Re: as cannot do endbr64 instructions (too old)

2024-01-02 Thread Lorenz (xha) 
On Tue, Jan 02, 2024 at 08:32:00PM -, Stuart Henderson wrote:
> I can't say. Though I doubt there would much objection if it's clean and
> not a copy of a GPLv3-licensed upstream commit.

what about this?

i am not sure about the situation on arm64. it looks like newer gnu
assemblers don't like bti instructions unless explicitly enabled.
llvm seems to be using hint #34 for compatibility.

is /usr/bin/as the GNU assembler on arm64 aswell?

Index: include/opcode/i386.h
===
RCS file: /cvs/src/gnu/usr.bin/binutils-2.17/include/opcode/i386.h,v
retrieving revision 1.11
diff -C5 -r1.11 i386.h
*** include/opcode/i386.h   9 Sep 2018 21:59:43 -   1.11
--- include/opcode/i386.h   3 Jan 2024 07:35:49 -
***
*** 1532,1541 
--- 1532,1545 
  
  /* Intel PCID extension */
  {"invpcid", 2, 0x660f3882, X, CpuNEW|CpuNo64, 
Modrm|IgnoreSize|No_bSuf|No_wSuf|No_sSuf|No_qSuf|No_xSuf|NoRex64, { 
BaseIndex|Disp8|Disp16|Disp32|Disp32S, Reg32 } },
  {"invpcid", 2, 0x660f3882, X, CpuNEW|Cpu64, 
Modrm|IgnoreSize|No_bSuf|No_wSuf|No_sSuf|No_qSuf|No_xSuf|NoRex64, { 
BaseIndex|Disp8|Disp16|Disp32|Disp32S, Reg64 } },
  
+ /* Intel Indirect Branch Tracking extensions */
+ {"endbr64", 0, 0xF30F1E, 0xFA, Cpu64, NoSuf|ImmExt, { 0, 0, 0 } },
+ {"endbr32", 0, 0xF30F1E, 0xFB, CpuNo64, NoSuf|ImmExt, { 0, 0, 0 } },
+ 
  /* sentinel */
  {NULL, 0, 0, 0, 0, 0, { 0, 0, 0} }
  };
  #undef X
  #undef NoSuf

Re: ProtectLi w/ OpenBSD

2024-01-02 Thread Dylan D'Silva 
I can't comment about Dasharo, but I have a protectli with coreboot 
which comes default and I've used it with openbsd. Here is the install

https://kb.protectli.com/kb/how-to-install-openbsd-on-the-vault-2/

Dylan

Peter N. M. Hansteen wrote:

On Wed, Jan 03, 2024 at 06:21:03AM +, Kenneth Hendrickson wrote:

Is there any newer information than this:
https://OpenBsdMailBox.blogspot.com/2023/05/protectli-vp2420-with-dasharo.html

Looking for a newer faster firewall ...

Want headless, and obviously OpenBSD.

So is CoreBoot not an option?  Or is there a way to make it work?


That post is from May 2023. Since then we have had another release (7.4)
and significant work in most areas since then.

My main suggestion would be to try with 7.4 or if you are more adventurous,
a snapshot and if there are any problems use the mailing lists, including
bugs@ (see man sendbug) and follow up on any response from developers.

- Peter

Re: ProtectLi w/ OpenBSD

2024-01-02 Thread Peter N. M. Hansteen 
On Wed, Jan 03, 2024 at 06:21:03AM +, Kenneth Hendrickson wrote:
> Is there any newer information than this:
> https://OpenBsdMailBox.blogspot.com/2023/05/protectli-vp2420-with-dasharo.html
> 
> Looking for a newer faster firewall ...
> 
> Want headless, and obviously OpenBSD.
> 
> So is CoreBoot not an option?  Or is there a way to make it work?

That post is from May 2023. Since then we have had another release (7.4)
and significant work in most areas since then.

My main suggestion would be to try with 7.4 or if you are more adventurous,
a snapshot and if there are any problems use the mailing lists, including
bugs@ (see man sendbug) and follow up on any response from developers.

- Peter

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

ProtectLi w/ OpenBSD

2024-01-02 Thread Kenneth Hendrickson 
Is there any newer information than this:
https://OpenBsdMailBox.blogspot.com/2023/05/protectli-vp2420-with-dasharo.html

Looking for a newer faster firewall ...

Want headless, and obviously OpenBSD.

So is CoreBoot not an option?  Or is there a way to make it work?

Re: installboot sd0 fails while installing from USB drive

2024-01-02 Thread Kenneth Gober 
On Sun, Dec 31, 2023 at 11:07 AM Kenneth Gober  wrote:

> On Mon, Dec 25, 2023 at 6:08 PM Gábor Papp  wrote:
>
>> I am trying to install OpenBSD 7.4 on my ThinkPad L390. This bug only
>> happens on this certain laptop.
>> I could install OpenBSD 7.3 just fine on this machine, so I think this
>> is a bug happens because of this weird combination of 7.4 and maybe a
>> firmware update.
>>
>
> I haven't been able to install 7.4 on my ThinkPad L390 Yoga, but it does
> boot
> 7.4/amd64 from USB just fine.  So you could perhaps try doing the install
> to
> another USB stick, then using dd to copy the completed installation to the
> internal drive.  Actually I recommend first trying the install again;
> maybe it was
> just a one-time thing and won't turn out to be reproducible.
>

I found some time to install a spare SSD in my L390 Yoga and tried
installing
7.4/amd64 on it, and it installed with no trouble.  So any issue is likely
to be
very specific to your exact setup and process.  Or it was a one-time thing.

Here's the dmesg from the install. It is essentially the same as in my
previous
message except this time I had no network connection so I didn't get
firmware
updates.  I don't see how that would have affected installboot, however.
Also
the dmesg from the first boot after install follows after this one:

OpenBSD 7.4 (RAMDISK_CD) #1322: Tue Oct 10 09:07:38 MDT 2023
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD
real mem = 16725819392 (15950MB)
avail mem = 16214888448 (15463MB)
random: good seed from bootblocks
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 3.1 @ 0x4ce2e000 (60 entries)
bios0: vendor LENOVO version "R10ET43W (1.28 )" date 12/27/2019
bios0: LENOVO 20NUS1S800
acpi0 at bios0: ACPI 6.1
acpi0: tables DSDT FACP SSDT SSDT SSDT SSDT UEFI SSDT HPET APIC MCFG ECDT
SSDT BOOT SLIC SSDT LPIT WSMT SSDT DBGP DBG2 MSDM BATB DMAR NHLT ASF! FPDT
UEFI
acpihpet0 at acpi0: 2399 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5-8365U CPU @ 1.60GHz, 1590.02 MHz, 06-8e-0c,
patch 00ca
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,TSX_CTRL,XSAVEOPT,XSAVEC,XGETBV1,XSAVES
cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 256KB
64b/line 4-way L2 cache, 6MB 64b/line 12-way L3 cache
cpu0: apic clock running at 24MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu at mainbus0: not configured
cpu at mainbus0: not configured
cpu at mainbus0: not configured
cpu at mainbus0: not configured
cpu at mainbus0: not configured
cpu at mainbus0: not configured
cpu at mainbus0: not configured
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 120 pins
acpiec0 at acpi0
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (RP01)
acpiprt2 at acpi0: bus -1 (RP02)
acpiprt3 at acpi0: bus -1 (RP03)
acpiprt4 at acpi0: bus -1 (RP04)
acpiprt5 at acpi0: bus -1 (RP05)
acpiprt6 at acpi0: bus -1 (RP06)
acpiprt7 at acpi0: bus -1 (RP07)
acpiprt8 at acpi0: bus -1 (RP08)
acpiprt9 at acpi0: bus 3 (RP09)
acpiprt10 at acpi0: bus -1 (RP10)
acpiprt11 at acpi0: bus -1 (RP11)
acpiprt12 at acpi0: bus -1 (RP12)
acpiprt13 at acpi0: bus 5 (RP13)
acpiprt14 at acpi0: bus -1 (RP14)
acpiprt15 at acpi0: bus -1 (RP15)
acpiprt16 at acpi0: bus -1 (RP16)
acpiprt17 at acpi0: bus -1 (RP17)
acpiprt18 at acpi0: bus -1 (RP18)
acpiprt19 at acpi0: bus -1 (RP19)
acpiprt20 at acpi0: bus -1 (RP20)
acpiprt21 at acpi0: bus -1 (RP21)
acpiprt22 at acpi0: bus -1 (RP22)
acpiprt23 at acpi0: bus -1 (RP23)
acpiprt24 at acpi0: bus -1 (RP24)
acpipci0 at acpi0 PCI0: 0x 0x0011 0x0001
"INT33D3" at acpi0 not configured
"ACPI0003" at acpi0 not configured
"LEN0268" at acpi0 not configured
"PNP0C0A" at acpi0 not configured
"PNP0C60" at acpi0 not configured
"LEN0100" at acpi0 not configured
"INT3403" at acpi0 not configured
"INT3403" at acpi0 not configured
"INT3403" at acpi0 not configured
"INT3403" at acpi0 not configured
"INT34BB" at acpi0 not configured
"INT3515" at acpi0 not configured
"ACPI000E" at acpi0 not configured
"PNP0C14" at acpi0 not configured
"INT0E0C" at acpi0 not configured
"PNP0C0E" at acpi0 not configured
"PNP0C14" at acpi0 not configured
"PNP0C14" at acpi0 not configured
"INT33A1" at acpi0 not configured
"PNP0C0D" at acpi0 not configured
"PNP0C14" at acpi0 not configured
"PNP0C14" at acpi0 not configured
"PNP0C14" at acpi0 not configured
"PNP0C14" at acpi0 not configured
"INT3400" at acpi0 not configured
"USBC000" at acpi0 not configured
acpipwrres at acpi0 not configured
acpipwrres

Re: How to access Xauthority for VNC Server

2024-01-02 Thread Stuart Henderson 
On 2024-01-02, Adam Retter  wrote:
>
> XAUTHORITY=/etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM x0vncserver
> -display :0 -PasswordFile ~/.vnc/passwd
>
> It is not clear to me how I can set this up so that x0vncserver can
> access the correctly named auth file each time the machine restarts,
> and also under which account it would be considered best practice to
> run x0vncserver... Should I run it under my user account, the `_x11`
> account, or an account created just for that purpose?
> Ideally the VNC Server would start during system startup also.

It won't help for system startup, but you can add the x0vncserver
command (backgrounded with &) from .xsession to run after login.
This would run as your uid and with X environment variables intact so
no faffing with XAUTHORITY needed.

(I would recommend listening to localhost only and connecting via ssh
port-forwarding; for unix VNC clients "-via $hostname localhost" runs
the ssh command for you).



-- 
Please keep replies on the mailing list.

How to access Xauthority for VNC Server

2024-01-02 Thread Adam Retter 
Apologies but I am a little bit unclear about how X authfiles should
work in OpenBSD.

I have started with a fresh OpenBSD 7.4 install, and I opted to
install the X Window System. My goal is to be able to export my
display over VNC as I have no access to the mouse and keyboard of the
machine.

I have installed the VNC Server software by running as root - pkg_add tigervnc

To be able to run the VNC Server, it needs access to the X Authority
file. I want to ideally run the VNC Server under a non-root account. I
have found an authority file under /etc/X11/xenodm/authdir/authfiles/
however its name seems to be randomly decided each time xenodm is
started during System boot. For example at present it is
/etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM but that will change if
the system is rebooted.

To run the VNC Server, I think I need to execute something like the
following command:

XAUTHORITY=/etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM x0vncserver
-display :0 -PasswordFile ~/.vnc/passwd

It is not clear to me how I can set this up so that x0vncserver can
access the correctly named auth file each time the machine restarts,
and also under which account it would be considered best practice to
run x0vncserver... Should I run it under my user account, the `_x11`
account, or an account created just for that purpose?
Ideally the VNC Server would start during system startup also.

I also note that the auth files such as
/etc/X11/xenodm/authdir/authfiles/A:0-r4dlnM are owned by the `_x11`
account and group, and are only readable by the owner (mode 0600).

Please advise on the best way to set this up?

Kind regards. Adam.

-- 
Adam Retter

skype: adam.retter
tweet: adamretter
http://www.adamretter.org.uk

Re: as cannot do endbr64 instructions (too old)

2024-01-02 Thread Stuart Henderson 
On 2024-01-02, Lorenz (xha)  wrote:
> what is the reason to only include GPLv2 and not GPLv3?

The new license terms are not wanted for the base OS.

As with GCC, a newer GPLv3 version is available in ports.

> that "as" doesn't support modern instructions is starting to cause
> all sorts of nasty problems. the compiler backend of hare, QBE,
> recently had a patch accepted which adds IBT/BTI support and i
> prepared the stdlib to be able to deal with IBT/BTI.
>
> however, the patch was reverted yesterday with the reason that the
> standard openbsd toolchain doesn't support it. i would need to patch
> QBE to accept a cfi flag (i don't even know if it'd get accepted),
> which, again, would introduce new workarounds in hare for openbsd.

You could perhaps encode the bytes instead, like openssl does
specifically so it will work on other OS with old binutils too..
0xf3,0x0f,0x1e,0xfa

> if updating "as" is really not an option, would a patch adding support
> for endbr64 and the BTI equivilant be accepted?

I can't say. Though I doubt there would much objection if it's clean and
not a copy of a GPLv3-licensed upstream commit.

-- 
Please keep replies on the mailing list.

Re: Weird network performance with iwn(4)

2024-01-02 Thread Stuart Henderson 
On 2024-01-02, Murat D. Kadyrov  wrote:
> On Thu, Dec 21, 2023 at 09:23:42AM +0100, Stefan Sperling wrote:
>> On Wed, Dec 20, 2023 at 07:54:47PM +, Lévai, Dániel wrote:
>> > Danel Levai wrote:
>> > > Stuart Henderson wrote:
>> > > > I checked for openwrt support but your AP has a relatively uncommon
>> > > > Realtek SoC and it seems fairly unlikely to happen so you're probably
>> > > > stuck with the vendor firmware.
>> > > >
>> > > > Maybe try forcing "mode 11n" or "mode 11g" with ifconfig and see if
>> > > > that's any better.
>> > >
>> > > Interestingly enough, "mode 11g" won't join the AP. 11n works and it's a 
>> > > steady
>> > > 300KByte/sec, it doesn't go up and down like with 11ac.
>> > >
>> > > Anyway, I'll see if I can find myself another AP to deploy here, maybe 
>> > > it's just some
>> > > fringe compatibility issue.
>> > >
>> > > Daniel
>> > 
>> > Just for the record, I totally missed trying the 2.4GHz SSID of this AP 
>> > (it has a different name). I was only trying 5GHz with all modes - no 
>> > wonder .11g wouldn't join (brain freeze)...
>> > So .11n actually works on 2.4GHz with this AP and iwm(4), and has a 
>> > download speed of around 1,5-2,0MByte.
>> > 
>> > Daniel
>> > 
>> > 
>> 
>> This means the performance issue is specific to 11ac mode, correct?
>
> 11ac mode supported by OpenBSD?

Yes, for quite a while now, on bwfm iwm iwx.


-- 
Please keep replies on the mailing list.

Re: Run VM with 16G or more?

2024-01-02 Thread Kirill A. Korinsky 
And one more noticed bug in vmd regarding memory.

If I changed memory in /etc/vm.conf for running machine, run rcctl reload vmd,
and restart VM... It has no effect.

The VM should be shutdown before reload.

--
wbr, Kirill

Re: Run VM with 16G or more?

2024-01-02 Thread Kirill A. Korinsky 
> On 2. Jan 2024, at 19:58, Kirill A. Korinsky  wrote:
> 
> Anyway, right now it fails as:
> 
>> vmctl: start vm command failed: Invalid argument
> 
> and if I revert may changes (to 10G for example) at cat /etc/login.conf.d/vmd 
> from:
>> vmd:\
>>  :datasize=100G:\
>>  :tc=daemon:
> 
> 
> it's failed as (which is expected):
>> vmctl: start vm command failed: Cannot allocate memory
> 
> 

Forgotten log for the error "Invalid argument" that says nothing I assume

> Jan  2 20:14:07 island vmd: vmd: config_setvm: vm 3 restarted after 11.346817 
> seconds, limit 0/3
> Jan  2 20:14:07 island vmd: vmd: vm_opentty: vm podman tty /dev/ttyp2 uid 
> 1000 gid 4 mode 620
> Jan  2 20:14:07 island vmd: vmm: vm_register: registering vm 3
> Jan  2 20:14:07 island vmd: vmm: vm_remove: vmm vmm_start_vm removing vm 3 
> from running config
> Jan  2 20:14:07 island vmd: vmm: vm_stop: vmm vmm_start_vm stopping vm 3
> Jan  2 20:14:07 island vmd: vmd: podman: failed to start vm
> Jan  2 20:14:07 island vmd: vmd: vm_stop: vmd vmd_dispatch_vmm stopping vm 3
> Jan  2 20:14:07 island vmd: vmm: vmm_sighdlr: handling signal 20


--
wbr, Kirill

Re: Run VM with 16G or more?

2024-01-02 Thread Kirill A. Korinsky 



> On 2. Jan 2024, at 20:13, Mischa  wrote:
> 
> On 2024-01-02 19:58, Kirill A. Korinsky wrote:
>>> On 2. Jan 2024, at 19:17, Dave Voutila  wrote:
 vmd: failed to start vm podman
 vmd: vm_stop: vmd config_setvm stopping vm 3
 This machine runs 4 more VM and this one (huge) should be 5th.
>>> Try this:
>>> # cd /dev && sh MAKEDEV tap4
>>> By default I believe on amd64 we create tap[0-3]. You might need to
>>> define additional special files to represent 4+ taps.
>> I really think that this should be documented at 
>> https://www.openbsd.org/faq/faq16.html 
>> 
> 
> It's in man vm.conf, to an extend:
> 
> CAVEATS
> Each guest requires one tap(4) device per assigned interface and one
> pty(4) device.  Administrators may need to create additional devices
> using MAKEDEV(8).

ok, I agree that this is documented.  But not original issue with memory.

--
wbr, Kirill

Re: Run VM with 16G or more?

2024-01-02 Thread Mischa 

On 2024-01-02 19:58, Kirill A. Korinsky wrote:

On 2. Jan 2024, at 19:17, Dave Voutila  wrote:


vmd: failed to start vm podman
vmd: vm_stop: vmd config_setvm stopping vm 3

This machine runs 4 more VM and this one (huge) should be 5th.


Try this:

# cd /dev && sh MAKEDEV tap4

By default I believe on amd64 we create tap[0-3]. You might need to
define additional special files to represent 4+ taps.


I really think that this should be documented at 
https://www.openbsd.org/faq/faq16.html 



It's in man vm.conf, to an extend:

CAVEATS
 Each guest requires one tap(4) device per assigned interface and 
one
 pty(4) device.  Administrators may need to create additional 
devices

 using MAKEDEV(8).


Anyway, right now it fails as:


vmctl: start vm command failed: Invalid argument


and if I revert may changes (to 10G for example) at cat 
/etc/login.conf.d/vmd from:

vmd:\
:datasize=100G:\
:tc=daemon:



it's failed as (which is expected):

vmctl: start vm command failed: Cannot allocate memory



--
wbr, Kirill

Re: Run VM with 16G or more?

2024-01-02 Thread Kirill A. Korinsky 
> On 2. Jan 2024, at 19:17, Dave Voutila  wrote:
> 
>> vmd: failed to start vm podman
>> vmd: vm_stop: vmd config_setvm stopping vm 3
>> 
>> This machine runs 4 more VM and this one (huge) should be 5th.
> 
> Try this:
> 
> # cd /dev && sh MAKEDEV tap4
> 
> By default I believe on amd64 we create tap[0-3]. You might need to
> define additional special files to represent 4+ taps.

I really think that this should be documented at 
https://www.openbsd.org/faq/faq16.html 

Anyway, right now it fails as:

> vmctl: start vm command failed: Invalid argument

and if I revert may changes (to 10G for example) at cat /etc/login.conf.d/vmd 
from:
> vmd:\
>   :datasize=100G:\
>   :tc=daemon:


it's failed as (which is expected):
> vmctl: start vm command failed: Cannot allocate memory


--
wbr, Kirill

Re: as cannot do endbr64 instructions (too old)

2024-01-02 Thread Lorenz (xha) 
On Tue, Jan 02, 2024 at 11:51:48AM +0100, Otto Moerbeek wrote:
> On Tue, Jan 02, 2024 at 08:56:55PM +1100, Alexis wrote:
> 
> > 
> > "Lorenz (xha)"  writes:
> > 
> > > On Mon, Jan 01, 2024 at 08:47:07PM +1100, Alexis wrote:
> > > > 
> > > > "Lorenz (xha)"  writes:
> > > > 
> > > > > just out of couriosity, why is "as" in the base system if it > is
> > > > > outdated and is updating it an option?
> > > > 
> > > > i presume it's due to subsequent versions being licensed under later
> > > > versions of the GPL, but i'd be happy to be corrected on this point.
> > > 
> > > i couldn't find any discussions on why the later versions are not
> > > acceptable in the base system. are there any?
> 
> WRT the GPL the policy boils down to:
> 
> - We do not want new software using GPL in our tree
> - For existing software we only allow GPL2. For projects that switched
> license like gcc, we stick at the latest GPL2 version and try to
> replace the software.

what is the reason to only include GPLv2 and not GPLv3?

that "as" doesn't support modern instructions is starting to cause
all sorts of nasty problems. the compiler backend of hare, QBE,
recently had a patch accepted which adds IBT/BTI support and i
prepared the stdlib to be able to deal with IBT/BTI.

however, the patch was reverted yesterday with the reason that the
standard openbsd toolchain doesn't support it. i would need to patch
QBE to accept a cfi flag (i don't even know if it'd get accepted),
which, again, would introduce new workarounds in hare for openbsd.

if updating "as" is really not an option, would a patch adding support
for endbr64 and the BTI equivilant be accepted?

Re: Run VM with 16G or more?

2024-01-02 Thread Dave Voutila 


"Kirill A. Korinsky"  writes:

> [[PGP Signed Part:Undecided]]
>> On 2. Jan 2024, at 18:41, Dave Voutila  wrote:
>> "Kirill A. Korinsky"  writes:
>
>>> vmctl -v start... doesn't help a bit
>>
>> How much physicaly memory does the host machine have? We currently don't
>> allow oversubscribing memory with vmm/vmd. If the host only has 16GB
>> that could be the cause.
>
> hw.physmem=137257779200
> hw.usermem=133537726464
>
> and machine is used only for run VMs.
>
>> If that's not the case, can you run vmd in debug mode and get the log
>> output?
>
> Sure, I run /usr/sbin/vmd -vvv -d and the error is:
>
> vmd: config_setvm: vm 3 restarted after 9.757221 seconds, limit 0/3
> vmd: config_setvm: can't open tap tap

Ah, that.

> vmd: failed to start vm podman
> vmd: vm_stop: vmd config_setvm stopping vm 3
>
> This machine runs 4 more VM and this one (huge) should be 5th.

Try this:

# cd /dev && sh MAKEDEV tap4

By default I believe on amd64 we create tap[0-3]. You might need to
define additional special files to represent 4+ taps.

-dv

Re: Run VM with 16G or more?

2024-01-02 Thread Mischa 

On 2024-01-02 19:16, Kirill A. Korinsky wrote:

On 2. Jan 2024, at 18:41, Dave Voutila  wrote:
"Kirill A. Korinsky"  writes:



vmctl -v start... doesn't help a bit


How much physicaly memory does the host machine have? We currently 
don't

allow oversubscribing memory with vmm/vmd. If the host only has 16GB
that could be the cause.


hw.physmem=137257779200
hw.usermem=133537726464

and machine is used only for run VMs.


If that's not the case, can you run vmd in debug mode and get the log
output?


Sure, I run /usr/sbin/vmd -vvv -d and the error is:

vmd: config_setvm: vm 3 restarted after 9.757221 seconds, limit 0/3
vmd: config_setvm: can't open tap tap
vmd: failed to start vm podman
vmd: vm_stop: vmd config_setvm stopping vm 3

This machine runs 4 more VM and this one (huge) should be 5th.


You need to add more tap interfaces:

# cd /dev
# for i in $(jot XX 4); do sh MAKEDEV tap$i; done

Where XX is the number of taps you want to add.

Mischa

Re: Run VM with 16G or more?

2024-01-02 Thread Kirill A. Korinsky 
> On 2. Jan 2024, at 18:41, Dave Voutila  wrote:
> "Kirill A. Korinsky"  writes:

>> vmctl -v start... doesn't help a bit
> 
> How much physicaly memory does the host machine have? We currently don't
> allow oversubscribing memory with vmm/vmd. If the host only has 16GB
> that could be the cause.

hw.physmem=137257779200
hw.usermem=133537726464

and machine is used only for run VMs.

> If that's not the case, can you run vmd in debug mode and get the log
> output?

Sure, I run /usr/sbin/vmd -vvv -d and the error is:

vmd: config_setvm: vm 3 restarted after 9.757221 seconds, limit 0/3
vmd: config_setvm: can't open tap tap
vmd: failed to start vm podman
vmd: vm_stop: vmd config_setvm stopping vm 3

This machine runs 4 more VM and this one (huge) should be 5th.

--
wbr, Kirill

Re: Run VM with 16G or more?

2024-01-02 Thread Dave Voutila 


"Kirill A. Korinsky"  writes:

>> On 2. Jan 2024, at 12:07, Kirill A. Korinsky  wrote:
>>
>> Confirmed that it is:
>>
>> island$ grep '^vmd:' -A 2 /etc/login.conf
>> vmd:\
>>  :datasize=16384M:\
>>  :tc=daemon:
>> island$
>
>
> Wel.. after that changes error has been changed to:
>
>> vmctl: start vm command failed: Unknown error: -1

yeah that error description sucks...should be changed

>
>
> vmctl -v start... doesn't help a bit

How much physicaly memory does the host machine have? We currently don't
allow oversubscribing memory with vmm/vmd. If the host only has 16GB
that could be the cause.

If that's not the case, can you run vmd in debug mode and get the log
output?

Re: Run VM with 16G or more?

2024-01-02 Thread Kirill A. Korinsky 


> On 2. Jan 2024, at 12:07, Kirill A. Korinsky  wrote:
> 
> Confirmed that it is:
> 
> island$ grep '^vmd:' -A 2 /etc/login.conf
> vmd:\
>   :datasize=16384M:\
>   :tc=daemon:
> island$


Wel.. after that changes error has been changed to:

> vmctl: start vm command failed: Unknown error: -1


vmctl -v start... doesn't help a bit

--
wbr, Kirill

Re: Weird network performance with iwn(4)

2024-01-02 Thread Murat D. Kadyrov 
On Thu, Dec 21, 2023 at 09:23:42AM +0100, Stefan Sperling wrote:
> On Wed, Dec 20, 2023 at 07:54:47PM +, Lévai, Dániel wrote:
> > Danel Levai wrote:
> > > Stuart Henderson wrote:
> > > > I checked for openwrt support but your AP has a relatively uncommon
> > > > Realtek SoC and it seems fairly unlikely to happen so you're probably
> > > > stuck with the vendor firmware.
> > > >
> > > > Maybe try forcing "mode 11n" or "mode 11g" with ifconfig and see if
> > > > that's any better.
> > >
> > > Interestingly enough, "mode 11g" won't join the AP. 11n works and it's a 
> > > steady
> > > 300KByte/sec, it doesn't go up and down like with 11ac.
> > >
> > > Anyway, I'll see if I can find myself another AP to deploy here, maybe 
> > > it's just some
> > > fringe compatibility issue.
> > >
> > > Daniel
> > 
> > Just for the record, I totally missed trying the 2.4GHz SSID of this AP (it 
> > has a different name). I was only trying 5GHz with all modes - no wonder 
> > .11g wouldn't join (brain freeze)...
> > So .11n actually works on 2.4GHz with this AP and iwm(4), and has a 
> > download speed of around 1,5-2,0MByte.
> > 
> > Daniel
> > 
> > 
> 
> This means the performance issue is specific to 11ac mode, correct?

11ac mode supported by OpenBSD?

Support Update

2024-01-02 Thread Kihaguru Gathura 
0
C Kenya
P
T Nairobi
Z P.O. Box 30164-00100
O IFINAX Ltd
 I  Kihaguru Njenga Gathura
A Bishops Road
M info@ifinax. net
U
B +254 7 0697 0697
X
N OpenBSD consulting. Speciality in web applications
development with OpenBSD-httpd web server, PostgreSQL DBMS, FastCGI
protocol and C programming language.

Re: as cannot do endbr64 instructions (too old)

2024-01-02 Thread Crystal Kolipe 
On Tue, Jan 02, 2024 at 01:34:14PM +0100, Lorenz (xha) wrote:
> as cannot be used correctly anymore (at least on amd64) because it is
> missing the newer instructions.

It's perfectly usable for assembling any handwritten asm code that doesn't
use the newer instructions.  I use the 'as' in base on a regular basis
precisely for this.

It's not just hand written asm either, we have our own compiler that spits
out X86 asm source which is assembled with base 'as' and linked with base
'ld' to produce static binaries.

> would it make sense to remove it?

No.

Re: as cannot do endbr64 instructions (too old)

2024-01-02 Thread Lorenz (xha) 
On Tue, Jan 02, 2024 at 11:51:48AM +0100, Otto Moerbeek wrote:
> Dunno what haoppened to as(1) specifically.  But as we do not use
> standalone as(1) for our own builds, it does not get a lot of
> attention (in additional to the potential licensing issues).

as cannot be used correctly anymore (at least on amd64) because it is
missing the newer instructions. would it make sense to remove it?

anyways, i think i found a way to assemble mulitple input files using
some concat hacks. thanks.

Re: Run VM with 16G or more?

2024-01-02 Thread Kirill A. Korinsky 


> On 2. Jan 2024, at 08:58, Janne Johansson  wrote:
> 
> Den mån 1 jan. 2024 kl 21:44 skrev Kirill A. Korinsky :
>> 
>> How can I run a VM with more than 16G of memory?
>> A naive approach fails with error:
>>> vmctl: start vm command failed: Cannot allocate memory
>> 
>> Yes, the host machine has that memory and much more.
> 
> Check datasize in ulimits as set by the shell and login.conf for the
> user that the VM runs as.
> 

Confirmed that it is:

island$ grep '^vmd:' -A 2 /etc/login.conf
vmd:\
:datasize=16384M:\
:tc=daemon:
island$

Thanks!

--
wbr, Kirill

Re: as cannot do endbr64 instructions (too old)

2024-01-02 Thread Otto Moerbeek 
On Tue, Jan 02, 2024 at 08:56:55PM +1100, Alexis wrote:

> 
> "Lorenz (xha)"  writes:
> 
> > On Mon, Jan 01, 2024 at 08:47:07PM +1100, Alexis wrote:
> > > 
> > > "Lorenz (xha)"  writes:
> > > 
> > > > just out of couriosity, why is "as" in the base system if it > is
> > > > outdated and is updating it an option?
> > > 
> > > i presume it's due to subsequent versions being licensed under later
> > > versions of the GPL, but i'd be happy to be corrected on this point.
> > 
> > i couldn't find any discussions on why the later versions are not
> > acceptable in the base system. are there any?

WRT the GPL the policy boils down to:

- We do not want new software using GPL in our tree
- For existing software we only allow GPL2. For projects that switched
license like gcc, we stick at the latest GPL2 version and try to
replace the software.

> 
> There's a discussion about GPL software in base at
> https://www.openbsd.org/policy.html, although it doesn't mention GPL
> versions:
> 
> > The GNU Public License and licenses modeled on it impose the restriction
> > that source code must be distributed or made available for all works
> > that are derivatives of the GNU copyrighted code.
> > 
> > While this may superficially look like a noble strategy, it is a
> > condition that is typically unacceptable for commercial use of software.
> > So in practice, it usually ends up hindering free sharing and reuse of
> > code and ideas rather than encouraging it. As a consequence, no
> > additional software bound by the GPL terms will be considered for
> > inclusion into the OpenBSD base system.
> > 
> > For historical reasons, the OpenBSD base system still includes the
> > following GPL-licensed components: the GNU compiler collection (GCC)
> > with supporting binutils and libraries, GNU CVS, GNU texinfo, the
> > mkhybrid file system creation tool, and the readline library.
> > Replacement by equivalent, more freely licensed tools is a long-term
> > desideratum.
> 
> But, again, someone else will have to describe what's happening with 'as'
> specifically; i'm not an OpenBSD dev myself. My speculation about the GPL
> version potentially being involved comes from Apple not including versions
> of software whose license had been changed from GPL2 to GPL3 (such that e.g.
> versions of macOS prior to Catalina only included GNU Emacs 22).
> 
> 
> Alexis.

Dunno what haoppened to as(1) specifically.  But as we do not use
standalone as(1) for our own builds, it does not get a lot of
attention (in additional to the potential licensing issues).

-Otto

Re: as cannot do endbr64 instructions (too old)

2024-01-02 Thread Alexis 



"Lorenz (xha)"  writes:


On Mon, Jan 01, 2024 at 08:47:07PM +1100, Alexis wrote:


"Lorenz (xha)"  writes:

> just out of couriosity, why is "as" in the base system if it 
> is

> outdated and is updating it an option?

i presume it's due to subsequent versions being licensed under 
later
versions of the GPL, but i'd be happy to be corrected on this 
point.


i couldn't find any discussions on why the later versions are 
not

acceptable in the base system. are there any?


There's a discussion about GPL software in base at 
https://www.openbsd.org/policy.html, although it doesn't mention 
GPL versions:


The GNU Public License and licenses modeled on it impose the 
restriction that source code must be distributed or made 
available for all works that are derivatives of the GNU 
copyrighted code.


While this may superficially look like a noble strategy, it is a 
condition that is typically unacceptable for commercial use of 
software. So in practice, it usually ends up hindering free 
sharing and reuse of code and ideas rather than encouraging 
it. As a consequence, no additional software bound by the GPL 
terms will be considered for inclusion into the OpenBSD base 
system.


For historical reasons, the OpenBSD base system still includes 
the following GPL-licensed components: the GNU compiler 
collection (GCC) with supporting binutils and libraries, GNU 
CVS, GNU texinfo, the mkhybrid file system creation tool, and 
the readline library. Replacement by equivalent, more freely 
licensed tools is a long-term desideratum. 


But, again, someone else will have to describe what's happening 
with 'as' specifically; i'm not an OpenBSD dev myself. My 
speculation about the GPL version potentially being involved comes 
from Apple not including versions of software whose license had 
been changed from GPL2 to GPL3 (such that e.g. versions of macOS 
prior to Catalina only included GNU Emacs 22).



Alexis.

Re: Firefox, Chrome, Libreoffice bogus syscall on -current

2024-01-02 Thread Stuart Henderson 
On 2024-01-01, Ax0n  wrote:
> On Fri, Dec 29, 2023 at 7:33 PM Stuart Henderson 
> wrote:
>
>> Pity, without the deletes a transcript of a run of pkg_add -u -v
>> might have shown why the packages didn't get updated. They should have,
>> and in most cases they do.
>>
>
> Here's the pkg_add -uiv output that I saved while removing stuff. There's a
> bit of detail there, maybe enough to unwind the problem?
>
> https://gist.github.com/n0xa/934776b75ef520738c0fca16aa8b1071
>

pkg_add needs at least -vvv to debug update issues. (There will be too
much output for nearly any scrollback buffer so will need running under
script(1) or alternative).

-- 
Please keep replies on the mailing list.

Re: as cannot do endbr64 instructions (too old)

2024-01-02 Thread Lorenz (xha) 
On Mon, Jan 01, 2024 at 08:47:07PM +1100, Alexis wrote:
> 
> "Lorenz (xha)"  writes:
> 
> > just out of couriosity, why is "as" in the base system if it is
> > outdated and is updating it an option?
> 
> i presume it's due to subsequent versions being licensed under later
> versions of the GPL, but i'd be happy to be corrected on this point.

i couldn't find any discussions on why the later versions are not
acceptable in the base system. are there any?

also, shouldn't it be removed it it does not work correctly anymore?