Re: dtc(1): reproducible segmentation fault

[David Chisnall]

On 23 Oct 2015, at 17:40, Ian Lepore  wrote:
> 
> Don't cc me.  I looked at the in-tree dtc code once and decided it's
> too flawed to try to maintain, and it supports only a subset of the
> full dts syntax.  That's why we switched back to using the gnu dtc for
> buildkernel.  But I just discovered that for some reason gnu is not the
> copy of dtc that gets installed, it's just the one that gets used
> during a buildkernel.

Please assign the bug to me.

David

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

[Julian H. Stacey]

> >If you want a secure filesystem I think that at this particular time
> >it would be entirely reasonable to use both gbde and geli stacked on
> >top of each other[...]

I've often wondered if multiple encryption (CPU permitting) is sensible in 
case one day some method is cracked but another stays secure.
There's been recent discussions on cracking algorithms at
 http://lists.gnupg.org/pipermail/gnupg-users/2015-October/054586.html

I see man geli has:
Supports many cryptographic algorithms (currently AES-XTS,
AES-CBC, Blowfish-CBC, Camellia-CBC and 3DES-CBC).
NAME section of man 1 gbde & geli both ref. GEOM.
Skimming man 1 4 8 gbde geom I'm not sure how gbde compares.


> Nobody is going to break through the GELI or GBDE crypto, they'll
> find their way to the keys instead, or more likely, jail you until
> you sing.

Yes, if 'they' are physicaly present government, criminals etc.

Encryption (& perhaps multiple encryption) is nice against eg
- sneak thieves/ industrial spies/ remote hostile governments,
- where one must sometimes share root with others.
- scanners remote or local 
   (Scanners could be hidden in BLOBs. Anyone else worry how many
   binary BLOBs are in FreeBSD, especially ports/ ?  I started a
   list a couple of years back, got scared how many, then stopped
   after I realised a list was not maintainable & better to add a
   BLOB_HAZARD= label to ports Makefiles, but no one seemed interested ).
- Casual physical loss:
  - My brother's USB stick fell off its plastic retainer to key ring,
picture: http://www.conrad.de/ce/de/product/417197/
  - Small shiney USB sticks on desk could be attractive like jewelery
to birds such as magpies (`Elster' fly here, I stopped one thieving
a shiney foil wrapped bar, a lot heavier & bigger than a USB stick).

My data is long encrypted, I'll buy phk@ a beer if we meet somewhere :-)

Cheers,
Julian
--
Julian Stacey,  BSD Linux Unix Sys. Eng. Consultant Munich http://berklix.com
 Reply After previous text to preserve context, as in a play script.
 Indent previous text with >Insert new lines before 80 chars.
 Use plain text, Not quoted-printable, Not HTML, Not base64, Not MS.doc.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

[CFT] em(4) - Update to use Extended RX Descriptor Format

[Sean Bruno]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

https://reviews.freebsd.org/D3447

I'm looking for a bunch of you folks who have em(4) and *not* lem(4)
to test out this update.  This matches what linux does in e1000e vs
e1000 and should be a no-op for your machines.  The more devices we
test here the better.

sean
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQF8BAEBCgBmBQJWK7G1XxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRCQUFENDYzMkU3MTIxREU4RDIwOTk3REQx
MjAxRUZDQTFFNzI3RTY0AAoJEBIB78oecn5k6JwH/0d2sg+hg6e+MfkE4FTMZHjw
59cAbKtbrVPNY4EVnuzLYTcxuVnFMtQfWwA8zyJLja6snRLfrONdmtrJnOKIuRbz
E9Jhn29JPMyW/aSrhOOEhwS4QV4ffQ1j9V0VbiqeN9JVgutegxpWGoX6ZRkx40Gk
eWUJALnCNdj3cM/c1UoRQhUrlXndAJEYw7t0hcjJwUGQodE7R451mJi/0dqGc1qP
Pytyxu/4uOgRZkKjWfFClBfI9vmsG06UfxcwcALeAQdQ5uZtfOctC6dPhAKgc65x
hqzpxNyfSzdLVpp/KfeKIICXeDzBxdkbWLDh6JXt899BP4z0dw4pNOVSHa/DcTo=
=6dGn
-END PGP SIGNATURE-
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: dtc(1): reproducible segmentation fault

[David Chisnall]

On 24 Oct 2015, at 11:07, David Chisnall  wrote:
> 
> On 23 Oct 2015, at 17:40, Ian Lepore  wrote:
>> 
>> Don't cc me.  I looked at the in-tree dtc code once and decided it's
>> too flawed to try to maintain, and it supports only a subset of the
>> full dts syntax.  That's why we switched back to using the gnu dtc for
>> buildkernel.  But I just discovered that for some reason gnu is not the
>> copy of dtc that gets installed, it's just the one that gets used
>> during a buildkernel.
> 
> Please assign the bug to me.

Actually, it looks as if this is one of the (many) bugs in dtc that I fixed in 
a bunch of changes that I made (and didn’t get around to committing) last 
Christmas (https://github.com/davidchisnall/dtc).  Patrick Wildt tested the 
version that I was working on with a load of things from the GPL dtc test suite 
and they all passed.  I’m now running a make universe with the new version, and 
I’ll commit if there are no problems.

David

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: EFI bootloader often trys to build itself at installworld stage

[NGie Cooper]

> On Oct 24, 2015, at 14:35, NGie Cooper  wrote:
> 
> 
>> On Oct 24, 2015, at 14:28, Lev Serebryakov  wrote:
>> 
>> Hello freebsd-current,
>> 
>> Each other time "make installworld" from object directory created several 
>> hours ago
>> try to build efiloader again (and fails in my case as this world doesn't
>> contain compiler):
>> 
>> ===> sys/boot/efi/loader (install)
>> cc -O2 -pipe   -fPIC -I/data/src/sys/boot/efi/loader 
>> -I/data/src/sys/boot/efi/loader/arch/amd64 
>> -I/data/src/sys/boot/efi/loader/../include 
>> -I/data/src/sys/boot/efi/loader/../include/amd64 
>> -I/data/src/sys/boot/efi/loader/../../../contrib/dev/acpica/include 
>> -I/data/src/sys/boot/efi/loader/../../.. 
>> -I/data/src/sys/boot/efi/loader/../../i386/libi386 -DNO_PCI -DEFI 
>> -DBOOT_FORTH -I/data/src/sys/boot/efi/loader/../../ficl 
>> -I/data/src/sys/boot/efi/loader/../../ficl/amd64 -DLOADER_DISK_SUPPORT 
>> -DLOADER_GPT_SUPPORT -DLOADER_MBR_SUPPORT 
>> -I/data/src/sys/boot/efi/loader/../../common -ffreestanding -Wformat 
>> -msoft-float -mno-mmx -mno-sse -mno-avx -fshort-wchar -mno-red-zone -mno-aes 
>> -std=gnu99   -Qunused-arguments -c /data/src/sys/boot/efi/loader/autoload.c 
>> -o autoload.o
>> /tmp/install.Ku58dvCm/sh: cc: not found
>> 
>> Only LOCAL fileystems are in use, and computer has ntpd-synchronized clock.
>> 
>> "installworld" right after "buildworld" works Ok, but if I need to
>> re-create same nanobsd image without changing world (and sources), its often
>> fails to perform "installworld" for second time at this exact point: 
>> efi/loader.
> 
> Hi lev,
>   Be sure to run buildworld with -DNO_CLEAN after updating your sources 
> when using make installworld. Unfortunately many of the Makefiles under 
> sys/boot are sensitive to updates, i.e. you’ll have to rebuild them 
> (otherwise it will try to rebuild them at install and fail as noted above).
>   That being said, what you described seems interesting. Not sure why it 
> would be failing. Could you please dump all the debug output from make?
> Thanks!
> -NGie

Uh… yeah. I see some non-atomic logic in sys/boot/common/newvers.sh (it’s 
writing out to vers.c multiple times in the file) instead of once to the file, 
or multiple times to a temp file then moving to the final file. There are 
probably other issues.
sys/boot is a mess. I had a patch to better integrate it into the build 
process, but I wasn’t a committer at the time, so I couldn’t commit my patch 
(it’s been lost since then).
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: EFI bootloader often trys to build itself at installworld stage

[NGie Cooper]

> On Oct 24, 2015, at 14:28, Lev Serebryakov  wrote:
> 
> Hello freebsd-current,
> 
> Each other time "make installworld" from object directory created several 
> hours ago
> try to build efiloader again (and fails in my case as this world doesn't
> contain compiler):
> 
> ===> sys/boot/efi/loader (install)
> cc -O2 -pipe   -fPIC -I/data/src/sys/boot/efi/loader 
> -I/data/src/sys/boot/efi/loader/arch/amd64 
> -I/data/src/sys/boot/efi/loader/../include 
> -I/data/src/sys/boot/efi/loader/../include/amd64 
> -I/data/src/sys/boot/efi/loader/../../../contrib/dev/acpica/include 
> -I/data/src/sys/boot/efi/loader/../../.. 
> -I/data/src/sys/boot/efi/loader/../../i386/libi386 -DNO_PCI -DEFI 
> -DBOOT_FORTH -I/data/src/sys/boot/efi/loader/../../ficl 
> -I/data/src/sys/boot/efi/loader/../../ficl/amd64 -DLOADER_DISK_SUPPORT 
> -DLOADER_GPT_SUPPORT -DLOADER_MBR_SUPPORT 
> -I/data/src/sys/boot/efi/loader/../../common -ffreestanding -Wformat 
> -msoft-float -mno-mmx -mno-sse -mno-avx -fshort-wchar -mno-red-zone -mno-aes 
> -std=gnu99   -Qunused-arguments -c /data/src/sys/boot/efi/loader/autoload.c 
> -o autoload.o
> /tmp/install.Ku58dvCm/sh: cc: not found
> 
> Only LOCAL fileystems are in use, and computer has ntpd-synchronized clock.
> 
> "installworld" right after "buildworld" works Ok, but if I need to
> re-create same nanobsd image without changing world (and sources), its often
> fails to perform "installworld" for second time at this exact point: 
> efi/loader.

Hi lev,
Be sure to run buildworld with -DNO_CLEAN after updating your sources 
when using make installworld. Unfortunately many of the Makefiles under 
sys/boot are sensitive to updates, i.e. you’ll have to rebuild them (otherwise 
it will try to rebuild them at install and fail as noted above).
That being said, what you described seems interesting. Not sure why it 
would be failing. Could you please dump all the debug output from make?
Thanks!
-NGie
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Almost instant crasj after boot, 100% reproducable, version from middle of summer works

[Lev Serebryakov]

Hello NGie,

Saturday, October 24, 2015, 11:49:31 PM, you wrote:

> Based on the stack trace you provided and commits made in the
> past few weeks, wlan might be a factor. Could you please disable wlan
> support and see if the panics persist?
 Yep. It is not WiFi-related. It is something kernel-thread or shceduler
related, as "current process" could be different, but it is always


sched_add() at sched_add+0x116/frame 0xfe011bd59980
intr_event_schedule_thread() at intr_event_schedule_thread+0xae/frame 
0xfe011bd599b0
intr_event_handle() at intr_event_handle+0xe2/frame 0xfe011bd59a00

==

da0 at umass-sim0 bus 0 scbus0 target 0 lun 0
da0:  Removable Direct Access SCSI-2 device
da0: Serial Number E8FT11YH
da0: 40.000MB/s transfers
da0: 3899MB (7987198 512 byte sectors)
da0: quirks=0x2
random: unblocking device.
sysctl: kern.ipc.nmbclusters=65536 at line 15: Invalid argument
Setting hostuuid: fafea46a-1adb-e111-b48f-00e04cb00c04.
Setting hostid: 0x5084ca4a.
No suitable dump device was found.
Starting file system checks:
/dev/ufs/gws1a: FILE SYSTEM CLEAN; SKIPPING CHECKS
/dev/ufs/gws1a: clean, 645448 free (456 frags, 80624 blocks, 0.0% fragmentation)
/dev/ufs/gws3: FILE SYSTEM CLEAN; SKIPPING CHECKS
/dev/ufs/gws3: clean, 15292 free (28 frags, 1908 blocks, 0.2% fragmentation)
Mounting local file systems:.
Setting hostname: gateway.home.serebryakov.spb.ru.
Setting up 
harvesting:[UMA],[FS_ATIME],SWI,INTERRUPT,NET_NG,NET_ETHER,NET_TUN,MOUSE,KEYBOARD,ATTACH,CACHED
Feeding entropy:eval: cannot create /entropy: Read-only file system
ifconfig: SIOCIFCREATE2: Invalid argument
Created clone interfaces: gif0.
em0: link state changed to UP
em0: link state changed to DOWN
ifconfig: NONE: bad value
vlan0: changing name to 'skynet'
vlan1: changing name to 'eltel'
gif0: link state changed to UP
kernel trap 9 with interrupts disabled


Fatal trap 9: general protection fault while in kernel mode
cpuid = 0; apic id = 00
instruction pointer = 0x20:0x8046e3c6
stack pointer   = 0x28:0xfe011bd59890
frame pointer   = 0x28:0xfe011bd59980
code segment= base 0x0, limit 0xf, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags= resume, IOPL = 0
current process = 11 (swi4: clock (0))
trap number = 9
panic: general protection fault
cpuid = 0
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfe011bd59530
vpanic() at vpanic+0x182/frame 0xfe011bd595b0
panic() at panic+0x43/frame 0xfe011bd59610
trap_fatal() at trap_fatal+0x351/frame 0xfe011bd59670
trap() at trap+0x6d8/frame 0xfe011bd597d0
calltrap() at calltrap+0x8/frame 0xfe011bd597d0
--- trap 0x9, rip = 0x8046e3c6, rsp = 0xfe011bd598a0, rbp = 
0xfe011bd59980 ---
sched_add() at sched_add+0x116/frame 0xfe011bd59980
intr_event_schedule_thread() at intr_event_schedule_thread+0xae/frame 
0xfe011bd599b0
intr_event_handle() at intr_event_handle+0xe2/frame 0xfe011bd59a00
intr_execute_handlers() at intr_execute_handlers+0x48/frame 0xfe011bd59a30
lapic_handle_intr() at lapic_handle_intr+0x3f/frame 0xfe011bd59a50
Xapic_isr1() at Xapic_isr1+0xb7/frame 0xfe011bd59a50
--- interrupt, rip = 0x8063e1f2, rsp = 0xfe011bd59b20, rbp = 
0xfe011bd59b20 ---
spinlock_exit() at spinlock_exit+0x32/frame 0xfe011bd59b20
intr_event_execute_handlers() at intr_event_execute_handlers+0xae/frame 
0xfe011bd59b60
ithread_loop() at ithread_loop+0xa6/frame 0xfe011bd59bb0
fork_exit() at fork_exit+0x75/frame 0xfe011bd59bf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfe011bd59bf0
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---


-- 
Best regards,
 Levmailto:l...@freebsd.org

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Almost instant crasj after boot, 100% reproducable, version from middle of summer works

[Lev Serebryakov]

Hello NGie,

Saturday, October 24, 2015, 11:49:31 PM, you wrote:

>> Hello freebsd-current,
>> 
>> I have "home router" based on Intel MoBo with integrated Arom D2500 CPU.
>> It boots and works fine on -CURRENT r285355 (it is ~11 of Jun 2015).
>> 
>> But several latest revisions (I've tried r288145 month ago and now r289874)
>> crashes almost instantly after boot. It is 100% reproducible and didn't
>> changed for last month.

> Hi lev!
> Based on the stack trace you provided and commits made in the
> past few weeks, wlan might be a factor. Could you please disable wlan
  Past few months? :)

> support and see if the panics persist?
  Ok, this box will be useless without WiFi, but I could do this to determine
 cause. I'll report result in hour or two.

-- 
Best regards,
 Levmailto:l...@freebsd.org

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

EFI bootloader often trys to build itself at installworld stage

[Lev Serebryakov]

Hello freebsd-current,

 Each other time "make installworld" from object directory created several 
hours ago
try to build efiloader again (and fails in my case as this world doesn't
contain compiler):

===> sys/boot/efi/loader (install)
cc -O2 -pipe   -fPIC -I/data/src/sys/boot/efi/loader 
-I/data/src/sys/boot/efi/loader/arch/amd64 
-I/data/src/sys/boot/efi/loader/../include 
-I/data/src/sys/boot/efi/loader/../include/amd64 
-I/data/src/sys/boot/efi/loader/../../../contrib/dev/acpica/include 
-I/data/src/sys/boot/efi/loader/../../.. 
-I/data/src/sys/boot/efi/loader/../../i386/libi386 -DNO_PCI -DEFI -DBOOT_FORTH 
-I/data/src/sys/boot/efi/loader/../../ficl 
-I/data/src/sys/boot/efi/loader/../../ficl/amd64 -DLOADER_DISK_SUPPORT 
-DLOADER_GPT_SUPPORT -DLOADER_MBR_SUPPORT 
-I/data/src/sys/boot/efi/loader/../../common -ffreestanding -Wformat 
-msoft-float -mno-mmx -mno-sse -mno-avx -fshort-wchar -mno-red-zone -mno-aes 
-std=gnu99   -Qunused-arguments -c /data/src/sys/boot/efi/loader/autoload.c -o 
autoload.o
/tmp/install.Ku58dvCm/sh: cc: not found

 Only LOCAL fileystems are in use, and computer has ntpd-synchronized clock.

 "installworld" right after "buildworld" works Ok, but if I need to
re-create same nanobsd image without changing world (and sources), its often
fails to perform "installworld" for second time at this exact point: efi/loader.

-- 
Best regards,
 Lev  mailto:l...@freebsd.org

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: EFI bootloader often trys to build itself at installworld stage

[Lev Serebryakov]

Hello NGie,

Sunday, October 25, 2015, 12:35:54 AM, you wrote:

> Be sure to run buildworld with -DNO_CLEAN after updating your
> sources when using make installworld. Unfortunately many of the Makefiles
  There is NO updating sources inbetween! Maybe, kernel rebuild (as now,
 when I've removed wlan support), but sources are the same!

> That being said, what you described seems interesting. Not sure
> why it would be failing. Could you please dump all the debug output from make?
 Which flags should I pass to make for this? Now, I'm rebuilding everything
 with -DNO_CLEAN, effectively veery long no-op. Next time I came
 across this problem I could dump make output, for sure.

-- 
Best regards,
 Levmailto:l...@freebsd.org

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

[Maxim Sobolev]

For what's worth we are using modded GBDE in one of the products to provide
copy protection for the firmware and encryption of user's data. GELI is
nice, but it's way much more end-user oriented. Also GBDE code is very
stable, which may look bad from somebody using it to protect his pr0n
collection, but from the PoV of us as ISV we have very little trouble
porting our changes from FreeBSD 6 that we've started with originally to 7,
8, 9 and the FreeBSD 11 today. I would be really sorry to see it nuked from
the FreeBSD without any good technical reason. Just my CAD0.02c.

On Sat, Oct 24, 2015 at 8:58 AM, Julian H. Stacey  wrote:

> > >If you want a secure filesystem I think that at this particular time
> > >it would be entirely reasonable to use both gbde and geli stacked on
> > >top of each other[...]
>
> I've often wondered if multiple encryption (CPU permitting) is sensible in
> case one day some method is cracked but another stays secure.
> There's been recent discussions on cracking algorithms at
>  http://lists.gnupg.org/pipermail/gnupg-users/2015-October/054586.html
>
> I see man geli has:
> Supports many cryptographic algorithms (currently AES-XTS,
> AES-CBC, Blowfish-CBC, Camellia-CBC and 3DES-CBC).
> NAME section of man 1 gbde & geli both ref. GEOM.
> Skimming man 1 4 8 gbde geom I'm not sure how gbde compares.
>
>
> > Nobody is going to break through the GELI or GBDE crypto, they'll
> > find their way to the keys instead, or more likely, jail you until
> > you sing.
>
> Yes, if 'they' are physicaly present government, criminals etc.
>
> Encryption (& perhaps multiple encryption) is nice against eg
> - sneak thieves/ industrial spies/ remote hostile governments,
> - where one must sometimes share root with others.
> - scanners remote or local
>(Scanners could be hidden in BLOBs. Anyone else worry how many
>binary BLOBs are in FreeBSD, especially ports/ ?  I started a
>list a couple of years back, got scared how many, then stopped
>after I realised a list was not maintainable & better to add a
>BLOB_HAZARD= label to ports Makefiles, but no one seemed interested ).
> - Casual physical loss:
>   - My brother's USB stick fell off its plastic retainer to key ring,
> picture: http://www.conrad.de/ce/de/product/417197/
>   - Small shiney USB sticks on desk could be attractive like jewelery
> to birds such as magpies (`Elster' fly here, I stopped one thieving
> a shiney foil wrapped bar, a lot heavier & bigger than a USB stick).
>
> My data is long encrypted, I'll buy phk@ a beer if we meet somewhere :-)
>
> Cheers,
> Julian
> --
> Julian Stacey,  BSD Linux Unix Sys. Eng. Consultant Munich
> http://berklix.com
>  Reply After previous text to preserve context, as in a play script.
>  Indent previous text with >Insert new lines before 80 chars.
>  Use plain text, Not quoted-printable, Not HTML, Not base64, Not MS.doc.
> ___
> freebsd-current@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
>
>
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Almost instant crasj after boot, 100% reproducable, version from middle of summer works

[NGie Cooper]

> On Oct 24, 2015, at 13:47, Lev Serebryakov  wrote:
> 
> Hello freebsd-current,
> 
> I have "home router" based on Intel MoBo with integrated Arom D2500 CPU.
> It boots and works fine on -CURRENT r285355 (it is ~11 of Jun 2015).
> 
> But several latest revisions (I've tried r288145 month ago and now r289874)
> crashes almost instantly after boot. It is 100% reproducible and didn't
> changed for last month.

Hi lev!
Based on the stack trace you provided and commits made in the past few 
weeks, wlan might be a factor. Could you please disable wlan support and see if 
the panics persist?
Thanks!
-NGie
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

[John-Mark Gurney]

Julian H. Stacey wrote this message on Sat, Oct 24, 2015 at 17:58 +0200:
> > >If you want a secure filesystem I think that at this particular time
> > >it would be entirely reasonable to use both gbde and geli stacked on
> > >top of each other[...]
> 
> I've often wondered if multiple encryption (CPU permitting) is sensible in 
> case one day some method is cracked but another stays secure.

Depends if you care about performance or not.  gbde is very slow, maybe
150MB/sec/core on a decently fast processor...  Where as geli is
~1GB/sec/core (AES-XTS)...

> There's been recent discussions on cracking algorithms at
>  http://lists.gnupg.org/pipermail/gnupg-users/2015-October/054586.html
> 
> I see man geli has:
>   Supports many cryptographic algorithms (currently AES-XTS,
>   AES-CBC, Blowfish-CBC, Camellia-CBC and 3DES-CBC).
> NAME section of man 1 gbde & geli both ref. GEOM.
> Skimming man 1 4 8 gbde geom I'm not sure how gbde compares.

gbde uses AES128-CBC, which is bad for modern processors that have AES-NI
instructions, as AES-CBC cannot be pipelined.

> > Nobody is going to break through the GELI or GBDE crypto, they'll
> > find their way to the keys instead, or more likely, jail you until
> > you sing.
> 
> Yes, if 'they' are physicaly present government, criminals etc.
> 
> Encryption (& perhaps multiple encryption) is nice against eg

The thing I like most about encryption is that when I RMA a bad
drive, I don't have to worry about my data leaking if I am unable
to overwrite all the data...  Also, for SSD's, where a complete
overwrite will not overwrite all the data, this helps that..

Note that even w/ drives purporting to provide hardware encryption
they don't do it very well:
http://arstechnica.com/security/2015/10/western-digital-self-encrypting-hard-drives-riddled-with-security-flaws/

-- 
  John-Mark Gurney  Voice: +1 415 225 5579

 "All that I will do, has been done, All that I have, has not."
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

FreeBSD_HEAD_i386 - Build #1497 - Fixed

[jenkins-admin]

FreeBSD_HEAD_i386 - Build #1497 - Fixed:

Build information: https://jenkins.FreeBSD.org/job/FreeBSD_HEAD_i386/1497/
Full change log: https://jenkins.FreeBSD.org/job/FreeBSD_HEAD_i386/1497/changes
Full build log: https://jenkins.FreeBSD.org/job/FreeBSD_HEAD_i386/1497/console

Change summaries:

289884 by cem:
xen: Add missing semi-colon for BITSET_DEFINE()

Broken when it was removed from the macro in r289867.

Pointy-hat: markj
Sponsored by:   EMC / Isilon Storage Division

289882 by mav:
Add PIM_EXTLUNS support to isp(4) driver.

Now 24xx and above chips support full 8-byte LUN address space.
Older FC chips may support up to 16K LUNs when firmware allows.
Tested in both initiator and target modes for 23xx, 24xx and 25xx.

289881 by mav:
Give CTL support for PIM_EXTLUNS when talking to CAM.

CTL itself still lives in flat LUN space, but it can generate extended
numbers if CAM SIM reports such capability.

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Almost instant crasj after boot, 100% reproducable, version from middle of summer works

[Lev Serebryakov]

Hello freebsd-current,

 I have "home router" based on Intel MoBo with integrated Arom D2500 CPU.
 It boots and works fine on -CURRENT r285355 (it is ~11 of Jun 2015).

 But several latest revisions (I've tried r288145 month ago and now r289874)
crashes almost instantly after boot. It is 100% reproducible and didn't
changed for last month.

 Crash looks like this:


uhub4: 8 ports with 8 removable, self powered
ugen4.2:  at usbus4
umass0:  on 
usbus4
Root mount waiting for: usbus4
Trying to mount root from ufs:/dev/ufs/gws1a [ro]...
mountroot: waiting for device /dev/ufs/gws1a ...
da0 at umass-sim0 bus 0 scbus0 target 0 lun 0
da0:  Removable Direct Access SCSI-2 device
da0: Serial Number E8FT11YH
da0: 40.000MB/s transfers
da0: 3899MB (7987198 512 byte sectors)
da0: quirks=0x2
random: unblocking device.
sysctl: kern.ipc.nmbclusters=65536 at line 15: Invalid argument
Setting hostuuid: fafea46a-1adb-e111-b48f-00e04cb00c04.
Setting hostid: 0x5084ca4a.
No suitable dump device was found.
Starting file system checks:
/dev/ufs/gws1a: FILE SYSTEM CLEAN; SKIPPING CHECKS
/dev/ufs/gws1a: clean, 642471 free (471 frags, 80250 blocks, 0.0% fragmentation)
/dev/ufs/gws3: FILE SYSTEM CLEAN; SKIPPING CHECKS
/dev/ufs/gws3: clean, 15292 free (28 frags, 1908 blocks, 0.2% fragmentation)
Mounting local file systems:.
Setting hostname: gateway.home.serebryakov.spb.ru.
Setting up 
harvesting:[UMA],[FS_ATIME],SWI,INTERRUPT,NET_NG,NET_ETHER,NET_TUN,MOUSE,KEYBOARD,ATTACH,CACHED
Feeding entropy:eval: cannot create /entropy: Read-only file system
ath_hal_reg_write: reg=0x80e0, val=0x, pm=1
ath_hal_reg_write: reg=0x80e4, val=0x, pm=1
wlan0: Ethernet address: 00:15:6d:85:5f:fc
Created wlan(4) interfaces: wlan0.
Created clone interfaces: gif0.
em0: link state changed to UP
em0: link state changed to DOWN
ifconfig: NONE: bad value
vlan0: changing name to 'skynet'
vlan1: changing name to 'eltel'
Starting hostapd.
Configuration file: /etc/hostapd-wlan0.conf
Line 8: DEPRECATED: 'dump_file' configuration variable is not used anymore
Using interface wlan0 with hwaddr 00:15:6d:85:5f:fc and ssid 
"home.serebryakov.spb.ru"
wlan0: interface state UNINITIALIZED->ENABLED
wlan0: AP-ENABLED
kernel trap 9 with interrupts disabled


Fatal trap 9: general protection fault while in kernel mode
cpuid = 0; apic id = 00
instruction pointer = 0x20:0x805190b6
stack pointer   = 0x28:0xfe012260e7d0
frame pointer   = 0x28:0xfe012260e8c0
code segment= base 0x0, limit 0xf, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags= resume, IOPL = 0
current process = 16 (syncer)
trap number = 9
panic: general protection fault
cpuid = 0
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfe012260e470
vpanic() at vpanic+0x182/frame 0xfe012260e4f0
panic() at panic+0x43/frame 0xfe012260e550
trap_fatal() at trap_fatal+0x351/frame 0xfe012260e5b0
trap() at trap+0x6d8/frame 0xfe012260e710
calltrap() at calltrap+0x8/frame 0xfe012260e710
--- trap 0x9, rip = 0x805190b6, rsp = 0xfe012260e7e0, rbp = 
0xfe012260e8c0 ---
sched_add() at sched_add+0x116/frame 0xfe012260e8c0
intr_event_schedule_thread() at intr_event_schedule_thread+0xae/frame 
0xfe012260e8f0
intr_event_handle() at intr_event_handle+0xe2/frame 0xfe012260e940
intr_execute_handlers() at intr_execute_handlers+0x48/frame 0xfe012260e970
lapic_handle_intr() at lapic_handle_intr+0x3f/frame 0xfe012260e990
Xapic_isr1() at Xapic_isr1+0xb7/frame 0xfe012260e990
--- interrupt, rip = 0x8071eaad, rsp = 0xfe012260ea60, rbp = 
0xfe012260ea70 ---
spinlock_exit() at spinlock_exit+0x2d/frame 0xfe012260ea70
sleepq_timedwait() at sleepq_timedwait+0xd3/frame 0xfe012260eaa0
_cv_timedwait_sbt() at _cv_timedwait_sbt+0x1a0/frame 0xfe012260eb10
sched_sync() at sched_sync+0x6b6/frame 0xfe012260ebb0
fork_exit() at fork_exit+0x75/frame 0xfe012260ebf0
fork_trampoline() at fork_trampoline+0xe/frame 0xfe012260ebf0
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
Uptime: 14s

-- 
Best regards,
 Lev  mailto:l...@freebsd.org

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"