Re: Two Junior Kernel Hacker tasks..
Sat, Jun 23, 2001 at 12:23:35, tlambert2 (Terry Lambert) wrote about Re: Two Junior Kernel Hacker tasks..: make buildkernel is rather easy way to work it around: in any case object tree is machine-dependent, and one yet another directory does not destroy anything. ;| The make buildkernel approach sucks for incremental builds, since you are unable to avoid the config run each time, and a lot of unnecessary stuff gets compiled again because of opt_*.h files whose contents have not changed (even if you defeat the clean of the compile directory). It is mostly problem of current implementation. You can define some variables (NO_KERNELDEPEND, NOCLEAN, NO_KERNELCONFIG) and avoid it, if you are sure you can do it in this way. I said about the right idea to move last rarity - kernel building - outside from /usr/src, to /usr/obj or another object prefix. The make release process has similar problems, for Of course, and `make buildworld' also. But for most cases -DNOCLEAN is enough to skip unnesessary steps. /netch To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: resolv.conf options
Sat, Jun 23, 2001 at 19:01:42, LConrad (Len Conrad) wrote about resolv.conf options: RTFS ;)) s man resolv.conf talks about options, but not timeout or retry S means source. For FreeBSD standard resolver, source of /etc/resolv.conf reading is in src/lib/libc/net/res_init.c. But you are right that FreeBSD resolv.conf variant does not set `retry' or `retrans' from config. With 10 requests per second which require recursive search, named 8.2.3-release hangs up on my systems in a hour or two (it stops to serve requests, doesn't crash). upgrade to 8.2.4, 8.2.3 had a self-kill bug. I'm satisfied with 9.1.1. /netch To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Two Junior Kernel Hacker tasks..
On Fri, Jun 22, 2001 at 10:50:00AM -0700, Matthew Jacob wrote: Why can't we do it like NetBSD and have sys/${MACHINE_ARCH}/compile? It makes it harder to make src/sys/compile a single simple symlink to writable storage. Our /sys layout is suffiently different from NetBSD, I don't think there is any benefit from following them (nad it would be sys/arch/${MACHINE_ARCH}/compile anyway). -- -- David ([EMAIL PROTECTED]) To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Two Junior Kernel Hacker tasks..
On Fri, Jun 22, 2001 at 01:51:54PM -0500, Will Andrews wrote: On Fri, Jun 22, 2001 at 11:43:58AM -0700, Matthew Jacob ([EMAIL PROTECTED]) wrote: Yes, and you're right. But we'll probably never do this (tm). Never say never. I for one am in favor of that system. =) Yuck! Puke! I for one am not in favor of that system. -- -- David ([EMAIL PROTECTED]) To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Two Junior Kernel Hacker tasks..
On Fri, Jun 22, 2001 at 12:42:36PM -0600, Warner Losh wrote: Please use ${MACHINE}, not ${MACHINE_ARCH}. That way I can build GENERIC for both i386 and pc98 at the same time without resorting to the GENERIC98 hack I use now. ... I'd be up for doing this, so long as I got to choose where to build into :-) sys/arch/${MACHINE}/compile/FOO but that would start the arch bikeshed. I'd love to just do it. Which is another good reason for sys/compile/${MACHINE}/FOO Otherwise where DOES the pc98 kernel builds happen? Under the non-existant sys/pc98/ ? With powerpc, we are going to have a lot of different ports ala i386/pc98 (that have the same MAHINCE_ARCH, but different MACHINE) if NetBSD is any indication. Even more data that IMHO makes sys/compile/${MACHINE}/FOO make more sense. -- -- David ([EMAIL PROTECTED]) To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Two Junior Kernel Hacker tasks..
On Fri, Jun 22, 2001 at 12:11:36PM -0700, John Baldwin wrote: On 22-Jun-01 Warner Losh wrote: In message [EMAIL PROTECTED] John Baldwin writes: : 2) Build kernels in sys/compile/${MACHINE_ARCH}/FOO rather than : sys/compile/FOO. Please use ${MACHINE}, not ${MACHINE_ARCH}. That way I can build GENERIC for both i386 and pc98 at the same time without resorting to the GENERIC98 hack I use now. Sure, sounds good. Actually, with mjacob's suggestion, I would go with sys/${MACHINE}/compile/FOO pc98 and powerpc variations will make this ugly. I would tackle the sys/arch bikeshed on its own merits for now. (BTW, I favor sys/arch FWIW). If we use the path I proposed above (sys/MACHINE/compile/FOO) then if we do a sys/MACHINE - sys/arch/MACHINE move we get the compile directory move for free. PUKE, GROSS. NO. -- -- David ([EMAIL PROTECTED]) To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Two Junior Kernel Hacker tasks..
On Sat, Jun 23, 2001 at 10:44:51PM -0700, John Baldwin wrote: On 23-Jun-01 Peter Pentchev wrote: On Sat, Jun 23, 2001 at 12:23:35PM -0700, Terry Lambert wrote: make buildkernel is rather easy way to work it around: in any case object tree is machine-dependent, and one yet another directory does not destroy anything. ;| The make buildkernel approach sucks for incremental builds, since you are unable to avoid the config run each time, and a lot of unnecessary stuff gets compiled again because of opt_*.h files whose contents have not changed (even if you defeat the clean of the compile directory). About the release process, you are right, it is a bit harder to restart without some tweaks, but the buildkernel target is about as restartable as it can be. (I really don't think anyone would ever advocate skipping the config(8) or the 'make depend' stage..) Actually, make depend takes a relatively long time, and when I'm hacking on a kernel, I don't want to wait 15 minutes to build a kernel after changing one file. I compile kernels w/o config or make depend a lot. OK, so if you're really really sure your changes do not affect the dependency graph, use -DNOKERNELDEPEND :) G'luck, Peter -- This sentence contains exactly threee erors. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Query: How to tell if Microsoft is using BSD TCP/IP code?
Wes Peters said on Jun 23, 2001 at 23:28:42: Plenty of GNU stuff there, though it doesn't say so explicitly. Of course, they say it's all meant only for legacy Unix stuff. Can you substantiate your claim there is plenty of GNU stuff in Interix, or are you just talking out your ass as usual? Why should I substantiate it? Do it yourself if it bothers you. R To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Status of encryption hardware support in FreeBSD
Soren Kristensen [EMAIL PROTECTED] writes: As I now has prototypes avaliable of low cost PCI and MiniPCI boards, moving to production in a couple of weeks, I would like to check up on the work, as I would really like to see FreeBSD support. The boards are now supported in OpenBSD 2.9. OK, so if I understand correctly, the encryption hardware in question offers a high-speed hardware implementation of the encryption algorithms used by IPSec, so it's a matter of a) having support code that interfaces with the hardware, possibly with a device interface to allow userland apps access to the encryption hardware and b) making our (well, KAME's) IPSec code use that instead of doing the encryption in software. Is that it, or did I misunderstand something? Now, if you want FreeBSD support for your hardware, all you have to do is find a willing developer whistles innocently, send him a sample board (or preferably two, for a full circuit, but one will do) with complete documentation and any additional resources you are willing and able to provide, and then wait a bit. Simply asking for someone to port the OpenBSD driver will not do - OpenBSD and FreeBSD are not very similar at the kernel level, and as others have stated before in a different context, driver source does not constitute adequate documentation. It helps, but it's neither sufficient nor necessary. DES -- Dag-Erling Smorgrav - [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Status of encryption hardware support in FreeBSD
Dag-Erling Smorgrav([EMAIL PROTECTED])@2001.06.24 17:48:47 +: Soren Kristensen [EMAIL PROTECTED] writes: As I now has prototypes avaliable of low cost PCI and MiniPCI boards, moving to production in a couple of weeks, I would like to check up on the work, as I would really like to see FreeBSD support. The boards are now supported in OpenBSD 2.9. OK, so if I understand correctly, the encryption hardware in question offers a high-speed hardware implementation of the encryption algorithms used by IPSec, so it's a matter of a) having support code that interfaces with the hardware, possibly with a device interface to allow userland apps access to the encryption hardware and b) making our (well, KAME's) IPSec code use that instead of doing the encryption in software. Is that it, or did I misunderstand something? i think ipsec crypto abstraction into hardware is one side of the medal, but the other side -- to be polished first -- ist getting openssl onto the iron. for my former employer i had my hands on rainbow crupto hardware. it is a pci card called cryptoswift with a number, indicating the amount of ssl handshakes per second. the company has been renamed to ivea (http://www.ivea.com/). i came across this board since it is used in several appliance style boxes such as the intel netsctructure ssl accelerators (drop-in https-http ethernet bridge). they had working support and drivers for 3.x, developed in-house and i started hacking up the code for 4.x, but then i left the company (had to leave the hardware there, of course). as far as i got, my experience with ssl handshake processing in hardware showed me a great improvement, since openssl plugs in the hardware to create random and to create session keys. stream crypto is spoken on the host, but this is done fast and very effieciently. if you offload the handshakes to the iron, most of you sysload goes away, of course. i did not find another vendor in europe that provides a similar chip on a pci card, doing the stuff on the iron on a very high level (the card speaks x.50x ascii armored certificates natively, as far as i could see. it would be interesting if somebody from the u.s. could join in and present a list of available hardware and corresponding vendor. if there is hardware available from a crypto-relaxed country, such as south africa or similar, this would also be _very_ interesting, IMHO. Now, if you want FreeBSD support for your hardware, all you have to do is find a willing developer whistles innocently, send him a sample board (or preferably two, for a full circuit, but one will do) with complete documentation and any additional resources you are willing and able to provide, and then wait a bit. Simply asking for someone to port the OpenBSD driver will not do - OpenBSD and FreeBSD are not very similar at the kernel level, and as others have stated before in a different context, driver source does not constitute adequate documentation. It helps, but it's neither sufficient nor necessary. as i said, there is a 3.x freebsd driver, would this help? i am not into writing drivers ;-) /k -- Sex is one of the nine reasons for reincarnation ... the other eight are unimportant. --Henry Miller KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.net/ karstenrohrbach.de -- alphangenn.net -- alphascene.org -- [EMAIL PROTECTED] GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46 Please do not remove my address from To: and Cc: fields in mailing lists. 10x PGP signature
Re: Status of encryption hardware support in FreeBSD
Karsten W. Rohrbach [EMAIL PROTECTED] writes: i think ipsec crypto abstraction into hardware is one side of the medal, but the other side -- to be polished first -- ist getting openssl onto the iron. What you're basically trying to say is that you want a userland interface to the crypto hardware, so that OpenSSL can take advatange of it if it's present? as i said, there is a 3.x freebsd driver, would this help? i am not into writing drivers ;-) Allow me to repeat myself: driver source does not constitute adequate documentation. It helps, but it's neither sufficient nor necessary. A 3.x driver *could* be ported forward to 4.x and 5.x, but the required changes are not trivial (newbus, SMPng...) and you'd still need sample boards for testing and debugging, and docs for reference when you don't understand what the existing driver is trying to do. DES -- Dag-Erling Smorgrav - [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Two Junior Kernel Hacker tasks..
sys/${MACHINE_ARCH}/compile? It makes it harder to make src/sys/compile a single simple symlink to writable storage. There is no need to make symlink in src tree. -- David ([EMAIL PROTECTED]) Are you David O'Brien or freebsd-hackers list itself? /netch To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: cloning network interfaces
On Fri, 22 Jun 2001 12:51:13 -0700 Brooks Davis [EMAIL PROTECTED] said: brooks Ok, after a week and a half of doing other things, I've got a patch brooks together which adds interface cloning based on NetBSD's code. The brooks difference is that you may pass an interface of the from gif# if you brooks don't need a specific number. The ioctl now returns a potentialy brooks modified ifreq which contains the new interface name. This changes the brooks way drivers implement cloning in that they may return a different unit brooks then they were passed and they must do their own resource management brooks rather then relying on the clone functionality in sys/net/if.c to do it brooks for them. brooks The patch is at: brooks http://people.freebsd.org/~brooks/patches/gif.diff brooks The patch can be applied as follows (you need to make the directories): brooks cd /usr/src brooks mkdir sys/modules/if_gif sys/modules/if_stf brooks patch /tmp/gif.diff brooks The patch does the following: brooks - adds interface cloning support to the kernel brooks - adds interface cloning support to ifconfig brooks - makes gif clonable brooks - makes gif usable as a module brooks - removes the need for NGIF and gif.h brooks - removes va_args usage in in_gif_input to remove a warning brooks - removes gif dependencies from stf brooks - makes stf usable as a module It seems fine to me. I just tried it on my box. You forget to include prototype change of in_gif_input() in sys/net/if_gif.h. BTW, why did you change gif_ioctl() to gif_ifioctl()? gif related modules are shared among *BSDs and maintained in KAME CVS repository. Could you please keep local changes small as possible? -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan [EMAIL PROTECTED] [EMAIL PROTECTED] ume@{,jp.}FreeBSD.org http://www.imasy.org/~ume/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Status of encryption hardware support in FreeBSD
Dag-Erling Smorgrav([EMAIL PROTECTED])@2001.06.24 18:20:53 +: Karsten W. Rohrbach [EMAIL PROTECTED] writes: i think ipsec crypto abstraction into hardware is one side of the medal, but the other side -- to be polished first -- ist getting openssl onto the iron. What you're basically trying to say is that you want a userland interface to the crypto hardware, so that OpenSSL can take advatange of it if it's present? yup, exactly. to me it seems to be a major problem to get some unified api out of openssl adressing fucnctions on the hardware -- i simply do not know how other crypto chipsets do it, i just investigated the rainbow board. they got a patch against openssl 0.9.5 i think, that glues in the driver calls instead of standard lib functions. as i said, there is a 3.x freebsd driver, would this help? i am not into writing drivers ;-) Allow me to repeat myself: driver source does not constitute adequate documentation. It helps, but it's neither sufficient nor necessary. yes yes yes ;-) you are perfectly right here. i just wanrted to mention that there is an _existant_ driver and patch against the openssl lib, also some test programs to look if the driver works, for freebsd 3.x. A 3.x driver *could* be ported forward to 4.x and 5.x, but the required changes are not trivial (newbus, SMPng...) and you'd still need sample boards for testing and debugging, and docs for reference when you don't understand what the existing driver is trying to do. sure. my impression with the rainbow guys was, that they are very open to the opensource community. they supplied a board, (user) docs and the unreleased driver/openssl code to us and i was very impressed about their attitude towards people hacking up their stuff *grin*. alas, i quit the company and i did not even start really hacking on the code to take it to a place even near to production. i see from their web page, that they now support freebsd 4.1-release, so it sounds rather appealing to me... /k -- Captain Hook died of jock itch. KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.net/ karstenrohrbach.de -- alphangenn.net -- alphascene.org -- [EMAIL PROTECTED] GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46 Please do not remove my address from To: and Cc: fields in mailing lists. 10x PGP signature
Re: Status of encryption hardware support in FreeBSD
Karsten W. Rohrbach [EMAIL PROTECTED] writes: yup, exactly. to me it seems to be a major problem to get some unified api out of openssl adressing fucnctions on the hardware -- i simply do not know how other crypto chipsets do it, i just investigated the rainbow board. they got a patch against openssl 0.9.5 i think, that glues in the driver calls instead of standard lib functions. Can you dig out this patch for me? It would be a big win if the userland interface to Soren's hardware were compatible with Rainbow's driver. yes yes yes ;-) you are perfectly right here. i just wanrted to mention that there is an _existant_ driver and patch against the openssl lib, also some test programs to look if the driver works, for freebsd 3.x. This would be useful for ensuring compatibility with Rainbow's stuff, especially if, as you say, they have a 4.1 version out now. DES -- Dag-Erling Smorgrav - [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Query: How to tell if Microsoft is using BSD TCP/IP code?
On Sun, 24 Jun 2001, Rahul Siddharthan wrote: Wes Peters said on Jun 23, 2001 at 23:28:42: Plenty of GNU stuff there, though it doesn't say so explicitly. Of course, they say it's all meant only for legacy Unix stuff. Can you substantiate your claim there is plenty of GNU stuff in Interix, or are you just talking out your ass as usual? gcc, gdb, bash, gnu emacs and a bunch more. Rik -- Virtual memory is like a game you can't win; However, without VM there's truly nothing to lose... http://www.surriel.com/ http://distro.conectiva.com/ Send all your spam to [EMAIL PROTECTED] (spam digging piggy) To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Status of encryption hardware support in FreeBSD
In article local.mail.freebsd-hackers/[EMAIL PROTECTED] you write: sure. my impression with the rainbow guys was, that they are very open to the opensource community. they supplied a board, (user) docs and the unreleased driver/openssl code to us and i was very impressed about their attitude towards people hacking up their stuff *grin*. alas, i quit the company and i did not even start really hacking on the code to take it to a place even near to production. i see from their web page, that they now support freebsd 4.1-release, so it sounds rather appealing to me... Do you have a contact address? I am going to start implementing crypto offload in the next month and would like to be able to get support for as many devices as possible. -- Jonathan To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Status of encryption hardware support in FreeBSD
In a message dated 6/24/01 12:33:25 PM Eastern Daylight Time, [EMAIL PROTECTED] writes: A 3.x driver *could* be ported forward to 4.x and 5.x, but the required changes are not trivial (newbus, SMPng...) and you'd still need sample boards for testing and debugging, and docs for reference when you don't understand what the existing driver is trying to do. I'd suggest doing a study on the benefits as well. With 1+Ghz processors, the advantages of doing this in hardware become less than in the old days. We did a study on compression hardware, and at 400Mhz is was faster to do it in software than with external hardware. The setup, write to hardware, read from hardware cycles were more than the software processing requirements. Bryan To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Status of encryption hardware support in FreeBSD
Dag-Erling Smorgrav([EMAIL PROTECTED])@2001.06.24 18:38:31 +: Karsten W. Rohrbach [EMAIL PROTECTED] writes: yup, exactly. to me it seems to be a major problem to get some unified api out of openssl adressing fucnctions on the hardware -- i simply do not know how other crypto chipsets do it, i just investigated the rainbow board. they got a patch against openssl 0.9.5 i think, that glues in the driver calls instead of standard lib functions. Can you dig out this patch for me? It would be a big win if the userland interface to Soren's hardware were compatible with Rainbow's driver. i think it would be a wise choice to ask rainbow for the current stuff, as they are stating 4.1-rel would be supported. i get back with the contact addresses to you guys off-list. /k -- Life is a sexually transmitted disease. KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.net/ karstenrohrbach.de -- alphangenn.net -- alphascene.org -- [EMAIL PROTECTED] GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46 Please do not remove my address from To: and Cc: fields in mailing lists. 10x PGP signature
Re: Status of encryption hardware support in FreeBSD
Hi, Thanks for the responses so far. First, let me say that I'm a hardware guy, and don't know all the details of FreeBSD's network stack. There is two common kind of hardware encryption acceleration, and I think they're being mixed a little here. SSL is for secure web access, and the main need is for Public Key generating. This don't really have anything to do with the IP stack. Afaik, OpenSSL is more like a extension to the web server software. IPSec is for secure communication, and the main need is for symmetric data encryption, typically using 3-DES. This need to be closely integrated in the IP stack. The boards I'm doing now, is based on a Hi/fn 7951, with is designed for VPM routers doing IPSec. It's supported in OpenBSD 2.9. And btw, hardware beats software anytime. The fastest PC processor right now is about the same speed as the slowest hardware The reason why I posted originally was the figure out who are working on these things, as I remember seing a post some time ago about work being done to import some of the IPSec work from OpenBSD. The Kame project people might be the ones to talk to, but isn't there a need for a FreeBSD specifec hardware driver anyway ? I will be happy to donate hardware to the FreeBSD project. Regards, Soren To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Status of encryption hardware support in FreeBSD
Bsdguru == Bsdguru [EMAIL PROTECTED] writes: Bsdguru I'd suggest doing a study on the benefits as well. With 1+Ghz Bsdguru processors, the advantages of doing this in hardware become Bsdguru less than in the old days. Think about the embedded market, where 486 class processors are still widely used (just like Soren's net4501) Eric Masson -- Je cherche une methode pour verifier si le port 515 est a l'ecoute. Cette requete est a envoyer d'une station Solaris vers un serveur NT. use Net::TCP; $object = new Net::TCP playstation, 515; $ok = $object-connect; -- SB in Guide du linuxien pervers To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Job Offer
Çäðàâñòâóéòå!! Âàñ ïðèâåòñòâóåò e-Marketing Center. Ïðåäëàãàåì Âàì ðåàëüíûå ñïîñîáû çàðîáîòêà. Êîíòåíò íàøåãî ïðåäëîæåíèÿ: -Multi-Level-Marketing-ïðîãðàììà ìãíîâåííîãî çàðîáîòêà -Âîçìîæíîñòü ïîëó÷åíèÿ áåñïëàòíûõ êàðò Visa, American Express, Master Card -Áåñïëàòíûå e-Marketing Books-òåõíîëîãèÿ ðàñïðîñòðàíåíèÿ è ïðîäàæè -Ëó÷øèå ïðîãðàììû ïðèâëå÷åíèÿ ðåôôåðàëîâ -Ïîäïèñêà íà ñðàññûëêó ïèñåì î âèðòóàëüíîì ìàðêåòèíãå-áåñïëàòíûå ðåêîìåíäàöèè è ò.ä. Ïîäðîáíàÿ èíôîðìàöèÿ íà íàøåì ñàéòå http://www.e-marketing.boom.ru Ñ óâàæåíèåì, e-Marketing Center = Ñîîáùåíèå ñãåíåðèðîâàíî ïî÷òîâîé ïðîãðàììîé äëÿ ðàññûëêè íîâîñòåé NewsMailer v1.3 Download: http://www.softtrade.ru/filez/emailer.zip Please go to http://www.softtrade.ru To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Status of encryption hardware support in FreeBSD
On Sun, Jun 24, 2001 at 06:38:31PM +0200, Dag-Erling Smorgrav wrote: Karsten W. Rohrbach [EMAIL PROTECTED] writes: yup, exactly. to me it seems to be a major problem to get some unified api out of openssl adressing fucnctions on the hardware -- i simply do not know how other crypto chipsets do it, i just investigated the rainbow board. they got a patch against openssl 0.9.5 i think, that glues in the driver calls instead of standard lib functions. Can you dig out this patch for me? It would be a big win if the userland interface to Soren's hardware were compatible with Rainbow's driver. I believe there is support in OpenSSL for this now (though not in the version we currently have imported; it's the OpenSSL-engine branch which supports hardware offload). Once there's a point to do so (e.g. whatever relevant kernel support), I can import this into FreeBSD. Kris PGP signature
trouble with 802.11 and kernel bridging....
I have compiled options BRIDGE into my kernel. (also options IPFIREWALL, and IPSTEALTH, but probably not important). So I booted up with ep0 and wi0 in their slots, everything is great. I set up bridging with: sysctl -w net.link.ether.bridge=1 then made sure everything was wide open: ipfw add 65500 allow all from any to any then I opened up the wireless card. First, I named it Laptop: wicontrol -q Laptop wicontrol -n Laptop wicontrol -s Laptop then I set it to Port Type = BSS (value 1) then I set Create IBSS to on (wicontrol -c 1) for good measure, made sure WEP was off: wicontrol -e 0 -- So, with it in this configuration, I plugged ep0 into my wired network, and then told a friend to try to use my laptop as a base station. Their computer saw me just fine...although it asked for a password to get on, which was odd - I ended up having to `wicontrol -k 12345 1` and then have him use that as his password, and then he got on just fine. Two problems I would like help with: 1. He could not talk to the wired network - even though he was on my wireless LAN and I had bridging properly set up on the machine. I feel as if he should have just talked right through to the network on the other side as if my laptop was not even there (being just the wireless access point and nothing more) 2. (this is more minor) how come his client (macOS 9.1) thought it needed a password to get onto my link ? I had just booted the machine, so all key values were set to default of , and _further_, as you can see above, I turned WEP off anyway ... I should not have had to set the 12345 key like I did. It did work when I did that, but it is odd. And even when it did work, it still didn't do the bridging I am talking about in question 1. - A few ideasfirst, perhaps I need to be in peer-to-peer mode to do this instead of port type=BSS ? However, I would really like this laptop to _act like_ a base station and have multiple clients to connect to it simultaneously - it is my understanding that if I want that I should do port type=BSS _and_ I should do Create IBSS=1 (yes) ... should I not do this same thing for when I only have one person connecting ? I would think not. And yes, I did see in the man page where create IBSS=1 is sometimes not functional - is it totally broken, or should I at least be able to use it like I am trying.. ? any comments, help appreciated, LT _ Get your FREE download of MSN Explorer at http://explorer.msn.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Two Junior Kernel Hacker tasks..
In message [EMAIL PROTECTED] [EMAIL PROTECTED] writes: : On Fri, Jun 22, 2001 at 12:42:36PM -0600, Warner Losh wrote: : Please use ${MACHINE}, not ${MACHINE_ARCH}. That way I can build : GENERIC for both i386 and pc98 at the same time without resorting to : the GENERIC98 hack I use now. : ... : I'd be up for doing this, so long as I got to choose where to build : into :-) : : sys/arch/${MACHINE}/compile/FOO : : but that would start the arch bikeshed. I'd love to just do it. : : : Which is another good reason for sys/compile/${MACHINE}/FOO : Otherwise where DOES the pc98 kernel builds happen? Under the : non-existant sys/pc98/ ? sys/pc98 does exist. Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Two Junior Kernel Hacker tasks..
In message [EMAIL PROTECTED] [EMAIL PROTECTED] writes: : Sure, sounds good. Actually, with mjacob's suggestion, I would go with : sys/${MACHINE}/compile/FOO : : pc98 and powerpc variations will make this ugly. No they won't. pc98 is the reason that this *MAKES* sense. Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: include directive in config(8) (was: Two Junior Kernel Hacker tasks..)
Is there a way to undef an option? Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Two Junior Kernel Hacker tasks..
In message [EMAIL PROTECTED] [EMAIL PROTECTED] writes: : On Fri, Jun 22, 2001 at 10:50:00AM -0700, Matthew Jacob wrote: : Why can't we do it like NetBSD and have : : sys/${MACHINE_ARCH}/compile? : : It makes it harder to make src/sys/compile a single simple symlink to : writable storage. Generally, most people will have at most one or two architectures, so the symlink isn't that hard to do. Also, since most people wanting to do this could also just specify the command line option to config. Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Two Junior Kernel Hacker tasks..
In message [EMAIL PROTECTED] [EMAIL PROTECTED] writes: : Which is another good reason for sys/compile/${MACHINE}/FOO : Otherwise where DOES the pc98 kernel builds happen? Under the : non-existant sys/pc98/ ? David, a simple ls to sys/pc98 shows that it is populated with lots of files. % ls ~/FreeBSD/src/sys/pc98 CVS apm confi386pc98 So that's not an argument against it. : With powerpc, we are going to have a lot of different ports ala : i386/pc98 (that have the same MAHINCE_ARCH, but different MACHINE) if : NetBSD is any indication. : : Even more data that IMHO makes sys/compile/${MACHINE}/FOO make more : sense. Actually, I don't think it argues in favor of sys/compile/${MACHINE}/FOO at all. *ALL* ${MACHINE} ports must have a sys/${MACHINE} in the current scheme. That's by definition. I also think that as we get more and more ports for power pc, we'll see more people that need/want to do cross compiling or having one tree for multiple ports. Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: include directive in config(8) (was: Two Junior Kernel Hacker tasks..)
Warner Losh [EMAIL PROTECTED] writes: Is there a way to undef an option? I thought about this, too. Right now there isn't a way to do that, and neither OpenBSD nor NetBSD have one AFAIK. That said, I think it would be trivial to implement. The list of options and devices is a simple linked list (mind you, it's a home-grown one, not queue(3)); it shouldn't be too hard to implement unoption and undevice directives. Dima Dorfman [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
auto-detect an inserted audio cd?
I poked though the archives, but didn't see anything that pointed to this: is there proscribed method for auto-detecting the insertion/ejection of an audio CD? I'm hoping for some daemon that provides notification events, rather than me having to write my on C code. :/ I'm looking for something like 'vold', but for BSD. Any ideas? -- Brian 'you Bastard' Reichert[EMAIL PROTECTED] 37 Crystal Ave. #303Daytime number: (603) 434-6842 Derry NH 03038-1713 USA Intel architecture: the left-hand path To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
DVD IOCTLs on IDE?
Has anyone looked at DVD ioctls on IDE? It took me some time to realize (even after reading the source a couple of times) that the current DVD ioctls only apply to SCSI. Dave. -- |David Gilbert, Velocet Communications. | Two things can only be | |Mail: [EMAIL PROTECTED] | equal if and only if they | |http://www.velocet.net/~dgilbert | are precisely opposite. | =GLO To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: DVD IOCTLs on IDE?
On Sun, Jun 24, 2001 at 05:52:54PM -0400, David Gilbert wrote: Has anyone looked at DVD ioctls on IDE? It took me some time to realize (even after reading the source a couple of times) that the current DVD ioctls only apply to SCSI. 'Looked at'? What do you mean? People have been making use of IDE DVD-ROM drives for quite a while now... Dave. -- Brian 'you Bastard' Reichert[EMAIL PROTECTED] 37 Crystal Ave. #303Daytime number: (603) 434-6842 Derry NH 03038-1713 USA Intel architecture: the left-hand path To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: include directive in config(8) (was: Two Junior Kernel Hacker tasks..)
Dima Dorfman [EMAIL PROTECTED] writes: Warner Losh [EMAIL PROTECTED] writes: Is there a way to undef an option? I thought about this, too. Right now there isn't a way to do that, and neither OpenBSD nor NetBSD have one AFAIK. That said, I think it would be trivial to implement. The list of options and devices is a simple linked list (mind you, it's a home-grown one, not queue(3)); it shouldn't be too hard to implement unoption and undevice directives. how about undef options XXX and undef device XXX, etc. ? Cyrille. -- home: mailto:[EMAIL PROTECTED] UNIX is user-friendly; it's just particular work: mailto:[EMAIL PROTECTED] about who it chooses to be friends with. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
help on mounting linux partition
Hi, I've sent this to freebsd-questions but no luck yet. I am using freebsd 4.0. and failed to mount a Linux partition on the second hard disk. Could you please shed some light? Thanks very much Weiguang == bash-2.04# fdisk /dev/ad1 *** Working on device /dev/ad1 *** parameters extracted from in-core disklabel are: cylinders=1653 heads=255 sectors/track=63 (16065 blks/cyl) Figures below won't work with BIOS for partitions not in cyl 1 parameters to be used for BIOS calculations are: cylinders=1653 heads=255 sectors/track=63 (16065 blks/cyl) Media sector size is 512 Warning: BIOS sector numbering starts with sector 1 Information from DOS bootblock is: The data for partition 1 is: sysid 131,(Linux filesystem) start 63, size 8225217 (4016 Meg), flag 0 beg: cyl 0/ sector 1/ head 1; end: cyl 511/ sector 63/ head 254 The data for partition 2 is: UNUSED The data for partition 3 is: UNUSED The data for partition 4 is: UNUSED bash-2.04# /bin/ls /dev/ad1* /dev/ad1/dev/ad1c /dev/ad1f /dev/ad1s1 /dev/ad1s4 /dev/ad1a /dev/ad1d /dev/ad1g /dev/ad1s2 /dev/ad1b /dev/ad1e /dev/ad1h /dev/ad1s3 bash-2.04# mount -t ext2fs /dev/ad1s1 /mnt/work ext2fs: /dev/ad1s1: Invalid argument bash-2.04# uname -a FreeBSD newby-nfr.cs.ualberta.ca 4.0-RELEASE FreeBSD 4.0-RELEASE #1: Tue May i386 unknown _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: DVD IOCTLs on IDE?
Brian == Brian Reichert [EMAIL PROTECTED] writes: Brian On Sun, Jun 24, 2001 at 05:52:54PM -0400, David Gilbert wrote: Has anyone looked at DVD ioctls on IDE? It took me some time to realize (even after reading the source a couple of times) that the current DVD ioctls only apply to SCSI. Brian 'Looked at'? What do you mean? People have been making use of Brian IDE DVD-ROM drives for quite a while now... From the dvdio.h CVS comment: MFC, DVD ioctls. scsi_cd.c rev 1.36 scsi_cd.h rev 1.4 dvdio.h rev 1.3 ... One issue is that dvdio.h seems to be missing structure items that are required by dvd software. I have attempted to compile livid (oms) and videolan ... both which at least talk about working on BSD. Livid refuses to compile because dvdio.h is missing certain structure members. videolan compiles and runs, but refuses to recognise a DVD in the player (I've tried several DVDs). My IDE DVD player probes as: acd0: DVD-ROM TOSHIBA DVD-ROM SD-M1502 at ata2-master using PIO4 ... and can successfully mount a DVD-ROM... they just don't play with any of the software I've been able to find. Most recently, I downloaded a copy of another package mentioned on /., but it dies looking for libdl.so ... which I assume is a stupid linux dependancy, so I havn't been chasing it. Dave. -- |David Gilbert, Velocet Communications. | Two things can only be | |Mail: [EMAIL PROTECTED] | equal if and only if they | |http://www.velocet.net/~dgilbert | are precisely opposite. | =GLO To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: DVD IOCTLs on IDE?
On Sunday 24 June 2001 20:12, David Gilbert wrote: ... One issue is that dvdio.h seems to be missing structure items that are required by dvd software. I have attempted to compile livid (oms) and videolan ... both which at least talk about working on BSD. Livid refuses to compile because dvdio.h is missing certain structure members. videolan compiles and runs, but refuses to recognise a DVD in the player (I've tried several DVDs). My IDE DVD player probes as: I have also noticed that the FreeBSD dvdio.h is different then the NetBSD and Linux versions (possibly the OpenBSD as well) Is there any reason that linux and the other *bsd's seem to have one setup and ours is different? I have had moderate success using xine with captiancss, but it is rather crashprone. I have also been able to get the libcss from livid to compile using patches i found on a list somewhere, but it never seemed to work for me. Does anbody know of a good, stable way to play dvd movies on FreeBSD? Dave. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Status of encryption hardware support in FreeBSD
In article local.mail.freebsd-hackers/[EMAIL PROTECTED] you write: Hi, Thanks for the responses so far. First, let me say that I'm a hardware guy, and don't know all the details of FreeBSD's network stack. There is two common kind of hardware encryption acceleration, and I think they're being mixed a little here. SSL is for secure web access, and the main need is for Public Key generating. This don't really have anything to do with the IP stack. Afaik, OpenSSL is more like a extension to the web server software. IPSec is for secure communication, and the main need is for symmetric data encryption, typically using 3-DES. This need to be closely integrated in the IP stack. The boards I'm doing now, is based on a Hi/fn 7951, with is designed for VPM routers doing IPSec. It's supported in OpenBSD 2.9. And btw, hardware beats software anytime. The fastest PC processor right now is about the same speed as the slowest hardware The reason why I posted originally was the figure out who are working on these things, as I remember seing a post some time ago about work being done to import some of the IPSec work from OpenBSD. The Kame project people might be the ones to talk to, but isn't there a need for a FreeBSD specifec hardware driver anyway ? Yes; the hardware will need a specific driver for the board. Also, the interface into the IP stack needs to be defined as well, this depends on what capabilities the board can provide. ISTR that various boards have different requirements from the stack, and one item that I'm focusing on is to try to work out an approach that will work for various chips on the market. Hopefully, this can be done in much the same way as the TCP/UDP/IP hardware checksum offload code that I did earlier. As such, the more information I get about the the interfaces the hardware requires the better. Of course, in order to write a driver for FreeBSD, I'd need complete programming details as well. I will be happy to donate hardware to the FreeBSD project. I'll contact you offline about this. -- Jonathan To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: trouble with 802.11 and kernel bridging (more)
ok, thank you! This explains my inability to perform bridging like I expected to I've been told the wi driver can't do bridging. The Cisco/Aironet an driver can. Patches were submitted so you can do this. They are in the tree. If I want to turn a PC into a full-blown access point, should I set wicontrol to peer to peer (3) or BSS (1) ? Secondly, should I turn on the create BSS (I am almost positive I should) - but this leads me to: thirdly, are the fixes that allow wi to create BSS also in the tree ? or does the man page warning that it does not work still valid ? (I was using 4.3-RELEASE, btw) thanks. LT _ Get your FREE download of MSN Explorer at http://explorer.msn.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
What happens to a connection between a select and accept...
Quick question. Anyone know how gracefully the kernel handles a socket connection that is killed by the client between a select and accept call? I don't expect any problems, but I know there was a race condition in Linux that caused all kinds of nasty bugs and problems. Granted it's like comparing apples and oranges but, I'm wondering if anyone has any words of wisdom regarding this. Debugging this kind of a race condition isn't exactly my idea of a good time. ;~) -sc -- Sean Chittenden PGP signature
Re: trouble with 802.11 and kernel bridging (more)
list tracker wrote: ok, thank you! This explains my inability to perform bridging like I expected to I've been told the "wi" driver can't do bridging. The Cisco/Aironet "an" driver can. Patches were submitted so you can do this. They are in the tree. If I want to turn a PC into a full-blown "access point", should I set wicontrol to peer to peer (3) or BSS (1) ? AP functions require the card to act TOTALLY DIFFERENTLY. It requires diferent firmware in the card. There is in development (it was shown atthe FreeBSD user's group this month) a version of the wi driver that loads in the AP firmware and runs the card as an AP but it is not completed yet. Secondly, should I turn on the "create BSS" (I am almost positive I should) - but this leads me to: thirdly, are the fixes that allow wi to "create BSS" also "in the tree" ? or does the man page warning that it does not work still valid ? (I was using 4.3-RELEASE, btw) thanks. LT _ Get your FREE download of MSN Explorer at http://explorer.msn.com To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message -- ++ __ _ __ | __--_|\ Julian Elischer | \ U \/ / hard at work in | / \ [EMAIL PROTECTED] +--x USA\ a very strange | ( OZ)\___ ___ | country ! +- X_.---._/presently in San Francisco \_/ \\ v To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: include directive in config(8) (was: Two Junior Kernel Hacker tasks..)
Mon, Jun 25, 2001 at 00:05:36, clefevre-lists (Cyrille Lefevre) wrote about Re: include directive in config(8) (was: Two Junior Kernel Hacker tasks..): how about undef options XXX and undef device XXX, etc. ? s/undef/no/ I like Cisco style ;))) /netch To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: Status of encryption hardware support in FreeBSD
Soren Kristensen [EMAIL PROTECTED] writes: SSL is for secure web access, and the main need is for Public Key generating. This don't really have anything to do with the IP stack. Afaik, OpenSSL is more like a extension to the web server software. Try 'man openssl', or just 'openssl -help'. You'll be surprised... DES -- Dag-Erling Smorgrav - [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: pthread/longjmp/signal problem
Thu, Jun 21, 2001 at 10:55:10, louisphilippe (Louis-Philippe Gagnon) wrote about pthread/longjmp/signal problem: I've been trying to implement a IsBadReadPtr-style function in FreeBSD by using signal handlers and longjmp/setjmp. It seemed to work as expected, until I started using the -pthread option to gcc (thus linking against libc_r). Now the function only works on the first call; subsequent calls hang on the segmentation fault. libc_r provides its own signal handling. sigaction() called by you is libc_r function which replaces your handler with its own and record your handler in its private data. On SIGSEGV, not your handler is called, but libc_r's: 1370 lou CALL write(0x2,0xbfbff050,0xf) 1370 lou GIO fd 2 wrote 15 bytes before sigsegv 1370 lou RET write 15/0xf 1370 lou PSIG SIGSEGV caught handler=0x28072444 mask=0x0 code=0x0 1370 lou CALL sigprocmask(0x3,0x2807f0d8,0) 1370 lou RET sigprocmask 0 1370 lou CALL sigaltstack(0x28084aa0,0) 1370 lou RET sigaltstack 0 1370 lou CALL write(0x2,0xbfbfecf0,0xb) 1370 lou GIO fd 2 wrote 11 bytes in handler 1370 lou RET write 11/0xb 1370 lou CALL write(0x2,0xbfbff050,0x13) 1370 lou GIO fd 2 wrote 19 bytes longjmp successful Your handler doesn't contain sigaltstack() call, does it? ;) With longjmp, you destruct libc_r's internals because it can't do needed cleanups. Basically, the app registers a signal handler for SIGSEGV, initializes a setjmp() buffer, then provokes a segmentation fault. The expected behavior is for the signal handler to get called, which will longjmp() bask to main, where another segmentation fault will occur, which repeats the process. After 10 times, the if(y=10) condition makes the program exit. You cannot do longjmp() out from signal handler with libc_r. If you nevertheless want to implement your function, you should 1) Block all signals except SIGSERV via sigprocmask(); especially block SIGVTALRM (libc_r on-timer switching signal) 2) Call __sys_sigaction() instead of sigaction(), to call real syscall and not libc_r wrapper. Don't forget to restore previous handler with the same call after restoring. 3) Really call test and handle return from signal handler. 4) Restore kernel's sigaction and sigprocmask. And this way uses undocumented implementation details of libc_r and can stop to work in any moment. Out of curiosity, I tried installing the linuxthreads port and using that : this actually works, but I may not be able to use it as a permanent solution. linuxthreads uses another approach. But it also deals with signal handlers. /netch To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: What happens to a connection between a select and accept...
Sean Chittenden [EMAIL PROTECTED] writes: Quick question. Anyone know how gracefully the kernel handles a socket connection that is killed by the client between a select and accept call? I don't expect any problems, but I know there was a race condition in Linux that caused all kinds of nasty bugs and problems. There was one in FreeBSD too. It's been fixed; accept(2) will return -1 and set errno to ECONNABORTED, which you'd know if you'd RTFM. DES -- Dag-Erling Smorgrav - [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-hackers in the body of the message
Re: What happens to a connection between a select and accept...
There was one in FreeBSD too. It's been fixed; accept(2) will return -1 and set errno to ECONNABORTED, which you'd know if you'd RTFM. Already RTFM'd. The following was a tad vague and it led me to be a skeptic. It is possible to select(2) a socket for the purposes of doing an accept() by selecting it for read. Thanks for your help though, that was what I was hoping to hear! -sc -- Sean Chittenden PGP signature
Re: DVD IOCTLs on IDE?
On Sun, Jun 24, 2001 at 08:12:28PM -0400, David Gilbert wrote: Brian == Brian Reichert [EMAIL PROTECTED] writes: Brian On Sun, Jun 24, 2001 at 05:52:54PM -0400, David Gilbert wrote: Has anyone looked at DVD ioctls on IDE? It took me some time to realize (even after reading the source a couple of times) that the current DVD ioctls only apply to SCSI. Brian 'Looked at'? What do you mean? People have been making use of Brian IDE DVD-ROM drives for quite a while now... From the dvdio.h CVS comment: MFC, DVD ioctls. scsi_cd.c rev 1.36 scsi_cd.h rev 1.4 dvdio.h rev 1.3 ... One issue is that dvdio.h seems to be missing structure items that are required by dvd software. I have attempted to compile livid (oms) and videolan ... both which at least talk about working on BSD. Livid refuses to compile because dvdio.h is missing certain structure members. videolan compiles and runs, but refuses to recognise a DVD in the player (I've tried several DVDs). My IDE DVD player probes as: Try getting the latest videolan source from their CVS repository. I have vlc working here quite nicely after sending the vlc guys a patch for using only sector aligned reads on DVDs. Unfortunately the patch didn't make it into the current release, but is in CVS now. --gt PGP signature