July 11, 2025

The FreeBSD Foundation kindly sponsored my trip to Ottawa for the BSDCan 2025 conference and FreeBSD Developer Summit.  The event spanned four days, with the first two for the developer summit and the second two for the conference. Both took place at the University of Ottawa as they have in past years.

 

I arrived in Ottawa in time for the Goat BoF at Father and Sons. In addition to getting to pet Groff the BSD goat, it was a wonderful opportunity to catch up with friends I only see once a year and make a few new ones. After a long day of traveling, I headed back to my room in U90 to rest up for the first day of the developer summit.

The first day of the developer summit opened with a presentation from the FreeBSD Foundation covering the community survey, transparency efforts, and software development projects, particularly their work on improving laptop support. It is encouraging to see the focused effort on making FreeBSD more compelling as a daily driver.

The Core Team followed with their readout, highlighting several longer-term efforts including reviewing the by-laws to address some recent challenges, re-imagining the role of the DocEng team, and charting a technical roadmap. This roadmap will serve multiple purposes such as guiding new contributors who ask “how can I help?” and coordinating efforts between the community and organizations like the FreeBSD Foundation.

The project’s AI policy sparked considerable discussion between the audience and Core. The proposed policy prohibits material generated by AI or a LLM (Phabricator review D50650 for the curious) due to potential open source license violations. The consensus was there shouldn’t be an AI ban. For example, using AI to proofread commit messages should be allowed, and the ports collection can include AI tools.

After lunch, the srcmgr team presented their mission to reduce friction for new developers and boost productivity for all developers. They detailed current activities like auto-MFC’ing commits and bug-busting sessions, plus an aspirational goal to consolidate project tooling (Phabricator, Bugzilla, and GitHub).

The day included two industry presentations: Verisign explained how OS diversity requirements led them to deploy FreeBSD in their infrastructure, while NVIDIA discussed adding IPSec offload to FreeBSD’s mlx5 driver.

The second day of the developer summit opened with a presentation from the Alpha-Omega Project on software supply chain security. The project started in 2021, funded by Microsoft, Google, and Amazon to help improve the security of open source software. The talk had fascinating insights as to what has worked (and what hasn’t) in their efforts to improve security.

Instead of the typical “have, need, want” session to generate desired features for the next release of FreeBSD, we focused on the remaining items to button up for the 15.0 release. For 15.0, the major change will be distributing the OS as an expansive set of packages (a.k.a., “pkg-base”) instead of the traditional handful of larger distribution sets. This is an eagerly awaited change, but the discussion demonstrated there are still quite a few i’s to dot and t’s to cross. Other topics include upgrading the version of OpenSSL in base to the new LTS version and the deprecation of some 32-bit architectures.

 

One addition to the developer summit was the Round Robin Session. This consisted of two developers talking to each other about any topic, FreeBSD related or not. And every five minutes another developer swaps places with one of the developers. This was great fun and hopefully returns next year.

During the evening’s hacker lounges, I had the opportunity to revisit an unfinished project from a few years back. I had mentored a Google Summer of Code student who undertook the ambitious project of adding a SquashFS driver to the kernel. While the student did a great job, they ran out of time and were not able to get the code committed. Kyle Evans, one of the FreeBSD developers (kevans@), found the student’s work promising, and he spent some time getting the code closer to a committable state. I rebased Kyle’s change on to the current FreeBSD kernel, wrote some integration tests with kyua, and worked with Alex Ziaee (ziaee@) to add a manual page for the driver.

 

The talks at BSDCan this year were varied and interesting, and the schedule forced me to pick between two talks scheduled in the same time slot several times. Some of talks that stood out for me included:

  • Stefano Marinelli’s talk on “Why (and how) we’re migrating Linux servers to the BSDs” describes his journey to solve problems for customers with open-source software. Not only is his story compelling, but it provides a case study in how the stability and reliability of the BSD operating systems coupled with a pragmatic “solve problems” mindset changed customer’s questions from, “there is something other than Linux?” to “more jails, please”. The passion and enthusiasm behind this talk was infectious and helped to “recharge my FreeBSD  batteries”.
  • Hans-Jörg Höxer discussed AMD hardware support for “Confidential Computing” in OpenBSD. Here, the goal is to protect sensitive data in your virtual machine which is running in an untrusted environment (e.g., in a hyperscaler’s data center). The hardware provides runtime encryption, software/firmware attestation, and strong memory isolation guarantees. The talk reviewed the previous work on AMD Secure Encrypted Virtualization (a.k.a., SEV) in part, to provide context for the discussion but also to motivate the new work on SEV-ES. Given OpenBSD’s excellent track record on clean and secure designs, I’m excited to try porting this work to FreeBSD’s vmm and bhyve.
  • Xe Iaso gave the lightning talk “I fight bots in my free time” about their software Anubis, a web AI firewall utility. It was fascinating listening to the story of a developer scratching their itch and rapidly discovering many others have the same problem.

 

In the “hallway track” of the conference, I had an interesting conversation with another FreeBSD developer (Allan Jude) about their idea to connect bhyve and an NVMe-oF storage array. Getting this type of chance encounter to trade ideas and (potentially) spawn new projects is what makes attending conferences so valuable.

The closing session for the conference included the always popular auction benefiting the Ottawa Mission and MC’d by Dan Langille. Highlights included:

 

  • A conference attendee having to buy back their jacket for $110
  • Dan selling a Trader Joe’s paper bag, but needing to scratch out his credit card info on the included receipt

 

Thank you to the FreeBSD Foundation for sponsoring my attendance at the conference.

– Contributed by Chuck Tuffli