On Thu, Sep 15, 2022 at 04:33:09PM +0900, Ryota Ozaki wrote:
> Hi,
>
> Are there any users of TCP Vestigial Time-Wait (VTW)?
> The feature is disabled by default and we need to explicitly
> enable via sysctl to use it.
>
> I just want to know if we should still maintain it.
Have you read the
On Fri, Sep 16, 2022 at 10:33:31AM +0900, Ryota Ozaki wrote:
>
> Thank you for the report!
>
> Just curious. Does it improve performance? (or reduce CPU/memory usage?)
The Coyote Point loadbalancers couldn't survive our load testing (which
was modeled on traces of real world workloads) without
> and hifn(4) have RNGs; and there are some dedicated RNG devices like
> ualea(4).
Can we actually use the TPM RNG from in-kernel? Whether we should is a
different, interesting question, given how it is typically implemented.
--
Thor Lancelot Simon
On Tue, Apr 06, 2021 at 10:54:51AM -0700, Greg A. Woods wrote:
> At Mon, 5 Apr 2021 23:18:55 -0400, Thor Lancelot Simon wrote:
>
> > But what you're missing is that neither does what you
> > think. When rndctl -L runs after the system comes up multiuser, all
> > entrop
On Mon, Apr 05, 2021 at 02:13:31PM -0700, Greg A. Woods wrote:
> At Mon, 5 Apr 2021 15:37:49 -0400, Thor Lancelot Simon wrote:
> Subject: Re: regarding the changes to kernel entropy gathering
> >
> > On Sun, Apr 04, 2021 at 03:32:08PM -0700, Greg A. Woods wrote:
> > &g
On Sun, Apr 04, 2021 at 03:32:08PM -0700, Greg A. Woods wrote:
>
> BTW, to me reusing the same entropy on every reboot seems less secure.
Sure. But that's not what the code actually does.
Please, read the code in more depth (or in this case, breadth), then argue
about it.
On Mon, Apr 05, 2021 at 09:30:16AM -0700, Greg A. Woods wrote:
> At Mon, 5 Apr 2021 10:46:19 +0200, Manuel Bouyer
> wrote:
> Subject: Re: regarding the changes to kernel entropy gathering
> >
> > If I understood it properly, there's no need for such a knob.
> > echo
On Sun, Apr 04, 2021 at 01:08:20PM -0700, Greg A. Woods wrote:
>
> I trust the randomness and in-observability and isolation of the
> behaviour of my system's fans far more than I would trust Intel's RDRAND
> or RDSEED instructions.
I do not. However, I do differ with Taylor in that I believe
On Wed, Mar 31, 2021 at 11:24:07AM +0200, Manuel Bouyer wrote:
> On Tue, Mar 30, 2021 at 10:42:53PM +, Taylor R Campbell wrote:
> >
> > There are no virtual RNG devices on the system in question, according
> > to the quoted `rndctl -l' output. Perhaps the VM host needs to be
> > taught to
On Sat, Aug 22, 2020 at 08:35:39PM +0200, Jason A. Donenfeld wrote:
>
> In its current form, there are implementation flaws and violations
> that I do not consider acceptable, and deploying this kind of thing is
> highly irresponsible and harmful to your users.
Can you please explain what these
On Mon, Feb 12, 2018 at 08:48:32AM +0800, Paul Goyette wrote:
>
> 1. Starting the gnucash program (from pkgsrc finance/gnucash) now takes
>about 3 times as long as before. Even after successfully loading
>the image (to get libraries etc into the file system cache) it take
>more than
On Thu, Nov 09, 2017 at 09:15:53AM -0500, Derrick Lobo wrote:
> The daily beta version of nebtsd 8 does not support ixg 5gb NIC's, the
> support was enabled in 7.99
That doesn't make sense - if it's in 7.anything, it's in 8. When we cut
the 8 branch, we move the version number on HEAD to 8.99.
On Mon, Nov 06, 2017 at 07:07:26PM +, m...@netbsd.org wrote:
> https://github.com/google/netbsd-gce
Oh, hey, I can fix one of the bugs they think that stuff has. It's just a
quick, nearly trivial command-line change to qemu to make it use a
vioscsi disk instead of an IDE disk...
Thanks!
it should currently be possible
to run NetBSD VMs in Google Cloud, since they are roughly KVM/QEMU and we
support the various virtio devices they provide. Can anyone offer step
by step instructions for doing so?
Azure looks a little harder.
--
Thor Lancelot Simon
On Mon, Oct 23, 2017 at 12:18:32PM +0100, Roy Marples wrote:
>
> I don't know anything about 802.1q trunks.
> How can I tell that it is one, and why shouldn't it have a local address?
Generally speaking, configurations that run tagged ("trunk") and
untagged ("native") traffic on the same
On Wed, Oct 11, 2017 at 07:56:04PM -, Michael van Elst wrote:
> t...@panix.com (Thor Lancelot Simon) writes:
>
> >It probably has to do with our small maximum transfer size. The disk is
> >probably trying to be safer and *not* caching tagged writes as aggressively,
&
On Tue, Oct 10, 2017 at 11:11:54PM +0200, Jarom??r Dole??ek wrote:
> I've fixed the compilation for ALL kernels.
>
> 2017-10-10 17:34 GMT+02:00 Michael :
> > I tried sequential reads ( dd if=/dev/rwd0c ... ) and throughput took a
> > significant hit. I used to get about
On Sun, Jul 02, 2017 at 10:57:20PM +0100, Patrick Welche wrote:
> On Fri, Jun 30, 2017 at 12:00:45PM -0400, Thor Lancelot Simon wrote:
>
> I shoved a rather newer ST2000DM001-1CH164 in, which according to its
> marketing bumpf can manage "Max SustainableTransfer Rate 210MB/s&
u specifying block size? dd is terribly slow without it.
>
> I was using 64k - essentially the example in the "progress" man page.
Latency. You want a double-buffered pipeline.
--
Thor Lancelot Simont...@panix.com
"We ca
On Tue, Jun 13, 2017 at 09:20:24PM +, Thomas Mueller wrote:
>
> I don't run dhcpcd or anything like that from /etc/rc.conf but ran
> dhcpcd -dM re0 :
It appears dhcpcd sends DISCOVER messages for a full minute and receives
no responses. Are you sure the DHCP server is OK?
Thor
On Tue, May 09, 2017 at 11:05:19PM -0400, Thor Lancelot Simon wrote:
> On Wed, May 10, 2017 at 09:35:44AM +0800, Paul Goyette wrote:
> >
> > So, what is the magic incantation to set the interface to 100TX FDX, but
> > with flow/pause disabled?
>
> You can't. Or,
On Wed, May 10, 2017 at 09:35:44AM +0800, Paul Goyette wrote:
>
> So, what is the magic incantation to set the interface to 100TX FDX, but
> with flow/pause disabled?
You can't. Or, more rightly, you can't do it the way you probably want to.
If you explicitly set a speed and duplex, you will
On Thu, Feb 16, 2017 at 01:04:33PM +0200, Andrius V wrote:
> Hi,
>
> I have tested the fix. lcr4(rcr4() | CR4_OSFXSR); helps indeed and
> system boots but if statement seems to be not correct, at least on
> VT-310DP board it ended up in the same error.
I checked in an unconditional version of
On Wed, Feb 15, 2017 at 10:25:36AM +0200, Andrius V wrote:
> Hello,
>
> I have recently decided to test changes in this commit
> https://mail-archive.com/source-changes@netbsd.org/msg64898.html.
> Unfortunately NetBSD (i386) crashes on boot in all systems I have
> tried with which includes VIA
On Tue, Jan 31, 2017 at 05:54:37PM +0100, Martin Husemann wrote:
> On Tue, Jan 31, 2017 at 11:45:55AM -0500, Thor Lancelot Simon wrote:
> > The only time we've ever really dug into it, I believe, the user decided
> > the failures were right around the expected failure rate
On Tue, Jan 31, 2017 at 05:40:01PM +0100, Martin Husemann wrote:
> On Tue, Jan 31, 2017 at 11:38:02AM -0500, Thor Lancelot Simon wrote:
> > The statistical failures later in system run might indicate a memory
> > integrity issue, a race condition of some kind, or just be the expecte
On Tue, Jan 31, 2017 at 05:16:33PM +0100, Havard Eidnes wrote:
> >> Meanwhile the hardware random generator sits there unused.
> >
> > Does it sit there completely unused, or did it get used a little at
> > boot time?
>
> It generated some bits at boot time, but apparently not early
> enough,
l stand to have more demanding testing thrown at
> > it? Can we simulate unclean shutdown with vn file-based filesystem and run
> > aggressive tests on it?
--
Thor Lancelot Simont...@panix.com
"The dirtiest word in art is the C-word. I can't even say 'craft'
without feeling dirty."-Chuck Close
On Sat, Oct 15, 2016 at 05:02:50PM +, Michael van Elst wrote:
> kiyoh...@kk.iij4u.or.jp (KIYOHARA Takashi) writes:
>
> >By the way, how should I handle a sensor? Is interface of a Linux
> >compatible provide so that application of Linux can access?
> >Who is doing such work at present?
>
>
On Wed, Sep 21, 2016 at 07:56:05AM -0700, John Nemeth wrote:
> On Sep 21, 10:30am, Thomas Klausner wrote:
> }
> } I wanted to look at the serial console of a second machine, so I
> } plugged in a USB serial dongle into my NetBSD (7.99.38/amd64):
> }
> } uftdi0 at uhub4 port 3
> } uftdi0: FTDI
On Sun, Aug 28, 2016 at 06:24:41AM +, David Holland wrote:
>
> So for what it's worth: I don't see any need to have a DNS server in
> base. It may be traditional, but few people use it; the landscape's
As a guy who spent the best part of a decade building embedded products
out of NetBSD:
On Fri, Aug 19, 2016 at 06:13:13PM +0200, Joerg Sonnenberger wrote:
> On Fri, Aug 19, 2016 at 09:55:48AM +0100, Roy Marples wrote:
> > For example, I would use nsd on exactly one machine in my environment,
> > my public facing DNS server which is exactly where it belongs.
> >
> > On the other
On Sat, Aug 13, 2016 at 10:06:35PM +0200, Jarom??r Dole??ek wrote:
> FWIW, build of tools for both i386 and sparc64 finished without
> problems for me on Mac OS X host (10.11.6), building from clean
> sources.
The problem is not with the tools build.
Thor
For the past several days, building on OS X 10.9.5 has failed with what
looks like a symptom of host/target confusion that could have more serious
consequences (like bad builds on other platforms). This is new. Hubert
has also seen it on OS X 10.5.
Build command is "build.sh -m amd64 -U -u
On Thu, Aug 11, 2016 at 04:05:06PM +0100, Robert Swindells wrote:
>
> >2) /usr/bin/cc:
> >Undefined symbols for architecture x86_64: "_iconv"
> >in external/gpl3/gcc/usr.bin/backend
>
> This should be in libc.
For what value of "should"? _iconv is in the implementation-defined
On Thu, Aug 11, 2016 at 09:00:35AM -0700, Michael Plass wrote:
>
> That sounds like it may be related to a problem I ran into when cross-building
> from FreeBSD (11 beta something). With a package for libiconv installed, the
> compile
> must have found the header in /usr/local/include, but the
On Thu, Aug 11, 2016 at 04:29:54PM +0200, Hubert Feyrer wrote:
>
> 2) /usr/bin/cc:
>Undefined symbols for architecture x86_64: "_iconv"
>in external/gpl3/gcc/usr.bin/backend
This bug has appeared within the past few days and breaks my builds
on OS X 10.9.5 as well. I'm not having much
On Mon, Mar 21, 2016 at 02:14:05PM -0400, Greg Troxel wrote:
>
> I find using 7.99.X awkward, as that's a version that means something
> for the kernel (and userland more or less), and this is really something
> quite different.
I strongly agree. How about just giving it a date rather than a
rly zero-cost "look aside" at
some other *properly designed and structured* shared memory source of
client requests should be pretty easy. Does the problem actually have
to do with the mouse and keyboard? Mouse's idea of having the kernel
write a flag word inste
On Mon, Sep 21, 2015 at 04:33:21AM +, David Holland wrote:
>
> In any case, there is zero chance that anything from the 80s that has
> ffs on it has a MSDOS FDISK partition table. You're better off using
> disklabel(8) and hoping you can find a BSD-type disklabel.
But we have compatibility
On Tue, Mar 31, 2015 at 03:38:45PM +0200, 6b...@6bone.informatik.uni-leipzig.de
wrote:
On Fri, 27 Mar 2015, Masanobu SAITOH wrote:
This change have commited now.
New patch:
http://www.netbsd.org/~msaitoh/ixg-20150327-0.dif
I have tested the patch and found no problems.
My
On Mon, Mar 23, 2015 at 04:29:35PM +, David Holland wrote:
On Mon, Mar 23, 2015 at 04:55:52PM +0100, Thomas Klausner wrote:
Thanks. So if it survives a build, can I commit the attached patch?
I question the merits of _LARGEFILE_SOURCE (are we going to start
mucking with
On Sat, Mar 14, 2015 at 06:53:51AM +0800, Paul Goyette wrote:
On Fri, 13 Mar 2015, Christos Zoulas wrote:
On Mar 13, 6:32pm, hann...@eis.cs.tu-bs.de (J. Hannken-Illjes) wrote:
-- Subject: Re: DoS attack against TCP services
| What about the attached diff. It adds a counter of busy items
On Mon, Jan 26, 2015 at 04:28:22PM +0100, Thomas Klausner wrote:
On Mon, Jan 26, 2015 at 10:01:41AM -0500, Thor Lancelot Simon wrote:
alloc_bouncebus? On amd64? I think you've got a trashed pointer
somewhere.
I have
makeoptions DEBUG=-g # compile full symbol table
# grep -r
this would actually reduce maintenance burden.
It would reduce attack surface on some systems.
--
Thor Lancelot Simon t...@panix.com
From the tooth paste you use in the morning to the salt on your evening meal,
it's easy to take for granted the many products
On Sat, Sep 20, 2014 at 01:03:05PM +0200, u-6...@aetey.se wrote:
On Fri, Sep 19, 2014 at 08:10:31PM -0400, Thor Lancelot Simon wrote:
On Fri, Sep 19, 2014 at 04:04:34PM +0200, u-6...@aetey.se wrote:
Background:
building an independent/standalone toolchain able to produce binaries
On Fri, Sep 19, 2014 at 04:04:34PM +0200, u-6...@aetey.se wrote:
Background:
building an independent/standalone toolchain able to produce binaries
runnable on NetBSD
Why don't you just run build.sh -m machine tools and use the result?
Thor
On Mon, Mar 24, 2014 at 07:27:33PM +0900, Ryota Ozaki wrote:
Hi,
I'm adding a new build variable MKCTF, which
was discussed on the chat some days ago.
Currently CTF tools are built and used to generate
and manipulate CTF data of ELF binaries when
we build with MKDTRACE=yes.
On Sun, Mar 02, 2014 at 03:36:57PM -0500, Christos Zoulas wrote:
Anything you compile with -g will now need -gdwarf-2 if you are using
ctf{convert,merge} on them because our libdwarf understands dwarf-2,
partially dwarf-3 and no dwarf-4 which is the default for gcc-4.8.
This looks relevant:
On Sun, Jan 19, 2014 at 07:13:12PM +, David Laight wrote:
open/close (well probably the vnode) needs to hold a reference count
against the device.
This is complicated somewhat because the device clones.
Thor
50 matches
Mail list logo