Re: Low latency High Frequency Trading
On 10 Nov 2012, at 00:56, Ryan McBride mcbr...@openbsd.org wrote: http://www.brocade.com/solutions-technology/enterprise/application-delivery/fix-financial-applications/index.page From the product info: Client identity may be based on a choice of Layer 3 (IP), Layer 4 (TCP Port) and Layer 7 (FIX header SenderCompID field) information. ohmigod. Sounds like people who earn my trust based on their uncompromising attention to detail with which they design highly secure systems. Important for stuff like moving money around (even if imaginary). fl
Re: question about built-in support for full disk encryption
On 11/10/12, Barry Grumbine barry.grumb...@gmail.com wrote: On Fri, Nov 9, 2012 at 7:58 PM, hepta tor hepta...@gmail.com wrote: Hi Are there any plans to provide some simple ways for full disk encryption in OpenBSD? I now that there are some approaches/tools to encrypt volumes, but I'd like to know if it also possible to encrypt the boot and swap partitions and have simple means for this. In the FAQ it says: If an attacker has physical access to your system, they win, regardless of the OS on the computer. There are ways to force the use of a password on single-user mode (see ttys(5)), or eliminate the pause on i386/amd64 (see boot.conf), but practically speaking, getting around those tricks is also pretty easy (One way: boot floppy or CDROM, edit or replace password file). You can try to prevent that, but then someone will pull the hard disk out of your computer. Making your computer difficult to manage properly isn't real security, and if you don't have the physical machine secured, you have no real security. Does this mean that OpenBSD doesn't strive to provide any build-in security when you don't have the physical machine secured? thanks! hepta Read this thread: http://marc.info/?l=openbsd-miscm=135198427413548w=2 run -current. Thanks for the pointer. Do you know if there are any guidelines on how to configure FDE with what's implemented in -current? At http://geekyschmidt.com/2011/01/19/configuring-openbsd-softraid-fo-encryption there is a kind of mini tutorial on how to configure softraid for encryption - does anyone know if this is compatible with what's implemented in -current? -h
Re: Low latency High Frequency Trading
On Thu, Nov 8, 2012 at 12:58 PM, Ariel Burbaickij ariel.burbaic...@gmail.com wrote: If money is not a problem -- go buy high-trading on the chip solutions and have sub-microsecond resolution. http://lmgtfy.com/?q=high+frequency+trading+FPGA Seconded as a much more viable approach. The existing multicast approach for such data is much like trying to hurl apple pies with F-6 jets. By the time you've packaged the original data, blown it across the wire, re-assembled it, *and tagged and checksummed it for validity and correct packet order*, you're rarely any faster than a normal TCP transmission. This doesn't matter much for streaming video, but when you're talking about billion dollar stock prices and tracking and responding to very small changes in prices of large companies, the validity of each packet becomes critical. Other factors also start becoming critical. Normal kernels on aren't very good about consistently treating one service as incredibly high priority *and evening out the delays as they handle other processes* too keep behavior consistent. That's why I would *never* run such processing on Windows, between fancy graphics, unnecessary daemons, and critical anti-virus software, you just don't know when things will be delayed. And that's one of the many reasons that the ability to use FPGA'a, which entirely sidestep the what else is the kernel doing process, are ideal for putting on much smaller, more module devices. And the devices don't need anything so powerful or complex as even a stripped, optimized, BSD style kernel. (Though these can admittedly be very lean and very fast as OS kernels go.)
Re: question about built-in support for full disk encryption
On Sun, Nov 11, 2012 at 11:20:53AM +, hepta tor wrote: On 11/10/12, Barry Grumbine barry.grumb...@gmail.com wrote: On Fri, Nov 9, 2012 at 7:58 PM, hepta tor hepta...@gmail.com wrote: Read this thread: http://marc.info/?l=openbsd-miscm=135198427413548w=2 run -current. Thanks for the pointer. Do you know if there are any guidelines on how to configure FDE with what's implemented in -current? At http://geekyschmidt.com/2011/01/19/configuring-openbsd-softraid-fo-encryption there is a kind of mini tutorial on how to configure softraid for encryption - does anyone know if this is compatible with what's implemented in -current? -h I'd say this one is better: http://www.undeadly.org/cgi?action=articlesid=20110530221728 (disclaimer: I wrote it :) The article is a bit outdated but generally it should still be valid. Recompiling the kernel to hard-code the root device isn't necessary anymore. In 5.2 (perhaps even 5.1?) the root device will be found automatically if you run installboot on the crypto disk rather than the physical disk. With -current, you could also try to take advantage of the newly added crypto boot feature, but you'll have to use a passphrase instead of a key disk. Such a setup is probably a bit easier to maintain but I haven't tried it myself yet. Note that since the installer cannot install or upgrade such systems without manual intervention, a full disk encryption system is still a rather uncommon experimental setup. I would not recommended it unless you are comfortable with this limitation. At the very least, try to install and upgrade such a system before committing to using it in production. If you've never used softraid crypto before, perhaps encrypting just one partion, such as /home, is easier to get started with.
having tcp.established problem with carp + pfsync setup on 5.2
Hi! While switching two node carp + pfsync active/passive firewall nodes over like fw1# ifconfig -g carp carpdemote 50 i get idle tcp sessions hanging. I noticed that slave does not honour 'expires in' values of respective master's states and instead uses packet filter's default (defined with set timeout tcp.established n). In my case the problem arises with rules which set tcp.established longer than the default - since after switchover states expire as default tcp.established says, it soon forgets about theses states and tcp connections hang. I dont think it is special to my hardware, networking gear or packet filter, but to more sure, i set up two firewalls onto ESXi guestis with packet filter reduced to more-or-less minimal, like this if_ext = em0 if_int = em1 if_mgmt = em2 if_carp_ext = carp181 if_carp_int = carp182 server= 10.80.182.11 icmp_types = echoreq tcpopts = flags S/SA modulate state tcpopts_llc = flags S/SA modulate state (tcp.established 600) set loginterface $if_ext set timeout tcp.established 300 set skip on lo block in log on $if_ext label NIext_default block out log on $if_ext label NOext_default block in log on $if_int label NIint_default block out log on $if_int label NOint_default block in log on $if_mgmt label NIint_default block out log on $if_mgmt label NOint_default pass quick on $if_ext proto carp keep state (no-sync) pass quick on $if_int proto carp keep state (no-sync) pass quick on $if_mgmt proto pfsync keep state (no-sync) pass in quick on $if_ext inet proto tcp to $server port { 22 } tag TO_SERVER $tcpopts_llc label YIext_to_server pass in quick on $if_int inet proto tcp from $server port { 22 } tag FROM_SERVER $tcpopts_llc label YIint_from_server pass quick inet proto icmp icmp-type echoreq label pinging pass out quick on $if_int tagged TO_SERVER $tcpopts_llc label YOint to http server pass out quick on $if_ext tagged FROM_SERVER $tcpopts_llc label YOext from http server pass in quick on $if_mgmt inet from 172.19/16 keep state (no-sync) pass out on $if_mgmt inet from $if_mgmt label JVext_from_tm_to_mgmt keep state (no-sync) pass out on $if_int inet from $if_int label JVext_from_tm_to_int keep state (no-sync) pass out on $if_ext inet from $if_ext label JVext_from_tm_to_ext keep state (no-sync) carp and pf sync is like this fw1# cat /etc/hostname.pfsync0 up syncdev em2 syncpeer 10.0.13.159 fw1# cat /etc/hostname.carp18* inet 10.80.181.1 255.255.255.0 10.80.181.255 advskew 120 vhid 181 carpdev em0 pass lanpw181 description internet inet 10.80.182.1 255.255.255.0 10.80.182.255 advskew 120 vhid 182 carpdev em1 pass lanpw182 description intranet (I explore states with pftop and pfctl -vvvss). And to make matters worse, having carp + pfync working long tcp sessions hang anyway i.e. if master stays (and isnt switched over), because slave with smaller 'expires in' values clears respective states also from operational master. I can think of two workarounds 1. no configure tcp.established per rule (although i have somehow grown to have ssh sessions thru firewall have longer expires in's that say http states, 10 days vs 30 minutes) 2. create pfsync0 devices only when needed and look out not using them longer than minimal tcp.establised is (this is what i am doing now) I wish someone comments on this whether i am doing still something wrong pf-wise, there are some knobs i am unaware or really carp+pfsync+pf needs some more dev-love :) Best regards Imre
Re: question about built-in support for full disk encryption
On Sun, Nov 11, 2012 at 11:20:53AM +, hepta tor wrote: Thanks for the pointer. Do you know if there are any guidelines on how to configure FDE with what's implemented in -current? At http://geekyschmidt.com/2011/01/19/configuring-openbsd-softraid-fo-encryption there is a kind of mini tutorial on how to configure softraid for encryption - does anyone know if this is compatible with what's implemented in -current? Nothing that I'm aware about at the moment. The lack of documentation had me confused a couple of days, wasting time on old and complicated approaches (i.e your link above) but thanks to jirib, I managed to get it working: ---8--- no, no... make sd0a as RAID partion, do _not_ create sd0b as swap, then bioctl kung-fu with passphrase, and install onto sd1 as usual. Then I think it would be wise to change /mnt/etc/sysctl.conf to have this vm.swapencrypt.enable=0 as sd1 is crypt volume anyway... After reboot, boot will ask you for passphrase and then normal boot occurs (yes, boot can access kernel on crypto volume after passphrase). Enjoy. jirib ---8--- It's real simple. This is what I did. My physical disk is sd0 and I'm booting bsd.rd from a usb stick at sd1: Boot from install media and go to shell. In disklabel, create a single root partition (a) of type RAID that spans the whole OpenBSD area allocated in fdisk. Don't create swap (b) or any other partitions. # bioctl -C force -c C -l /dev/sd0a softraid 0 You'll be asked for passphrase and bioctl will create a crypto volume at sd2 (since sd0 is my physical disk and sd1 is the usb stick I'm booting from). Create the sd2 device so it becomes accessible for the install program: # cd /dev # sh ./MAKEDEV sd2 Enter back into the install program: # cd / # install When asked which disk to initialize, select the crupto volume (in my case sd2). Follow jirib's advices above. The new boot code is wonderful. The only thing that is not working is the option to use a keydisk. Regards, Erling
Re: uhub error
On Sun, Nov 11, 2012 at 08:14:49AM +0100, Tomas Bodzar wrote: On Sun, Nov 11, 2012 at 2:53 AM, Chris Chung chunc...@gmail.com wrote: Hello, When attempting to connect an external hard drive through a usb port I'm receiving the error below. I can sucessfully mount my dvd drive and sd memory cards without issue. This could be a hardware issue, but I'm not sure. I have read the relevant FAQ sections along with the man pages for disklabel and mount but still at a loss, so any additional insights would be appreciated. # /var/log/messages openbox /bsd: uhub5: device problem, disabling port 2 From code http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/usb/uhub.c?rev=1.59 if (err) { DPRINTFN(-1,(uhub_explore: usbd_new_device failed, error=%s\n, usbd_errstr(err))); /* Avoid addressing problems by disabling. */ /* usbd_reset_port(dev, port, up-status); */ /* * The unit refused to accept a new address, or had * some other serious problem. Since we cannot leave * at 0 we have to disable the port instead. */ printf(%s: device problem, disabling port %d\n, sc-sc_dev.dv_xname, port); usbd_clear_port_feature(dev, port, UHF_PORT_ENABLE); # dmesg OpenBSD 5.1 (GENERIC.MP) #188: Sun Feb 12 09:55:11 MST 2012 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel(R) Core(TM)2 Duo CPU P9600 @ 2.66GHz (GenuineIntel 686-class) 2.67 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,LONG,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,LAHF real mem = 3178491904 (3031MB) avail mem = 3116384256 (2972MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 03/17/11, BIOS32 rev. 0 @ 0xfdc50, SMBIOS rev. 2.4 @ 0xe0010 (80 entries) bios0: vendor LENOVO version 6FET88WW (3.18 ) date 03/17/2011 bios0: LENOVO 4063HK6 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET SLIC BOOT ASF! SSDT TCPA SSDT SSDT SSDT acpi0: wakeup devices LID_(S3) SLPB(S3) UART(S3) IGBE(S4) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4) EXP4(S4) PCI1(S4) USB0(S3) USB3(S3) USB5(S3) EHC0(S3) EHC1(S3) HDEF(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpiec0 at acpi0 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 266MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU P9600 @ 2.66GHz (GenuineIntel 686-class) 2.67 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,LONG,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,LAHF ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpimcfg0 at acpi0 addr 0xe000, bus 0-63 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (AGP_) acpiprt2 at acpi0: bus 2 (EXP0) acpiprt3 at acpi0: bus 3 (EXP1) acpiprt4 at acpi0: bus -1 (EXP2) acpiprt5 at acpi0: bus 5 (EXP3) acpiprt6 at acpi0: bus 13 (EXP4) acpiprt7 at acpi0: bus 21 (PCI1) acpicpu0 at acpi0: C3, C2, C1, PSS acpicpu1 at acpi0: C3, C2, C1, PSS acpipwrres0 at acpi0: PUBS acpitz0 at acpi0: critical temperature is 127 degC acpitz1 at acpi0: critical temperature is 100 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: SLPB acpibat0 at acpi0: BAT0 model 42T4620 serial 1283 type LION oem Panasonic acpibat1 at acpi0: BAT1 not present acpiac0 at acpi0: AC unit offline acpithinkpad0 at acpi0 acpidock0 at acpi0: GDCK not docked (0) bios0: ROM list: 0xc/0x1! 0xd/0x1000 0xd1000/0x1000 0xd2000/0x1000 0xde000/0x1800! 0xe/0x1 cpu0: Enhanced SpeedStep 2661 MHz: speeds: 2667, 2666, 2133, 1600, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel GM45 Host rev 0x07 vga1 at pci0 dev 2 function 0 Intel GM45 Video rev 0x07 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1: apic 1 int 16 drm0 at inteldrm0 Intel GM45 Video rev 0x07 at pci0 dev 2 function 1 not configured Intel GM45 HECI rev 0x07 at pci0 dev 3 function 0 not configured puc0 at pci0 dev 3 function 3 Intel GM45 AMT SOL rev 0x07: ports: 1 com com3 at puc0 port 0 apic 1 int 17: ns16550a, 16 byte fifo com3: probed fifo depth: 0 bytes em0 at pci0 dev 25 function 0
Re: uhub error
On Sun, Nov 11, 2012 at 5:15 PM, Chris Chung chunc...@gmail.com wrote: On Sun, Nov 11, 2012 at 08:14:49AM +0100, Tomas Bodzar wrote: On Sun, Nov 11, 2012 at 2:53 AM, Chris Chung chunc...@gmail.com wrote: Hello, When attempting to connect an external hard drive through a usb port I'm receiving the error below. I can sucessfully mount my dvd drive and sd memory cards without issue. This could be a hardware issue, but I'm not sure. I have read the relevant FAQ sections along with the man pages for disklabel and mount but still at a loss, so any additional insights would be appreciated. # /var/log/messages openbox /bsd: uhub5: device problem, disabling port 2 From code http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/usb/uhub.c?rev=1.59 if (err) { DPRINTFN(-1,(uhub_explore: usbd_new_device failed, error=%s\n, usbd_errstr(err))); /* Avoid addressing problems by disabling. */ /* usbd_reset_port(dev, port, up-status); */ /* * The unit refused to accept a new address, or had * some other serious problem. Since we cannot leave * at 0 we have to disable the port instead. */ printf(%s: device problem, disabling port %d\n, sc-sc_dev.dv_xname, port); usbd_clear_port_feature(dev, port, UHF_PORT_ENABLE); # dmesg OpenBSD 5.1 (GENERIC.MP) #188: Sun Feb 12 09:55:11 MST 2012 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel(R) Core(TM)2 Duo CPU P9600 @ 2.66GHz (GenuineIntel 686-class) 2.67 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,LONG,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,LAHF real mem = 3178491904 (3031MB) avail mem = 3116384256 (2972MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 03/17/11, BIOS32 rev. 0 @ 0xfdc50, SMBIOS rev. 2.4 @ 0xe0010 (80 entries) bios0: vendor LENOVO version 6FET88WW (3.18 ) date 03/17/2011 bios0: LENOVO 4063HK6 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET SLIC BOOT ASF! SSDT TCPA SSDT SSDT SSDT acpi0: wakeup devices LID_(S3) SLPB(S3) UART(S3) IGBE(S4) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4) EXP4(S4) PCI1(S4) USB0(S3) USB3(S3) USB5(S3) EHC0(S3) EHC1(S3) HDEF(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpiec0 at acpi0 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 266MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU P9600 @ 2.66GHz (GenuineIntel 686-class) 2.67 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,LONG,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,LAHF ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpimcfg0 at acpi0 addr 0xe000, bus 0-63 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (AGP_) acpiprt2 at acpi0: bus 2 (EXP0) acpiprt3 at acpi0: bus 3 (EXP1) acpiprt4 at acpi0: bus -1 (EXP2) acpiprt5 at acpi0: bus 5 (EXP3) acpiprt6 at acpi0: bus 13 (EXP4) acpiprt7 at acpi0: bus 21 (PCI1) acpicpu0 at acpi0: C3, C2, C1, PSS acpicpu1 at acpi0: C3, C2, C1, PSS acpipwrres0 at acpi0: PUBS acpitz0 at acpi0: critical temperature is 127 degC acpitz1 at acpi0: critical temperature is 100 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: SLPB acpibat0 at acpi0: BAT0 model 42T4620 serial 1283 type LION oem Panasonic acpibat1 at acpi0: BAT1 not present acpiac0 at acpi0: AC unit offline acpithinkpad0 at acpi0 acpidock0 at acpi0: GDCK not docked (0) bios0: ROM list: 0xc/0x1! 0xd/0x1000 0xd1000/0x1000 0xd2000/0x1000 0xde000/0x1800! 0xe/0x1 cpu0: Enhanced SpeedStep 2661 MHz: speeds: 2667, 2666, 2133, 1600, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel GM45 Host rev 0x07 vga1 at pci0 dev 2 function 0 Intel GM45 Video rev 0x07 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1: apic 1 int 16 drm0 at inteldrm0 Intel GM45 Video rev 0x07 at pci0 dev 2 function 1 not configured Intel GM45 HECI rev 0x07 at pci0 dev 3 function 0 not configured puc0 at pci0 dev 3 function 3 Intel GM45 AMT SOL rev 0x07: ports: 1 com com3 at puc0 port 0 apic 1 int 17: ns16550a, 16 byte fifo
Re: question about built-in support for full disk encryption
On Sun, Nov 11, 2012 at 11:20:53AM +, hepta tor wrote: Thanks for the pointer. Do you know if there are any guidelines on how to configure FDE with what's implemented in -current? At http://geekyschmidt.com/2011/01/19/configuring-openbsd-softraid-fo-encryption there is a kind of mini tutorial on how to configure softraid for encryption - does anyone know if this is compatible with what's implemented in -current? -h 1. During installation jump to shell 2. fdisk sd0 3. disklabel sd0, so sd0a is RAID, no sd0b as swap! 4. cd /dev ; sh ./MAKEDEV sd1 ; cd / 5. bioctl -c C -l /dev/sd0a softraid0 6. dd if=/dev/zero of=/dev/rsd1c bs=1m count=1 7. /install and use sd1 as your disk for usual installation 8. couple of enters... 9. change /mnt/etc/sysctl.conf to have 'vm.swapencrypt.enable=0' 10. reboot Of course, no warranty. jirib
Re: uhub error
On Sun, Nov 11, 2012 at 07:05:43PM +0100, Tomas Bodzar wrote: On Sun, Nov 11, 2012 at 5:15 PM, Chris Chung chunc...@gmail.com wrote: On Sun, Nov 11, 2012 at 08:14:49AM +0100, Tomas Bodzar wrote: On Sun, Nov 11, 2012 at 2:53 AM, Chris Chung chunc...@gmail.com wrote: Hello, When attempting to connect an external hard drive through a usb port I'm receiving the error below. I can sucessfully mount my dvd drive and sd memory cards without issue. This could be a hardware issue, but I'm not sure. I have read the relevant FAQ sections along with the man pages for disklabel and mount but still at a loss, so any additional insights would be appreciated. # /var/log/messages openbox /bsd: uhub5: device problem, disabling port 2 From code http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/usb/uhub.c?rev=1.59 if (err) { DPRINTFN(-1,(uhub_explore: usbd_new_device failed, error=%s\n, usbd_errstr(err))); /* Avoid addressing problems by disabling. */ /* usbd_reset_port(dev, port, up-status); */ /* * The unit refused to accept a new address, or had * some other serious problem. Since we cannot leave * at 0 we have to disable the port instead. */ printf(%s: device problem, disabling port %d\n, sc-sc_dev.dv_xname, port); usbd_clear_port_feature(dev, port, UHF_PORT_ENABLE); # dmesg OpenBSD 5.1 (GENERIC.MP) #188: Sun Feb 12 09:55:11 MST 2012 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel(R) Core(TM)2 Duo CPU P9600 @ 2.66GHz (GenuineIntel 686-class) 2.67 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,LONG,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,LAHF real mem = 3178491904 (3031MB) avail mem = 3116384256 (2972MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 03/17/11, BIOS32 rev. 0 @ 0xfdc50, SMBIOS rev. 2.4 @ 0xe0010 (80 entries) bios0: vendor LENOVO version 6FET88WW (3.18 ) date 03/17/2011 bios0: LENOVO 4063HK6 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET SLIC BOOT ASF! SSDT TCPA SSDT SSDT SSDT acpi0: wakeup devices LID_(S3) SLPB(S3) UART(S3) IGBE(S4) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4) EXP4(S4) PCI1(S4) USB0(S3) USB3(S3) USB5(S3) EHC0(S3) EHC1(S3) HDEF(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpiec0 at acpi0 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 266MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU P9600 @ 2.66GHz (GenuineIntel 686-class) 2.67 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,LONG,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,LAHF ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpimcfg0 at acpi0 addr 0xe000, bus 0-63 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (AGP_) acpiprt2 at acpi0: bus 2 (EXP0) acpiprt3 at acpi0: bus 3 (EXP1) acpiprt4 at acpi0: bus -1 (EXP2) acpiprt5 at acpi0: bus 5 (EXP3) acpiprt6 at acpi0: bus 13 (EXP4) acpiprt7 at acpi0: bus 21 (PCI1) acpicpu0 at acpi0: C3, C2, C1, PSS acpicpu1 at acpi0: C3, C2, C1, PSS acpipwrres0 at acpi0: PUBS acpitz0 at acpi0: critical temperature is 127 degC acpitz1 at acpi0: critical temperature is 100 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: SLPB acpibat0 at acpi0: BAT0 model 42T4620 serial 1283 type LION oem Panasonic acpibat1 at acpi0: BAT1 not present acpiac0 at acpi0: AC unit offline acpithinkpad0 at acpi0 acpidock0 at acpi0: GDCK not docked (0) bios0: ROM list: 0xc/0x1! 0xd/0x1000 0xd1000/0x1000 0xd2000/0x1000 0xde000/0x1800! 0xe/0x1 cpu0: Enhanced SpeedStep 2661 MHz: speeds: 2667, 2666, 2133, 1600, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel GM45 Host rev 0x07 vga1 at pci0 dev 2 function 0 Intel GM45 Video rev 0x07 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1: apic 1 int 16 drm0 at inteldrm0 Intel GM45 Video rev 0x07 at pci0 dev 2 function 1 not configured Intel GM45 HECI rev 0x07 at
Re: For those shopping around for new laptops that play nice with puffy...
Mike Putnam mike at theputnams.net writes: I brought a usb stick into a retailer and found success with a Dell XPS 13 Ultrabook 4GB RAM / 128GB SSD / Intel I5 / Intel Wifi ($999.00 USD). dmesg and sysctl here: http://theputnams.net/mike/2012-11-11-dell-xps-13-ultrabook-running-openbsd- snapshot.htm Dell's Sputnik program promised XPS 13 must be Linux-friendly (no obscure ACPI tricks, wireless drivers of the box, etc). Glad to see it is OpenBSD-friendly also. Cheers, Alexey
Re: uhub error
* Chris Chung chunc...@gmail.com [12 06:30]: Hello, When attempting to connect an external hard drive through a usb port I'm receiving the error below. I can sucessfully mount my dvd drive and sd memory cards without issue. This could be a hardware issue, but I'm not sure. I have read the relevant FAQ sections along with the man pages for disklabel and mount but still at a loss, so any additional insights would be appreciated. # /var/log/messages openbox /bsd: uhub5: device problem, disabling port 2 Just a you are not alone reply. This happens to me sometimes when I connect my e-book reader (which presents itself as usb storage). This time it worked: umass0 at uhub5 port 1 configuration 1 interface 0 Linux 2.6.24.2-Boeye with s3c-udc File-backed Storage Gadget rev 2.00/3.22 addr 3 umass0: using SCSI over Bulk-Only scsibus2 at umass0: 2 targets, initiator 0 sd1 at scsibus2 targ 1 lun 0: Linux, File-Stor Gadget, 0322 SCSI2 0/direct removable serial.00850600372041756775 sd1: 1885MB, 512 bytes/sector, 3862393 sectors Controller /dev/usb0: addr 1: high speed, self powered, config 1, EHCI root hub(0x), Intel(0x8086), rev 1.00 port 1 powered port 2 powered port 3 powered port 4 powered port 5 powered port 6 addr 2: high speed, self powered, config 1, product 0x4485(0x4485), IBM(0x04b3), rev 0.01 port 1 addr 3: high speed, power 2 mA, config 1, File-backed Storage Gadget(0x0600), Linux 2.6.24.2-Boeye with s3c-udc(0x0085), rev 3.22, iSerialNumber 372041756775 port 2 powered port 3 powered port 4 powered port 7 powered port 8 powered Controller /dev/usb1: addr 1: full speed, self powered, config 1, UHCI root hub(0x), Intel(0x8086), rev 1.00 port 1 powered port 2 powered Controller /dev/usb2: addr 1: full speed, self powered, config 1, UHCI root hub(0x), Intel(0x8086), rev 1.00 port 1 powered port 2 powered Controller /dev/usb3: addr 1: full speed, self powered, config 1, UHCI root hub(0x), Intel(0x8086), rev 1.00 port 1 powered port 2 powered Controller /dev/usb4: addr 1: full speed, self powered, config 1, UHCI root hub(0x), Intel(0x8086), rev 1.00 port 1 powered port 2 addr 2: full speed, power 100 mA, config 1, Biometric Coprocessor(0x2016), STMicroelectronics(0x0483), rev 0.01 -- Alexander Polakov | plhk.ru
Re: Thinkpad choice? -Is Nvidia tolerable for generic X?
On Sat, 10 Nov 2012 12:02:49 +0100, Peter Hessler wrote: I have a Thinkpad T430s with sandybridge (or ivybridge, I can never remember), and life isn't too bad. I can suspend/resume, watch (smaller) movies and dvds, and generally use it. Obviously I try to avoid 1080p videos, as they take a huge amount of CPU to decode. Thanks for replying Peter. Can you switch from X to a virtual console and back again? On my E320 I can't - If I try to go from X to VC I just end up with a blank page. I can return to X by doing Ctl-Alt-F5. I was hoping that the only graphics alternative at Lenovo, Nvidia, might behave better in that respect. On 2012 Nov 10 (Sat) at 17:06:12 +1100 (+1100), Rod Whitworth wrote: :I already have a Lenovo Edge model that has the sandybridge graphics :that aren't fully supported right now and I'd be surprised if that :changes any time soon. : :AIUI it won't be a minor fix and I'm not whining about how long it will :take. : :Instead I'm hoping I can pick a Thinkpad that is workable for switching :between console and X sessions. : :I'm looking at a T430 which has the dreaded Nvidia but I don't need all :the stuff that is not supported (and probably never will be). : :If it does X well enough to run a browser in native resolution (1366 x :768) and maybe watch a DVD, I'll be satisfied. : :Anybody with a clue about the Nvidia in plain-vanilla graphics mode? : :The wi-fi is the same as the one I already have that 5.2 gives a tick :to. : :The lousy blighters supply a DVD-ROM ;-( : :Other things to beware of? : :Thanx, : :*** NOTE *** Please DO NOT CC me. I am subscribed to the list. :Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. : :Rod/ :--- :This life is not the real thing. :It is not even in Beta. :If it was, then OpenBSD would already have a man page for it. : -- In 1750 Isaac Newton became discouraged when he fell up a flight of stairs. *** NOTE *** Please DO NOT CC me. I am subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.
Issue with U of A hosting site
There is an issue at the U of A hosting site. The servers hosted in that data center will unavailable. I will do my best to post again when more information is available. Thank you, James
Re: uhub error
On Mon, Nov 12, 2012 at 12:11 AM, Chris Chung chunc...@gmail.com wrote: On Sun, Nov 11, 2012 at 07:05:43PM +0100, Tomas Bodzar wrote: On Sun, Nov 11, 2012 at 5:15 PM, Chris Chung chunc...@gmail.com wrote: On Sun, Nov 11, 2012 at 08:14:49AM +0100, Tomas Bodzar wrote: On Sun, Nov 11, 2012 at 2:53 AM, Chris Chung chunc...@gmail.com wrote: Hello, When attempting to connect an external hard drive through a usb port I'm receiving the error below. I can sucessfully mount my dvd drive and sd memory cards without issue. This could be a hardware issue, but I'm not sure. I have read the relevant FAQ sections along with the man pages for disklabel and mount but still at a loss, so any additional insights would be appreciated. # /var/log/messages openbox /bsd: uhub5: device problem, disabling port 2 From code http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/usb/uhub.c?rev=1.59 if (err) { DPRINTFN(-1,(uhub_explore: usbd_new_device failed, error=%s\n, usbd_errstr(err))); /* Avoid addressing problems by disabling. */ /* usbd_reset_port(dev, port, up-status); */ /* * The unit refused to accept a new address, or had * some other serious problem. Since we cannot leave * at 0 we have to disable the port instead. */ printf(%s: device problem, disabling port %d\n, sc-sc_dev.dv_xname, port); usbd_clear_port_feature(dev, port, UHF_PORT_ENABLE); # dmesg OpenBSD 5.1 (GENERIC.MP) #188: Sun Feb 12 09:55:11 MST 2012 dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP cpu0: Intel(R) Core(TM)2 Duo CPU P9600 @ 2.66GHz (GenuineIntel 686-class) 2.67 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,LONG,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,LAHF real mem = 3178491904 (3031MB) avail mem = 3116384256 (2972MB) mainbus0 at root bios0 at mainbus0: AT/286+ BIOS, date 03/17/11, BIOS32 rev. 0 @ 0xfdc50, SMBIOS rev. 2.4 @ 0xe0010 (80 entries) bios0: vendor LENOVO version 6FET88WW (3.18 ) date 03/17/2011 bios0: LENOVO 4063HK6 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET SLIC BOOT ASF! SSDT TCPA SSDT SSDT SSDT acpi0: wakeup devices LID_(S3) SLPB(S3) UART(S3) IGBE(S4) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4) EXP4(S4) PCI1(S4) USB0(S3) USB3(S3) USB5(S3) EHC0(S3) EHC1(S3) HDEF(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpiec0 at acpi0 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: apic clock running at 266MHz cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM)2 Duo CPU P9600 @ 2.66GHz (GenuineIntel 686-class) 2.67 GHz cpu1: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,NXE,LONG,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,LAHF ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpimcfg0 at acpi0 addr 0xe000, bus 0-63 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (AGP_) acpiprt2 at acpi0: bus 2 (EXP0) acpiprt3 at acpi0: bus 3 (EXP1) acpiprt4 at acpi0: bus -1 (EXP2) acpiprt5 at acpi0: bus 5 (EXP3) acpiprt6 at acpi0: bus 13 (EXP4) acpiprt7 at acpi0: bus 21 (PCI1) acpicpu0 at acpi0: C3, C2, C1, PSS acpicpu1 at acpi0: C3, C2, C1, PSS acpipwrres0 at acpi0: PUBS acpitz0 at acpi0: critical temperature is 127 degC acpitz1 at acpi0: critical temperature is 100 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: SLPB acpibat0 at acpi0: BAT0 model 42T4620 serial 1283 type LION oem Panasonic acpibat1 at acpi0: BAT1 not present acpiac0 at acpi0: AC unit offline acpithinkpad0 at acpi0 acpidock0 at acpi0: GDCK not docked (0) bios0: ROM list: 0xc/0x1! 0xd/0x1000 0xd1000/0x1000 0xd2000/0x1000 0xde000/0x1800! 0xe/0x1 cpu0: Enhanced SpeedStep 2661 MHz: speeds: 2667, 2666, 2133, 1600, 800 MHz pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Intel GM45 Host rev 0x07 vga1 at pci0 dev 2 function 0 Intel GM45 Video rev 0x07 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1: apic 1 int 16 drm0 at inteldrm0 Intel GM45 Video
Re: question about built-in support for full disk encryption
On Sun, Nov 11, 2012 at 8:04 PM, Jiri B ji...@devio.us wrote: On Sun, Nov 11, 2012 at 11:20:53AM +, hepta tor wrote: Thanks for the pointer. Do you know if there are any guidelines on how to configure FDE with what's implemented in -current? At http://geekyschmidt.com/2011/01/19/configuring-openbsd-softraid-fo-encryption there is a kind of mini tutorial on how to configure softraid for encryption - does anyone know if this is compatible with what's implemented in -current? -h 1. During installation jump to shell 2. fdisk sd0 3. disklabel sd0, so sd0a is RAID, no sd0b as swap! 4. cd /dev ; sh ./MAKEDEV sd1 ; cd / 5. bioctl -c C -l /dev/sd0a softraid0 6. dd if=/dev/zero of=/dev/rsd1c bs=1m count=1 7. /install and use sd1 as your disk for usual installation 8. couple of enters... 9. change /mnt/etc/sysctl.conf to have 'vm.swapencrypt.enable=0' 10. reboot Of course, no warranty. Works like a charm ;-) Tested now. jirib