From owner-soc-status@freebsd.org Mon Aug 10 09:16:49 2015 Return-Path: Delivered-To: soc-status@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DEA0099D82A for ; Mon, 10 Aug 2015 09:16:48 +0000 (UTC) (envelope-from tuchalia@gmail.com) Received: from mail-lb0-x234.google.com (mail-lb0-x234.google.com [IPv6:2a00:1450:4010:c04::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4C536C48; Mon, 10 Aug 2015 09:16:48 +0000 (UTC) (envelope-from tuchalia@gmail.com) Received: by lbbpo9 with SMTP id po9so91664010lbb.2; Mon, 10 Aug 2015 02:16:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-type; bh=62t1oXci6cDuEIpQkMwSh5Wt4FyWUHsTUj6Thh+cAG0=; b=TotBJS7+uMI2TGveZKGIUHLNRhm3b5i6coHsZSc5pak2ul39WQz+35OPKhpNr8T65Z VQUs8brmwGPl2h0RTrB+xKti2FPeiMY8hG3PNlAeJBlx5BcY1TNdEvSxkD7ztIwlqWQe yeIZV/usgSwbTucYRaEkeP6J4Iq2PmtrgaOUbkZwqL5+Xkv3qQAT6+tjFVEd6ogE83Wc p1UhjVDo8frG5oBhXTqfCeunPO/z4NkD8fEUqN7W3uDIm59vjpV+ZkjpgiTXnQsrt93U Z/lduvnrKFueKIE6f2JWc8NY41qPRPHiM2gaW8lcRPHVapirx6wzf2GbIZac6ZX3zNM0 hhnw== X-Received: by 10.112.142.196 with SMTP id ry4mr19402932lbb.68.1439198205863; Mon, 10 Aug 2015 02:16:45 -0700 (PDT) MIME-Version: 1.0 References: <358A0094-61DE-4685-933F-EDED85A6A07C@freebsd.org> In-Reply-To: From: Daniel Peyrolon Date: Mon, 10 Aug 2015 09:16:36 +0000 Message-ID: Subject: Re: Status reports for "JIT for firewalling" To: George Neville-Neil Cc: soc-status@freebsd.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: soc-status@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Summer of Code Status Reports and Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Aug 2015 09:16:49 -0000 Hi everyone, This week I managed to get code emission and compilation right for all rules, except the three that modify the control flow. (skipto, call and return). These will be done this week. El jue., 6 ago. 2015 a las 10:38, George Neville-Neil () escribi=C3=B3: > Great, I'll go look at the update etc. > > Best, > George > > > On 5 Aug 2015, at 22:49, Daniel Peyrolon wrote: > > > Yes, all of that is commited at my repo. > > > > El mar., 4 ago. 2015 a las 14:13, George Neville-Neil ( >) > > escribi=C3=B3: > > > >> Sounds very promising. > >> Have you committed an pushed the changes that made everything > >> start to work? Even if that's just a set of notes, rather than code, > >> that ought to be preserved. > >> > >> Best, > >> George > >> On 3 Aug 2015, at 9:15, Daniel Peyrolon wrote: > >> > >>> Hello, > >>> > >>> Finally we have the firewall working! > >>> I get a kernel panic whenever I try to filter an unbounded number of > >>> packets, but it doesn't when filtering a small amount of packets. > >>> > >>> The things to do now are: > >>> - Test that the emission of all the new rules is working properly, an= d > >>> test that rule. > >>> - Avoid kernel panic. This will take a longer time, but we need this = in > >>> order to get the firewall working in real-world systems. > >>> - Write flow modifying rules: Given that I've been out of the game fo= r > >>> so long, I haven't been able to get those rules written yet, but > luckily > >>> they are only two rules, and its implementation shouldn't be hard. > >>> > >>> El lun., 27 jul. 2015 a las 20:36, Daniel Peyrolon (< > tuchalia@gmail.com > >>> ) > >>> escribi=C3=B3: > >>> > >>>> Hi again, > >>>> > >>>> Unfortunately I haven't been able to make any further progress. > >>>> I've been having a lot of problems to get the compiler working. I > tested > >>>> many different hypotheses about the bug with no success so far, and > I've > >>>> talked with David Chisnall to see if he could lend me a hand and he > has > >>>> given me some pointers. So, hopefully, I'll be past this stage this > >> week. > >>>> > >>>> El lun., 20 jul. 2015 a las 15:43, George Neville-Neil (< > >> gnn@freebsd.org>) > >>>> escribi=C3=B3: > >>>> > >>>>> Seems like the next thing to do is build from source as David > suggests. > >>>>> > >>>>> Best, > >>>>> George > >>>>> > >>>>> > >>>>> On 20 Jul 2015, at 4:47, Daniel Peyrolon wrote: > >>>>> > >>>>>> Hi everyone, > >>>>>> > >>>>>> This has not been a productive week. I've been so far unable to ge= t > >>>>>> the > >>>>>> compiler working, I contacted David Chinsall as I said, and I have > >>>>>> been > >>>>>> looking to make everything works. The initialization process of LL= VM > >>>>>> is not > >>>>>> working as expected, which may be related to a bad install (we hav= e > >>>>>> already > >>>>>> disarded that), a bad building process, or a bad LLVM initializati= on > >>>>>> process. Given the fact that the LLVM API has changed a lot since > the > >>>>>> last > >>>>>> time, that may be possible. > >>>>>> > >>>>>> El s=C3=A1b., 11 jul. 2015 a las 12:24, Daniel Peyrolon > >>>>>> () > >>>>>> escribi=C3=B3: > >>>>>> > >>>>>>> Hi everyone, > >>>>>>> > >>>>>>> This last pair of weeks I've written the code needed to compile > >>>>>>> almost all > >>>>>>> the rules, except those that modify control flow: call and skipto= . > >>>>>>> For > >>>>>>> those ones I will have to write them by hand on LLVM IR. > >>>>>>> > >>>>>>> I also started working on the testing code. I'm using conductor t= o > >>>>>>> control the different hosts. I already have reserved a pair of > hosts > >>>>>>> from > >>>>>>> the netperf cluster in order to get that running. > >>>>>>> > >>>>>>> So far I haven't been able to test anything because the compiler = is > >>>>>>> not > >>>>>>> working yet, there has been a change in the API of LLVM since I > last > >>>>>>> worked > >>>>>>> with it, I sent an email to my past mentor, David Chisnall asking > for > >>>>>>> advice. > >>>>>>> -- > >>>>>>> Daniel > >>>>>>> > >>>>>> -- > >>>>>> Daniel > >>>>> > >>>> -- > >>>> Daniel > >>>> > >>> -- > >>> Daniel > >> > > -- > > Daniel > --=20 Daniel From owner-soc-status@freebsd.org Mon Aug 10 17:39:43 2015 Return-Path: Delivered-To: soc-status@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 421C999E9B4 for ; Mon, 10 Aug 2015 17:39:43 +0000 (UTC) (envelope-from mihai.carabas@gmail.com) Received: from mail-wi0-x22a.google.com (mail-wi0-x22a.google.com [IPv6:2a00:1450:400c:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C5777CF8 for ; Mon, 10 Aug 2015 17:39:42 +0000 (UTC) (envelope-from mihai.carabas@gmail.com) Received: by wicne3 with SMTP id ne3so145309028wic.1 for ; Mon, 10 Aug 2015 10:39:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=W2GkQAcUtaEqWWHpAWLkEfhOeQBMq5K96jJpkw2DBl4=; b=0PA4TU+OWAXq0jv6FP/qbKygdqqCet9JBfon2caF9ht8d+AV3YltSXIDj1Mgz5eCd6 Rv97kmtG7We3vAvwOyZq18VHIJSXKFV314lHUT3VOYUWWqS6KMbbfATiDuoLKl7XwZH2 FBShYvxOwWdPaDAzMXupi7TBCTQt26O9WuekUOapPvQ6kZds1fuzzLdsUzUqaebYJxDz kYmYwYTfJq+M/IHZdx7JLhLtn5IcLWToLo8/m3WI4R7uNndobvT/xPJ0JSTpAYVGqe9k 0fKxFmuBaM+zeAhi608MwU+pEPbNSYp2zosSdAvWurvdSLfm31bx0JcmQYtImaKg7A0Q WgvQ== MIME-Version: 1.0 X-Received: by 10.194.171.9 with SMTP id aq9mr49275014wjc.30.1439228380303; Mon, 10 Aug 2015 10:39:40 -0700 (PDT) Received: by 10.28.21.132 with HTTP; Mon, 10 Aug 2015 10:39:40 -0700 (PDT) In-Reply-To: References: Date: Mon, 10 Aug 2015 20:39:40 +0300 Message-ID: Subject: Re: [GSOC] bhyve port on ARM - weekly status report From: Mihai Carabas To: soc-status@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: soc-status@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Summer of Code Status Reports and Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Aug 2015 17:39:43 -0000 Hi everyone, > In the past week I managed to boot the guest all the way down to Interrupt > Controller initialization [1]. There were minor bugs in the emulation code > I had to fix. After that I've start reading the GIC ARM manual and tried to > look at other vGIC implementations (virtualization of the Generic Interrupt > Controller). I didn't get to write any code yet, I'm still trying to get > the whole picture. This would be the last step before being able to run a > guest (without timer virtualization - we can use an auxiliary timer mapped > to the guest). > In the last week I've started coding on ARM VGIC infrastructure: - I've created a new header file gic.h to export current registers to be used by the VGIC - I've exported the arm_gic_softc which is used to probe the VGIC specific registers (I know it's unclean, but until I find a cleaner method, I will go this way -> it's not so clear yet how much of the gic.c internals I will need in the vgic.c) - I've created in sys/arm/vmm/vgic.c the vgic_hyp_init function which is probing the VGIC specific addresses from the DTS file, I've mapped the virtual cpu control interface into hyp-mode (to be able to save/restore these at each context switch) and saved the virtual cpu interface base for later use - I've created a new userspace ioctl VMM_ATTACH_VGIC which is sending the physical address for the distributor that needs to be emulated and for the cpu interface that will be mapped on top of the virtual cpu interface - I've created a new function vgic_attach in sys/arm/vmm/vgic.c which is called by the previous ioctl which is saving the userspace data, it's initializing some structures and maps the cpu control interface - We need to do an in-kernel emulation for the VGIC distributor. Further I've created a new function called vgic_emulate_distributor which is called in the vmm.c code (I know it's unclean, but I wanted to ressemble with x86 in-kernel emulation and here I didn't have any defines for the emulated addresses, I needed the struct hyp). The vgic_emulate_distributor is calling vmm_emulate_instruction which specific handlers for read/write emulation. I will push the code tomorrow. Right now I'm adding some printfs to check that the flow for vgic distributor is working ok. Thank you, Mihai From owner-soc-status@freebsd.org Mon Aug 10 18:24:18 2015 Return-Path: Delivered-To: soc-status@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A1B6199E258 for ; Mon, 10 Aug 2015 18:24:18 +0000 (UTC) (envelope-from prasadjoshi.linux@gmail.com) Received: from mail-vk0-x22f.google.com (mail-vk0-x22f.google.com [IPv6:2607:f8b0:400c:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 56B709F1 for ; Mon, 10 Aug 2015 18:24:18 +0000 (UTC) (envelope-from prasadjoshi.linux@gmail.com) Received: by vkhl6 with SMTP id l6so61868480vkh.1 for ; Mon, 10 Aug 2015 11:24:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=dsNcEumiVjT5xEsMHHCMjotnZMfqFWuf+KVB6qlF9vA=; b=oA8dkoV2bPNWumhTHqvF+c1cEvFzXnu+Qv4IN0yjawmcQ2fG0JJ0CGZMvQVubb/Zi/ Vx3fdOb5Nm4s+nc3Bckc+2fSro2t/KgJwT7JgbrXw8XmSivFOH7PimrZlkO4nnmz56dU 4cvUHjVB5QWTzYPXE9n3LtYi+zr8mQw2mi1dbKYacseqWvaCWZWvwY8wqZLa4ZMrLC9L B1L5Ry3oRABokGblfD0IrIWXhOwpg9D5TSgBwJCm7mAeIVeHtsnfxgb7JBEcyMG/FEn/ o6MPO6dw7O89Qvd3NoXaWPAUkmKuYWSDKmlzuY76mkgqH53t5XfAraA0XzJK5zPpHHLy tyFw== MIME-Version: 1.0 X-Received: by 10.52.122.52 with SMTP id lp20mr24902649vdb.64.1439231057135; Mon, 10 Aug 2015 11:24:17 -0700 (PDT) Received: by 10.31.50.6 with HTTP; Mon, 10 Aug 2015 11:24:17 -0700 (PDT) Received: by 10.31.50.6 with HTTP; Mon, 10 Aug 2015 11:24:17 -0700 (PDT) In-Reply-To: References: Date: Mon, 10 Aug 2015 23:54:17 +0530 Message-ID: Subject: Re: [gsoc15] dynamically discover bes From: Prasad Joshi To: soc-status@freebsd.org Cc: Xin LI Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: soc-status@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Summer of Code Status Reports and Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Aug 2015 18:24:18 -0000 1. Fixed broken sort functionality 2. Printf compilation problem is fixed 3. Started working on multiple SPA support Tasks for next week ================ Complete multiple SPA support. - Prasad On Aug 4, 2015 1:01 AM, "Prasad Joshi" wrote: > Status Report > =========== > 1. Added flat zap support > 2. Removed common, unnecessary code. > 3. When machine bootsup, instead of waiting for a keypress to show > bootmenu, now it is displayed as soon as machine starts. If no key is > pressed, default BE is used for booting in 5 seconds > > Tasks for coming week > ================== > 1. Fix broken sort functionality > 2. Fix util.c and libstand.a compilation problem > 3. Special keys for example arrow keys, home, pageup etc aren't working > till now > > On Tue, Jul 28, 2015 at 1:04 AM, Prasad Joshi > wrote: > > Status report > > ========== > > The BEs menu is working. With my code changes, when machine is booted > > by default gptzfsboot tries to boot an active BE. However, if user > > presses any key, the code finds out all BEs and displays menu for > > selection to user. Once user selects a BE to boot from, appropriate > > information is passed to next stage of boot loader. > > > > Tasks for coming week > > ================= > > 1. I disabled some of the existing gptzfsboot code which handles > > serial console. I will try to enable it again and check if menu > > functionality works on serial console. > > > > Thanks and Regards, > > Prasad > > > > On Sun, Jul 12, 2015 at 10:03 PM, Prasad Joshi > > wrote: > >> Status report for past two weeks > >> ========================= > >> - Last two weeks I struggled to get non-active BE to boot completely - > >> after zfs mount -a all files in /dev/ used to disappear. Finally > >> disabling canmount property on each dataset helped me boot non-active > >> BEs. > >> > >> - I added code to pass mountpoint information from gptzfsboot to > >> zfsloader, then from zfsloader I could set vfs.root.mountfrom env > >> variable. > >> > >> - Added code to find timestamp of each BE clone, with this change BEs > >> could now be sorted on either timestamp, BE name, or object number > >> > >> Tasks For coming week > >> ================== > >> 1. start the initial implementation of menu functionality. > >> > >> On Tue, Jun 30, 2015 at 7:26 PM, Prasad Joshi > >> wrote: > >>> Week 5 Update > >>> > >>> - I did not work on GSoC for 3 days in this week. Had to attend full > >>> day sessions in the University. > >>> - Last week I was faced with a problem with booting alternate > >>> (non-active) BE. Plan in this week was to locate the problem. It seems > >>> like, during bootup zfsloader needs to initialize libzfs library. The > >>> libzfs library initialization fails because '/dev/zfs' cannot be > >>> opened. I verified the zfs kernel modules, which create the device are > >>> loaded. I think, and as suggested by mentor, I will have to set > >>> vfs.root.mountfrom environment variable during bootup. > >>> > >>> Thanks and Regards, > >>> Prasad > >>> > >>> On Mon, Jun 22, 2015 at 11:42 PM, Prasad Joshi > >>> wrote: > >>>> Week 4 update > >>>> > >>>> - I have been able to discover BEs on console. I could detect active > BE. > >>>> Created list of BEs. Code to sort BEs on object number, name, or > timestamp > >>>> is added. > >>>> > >>>> - I am able to boot from nonactive BE to some extent. At the moment, > code > >>>> requires me to enter BE number to boot from. > >>>> > >>>> Tasks next week > >>>> 1. Identify a problem with be bootup. > >>>> 2. Pass mount point info through env variable to loader. > >>>> 3. Start with console based menu. > >>>> > >>>> Thanks and Regards, > >>>> Prasad > >>>> > >>>> On Jun 15, 2015 7:48 PM, "Prasad Joshi" > wrote: > >>>>> > >>>>> Week 3 status > >>>>> ========== > >>>>> After understanding on disk representation of snapshots and clones, I > >>>>> have been able to find names of the BEs created using beadm command. > I > >>>>> could print the BE names on console. > >>>>> > >>>>> The next task would be to convert BE names to object numbers, create > >>>>> list of BEs. > >>>>> > >>>>> Thanks and Regards, > >>>>> Prasad > >>>>> > >>>>> On Tue, Jun 9, 2015 at 6:36 AM, Prasad Joshi > >>>>> wrote: > >>>>> > Last week I mostly worked on understanding beadm and gptzfsboot > code > >>>>> > > >>>>> > beadm create prepares new BE by creating a snapshot and clone of > that > >>>>> > snapshot. beadm activate command sets bootfs property of the POOL. > >>>>> > bootfs property contains object number of active dataset object. > >>>>> > During bootup gptzfsboot probes all the disks, creating SPA for any > >>>>> > valid pool. gptzfsboot assumes the first pool it finds as a primary > >>>>> > pool, it then reads meta object set, then tries to find object > nunber > >>>>> > of active dataset object either through > >>>>> > a. bootfs - it would be set if BE was already created > >>>>> > b. mos->properties_zap->root_dataset->dd_head_dataset_obj (through > >>>>> > root_datasets bonus buffer) > >>>>> > Once the object number is obtaind gptzfsboot mounts the dataset. > >>>>> > > >>>>> > After mounting, few files are looked up like /boot/config or > >>>>> > /boot.config for presense of boot command (did not went into > details > >>>>> > of this). Then (if keyboard is not hit), gptzfsboot execs > >>>>> > /boot/zfsloader. If gptzfsboot is interrupted by keyboard, then it > >>>>> > displays default BE or POOL it is trying to boot from (using > >>>>> > zfs_rlookup() to map active dataset object to string BE name). > Though > >>>>> > I haven't checked this but through serial console user would be > >>>>> > allowed to enter other pool or BE to boot from. > >>>>> > > >>>>> > I could not go into details of how gptzfsboot reads > /boot/zfsloader from > >>>>> > disk. > >>>>> > > >>>>> > Pending Tasks > >>>>> > ============= > >>>>> > 1. Understand upon keyboard interruption, how user entered zfs > paths > >>>>> > (format [zfs:pool/filesystem:][/path/to/loader]) are converted in > >>>>> > object numbers? > >>>>> > 2. Learn ZFS on disk format in more details so as to identify > active > >>>>> > dataset object numbers of all BEs. Once the object numbers are > >>>>> > available, I can use zfs_rlookup() function to map object number to > >>>>> > printable pool name. > >>>>> > 3. Prepare library for console based menu. > >>>>> > > >>>>> > Plan for next week > >>>>> > ================== > >>>>> > Pending task 2 above > From owner-soc-status@freebsd.org Tue Aug 11 00:36:06 2015 Return-Path: Delivered-To: soc-status@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E3E9B998627 for ; Tue, 11 Aug 2015 00:36:06 +0000 (UTC) (envelope-from mdw@freebsd.org) Received: from mehl.mmap.at (static.56.42.47.78.clients.your-server.de [78.47.42.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 15B3C195; Tue, 11 Aug 2015 00:36:06 +0000 (UTC) (envelope-from mdw@freebsd.org) Received: from [192.168.43.98] (unknown [91.141.1.214]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mehl.mmap.at (Postfix) with ESMTPSA id E70D1B0867; Tue, 11 Aug 2015 02:35:54 +0200 (CEST) Message-ID: <55C9435B.8010301@freebsd.org> Date: Tue, 11 Aug 2015 02:35:39 +0200 From: Manuel Wiesinger User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.8.0 MIME-Version: 1.0 To: Baptiste Daroussin , soc-status@FreeBSD.org Subject: Status: Linux packages for pkg(8) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Tue, 11 Aug 2015 02:34:10 +0000 X-BeenThere: soc-status@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Summer of Code Status Reports and Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Aug 2015 00:36:07 -0000 Hey, My status: I have working code in libpkg/repos/linux_deb to update. That means download the deb-manifest, verify it, and put all that is useful to the database, including dependencies. Doing it for conflicts is trivial, because it uses the same syntax as for dependencies. But when I do 'pkg update' for the official FreeBSD repos the pkg_conflicts stays empty. So I haven't done it yet. It works just to call pkg update. I have code to read and extract a .deb package, but I have difficulties to integrate it into pkg. That is because the repo-code is layered nicely, but the code to install a package and parts of the SAT-solver are highly specific for binary packages. As far as I can tell, the only seminal way is to create a layer for installation and support for different repo-types at all parts where it's necessary. Either integrate my code in a hackish manner or make it usable with an own layer. I don't dare to create an own layer alone by myself, because it is a rather big intervention in the whole architecture of pkg. I'm in discussion with bapt@ what to do best. Nothing done about .rpm so far TODOs: .) Use the NELEM marko instead of my own STRLEN one. They are semantically identical .) get rid of mktemp() .) write a function to compare versions of .deb-packages. This function is specified by the Debian-Project. I'll use only the documentation, to avoid 'stealing' GPL-code. .) write a function that does pkg-audit Regards, Manuel