fa8a2f8b ng_hci: add support for Bluetooth Secure Simple Pairing

Firewalls

This is the third week of changes adding support for NAT64 with some more changes coming in via OpenBSD.

• 3bf6554017b7 pf: remove PFLOGIFS_MAX
• 06a6ec55fbd0 pf: ignore/preserve ECN bits on ToS matching and scrubbing
• 7a372bded812 pf: make reply-to work with nat64
• ca0e69345320 pf: cope with route-to on af-to rules
• 0972294ef034 pf: add a dedicated pf pool for route options
• 899e79760dcc pfctl: allow an implicit address family for af-to rules
• 3331975ab18f pf: check rather than assert pool type
• 5cb08fddef99 pfctl: improve NAT pool handling

• 096efeb658b5 pfctl: follow rpool -> rdr rename

• af33f86e6aef carp: don't unintentionally revert to multicast mode

User Tooling

Netcat is the network swiss army knife, an incredibly useful and flexible tool for doing stuff that requires you to put packets onto the network. It is great exemplar of how to use networking options and used more and more by network tests. There was an issue in this stab period around SO_REUSEPORT_LB , making testing more practical helps catch issues closer to their introduction.

• 04a3ca71ead6 netcat: Add a flag to enable the use of SO_REUSEPORT_LB

Other stuff

Nice fix from mckusick@ to UFS1 file system helping with the inevitable passage of time.

• 1111a44301da Defer the January 19, 2038 date limit in UFS1 filesystems to February 7, 2106

  Defer the January 19, 2038 date limit in UFS1 filesystems to February 7, 2106

  UFS1 uses a signed 32-bit value for its times. Zero is January 1, 1970 UTC. Negative values of 32-bit time predate January 1, 1970 back to December 13, 1901. The maximum positive value for 32-bit time is on January 19, 2038 (my 84th birthday). On that date, time will go negative and start registering from December 13, 1901. Note that this issue only affects UFS1 filesystems since UFS2 has 64-bit times. This fix changes UFS1 times from signed to unsigned 32-bit values. With this change it will no longer be possible to represent time from before January 1, 1970, but it will accurately track time until February 7, 2106. Hopefully there will not be any FreeBSD systems using UFS1 still in existence by that time (and by then I will have been dead long enough that no-one will know at whom to yell :-).

  It is possible that some existing UFS1 systems will have set times predating January 1, 1970. With this commit they will appear as later than the current time. This commit checks inode times when they are read into memory and if they are greater than the current time resets them to the current time. By default this reset happens silently, but setting the sysctl vfs.ffs.prttimechgs=1 will cause console messages to be printed whenever a future time is changed.

Please Send Feedback

Smaller report this week. I'm trimming out more "small fixes" style comments. I'm going to play with the format of these posts more over the next few months. I am trying to add value beyond just rewriting commit messages, sometimes it is good to show the continuous on going work, but it will get a bit tedious if that is 60% of the report each week.

I'm giving a FOSDEM talk tomorrow on the writing of these reports.

I would love to know if this summary was any help, if it was, or if you think I should cover other thing please let me know (thj@freebsd.org).

If you find a typo or have a correct let me know and I'll thank you at the end here.

You can see all prior posts here. ( rss )

My work on FreeBSD is supported by the FreeBSD Foundation , you can contribute to improving FreeBSD with code, documentation or financially by donating to the FreeBSD Foundation .

My favourite terrible computer has been locking up after a VM panics and I need to panic a VM a lot to find a firmware crash. The hard power cycle reboot loop is taking too long and I'm done with it.

More annoyingly is is also hard locking up copying the VM off the machine. Thisb forced a trip to the attic, a reinstall of my large memory host (which for reasons had a 128GB NVMe, which is silly on a machine with 128GB of RAM!).

That is fine, I can pull the NVMe and drop it in an enclosure and just copy locally. For a zfs disk on a machine with an existing zroot this was turned out to be very painful. Somehow no one has written down how to do this either:

Normally zpool import take a name argument, but it can take a pool id. If you are using a machine with zfs on root then you will already have a pool called zroot , so trying to import your pool from an external drive will fail with the name already in use.

Finding the pool id can be done with the -d argument to zpool import . This takes a device to use as a pool.

# zpool import -d /dev/da3p4
  pool: zroot
    id: 647281366119489090
 state: ONLINE
status: Some supported features are not enabled on the pool.
    (Note that they may be intentionally disabled if the
    'compatibility' property is set.)
action: The pool can be imported using its name or numeric identifier, though
    some features will not be available without an explicit 'zpool upgrade'.
config:

    zroot       ONLINE
     da3p4     ONLINE

Now you can use the pool id instead of a name with zpool import

# zpool import -R /mnt -N -f 647281366119489090 -t oldzroot

With this command I ask zpool to import with a different root location ( -R ) so I don't clobber my existing file system, to not mount anything ( -N ), use the id and to use a temporary name for the pool ( -t oldzroot ).

With the pool imported you can find your dataset and mount it with zfs list and mount -t zfs .

Goings on

FOSDEM 2025 is next weekend and we are fortunate this year to once again be running the BSD Devroom. The program is on the schedule

I need help staffing the Project/Foundation table at FOSDEM, if you want to help send me an email (thj@freebsd.org).

13.5 code slush in effect

The schedule currently looks like this:

ports quarterly branch:  January 1, 2025
reminder email:          January 13, 2025
stable/13 slush:         January 24, 2025
doc/ tree slush:         January 31, 2025
releng/13.5 branch:      February 7, 2025
BETA1 build starts:      February 7, 2025
BETA2 build starts:      February 14, 2025
doc/ tree tag:           February 14, 2025
BETA3 build starts:      February 21, 2025
ports package builds:    TBD (Between February 14 and 28)
RC1 build starts:        February 28, 2025
RELEASE build starts:    March 7, 2025
RELEASE announcement:    March 11, 2025
13.4-RELEASE EoL:        June 30, 2025
13.5-RELEASE EoL:        April 30, 2026
Branch EoL:              April 30, 2026

You can find the current issues for the release on this wiki page https://wiki.freebsd.org/Releng/13.5ISSUES .

This is the final release in the 13 cycle.

Network Stack

Previously this would always increment the first counter in the array. Accounting is really difficult! But good accounting can help you find interesting bugs .

• ce52baebd3b3 icmp6: Fix ICMP6 message type counters

The netlink API is getting more attention. I think we will see more network subsystems move towards netlink in the future so improvements here are always good.

• d521362f8f7e netlink: fix build
• ddc7fd6641c3 netlink: provide snl_clone() to create a secondary snl state
• f2a4eed3e13b netlink: underscore snl_get_genl_family_info() to discourage its use

• fb63082c0cc6 netlink: provide snl(3) API for variable length raw data attribute

  "A GARP is always transmitted when an IPv4 address is added to an interface."

• b4bd97ec168e netinet tests: basic garp test

• 38fdcca05d09 netinet: enter epoch in garp_rexmit()
• 013784c967f9 netinet: virtualize net.link.ether.inet.garp_rexmit_count

Netdev

After a short 5 years (!!!) in review we have a new network adapter in USB umb(4) . This gives us support for cellular modems and makes fail over setups on FreeBSD possible. These are normally just data modems so we don't have a FreeBSD phone (yet).

• 0f1bf1c22a0c umb: Introduce the USB umb(4) network driver
• 86bfbaf1002c sys: add MBIM (mobile broadband interface module) interface type.

markj@ is continuing fixing races in inpcb.

• 7cbb6b6e28db inpcb: Close some SO_REUSEPORT_LB races, part 2

Wireless

adrian@ has continued his long series of changes to improve rtwn, if you want easy wifi in a random machine picking up a usb wifi device and testing it would help make this even better. More so if you work or visit somewhere with an interesting network like a huge campus or a University.

• 043d6a24b290 rtwn: add workaround sleep in r92e_set_chan()
• 5f9a2eec337c rtwn: bring the RTL8192EU RF read/write routines in line with rtl8xxxu
• 40fc36ff2c1d rtwn: fix RTL8192EU power-down / power-up hanging

Improvements to handling of bluetooth firmwarein iwm WiFi devices.

• d7df65349960 iwm: add sku_cap_mimo_disable; populate sku_cap_11n_enable
• 31a8b9782dc3 iwm: update rate tables from OpenBSD
• b8cdbe1852ef iwmbtfw: Check firmware exists before trying to upload it

Firewalls

More work on NAT in pf and supporting tests. The pace of pf development is incredible.

UPDATE: kp@ told me I missed the point of these changes the message should be something more like:

Ported OpenBSD's NAT64 pf implementation, extended it to support SCTP,
dummynet and if-bound mode. As a bonus added test cases.

"Don't send bug reports to kp@"

• 3bf6554017b7 pf: remove PFLOGIFS_MAX
• 06a6ec55fbd0 pf: ignore/preserve ECN bits on ToS matching and scrubbing
• 7a372bded812 pf: make reply-to work with nat64
• ca0e69345320 pf: cope with route-to on af-to rules
• 0972294ef034 pf: add a dedicated pf pool for route options
• 899e79760dcc pfctl: allow an implicit address family for af-to rules
• 3331975ab18f pf: check rather than assert pool type
• 697c1568b75a pf: fix IPv6 route lookup for nat64
• 7f846fc0e7ce pf tests: reproduce use-after-free in fragment reassembly
• 5d28f4cab8d5 pf: clean up mbuf passing for reassembly
• 5cb08fddef99 pfctl: improve NAT pool handling
• 096efeb658b5 pfctl: follow rpool -> rdr rename
• af33f86e6aef carp: don't unintentionally revert to multicast mode

User Tooling

Did you know that you can boot over http using the efi loader?

• 2f35419fb26d stand/efihttp: Add device type check to efihttp_fs_open()

Other stuff

Wider address space support on arm64, I can't find evidence of any hardware supporting this, but you can test in qemu or the arm simulator.

• 3041b636463d arm64: Support mapping a 52-bit physical adddress K

Sad news for the few keeping PowerMacs alive (but probably not surprising), Add a depreciation notice for firewire.

• cda74c35cb37 firewire: Add deprecation notice

Please Send Feedback

I would love to know if this summary was any help, if it was, or if you think I should cover other thing please let me know (thj@freebsd.org).

If you find a typo or have a correct let me know and I'll thank you at the end here.

You can see all prior posts here. ( rss )

My work on FreeBSD is supported by the FreeBSD Foundation , you can contribute to improving FreeBSD with code, documentation or financially by donating to the FreeBSD Foundation .