Re: CVS commit: src/etc/rc.d

2018-05-25 Thread Taylor R Campbell 
> Module Name:src
> Committed By:   christos
> Date:   Sat Apr  7 00:41:16 UTC 2018
> 
> Modified Files:
> src/etc/rc.d: sshd
> 
> Log Message:
> support xmss keys

I advise against generating XMSS host keys by default.

The XMSS signature scheme is stateful, so managing XMSS keys is
qualitatively different for an administrator from all the other
signature schemes supported here: roll back the state (e.g., from disk
backup or VM snapshot) and you shoot yourself in the foot.

There's no benefit right now to post-quantum signature because
practical quantum computers are still a long way out.  Future quantum
computers pose no _retroactive_ danger for online authentication: if
quantum computers ever do become practical, you can replace the host
keys and all _subsequent_ sessions will be fine.

(The story is different for confidentiality; post-quantum public-key
key agreement and encryption are more important to deploy now because
of the possibility of retroactive decryption.)

Re: CVS commit: src/sys

2018-05-25 Thread Jason Thorpe 


> On May 25, 2018, at 11:23 AM, Jaromír Doleček  
> wrote:
> 
> 2018-05-22 12:18 GMT+02:00 Martin Husemann :
>> Here are timing results:
> 
> While 37% speedup is nice, I see there isn't nearly as huge difference
> as for my machine. Could you please try with some file which fits
> whole in the page cache?
> 
>> Unfortunatley with ubc_direct enabled, it panics quickly:
> 
> There is a comment in uvm_bio.c about some platforms not being able to
> write to individual bytes atomically, and hence software having to do
> read/modify/write. Could this be  somehow causing the machine check on
> Alpha?

I don’t think that’s what’s happening here… from the machine check logout frame 
that Ross Harvey so kindly decoded in the 21272 Core Logic driver, it looks 
like a bogus bus_space_read_something to a PCI memory region is happening (it’s 
a Target Abort on a PCI memory read … it’s been a while, but I think I’m 
interpreting that right…)

32-bit PCI address:  address  = 0x38d67870, 0x0

It would be instructive to see what PCI device has a memory BAR that covers 
that address.

If there isn’t one, then I suspect we’re looking at a memory stomper.

> Jaromir

-- thorpej

Re: CVS commit: src/sys

2018-05-25 Thread Jaromír Doleček 
2018-05-22 12:18 GMT+02:00 Martin Husemann :
> Here are timing results:

While 37% speedup is nice, I see there isn't nearly as huge difference
as for my machine. Could you please try with some file which fits
whole in the page cache?

> Unfortunatley with ubc_direct enabled, it panics quickly:

There is a comment in uvm_bio.c about some platforms not being able to
write to individual bytes atomically, and hence software having to do
read/modify/write. Could this be  somehow causing the machine check on
Alpha?

Jaromir

Re: CVS commit: src/tests/lib/libc/sys

2018-05-25 Thread Jason Thorpe 


> On May 24, 2018, at 10:45 PM, Kamil Rytarowski  wrote:
> 
> Fixed!

Confirmed!  Thanks!

-- thorpej