Re: ffs2 boot

[Philip Guenther]

On Thursday, April 17, 2014, Otto Moerbeek o...@drijf.net wrote:
...

 But bear in mind that ffs2 has more overhead in terms of metadata.
 IMO, making it the default is not a good idea.


You have fewer than 24 years left to enjoy FFS v1...

more axeing at openssl

[Jean-Philippe Ouellet]

Hi,

Here's more fuel for the OpenSSL fire.  Mostly just axeing at ifdefs,
trying to err on the conservitive side.

There's obviously *TONS* more to clean up, but I only had so much time
tonight. :)

BTW, libssl and libcrypto don't currently build because their Makefiles
still include some recently-killed files, and usr.sbin/openssl won't
build because of at least CRYPTO_malloc  friends, and probably other
reasons.


Index: apps/apps.c
===
RCS file: /cvs/src/lib/libssl/src/apps/apps.c,v
retrieving revision 1.26
diff -u -p -r1.26 apps.c
--- apps/apps.c 16 Apr 2014 16:34:09 -  1.26
+++ apps/apps.c 17 Apr 2014 07:09:45 -
@@ -112,9 +112,7 @@
 #include stdio.h
 #include stdlib.h
 #include string.h
-#if !defined(OPENSSL_SYSNAME_WIN32)  !defined(NETWARE_CLIB)
 #include strings.h
-#endif
 #include sys/types.h
 #include ctype.h
 #include errno.h
@@ -141,11 +139,6 @@
 #include apps.h
 #undef NON_MAIN
 
-#ifdef _WIN32
-static int WIN32_rename(const char *from, const char *to);
-#define rename(from,to) WIN32_rename((from),(to))
-#endif
-
 typedef struct {
const char *name;
unsigned long flag;
@@ -287,44 +280,6 @@ str2fmt(char *s)
return (FORMAT_UNDEF);
 }
 
-#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN32) || 
defined(OPENSSL_SYS_WIN16) || defined(OPENSSL_SYS_NETWARE)
-void
-program_name(char *in, char *out, int size)
-{
-   int i, n;
-   char *p = NULL;
-
-   n = strlen(in);
-   /* find the last '/', '\' or ':' */
-   for (i = n - 1; i  0; i--) {
-   if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':')) {
-   p = (in[i + 1]);
-   break;
-   }
-   }
-   if (p == NULL)
-   p = in;
-   n = strlen(p);
-
-   /* strip off trailing .exe if present. */
-   if ((n  4)  (p[n - 4] == '.') 
-   ((p[n - 3] == 'e') || (p[n - 3] == 'E')) 
-   ((p[n - 2] == 'x') || (p[n - 2] == 'X')) 
-   ((p[n - 1] == 'e') || (p[n - 1] == 'E')))
-   n -= 4;
-
-   if (n  size - 1)
-   n = size - 1;
-
-   for (i = 0; i  n; i++) {
-   if ((p[i] = 'A')  (p[i] = 'Z'))
-   out[i] = p[i] - 'A' + 'a';
-   else
-   out[i] = p[i];
-   }
-   out[n] = '\0';
-}
-#else
 void
 program_name(char *in, char *out, int size)
 {
@@ -337,7 +292,6 @@ program_name(char *in, char *out, int si
p = in;
BUF_strlcpy(out, p, size);
 }
-#endif
 
 int
 chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
@@ -635,15 +589,6 @@ app_get_pass(BIO *err, char *arg, int ke
BIO_printf(err, Can't open file %s\n, arg + 
5);
return NULL;
}
-#if !defined(_WIN32)
-   /*
-* Under _WIN32, which covers even Win64 and CE, file
-* descriptors referenced by BIO_s_fd are not inherited
-* by child process and therefore below is not an option.
-* It could have been an option if bss_fd.c was operating
-* on real Windows descriptors, such as those obtained
-* with CreateFile.
-*/
} else if (!strncmp(arg, fd:, 3)) {
BIO *btmp;
i = atoi(arg + 3);
@@ -656,7 +601,6 @@ app_get_pass(BIO *err, char *arg, int ke
/* Can't do BIO_gets on an fd BIO so add a buffering 
BIO */
btmp = BIO_new(BIO_f_buffer());
pwdbio = BIO_push(btmp, pwdbio);
-#endif
} else if (!strcmp(arg, stdin)) {
pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE);
if (!pwdbio) {
@@ -2600,196 +2544,8 @@ next_protos_parse(unsigned short *outlen
 }
 #endif  /* !OPENSSL_NO_TLSEXT  !OPENSSL_NO_NEXTPROTONEG */
 
-/*
- * Platform-specific sections
- */
-#if defined(_WIN32)
-# ifdef fileno
-#  undef fileno
-#  define fileno(a) (int)_fileno(a)
-# endif
-
-# include windows.h
-# include tchar.h
-
-static int
-WIN32_rename(const char *from, const char *to)
-{
-   TCHAR  *tfrom = NULL, *tto;
-   DWORD   err;
-   int ret = 0;
-
-   if (sizeof(TCHAR) == 1) {
-   tfrom = (TCHAR *)from;
-   tto = (TCHAR *)to;
-   }
-   else/* UNICODE path */
-   {
-   size_t i, flen = strlen(from) + 1, tlen = strlen(to) + 1;
-   tfrom = (TCHAR *)malloc(sizeof(TCHAR)*(flen + tlen));
-   if (tfrom == NULL)
-   goto err;
-   tto = tfrom + flen;
-#if !defined(_WIN32_WCE) || _WIN32_WCE=101
-   if (!MultiByteToWideChar(CP_ACP, 0, from, flen, (WCHAR *)tfrom, 
flen))
-#endif
-   for (i = 0;i  flen;i++)tfrom[i] = (TCHAR)from[i];
-#if 

Re: ffs2 boot

[Otto Moerbeek]

On Wed, Apr 16, 2014 at 11:16:00PM -0700, Philip Guenther wrote:

 On Thursday, April 17, 2014, Otto Moerbeek o...@drijf.net wrote:
 ...
 
  But bear in mind that ffs2 has more overhead in terms of metadata.
  IMO, making it the default is not a good idea.
 
 
 You have fewer than 24 years left to enjoy FFS v1...

and I plan to enjoy every minute of that period!

-Otto

Re: ffs2 boot

[Brandon Mercer]

It will take me about that long to newfs the 10 kvm's I plan on using ;)

On Thu, Apr 17, 2014 at 5:09 AM, Otto Moerbeek o...@drijf.net wrote:
 On Wed, Apr 16, 2014 at 11:16:00PM -0700, Philip Guenther wrote:

 On Thursday, April 17, 2014, Otto Moerbeek o...@drijf.net wrote:
 ...

  But bear in mind that ffs2 has more overhead in terms of metadata.
  IMO, making it the default is not a good idea.
 

 You have fewer than 24 years left to enjoy FFS v1...

 and I plan to enjoy every minute of that period!

 -Otto

Re: ffs2 boot

[Abel Abraham Camarillo Ojeda]

On Thu, Apr 17, 2014 at 5:31 AM, Brandon Mercer
yourcomputer...@gmail.com wrote:
 It will take me about that long to newfs the 10 kvm's I plan on using ;)

 On Thu, Apr 17, 2014 at 5:09 AM, Otto Moerbeek o...@drijf.net wrote:
 On Wed, Apr 16, 2014 at 11:16:00PM -0700, Philip Guenther wrote:

 On Thursday, April 17, 2014, Otto Moerbeek o...@drijf.net wrote:
 ...

  But bear in mind that ffs2 has more overhead in terms of metadata.
  IMO, making it the default is not a good idea.
 

 You have fewer than 24 years left to enjoy FFS v1...

 and I plan to enjoy every minute of that period!

 -Otto




I found it really fast to work with kvm/openbsd if you use -drive
...,if=virtio ...
like 4x-5x times faster than if=ide -the default-

Re: cpsw device timeouts

[Benjamin Baier]

A 3rd check against a self compiled kernel based on the latest anoncvs tree
without any patches shows the same behaviour as described below.

# i=219
# while [ $i -le 226 ];do
 ping -f -n -c100 -s$i 192.168.7.1
 i=$(( $i + 1 ))
 done
PING 192.168.7.1 (192.168.7.1): 219 data bytes
--- 192.168.7.1 ping statistics ---
101 packets transmitted, 100 packets received, 1.0% packet loss
round-trip min/avg/max/std-dev = 2.106/5.609/18.494/2.818 ms
PING 192.168.7.1 (192.168.7.1): 220 data bytes
--- 192.168.7.1 ping statistics ---
101 packets transmitted, 100 packets received, 1.0% packet loss
round-trip min/avg/max/std-dev = 2.076/8.117/17.884/3.961 ms
PING 192.168.7.1 (192.168.7.1): 221 data bytes
--- 192.168.7.1 ping statistics ---..^C
69 packets transmitted, 0 packets received, 100.0% packet loss
PING 192.168.7.1 (192.168.7.1): 222 data bytes
--- 192.168.7.1 ping statistics ---
100 packets transmitted, 100 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 2.075/5.448/9.705/1.633 ms
PING 192.168.7.1 (192.168.7.1): 223 data bytes
--- 192.168.7.1 ping statistics ---
100 packets transmitted, 100 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 4.089/5.867/8.911/0.821 ms
PING 192.168.7.1 (192.168.7.1): 224 data bytes
--- 192.168.7.1 ping statistics ---
100 packets transmitted, 100 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 2.075/5.684/7.629/1.196 ms
PING 192.168.7.1 (192.168.7.1): 225 data bytes
--- 192.168.7.1 ping statistics ---
101 packets transmitted, 100 packets received, 1.0% packet loss
round-trip min/avg/max/std-dev = 2.075/10.302/17.548/5.581 ms
PING 192.168.7.1 (192.168.7.1): 226 data bytes
--- 192.168.7.1 ping statistics ---
101 packets transmitted, 100 packets received, 1.0% packet loss
round-trip min/avg/max/std-dev = 2.075/5.893/17.578/3.663 ms

dmesg
OpenBSD 5.5-current (GENERIC-OMAP) #0: Wed Apr 16 21:56:28 CEST 2014
r...@bbb1.hexa.homeunix.net:/usr/src/sys/arch/armv7/compile/GENERIC-OMAP
real mem  = 536870912 (512MB)
avail mem = 518746112 (494MB)
warning: no entropy supplied by boot loader
mainbus0 at root
cpu0 at mainbus0: ARM Cortex A8 R3 rev 2 (ARMv7 core)
cpu0: DC enabled IC enabled WB disabled EABT branch prediction enabled
cpu0: 32KB(64b/l,4way) I-cache, 32KB(64b/l,4way) wr-back D-cache
omap0 at mainbus0: BeagleBone
prcm0 at omap0 rev 0.2
sitaracm0 at omap0: control module, rev 1.0
intc0 at omap0 rev 5.0
edma0 at omap0 rev 0.0
dmtimer0 at omap0 rev 3.1
dmtimer1 at omap0 rev 3.1
omdog0 at omap0 rev 0.1
omgpio0 at omap0: rev 0.1
gpio0 at omgpio0: 32 pins
omgpio1 at omap0: rev 0.1
gpio1 at omgpio1: 32 pins
omgpio2 at omap0: rev 0.1
gpio2 at omgpio2: 32 pins
omgpio3 at omap0: rev 0.1
gpio3 at omgpio3: 32 pins
omap0: device tiiic unit 0 not configured
omap0: device tiiic unit 1 not configured
omap0: device tiiic unit 2 not configured
ommmc0 at omap0
sdmmc0 at ommmc0
ommmc1 at omap0
sdmmc1 at ommmc1
com0 at omap0: ti16750, 64 byte fifo
com0: console
cpsw0 at omap0: version 1.12 (0), address 90:59:af:58:ce:17
ukphy0 at cpsw0 phy 0: Generic IEEE 802.3u media interface, rev. 1: OUI 
0x0001f0, model 0x000f

scsibus0 at sdmmc0: 2 targets, initiator 0
sd0 at scsibus0 targ 1 lun 0: SD/MMC, Drive #01,  SCSI2 0/direct fixed
sd0: 7384MB, 512 bytes/sector, 15122432 sectors
scsibus1 at sdmmc1: 2 targets, initiator 0
sd1 at scsibus1 targ 1 lun 0: SD/MMC, Drive #01,  SCSI2 0/direct fixed
sd1: 1832MB, 512 bytes/sector, 3751936 sectors
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
scsibus3 at softraid0: 256 targets
boot device: sd0
root on sd0a (6a8ab8283a822f44.a) swap on sd0b dump on sd0b

- Ben

On 04/16/14 20:49, Benjamin Baier wrote:
I patched this against (1st) the latest anoncvs tree and (2nd) against 
your

cpsw patch from 04/12/14 (2).
Both times it works (compile, boot) and so I tested the timeout bug 
described at

http://marc.info/?l=openbsd-bugsm=138275913126582w=2

First i can reproduce the timeout bug with the latest snapshot kernel
OpenBSD 5.5 (GENERIC-OMAP) #11: Sat Mar  8 12:52:57 EST 2014

With the patched kernels (1) and (2) the timeout shiftet.
# ping -f -n -c100 -s289 ip
runs with 0% packet loss
# ping -f -n -c100 -s225 ip
runs with 0% packet loss
# ping -f -n -c100 -s221 ip
runs with complete packet loss (100%), sometimes I get 1 return packet.

All others -s1 up to -s1000 come back mixed, with 1/3rd coming back with
max. 1 lost packet and 2/3rd coming back with 0% packet loss.

- Ben

On 04/14/14 20:18, Brandon Mercer wrote:

whoops, small typo in the previous diff:

cvs diff: Diffing sys/arch/armv7/omap/
Index: sys/arch/armv7/omap//if_cpsw.c
===
RCS file: /cvs/src/sys/arch/armv7/omap/if_cpsw.c,v
retrieving revision 1.21
diff -u -p -u -r1.21 if_cpsw.c
--- sys/arch/armv7/omap//if_cpsw.c  26 Nov 2013 20:33:11 -
1.21
+++ sys/arch/armv7/omap//if_cpsw.c  14 Apr 2014 17:37:27 -
@@ -816,6 +816,8 @@ 

Re: more axeing at openssl

[Ted Unangst]

On Thu, Apr 17, 2014 at 04:00, Jean-Philippe Ouellet wrote:
 Hi,
 
 Here's more fuel for the OpenSSL fire.  Mostly just axeing at ifdefs,
 trying to err on the conservitive side.

I deleted most (all?) of this yesterday. Your cvs mirrors are quite
likely to lag behind development for a while.

Re: ffs2 boot

[Giancarlo Razzolini]

Em 17-04-2014 07:34, Abel Abraham Camarillo Ojeda escreveu:
 On Thu, Apr 17, 2014 at 5:31 AM, Brandon Mercer
 yourcomputer...@gmail.com wrote:
 It will take me about that long to newfs the 10 kvm's I plan on using ;)

 On Thu, Apr 17, 2014 at 5:09 AM, Otto Moerbeek o...@drijf.net wrote:
 On Wed, Apr 16, 2014 at 11:16:00PM -0700, Philip Guenther wrote:

 On Thursday, April 17, 2014, Otto Moerbeek o...@drijf.net wrote:
 ...

 But bear in mind that ffs2 has more overhead in terms of metadata.
 IMO, making it the default is not a good idea.

 You have fewer than 24 years left to enjoy FFS v1...
 and I plan to enjoy every minute of that period!

 -Otto


 I found it really fast to work with kvm/openbsd if you use -drive
 ...,if=virtio ...
 like 4x-5x times faster than if=ide -the default-

I use everything virtio and the performance difference is quite notable.
The only complain is that openbsd won't see more than one processor, no
matter what you do.

-- 
Giancarlo Razzolini
GPG: 4096R/77B981BC

Re: ffs2 boot

[Adam Thompson]

Given the single-threaded nature of much of the kernel, what applications do 
you run where multiple CPUs makes much of a difference to OpenBSD?

Also, switching from IDE to any of the supported SCSI, SAS or SATA disk types 
also produces a noticeable improvement.  I'm not sure if those are available in 
every KVM implementation or just the Proxmox-integrated version... IIRC they're 
available in RHEV too, so most likely they're standard.

-Adam

On April 17, 2014 11:34:19 AM CDT, Giancarlo Razzolini grazzol...@gmail.com 
wrote:
Em 17-04-2014 07:34, Abel Abraham Camarillo Ojeda escreveu:
 On Thu, Apr 17, 2014 at 5:31 AM, Brandon Mercer
 yourcomputer...@gmail.com wrote:
 It will take me about that long to newfs the 10 kvm's I plan on
using ;)

 On Thu, Apr 17, 2014 at 5:09 AM, Otto Moerbeek o...@drijf.net
wrote:
 On Wed, Apr 16, 2014 at 11:16:00PM -0700, Philip Guenther wrote:

 On Thursday, April 17, 2014, Otto Moerbeek o...@drijf.net wrote:
 ...

 But bear in mind that ffs2 has more overhead in terms of
metadata.
 IMO, making it the default is not a good idea.

 You have fewer than 24 years left to enjoy FFS v1...
 and I plan to enjoy every minute of that period!

 -Otto


 I found it really fast to work with kvm/openbsd if you use -drive
 ...,if=virtio ...
 like 4x-5x times faster than if=ide -the default-

I use everything virtio and the performance difference is quite
notable.
The only complain is that openbsd won't see more than one processor, no
matter what you do.

-- 
Giancarlo Razzolini
GPG: 4096R/77B981BC

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: ffs2 boot

[Otto Moerbeek]

On Thu, Apr 17, 2014 at 12:22:44PM -0500, Adam Thompson wrote:

 Given the single-threaded nature of much of the kernel, what applications do 
 you run where multiple CPUs makes much of a difference to OpenBSD?


Come on, a machine runs multiple processes...

 
 Also, switching from IDE to any of the supported SCSI, SAS or SATA disk types 
 also produces a noticeable improvement.  I'm not sure if those are available 
 in every KVM implementation or just the Proxmox-integrated version... IIRC 
 they're available in RHEV too, so most likely they're standard.

 
 -Adam
 
 On April 17, 2014 11:34:19 AM CDT, Giancarlo Razzolini grazzol...@gmail.com 
 wrote:
 Em 17-04-2014 07:34, Abel Abraham Camarillo Ojeda escreveu:
  On Thu, Apr 17, 2014 at 5:31 AM, Brandon Mercer
  yourcomputer...@gmail.com wrote:
  It will take me about that long to newfs the 10 kvm's I plan on
 using ;)
 
  On Thu, Apr 17, 2014 at 5:09 AM, Otto Moerbeek o...@drijf.net
 wrote:
  On Wed, Apr 16, 2014 at 11:16:00PM -0700, Philip Guenther wrote:
 
  On Thursday, April 17, 2014, Otto Moerbeek o...@drijf.net wrote:
  ...
 
  But bear in mind that ffs2 has more overhead in terms of
 metadata.
  IMO, making it the default is not a good idea.
 
  You have fewer than 24 years left to enjoy FFS v1...
  and I plan to enjoy every minute of that period!
 
  -Otto
 
 
  I found it really fast to work with kvm/openbsd if you use -drive
  ...,if=virtio ...
  like 4x-5x times faster than if=ide -the default-
 
 I use everything virtio and the performance difference is quite
 notable.
 The only complain is that openbsd won't see more than one processor, no
 matter what you do.
 
 -- 
 Giancarlo Razzolini
 GPG: 4096R/77B981BC
 
 -- 
 Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: ffs2 boot

[Adam Thompson]

Yes, but the very nature of the discussion concerns VMs, where the point is to 
multiplex the physical CPUs into multiple VMs in user-controllable chunks.  A 
VM with one vCPU is perfectly reasonable and normal.

I've found that having multiple cores available can speed up a desktop, and 
certain classes of cpu-bound server applications, and not much else. 
Those applications are not many; databases (sometimes), web servers 
(sometimes), application servers (often).
The fact my router has 8 cores available doesn't really help it very much.  
(Maybe BGP converges a little bit faster?)  Ditto for my DNS servers, my mail 
server, my proxy server, etc.
So, I would like to know what application Giancarlo has where he actually 
notices the lack of multiple cores.
-Adam

On April 17, 2014 12:23:44 PM CDT, Otto Moerbeek o...@drijf.net wrote:
On Thu, Apr 17, 2014 at 12:22:44PM -0500, Adam Thompson wrote:

 Given the single-threaded nature of much of the kernel, what
applications do you run where multiple CPUs makes much of a difference
to OpenBSD?


Come on, a machine runs multiple processes...

 
 Also, switching from IDE to any of the supported SCSI, SAS or SATA
disk types also produces a noticeable improvement.  I'm not sure if
those are available in every KVM implementation or just the
Proxmox-integrated version... IIRC they're available in RHEV too, so
most likely they're standard.

 
 -Adam
 
 On April 17, 2014 11:34:19 AM CDT, Giancarlo Razzolini
grazzol...@gmail.com wrote:
 Em 17-04-2014 07:34, Abel Abraham Camarillo Ojeda escreveu:
  On Thu, Apr 17, 2014 at 5:31 AM, Brandon Mercer
  yourcomputer...@gmail.com wrote:
  It will take me about that long to newfs the 10 kvm's I plan on
 using ;)
 
  On Thu, Apr 17, 2014 at 5:09 AM, Otto Moerbeek o...@drijf.net
 wrote:
  On Wed, Apr 16, 2014 at 11:16:00PM -0700, Philip Guenther wrote:
 
  On Thursday, April 17, 2014, Otto Moerbeek o...@drijf.net
wrote:
  ...
 
  But bear in mind that ffs2 has more overhead in terms of
 metadata.
  IMO, making it the default is not a good idea.
 
  You have fewer than 24 years left to enjoy FFS v1...
  and I plan to enjoy every minute of that period!
 
  -Otto
 
 
  I found it really fast to work with kvm/openbsd if you use -drive
  ...,if=virtio ...
  like 4x-5x times faster than if=ide -the default-
 
 I use everything virtio and the performance difference is quite
 notable.
 The only complain is that openbsd won't see more than one processor,
no
 matter what you do.
 
 -- 
 Giancarlo Razzolini
 GPG: 4096R/77B981BC
 
 -- 
 Sent from my Android device with K-9 Mail. Please excuse my brevity.

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: ffs2 boot

[Brandon Mercer]

Please take this discussion elsewhere. This email is about being able
to boot off ffs2 not your ability to run vm's.

On Thu, Apr 17, 2014 at 1:30 PM, Adam Thompson athom...@athompso.net wrote:
 Yes, but the very nature of the discussion concerns VMs, where the point is
 to multiplex the physical CPUs into multiple VMs in user-controllable
 chunks. A VM with one vCPU is perfectly reasonable and normal.

 I've found that having multiple cores available can speed up a desktop, and
 certain classes of cpu-bound server applications, and not much else.
 Those applications are not many; databases (sometimes), web servers
 (sometimes), application servers (often).
 The fact my router has 8 cores available doesn't really help it very much.
 (Maybe BGP converges a little bit faster?) Ditto for my DNS servers, my mail
 server, my proxy server, etc.
 So, I would like to know what application Giancarlo has where he actually
 notices the lack of multiple cores.
 -Adam


 On April 17, 2014 12:23:44 PM CDT, Otto Moerbeek o...@drijf.net wrote:

 On Thu, Apr 17, 2014 at 12:22:44PM -0500, Adam Thompson wrote:

  Given the single-threaded nature of much of the kernel, what
 applications do you run where multiple CPUs makes much of a difference to
 OpenBSD?



 Come on, a machine runs multiple processes...


  Also, switching from IDE to any of the supported SCSI, SAS or SATA disk
 types also produces a noticeable improvement.  I'm not sure if those are
 available in every KVM implementation or just the Proxmox-integrated
 version... IIRC they're available in RHEV too, so most likely they're
 standard.



  -Adam

  On April 17, 2014 11:34:19 AM CDT, Giancarlo Razzolini
 grazzol...@gmail.com wrote:

 Em 17-04-2014 07:34, Abel Abraham Camarillo Ojeda escreveu:

  On Thu, Apr 17, 2014 at 5:31 AM, Brandon Mercer
  yourcomputer...@gmail.com wrote:

  It will take me about that long to newfs the 10 kvm's I plan on

 using ;)


  On Thu, Apr 17, 2014 at 5:09 AM, Otto Moerbeek o...@drijf.net

 wrote:

  On Wed, Apr 16, 2014 at 11:16:00PM -0700, Philip Guenther wrote:

  On Thursday, April 17, 2014, Otto Moerbeek o...@drijf.net wrote:
  ...

  But bear in mind that ffs2 has more overhead in terms of

 metadata.

  IMO, making it the default is not a good idea.


  You have fewer than 24 years left to enjoy FFS v1...

  and I plan to enjoy every minute of that period!

  -Otto



  I found it really fast to work with kvm/openbsd if you use -drive

 ...,if=virtio ...
  like 4x-5x times faster than if=ide -the default-


 I use everything virtio and the performance difference is quite
 notable.
 The only complain is that openbsd won't see more than one processor, no
 matter what you do.

 --
 Giancarlo Razzolini
 GPG: 4096R/77B981BC


  --
  Sent from my Android device with K-9 Mail. Please excuse my brevity.


 --
 Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: ffs2 boot

[Giancarlo Razzolini]

Em 17-04-2014 14:30, Adam Thompson escreveu:
 Yes, but the very nature of the discussion concerns VMs, where the
 point is to multiplex the physical CPUs into multiple VMs in
 user-controllable chunks. A VM with one vCPU is perfectly reasonable
 and normal.

 I've found that having multiple cores available can speed up a
 desktop, and certain classes of cpu-bound server applications, and not
 much else.
 Those applications are not many; databases (sometimes), web servers
 (sometimes), application servers (often).
 The fact my router has 8 cores available doesn't really help it very
 much. (Maybe BGP converges a little bit faster?) Ditto for my DNS
 servers, my mail server, my proxy server, etc.
 So, I would like to know what application Giancarlo has where he
 actually notices the lack of multiple cores.
 -Adam
I use it in my firewall. PF runs on only one core, no issue here. But
there is DNS server, web server, nagios, smtpd, squid, plus some other
things running with it. So having more cpu's would be nice. I see some
cpu throughput bottlenecks now and then. It was more of a rant than
anything else. I will only be able to take a look at why the cpu doesn't
show in a few months. And even then I'm not sure I'll be able to solve
the problem.

-- 
Giancarlo Razzolini
GPG: 4096R/77B981BC

Re: ffs2 boot

[Henning Brauer]

* Adam Thompson athom...@athompso.net [2014-04-17 19:31]:
 I've found that having multiple cores available can speed up a desktop, and 
 certain classes of cpu-bound server applications, and not much else. 

MP speeds up all userland-heavy tasks a lot.
MP doesn't yet speed up kernel-heavy tasks as much as it should.

I have one use case where 8-core-MP is more than 7 times faster than
single core.

 Those applications are not many; databases (sometimes), web servers
 (sometimes), application servers (often). 

no, there's much more. As said, most of everything userland-heavy.

 The fact my router has 8 cores available doesn't really help it very
 much.  (Maybe BGP converges a little bit faster?)

it can help bgpd indeed.

 Ditto for my DNS servers, my mail server, my proxy server, etc. 

depends on the workload. heavy content filtering on mailservers will
benefit.

-- 
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/

Re: ffs2 boot

[Marc Espie]

On Thu, Apr 17, 2014 at 12:22:44PM -0500, Adam Thompson wrote:
 Given the single-threaded nature of much of the kernel, what applications do 
 you run where multiple CPUs makes much of a difference to OpenBSD?
 

You're a narrow-minded troll.

Re: relayd SSL/TLS keep RSA private keys in separate process

[Reyk Floeter]

On Fri, Apr 11, 2014 at 08:15:27PM -0600, Bob Beck wrote:
 On Fri, Apr 11, 2014 at 6:09 PM, Reyk Floeter r...@openbsd.org wrote:
 
 
 
  I did some testing with apache bench (ab) and it shows a negative
  performance impact when running with multiple preforked relays and
  concurrent requests.  But this is expected because all processes have
  to wait for the single ca process to complete the RSA operations.
 
  Is this desirable?
 
 Ahh - as compared to what - relayd running with each process itself
 doing the RSA ops (acting as an SSL accelerator)
 in front of it?  then that would be expected.  I wouldn't call it
 desirable - let relayd have more than one CA process.

This updated diff creates one ca process per relay and gives much
better performance results (a little decrease is still there but
that's because of the imsg passing.  That can also be optimized
later).

Currently, relayd creates 5 relay processe by default unless you
change it with the prefork option.  I changed the default to 3
because I think 5 is a little bit too much for most normal use cases
and I didn't measure big differences with normal load testing.  But
these 3 relays will turn into 6 processes now, each one with a CA.

Creating a more flexible N:M mapping (eg. 5 relays and 3 CAs) would
make the code more complex and doesn't seem to work very well, so I
want to stick on the 1 CA per relay.

Any more testers?  Thoughts?

Reyk

Index: Makefile
===
RCS file: /cvs/src/usr.sbin/relayd/Makefile,v
retrieving revision 1.25
diff -u -p -u -p -r1.25 Makefile
--- Makefile14 Apr 2014 12:58:04 -  1.25
+++ Makefile17 Apr 2014 19:26:59 -
@@ -1,11 +1,12 @@
 #  $OpenBSD: Makefile,v 1.25 2014/04/14 12:58:04 blambert Exp $
 
 PROG=  relayd
-SRCS=  parse.y log.c control.c ssl.c ssl_privsep.c \
-   relayd.c pfe.c pfe_filter.c pfe_route.c hce.c relay.c \
-   relay_http.c relay_udp.c carp.c check_icmp.c check_tcp.c \
-   check_script.c name2id.c snmp.c shuffle.c proc.c config.c \
-   agentx.c
+SRCS=  parse.y
+SRCS+= agentx.c ca.c carp.c check_icmp.c check_script.c \
+   check_tcp.c config.c control.c hce.c log.c name2id.c \
+   pfe.c pfe_filter.c pfe_route.c proc.c \
+   relay.c relay_http.c relay_udp.c relayd.c \
+   shuffle.c snmp.c ssl.c ssl_privsep.c
 MAN=   relayd.8 relayd.conf.5
 
 LDADD= -levent -lssl -lcrypto -lutil
Index: ca.c
===
RCS file: ca.c
diff -N ca.c
--- /dev/null   1 Jan 1970 00:00:00 -
+++ ca.c17 Apr 2014 19:26:59 -
@@ -0,0 +1,431 @@
+/* $OpenBSD$   */
+
+/*
+ * Copyright (c) 2014 Reyk Floeter r...@openbsd.org
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED AS IS AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include sys/param.h
+#include sys/queue.h
+#include sys/socket.h
+#include sys/uio.h
+
+#include net/if.h
+#include netinet/in.h
+
+#include limits.h
+#include event.h
+#include fcntl.h
+#include unistd.h
+#include string.h
+#include stdlib.h
+#include errno.h
+
+#include openssl/pem.h
+#include openssl/evp.h
+#include openssl/rsa.h
+#include openssl/engine.h
+
+#include relayd.h
+
+voidca_init(struct privsep *, struct privsep_proc *p, void *);
+voidca_launch(void);
+
+int ca_dispatch_parent(int, struct privsep_proc *, struct imsg *);
+int ca_dispatch_relay(int, struct privsep_proc *, struct imsg *);
+
+int rsae_pub_enc(int, const u_char *, u_char *, RSA *, int);
+int rsae_pub_dec(int,const u_char *, u_char *, RSA *, int);
+int rsae_priv_enc(int, const u_char *, u_char *, RSA *, int);
+int rsae_priv_dec(int, const u_char *, u_char *, RSA *, int);
+int rsae_mod_exp(BIGNUM *, const BIGNUM *, RSA *, BN_CTX *);
+int rsae_bn_mod_exp(BIGNUM *, const BIGNUM *, const BIGNUM *,
+   const BIGNUM *, BN_CTX *, BN_MONT_CTX *);
+int rsae_init(RSA *);
+int rsae_finish(RSA *);
+int rsae_sign(int, const u_char *, u_int,
+   u_char *, u_int *, const RSA *);
+int rsae_verify(int dtype, const u_char *m, u_int,
+   const u_char *, u_int, const RSA *);
+int rsae_keygen(RSA *, int, BIGNUM *, BN_GENCB *);
+
+static struct 

support for Realtek RTS5227 Card Reader

[Claudio Jeker]

Found this in my X240, the following diff makes it work.

rtsx0 at pci1 dev 0 function 0 Realtek RTS5227 Card Reader rev 0x01: msi
sdmmc0 at rtsx0
scsibus4 at sdmmc0: 2 targets, initiator 0
sd1 at scsibus4 targ 1 lun 0: SD/MMC, Drive #01,  SCSI2 0/direct fixed
sd1: 15296MB, 512 bytes/sector, 31326208 sectors

A bit surprised since it seems Linux has two different drivers for RTS52x9
and RTS5227.
-- 
:wq Claudio

Index: dev/pci/rtsx_pci.c
===
RCS file: /cvs/src/sys/dev/pci/rtsx_pci.c,v
retrieving revision 1.4
diff -u -p -r1.4 rtsx_pci.c
--- dev/pci/rtsx_pci.c  6 Nov 2013 13:51:02 -   1.4
+++ dev/pci/rtsx_pci.c  4 Apr 2014 20:13:41 -
@@ -58,7 +58,8 @@ rtsx_pci_match(struct device *parent, vo
return 0;
 
if (PCI_PRODUCT(pa-pa_id) == PCI_PRODUCT_REALTEK_RTS5209 ||
-   PCI_PRODUCT(pa-pa_id) == PCI_PRODUCT_REALTEK_RTS5229)
+   PCI_PRODUCT(pa-pa_id) == PCI_PRODUCT_REALTEK_RTS5229 ||
+   PCI_PRODUCT(pa-pa_id) == PCI_PRODUCT_REALTEK_RTS5227)
return 1;
 
return 0;

Re: support for Realtek RTS5227 Card Reader

[Mark Kettenis]

 Date: Thu, 17 Apr 2014 23:42:26 +0200
 From: Claudio Jeker clau...@openbsd.org
 
 Found this in my X240, the following diff makes it work.
 
 rtsx0 at pci1 dev 0 function 0 Realtek RTS5227 Card Reader rev 0x01: msi
 sdmmc0 at rtsx0
 scsibus4 at sdmmc0: 2 targets, initiator 0
 sd1 at scsibus4 targ 1 lun 0: SD/MMC, Drive #01,  SCSI2 0/direct fixed
 sd1: 15296MB, 512 bytes/sector, 31326208 sectors
 
 A bit surprised since it seems Linux has two different drivers for RTS52x9
 and RTS5227.

You might want to sort the IDs such that they are in numerical order.

Anyway, if this works, ok kettenis@, there is no downside.

 Index: dev/pci/rtsx_pci.c
 ===
 RCS file: /cvs/src/sys/dev/pci/rtsx_pci.c,v
 retrieving revision 1.4
 diff -u -p -r1.4 rtsx_pci.c
 --- dev/pci/rtsx_pci.c6 Nov 2013 13:51:02 -   1.4
 +++ dev/pci/rtsx_pci.c4 Apr 2014 20:13:41 -
 @@ -58,7 +58,8 @@ rtsx_pci_match(struct device *parent, vo
   return 0;
  
   if (PCI_PRODUCT(pa-pa_id) == PCI_PRODUCT_REALTEK_RTS5209 ||
 - PCI_PRODUCT(pa-pa_id) == PCI_PRODUCT_REALTEK_RTS5229)
 + PCI_PRODUCT(pa-pa_id) == PCI_PRODUCT_REALTEK_RTS5229 ||
 + PCI_PRODUCT(pa-pa_id) == PCI_PRODUCT_REALTEK_RTS5227)
   return 1;
  
   return 0;
 
 

Re: ffs2 boot

[Juan Francisco Cantero Hurtado]

On Wed, Apr 16, 2014 at 05:29:36PM -0500, Shawn K. Quinn wrote:
 On Wed, Apr 16, 2014, at 03:05 PM, Miod Vallat wrote:
[responding to Brandon Mercer who wrote:]
   The other day I was doing an install in qemu-kvm and newfs was taking
   forever, to the tune of hours. This is similar to formatting on arm
   boards. In my quest to track down why, I discovered that ffs2 takes far
   less time to format than ffs1 (about 30 seconds for the entire disk). 
   
   I've put together a diff that updates the boot blocks on amd64 to be 
   able to boot ffs2. From there it's a one line change to make newfs 
   format ffs2 by default. Obviously this would need to happen for other 
   architectures as well and I'd be glad to tackle that if others see 
   this as worthwhile. Please let me know your thoughts. 
  
  Awesome. You've just trimmed my todolist by a few lines (-:
  And you've done it so that you do not force UFS2 support on
  tight-space-challenged boot blocks on other arches.
 
 I'm not against adding cool features, but are there people who really
 need a root filesystem of one whole terabyte or larger? I've never

The best feature of UFS2 for me is a faster fsck.

 needed my root filesystem to be larger than, say, a gigabyte or two. The
 only case for which this might make some sense is an external hard
 drive, formatted FFS2, on a 1T+ drive nearly full of personal files that
 just happens to have a bsd.rd in the root to reinstall/upgrade a hosed
 system. For most others, there should be a note that making your root
 filesystem That Big is usually a Really Bad Idea.

-- 
Juan Francisco Cantero Hurtado http://juanfra.info