HardenedBSD February 2021 Status Report

This month was a busy one, especially for our infrastructure. We purchased and received three refurbished Dell servers and one Cavium ThunderX server. Two of the three Dell servers were deployed. One is being used for our GitLab migration[1][2]. The second one is being set up as the HardenedBSD 14-CURRENT nightly build and package build server.

With the ThunderX server, we now have a production-capable arm64 server. I'm hoping that we can promote arm64 as a teir 1 architecture by the end of March. Though the server is deployed, I still need to copy the build scripts over and perform is final configuration.

FreeBSD recently landed a W^X implementation (congrats!), but it interferes with our PaX-inspired implementation. In addition to infrastructure work, I've been looking into this. I'm only able to reproduce when building packages--when there's a heavy load on the system. I'm working on some candiate patches, but they're not ready for commit.

The new package build server can be reached at [3]. The Tor onion service address is [4].

The next non-hackery item on my list is to reach out to 2020 donors that donated $250 USD or more to HardenedBSD. I need to give them their tax statement in case they itemize their taxes. I also need to reach out to recent donors to see if they want their name listed on our donations page.

I appreciate the help and support from the community. It's because of you that this project is possible. Your donations enable me to serve you.

[1]: https://git.hardenedbsd.org/
[2]: https://groups.google.com/a/hardenedbsd.org/g/users/c/wZgihY3PR8E/m/gVbZ...
[3]: http://ci-08.md.hardenedbsd.org/
[4]: http://t3xwovqp3hijxp2wskcg2ot5jqpwjd63uaeodsp3ltduhvpxb47aegad.onion/