Re: Is it worth considering compling a generic MPPF kernel for user convenience
so this is about setting MULTIPROCESSOR, WITH_PF_LOCK and NET_TASKQ ? or something else? i been using it since a while and as in basic router all seem fine. __ kolargol Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Tuesday, April 2, 2019 6:28 PM, Tom Smyth wrote: > Hi, you can re-compile the BSD kernel to allow multi Processor PF, > (but it is deemd by people who know more about PF and Programming > than my self that it is not fully up to OpenBSD standards for Release yet > > I was referring to it as BSDMPPF as a continuation of the BSD vs BSDMP > kernel ... > > sorry for the confusion that I have caused in this case... > > On Tue, 2 Apr 2019 at 17:25, kolargol kolar...@protonmail.com wrote: > > > MPPF is multi processor for pf or what? Where can i learn more about it? I > > was searching sources but could not find anything related to "MPPF", any > > clue? > > thanks, > > __ > > kolargol > > Sent with ProtonMail Secure Email. > > ‐‐‐ Original Message ‐‐‐ > > On Tuesday, April 2, 2019 1:30 PM, Tom Smyth tom.sm...@wirelessconnect.eu > > wrote: > > > > > Hello, > > > I was wondering what devs / more experienced users think about > > > having BSDMPPF kernel as an option in the upcoming release > > > so that users could opt to test that by selecting alternate BSDMPPF kernel > > > (without having to re-compile the kernel) > > > the tested benefits on a PC engines apuc2 is at least 2x performance > > > from my lab testing here > > > I think having a higher install base of consistently complied generic > > > kernels with > > > pf enabled would be beneficial > > > what do the more experienced users of OpenBSD think about this? > > > are there any down sides with this approach ? > > > Thanks, > > > Tom Smyth > > -- > > Kindest regards, > Tom Smyth > > The information contained in this E-mail is intended only for the > confidential use of the named recipient. If the reader of this message > is not the intended recipient or the person responsible for > delivering it to the recipient, you are hereby notified that you have > received this communication in error and that any review, > dissemination or copying of this communication is strictly prohibited. > If you have received this in error, please notify the sender > immediately by telephone at the number above and erase the message > You are requested to carry out your own virus check before > opening any attachment.
Re: Is it worth considering compling a generic MPPF kernel for user convenience
MPPF is multi processor for pf or what? Where can i learn more about it? I was searching sources but could not find anything related to "MPPF", any clue? thanks, __ kolargol Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Tuesday, April 2, 2019 1:30 PM, Tom Smyth wrote: > Hello, > > I was wondering what devs / more experienced users think about > having BSDMPPF kernel as an option in the upcoming release > so that users could opt to test that by selecting alternate BSDMPPF kernel > (without having to re-compile the kernel) > > the tested benefits on a PC engines apuc2 is at least 2x performance > from my lab testing here > > I think having a higher install base of consistently complied generic > kernels with > pf enabled would be beneficial > > what do the more experienced users of OpenBSD think about this? > > are there any down sides with this approach ? > > Thanks, > > Tom Smyth
Re: rad(8) question
yes, OK so how to use prefix range then ? What if I want explicitly set some IP as router? Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Monday, February 25, 2019 12:33 AM, Delan Azabani wrote: > At 05:25, kolargol kolar...@protonmail.com wrote: > > > How should I fix it ? Or what I am doing wrong ? > > The link-local router address is correct. RFC 4861 § 4.2 says: > > > Source Address > > > MUST be the link-local address assigned to the > > interface from which this message is sent.
rad(8) question
Hi,
I am playing with rad(8) in my LAN:
cat /etc/rad.conf
interface trunk0 {
prefix fd94:eb64:36ae:44b9::/64
default router yes
dns {
nameserver fd94:eb64:36ae:44b9::1
}
}
and IP addresses are assigned as expected, but problem is that rad(8) send
router address from link-local address-space (like fe80::aa3f:4f6c:ea26:6989 -
trunk0 interface) of the router, whereas correct router IP address should be
from prefix range.
How should I fix it ? Or what I am doing wrong ?
thanks,
kolargol
Re: APU2 and Spectre
If someone is interested: https://github.com/kolargol/apu2_firmware of course for testing bins, OpenBSD reports IBPB: cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,IBPB,XSAVEOPT On 21:11 Mon 10 Sep, Zbyszek Żółkiewski wrote: > > > Wiadomość napisana przez Consus < con...@ftml.net > w dniu 25.08.2018, o godz. 17:08: > > > > Seems like APU2 board is vulnerable to Spectre: > > seems there is microcode update with mitigations but looks like none want to > claim where that microcode comes from: > > https://github.com/pcengines/apu2-documentation/issues/75 > > did someone try to load it from obsd? is it possible? >> There is an unofficial binary with unknown origin. Seems like AMD have >> sent microcode updates to some motherboard manufacturers, but there is >> no hard proof though.
Re: TPM, APU and OpenBSD
regarding TPM there were this patches: http://bsssd.sourceforge.net/download.html but looks like quite abandoned as diff dates back to OpenBSD 4.7, looks like lack of interest in TPM... Sent with [ProtonMail](https://protonmail.com) Secure Email. ‐‐‐ Original Message ‐‐‐ On Tuesday, January 15, 2019 2:43 PM, Luis Coronado wrote: > I thought that the tpm driver was only there to avoid issues with > acpi/suspend-resume but it doesn’t do any tpm stuff. I could be wrong though. > > -l > > https://www.undeadly.org/cgi?action=article;sid=20160519112803 > > https://man.openbsd.org/tpm.4 > > https://marc.info/?l=openbsd-cvs=147024505322058=2 > > On Tue, Jan 15, 2019 at 6:52 AM kolargol wrote: > >> Hi, >> >> according to this >> https://github.com/pcengines/coreboot/blob/v4.9.0.1/CHANGELOG.md TPM is >> going to be enabled finally on the APUs. Looking at OpenBSD man for tpm(4) >> (https://man.openbsd.org/tpm.4) i see that Infineon is already supported but >> slightly different models. One found in APU is SLB 9665 (that is: >> https://www.infineon.com/dgdl/Infineon-TPM+SLB+9665-DS-v10_15-EN.pdf?fileId=5546d4625185e0e201518b83d9273d87) >> >> Not sure anyone interested in this but just dropping it here, since many of >> you use APUs so bit added security by TPM is always welcome. >> >> _ >> kolargol
TPM, APU and OpenBSD
Hi, according to this https://github.com/pcengines/coreboot/blob/v4.9.0.1/CHANGELOG.md TPM is going to be enabled finally on the APUs. Looking at OpenBSD man for tpm(4) (https://man.openbsd.org/tpm.4) i see that Infineon is already supported but slightly different models. One found in APU is SLB 9665 (that is: https://www.infineon.com/dgdl/Infineon-TPM+SLB+9665-DS-v10_15-EN.pdf?fileId=5546d4625185e0e201518b83d9273d87) Not sure anyone interested in this but just dropping it here, since many of you use APUs so bit added security by TPM is always welcome. _ kolargol
yubikey: touch not working
Hi, I attached Yubikey to OpenBSD-stable and while gpg2 works great, I am unable to use touch for OTP. Yubikey is version 5, pcsc installed and working. Yubikey is hooked up to APU2, no other keyboard is attached - only USB serial cable. I have verified that on other host (non-openbsd) touch works fine. Any help welcome, here are logs: pcsc_scan PC/SC device scanner V 1.4.27 (c) 2001-2011, Ludovic Rousseau Compiled with PC/SC lite version: 1.8.22 Using reader plug'n play mechanism Scanning present readers... 0: Yubico Yubikey 4 OTP+U2F+CCID 00 00 Wed Dec 19 12:28:21 2018 Reader 0: Yubico Yubikey 4 OTP+U2F+CCID 00 00 Card state: Card inserted, Exclusive Mode, ATR: 3B FD 13 00 00 81 31 FE 15 80 73 C0 21 C0 57 59 75 62 69 4B 65 79 40 ATR: 3B FD 13 00 00 81 31 FE 15 80 73 C0 21 C0 57 59 75 62 69 4B 65 79 40 + TS = 3B --> Direct Convention + T0 = FD, Y(1): , K: 13 (historical bytes) TA(1) = 13 --> Fi=372, Di=4, 93 cycles/ETU 43010 bits/s at 4 MHz, fMax for Fi = 5 MHz => 53763 bits/s TB(1) = 00 --> VPP is not electrically connected TC(1) = 00 --> Extra guard time: 0 TD(1) = 81 --> Y(i+1) = 1000, Protocol T = 1 - TD(2) = 31 --> Y(i+1) = 0011, Protocol T = 1 - TA(3) = FE --> IFSC: 254 TB(3) = 15 --> Block Waiting Integer: 1 - Character Waiting Integer: 5 + Historical bytes: 80 73 C0 21 C0 57 59 75 62 69 4B 65 79 Category indicator byte: 80 (compact TLV data object) Tag: 7, len: 3 (card capabilities) Selection methods: C0 - DF selection by full DF name - DF selection by partial DF name Data coding byte: 21 - Behaviour of write functions: proprietary - Value 'FF' for the first byte of BER-TLV tag fields: invalid - Data unit in quartets: 2 Command chaining, length fields and logical channels: C0 - Command chaining - Extended Lc and Le fields - Logical channel number assignment: No logical channel - Maximum number of logical channels: 1 Tag: 5, len: 7 (card issuer's data) Card issuer data: 59 75 62 69 4B 65 79 + TCK = 40 (correct checksum) Possibly identified card (using /home/[redacted]/.cache/smartcard_list.txt): 3B FD 13 00 00 81 31 FE 15 80 73 C0 21 C0 57 59 75 62 69 4B 65 79 40 Yubico YubiKey 5 NFC (PKI) https://www.yubico.com/product/yubikey-5-nfc and here is dmesg: OpenBSD 6.4 (GENERIC.MP) #2: Tue Dec 18 13:17:16 CET 2018 r...@syspatch-64-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 4259934208 (4062MB) avail mem = 4121559040 (3930MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xcfe9a020 (7 entries) bios0: vendor coreboot version "v4.8.0.7.1" date 12/03/2018 bios0: PC Engines apu2 acpi0 at bios0: rev 2 acpi0: sleep states S0 S1 S4 S5 acpi0: tables DSDT FACP SSDT TCPA APIC HEST IVRS SSDT SSDT HPET acpi0: wakeup devices PWRB(S4) PBR4(S4) PBR5(S4) PBR6(S4) PBR7(S4) PBR8(S4) UOH1(S3) UOH2(S3) UOH3(S3) UOH4(S3) UOH5(S3) UOH6(S3) XHC0(S4) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: AMD GX-412TC SOC, 998.53 MHz, 16-30-01 cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,IBPB,XSAVEOPT cpu0: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 2MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 99MHz cpu0: mwait min=64, max=64, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: AMD GX-412TC SOC, 998.13 MHz, 16-30-01 cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,IBPB,XSAVEOPT cpu1: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 2MB 64b/line 16-way L2 cache cpu1: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu1: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative cpu1: smt 0, core 1, package 0 cpu2 at mainbus0: apid 2 (application processor) cpu2: AMD GX-412TC SOC, 998.13 MHz, 16-30-01 cpu2:
Re: [sorry] How to force prompt when boot>0
yes i have read man as well before - i find OpenBSD man pages fantastic, but Control key do not work in my setup (USB to DB9F serial cable + mac keyboard) on APU2, and pressing any other key did not break boot, but spacebar did the job. thanks, ‐‐‐ Original Message ‐‐‐ On Sunday, 21 October 2018 02:26, Jacqueline Jolicoeur wrote: > > ok that was embarrassing - i just solved it by holding space > > Also in boot(8) ... > > boot.conf processing can be skipped, and the automatic boot > cancelled, by holding down either Control key as boot starts.
Re: [sorry] How to force prompt when boot>0
ok that was embarrassing - i just solved it by holding space ‐‐‐ Original Message ‐‐‐ On Saturday, 20 October 2018 15:29, kolargol wrote: > [sorry for previous mail that accidentally was signed with gpg] > > Hi all. > > OpenBSD6.3 i have this rather simple(?) problem with console. I am connected > to APU2 via USB console and apparently boot timeout is set to 0 and i am > unable to enter any commands to boot as it immediately start boot. > > Let me mention I use whole disk encryption with keydisk (on USB). > > How can i force prompt (or get rid of this timeout). I already set: > > set timeout 10 in /etc/boot.conf, > > here is log: > > Booting from Hard Disk... > Using drive 0, partition 3. > Loading.. > probing: pc0 com0 com1 com2 com3 mem[639K 3325M 752M a20=on] > disk: hd0+ hd1+ hd2 sr0* >>> OpenBSD/amd64 BOOT 3.34 > switching console to com>> OpenBSD/amd64 BOOT 3.34 > boot> 0 > > any help is welcome. > > Thanks, > Zbyszek
[sorry] How to force prompt when boot>0
[sorry for previous mail that accidentally was signed with gpg] Hi all. OpenBSD6.3 i have this rather simple(?) problem with console. I am connected to APU2 via USB console and apparently boot timeout is set to 0 and i am unable to enter any commands to boot as it immediately start boot. Let me mention I use whole disk encryption with keydisk (on USB). How can i force prompt (or get rid of this timeout). I already set: set timeout 10 in /etc/boot.conf, here is log: Booting from Hard Disk... Using drive 0, partition 3. Loading.. probing: pc0 com0 com1 com2 com3 mem[639K 3325M 752M a20=on] disk: hd0+ hd1+ hd2 sr0* >> OpenBSD/amd64 BOOT 3.34 switching console to com>> OpenBSD/amd64 BOOT 3.34 boot> 0 any help is welcome. Thanks, Zbyszek
How to force prompt when boot>0
publickey - kolargol@protonmail.com - 0xF512DBAB.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
