From owner-freebsd-hackers@freebsd.org Sun Oct 25 08:39:55 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C40A3447338 for ; Sun, 25 Oct 2020 08:39:55 +0000 (UTC) (envelope-from 6yearold@gmail.com) Received: from mail-lf1-f41.google.com (mail-lf1-f41.google.com [209.85.167.41]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CJrxk4pZdz3W6S for ; Sun, 25 Oct 2020 08:39:54 +0000 (UTC) (envelope-from 6yearold@gmail.com) Received: by mail-lf1-f41.google.com with SMTP id h6so7804448lfj.3 for ; Sun, 25 Oct 2020 01:39:54 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=NjPB+MmiSlCtdrhKm/L2A30oA860LNNZ2RDLQLHYgIU=; b=JNCjXkUm3KgNVrMsaZ4JkobJ0Gc1Nv4RxuCMAZB/uJzsw0aH8WHyFJudMnmL8hy8M0 ETjQNVIuH5hLDIMWBxPQgWX9cQ0g3ojWU+68o8ddRfGNARgl/fEzNWFspBwhBibmIHx7 ix5aQ1gv9sWqYPwpilmKcr1DjvRIWq+wd64SyJKWLiIjm3pcuhcoZZYcMqgG8KAkb77p DC1lf9I+4WnFaKxoo8GvAphGsTZE+OROZbkUqrRHKKEjGptssaf0oC3T8LqX9kKriKgV RhDl18W3N4bsq6PjRdQb3B2T4QwrSOWBReb2H0zPYGjbpuGqVlwvGV/kTxk5sJux0k8w nKyQ== X-Gm-Message-State: AOAM532pMIXbzKnQkJn0RR5cy6Y5CCg9Dw/Tadz4EgI7jma0uVh/gIgi S/fgr9lMaTvuBf7wM9FUepKwP9oV0pF7CA== X-Google-Smtp-Source: ABdhPJxJexOdz+O+JGpIC3pf0SdTjbDKdaWlwj8U8A+TwYlllr+wxswuKb68p5ODLWtPFBguc5rqdA== X-Received: by 2002:a05:6512:313c:: with SMTP id p28mr3023313lfd.310.1603615192737; Sun, 25 Oct 2020 01:39:52 -0700 (PDT) Received: from mail-lf1-f51.google.com (mail-lf1-f51.google.com. [209.85.167.51]) by smtp.gmail.com with ESMTPSA id t5sm754226ljc.124.2020.10.25.01.39.52 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sun, 25 Oct 2020 01:39:52 -0700 (PDT) Received: by mail-lf1-f51.google.com with SMTP id a9so7811737lfc.7 for ; Sun, 25 Oct 2020 01:39:52 -0700 (PDT) X-Received: by 2002:a19:7513:: with SMTP id y19mr3597694lfe.157.1603615192313; Sun, 25 Oct 2020 01:39:52 -0700 (PDT) MIME-Version: 1.0 From: Gleb Popov Date: Sun, 25 Oct 2020 12:39:26 +0400 X-Gmail-Original-Message-ID: Message-ID: Subject: Mapping Linux capabilities(7) to our Capsicum rights(4) To: freebsd-hackers X-Rspamd-Queue-Id: 4CJrxk4pZdz3W6S X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of 6yearold@gmail.com designates 209.85.167.41 as permitted sender) smtp.mailfrom=6yearold@gmail.com X-Spamd-Result: default: False [-1.86 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DOM_EQ_FROM_DOM(0.00)[]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17:c]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.97)[-0.966]; RCVD_COUNT_THREE(0.00)[4]; NEURAL_HAM_MEDIUM(-0.89)[-0.886]; TO_DN_ALL(0.00)[]; NEURAL_HAM_SHORT(-0.00)[-0.003]; RCVD_IN_DNSWL_NONE(0.00)[209.85.167.41:from]; FORGED_SENDER(0.30)[arrowd@freebsd.org,6yearold@gmail.com]; RWL_MAILSPIKE_POSSIBLE(0.00)[209.85.167.41:from]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FROM_NEQ_ENVFROM(0.00)[arrowd@freebsd.org,6yearold@gmail.com]; MAILMAN_DEST(0.00)[freebsd-hackers] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Oct 2020 08:39:55 -0000 Hello hackers! I'm porting a software that employs Linux capabilities to constrain the running process. The code looks like if (!haveCapability(CAP_SYS_CHROOT) || !haveCapability(CAP_MKNOD) || !haveCapability(CAP_FOWNER)) { errorOut(); } dropCapability(CAP_SYS_CHROOT); dropCapability(CAP_MKNOD); dropCapability(CAP_FOWNER); The CAP_MKNOD looks much like our CAP_MKNODAT. The CAP_FOWNER looks more complex, but it seems it is implemented at higher granularity in Capsicum. Finally, I haven't found anything for CAP_SYS_CHROOT. I'll continue digging this up, but any hints would be appreciated. Thanks in advance. From owner-freebsd-hackers@freebsd.org Sun Oct 25 13:53:49 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 04B2744F642 for ; Sun, 25 Oct 2020 13:53:49 +0000 (UTC) (envelope-from wojtek@puchar.net) Received: from puchar.net (puchar.net [194.1.144.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4CJzvv4Qzrz44XK for ; Sun, 25 Oct 2020 13:53:47 +0000 (UTC) (envelope-from wojtek@puchar.net) Received: Received: from 127.0.0.1 (localhost [127.0.0.1]) by puchar.net (8.15.2/8.16.1) with ESMTPS id 09PDrauh079633 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sun, 25 Oct 2020 14:53:36 +0100 (CET) (envelope-from puchar-wojtek@puchar.net) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=puchar.net; s=default; t=1603634016; bh=samjpYqBgjMQ4oCRR1SK6tn9Dyk71WPzDXrdsGpFLPc=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=d7/X0XGEk4UJp2lWS8g6Tqg8vDeNXddUFrJahrX8fh/SI8MHWKnSpdHcEYR5HLfHK C07eoviEYzwSNY5kHMuWkw9yzpdykQC1WqoCPv2j4cUXTKhGY+WvkTZQ8hHcy16mh8 Ddd5rLIHFd+ZdB3Ra8xrJFyIMpLZbJyiuKDSGl3M= Received: from localhost (puchar-wojtek@localhost) by puchar.net (8.16.1/8.16.1/Submit) with ESMTP id 09PDrZ5U079628; Sun, 25 Oct 2020 14:53:35 +0100 (CET) (envelope-from puchar-wojtek@puchar.net) Date: Sun, 25 Oct 2020 14:53:35 +0100 (CET) From: Wojciech Puchar To: Eugene Grosbein cc: Wojciech Puchar , freebsd-hackers@freebsd.org Subject: Re: displaying total CPU usage In-Reply-To: <2eb77b40-99a5-c4cf-3df4-ceead23ad218@grosbein.net> Message-ID: References: <20201023112030.GF1427@albert.catwhisker.org> <20201023114557.GX2643@kib.kiev.ua> <2eb77b40-99a5-c4cf-3df4-ceead23ad218@grosbein.net> User-Agent: Alpine 2.20 (BSF 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed X-Rspamd-Queue-Id: 4CJzvv4Qzrz44XK X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=fail (headers rsa verify failed) header.d=puchar.net header.s=default header.b=d7/X0XGE; dmarc=none; spf=pass (mx1.freebsd.org: domain of wojtek@puchar.net designates 194.1.144.90 as permitted sender) smtp.mailfrom=wojtek@puchar.net X-Spamd-Result: default: False [-1.35 / 15.00]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.05)[-1.051]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; R_DKIM_REJECT(1.00)[puchar.net:s=default]; DMARC_NA(0.00)[puchar.net]; NEURAL_HAM_LONG(-0.97)[-0.969]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[puchar.net:-]; NEURAL_HAM_SHORT(-0.03)[-0.029]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:43476, ipnet:194.1.144.0/24, country:PL]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Oct 2020 13:53:49 -0000 >>> >>> `vmstat 1' readily provides the measurements. > > Please note that for multi-core CPU averaging might yield misleading results > indicating lots of available/under-loaded CPU power when one of cores it already 100% bound. not in a case of mostly userland load without any pinning. From owner-freebsd-hackers@freebsd.org Sun Oct 25 15:18:04 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5C0F1451605 for ; Sun, 25 Oct 2020 15:18:04 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [IPv6:2a01:4f8:c2c:26d8::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CK1n725cLz49kl for ; Sun, 25 Oct 2020 15:18:03 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (eg.sd.rdtc.ru [IPv6:2a03:3100:c:13:0:0:0:5]) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id 09PFHdhT047640 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 25 Oct 2020 15:17:43 GMT (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: wojtek@puchar.net Received: from [10.58.0.10] (dadvw [10.58.0.10]) by eg.sd.rdtc.ru (8.16.1/8.16.1) with ESMTPS id 09PFHhMN053849 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Sun, 25 Oct 2020 22:17:43 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: displaying total CPU usage To: Wojciech Puchar References: <20201023112030.GF1427@albert.catwhisker.org> <20201023114557.GX2643@kib.kiev.ua> <2eb77b40-99a5-c4cf-3df4-ceead23ad218@grosbein.net> Cc: freebsd-hackers@freebsd.org From: Eugene Grosbein Message-ID: <1b80bb1c-60ca-0b14-403f-a8e1a9d16f0b@grosbein.net> Date: Sun, 25 Oct 2020 22:17:36 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=0.2 required=5.0 tests=BAYES_00,LOCAL_FROM, NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no version=3.4.2 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * -0.0 SPF_PASS SPF: sender matches SPF record * 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record * 2.6 LOCAL_FROM From my domains * -0.1 NICE_REPLY_A Looks like a legit reply (A) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on hz.grosbein.net X-Rspamd-Queue-Id: 4CK1n725cLz49kl X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=permerror (mx1.freebsd.org: domain of eugen@grosbein.net uses mechanism not recognized by this client) smtp.mailfrom=eugen@grosbein.net X-Spamd-Result: default: False [-2.53 / 15.00]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; FREEFALL_USER(0.00)[eugen]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-1.05)[-1.052]; NEURAL_HAM_LONG(-0.96)[-0.957]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[grosbein.net]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; R_SPF_PERMFAIL(0.00)[empty SPF record]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.42)[-0.424]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/29, country:DE]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Oct 2020 15:18:04 -0000 25.10.2020 20:53, Wojciech Puchar wrote: >>>> >>>> `vmstat 1' readily provides the measurements. >> >> Please note that for multi-core CPU averaging might yield misleading results >> indicating lots of available/under-loaded CPU power when one of cores it already 100% bound. > not in a case of mostly userland load without any pinning. In that case, too. Absense of pinning for CPU-hungry single-threaded process does not allow it to utilize power of multiple cores and you still may get 50% load for 2-core system but no free CPU cycles for such process. From owner-freebsd-hackers@freebsd.org Sun Oct 25 20:08:09 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id F17A745749C for ; Sun, 25 Oct 2020 20:08:09 +0000 (UTC) (envelope-from wojtek@puchar.net) Received: from puchar.net (puchar.net [194.1.144.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4CK8Cr6TlDz4T2f for ; Sun, 25 Oct 2020 20:08:08 +0000 (UTC) (envelope-from wojtek@puchar.net) Received: Received: from 127.0.0.1 (localhost [127.0.0.1]) by puchar.net (8.15.2/8.16.1) with ESMTPS id 09PK833c063447 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sun, 25 Oct 2020 21:08:03 +0100 (CET) (envelope-from puchar-wojtek@puchar.net) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=puchar.net; s=default; t=1603656483; bh=4HpOZZGUi/WgBQAr1GSIPWctv7zdR7X1tGzV5IVEQ7g=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=Cogot4Ahj9l5LU/Se/wgXGGnGCXl8W7tpuiQJWwb9InM2r2cbewPOyzlgsrGraebr Fvkkrk3GgD/5+WdesVFcTVNsrBba+nFURYRkgnMHPC1osEwhUnwYFQdIvNkTvx0j62 bffEgUgT03j1rOZyOVwjoJL3BqD8GruP6En7NNLg= Received: from localhost (puchar-wojtek@localhost) by puchar.net (8.16.1/8.16.1/Submit) with ESMTP id 09PK837i063444; Sun, 25 Oct 2020 21:08:03 +0100 (CET) (envelope-from puchar-wojtek@puchar.net) Date: Sun, 25 Oct 2020 21:08:03 +0100 (CET) From: Wojciech Puchar To: Eugene Grosbein cc: Wojciech Puchar , freebsd-hackers@freebsd.org Subject: Re: displaying total CPU usage In-Reply-To: <1b80bb1c-60ca-0b14-403f-a8e1a9d16f0b@grosbein.net> Message-ID: References: <20201023112030.GF1427@albert.catwhisker.org> <20201023114557.GX2643@kib.kiev.ua> <2eb77b40-99a5-c4cf-3df4-ceead23ad218@grosbein.net> <1b80bb1c-60ca-0b14-403f-a8e1a9d16f0b@grosbein.net> User-Agent: Alpine 2.20 (BSF 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed X-Rspamd-Queue-Id: 4CK8Cr6TlDz4T2f X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=fail (headers rsa verify failed) header.d=puchar.net header.s=default header.b=Cogot4Ah; dmarc=none; spf=pass (mx1.freebsd.org: domain of wojtek@puchar.net designates 194.1.144.90 as permitted sender) smtp.mailfrom=wojtek@puchar.net X-Spamd-Result: default: False [-1.90 / 15.00]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.01)[-1.014]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; R_DKIM_REJECT(1.00)[puchar.net:s=default]; DMARC_NA(0.00)[puchar.net]; NEURAL_HAM_LONG(-1.00)[-1.002]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[puchar.net:-]; NEURAL_HAM_SHORT(-0.58)[-0.581]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:43476, ipnet:194.1.144.0/24, country:PL]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Oct 2020 20:08:10 -0000 >>> indicating lots of available/under-loaded CPU power when one of cores it already 100% bound. >> not in a case of mostly userland load without any pinning. > > In that case, too. Absense of pinning for CPU-hungry single-threaded process does not allow it > to utilize power of multiple cores and you still may get 50% load for 2-core system > but no free CPU cycles for such process. I understand but i want only total CPU load of server. it works and works fine now From owner-freebsd-hackers@freebsd.org Mon Oct 26 12:17:53 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 310B4443B43 for ; Mon, 26 Oct 2020 12:17:53 +0000 (UTC) (envelope-from jonathan@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CKYkn0Wyxz49WV; Mon, 26 Oct 2020 12:17:53 +0000 (UTC) (envelope-from jonathan@freebsd.org) Received: from mail-vs1-f45.google.com (mail-vs1-f45.google.com [209.85.217.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) (Authenticated sender: jonathan/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id E9E7222E2C; Mon, 26 Oct 2020 12:17:52 +0000 (UTC) (envelope-from jonathan@freebsd.org) Received: by mail-vs1-f45.google.com with SMTP id d19so4680356vso.10; Mon, 26 Oct 2020 05:17:52 -0700 (PDT) X-Gm-Message-State: AOAM531ow3ZE0FpDrtLbDgZtdFywThKOZpX6c3LXfvZMoWsUqfSe511r nI3uip90DWZxPz7WkbexMt5T/vRXIxf0+nq+Aw== X-Google-Smtp-Source: ABdhPJyd/PfB44v1BuRRJcd2glNh7tDzCL8QOJVHQJMmBD2Boi8JiCSJXGvzPxwbOkQc2STWQj1OlU3z7zFzhx3Yrsg= X-Received: by 2002:a67:c90b:: with SMTP id w11mr19719295vsk.25.1603714672231; Mon, 26 Oct 2020 05:17:52 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Jonathan Anderson Date: Mon, 26 Oct 2020 09:47:41 -0230 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Mapping Linux capabilities(7) to our Capsicum rights(4) To: Gleb Popov Cc: freebsd-hackers Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Oct 2020 12:17:53 -0000 Hi Gleb, There won't be a clear mapping between the two, as Linux "capabilities" (actually privileges, but unfortunately Symbian and POSIX.1e both called their privileges "capabilities" [1]) describe things that a process can do, whereas Capsicum capabilities (which are object capabilities) describe things that a file descriptor can do. If you want to constrain the behaviour of a process, Capsicum provides cap_enter(2), giving up access to global namespaces, but that approach may not fit with the Linux-tailored software you're porting. What's the fundamental security goal of the software in question? Dropping privileges is one mechanism to try to accomplish your goal, but there may well be a very different way of accomplishing it. In many situations (e.g., sandboxing), Linux "capabilities" and seccomp-bpf are a bit of an awkward fit... maybe we can help you find a better way? Jon [1] https://en.wikipedia.org/wiki/Capability-based_security#POSIX_capabilities On Sun, 25 Oct 2020 at 06:10, Gleb Popov wrote: > Hello hackers! > > I'm porting a software that employs Linux capabilities to constrain the > running process. The code looks like > > if (!haveCapability(CAP_SYS_CHROOT) > || !haveCapability(CAP_MKNOD) > || !haveCapability(CAP_FOWNER)) > { > errorOut(); > } > > dropCapability(CAP_SYS_CHROOT); > dropCapability(CAP_MKNOD); > dropCapability(CAP_FOWNER); > > The CAP_MKNOD looks much like our CAP_MKNODAT. The CAP_FOWNER looks more > complex, but it seems it is implemented at higher granularity in Capsicum. > Finally, I haven't found anything for CAP_SYS_CHROOT. > > I'll continue digging this up, but any hints would be appreciated. > Thanks in advance. > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" > -- jonathan@FreeBSD.org http://freebsd.org/~jonathan/ From owner-freebsd-hackers@freebsd.org Mon Oct 26 17:04:41 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 30D6E449D85 for ; Mon, 26 Oct 2020 17:04:41 +0000 (UTC) (envelope-from 6yearold@gmail.com) Received: from mail-lf1-f44.google.com (mail-lf1-f44.google.com [209.85.167.44]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CKh5h5Y66z4Txm; Mon, 26 Oct 2020 17:04:40 +0000 (UTC) (envelope-from 6yearold@gmail.com) Received: by mail-lf1-f44.google.com with SMTP id l28so13015955lfp.10; Mon, 26 Oct 2020 10:04:40 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=6Bx6fdmTM5u+gy3SlY4RQGfLEWsHNld0q/NuD7vpobk=; b=A06Kv80eSYo1VtbfW0KKvwJl9H/FSDC5G2QAhRRvyuF4Du2QmjEN/phkQLVNNIOnnr AHBkmq3ZZ+EkytKaNZBbPSFI7/6A1fvSgak0udcqw/5Vt0pMcgcWbiGJNjb57AqtNtb2 aH6froo71VxMAbTBHyh0oLDVvF+pI9csUisLxMG2CeB4YQgOn2o3cuuo4dx5uvuhz984 kcF5vKGbqQmYkugHuVwQ+1h+zGOU/Fs79Yh9qLmgzEpUCuS+o9f4KPf6NrpupyLfsJPd ISXjz658z82Mo5mhILpGjSE6JhNLkEnB14FJG6WrCMKmUTNITlm10gi9YGZcW9HJHWYQ 8/9w== X-Gm-Message-State: AOAM533HIsjjtAUh56Ifj8w2yXJD8KCy6T74FyrRLktYP/2xmEKwyzu6 GBIrOKaNLytOVL8AkXMW+p4lMHMWC/jrEA== X-Google-Smtp-Source: ABdhPJwlInujnOf1B+6256ls+vlhWjfFIoKP0gYhN49V84OjAqn5j3SIXmlM/UwhS9qFXG9x2BAUxw== X-Received: by 2002:a19:9d3:: with SMTP id 202mr6062746lfj.329.1603731878715; Mon, 26 Oct 2020 10:04:38 -0700 (PDT) Received: from mail-lj1-f175.google.com (mail-lj1-f175.google.com. [209.85.208.175]) by smtp.gmail.com with ESMTPSA id z25sm1095181lfi.132.2020.10.26.10.04.38 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 26 Oct 2020 10:04:38 -0700 (PDT) Received: by mail-lj1-f175.google.com with SMTP id h20so11021105lji.9; Mon, 26 Oct 2020 10:04:38 -0700 (PDT) X-Received: by 2002:a05:651c:1194:: with SMTP id w20mr6041476ljo.174.1603731878178; Mon, 26 Oct 2020 10:04:38 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Gleb Popov Date: Mon, 26 Oct 2020 21:04:11 +0400 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Mapping Linux capabilities(7) to our Capsicum rights(4) To: Jonathan Anderson Cc: freebsd-hackers X-Rspamd-Queue-Id: 4CKh5h5Y66z4Txm X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; REPLY(-4.00)[] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Oct 2020 17:04:41 -0000 On Mon, Oct 26, 2020 at 4:17 PM Jonathan Anderson wrote: > Hi Gleb, > > There won't be a clear mapping between the two, as Linux "capabilities" > (actually privileges, but unfortunately Symbian and POSIX.1e both called > their privileges "capabilities" [1]) describe things that a process can do, > whereas Capsicum capabilities (which are object capabilities) describe > things that a file descriptor can do. If you want to constrain the > behaviour of a process, Capsicum provides cap_enter(2), giving up access to > global namespaces, but that approach may not fit with the Linux-tailored > software you're porting. > > What's the fundamental security goal of the software in question? Dropping > privileges is one mechanism to try to accomplish your goal, but there may > well be a very different way of accomplishing it. In many situations (e.g., > sandboxing), Linux "capabilities" and seccomp-bpf are a bit of an awkward > fit... maybe we can help you find a better way? > It would be great, but I must admit that at the moment I barely understand all the complexities of the software. >From what I can tell, it spawns child processes and applies following hardening for them: - chroot into a sort of "jail". - prohibits using some system calls (using that seccomp thing) - drops capabilities with cap_* functions For now, I'm simply #ifdef'ing this code, but the upstream is really concerned about security and insists that all these security measures be reimplemented when making a port. I have about zero experience in this field, so any guidance would be most appreciated. From owner-freebsd-hackers@freebsd.org Mon Oct 26 20:01:06 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E726644D816 for ; Mon, 26 Oct 2020 20:01:06 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: from mail-qk1-x734.google.com (mail-qk1-x734.google.com [IPv6:2607:f8b0:4864:20::734]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CKm1F75dQz4gJb for ; Mon, 26 Oct 2020 20:01:05 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: by mail-qk1-x734.google.com with SMTP id j129so5769861qke.5 for ; Mon, 26 Oct 2020 13:01:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:subject:message-id:mime-version :content-disposition; bh=cXyp0EwFPppkutoNSqv14xbLac2ia4i3RFIhYVoWx28=; b=X1p/CXF69z8607x5ozxkRcKw8xmEBsXjyXKGfYonkDilrD7sre/T089qvAQDfbjksS J4j86URQZcjoTP5mYVaWjIL4gOweXdThN8e9l0uJ0ixxOYE2rbopYvUu67uogl2LSU6X BcuOn8cm1FWPD1Ja7wkls5UXjf4WVRYcjrEQMD8Zy3vUCJYjiDtcaaipbQLauDwsPFzj IPOkcTaXKkL0+c0PqEDuQW2CufL9DbEi6ZFz2z6EI4lk5OrRk+hoVy+KMWhUYnmWdwX5 GJjheUIbPEn1j7l9LQd20BkEZmQOJyNzImP+mPdXASX45E7LtgmLhc29jc6y9TfNQObX 7WJw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:subject:message-id :mime-version:content-disposition; bh=cXyp0EwFPppkutoNSqv14xbLac2ia4i3RFIhYVoWx28=; b=VeiViB2tPy55esizUj2Y81qyhCpq6IVfjdRQl7W5NQepkNuVUBCcWBIrPtCxfGRhCv Mp1EUveps1B64xlwQbP1l+WfQRiOgbMddQ8P4sDtY9D2tGIRybWom4fNdwfCVU+i1PfN NakzJuZFV47mNIjFLJHwmDpgFXH2/Gd5GcRXU6xxW47gbR3ilyna0FKGDj9Eft7FOzGj eX8G6duAuOanUmZOFy+UOh/N30FESsD+S1gfkSRWknnZeElRXwuHYh+SZ8mWzuJCQE9g AlD4zGgRxPFkOEqn7TUs+0fFEFRHxoGBtNf/g2yKq2705eWRZ+8Xaghc1Y2j6uGz2WzD 1HcQ== X-Gm-Message-State: AOAM530uYW8wt5A68gQepiIFQwYt8dhRQJ7cLU73MGNdwG9wjRKuOuJ3 /Hnfg8Y1qZ4gNnDesWD/NGGYlKI1RkQ= X-Google-Smtp-Source: ABdhPJwguq2NVQObGl3z1YrBzqg5HsgaGKlQ5/GbfRzBk1VFBNC1N08zDMxE33N3K7MEh13gGfjL6A== X-Received: by 2002:a37:de02:: with SMTP id h2mr2398361qkj.99.1603742464850; Mon, 26 Oct 2020 13:01:04 -0700 (PDT) Received: from raichu (toroon0560w-lp130-01-174-88-77-103.dsl.bell.ca. [174.88.77.103]) by smtp.gmail.com with ESMTPSA id 79sm7045636qkl.42.2020.10.26.13.01.03 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Oct 2020 13:01:04 -0700 (PDT) Sender: Mark Johnston Date: Mon, 26 Oct 2020 16:00:59 -0400 From: Mark Johnston To: freebsd-hackers@freebsd.org Subject: QAT driver Message-ID: <20201026200059.GA66299@raichu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Rspamd-Queue-Id: 4CKm1F75dQz4gJb X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=X1p/CXF6; dmarc=none; spf=pass (mx1.freebsd.org: domain of markjdb@gmail.com designates 2607:f8b0:4864:20::734 as permitted sender) smtp.mailfrom=markjdb@gmail.com X-Spamd-Result: default: False [-1.89 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; NEURAL_HAM_SHORT(-0.17)[-0.166]; FORGED_SENDER(0.30)[markj@freebsd.org,markjdb@gmail.com]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; FROM_NEQ_ENVFROM(0.00)[markj@freebsd.org,markjdb@gmail.com]; TO_DOM_EQ_FROM_DOM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.02)[-1.024]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-0.995]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::734:from]; MID_RHS_NOT_FQDN(0.50)[]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Oct 2020 20:01:07 -0000 Hi, I did a port of NetBSD's qat(4) to FreeBSD for pfSense, and made some enhancements. This provides an opencrypto-compatible driver for Intel's QuickAssist devices, aimed mainly to be used with IPSec. A review is posted here for anyone interested in reviewing: https://reviews.freebsd.org/D26963 So far it's mostly been tested on an Atom C3000, where some ad-hoc testing with iperf3 shows ~20-30% improvements relative to aesni(4) and some reduction in CPU usage. I've done some functional testing on a Xeon system with a 8950 adapter as well. If anyone is interested in testing the driver, please send me email. Some firmware images not included in the review above are required in order to test. I plan to port it to stable/12 shortly. Thanks, -Mark From owner-freebsd-hackers@freebsd.org Mon Oct 26 20:31:30 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4D1C544DC51 for ; Mon, 26 Oct 2020 20:31:30 +0000 (UTC) (envelope-from asomers@gmail.com) Received: from mail-ot1-f45.google.com (mail-ot1-f45.google.com [209.85.210.45]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CKmhK2tdxz3SyT; Mon, 26 Oct 2020 20:31:29 +0000 (UTC) (envelope-from asomers@gmail.com) Received: by mail-ot1-f45.google.com with SMTP id h62so9199800oth.9; Mon, 26 Oct 2020 13:31:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CbSRognDCMRwq/e7e1cgX+kLvj/QrgHefSIZYsJoKyQ=; b=CMx/19jRKYo7Hmn5gdlA1Wr5T5iMooGz2VaCmh02MkITTuL8tJI4qg9gymMo5IlsDp UQJ8AmAghRLWG8/kVgh0SpUTJb6E7dYI/kciAxk2srsYhNaeLbQ63PbNzPqV9ZFbHQWg Hs9n5oj+FbfMSZBFG37/LvG/YWTjrgrBD+D76Cfn4JclvHHWGUTjdrQMd2E5XbbJdTcn Zy442ebU5fTbqfeHbtVbh+sI70WNg7x0l+ej2FHJ9+kA5Pg1TWfmVw6upzLcKWEWTqhZ qWDPJjXNiWGGIgK3KNMdYlwMsFgXmXV0hK6s2AnyNBxpdbsnh3xmJSC2lwg6OtABz20g 5yuw== X-Gm-Message-State: AOAM530ebk27hGNeAeXKQ6Xv4M3/zz0A1SrRJf4+k48jSTt2uhXuswk/ UsKLYEOamJCbXxh6PC+Gl4wOpWsMrnlC+SFQ6BkT/0Mb+qE= X-Google-Smtp-Source: ABdhPJxAO1CYpV0N4+yNrLJD6HGbwLdN2iuP5bY0AnLT7OTaen95Q9Z3QsElysvJ4NUji/BJinDzGfRnsyb7c5NqfIQ= X-Received: by 2002:a9d:4b06:: with SMTP id q6mr9344682otf.18.1603744287799; Mon, 26 Oct 2020 13:31:27 -0700 (PDT) MIME-Version: 1.0 References: <20201026200059.GA66299@raichu> In-Reply-To: <20201026200059.GA66299@raichu> From: Alan Somers Date: Mon, 26 Oct 2020 14:31:16 -0600 Message-ID: Subject: Re: QAT driver To: Mark Johnston Cc: "freebsd-hackers@freebsd.org" X-Rspamd-Queue-Id: 4CKmhK2tdxz3SyT X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of asomers@gmail.com designates 209.85.210.45 as permitted sender) smtp.mailfrom=asomers@gmail.com X-Spamd-Result: default: False [-1.56 / 15.00]; ARC_NA(0.00)[]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FREEFALL_USER(0.00)[asomers]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17:c]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; DMARC_NA(0.00)[freebsd.org]; NEURAL_HAM_LONG(-0.99)[-0.990]; RWL_MAILSPIKE_GOOD(0.00)[209.85.210.45:from]; RCVD_TLS_ALL(0.00)[]; NEURAL_HAM_MEDIUM(-0.99)[-0.992]; NEURAL_SPAM_SHORT(0.42)[0.420]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[209.85.210.45:from]; FORGED_SENDER(0.30)[asomers@freebsd.org,asomers@gmail.com]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FROM_NEQ_ENVFROM(0.00)[asomers@freebsd.org,asomers@gmail.com]; MAILMAN_DEST(0.00)[freebsd-hackers] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Oct 2020 20:31:30 -0000 On Mon, Oct 26, 2020 at 2:01 PM Mark Johnston wrote: > Hi, > > I did a port of NetBSD's qat(4) to FreeBSD for pfSense, and made some > enhancements. This provides an opencrypto-compatible driver for Intel's > QuickAssist devices, aimed mainly to be used with IPSec. A review is > posted here for anyone interested in reviewing: > https://reviews.freebsd.org/D26963 > > So far it's mostly been tested on an Atom C3000, where some ad-hoc > testing with iperf3 shows ~20-30% improvements relative to aesni(4) and > some reduction in CPU usage. I've done some functional testing on a > Xeon system with a 8950 adapter as well. If anyone is interested in > testing the driver, please send me email. Some firmware images not > included in the review above are required in order to test. I plan to > port it to stable/12 shortly. > > Thanks, > -Mark > Awesome! I have an Atom C2758 that I could test it on, and I would like to test it. I just need to create a head BE first. -Alan From owner-freebsd-hackers@freebsd.org Mon Oct 26 22:12:19 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 760D3450B31 for ; Mon, 26 Oct 2020 22:12:19 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gate2.funkthat.com", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CKpwf3Z0nz3ZQG for ; Mon, 26 Oct 2020 22:12:17 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id 09QMCGFY044482 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 26 Oct 2020 15:12:16 -0700 (PDT) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.15.2/8.15.2/Submit) id 09QMCGP5044481; Mon, 26 Oct 2020 15:12:16 -0700 (PDT) (envelope-from jmg) Date: Mon, 26 Oct 2020 15:12:16 -0700 From: John-Mark Gurney To: Eric McCorkle Cc: FreeBSD Hackers Subject: Re: Mounting encrypted ZFS datasets/GELI for users? Message-ID: <20201026221215.GB31099@funkthat.com> Mail-Followup-To: Eric McCorkle , FreeBSD Hackers References: <8d467e98-237f-c6a2-72de-94c0195ec964@metricspace.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="YZ5djTAD1cGYuMQK" Content-Disposition: inline In-Reply-To: <8d467e98-237f-c6a2-72de-94c0195ec964@metricspace.net> X-Operating-System: FreeBSD 11.3-STABLE amd64 X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7 ED9B D5FF 5A51 C0AC 3D65 X-Files: The truth is out there X-URL: https://www.funkthat.com/ X-Resume: https://www.funkthat.com/~jmg/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.6.1 (2016-04-27) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (gold.funkthat.com [127.0.0.1]); Mon, 26 Oct 2020 15:12:16 -0700 (PDT) X-Rspamd-Queue-Id: 4CKpwf3Z0nz3ZQG X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of jmg@gold.funkthat.com has no SPF policy when checking 208.87.223.18) smtp.mailfrom=jmg@gold.funkthat.com X-Spamd-Result: default: False [-2.33 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FREEFALL_USER(0.00)[jmg]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_MEDIUM(-1.08)[-1.080]; MID_RHS_MATCH_FROM(0.00)[]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; DMARC_NA(0.00)[funkthat.com]; AUTH_NA(1.00)[]; NEURAL_HAM_LONG(-1.02)[-1.024]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; NEURAL_HAM_SHORT(-0.32)[-0.324]; RCPT_COUNT_TWO(0.00)[2]; SIGNED_PGP(-2.00)[]; FORGED_SENDER(0.30)[jmg@funkthat.com,jmg@gold.funkthat.com]; R_SPF_NA(0.00)[no SPF record]; SUBJECT_ENDS_QUESTION(1.00)[]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:32354, ipnet:208.87.216.0/21, country:US]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FROM_NEQ_ENVFROM(0.00)[jmg@funkthat.com,jmg@gold.funkthat.com]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Oct 2020 22:12:19 -0000 --YZ5djTAD1cGYuMQK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Eric McCorkle wrote this message on Mon, Oct 05, 2020 at 09:45 -0400: > I'm presently looking into options presented by ZFS encryption. One > idea I had was something like this (I'm going to go with ZFS for now, > but you could presumably do something like this with GELI, with more > effort). I'd still recommend using GELI. Even w/ ZFS's native encryption, the metadata for ZFS remains unencrypted, and able to be munged. If you geli w/ ZFS and a strong checksum, like sha512/256, I believe that this is the equiavlent to authenticated encryption, ala geli's authenticated mode, but with significantly less overhead... > You could have your users' home directories on separate ZFS datasets, > with a separate encryption key generated from their passphrase (you > could also generalize this to a session key generated from some other > form of authentication). When a user logs in, their authentication > materials are used to recover the ZFS key, which is then used to mount > the home directory. When they log out, their home directory is unmounted. This has already been implemented in PEFS: https://pefs.io/ and there's already a port for it: https://www.freshports.org/sysutils/pefs-kmod/ --=20 John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." --YZ5djTAD1cGYuMQK Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJfl0m/XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MEI1RTRGMTNDNzYyMDZDNjEyMDBCNjAy MDVGMEIzM0REMDA2QURBAAoJECBfCzPdAGraK0cP/R2H6mClfvVcaudD6LwDbHGF DjlDFsggf6prvLGa2vMEHsZjtknLP6aNzuf1FJNzPis71ZAhVW2bk6Bfex2s77YE fU2aGPjp8SRK/2bBx5WMJO1wdH9vGmfhG9bftfpnwxn4NYtZXw6p94SW3tMtrtgY ZuL4badw3DJOXKYRvomYJFWpDh8nUK7weRA8NG70n8HNcMOHk9osmI9UpSWKLFT/ jJTlMnBi5g9ikOKLfyykfWoU6sHk4pc4vJut32kRTel+jk7wzlLP9D9hffEjVBQj yHpQPsg0vWU6at0O1qJzH3eXsen/GkB6HzlkdEi1pBWjRcnKj3+KIy+brEtYSK2m W7CJQY10ikXQpmqOV7P6qT/qbOxq2cVJOLmpcaDND3dKBITreYDMCae7KJajThdV HUjcmIwxnpzpS3HNcph3wnCzolqWmdKuWGRPgx5b0wLi4EoYCItTdgc0+CTmhcvG H63jXqF9XKoL64+fjR9JDDBL0gtD+YOKwSowQjGvu5ODNmS+IfuWzk8K7UJFuOo4 sd5TgyrM7aMpesfXF9rS+mkHOcUK6PBePEgZdVAH122CFRMJ0dag4jC/5IXXmfRw d3copkTX+vPlsFHrtXu5Ds0k9qImjVMlUWGLibKPI/5I7oWXN6Y2ghKEBj+sapbe IAJ5HF+/7gcUxQkiy6RW =mwN6 -----END PGP SIGNATURE----- --YZ5djTAD1cGYuMQK-- From owner-freebsd-hackers@freebsd.org Mon Oct 26 22:22:02 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6AB59450C27 for ; Mon, 26 Oct 2020 22:22:02 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gate2.funkthat.com", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CKq7t1PTjz3ZjS; Mon, 26 Oct 2020 22:22:01 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id 09QMM0nB045148 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 26 Oct 2020 15:22:00 -0700 (PDT) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.15.2/8.15.2/Submit) id 09QMM0P8045147; Mon, 26 Oct 2020 15:22:00 -0700 (PDT) (envelope-from jmg) Date: Mon, 26 Oct 2020 15:22:00 -0700 From: John-Mark Gurney To: Gleb Popov Cc: Jonathan Anderson , freebsd-hackers Subject: Re: Mapping Linux capabilities(7) to our Capsicum rights(4) Message-ID: <20201026222200.GC31099@funkthat.com> Mail-Followup-To: Gleb Popov , Jonathan Anderson , freebsd-hackers References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Operating-System: FreeBSD 11.3-STABLE amd64 X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7 ED9B D5FF 5A51 C0AC 3D65 X-Files: The truth is out there X-URL: https://www.funkthat.com/ X-Resume: https://www.funkthat.com/~jmg/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.6.1 (2016-04-27) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (gold.funkthat.com [127.0.0.1]); Mon, 26 Oct 2020 15:22:00 -0700 (PDT) X-Rspamd-Queue-Id: 4CKq7t1PTjz3ZjS X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; ASN(0.00)[asn:32354, ipnet:208.87.216.0/21, country:US]; REPLY(-4.00)[] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Oct 2020 22:22:02 -0000 Gleb Popov wrote this message on Mon, Oct 26, 2020 at 21:04 +0400: > On Mon, Oct 26, 2020 at 4:17 PM Jonathan Anderson > wrote: > > > Hi Gleb, > > > > There won't be a clear mapping between the two, as Linux "capabilities" > > (actually privileges, but unfortunately Symbian and POSIX.1e both called > > their privileges "capabilities" [1]) describe things that a process can do, > > whereas Capsicum capabilities (which are object capabilities) describe > > things that a file descriptor can do. If you want to constrain the > > behaviour of a process, Capsicum provides cap_enter(2), giving up access to > > global namespaces, but that approach may not fit with the Linux-tailored > > software you're porting. > > > > What's the fundamental security goal of the software in question? Dropping > > privileges is one mechanism to try to accomplish your goal, but there may > > well be a very different way of accomplishing it. In many situations (e.g., > > sandboxing), Linux "capabilities" and seccomp-bpf are a bit of an awkward > > fit... maybe we can help you find a better way? > > > > It would be great, but I must admit that at the moment I barely understand > all the complexities of the software. > > >From what I can tell, it spawns child processes and applies following > hardening for them: > > - chroot into a sort of "jail". Capsicum can effectively make a jail w/o the need to chroot (and the root perms to do it), by restricting what file descriptors that a process has access to. > - prohibits using some system calls (using that seccomp thing) If you really do need to restrict syscalls, then you might want to look at the MAC framework: https://www.freebsd.org/doc/en/books/arch-handbook/mac.html > - drops capabilities with cap_* functions > > For now, I'm simply #ifdef'ing this code, but the upstream is really > concerned about security and insists that all these security measures be > reimplemented when making a port. I have about zero experience in this > field, so any guidance would be most appreciated. I'd say you need to read up on both MAC and capsicum to understand which one will meet your needs... Capsicum has the advantage that you can do it entirely from userland, and don't have to write any kernel modules. There may be a MAC framework that allows you to do it, but I haven't looked at MAC in over 15 years, so I'm not familar w/ it.. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." From owner-freebsd-hackers@freebsd.org Mon Oct 26 23:11:22 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E75F24516B3 for ; Mon, 26 Oct 2020 23:11:22 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: from mail-qk1-x72c.google.com (mail-qk1-x72c.google.com [IPv6:2607:f8b0:4864:20::72c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CKrDp4RRZz3cgP; Mon, 26 Oct 2020 23:11:22 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: by mail-qk1-x72c.google.com with SMTP id a23so10077808qkg.13; Mon, 26 Oct 2020 16:11:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=wHuBAXH+Op0GeXe3j++hGhQp50lZJYj1ubCzk4QlK7Q=; b=ksX96MeNMzgz4IuDrOJ2+Dd99eUcP8yoQpb/HVpSgVIqEZzzPn2crTZ+T0BT4P+pag cwvEWHD+lQ2Zx3LWWs2U7ub6DCEqxF69QQp8nZO8IrTsgPJR9Kp2htL/GIVmHfPXlx6D dGqQooxRtFsVLIs3HRAjBzVR6tjRYrAraE31zXb7Szhs6BsZGOcBF5m2OcDbzzaPq5wZ 3K/dbjhbqypJCTT3vHtPATUVNNGy2Tvmgbp56BSPy7GpoadUshtgtHomH5tNwAoOcN10 rxHPD7f8/i2CCAf7x/KRzD1/hVLvpZBJtg7Ro3PckIMV/eLlRCan9ZcoWRgznNzicWO5 s3Pw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition:in-reply-to; bh=wHuBAXH+Op0GeXe3j++hGhQp50lZJYj1ubCzk4QlK7Q=; b=bi/jxISk0E3wurAPpXjznE/uEaLtvvTbaSCAF4/Z71+B/lJtDmYWWMGsFAtf3JiXlE ECJHEiJLx9f5wKPFdd1mvcUrBWAfJr6QcfZL0nmlflhtAn08BQuiLnOrQDvL7LMgbRRV fjUa3rKCkjyvRL9UBHBSBPzVj7y6ywIXU8ZURqyYEkbcZ9wOblB2gtduocdLMRyAtEiq oFAPaIj45VUI5v2Hw+0SWCriDnzdDfnMVw4lg35JT98917PjJLBrdVcw/d3vCxkaRyx7 HoL6Cn3RzuEPSSmWbEngmCjFrGOZ8GWAt2lQAocpzkF+n1KTZsDKmyxKjqNaFCKmzpK3 0kGA== X-Gm-Message-State: AOAM533rPZkv6HGIau1+NF+LeOdpAWAOcebB+bg2OKS6BCjCDuoCzzSB NdMCnd2x0XUxdGmNlpVM648UEIyGpAU= X-Google-Smtp-Source: ABdhPJzQrVufqiTCP+wBm8QhdkHGqt5SYag2M3dHHiEgKCOOmdu1YaGcgsU+WGSWlQ4ZqOSI/oapww== X-Received: by 2002:a37:c51:: with SMTP id 78mr20754674qkm.30.1603753881088; Mon, 26 Oct 2020 16:11:21 -0700 (PDT) Received: from raichu (toroon0560w-lp130-01-174-88-77-103.dsl.bell.ca. [174.88.77.103]) by smtp.gmail.com with ESMTPSA id k4sm7487293qkj.46.2020.10.26.16.11.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Oct 2020 16:11:20 -0700 (PDT) Sender: Mark Johnston Date: Mon, 26 Oct 2020 19:11:14 -0400 From: Mark Johnston To: Alan Somers Cc: "freebsd-hackers@freebsd.org" Subject: Re: QAT driver Message-ID: <20201026231114.GA35073@raichu> References: <20201026200059.GA66299@raichu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 4CKrDp4RRZz3cgP X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; REPLY(-4.00)[] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Oct 2020 23:11:23 -0000 On Mon, Oct 26, 2020 at 02:31:16PM -0600, Alan Somers wrote: > On Mon, Oct 26, 2020 at 2:01 PM Mark Johnston wrote: > > > Hi, > > > > I did a port of NetBSD's qat(4) to FreeBSD for pfSense, and made some > > enhancements. This provides an opencrypto-compatible driver for Intel's > > QuickAssist devices, aimed mainly to be used with IPSec. A review is > > posted here for anyone interested in reviewing: > > https://reviews.freebsd.org/D26963 > > > > So far it's mostly been tested on an Atom C3000, where some ad-hoc > > testing with iperf3 shows ~20-30% improvements relative to aesni(4) and > > some reduction in CPU usage. I've done some functional testing on a > > Xeon system with a 8950 adapter as well. If anyone is interested in > > testing the driver, please send me email. Some firmware images not > > included in the review above are required in order to test. I plan to > > port it to stable/12 shortly. > > > > Thanks, > > -Mark > > > > Awesome! I have an Atom C2758 that I could test it on, and I would like to > test it. I just need to create a head BE first. So C2xxx is the one device where the driver isn't functional yet. :( It has its own platform code and so is the oddball among the devices supported by this driver. I just got access to a C2758 this weekend and have been debugging a firmware initialization issue, so hopefully it'll be resolved in the next couple of days, after which I'll follow up. From owner-freebsd-hackers@freebsd.org Tue Oct 27 03:00:19 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3F46D439A25 for ; Tue, 27 Oct 2020 03:00:19 +0000 (UTC) (envelope-from neel@neelc.org) Received: from rainpuddle.neelc.org (rainpuddle.neelc.org [66.42.69.219]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4CKxJy2rGcz48lX; Tue, 27 Oct 2020 03:00:18 +0000 (UTC) (envelope-from neel@neelc.org) Received: from mail.neelc.org (rainpuddle.neelc.org [IPv6:2001:19f0:8001:fed:5400:2ff:fe73:c622]) by rainpuddle.neelc.org (Postfix) with ESMTPSA id 125C9EB2C0; Mon, 26 Oct 2020 20:00:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=neelc.org; s=mail; t=1603767610; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=vGE4U/yVWli+GetVGp/HbrQJUAPHFtR32ggpjVAM9h4=; b=WP/QXmY0MjDz4VNTacvmjMPqMzLyt/3r9oRcL0aFDhHG9CNdKxQXWzRCD6nxb+PHmYAmr7 eFE/0qtp59tSP8K9iXQR7oWw6BCs0WhN0U9z7FewvlbLVIe0vfP/TafW5nWnK5RLs8e9SL kQk1+qgN6ROmSgNLfcKUq1CCtVgvYBp2gtfHiVRTJ/4UmUrUgAO0fW3tlfZAe4xWTt0jC1 pJnbcdAetYjl91JCz4I13UZA+SJajT/pwI1hDC6OAeaMGASoKm5EqY/G4frBLT73RiXLaM p18jUY8EXMYmG0q/m+if3TsoPsSCWMe4XOOTfqX/Rw2F2VCBssgLMbMcUQMJXg== MIME-Version: 1.0 Date: Mon, 26 Oct 2020 20:00:08 -0700 From: Neel Chauhan To: Mark Johnston Cc: freebsd-hackers@freebsd.org Subject: Re: QAT driver In-Reply-To: <20201026200059.GA66299@raichu> References: <20201026200059.GA66299@raichu> User-Agent: Roundcube Webmail/1.4.6 Message-ID: <723fbd7326df42ce30cd5e361db9c736@neelc.org> X-Sender: neel@neelc.org Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4CKxJy2rGcz48lX X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=neelc.org header.s=mail header.b=WP/QXmY0; dmarc=pass (policy=none) header.from=neelc.org; spf=pass (mx1.freebsd.org: domain of neel@neelc.org designates 66.42.69.219 as permitted sender) smtp.mailfrom=neel@neelc.org X-Spamd-Result: default: False [-3.53 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[neelc.org:s=mail]; FREEFALL_USER(0.00)[neel]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; MIME_GOOD(-0.10)[text/plain]; R_SPF_ALLOW(-0.20)[+a]; NEURAL_HAM_LONG(-1.01)[-1.012]; NEURAL_HAM_MEDIUM(-1.04)[-1.041]; DKIM_TRACE(0.00)[neelc.org:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[neelc.org,none]; NEURAL_HAM_SHORT(-0.48)[-0.477]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:20473, ipnet:66.42.64.0/20, country:US]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Oct 2020 03:00:19 -0000 Hi, This is great news for me with my home HPE ML110 G10/Xeon 4108 server. However, I will not be able to test this patch unless it can get backported to 12.1 or 12.2 once it's out, and I don't expect backporting to happen. I have one question about this: will I be able to use this to accelerate OpenSSL? Is additional code needed? I use the mentioned HPE server for Tor and Tor is very crypto-heavy (yet singlethreaded). I believe the official Intel drivers allow OpenSSL acceleration, but I'd prefer to avoid out-of-band drivers whether possible (ports/src is fine). -Neel === https://www.neelc.org/ On 2020-10-26 13:00, Mark Johnston wrote: > Hi, > > I did a port of NetBSD's qat(4) to FreeBSD for pfSense, and made some > enhancements. This provides an opencrypto-compatible driver for > Intel's > QuickAssist devices, aimed mainly to be used with IPSec. A review is > posted here for anyone interested in reviewing: > https://reviews.freebsd.org/D26963 > > So far it's mostly been tested on an Atom C3000, where some ad-hoc > testing with iperf3 shows ~20-30% improvements relative to aesni(4) and > some reduction in CPU usage. I've done some functional testing on a > Xeon system with a 8950 adapter as well. If anyone is interested in > testing the driver, please send me email. Some firmware images not > included in the review above are required in order to test. I plan to > port it to stable/12 shortly. > > Thanks, > -Mark > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to > "freebsd-hackers-unsubscribe@freebsd.org" From owner-freebsd-hackers@freebsd.org Tue Oct 27 03:27:25 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6BF1843AD89 for ; Tue, 27 Oct 2020 03:27:25 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: from mail-qk1-x741.google.com (mail-qk1-x741.google.com [IPv6:2607:f8b0:4864:20::741]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CKxwD4j97z4CY8 for ; Tue, 27 Oct 2020 03:27:24 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: by mail-qk1-x741.google.com with SMTP id t128so49487qke.0 for ; Mon, 26 Oct 2020 20:27:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=JCQq/X2oZxBmXo9h6R6qizTpm61Q4roE1o5jh//4jxM=; b=ZnbrpqnpQE8C1d5PqHNRXMA7Xu290QC5Hvv313uAsXx0pilxH5e32YGGz2HZy064DL vq5ezr0OLpmFLvjT6HJhhvxylv4eLkcyBWpY6Mb4gfqCW6kgvM3xufnYfbfPHrXLQbG9 QUX7bY6vdW6JzW1JQnkeLoPan/9uHBnGNKu98+DRJ/HpipquZY6E8yr7SsaR6F1Lrs5S gJckifNyXP+TLaGXGgQYhj+PoWPfQBqFN0fwE+PNCrqF38/qMUxBjiN82ImRcCdCmZWr +i490fzPro/TnaeZdcWSCnOMVdS0SXL5z/CSxlmZlO05K9FJG9osX+RnsKDxY+HAJ7OJ a41w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition:in-reply-to; bh=JCQq/X2oZxBmXo9h6R6qizTpm61Q4roE1o5jh//4jxM=; b=dYLw1ENL/KRwLbdANB5rSE5B23fYgnne+KezKLN5C6UK4q8ZUhIBdPPxeBb73zeaPF 42mMEBPKW6lI8NMyGL0rbRsOw8wjMtd/RIBNEy63z1F1jaQclPnX8PCa4UlnpucMn6+a K/V9o4rLKQpnpiSm9pPuMuQu2oaXURU2qUMYrm7n9z6WL6N1iWMPCpY9L0/3xa5joF/V aTRjKS6QkM/K/p1ZC2feFik+OxZy7vNCbDlCvV8/fRrGTQAREUTn0eS9NIUYsFHddi6E tJA2prDr7v+O+PTlazD04FaCsibxBgLBPLfsWCHsC1vmxUy2tXrqBsg28c/vRrGUtwZ/ uxQg== X-Gm-Message-State: AOAM532rR0TpoY9acgC+Q2w3dF0AMXWfyRU5Um3Wv6B7qbqaO1oB18cE 03R1PH3PSkZt7ktKe/MIrj/s0dBElAU= X-Google-Smtp-Source: ABdhPJxOWlCk2kGyBIHxp5R3OdAc4ufiG5zwIQKb3sNcdkHlBRjg0odbQ3uqhjHWWiswvItpUSXP7w== X-Received: by 2002:a37:7181:: with SMTP id m123mr238801qkc.295.1603769243643; Mon, 26 Oct 2020 20:27:23 -0700 (PDT) Received: from raichu (toroon0560w-lp130-01-174-88-77-103.dsl.bell.ca. [174.88.77.103]) by smtp.gmail.com with ESMTPSA id p5sm158747qtu.13.2020.10.26.20.27.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 26 Oct 2020 20:27:22 -0700 (PDT) Sender: Mark Johnston Date: Mon, 26 Oct 2020 23:27:20 -0400 From: Mark Johnston To: Neel Chauhan Cc: freebsd-hackers@freebsd.org Subject: Re: QAT driver Message-ID: <20201027032720.GB31663@raichu> References: <20201026200059.GA66299@raichu> <723fbd7326df42ce30cd5e361db9c736@neelc.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <723fbd7326df42ce30cd5e361db9c736@neelc.org> X-Rspamd-Queue-Id: 4CKxwD4j97z4CY8 X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=Znbrpqnp; dmarc=none; spf=pass (mx1.freebsd.org: domain of markjdb@gmail.com designates 2607:f8b0:4864:20::741 as permitted sender) smtp.mailfrom=markjdb@gmail.com X-Spamd-Result: default: False [-1.94 / 15.00]; RCVD_TLS_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; NEURAL_HAM_LONG(-1.01)[-1.005]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::741:from]; NEURAL_HAM_SHORT(-0.20)[-0.199]; NEURAL_HAM_MEDIUM(-1.04)[-1.037]; MID_RHS_NOT_FQDN(0.50)[]; FORGED_SENDER(0.30)[markj@freebsd.org,markjdb@gmail.com]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; FROM_NEQ_ENVFROM(0.00)[markj@freebsd.org,markjdb@gmail.com]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Oct 2020 03:27:25 -0000 On Mon, Oct 26, 2020 at 08:00:08PM -0700, Neel Chauhan wrote: > Hi, > > This is great news for me with my home HPE ML110 G10/Xeon 4108 server. > > However, I will not be able to test this patch unless it can get > backported to 12.1 or 12.2 once it's out, and I don't expect backporting > to happen. Indeed, it wouldn't appear before 12.3. > I have one question about this: will I be able to use this to accelerate > OpenSSL? Is additional code needed? In principle OpenSSL can make use of cryptodev(4) using the cryptodev engine, which would allow requests to be handled by qat(4) (or any other hardware crypto driver loaded in the kernel). I don't know that the cryptodev engine is really maintained these days though. More importantly, using the kernel to perform crypto transforms carries a lot of overhead since OpenSSL would have to switch into the kernel and copy data between userspace and the kernel for each request. I'd be surprised if you get any benefit from this versus using the AES-NI extensions in userspace, which OpenSSL should do out of the box. There are QAT drivers designed to service userspace requests efficiently, such as the one published by Intel and the one included with DPDK. This one is a fair bit simpler and really mostly intended for kernel consumers, mainly IPSec and disk encryption subsystems. > I use the mentioned HPE server for Tor and Tor is very crypto-heavy (yet > singlethreaded). > > I believe the official Intel drivers allow OpenSSL acceleration, but I'd > prefer to avoid out-of-band drivers whether possible (ports/src is > fine). It'd still be worth testing if you think a significant gain may be had. From owner-freebsd-hackers@freebsd.org Tue Oct 27 04:32:47 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E598743CB56 for ; Tue, 27 Oct 2020 04:32:47 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from CAN01-QB1-obe.outbound.protection.outlook.com (mail-qb1can01on0605.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe5c::605]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "GlobalSign Organization Validation CA - SHA256 - G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CKzMf4WJdz4HWN; Tue, 27 Oct 2020 04:32:46 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=b2jMfzGe0Q39OJ8GFprDEXWLOBGLggUqaJTYEsISQSRrTSQRH/oksuFeixgeLA/bCAUfpeBCYkId/7dOVSNLtSRvQLG3clwbMlqw4PbUODD7cHOIeqvNxmf2IUYC8NZFDwUpbmafZpgoN1BdTFPgz0JvZDFu49NIo31eg2k0jemuWiPPa24j5DVmMVNC6fdL9ONZdpSeq8xLC5+UduP+RkUXq+RpTky/ge2ixVjJLxZZ0zP7yr3qbQlNLbYcrSmO3fs66V3rBGuJjImqqjQnlZSgm67qNN4jubko1btGoKoUbPZjgnlDASSTQlXwfjgdPG6K1xspiQeIOaUn3QdR+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VIjyMeSc35osmpkx5e/o49LKa115dnDXtuMGeGU6v1s=; b=AqK5wweioDbhGzk+j1K7isFqoZgwn81uD8/UiiktRmvWPeMfH6/IvAIHEIKGAwvurLQCU8jbjlXsopWzN2mWxNSbnH1NTmTOJVqzvUr9zbifBc4zF9HK8SHaN9i/FMfIoOXa0gIaPKE+7qz77fjSmI0if1h6nJSt/xztbFym9p9Qy/Y+uEUVkdD4dxoWoEcqencjqJC1+fGFR5qS9N1ciax85djoYIW+X8HDQCPake4IgaiDFv/9RwtzlvIWqy9r+LujVU6O8MuMMO1sPuhmrAWv1OOipSQlJghRo9fQyq/lItYyEUgCaxEFQ6ITjFg9xWsEkdFM0gyzrlmB7vlkHQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=uoguelph.ca; dmarc=pass action=none header.from=uoguelph.ca; dkim=pass header.d=uoguelph.ca; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uoguelph.ca; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VIjyMeSc35osmpkx5e/o49LKa115dnDXtuMGeGU6v1s=; b=drzYYBscKM2XJsmvnrSgLmDNWdhA0DLwJ78fO2/gXH/NqmPgAvFq3BsQ2hz9AZWEa1O0Pr3GKBkfZr+QMdww22NoYDqPRh3sy0Tnh1zHStwyFGhYMQ712iTzViJvrn2c/ktAJYB78lAjxn9Y20p9JSgL+Texgzpi0PDtziu9S8hamz4X1kztagSlkGNsUFqPB8v/y3o4PJmbl1mQPlnK2aDVnWvx/jRmfkmOsc5fFETJik69WylSx0E/ouJ7mLWgIVVvCjo2+gwWIx5chW/SiC5QYDhpQjwyMNsGy1j6wnCDMknXAmBlW8t93JOApo2PvB3PKdssAkBX9JeFOpcKng== Received: from YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:b01:24::27) by YT1PR01MB2508.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:b01:6::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3477.23; Tue, 27 Oct 2020 04:32:40 +0000 Received: from YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM ([fe80::687f:d85a:a0a3:bd20]) by YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM ([fe80::687f:d85a:a0a3:bd20%6]) with mapi id 15.20.3499.018; Tue, 27 Oct 2020 04:32:40 +0000 From: Rick Macklem To: Mark Johnston , Neel Chauhan CC: "freebsd-hackers@freebsd.org" , "jhb@FreeBSD.org" Subject: Re: QAT driver Thread-Topic: QAT driver Thread-Index: AQHWrA1RAR1VF3VbeUCYrguyOo0PK6mqygwAgAAP+qg= Date: Tue, 27 Oct 2020 04:32:40 +0000 Message-ID: References: <20201026200059.GA66299@raichu> <723fbd7326df42ce30cd5e361db9c736@neelc.org>,<20201027032720.GB31663@raichu> In-Reply-To: <20201027032720.GB31663@raichu> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 08798dda-5c5b-4427-ad8a-08d87a3156f6 x-ms-traffictypediagnostic: YT1PR01MB2508: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: /ehU97DAhElnyyDaBqMqIsrqVuQdMJ97VY3hzppyl4k6HZkVGeKlDYS5Bk2mCFIGR35vx8dnx9/U3QThBFHAZit7T50BBDFTGjOI2hN8NCP+bRvv5aFtuYXbGlDiZQsgHT9/g0u5aXQoUzUmoExSSXW2vPvPd49pzJXOCEUnQSLBOpByUppiSMzMU9IOEeo9qpZQOsejUNZC3f/j98xuXqRdqtv/fhEDcOEstPUzN9Nzo5PLt7+D1DTYrxVLy+p94To+bN0gxCnOmKfKw5WSkvPoeiDA6wftsLu0pokT+6erkzmGLTVunW0tvq1G66ewj2pGtx/uNXdk1On90eiekqdREupeVhQgyKy0pfV2b+BINWjp9apQFhQBtZMyiEyiODz+000IGRQ+gss4549ONA== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(136003)(346002)(376002)(39860400002)(366004)(396003)(66946007)(478600001)(66556008)(4326008)(9686003)(316002)(786003)(66476007)(64756008)(66446008)(83380400001)(7696005)(186003)(71200400001)(54906003)(110136005)(8936002)(3480700007)(5660300002)(6506007)(52536014)(2906002)(966005)(33656002)(86362001)(8676002)(91956017)(76116006)(55016002)(7116003); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: 7rUduJyH3E2KI1y/CE9kDPy/KKShtVXxuJVwbOsp/vfrhC3qi9Gqe/REJUs1BtLBbyH9QkKHNpuPQ2bxdzJW1YGnvA8pYywGtaAqyhr3TRB+XXK6s6BzIu6z/yrrXNB/X+1php3l1IpqwYOwpzAkaZlFaKwW3RAL6x7vPdsYIH1fSPz40kz/190XdBANT5eFEYC8kzrNfKk13KJBWdrSRLr9P3TgqxHePewg1mbjjtoETzG2RIw6nccG352XrZaTsN654DeWUi4UxmfDVuf5Br0rHUBNds1LVLOMdbYm5kIg+xDdglA0un0JVPbul1Xu7UPpf3qxAR7iOLc2CZnkEAIoLIEh8DHSyO47wwMHW8WyjHQ5pohxvVoRM5a0otd4ex/+eOWrTqMB78Fj9erKoPd5kmdnWl+7BFWsx8YgN8C198XsT0W91ZqNWe+FFzCvmeS0uKQp3xQGqFC36vCf9CjVzsAhb4dMwEH9tdg2vOUxJl2YS8Sk7D0hVeZ4Y+vzlHoa4wKMK+KAAGNPMgaUDi0nnHtDBvXr0b12IFgzA9ubaTdkhr4I+do4LxTZc1ENVjWezQc4hDlDw0/ihbr+Dc7NN5aGPil1JXuEoIWHnmr3v9Aqnfb1c17zHEqbLApt8ArmImw1wOm7FebBU197GpOqOIBmLywxSrDFTU7kEoWUKcDvoU8HoWrAEcDgjySFs153P8G4rRs+NsYGN1BaxQ== x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: uoguelph.ca X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: 08798dda-5c5b-4427-ad8a-08d87a3156f6 X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Oct 2020 04:32:40.2858 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: be62a12b-2cad-49a1-a5fa-85f4f3156a7d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: YAoOXQ97vDXohQ1V/MUmEiLPVXk8n8FJwl7a89jGQyKOuaX+6L6pCvoKhqIxoMuIMqahGRO2buJyiOgUjIIcxw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: YT1PR01MB2508 X-Rspamd-Queue-Id: 4CKzMf4WJdz4HWN X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org; dkim=pass header.d=uoguelph.ca header.s=selector1 header.b=drzYYBsc; dmarc=pass (policy=none) header.from=uoguelph.ca; spf=pass (mx1.freebsd.org: domain of rmacklem@uoguelph.ca designates 2a01:111:f400:fe5c::605 as permitted sender) smtp.mailfrom=rmacklem@uoguelph.ca X-Spamd-Result: default: False [-6.48 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-0.99)[-0.987]; R_DKIM_ALLOW(-0.20)[uoguelph.ca:s=selector1]; FREEFALL_USER(0.00)[rmacklem]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a01:111:f400::/48]; MIME_GOOD(-0.10)[text/plain]; NEURAL_HAM_LONG(-1.01)[-1.010]; DWL_DNSWL_LOW(-1.00)[uoguelph.ca:dkim]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[uoguelph.ca:+]; DMARC_POLICY_ALLOW(-0.50)[uoguelph.ca,none]; NEURAL_HAM_SHORT(-1.48)[-1.478]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:8075, ipnet:2a01:111:f000::/36, country:US]; ARC_ALLOW(-1.00)[microsoft.com:s=arcselector9901:i=1]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Oct 2020 04:32:48 -0000 Mark Johnston wrote:=0A= >On Mon, Oct 26, 2020 at 08:00:08PM -0700, Neel Chauhan wrote:=0A= >> Hi,=0A= >>=0A= >> This is great news for me with my home HPE ML110 G10/Xeon 4108 server.= =0A= >>=0A= >> However, I will not be able to test this patch unless it can get=0A= >> backported to 12.1 or 12.2 once it's out, and I don't expect backporting= =0A= >> to happen.=0A= >=0A= >Indeed, it wouldn't appear before 12.3.=0A= >=0A= >> I have one question about this: will I be able to use this to accelerate= =0A= >> OpenSSL? Is additional code needed?=0A= >=0A= >In principle OpenSSL can make use of cryptodev(4) using the cryptodev=0A= >engine, which would allow requests to be handled by qat(4) (or any other= =0A= >hardware crypto driver loaded in the kernel). I don't know that the=0A= >cryptodev engine is really maintained these days though. More=0A= >importantly, using the kernel to perform crypto transforms carries a lot= =0A= >of overhead since OpenSSL would have to switch into the kernel and copy=0A= >data between userspace and the kernel for each request. I'd be=0A= >surprised if you get any benefit from this versus using the AES-NI=0A= >extensions in userspace, which OpenSSL should do out of the box.=0A= Can it be made to work with the KERN_TLS in head?=0A= (KERN_TLS works fine for me using the ktls_ocf and aesni modules.)=0A= I think it is only head and requires the patched OpenSSL3 that jhb@=0A= currently has.=0A= I know nothing about it, except that it seems to work well, doing=0A= the TLS application data records in the kernel for a TCP socket=0A= enabled by the patched OpenSSL library.=0A= I've cc'd jhb@, so hopefully he can let us know what it needs?=0A= =0A= >There are QAT drivers designed to service userspace requests=0A= >efficiently, such as the one published by Intel and the one included=0A= >with DPDK. This one is a fair bit simpler and really mostly intended=0A= >for kernel consumers, mainly IPSec and disk encryption subsystems.=0A= >=0A= >> I use the mentioned HPE server for Tor and Tor is very crypto-heavy (yet= =0A= >> singlethreaded).=0A= >>=0A= >> I believe the official Intel drivers allow OpenSSL acceleration, but I'd= =0A= >> prefer to avoid out-of-band drivers whether possible (ports/src is=0A= >> fine).=0A= >=0A= >It'd still be worth testing if you think a significant gain may be had.=0A= =0A= rick=0A= _______________________________________________=0A= freebsd-hackers@freebsd.org mailing list=0A= https://lists.freebsd.org/mailman/listinfo/freebsd-hackers=0A= To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"= =0A= =0A= From owner-freebsd-hackers@freebsd.org Tue Oct 27 04:57:49 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2D90443D9B1 for ; Tue, 27 Oct 2020 04:57:49 +0000 (UTC) (envelope-from kaduk@mit.edu) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4CKzwX0JMFz4JTk; Tue, 27 Oct 2020 04:57:47 +0000 (UTC) (envelope-from kaduk@mit.edu) Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 09R4vZEU012404 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 27 Oct 2020 00:57:40 -0400 Date: Mon, 26 Oct 2020 21:57:35 -0700 From: Benjamin Kaduk To: Mark Johnston Cc: Neel Chauhan , freebsd-hackers@freebsd.org Subject: Re: QAT driver Message-ID: <20201027045735.GJ39170@kduck.mit.edu> References: <20201026200059.GA66299@raichu> <723fbd7326df42ce30cd5e361db9c736@neelc.org> <20201027032720.GB31663@raichu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20201027032720.GB31663@raichu> X-Rspamd-Queue-Id: 4CKzwX0JMFz4JTk X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of kaduk@mit.edu designates 18.9.28.11 as permitted sender) smtp.mailfrom=kaduk@mit.edu X-Spamd-Result: default: False [-2.80 / 15.00]; RCVD_TLS_LAST(0.00)[]; RWL_MAILSPIKE_VERYGOOD(0.00)[18.9.28.11:from]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:18.9.28.0/24]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[mit.edu]; NEURAL_HAM_LONG(-1.00)[-0.998]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.48)[-0.483]; NEURAL_HAM_MEDIUM(-1.02)[-1.017]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3, ipnet:18.9.0.0/16, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-hackers]; RECEIVED_SPAMHAUS_PBL(0.00)[24.16.140.251:received] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Oct 2020 04:57:49 -0000 On Mon, Oct 26, 2020 at 11:27:20PM -0400, Mark Johnston wrote: > On Mon, Oct 26, 2020 at 08:00:08PM -0700, Neel Chauhan wrote: > > Hi, > > > > This is great news for me with my home HPE ML110 G10/Xeon 4108 server. > > > > However, I will not be able to test this patch unless it can get > > backported to 12.1 or 12.2 once it's out, and I don't expect backporting > > to happen. > > Indeed, it wouldn't appear before 12.3. > > > I have one question about this: will I be able to use this to accelerate > > OpenSSL? Is additional code needed? > > In principle OpenSSL can make use of cryptodev(4) using the cryptodev > engine, which would allow requests to be handled by qat(4) (or any other > hardware crypto driver loaded in the kernel). I don't know that the > cryptodev engine is really maintained these days though. More The openssl cryptodev engine was rewritten in https://github.com/openssl/openssl/pull/3744 , but engines are going to be deprecated in openssl 3.0. In theory someone (Intel?) could write an openssl "provider" that utilizes the QAT hardware, but (unsurprisingly, given that the interface isn't even finalized yet!) no one has done that yet. > importantly, using the kernel to perform crypto transforms carries a lot > of overhead since OpenSSL would have to switch into the kernel and copy > data between userspace and the kernel for each request. I'd be > surprised if you get any benefit from this versus using the AES-NI > extensions in userspace, which OpenSSL should do out of the box. Yes, the overhead of switching to kernel mode and copyin/copyout is expected to take up fair bit of the nominal gains. -Ben > There are QAT drivers designed to service userspace requests > efficiently, such as the one published by Intel and the one included > with DPDK. This one is a fair bit simpler and really mostly intended > for kernel consumers, mainly IPSec and disk encryption subsystems. > > > I use the mentioned HPE server for Tor and Tor is very crypto-heavy (yet > > singlethreaded). > > > > I believe the official Intel drivers allow OpenSSL acceleration, but I'd > > prefer to avoid out-of-band drivers whether possible (ports/src is > > fine). > > It'd still be worth testing if you think a significant gain may be had. > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" From owner-freebsd-hackers@freebsd.org Tue Oct 27 12:55:12 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 879C644C780 for ; Tue, 27 Oct 2020 12:55:12 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: from mail-qk1-x742.google.com (mail-qk1-x742.google.com [IPv6:2607:f8b0:4864:20::742]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CLBWN040hz4n2Z; Tue, 27 Oct 2020 12:55:11 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: by mail-qk1-x742.google.com with SMTP id b69so963228qkg.8; Tue, 27 Oct 2020 05:55:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=VnSx1HNnQ6+MmhjdnKEVV3NYtgP8lJ5jqGhe04JjnBk=; b=tPh6b+qwZmNmdgo/y5VserrVozZR4AkUZFD7+Q2n57ouwY1xwvsng/m5Ubgr1LVbu+ 1pF7biAm8dEE96vebmirGn4Zi+EV/WXK6d0r0NdF3VhmEJ/Plt7q9VSmLEFT39ExyFGX sR0oPPI/avRSp/lFELNPILqp7KDNd8jKJUpO6rdEN71yWX9nGkIJo+CR+hy3oN2GQbuM nScEdOhhUQwHlZi8pMTQAsnDo+d1L5z2jVp6reN0QgK20bwMHse0MdACV6QsggjFNo8/ jEkJ+UpkN+eSYj1HwdZF4Yzl8FYiKNNtofEYk8L6h7F+GnnWV8nw9yy3axgIzI5mtYlE PgIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition:in-reply-to; bh=VnSx1HNnQ6+MmhjdnKEVV3NYtgP8lJ5jqGhe04JjnBk=; b=KvKbO1Eyjmg4oSs23/Sb6jYc4qfOyNvYYf5zsPw55h6rzN6RhMgilm2SwM1ipTb8KC AJNvCzOr5eht+qgaZSERbymgG70QBsV9Q5r88OXuUJSsgrrIVhQ2pkfrmnpvO8FJ1eOM DAe0eTIkcaxrlCQqcUnbIRmbnWNKxZiyYbTTu5oF03szc5u9Zho4euvzDNIsMB5BnT3D Wlse3ClibEMex2x/B4BGlVXKLruypCA64siMMCWh0r4p3RsCJ+GSANZVrBOZ8FkEZdov rW9oOh1IZDcZWkl1/3u1jmCevsWL/csEV99mYOu6f97NsVHZTtBOb6dHi/I2LZtU0bfH hW4g== X-Gm-Message-State: AOAM533CyuUOdS35suN934y69cIwBNF2JyY7azAgYHZqIkXiKN6czh10 YGZP2DR1qPxW8eTjBA2WX5YFbXVLvR8= X-Google-Smtp-Source: ABdhPJxhOLYK71HvGHIENbPka8zvnZTawv+I1WeVSMlwT9rsRhOvrc3G1XUv3vzSFM6Pdvk3MykMow== X-Received: by 2002:a37:ac11:: with SMTP id e17mr2035372qkm.232.1603803311215; Tue, 27 Oct 2020 05:55:11 -0700 (PDT) Received: from raichu (toroon0560w-lp130-01-174-88-77-103.dsl.bell.ca. [174.88.77.103]) by smtp.gmail.com with ESMTPSA id u31sm697192qtu.87.2020.10.27.05.55.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Oct 2020 05:55:10 -0700 (PDT) Sender: Mark Johnston Date: Tue, 27 Oct 2020 08:55:08 -0400 From: Mark Johnston To: Rick Macklem Cc: Neel Chauhan , "freebsd-hackers@freebsd.org" , "jhb@FreeBSD.org" Subject: Re: QAT driver Message-ID: <20201027125508.GD31663@raichu> References: <20201026200059.GA66299@raichu> <723fbd7326df42ce30cd5e361db9c736@neelc.org> <20201027032720.GB31663@raichu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 4CLBWN040hz4n2Z X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=tPh6b+qw; dmarc=none; spf=pass (mx1.freebsd.org: domain of markjdb@gmail.com designates 2607:f8b0:4864:20::742 as permitted sender) smtp.mailfrom=markjdb@gmail.com X-Spamd-Result: default: False [-1.88 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; MIME_GOOD(-0.10)[text/plain]; MID_RHS_NOT_FQDN(0.50)[]; ARC_NA(0.00)[]; DMARC_NA(0.00)[freebsd.org]; NEURAL_HAM_LONG(-1.00)[-0.999]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; NEURAL_HAM_SHORT(-0.17)[-0.165]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::742:from]; NEURAL_HAM_MEDIUM(-1.02)[-1.017]; FORGED_SENDER(0.30)[markj@freebsd.org,markjdb@gmail.com]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; FROM_NEQ_ENVFROM(0.00)[markj@freebsd.org,markjdb@gmail.com]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Oct 2020 12:55:12 -0000 On Tue, Oct 27, 2020 at 04:32:40AM +0000, Rick Macklem wrote: > Mark Johnston wrote: > >On Mon, Oct 26, 2020 at 08:00:08PM -0700, Neel Chauhan wrote: > >> Hi, > >> > >> This is great news for me with my home HPE ML110 G10/Xeon 4108 server. > >> > >> However, I will not be able to test this patch unless it can get > >> backported to 12.1 or 12.2 once it's out, and I don't expect backporting > >> to happen. > > > >Indeed, it wouldn't appear before 12.3. > > > >> I have one question about this: will I be able to use this to accelerate > >> OpenSSL? Is additional code needed? > > > >In principle OpenSSL can make use of cryptodev(4) using the cryptodev > >engine, which would allow requests to be handled by qat(4) (or any other > >hardware crypto driver loaded in the kernel). I don't know that the > >cryptodev engine is really maintained these days though. More > >importantly, using the kernel to perform crypto transforms carries a lot > >of overhead since OpenSSL would have to switch into the kernel and copy > >data between userspace and the kernel for each request. I'd be > >surprised if you get any benefit from this versus using the AES-NI > >extensions in userspace, which OpenSSL should do out of the box. > Can it be made to work with the KERN_TLS in head? > (KERN_TLS works fine for me using the ktls_ocf and aesni modules.) > I think it is only head and requires the patched OpenSSL3 that jhb@ > currently has. I hadn't looked at ktls_ocf.c before but at a glance it looks like it can make use of any hardware or software opencrypto driver that supports the requested algorithms. The qat(4) port implements the algorithms referenced by ktls_ocf_try(). > I know nothing about it, except that it seems to work well, doing > the TLS application data records in the kernel for a TCP socket > enabled by the patched OpenSSL library. > I've cc'd jhb@, so hopefully he can let us know what it needs? From owner-freebsd-hackers@freebsd.org Tue Oct 27 13:07:59 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1A9F344CE21 for ; Tue, 27 Oct 2020 13:07:59 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: from mail-qk1-x744.google.com (mail-qk1-x744.google.com [IPv6:2607:f8b0:4864:20::744]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CLBp56jmtz4ns8 for ; Tue, 27 Oct 2020 13:07:57 +0000 (UTC) (envelope-from markjdb@gmail.com) Received: by mail-qk1-x744.google.com with SMTP id z6so1016164qkz.4 for ; Tue, 27 Oct 2020 06:07:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=q7xZPP3bIFKYHlWSJxVDUKDj0uzUaaQkCsta1D6pxMw=; b=bjfl2uVhMjbWQscbidiO+b+uGyuaEU+XB0GNdZTxzlYecimDnHzaVY6HchuP5cqSAS lu5LeRKQ8ArwyduW8SCUK5/SjEQfuMhBFC0prf0PONcHxxoBWngAA0jSztyW6ryugCy0 aYHh4RwOalXieBjYC6TN1YkXQLnpvNXsLh8uWSepsvHXhw4Q8JuOBVOgX/GrutSF1S0B AOJM+3kIboAPeXsIFIc6cLlVgQnGQGaB4fj0u3140LV9uNBJ7ZqJCQO0VvI4VInXq8T7 bVKazI7Cee9irmf1QR+h2pO+Kk8qgwnd8VETZwaD2VHrzAmABbgxNeiT36I4tcE/D+xB v23w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :references:mime-version:content-disposition:in-reply-to; bh=q7xZPP3bIFKYHlWSJxVDUKDj0uzUaaQkCsta1D6pxMw=; b=Iajo1Zcd4U7WKVFteaeHULKEDHy+RvwIy/Us2NpeHIFl1X+xn6qGp2ki+RZx3Hb4WX qYdBbss46UkQP+4dwwkkAM9vFG4vGLrzVN31ZBGzV0EVEyDifWjB0a/sYdCoCzuYsaaF 5Uw1zw4302+0j3FaA2MaoqbiqCszqX7Pq8MzWVHL/TogOa3VXmaAvR4xeognT5H8hMWE SnDZssO/iI0Bff6vudygfUIJ0KJsQsgsRjaH8tewHfLpokmx15eQ2mU7QOZZx0ytfypd /gcviR1ocMNXSL+HvrdK1vPf3pjg25b6KYkz8O7X9YOmysQuLeYj9/jAxqVfH7lLCXl9 Hf6g== X-Gm-Message-State: AOAM53062dTn3blqT2BYSV2YYsDqLimWSWjvArA02bSeX8y3mFURYlh+ UkGYKGhZb7gs+kYDSS19UvA= X-Google-Smtp-Source: ABdhPJyLLeI0MqLJLjtu0wlfR8Wwbi3RFS1YR2eFV0lynyM2QWcT8sX98WNcwXTQyqv4Xw/9CECVvg== X-Received: by 2002:a05:620a:a09:: with SMTP id i9mr1876662qka.119.1603804077054; Tue, 27 Oct 2020 06:07:57 -0700 (PDT) Received: from raichu (toroon0560w-lp130-01-174-88-77-103.dsl.bell.ca. [174.88.77.103]) by smtp.gmail.com with ESMTPSA id 9sm601148qkv.110.2020.10.27.06.07.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Oct 2020 06:07:56 -0700 (PDT) Sender: Mark Johnston Date: Tue, 27 Oct 2020 09:07:54 -0400 From: Mark Johnston To: Benjamin Kaduk Cc: Neel Chauhan , freebsd-hackers@freebsd.org Subject: Re: QAT driver Message-ID: <20201027130754.GE31663@raichu> References: <20201026200059.GA66299@raichu> <723fbd7326df42ce30cd5e361db9c736@neelc.org> <20201027032720.GB31663@raichu> <20201027045735.GJ39170@kduck.mit.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20201027045735.GJ39170@kduck.mit.edu> X-Rspamd-Queue-Id: 4CLBp56jmtz4ns8 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=bjfl2uVh; dmarc=none; spf=pass (mx1.freebsd.org: domain of markjdb@gmail.com designates 2607:f8b0:4864:20::744 as permitted sender) smtp.mailfrom=markjdb@gmail.com X-Spamd-Result: default: False [-2.09 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; NEURAL_HAM_LONG(-1.00)[-0.999]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DMARC_NA(0.00)[freebsd.org]; TO_DN_SOME(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; NEURAL_HAM_SHORT(-0.37)[-0.370]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::744:from]; NEURAL_HAM_MEDIUM(-1.02)[-1.018]; MID_RHS_NOT_FQDN(0.50)[]; FORGED_SENDER(0.30)[markj@freebsd.org,markjdb@gmail.com]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; FROM_NEQ_ENVFROM(0.00)[markj@freebsd.org,markjdb@gmail.com]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Oct 2020 13:07:59 -0000 On Mon, Oct 26, 2020 at 09:57:35PM -0700, Benjamin Kaduk wrote: > On Mon, Oct 26, 2020 at 11:27:20PM -0400, Mark Johnston wrote: > > On Mon, Oct 26, 2020 at 08:00:08PM -0700, Neel Chauhan wrote: > > > Hi, > > > > > > This is great news for me with my home HPE ML110 G10/Xeon 4108 server. > > > > > > However, I will not be able to test this patch unless it can get > > > backported to 12.1 or 12.2 once it's out, and I don't expect backporting > > > to happen. > > > > Indeed, it wouldn't appear before 12.3. > > > > > I have one question about this: will I be able to use this to accelerate > > > OpenSSL? Is additional code needed? > > > > In principle OpenSSL can make use of cryptodev(4) using the cryptodev > > engine, which would allow requests to be handled by qat(4) (or any other > > hardware crypto driver loaded in the kernel). I don't know that the > > cryptodev engine is really maintained these days though. More > > The openssl cryptodev engine was rewritten in > https://github.com/openssl/openssl/pull/3744 , but engines are going to be > deprecated in openssl 3.0. Is this the devcrypto engine? It appears to be broken on FreeBSD: it tries to invoke CIOCGSESSION on a /dev/crypto descriptor, but one is supposed to first use CRIOGET to get a separate descriptor with which sessions are associated. truss(1)ing "openssl speed -evp aes-128-cbc -engine devcrypto" yields: 82677: openat(AT_FDCWD,"/dev/crypto",O_RDWR,00) = 3 (0x3) 82677: ioctl(3,CIOCGSESSION,0x7fffffffde70) ERR#22 'Invalid argument' 82677: ioctl(3,CIOCGSESSION,0x7fffffffde70) ERR#22 'Invalid argument' 82677: ioctl(3,CIOCGSESSION,0x7fffffffde70) ERR#22 'Invalid argument' 82677: ioctl(3,CIOCGSESSION,0x7fffffffde70) ERR#22 'Invalid argument' 82677: ioctl(3,CIOCGSESSION,0x7fffffffde70) ERR#22 'Invalid argument' ... > In theory someone (Intel?) could write an > openssl "provider" that utilizes the QAT hardware, but (unsurprisingly, > given that the interface isn't even finalized yet!) no one has done that > yet. What's the difference between providers and engines? There is a QAT engine for OpenSSL. From owner-freebsd-hackers@freebsd.org Tue Oct 27 16:24:54 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 96E944534E7 for ; Tue, 27 Oct 2020 16:24:54 +0000 (UTC) (envelope-from kaduk@mit.edu) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4CLH9K4J3nz3Z38; Tue, 27 Oct 2020 16:24:53 +0000 (UTC) (envelope-from kaduk@mit.edu) Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 09RGOkwG009696 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 27 Oct 2020 12:24:50 -0400 Date: Tue, 27 Oct 2020 09:24:45 -0700 From: Benjamin Kaduk To: Mark Johnston Cc: Neel Chauhan , freebsd-hackers@freebsd.org Subject: Re: QAT driver Message-ID: <20201027162445.GN39170@kduck.mit.edu> References: <20201026200059.GA66299@raichu> <723fbd7326df42ce30cd5e361db9c736@neelc.org> <20201027032720.GB31663@raichu> <20201027045735.GJ39170@kduck.mit.edu> <20201027130754.GE31663@raichu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20201027130754.GE31663@raichu> X-Rspamd-Queue-Id: 4CLH9K4J3nz3Z38 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of kaduk@mit.edu designates 18.9.28.11 as permitted sender) smtp.mailfrom=kaduk@mit.edu X-Spamd-Result: default: False [-2.92 / 15.00]; ARC_NA(0.00)[]; RWL_MAILSPIKE_VERYGOOD(0.00)[18.9.28.11:from]; RECEIVED_SPAMHAUS_PBL(0.00)[24.16.140.251:received]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:18.9.28.0/24]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[mit.edu]; NEURAL_HAM_LONG(-1.00)[-0.999]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.61)[-0.611]; NEURAL_HAM_MEDIUM(-1.01)[-1.011]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:3, ipnet:18.9.0.0/16, country:US]; MIME_TRACE(0.00)[0:+]; MAILMAN_DEST(0.00)[freebsd-hackers]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Oct 2020 16:24:54 -0000 On Tue, Oct 27, 2020 at 09:07:54AM -0400, Mark Johnston wrote: > On Mon, Oct 26, 2020 at 09:57:35PM -0700, Benjamin Kaduk wrote: > > On Mon, Oct 26, 2020 at 11:27:20PM -0400, Mark Johnston wrote: > > > On Mon, Oct 26, 2020 at 08:00:08PM -0700, Neel Chauhan wrote: > > > > Hi, > > > > > > > > This is great news for me with my home HPE ML110 G10/Xeon 4108 server. > > > > > > > > However, I will not be able to test this patch unless it can get > > > > backported to 12.1 or 12.2 once it's out, and I don't expect backporting > > > > to happen. > > > > > > Indeed, it wouldn't appear before 12.3. > > > > > > > I have one question about this: will I be able to use this to accelerate > > > > OpenSSL? Is additional code needed? > > > > > > In principle OpenSSL can make use of cryptodev(4) using the cryptodev > > > engine, which would allow requests to be handled by qat(4) (or any other > > > hardware crypto driver loaded in the kernel). I don't know that the > > > cryptodev engine is really maintained these days though. More > > > > The openssl cryptodev engine was rewritten in > > https://github.com/openssl/openssl/pull/3744 , but engines are going to be > > deprecated in openssl 3.0. > > Is this the devcrypto engine? It appears to be broken on FreeBSD: it Yes, the devcrypto engine. > tries to invoke CIOCGSESSION on a /dev/crypto descriptor, but one is > supposed to first use CRIOGET to get a separate descriptor with which > sessions are associated. As the linked page says, "implemented based on cryptodev-linux and then adjusted to work on FreeBSD 8.4". I don't know of anyone testing it on a recent FreeBSD prior to your report. > truss(1)ing "openssl speed -evp aes-128-cbc -engine devcrypto" yields: > > 82677: openat(AT_FDCWD,"/dev/crypto",O_RDWR,00) = 3 (0x3) > 82677: ioctl(3,CIOCGSESSION,0x7fffffffde70) ERR#22 'Invalid argument' > 82677: ioctl(3,CIOCGSESSION,0x7fffffffde70) ERR#22 'Invalid argument' > 82677: ioctl(3,CIOCGSESSION,0x7fffffffde70) ERR#22 'Invalid argument' > 82677: ioctl(3,CIOCGSESSION,0x7fffffffde70) ERR#22 'Invalid argument' > 82677: ioctl(3,CIOCGSESSION,0x7fffffffde70) ERR#22 'Invalid argument' > ... > > > In theory someone (Intel?) could write an > > openssl "provider" that utilizes the QAT hardware, but (unsurprisingly, > > given that the interface isn't even finalized yet!) no one has done that > > yet. > > What's the difference between providers and engines? There is a QAT > engine for OpenSSL. OpenSSL is getting a big rearchitecture for the 3.0.0 release, and providers are the new way to provide external implementations for crypto algorithms and such; the openssl/provider interface is arguably cleaner and definitely more extensible than the openssl/engine interface. There's a bit more information at, e.g., https://wiki.openssl.org/index.php/OpenSSL_3.0#Providers and https://www.openssl.org/blog/blog/2019/11/07/3.0-update/ (which links to https://www.openssl.org/docs/OpenSSL300Design.html). -Ben From owner-freebsd-hackers@freebsd.org Tue Oct 27 18:47:10 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 73843457AA4 for ; Tue, 27 Oct 2020 18:47:10 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gate2.funkthat.com", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CLLKT2Py6z4273; Tue, 27 Oct 2020 18:47:08 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id 09RIl629013552 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 27 Oct 2020 11:47:06 -0700 (PDT) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.15.2/8.15.2/Submit) id 09RIl67m013551; Tue, 27 Oct 2020 11:47:06 -0700 (PDT) (envelope-from jmg) Date: Tue, 27 Oct 2020 11:47:06 -0700 From: John-Mark Gurney To: Benjamin Kaduk Cc: Mark Johnston , Neel Chauhan , freebsd-hackers@freebsd.org Subject: Re: QAT driver Message-ID: <20201027184706.GF31099@funkthat.com> Mail-Followup-To: Benjamin Kaduk , Mark Johnston , Neel Chauhan , freebsd-hackers@freebsd.org References: <20201026200059.GA66299@raichu> <723fbd7326df42ce30cd5e361db9c736@neelc.org> <20201027032720.GB31663@raichu> <20201027045735.GJ39170@kduck.mit.edu> <20201027130754.GE31663@raichu> <20201027162445.GN39170@kduck.mit.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20201027162445.GN39170@kduck.mit.edu> X-Operating-System: FreeBSD 11.3-STABLE amd64 X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7 ED9B D5FF 5A51 C0AC 3D65 X-Files: The truth is out there X-URL: https://www.funkthat.com/ X-Resume: https://www.funkthat.com/~jmg/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.6.1 (2016-04-27) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (gold.funkthat.com [127.0.0.1]); Tue, 27 Oct 2020 11:47:06 -0700 (PDT) X-Rspamd-Queue-Id: 4CLLKT2Py6z4273 X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of jmg@gold.funkthat.com has no SPF policy when checking 208.87.223.18) smtp.mailfrom=jmg@gold.funkthat.com X-Spamd-Result: default: False [-0.88 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; FREEFALL_USER(0.00)[jmg]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[funkthat.com]; AUTH_NA(1.00)[]; NEURAL_HAM_LONG(-0.85)[-0.851]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.41)[-0.413]; NEURAL_HAM_MEDIUM(-0.82)[-0.816]; R_SPF_NA(0.00)[no SPF record]; FORGED_SENDER(0.30)[jmg@funkthat.com,jmg@gold.funkthat.com]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_COUNT_TWO(0.00)[2]; ASN(0.00)[asn:32354, ipnet:208.87.216.0/21, country:US]; FROM_NEQ_ENVFROM(0.00)[jmg@funkthat.com,jmg@gold.funkthat.com]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Oct 2020 18:47:10 -0000 Benjamin Kaduk wrote this message on Tue, Oct 27, 2020 at 09:24 -0700: > On Tue, Oct 27, 2020 at 09:07:54AM -0400, Mark Johnston wrote: > > On Mon, Oct 26, 2020 at 09:57:35PM -0700, Benjamin Kaduk wrote: > > > On Mon, Oct 26, 2020 at 11:27:20PM -0400, Mark Johnston wrote: > > > > On Mon, Oct 26, 2020 at 08:00:08PM -0700, Neel Chauhan wrote: > > > > > Hi, > > > > > > > > > > This is great news for me with my home HPE ML110 G10/Xeon 4108 server. > > > > > > > > > > However, I will not be able to test this patch unless it can get > > > > > backported to 12.1 or 12.2 once it's out, and I don't expect backporting > > > > > to happen. > > > > > > > > Indeed, it wouldn't appear before 12.3. > > > > > > > > > I have one question about this: will I be able to use this to accelerate > > > > > OpenSSL? Is additional code needed? > > > > > > > > In principle OpenSSL can make use of cryptodev(4) using the cryptodev > > > > engine, which would allow requests to be handled by qat(4) (or any other > > > > hardware crypto driver loaded in the kernel). I don't know that the > > > > cryptodev engine is really maintained these days though. More > > > > > > The openssl cryptodev engine was rewritten in > > > https://github.com/openssl/openssl/pull/3744 , but engines are going to be > > > deprecated in openssl 3.0. > > > > Is this the devcrypto engine? It appears to be broken on FreeBSD: it > > Yes, the devcrypto engine. > > > tries to invoke CIOCGSESSION on a /dev/crypto descriptor, but one is > > supposed to first use CRIOGET to get a separate descriptor with which > > sessions are associated. > > As the linked page says, "implemented based on cryptodev-linux and then > adjusted to work on FreeBSD 8.4". I don't know of anyone testing it on a > recent FreeBSD prior to your report. Well, It does work for FreeBSD 11.3 and OpenSSL 1.0.2h-freebsd 3 May 2016, so it's clear that OpenSSL broken their code... I just ran some tests and w/ cryptodev loaded, and it gives wildly fast speeds, because it only times the user cpu time, but since the work is done in the kernel, it doesn't get accounted: gold,pts,/tmp/so,507$ktrace openssl speed -evp aes-128-cbc Doing aes-128-cbc for 3s on 16 size blocks: 127989 aes-128-cbc's in 0.13s Doing aes-128-cbc for 3s on 64 size blocks: 126928 aes-128-cbc's in 0.08s Doing aes-128-cbc for 3s on 256 size blocks: 135133 aes-128-cbc's in 0.09s Doing aes-128-cbc for 3s on 1024 size blocks: 121699 aes-128-cbc's in 0.05s Doing aes-128-cbc for 3s on 8192 size blocks: 74813 aes-128-cbc's in 0.02s OpenSSL 1.0.2h-freebsd 3 May 2016 built on: date not available options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) compiler: clang The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128-cbc 15418.91k 103979.42k 402548.92k 2658555.22k 39223558.14k If you "fix" the number (multiply by .02 and divid by 3), you get the more reasonable 261MB/sec... And then when I unload cryptodev, I get: gold,pts,/tmp/so,518$openssl speed -evp aes-128-cbc Doing aes-128-cbc for 3s on 16 size blocks: 66217110 aes-128-cbc's in 2.98s Doing aes-128-cbc for 3s on 64 size blocks: 20354897 aes-128-cbc's in 3.00s Doing aes-128-cbc for 3s on 256 size blocks: 5899224 aes-128-cbc's in 2.97s Doing aes-128-cbc for 3s on 1024 size blocks: 1512931 aes-128-cbc's in 2.94s Doing aes-128-cbc for 3s on 8192 size blocks: 191150 aes-128-cbc's in 2.95s OpenSSL 1.0.2h-freebsd 3 May 2016 built on: date not available options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx) compiler: clang The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes aes-128-cbc 355938.69k 434237.80k 508699.40k 527401.31k 531658.63k Which is reasonable for not going to the kernel everytime... (CBC encrypt is a slow mode).. So, sounds like the OpenSSL broke /dev/crypto on FreeBSD. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." From owner-freebsd-hackers@freebsd.org Tue Oct 27 21:15:15 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C75E845A9A3 for ; Tue, 27 Oct 2020 21:15:15 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from CAN01-QB1-obe.outbound.protection.outlook.com (mail-eopbgr660069.outbound.protection.outlook.com [40.107.66.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "GlobalSign Organization Validation CA - SHA256 - G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CLPcM1jtJz4DJ4; Tue, 27 Oct 2020 21:15:14 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cXonT/yLJMvay2+MO2W5DpX0XHWFl+UZa2GQ9bum2gg0rR/by+byxVJfdo6NCcM+7QQdPRf6U7Q7/OCbMqFDgPnuVUVQ4fEfIG6DFzphqjmDBnpX9ol7ssSZjJUokpBqlfMvz8ujL0odR1HfD9P/x0dZnc3WPZxiFr67NUW9Pbhjzs+ALEduJHP3IsmMt7Lqo63aAv5NYj83UFwUwNavPEXs3L9mYdb1BJGPFJdww0+mkmDMLBAzcYfcbHyBJ3fT83kcH8MG7upyWYevts4HY8iaTzj0H6VJHHQhW780Nk6VebtMbCABjKgEzOtBibF5v++GdnfPlnNNth3R9gOaMQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0bOPvMGsqxHGUn7qzqyw3q49LsQecjxJzKe4ATPte6U=; b=jgJNCnS4xZAeJIWKwdXskYVAyg0Jj+NmlHnUezfGv1U5RJJZtgVbHN40Zu8hGZCCqwRVbGZkla3pl2HVmHLkLNrFBo38m943x3my9VB4rA94JsfHiWZH9ykGLCDizw6RmGLhqVmILs4QrEsWeLgNUOZG9GMR9eT26l49Z3o3olxBn4V700c/fs2i7Bu94PnV0sNyO3adQqVP3pO9ZVZngr6WX8rYmALKsTcjvKe7OIOfP+Yp+8u++A3s8dNwQmN375ehIRYkSFKlRLN1+yitNXQ8HaFctFkzZIkaEnEnzCczyVVCs8ZNoh42mqgXUT6Fhuh4pumL3kA/jx5LlLtYoA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=uoguelph.ca; dmarc=pass action=none header.from=uoguelph.ca; dkim=pass header.d=uoguelph.ca; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uoguelph.ca; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0bOPvMGsqxHGUn7qzqyw3q49LsQecjxJzKe4ATPte6U=; b=QqziR2Xhx9QYcLJvnA7RXph/Zlb20WcxVKSXFtftr4J8BMx0VsRAqgHDUa2ZECuO3iACbZ375v9gF93FvBGPdZOT9dI2BFlI2jTKU9uVp1kG5MlZ1j8a3jD0stmtL0p6evkl35fTis0cRCWViOOtNiFodfBTwk3KtUpG0LaukOsFOv/h58N7twsqV7oIf/6nUhZ4j8dcH1CwenyDoldfoBrTvtik7vJwVwVTMUqUUaYN5OEbw5hpScnLSsuKMXXqx6fnuY72qVAa7MvnOaLBC7NO+i4QN08wDx/3PtncqmhCKudB9sPY9eMe3l47BQhbxBNItCj6xQiWnUyWbb/Scg== Received: from YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:b01:24::27) by YTBPR01MB3007.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:b01:1c::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3499.18; Tue, 27 Oct 2020 21:15:12 +0000 Received: from YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM ([fe80::687f:d85a:a0a3:bd20]) by YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM ([fe80::687f:d85a:a0a3:bd20%6]) with mapi id 15.20.3499.018; Tue, 27 Oct 2020 21:15:12 +0000 From: Rick Macklem To: Mark Johnston CC: Neel Chauhan , "freebsd-hackers@freebsd.org" , "jhb@FreeBSD.org" Subject: Re: QAT driver Thread-Topic: QAT driver Thread-Index: AQHWrA1RAR1VF3VbeUCYrguyOo0PK6mqygwAgAAP+qiAAI6rAIAAiTi9 Date: Tue, 27 Oct 2020 21:15:12 +0000 Message-ID: References: <20201026200059.GA66299@raichu> <723fbd7326df42ce30cd5e361db9c736@neelc.org> <20201027032720.GB31663@raichu> , <20201027125508.GD31663@raichu> In-Reply-To: <20201027125508.GD31663@raichu> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: ac741dde-75ea-4f2d-8df7-08d87abd6474 x-ms-traffictypediagnostic: YTBPR01MB3007: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:6430; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: WEWRXB8eTYQ0w6ViMVx8YYpGCjB6Ej1JrlFhvMmBHviDqc+jeM0WJIM5+cysWCRiXhoHOPS9Gf2Jmmkdc9v+QklOCg1tubYQ8YnuL0aWdjfhZLg1YM7kVDXeg7wzD76zclj7nTrGQammpp+movRAPElLVLWaW6ZTeZG4zB4cC63gh8RN1yMf02SfwYBnoQxUKjW9pnuz3cqgs2EBC49eJLupEMOUHbiQNcf3IMlo3QEJcJGU3tXoRTE0+/dYzgMzQPjnx3pbZauvhL74WuBUuhY+//rSrOAVFHJtq1CxrnLi/N0khK2+tQKfjjl/kB4QCDwXzF8I6HPG5sBe4kPvjRDfplOqhF+u4/kbz5erkjlXF9wWHwI292bfIJeornxh/tUqgLfMNCbZddRk4pJeeA== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(346002)(396003)(366004)(136003)(376002)(39860400002)(71200400001)(66446008)(966005)(5660300002)(66946007)(76116006)(91956017)(64756008)(66556008)(66476007)(8676002)(83380400001)(9686003)(6916009)(8936002)(86362001)(4326008)(478600001)(52536014)(33656002)(186003)(3480700007)(2906002)(7696005)(7116003)(316002)(54906003)(55016002)(6506007)(786003); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: F8QANAFsjG53G2Al+SRoHG2VjzVGa1ogx/mLsOHZxBMhbfMVlIetL50MEF3bRpHzbhXSLZMOXk2YUyXH9JOuWwCbbthY/rIDQC0lr9us5MrFD/kAsw7MZPORDbUrvqz7bZ9rC0yEGviiwFGWn3HaZWl9X0Z7y1QeZ5jNK1FuMmKpBASDFCb37dxL31SMifTcyV3Mw/E0T6505UCnXEBqnHzFiomL1b1H+/jyAmBMzguYjUGaW3mW0ABRho/v0nQKylNsNhNRu5rkTa2GeOAWDUmAr7niJtyTGWvMFM/CRXNsNDGf4Ruj6sXn6DpxJxfgn8WaUGibnBSPKMZUrXUJby+gq0Sq0oX6FhjCOdMxJaoX1J1w+tG34vnlMsDlN1BDmc7Td0mrtjB83mhZxgE1k5f5jY0bzCi7FkwMy6Jm6FjFaS0RYfL0vGSzPkTdzip98kVyaMaDj1StHMttGRJRKG8U7W639Z3exI27ypjHLaDZorJFwcX8lR05tF9novLJNRfH+qOp9NEdC6abOMVIqP3NeKyykEG2LVFnnCNGou/JY/zFc23jmun1lKHvicIsKOpKv7C4bP55t1UmTMZKSgz4H57fdYmHrVtmQT6bF6ds1BGD7SNF2xLjCChBs3ogCR+i3UDQMg+C6p0Xj9+n71xJf0LfZH2B8G3/+c95b869Q+EnPsxnTgXSRbOSjdICT+Vw1nVyVLZ1DctCZdntnw== x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: uoguelph.ca X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: ac741dde-75ea-4f2d-8df7-08d87abd6474 X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Oct 2020 21:15:12.4643 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: be62a12b-2cad-49a1-a5fa-85f4f3156a7d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: BdOnJRB4qRaJlmoAGtswuTQIPhjPkivoxBihPyE1xo76W9+jbC0hRx9PPTd6VQf1WBDC7YcyUOHAHJBS0PZ57w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: YTBPR01MB3007 X-Rspamd-Queue-Id: 4CLPcM1jtJz4DJ4 X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:8075, ipnet:40.104.0.0/14, country:US] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Oct 2020 21:15:15 -0000 Mark Johnston wrote:=0A= >On Tue, Oct 27, 2020 at 04:32:40AM +0000, Rick Macklem wrote:=0A= [stuff snipped]=0A= >> Can it be made to work with the KERN_TLS in head?=0A= >> (KERN_TLS works fine for me using the ktls_ocf and aesni modules.)=0A= >> I think it is only head and requires the patched OpenSSL3 that jhb@=0A= >> currently has.=0A= >=0A= >I hadn't looked at ktls_ocf.c before but at a glance it looks like it=0A= >can make use of any hardware or software opencrypto driver that supports= =0A= >the requested algorithms. The qat(4) port implements the algorithms=0A= >referenced by ktls_ocf_try().=0A= Well, if you were inspired to try it out, the basic doc for NFS-over-TLS is= here:=0A= https://people.freebsd.org/~rmacklem/nfs-over-tls-setup.txt=0A= (Same file is in base/projects/nfs-over-tls on subversion.)=0A= For someone who is used to building/running head kernels, it should be=0A= pretty straightforward.=0A= =0A= You could become the first tester in the whole wide world;-) rick=0A= ps: Although the NFS code uses it in the kernel, I think that an applicatio= n=0A= that uses OpenSSL's SSL_read()/SSL_write via a patched OpenSSL library= ,=0A= has the encrypt/decrypt done in the kernel and the userspace library= =0A= code just does socket I/O with unencrypted data.=0A= pss: Hopefully jhb@ will correct me if I got this wrong.=0A= =0A= > I know nothing about it, except that it seems to work well, doing=0A= > the TLS application data records in the kernel for a TCP socket=0A= > enabled by the patched OpenSSL library.=0A= > I've cc'd jhb@, so hopefully he can let us know what it needs?=0A= =0A= From owner-freebsd-hackers@freebsd.org Wed Oct 28 13:00:47 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B0B37446055 for ; Wed, 28 Oct 2020 13:00:47 +0000 (UTC) (envelope-from dirkx@webweaving.org) Received: from weser.webweaving.org (weser.webweaving.org [148.251.234.232]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "weser.webweaving.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CLpbL2H6pz44jh for ; Wed, 28 Oct 2020 13:00:45 +0000 (UTC) (envelope-from dirkx@webweaving.org) Received: from [10.11.0.190] (94-210-134-94.cable.dynamic.v4.ziggo.nl [94.210.134.94]) (authenticated bits=0) by weser.webweaving.org (8.15.2/8.15.2) with ESMTPSA id 09SCxJB8062498 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Wed, 28 Oct 2020 13:59:23 +0100 (CET) (envelope-from dirkx@webweaving.org) X-Authentication-Warning: weser.webweaving.org: Host 94-210-134-94.cable.dynamic.v4.ziggo.nl [94.210.134.94] claimed to be [10.11.0.190] From: Dirk-Willem van Gulik Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\)) Subject: spigen under uftdi Message-Id: Date: Wed, 28 Oct 2020 13:58:19 +0100 To: "freebsd-hackers@freebsd.org" X-Mailer: Apple Mail (2.3608.120.23.2.4) X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (weser.webweaving.org [148.251.234.232]); Wed, 28 Oct 2020 13:59:23 +0100 (CET) X-Rspamd-Queue-Id: 4CLpbL2H6pz44jh X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of dirkx@webweaving.org designates 148.251.234.232 as permitted sender) smtp.mailfrom=dirkx@webweaving.org X-Spamd-Result: default: False [-1.61 / 15.00]; RCVD_TLS_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; MV_CASE(0.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; HAS_XAW(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.93)[-0.934]; ARC_NA(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; NEURAL_HAM_SHORT(-0.44)[-0.439]; DMARC_NA(0.00)[webweaving.org]; TO_DN_EQ_ADDR_ALL(0.00)[]; NEURAL_HAM_MEDIUM(-0.44)[-0.439]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:148.251.0.0/16, country:DE]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-hackers]; RECEIVED_SPAMHAUS_PBL(0.00)[94.210.134.94:received] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Oct 2020 13:00:47 -0000 Various USB based FT2232H usb to rs232 (and cypress CY7C65211) have a = variant mode where they support SPI (or I2C). I've got this working in a rudimentary way in the uftdi(4) driver. But I'd like to have this surface as a 'normal' spigen(4) device. So it = works with anything that already works on that device*. However - spigen(4) seems very tied to the FDT tree.=20 Is this a viable path ? Or am I better off using the defintions of the ioctl(4) and simply have = the uftdi create something like a /dev/uftdi-spi0.0 sort of device ? With kind regards, Dw *: meaning that an open of /dev/cu.* or tty.* switches to UART mode and = blocks the other modes and vice versa.= From owner-freebsd-hackers@freebsd.org Thu Oct 29 00:23:15 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 04E6C453544; Thu, 29 Oct 2020 00:23:15 +0000 (UTC) (envelope-from yaneurabeya@gmail.com) Received: from mail-pg1-x529.google.com (mail-pg1-x529.google.com [IPv6:2607:f8b0:4864:20::529]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CM5kp0QPgz3Wg1; Thu, 29 Oct 2020 00:23:13 +0000 (UTC) (envelope-from yaneurabeya@gmail.com) Received: by mail-pg1-x529.google.com with SMTP id t14so911181pgg.1; Wed, 28 Oct 2020 17:23:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=gTPriKkDBs743Kd6p/2WnduW+quoeLNNqe4GX7yg9Jg=; b=uqU2VgoPVeH/lbJgOTtTH0hEJUKEfHWyEDc/gpvym8FS5v8EuZ64YL4LzbN8tYNDLq nviR8zN3aQiWEI8O914FqwNWNB8MU7YkTk8A+Vdaac5sgLHDxBIpDYWYswOweKsnVvzk 8e+XSOZaexCSuVD6Qw8VgvFx6GH+Kf7O4t8F3BIVP4sq1XU1M/7vY19KNGyh3l2GciYi zXC0aN3ogo6rgLzMhir6e5Fka0e5IzgML0uoXaVPA6sFwBqPbmoWVadtSuaj/X9FCND4 Cmxa0X9pjeyOD1n6KoPDu+t+GwDxaYCc6cJup+0dRwiQ0D/+SzYhSfSFUxWK2sykGyLo 7NGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=gTPriKkDBs743Kd6p/2WnduW+quoeLNNqe4GX7yg9Jg=; b=ANsshz7K3LsJ9bzzLcVbdntJLeOvn6tSzN8nfRyHyL/fM9p4GimrGd9xWzOVmd2qKa uG1oeUJ/y/YlGvB254m9VDaBmChgxU6l0ta7322HQEyKhdhRGhXjDiUiVnEqV9v7s4jn mN5SqwHQ0y7gYjM33rsbFJUs33nZZCUl1L9l+osPSP03+rXXbzhkeBJmrd3HKYxuikRm KOmhMO+LsawML2Vc7IZioW3SWOarh7rOSLiILmE70UrbFwNFSj+O7MhSVAIgSnA+fPqC xvWz6Gh4LPvsqc6SV40NW0TpHH6o8bpX60JMkwIO3CeJE6bKXwLOOxO3T6XlS/VERsaW q+ew== X-Gm-Message-State: AOAM533bFBbtg0xLs8biixZRNIFnppOUPdz0i8Xgr7WTAzmcW+BgniWu hW6VINwJlEbIXhus0doeFOlW9irAw/uz7g== X-Google-Smtp-Source: ABdhPJw87UBZoE1WSqvyYjno04Tmr9G/5/rUUEGTkfMldXdDL8W29d8Yab6eaZtS9LuzPjHbk47YPQ== X-Received: by 2002:a63:5644:: with SMTP id g4mr1772501pgm.145.1603930990409; Wed, 28 Oct 2020 17:23:10 -0700 (PDT) Received: from [192.168.20.26] (c-73-19-52-228.hsd1.wa.comcast.net. [73.19.52.228]) by smtp.gmail.com with ESMTPSA id l3sm525891pju.28.2020.10.28.17.23.09 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 28 Oct 2020 17:23:09 -0700 (PDT) From: Enji Cooper Message-Id: <0217233F-9E0D-47EC-AAAA-1C19551C2FF9@gmail.com> Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.1\)) Subject: Re: Testing with lua/atf-lua reviews Date: Wed, 28 Oct 2020 17:23:08 -0700 In-Reply-To: Cc: freebsd-testing@freebsd.org, FreeBSD Hackers To: Kyle Evans References: X-Mailer: Apple Mail (2.3608.120.23.2.1) X-Rspamd-Queue-Id: 4CM5kp0QPgz3Wg1 X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=uqU2VgoP; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of yaneurabeya@gmail.com designates 2607:f8b0:4864:20::529 as permitted sender) smtp.mailfrom=yaneurabeya@gmail.com X-Spamd-Result: default: False [-3.00 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.48)[-0.481]; RECEIVED_SPAMHAUS_PBL(0.00)[73.19.52.228:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; MID_RHS_MATCH_FROM(0.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.01)[-1.008]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.01)[-1.014]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::529:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-testing,freebsd-hackers] Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Oct 2020 00:23:15 -0000 > On Oct 24, 2020, at 9:09 AM, Kyle Evans wrote: >=20 > Hello! >=20 > I've just put up for review some work I've done to allow us to write > tests in lua, primarily intended to test the lua libs we're writing. > Please feel free to add yourself or drop in for some commentary: >=20 > - https://reviews.freebsd.org/D26928 - atf-lua(1)/atf-lua(3) itself > - https://reviews.freebsd.org/D26929 - Build glue for atf-lua > - https://reviews.freebsd.org/D26930 - atf.tests.mk infrastructure for > adding tests > - https://reviews.freebsd.org/D26931 - Build glue for atf-lua tests > - https://reviews.freebsd.org/D26932 - jail(3lua) tests, as a sample >=20 > Note that D26932 has an additional hard dependency on the libjail > bindings and some additions I've made to them, notably: D26080, > D26756, and D26927. Hi Kyle, I realize that I haven=E2=80=99t been fully in the loop lately due to = time and focusing on other things, but I=E2=80=99m not fully onboard = with this approach. In particular, one of the things that jmmv was more onboard with was = limiting atf, not extending it, and I agree with his desire to not do = that. Furthermore, why isn=E2=80=99t this using the luaunit framework instead = and the support being added to kyua to support luaunit: = http://lua-users.org/wiki/UnitTesting = ? There are a ton of caveats = with ATF that I would rather not support longer than necessary and = having to teach folks how to use a homegrown test infrastructure instead = of leveraging an open source test infrastructure which is supported by = an external group. Doing the latter makes maintenance easy for us and = improves the utility of the support better. Thank you, -Enji= From owner-freebsd-hackers@freebsd.org Thu Oct 29 00:43:31 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B133C45410A; Thu, 29 Oct 2020 00:43:31 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CM6BC4KVjz3YMR; Thu, 29 Oct 2020 00:43:31 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: from mail-qt1-f176.google.com (mail-qt1-f176.google.com [209.85.160.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) (Authenticated sender: kevans) by smtp.freebsd.org (Postfix) with ESMTPSA id 735661D466; Thu, 29 Oct 2020 00:43:31 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: by mail-qt1-f176.google.com with SMTP id i7so882130qti.6; Wed, 28 Oct 2020 17:43:31 -0700 (PDT) X-Gm-Message-State: AOAM531i0akd20oITqNrlVwd62qh9JMMywRevMqsySo6cYPPAcHoIUB5 Fo1xV1VRICUG/FXzwIkovHF0XzI259pT4cEgpyQ= X-Google-Smtp-Source: ABdhPJzplWLEfkhjJKo3yPp6c9zZN9WiSgH+WTMjnrd6ozKttXfJwEmJfqq1o1tUnL58I26h4AxfrfIV+dVak8UbtD4= X-Received: by 2002:ac8:3975:: with SMTP id t50mr1503038qtb.53.1603932210998; Wed, 28 Oct 2020 17:43:30 -0700 (PDT) MIME-Version: 1.0 References: <0217233F-9E0D-47EC-AAAA-1C19551C2FF9@gmail.com> In-Reply-To: <0217233F-9E0D-47EC-AAAA-1C19551C2FF9@gmail.com> From: Kyle Evans Date: Wed, 28 Oct 2020 19:43:20 -0500 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Testing with lua/atf-lua reviews To: Enji Cooper Cc: freebsd-testing@freebsd.org, FreeBSD Hackers Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Oct 2020 00:43:31 -0000 On Wed, Oct 28, 2020 at 7:23 PM Enji Cooper wrote: > > > On Oct 24, 2020, at 9:09 AM, Kyle Evans wrote: > > Hello! > > I've just put up for review some work I've done to allow us to write > tests in lua, primarily intended to test the lua libs we're writing. > Please feel free to add yourself or drop in for some commentary: > > - https://reviews.freebsd.org/D26928 - atf-lua(1)/atf-lua(3) itself > - https://reviews.freebsd.org/D26929 - Build glue for atf-lua > - https://reviews.freebsd.org/D26930 - atf.tests.mk infrastructure for > adding tests > - https://reviews.freebsd.org/D26931 - Build glue for atf-lua tests > - https://reviews.freebsd.org/D26932 - jail(3lua) tests, as a sample > > Note that D26932 has an additional hard dependency on the libjail > bindings and some additions I've made to them, notably: D26080, > D26756, and D26927. > > > Hi Kyle, > > I realize that I haven=E2=80=99t been fully in the loop lately due to tim= e and focusing on other things, but I=E2=80=99m not fully onboard with this= approach. > > In particular, one of the things that jmmv was more onboard with was limi= ting atf, not extending it, and I agree with his desire to not do that. > Sure- > Furthermore, why isn=E2=80=99t this using the luaunit framework instead a= nd the support being added to kyua to support luaunit: http://lua-users.or= g/wiki/UnitTesting ? There are a ton of caveats with ATF that I would rathe= r not support longer than necessary and having to teach folks how to use a = homegrown test infrastructure instead of leveraging an open source test inf= rastructure which is supported by an external group. Doing the latter makes= maintenance easy for us and improves the utility of the support better. > I had actually considered this, but ruled it out due to a couple factors. The main one was that there's really no benefit with adopting yet another test framework for base -- I think we're much less likely to get people that are already familiar with luaunit contributing to our base tests than we are to get people in one of two other camps: 1. They already work with our vast array of other ATF !lua tests and would find themselves staring at a really familiar interface, or 2. They don't, they want to work on Lua stuff and Lua tests in base, then an ATF lua interface will be at least somewhat applicable to other areas of our test infrastructure I haven't dumped all that much time into this, though, so I have no problem taking another aerial glance at it. From owner-freebsd-hackers@freebsd.org Thu Oct 29 01:03:12 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7A4C94545D4 for ; Thu, 29 Oct 2020 01:03:12 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CM6cw2hjPz3Z0S for ; Thu, 29 Oct 2020 01:03:12 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: from mail-qk1-f172.google.com (mail-qk1-f172.google.com [209.85.222.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) (Authenticated sender: kevans) by smtp.freebsd.org (Postfix) with ESMTPSA id 398601DEC0 for ; Thu, 29 Oct 2020 01:03:12 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: by mail-qk1-f172.google.com with SMTP id p3so773052qkk.7 for ; Wed, 28 Oct 2020 18:03:12 -0700 (PDT) X-Gm-Message-State: AOAM530EU4ICrO29IvmSiN+kUIjxJpWSvPguKYrzDUNQmT9Lty2LIUkd ukBvK5aNQUn/Nr7LE3oSaeQSKlMxWGszfATlWw8= X-Received: by 2002:a37:6309:: with SMTP id x9mt678847qkb.493.1603933391820; Wed, 28 Oct 2020 18:03:11 -0700 (PDT) MIME-Version: 1.0 References: <0217233F-9E0D-47EC-AAAA-1C19551C2FF9@gmail.com> In-Reply-To: From: Kyle Evans Date: Wed, 28 Oct 2020 20:03:00 -0500 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Testing with lua/atf-lua reviews Cc: Enji Cooper , freebsd-testing@freebsd.org, FreeBSD Hackers Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Oct 2020 01:03:12 -0000 On Wed, Oct 28, 2020 at 7:43 PM Kyle Evans wrote: > > On Wed, Oct 28, 2020 at 7:23 PM Enji Cooper wrote= : > > > > > > On Oct 24, 2020, at 9:09 AM, Kyle Evans wrote: > > > > Hello! > > > > I've just put up for review some work I've done to allow us to write > > tests in lua, primarily intended to test the lua libs we're writing. > > Please feel free to add yourself or drop in for some commentary: > > > > - https://reviews.freebsd.org/D26928 - atf-lua(1)/atf-lua(3) itself > > - https://reviews.freebsd.org/D26929 - Build glue for atf-lua > > - https://reviews.freebsd.org/D26930 - atf.tests.mk infrastructure for > > adding tests > > - https://reviews.freebsd.org/D26931 - Build glue for atf-lua tests > > - https://reviews.freebsd.org/D26932 - jail(3lua) tests, as a sample > > > > Note that D26932 has an additional hard dependency on the libjail > > bindings and some additions I've made to them, notably: D26080, > > D26756, and D26927. > > > > > > Hi Kyle, > > > > I realize that I haven=E2=80=99t been fully in the loop lately due to t= ime and focusing on other things, but I=E2=80=99m not fully onboard with th= is approach. > > > > In particular, one of the things that jmmv was more onboard with was li= miting atf, not extending it, and I agree with his desire to not do that. > > > > Sure- > > > Furthermore, why isn=E2=80=99t this using the luaunit framework instead= and the support being added to kyua to support luaunit: http://lua-users.= org/wiki/UnitTesting ? There are a ton of caveats with ATF that I would rat= her not support longer than necessary and having to teach folks how to use = a homegrown test infrastructure instead of leveraging an open source test i= nfrastructure which is supported by an external group. Doing the latter mak= es maintenance easy for us and improves the utility of the support better. > > > > I had actually considered this, but ruled it out due to a couple > factors. The main one was that there's really no benefit with adopting > yet another test framework for base -- I think we're much less likely > to get people that are already familiar with luaunit contributing to > our base tests than we are to get people in one of two other camps: > > 1. They already work with our vast array of other ATF !lua tests and > would find themselves staring at a really familiar interface, or > 2. They don't, they want to work on Lua stuff and Lua tests in base, > then an ATF lua interface will be at least somewhat applicable to > other areas of our test infrastructure > > I haven't dumped all that much time into this, though, so I have no > problem taking another aerial glance at it. Oh, oh dear. luaunit already supports TAP output: https://luaunit.readthedocs.io/en/latest/#output-formats I kinda prefer the minimal verbosity text format that it defaults to, but as far as effort to get off the ground goes... that's likely impossible to beat. From owner-freebsd-hackers@freebsd.org Thu Oct 29 07:22:06 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3370B44376C for ; Thu, 29 Oct 2020 07:22:06 +0000 (UTC) (envelope-from agapon@gmail.com) Received: from mail-lf1-f43.google.com (mail-lf1-f43.google.com [209.85.167.43]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CMH246yfGz4Hkm for ; Thu, 29 Oct 2020 07:22:04 +0000 (UTC) (envelope-from agapon@gmail.com) Received: by mail-lf1-f43.google.com with SMTP id 141so2009223lfn.5 for ; Thu, 29 Oct 2020 00:22:04 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=yHJmen/891h88Kxx09tGtiMX+rZ5IlMJHYuVh94XCtw=; b=XC6jYKKUEUKTncHeoog4+8k89pub158po6Ltzw6awlAhQllxBiT/WhbOwJDtrzTLAg jCFzZJMStOs1mj5nuygQUGj1ipKHkhtXYGRNCIn0vSJjO1enq4GvhX5hqg8pkutWBb77 4pYLJt53BECc6OYYtzPyLvd5J70DCW0/7EwhiB6aSjT5dysdowRrass7z4U0q+IXt5Zw dZfbsBKgXabGGFVlxhPPYV0CYHx/EPVK37o3jhowJCFFvrKJuPg8quqCdGF4MuOb298T RwI3LXeWENTMvKdkCbrIrgm12SzNQcbgJBudPLwEX5UejpkpYcgmCBRWUahFcQ1v9RLu Qi9g== X-Gm-Message-State: AOAM530vRbplvHjKNPcF2tOnNJPi4BPufoUGywO3TKeyEJpdjKjIWUZR FRlbh9p7qHuCQnODIDLwwE4sHqG3c5hWZA== X-Google-Smtp-Source: ABdhPJw/MEviI7sPrU/mdpH8WircTCWQCKpVUiyVXqqZ0S3w/zGUW4N381hne3WBnHt9tZH+r+KuTA== X-Received: by 2002:ac2:5c05:: with SMTP id r5mr1118899lfp.27.1603956122991; Thu, 29 Oct 2020 00:22:02 -0700 (PDT) Received: from [192.168.0.88] (east.meadow.volia.net. [93.72.151.96]) by smtp.googlemail.com with ESMTPSA id p14sm193194lfc.40.2020.10.29.00.22.02 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 29 Oct 2020 00:22:02 -0700 (PDT) Subject: Re: spigen under uftdi To: Dirk-Willem van Gulik , "freebsd-hackers@freebsd.org" References: From: Andriy Gapon Message-ID: <506c794f-5ed5-9cdf-074d-ac1eb75a082a@FreeBSD.org> Date: Thu, 29 Oct 2020 09:22:01 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Firefox/60.0 Thunderbird/60.9.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4CMH246yfGz4Hkm X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of agapon@gmail.com designates 209.85.167.43 as permitted sender) smtp.mailfrom=agapon@gmail.com X-Spamd-Result: default: False [-2.79 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17:c]; RCVD_COUNT_THREE(0.00)[3]; NEURAL_HAM_SHORT(-0.77)[-0.774]; RCPT_COUNT_TWO(0.00)[2]; FORGED_SENDER(0.30)[avg@FreeBSD.org,agapon@gmail.com]; RECEIVED_SPAMHAUS_PBL(0.00)[93.72.151.96:received]; MIME_TRACE(0.00)[0:+]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; MID_RHS_MATCH_FROM(0.00)[]; FROM_NEQ_ENVFROM(0.00)[avg@FreeBSD.org,agapon@gmail.com]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.001]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.02)[-1.016]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; DMARC_NA(0.00)[FreeBSD.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[209.85.167.43:from]; RWL_MAILSPIKE_POSSIBLE(0.00)[209.85.167.43:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Oct 2020 07:22:06 -0000 On 28/10/2020 14:58, Dirk-Willem van Gulik wrote: > However - spigen(4) seems very tied to the FDT tree. It is supposed to work on non-FDT systems via hints. -- Andriy From owner-freebsd-hackers@freebsd.org Thu Oct 29 13:29:14 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1E605451412; Thu, 29 Oct 2020 13:29:14 +0000 (UTC) (envelope-from carbaecker@gmx.de) Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CMR9h6Wycz3V6Z; Thu, 29 Oct 2020 13:29:12 +0000 (UTC) (envelope-from carbaecker@gmx.de) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1603978150; bh=jhw79CVQ3CSBtatw6Ny6llP9Kr+FDNwPB2UWDc8UQ38=; h=X-UI-Sender-Class:To:From:Subject:Date; b=H/z/awiR2BZW66s3nRgmNLxnqqGf22lYS4MurJm+xXoFwzKKCSLGl1GqGjKOk0n2q imHLdiB4tW2nJRQ/dx3yrhETjQ0RfvHtCFiXq2WmeGdpBeDw6coT4cqDhMI0duLnsG uKQb9jFTUWpRROyB2wGktm85GOpH4MDsGz5fUFeE= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from [192.168.178.30] ([94.31.96.148]) by mail.gmx.com (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MfYPY-1jsDbK1wNc-00fzbo; Thu, 29 Oct 2020 14:29:10 +0100 To: freebsd-hackers@freebsd.org, freebsd-arm@freebsd.org From: =?UTF-8?Q?Carsten_B=c3=a4cker?= Subject: Problem with checksum offloading on RPi3 (PF + Jails involved) Message-ID: <748edc3d-4ef7-c4de-291f-7c0b460a6052@gmx.de> Date: Thu, 29 Oct 2020 14:29:09 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.12.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Content-Language: de-DE X-Provags-ID: V03:K1:W605A4j4bSJKjglN0SEstJZcTQa0AtRcce7Lx8IlLRIqBIoMw4s P0TsW+dFV3nwpqnCcZfSzG2bU7marhjlfl3NGgWGlqBXD6Jlf89pTg86B7OEaaw1hVBRBjT t2GAEghZygzVJQ2NTuCb0uEi7NBAlEb+ayc0Wt/GdJTmb+wdZJgMQ1FTwDnV2ywyS0vCM+Z xFzPlAFI0uLXD36d32nwQ== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:5sGi+kS2png=:QFJFo2ZfQwjI0apVTvpijR 4rZPdco9k2yTH2qWUcwSj1ALiKbmPNcbqnxp3Jn0uvPguFLG2rnzXiM4MwDjBjL2unpnE9ax+ EEG5I0BLgYGXYH8SUEB+WWEC3veGETx0o49B909lB7WI9zLCv6MBhJKySXGh45fhJ7aUkyzcY cisNP6/59+koSKmwyGSS2v2TM4HvHwfGynzFpvMjtkA/RER0x4whAML9MdGgWAOdejXylLM1z V7IufilBjqUcI3c6n6PmjKfpxY988nx7kQtUw2MOM71qaV5MPwNFN5nq9b8vHV432qa2LbhOn nAI9u13GxJezPM0mJh1MhqJjtWe1Og2JAeAy6FIafk4liZcnAcr8gAdmYPEeyONBZhZdTOule WsWly4APcEwXgY4lsovGRmQvUmhcbyfwb4gG5HKiCopnz6NOPf7nNKojmDPQPP5IVWy03T7M5 0FxEQvyncPZ5k7Z/Bbj23FhbXe3CVBLuhQij4jOrryyCkZX6fQ4Y72UYYBkdUAXkaTfr/hp0y yMHIAwsdTQVem8fzcWa/FAa9YUsoj08T0NjaIWCTTnkLIYL1xPWE5U30MQI21Flh6W7qo9exc OrXiXWsPR4+9hEuP8fTb/gHfbTJP24GFOaw9eR/cWn4AsLVfopSKZKaBGVJfSjtaUitRBQAF9 8GpgTIIUVjvkNAq6299G6b6deCnJwLI7pClLMjEoHRnyGJkjWzJKqZZ6YJkSyLQ9ZCGOwAtJh /64tLxLJnaSxfxWXZIknqroJPg3KyGhv8zBLAyARKmZBWSeQjuOHuJVVnpH/eXiPsnpRM6649 O2mtAnk2TxeKrzqpslXF3aCnJdFI9FOSpwzn2NcZH7HlJWy0Nv/hZFxgF2OusYQ9m4CsIuZY8 +Mdb6XhfdwA5M+Inbg7Q== X-Rspamd-Queue-Id: 4CMR9h6Wycz3V6Z X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmx.net header.s=badeba3b8450 header.b=H/z/awiR; dmarc=none; spf=pass (mx1.freebsd.org: domain of carbaecker@gmx.de designates 212.227.17.21 as permitted sender) smtp.mailfrom=carbaecker@gmx.de X-Spamd-Result: default: False [-2.56 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; FREEMAIL_FROM(0.00)[gmx.de]; R_SPF_ALLOW(-0.20)[+ip4:212.227.17.0/27]; TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[gmx.net:+]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.03)[-0.035]; RECEIVED_SPAMHAUS_PBL(0.00)[94.31.96.148:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmx.de]; MID_RHS_MATCH_FROM(0.00)[]; ASN(0.00)[asn:8560, ipnet:212.227.0.0/16, country:DE]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.93)[-0.933]; R_DKIM_ALLOW(-0.20)[gmx.net:s=badeba3b8450]; RCVD_IN_DNSWL_LOW(-0.10)[212.227.17.21:from]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.99)[-0.992]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[gmx.de]; RWL_MAILSPIKE_POSSIBLE(0.00)[212.227.17.21:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers,freebsd-arm] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Oct 2020 13:29:14 -0000 Hi Hackers, just stumbled upon a problem on my RPi3, but i am not sure if this is arm-related. Running System: "FreeBSD generic 12.1-RELEASE-p9 FreeBSD 12.1-RELEASE-p9 r365508 GENERIC=C2=A0 arm64" I created a jail and set up NAT using PF. Same configuration runs perfectly on my server. However the jail was unable to resolve hostnames. After enabling pflog for the NAT-rules i noticed these errors: "[bad udp cksum 0xe58a -> 0x482d!]" So i disabled checksum offloading and everything worked fine. "ifconfig ue0 -rxcsum" Any chance to get this fixed? Regards Carsten From owner-freebsd-hackers@freebsd.org Thu Oct 29 14:00:19 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C117A452223; Thu, 29 Oct 2020 14:00:19 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CMRsb4jnDz3XC0; Thu, 29 Oct 2020 14:00:19 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from venus.codepro.be (venus.codepro.be [5.9.86.228]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx1.codepro.be", Issuer "Let's Encrypt Authority X3" (verified OK)) (Authenticated sender: kp) by smtp.freebsd.org (Postfix) with ESMTPSA id 6C4892364E; Thu, 29 Oct 2020 14:00:19 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: by venus.codepro.be (Postfix, authenticated sender kp) id 55BC029A72; Thu, 29 Oct 2020 15:00:17 +0100 (CET) From: "Kristof Provost" To: "Carsten =?utf-8?q?B=C3=A4cker?=" Cc: freebsd-hackers@freebsd.org, freebsd-arm@freebsd.org Subject: Re: Problem with checksum offloading on RPi3 (PF + Jails involved) Date: Thu, 29 Oct 2020 15:00:16 +0100 X-Mailer: MailMate (1.13.2r5673) Message-ID: In-Reply-To: <748edc3d-4ef7-c4de-291f-7c0b460a6052@gmx.de> References: <748edc3d-4ef7-c4de-291f-7c0b460a6052@gmx.de> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Oct 2020 14:00:19 -0000 On 29 Oct 2020, at 14:29, Carsten Bäcker wrote: > Hi Hackers, > > just stumbled upon a problem on my RPi3, but i am not sure if this is > arm-related. > > Running System: > "FreeBSD generic 12.1-RELEASE-p9 FreeBSD 12.1-RELEASE-p9 r365508 > GENERIC  arm64" > > I created a jail and set up NAT using PF. Same configuration runs > perfectly on my server. > However the jail was unable to resolve hostnames. > > After enabling pflog for the NAT-rules i noticed these errors: > "[bad udp cksum 0xe58a -> 0x482d!]" > > So i disabled checksum offloading and everything worked fine. > "ifconfig ue0 -rxcsum" > > Any chance to get this fixed? > First someone’s going to have to be able to reproduce it. I fixed issues related to checksums in pf years ago, and while I’ve heard vague reports that it still wasn’t fixed in all cases I’ve not yet been able to reproduce (or even have someone else reproduce) those issues. My initial suspicion would fall to the network driver rather than pf itself. Let’s start by figuring out which one that is. Presumably you’ve got a USB ethernet thing plugged in. Which one? (`sudo usbconfig dump_device_desc` will help). Best, Kristof From owner-freebsd-hackers@freebsd.org Thu Oct 29 15:31:01 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1C08F455147; Thu, 29 Oct 2020 15:31:01 +0000 (UTC) (envelope-from carbaecker@gmx.de) Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CMTtC5Hyxz3fC2; Thu, 29 Oct 2020 15:30:59 +0000 (UTC) (envelope-from carbaecker@gmx.de) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1603985458; bh=FFeMyaek/1S1BK9I7yFUtsJxP5eTvf/Mr2dfv2yzHwY=; h=X-UI-Sender-Class:Subject:To:Cc:References:From:Date:In-Reply-To; b=doNM9l5gNA9NgcpqPCsVkfNf2TEP8Er7UIdyxt08pOalCYIxsjJg4nUDTnNjd8WvM SlYpM/qx9Y8WZKUoFOhI4HH8per/RftY1u7XO4rwpTlwRnRgGAbq5pTUK0pHCU24yt 2pwumJ9cM8tgB200xXjezIoc+53cslqUqMTyO29Y= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from [192.168.178.30] ([94.31.96.148]) by mail.gmx.com (mrgmx004 [212.227.17.190]) with ESMTPSA (Nemesis) id 1N8XTv-1kL0qG3Xtp-014X6s; Thu, 29 Oct 2020 16:30:57 +0100 Subject: Re: Problem with checksum offloading on RPi3 (PF + Jails involved) To: Kristof Provost Cc: freebsd-hackers@freebsd.org, freebsd-arm@freebsd.org References: <748edc3d-4ef7-c4de-291f-7c0b460a6052@gmx.de> From: =?UTF-8?Q?Carsten_B=c3=a4cker?= Message-ID: <5130ee46-5832-d4df-d774-c6bd32e10b30@gmx.de> Date: Thu, 29 Oct 2020 16:30:57 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.12.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/mixed; boundary="------------8525AC5C83CABE85BE679B1A" Content-Language: de-DE X-Provags-ID: V03:K1:POgbE6+lfBN4kKavXDJ+9WbkwFRUh2bM2RrEOizidLNImyzZpW2 nAb9ItltrMz+GYIemQDr/2IkTPjy6UdsSNog06AwvqEqCL5DCIQWsBTxvRayBkmfzIvsWlJ 7IhU5Z//RuTjKoiRdErQ6OuOEgafqa/v9s6Az6jkXdPbZ7ANEyJBrLgIFTEIKO/b9UrrMm4 mwAnhn/WnF38Q7Tv58MiQ== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:8co5HnQofMQ=:938hGvLr265H1R1jqn0s2N pc8O1c3H3yjRKHis4Cx9Ww7VIp4BFD82lrE9UnMojhmN1Vc+BRmQOO43tLUSKkhVlN7n8hl/C 4RsPt5yGAfFdpZqTL/93fJQJ+vyoftcAz5GSFFuxxPRoUgJ4COLpzhaK8aIg9vg/EXOnvz8PZ Mz4Zeu1JFuh7hDHJuM5idaaQZLTiACpyuvgkG8dbibLuOOii5YpgXro0sbD8g1twvbdiE6RgB /vFVfVRP1p9jFQRrP5BI8Mz6VUtcUtIkOZ82sA46cU6OYMwUvnKCb1sBYSb6aYKpCoh68x/ee bASO3rjEfu/GC1I8Y4REDPbYoZYD+sFKpfdZqlrH9AEv8UQiv/o4G+OZCIT7+0rZZouQvfoK8 wiDZ8NvEBsVuzB7X7ShX7ilLBwLDx/cPBMiexj0Mzar0WpFeuD/oOl1WIVrXHVPWj/KE57eGp UquKAmGToa0V6/uAP9Y9Pw0kIQuVyBKbAe/YlyJmEPrx6qT8RS3/HtZIJ6kZ3tb4++7qiIM82 /SJsVTJteE8HfShaAgxntpcnZ1XCcIlqTTiUriwyYdcqvKLa05mV1YFGkJsymsceUikWwt7o+ KbgdSVWxMfbWIHD0PLgLUSs1JHiGQL1IvS1h4sItR8nBlV+tjJdIWNPS0iABYqvJ7jmWihzfR VsJAfYWHDln7MzJoHZa9zGm80qgvdKrOjhMEJorG82THFQaF4lBnerHvpe+eSZzX1f9Yejd6u LdLif9IbBRnx9S9EIijK948diFppyatTOR3mkC/8qTrhJU6B3OlWRu34RW/lt6wqOZqVfLAuv Yw8InYm79d/hPfkun/KNeDUvsRLVGyRxTqIH7lIWI4FaPeQwU77i7VdEDl3Vm5G9qaNaM0igV M4Ua1yAkpW517O7ht+vw== X-Rspamd-Queue-Id: 4CMTtC5Hyxz3fC2 X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmx.net header.s=badeba3b8450 header.b=doNM9l5g; dmarc=none; spf=pass (mx1.freebsd.org: domain of carbaecker@gmx.de designates 212.227.15.18 as permitted sender) smtp.mailfrom=carbaecker@gmx.de X-Spamd-Result: default: False [-1.33 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmx.de]; R_SPF_ALLOW(-0.20)[+ip4:212.227.15.0/25]; HAS_ATTACHMENT(0.00)[]; MIME_BASE64_TEXT_BOGUS(1.00)[]; DKIM_TRACE(0.00)[gmx.net:+]; MIME_BASE64_TEXT(0.10)[]; CTYPE_MIXED_BOGUS(1.00)[]; NEURAL_HAM_SHORT(-0.86)[-0.863]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:+,3:+,4:+,5:+,6:+]; FREEMAIL_ENVFROM(0.00)[gmx.de]; ASN(0.00)[asn:8560, ipnet:212.227.0.0/16, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[212.227.15.18:from]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.97)[-0.970]; R_DKIM_ALLOW(-0.20)[gmx.net:s=badeba3b8450]; RECEIVED_SPAMHAUS_PBL(0.00)[94.31.96.148:received]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.99)[-0.994]; MIME_GOOD(-0.10)[multipart/mixed,text/plain]; DMARC_NA(0.00)[gmx.de]; SH_EMAIL_DBL_DONT_QUERY_IPS(0.00)[0.0.0.0:email]; DBL_PROHIBIT(0.00)[0.0.0.0:email]; RWL_MAILSPIKE_POSSIBLE(0.00)[212.227.15.18:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers,freebsd-arm] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Oct 2020 15:31:01 -0000 This is a multi-part message in MIME format. --------------8525AC5C83CABE85BE679B1A Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Sure, i am willing to help. Device is a Raspberry Pi 3B (not +), using the onboard-ethernet. I attached a bunch of information. Configuration is stripped down to the minimum required to reproduce the problem. I noticed another side-effect of disabling checksum offloading: SSH-access using IPv6 (rtsold) works much smoother/more reliable than before. Best regards, Carsten Am 29.10.2020 um 15:00 schrieb Kristof Provost: > > On 29 Oct 2020, at 14:29, Carsten B=C3=A4cker wrote: > > Hi Hackers, > > just stumbled upon a problem on my RPi3, but i am not sure if this i= s > arm-related. > > Running System: > "FreeBSD generic 12.1-RELEASE-p9 FreeBSD 12.1-RELEASE-p9 r365508 > GENERIC=C2=A0 arm64" > > I created a jail and set up NAT using PF. Same configuration runs > perfectly on my server. > However the jail was unable to resolve hostnames. > > After enabling pflog for the NAT-rules i noticed these errors: > "[bad udp cksum 0xe58a -> 0x482d!]" > > So i disabled checksum offloading and everything worked fine. > "ifconfig ue0 -rxcsum" > > Any chance to get this fixed? > > First someone=E2=80=99s going to have to be able to reproduce it. > > I fixed issues related to checksums in pf years ago, and while I=E2=80= =99ve > heard vague reports that it still wasn=E2=80=99t fixed in all cases I=E2= =80=99ve not > yet been able to reproduce (or even have someone else reproduce) those > issues. > > My initial suspicion would fall to the network driver rather than pf > itself. > Let=E2=80=99s start by figuring out which one that is. > > Presumably you=E2=80=99ve got a USB ethernet thing plugged in. Which one= ? > (|sudo usbconfig dump_device_desc| will help). > > Best, > Kristof > --------------8525AC5C83CABE85BE679B1A Content-Type: text/plain; charset=UTF-8; name="dmesg.today" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="dmesg.today" LS0tPDxCT09UPj4tLS0KQ29weXJpZ2h0IChjKSAxOTkyLTIwMTkgVGhlIEZyZWVCU0QgUHJv amVjdC4KQ29weXJpZ2h0IChjKSAxOTc5LCAxOTgwLCAxOTgzLCAxOTg2LCAxOTg4LCAxOTg5 LCAxOTkxLCAxOTkyLCAxOTkzLCAxOTk0CglUaGUgUmVnZW50cyBvZiB0aGUgVW5pdmVyc2l0 eSBvZiBDYWxpZm9ybmlhLiBBbGwgcmlnaHRzIHJlc2VydmVkLgpGcmVlQlNEIGlzIGEgcmVn aXN0ZXJlZCB0cmFkZW1hcmsgb2YgVGhlIEZyZWVCU0QgRm91bmRhdGlvbi4KRnJlZUJTRCAx Mi4xLVJFTEVBU0UtcDkgcjM2NTUwOCBHRU5FUklDIGFybTY0CkZyZWVCU0QgY2xhbmcgdmVy c2lvbiA4LjAuMSAodGFncy9SRUxFQVNFXzgwMS9maW5hbCAzNjY1ODEpIChiYXNlZCBvbiBM TFZNIDguMC4xKQpWVChlZmlmYik6IHJlc29sdXRpb24gNjU2eDQxNgpLTEQgZmlsZSB1bW9k ZW0ua28gaXMgbWlzc2luZyBkZXBlbmRlbmNpZXMKU3RhcnRpbmcgQ1BVIDEgKDEpClN0YXJ0 aW5nIENQVSAyICgyKQpTdGFydGluZyBDUFUgMyAoMykKRnJlZUJTRC9TTVA6IE11bHRpcHJv Y2Vzc29yIFN5c3RlbSBEZXRlY3RlZDogNCBDUFVzCnJhbmRvbTogdW5ibG9ja2luZyBkZXZp Y2UuCnJhbmRvbTogZW50cm9weSBkZXZpY2UgZXh0ZXJuYWwgaW50ZXJmYWNlCk1BUCAzOWY0 YTAwMCBtb2RlIDIgcGFnZXMgMQpNQVAgMzlmNGYwMDAgbW9kZSAyIHBhZ2VzIDEKTUFQIDNi MzUwMDAwIG1vZGUgMiBwYWdlcyAxNgpNQVAgM2YxMDAwMDAgbW9kZSAxIHBhZ2VzIDEKa2Jk MCBhdCBrYmRtdXgwCm9md2J1czA6IDxPcGVuIEZpcm13YXJlIERldmljZSBUcmVlPgpzaW1w bGVidXMwOiA8RmxhdHRlbmVkIGRldmljZSB0cmVlIHNpbXBsZSBidXM+IG9uIG9md2J1czAK b2Z3X2Nsa2J1czA6IDxPRlcgY2xvY2tzIGJ1cz4gb24gb2Z3YnVzMApjbGtfZml4ZWQwOiA8 Rml4ZWQgY2xvY2s+IG9uIG9md19jbGtidXMwCmNsa19maXhlZDE6IDxGaXhlZCBjbG9jaz4g b24gb2Z3X2Nsa2J1czAKcmVnZml4MDogPEZpeGVkIFJlZ3VsYXRvcj4gb24gb2Z3YnVzMApy ZWdmaXgxOiA8Rml4ZWQgUmVndWxhdG9yPiBvbiBvZndidXMwCnBzY2kwOiA8QVJNIFBvd2Vy IFN0YXRlIENvLW9yZGluYXRpb24gSW50ZXJmYWNlIERyaXZlcj4gb24gb2Z3YnVzMApsaW50 YzA6IDxCQ00yODM2IEludGVycnVwdCBDb250cm9sbGVyPiBtZW0gMHg0MDAwMDAwMC0weDQw MDAwMGZmIG9uIHNpbXBsZWJ1czAKaW50YzA6IDxCQ00yODM1IEludGVycnVwdCBDb250cm9s bGVyPiBtZW0gMHg3ZTAwYjIwMC0weDdlMDBiM2ZmIGlycSAyMCBvbiBzaW1wbGVidXMwCmdw aW8wOiA8QkNNMjcwOC8yODM1IEdQSU8gY29udHJvbGxlcj4gbWVtIDB4N2UyMDAwMDAtMHg3 ZTIwMDBiMyBpcnEgMjMsMjQgb24gc2ltcGxlYnVzMApncGlvYnVzMDogPE9GVyBHUElPIGJ1 cz4gb24gZ3BpbzAKZ2VuZXJpY190aW1lcjA6IDxBUk12NyBHZW5lcmljIFRpbWVyPiBpcnEg MCwxLDIsMyBvbiBvZndidXMwClRpbWVjb3VudGVyICJBUk0gTVBDb3JlIFRpbWVjb3VudGVy IiBmcmVxdWVuY3kgMTkyMDAwMDAgSHogcXVhbGl0eSAxMDAwCkV2ZW50IHRpbWVyICJBUk0g TVBDb3JlIEV2ZW50dGltZXIiIGZyZXF1ZW5jeSAxOTIwMDAwMCBIeiBxdWFsaXR5IDEwMDAK dXNiX25vcF94Y2VpdjA6IDxVU0IgTk9QIFBIWT4gb24gb2Z3YnVzMApiY21fZG1hMDogPEJD TTI4MzUgRE1BIENvbnRyb2xsZXI+IG1lbSAweDdlMDA3MDAwLTB4N2UwMDdlZmYgaXJxIDQs NSw2LDcsOCw5LDEwLDExLDEyLDEzLDE0LDE1LDE2LDE3LDE4LDE5IG9uIHNpbXBsZWJ1czAK YmNtd2QwOiA8QkNNMjcwOC8yODM1IFdhdGNoZG9nPiBtZW0gMHg3ZTEwMDAwMC0weDdlMTAw MDI3IG9uIHNpbXBsZWJ1czAKYmNtcm5nMDogPEJyb2FkY29tIEJDTTI4MzUgUk5HPiBtZW0g MHg3ZTEwNDAwMC0weDdlMTA0MDBmIGlycSAyMSBvbiBzaW1wbGVidXMwCm1ib3gwOiA8QkNN MjgzNSBWaWRlb0NvcmUgTWFpbGJveD4gbWVtIDB4N2UwMGI4ODAtMHg3ZTAwYjhiZiBpcnEg MjIgb24gc2ltcGxlYnVzMApncGlvYzA6IDxHUElPIGNvbnRyb2xsZXI+IG9uIGdwaW8wCnVh cnQyOiA8UHJpbWVDZWxsIFVBUlQgKFBMMDExKT4gbWVtIDB4N2UyMDEwMDAtMHg3ZTIwMWZm ZiBpcnEgMjUgb24gc2ltcGxlYnVzMAp1YXJ0MjogY29uc29sZSAoMTE1MjAwLG4sOCwxKQpz cGkwOiA8QkNNMjcwOC8yODM1IFNQSSBjb250cm9sbGVyPiBtZW0gMHg3ZTIwNDAwMC0weDdl MjA0ZmZmIGlycSAyNyBvbiBzaW1wbGVidXMwCnNwaWJ1czA6IDxPRlcgU1BJIGJ1cz4gb24g c3BpMApzcGlidXMwOiA8dW5rbm93biBjYXJkPiBhdCBjcyAwIG1vZGUgMApzcGlidXMwOiA8 dW5rbm93biBjYXJkPiBhdCBjcyAxIG1vZGUgMAppaWNoYjA6IDxCQ00yNzA4LzI4MzUgQlND IGNvbnRyb2xsZXI+IG1lbSAweDdlODA0MDAwLTB4N2U4MDRmZmYgaXJxIDQwIG9uIHNpbXBs ZWJ1czAKYmNtMjgzeF9kd2NvdGcwOiA8RFdDIE9URyAyLjAgaW50ZWdyYXRlZCBVU0IgY29u dHJvbGxlciAoYmNtMjgzeCk+IG1lbSAweDdlOTgwMDAwLTB4N2U5OGZmZmYsMHg3ZTAwNjAw MC0weDdlMDA2ZmZmIGlycSA0Niw0NyBvbiBzaW1wbGVidXMwCnVzYnVzMCBvbiBiY20yODN4 X2R3Y290ZzAKc2RoY2lfYmNtMDogPEJyb2FkY29tIDI3MDggU0RIQ0kgY29udHJvbGxlcj4g bWVtIDB4N2UzMDAwMDAtMHg3ZTMwMDBmZiBpcnEgNDkgb24gc2ltcGxlYnVzMAptbWMwOiA8 TU1DL1NEIGJ1cz4gb24gc2RoY2lfYmNtMApmYjA6IDxCQ00yODM1IFZUIGZyYW1lYnVmZmVy IGRyaXZlcj4gb24gc2ltcGxlYnVzMApmYmQwIG9uIGZiMApWVDogUmVwbGFjaW5nIGRyaXZl ciAiZWZpZmIiIHdpdGggbmV3ICJmYiIuCmZiMDogNjU2eDQxNig2NTZ4NDE2QDAsMCkgMjRi cHAKZmIwOiBmYnN3YXA6IDEsIHBpdGNoIDE5NjgsIGJhc2UgMHgzZWIzMzAwMCwgc2NyZWVu X3NpemUgODE4Njg4CnBtdTA6IDxQZXJmb3JtYW5jZSBNb25pdG9yaW5nIFVuaXQ+IGlycSA1 MyBvbiBzaW1wbGVidXMwCmNwdWxpc3QwOiA8T3BlbiBGaXJtd2FyZSBDUFUgR3JvdXA+IG9u IG9md2J1czAKY3B1MDogPE9wZW4gRmlybXdhcmUgQ1BVPiBvbiBjcHVsaXN0MApiY20yODM1 X2NwdWZyZXEwOiA8Q1BVIEZyZXF1ZW5jeSBDb250cm9sPiBvbiBjcHUwCmNwdTE6IDxPcGVu IEZpcm13YXJlIENQVT4gb24gY3B1bGlzdDAKY3B1MjogPE9wZW4gRmlybXdhcmUgQ1BVPiBv biBjcHVsaXN0MApjcHUzOiA8T3BlbiBGaXJtd2FyZSBDUFU+IG9uIGNwdWxpc3QwCmdwaW9s ZWQwOiA8R1BJTyBMRURzPiBvbiBvZndidXMwCmdwaW9sZWQwOiA8bGVkMD4gZmFpbGVkIHRv IG1hcCBwaW4KZ3Bpb2xlZDA6IDxsZWQxPiBmYWlsZWQgdG8gbWFwIHBpbgpjcnlwdG9zb2Z0 MDogPHNvZnR3YXJlIGNyeXB0bz4KVGltZWNvdW50ZXJzIHRpY2sgZXZlcnkgMS4wMDAgbXNl YwppaWNidXMwOiA8T0ZXIEkyQyBidXM+IG9uIGlpY2hiMAppaWMwOiA8STJDIGdlbmVyaWMg SS9PPiBvbiBpaWNidXMwCnVzYnVzMDogNDgwTWJwcyBIaWdoIFNwZWVkIFVTQiB2Mi4wCnVn ZW4wLjE6IDxEV0NPVEcgT1RHIFJvb3QgSFVCPiBhdCB1c2J1czAKdWh1YjA6IDxEV0NPVEcg T1RHIFJvb3QgSFVCLCBjbGFzcyA5LzAsIHJldiAyLjAwLzEuMDAsIGFkZHIgMT4gb24gdXNi dXMwCm1tY3NkMDogMTZHQiA8U0RIQyBVU0QgICAxLjAgU04gNDEyN0MxRDYgTUZHIDA5LzIw MTYgYnkgMTE2IEpgPiBhdCBtbWMwIDUwLjBNSHovNGJpdC82NTUzNS1ibG9jawpiY20yODM1 X2NwdWZyZXEwOiBBUk0gNjAwTUh6LCBDb3JlIDI1ME1IeiwgU0RSQU0gNDAwTUh6LCBUdXJi byBPRkYKbWJveDA6IG1ib3ggcmVzcG9uc2UgZXJyb3IKYmNtMjgzNV9jcHVmcmVxMDogY2Fu J3Qgc2V0IGNsb2NrIHJhdGUgKGlkPTQpClJlbGVhc2UgQVBzLi4uZG9uZQpDUFUgIDA6IEFS TSBDb3J0ZXgtQTUzIHIwcDQgYWZmaW5pdHk6ICAwClRyeWluZyB0byBtb3VudCByb290IGZy b20gdWZzOi9kZXYvdWZzL3Jvb3RmcyBbcnddLi4uCiBJbnN0cnVjdGlvbiBTZXQgQXR0cmli dXRlcyAwID0gPENSQzMyPgogSW5zdHJ1Y3Rpb24gU2V0IEF0dHJpYnV0ZXMgMSA9IDw+CiAg ICAgICAgIFByb2Nlc3NvciBGZWF0dXJlcyAwID0gPEFkdlNJTUQsRmxvYXQsRUwzIDMyLEVM MiAzMixFTDEgMzIsRUwwIDMyPgogICAgICAgICBQcm9jZXNzb3IgRmVhdHVyZXMgMSA9IDww PgogICAgICBNZW1vcnkgTW9kZWwgRmVhdHVyZXMgMCA9IDw0ayBHcmFudWxlLDY0ayBHcmFu dWxlLFMvTlMgTWVtLE1peGVkRW5kaWFuLDE2Yml0IEFTSUQsMVRCIFBBPgogICAgICBNZW1v cnkgTW9kZWwgRmVhdHVyZXMgMSA9IDw+CiAgICAgIE1lbW9yeSBNb2RlbCBGZWF0dXJlcyAy ID0gPDMyYiBDQ0lEWCw0OGIgVkE+CiAgICAgICAgICAgICBEZWJ1ZyBGZWF0dXJlcyAwID0g PDIgQ1RYIEJyZWFrcG9pbnRzLDQgV2F0Y2hwb2ludHMsNiBCcmVha3BvaW50cyxQTVV2MyxE ZWJ1ZyB2OD4KICAgICAgICAgICAgIERlYnVnIEZlYXR1cmVzIDEgPSA8MD4KICAgICAgICAg QXV4aWxpYXJ5IEZlYXR1cmVzIDAgPSA8MD4KICAgICAgICAgQXV4aWxpYXJ5IEZlYXR1cmVz IDEgPSA8MD4KQ1BVICAxOiBBUk0gQ29ydGV4LUE1MyByMHA0IGFmZmluaXR5OiAgMQpDUFUg IDI6IEFSTSBDb3J0ZXgtQTUzIHIwcDQgYWZmaW5pdHk6ICAyCkNQVSAgMzogQVJNIENvcnRl eC1BNTMgcjBwNCBhZmZpbml0eTogIDMKV2FybmluZzogbm8gdGltZS1vZi1kYXkgY2xvY2sg cmVnaXN0ZXJlZCwgc3lzdGVtIHRpbWUgd2lsbCBub3QgYmUgc2V0IGFjY3VyYXRlbHkKdWh1 YjA6IDEgcG9ydCB3aXRoIDEgcmVtb3ZhYmxlLCBzZWxmIHBvd2VyZWQKdWdlbjAuMjogPHZl bmRvciAweDA0MjQgcHJvZHVjdCAweDk1MTQ+IGF0IHVzYnVzMAp1aHViMSBvbiB1aHViMAp1 aHViMTogPHZlbmRvciAweDA0MjQgcHJvZHVjdCAweDk1MTQsIGNsYXNzIDkvMCwgcmV2IDIu MDAvMi4wMCwgYWRkciAyPiBvbiB1c2J1czAKdWh1YjE6IE1UVCBlbmFibGVkCnVodWIxOiA1 IHBvcnRzIHdpdGggNCByZW1vdmFibGUsIHNlbGYgcG93ZXJlZAp1Z2VuMC4zOiA8dmVuZG9y IDB4MDQyNCBwcm9kdWN0IDB4ZWMwMD4gYXQgdXNidXMwCnNtc2MwIG9uIHVodWIxCnNtc2Mw OiA8dmVuZG9yIDB4MDQyNCBwcm9kdWN0IDB4ZWMwMCwgcmV2IDIuMDAvMi4wMCwgYWRkciAz PiBvbiB1c2J1czAKc21zYzA6IGNoaXAgMHhlYzAwLCByZXYuIDAwMDIKbWlpYnVzMDogPE1J SSBidXM+IG9uIHNtc2MwCnNtc2NwaHkwOiA8U01DIExBTjg3MDAgMTAvMTAwIGludGVyZmFj ZT4gUEhZIDEgb24gbWlpYnVzMApzbXNjcGh5MDogIDEwYmFzZVQsIDEwYmFzZVQtRkRYLCAx MDBiYXNlVFgsIDEwMGJhc2VUWC1GRFgsIGF1dG8KdWUwOiA8VVNCIEV0aGVybmV0PiBvbiBz bXNjMAp1ZTA6IEV0aGVybmV0IGFkZHJlc3M6IGI4OjI3OmViOjU1OjdlOjcwCmxvMDogbGlu ayBzdGF0ZSBjaGFuZ2VkIHRvIFVQCnNtc2MwOiBjaGlwIDB4ZWMwMCwgcmV2LiAwMDAyCnVl MDogbGluayBzdGF0ZSBjaGFuZ2VkIHRvIERPV04KdWUwOiBsaW5rIHN0YXRlIGNoYW5nZWQg dG8gVVAKcGZsb2cwOiBwcm9taXNjdW91cyBtb2RlIGVuYWJsZWQKU2VjdXJpdHkgcG9saWN5 IGxvYWRlZDogTUFDL250cGQgKG1hY19udHBkKQpsbzE6IGxpbmsgc3RhdGUgY2hhbmdlZCB0 byBVUAo= --------------8525AC5C83CABE85BE679B1A Content-Type: text/plain; charset=UTF-8; name="jail.conf" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="jail.conf" d3d3LXB1YmxpYyB7CiAgZGV2ZnNfcnVsZXNldCA9IDQ7CiAgZW5mb3JjZV9zdGF0ZnMgPSAy OwogIGV4ZWMuY2xlYW47CiAgZXhlYy5jb25zb2xlbG9nID0gL3Zhci9sb2cvamFpbHMvd3d3 LXB1YmxpYy5sb2c7CiAgZXhlYy5zdGFydCA9ICcvYmluL3NoIC9ldGMvcmMnOwogIGV4ZWMu c3RvcCA9ICcvYmluL3NoIC9ldGMvcmMuc2h1dGRvd24nOwogIGhvc3QuaG9zdG5hbWUgPSB3 d3ctcHVibGljOwogIG1vdW50LmRldmZzOwogIG1vdW50LmZzdGFiID0gL3N0b3JhZ2UvamFp bHMvd3d3LXB1YmxpYy9mc3RhYjsKICBwYXRoID0gL3N0b3JhZ2UvamFpbHMvd3d3LXB1Ymxp Yy9yb290ZnM7CiAgc2VjdXJlbGV2ZWwgPSAyOwogIGFsbG93LnJhd19zb2NrZXRzID0gMTsK CiAgaW50ZXJmYWNlID0gbG8xOwogIGlwNC5hZGRyID0gMTAuMC4wLjI7CiAgaXA2ID0gZGlz YWJsZTsKfQoK --------------8525AC5C83CABE85BE679B1A Content-Type: text/plain; charset=UTF-8; name="pf_test.conf" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="pf_test.conf" ZXh0X2lmID0gInVlMCIKCnd3d3B1YmxpY2phaWwgPSAxMC4wLjAuMgoKc2V0IGJsb2NrLXBv bGljeSByZXR1cm4Kc2V0IHNraXAgb24gbG8wCnNldCBza2lwIG9uIGxvMQoKdGFibGUgPGph aWxzPiBwZXJzaXN0CgpuYXQgb24gJGV4dF9pZiBmcm9tIHsgJHd3d3B1YmxpY2phaWwgfSB0 byBhbnkgLT4gKCRleHRfaWYpCgpibG9jayBpbiBhbGwKCnBhc3MgaW4gaW5ldCBwcm90byBp Y21wIGFsbCBpY21wLXR5cGUgZWNob3JlcQpwYXNzIGluIGluZXQgcHJvdG8gdGNwIHRvIHBv cnQgeyBzc2ggfQoKcGFzcyBvdXQgYWxsCgo= --------------8525AC5C83CABE85BE679B1A Content-Type: text/plain; charset=UTF-8; name="rc.conf" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="rc.conf" aG9zdG5hbWU9ImdlbmVyaWMiCmlmY29uZmlnX3VlMD0iaW5ldCAxOTIuMTY4LjE3OC4zIG5l dG1hc2sgMjU1LjI1NS4yNTUuMCIKZGVmYXVsdHJvdXRlcj0iMTkyLjE2OC4xNzguMSIKc3No ZF9lbmFibGU9IllFUyIKc2VuZG1haWxfZW5hYmxlPSJOT05FIgpzZW5kbWFpbF9zdWJtaXRf ZW5hYmxlPSJOTyIKc2VuZG1haWxfb3V0Ym91bmRfZW5hYmxlPSJOTyIKc2VuZG1haWxfbXNw X3F1ZXVlX2VuYWJsZT0iTk8iCnBvd2VyZF9lbmFibGU9IllFUyIKCmNsb25lZF9pbnRlcmZh Y2VzPSJsbzEiCnBmX2VuYWJsZT0iWUVTIgpwZmxvZ19lbmFibGU9IllFUyIK --------------8525AC5C83CABE85BE679B1A Content-Type: text/plain; charset=UTF-8; name="usbconfig" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="usbconfig" dWdlbjAuMTogPERXQ09URyBPVEcgUm9vdCBIVUI+IGF0IHVzYnVzMCwgY2ZnPTAgbWQ9SE9T VCBzcGQ9SElHSCAoNDgwTWJwcykgcHdyPVNBVkUgKDBtQSkKCiAgYkxlbmd0aCA9IDB4MDAx MiAKICBiRGVzY3JpcHRvclR5cGUgPSAweDAwMDEgCiAgYmNkVVNCID0gMHgwMjAwIAogIGJE ZXZpY2VDbGFzcyA9IDB4MDAwOSAgPEhVQj4KICBiRGV2aWNlU3ViQ2xhc3MgPSAweDAwMDAg CiAgYkRldmljZVByb3RvY29sID0gMHgwMDAxIAogIGJNYXhQYWNrZXRTaXplMCA9IDB4MDA0 MCAKICBpZFZlbmRvciA9IDB4MDAwMCAKICBpZFByb2R1Y3QgPSAweDAwMDAgCiAgYmNkRGV2 aWNlID0gMHgwMTAwIAogIGlNYW51ZmFjdHVyZXIgPSAweDAwMDEgIDxEV0NPVEc+CiAgaVBy b2R1Y3QgPSAweDAwMDIgIDxPVEcgUm9vdCBIVUI+CiAgaVNlcmlhbE51bWJlciA9IDB4MDAw MCAgPG5vIHN0cmluZz4KICBiTnVtQ29uZmlndXJhdGlvbnMgPSAweDAwMDEgCgp1Z2VuMC4y OiA8dmVuZG9yIDB4MDQyNCBwcm9kdWN0IDB4OTUxND4gYXQgdXNidXMwLCBjZmc9MCBtZD1I T1NUIHNwZD1ISUdIICg0ODBNYnBzKSBwd3I9U0FWRSAoMm1BKQoKICBiTGVuZ3RoID0gMHgw MDEyIAogIGJEZXNjcmlwdG9yVHlwZSA9IDB4MDAwMSAKICBiY2RVU0IgPSAweDAyMDAgCiAg YkRldmljZUNsYXNzID0gMHgwMDA5ICA8SFVCPgogIGJEZXZpY2VTdWJDbGFzcyA9IDB4MDAw MCAKICBiRGV2aWNlUHJvdG9jb2wgPSAweDAwMDIgCiAgYk1heFBhY2tldFNpemUwID0gMHgw MDQwIAogIGlkVmVuZG9yID0gMHgwNDI0IAogIGlkUHJvZHVjdCA9IDB4OTUxNCAKICBiY2RE ZXZpY2UgPSAweDAyMDAgCiAgaU1hbnVmYWN0dXJlciA9IDB4MDAwMCAgPG5vIHN0cmluZz4K ICBpUHJvZHVjdCA9IDB4MDAwMCAgPG5vIHN0cmluZz4KICBpU2VyaWFsTnVtYmVyID0gMHgw MDAwICA8bm8gc3RyaW5nPgogIGJOdW1Db25maWd1cmF0aW9ucyA9IDB4MDAwMSAKCnVnZW4w LjM6IDx2ZW5kb3IgMHgwNDI0IHByb2R1Y3QgMHhlYzAwPiBhdCB1c2J1czAsIGNmZz0wIG1k PUhPU1Qgc3BkPUhJR0ggKDQ4ME1icHMpIHB3cj1PTiAoMm1BKQoKICBiTGVuZ3RoID0gMHgw MDEyIAogIGJEZXNjcmlwdG9yVHlwZSA9IDB4MDAwMSAKICBiY2RVU0IgPSAweDAyMDAgCiAg YkRldmljZUNsYXNzID0gMHgwMGZmICA8VmVuZG9yIHNwZWNpZmljPgogIGJEZXZpY2VTdWJD bGFzcyA9IDB4MDAwMCAKICBiRGV2aWNlUHJvdG9jb2wgPSAweDAwMDEgCiAgYk1heFBhY2tl dFNpemUwID0gMHgwMDQwIAogIGlkVmVuZG9yID0gMHgwNDI0IAogIGlkUHJvZHVjdCA9IDB4 ZWMwMCAKICBiY2REZXZpY2UgPSAweDAyMDAgCiAgaU1hbnVmYWN0dXJlciA9IDB4MDAwMCAg PG5vIHN0cmluZz4KICBpUHJvZHVjdCA9IDB4MDAwMCAgPG5vIHN0cmluZz4KICBpU2VyaWFs TnVtYmVyID0gMHgwMDAwICA8bm8gc3RyaW5nPgogIGJOdW1Db25maWd1cmF0aW9ucyA9IDB4 MDAwMSAKCg== --------------8525AC5C83CABE85BE679B1A-- From owner-freebsd-hackers@freebsd.org Thu Oct 29 19:31:56 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 99B8B45BD05 for ; Thu, 29 Oct 2020 19:31:56 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gate2.funkthat.com", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CMbDC16YGz4FR9 for ; Thu, 29 Oct 2020 19:31:54 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id 09TJVqLO024416 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 29 Oct 2020 12:31:52 -0700 (PDT) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.15.2/8.15.2/Submit) id 09TJVpvF024415; Thu, 29 Oct 2020 12:31:51 -0700 (PDT) (envelope-from jmg) Date: Thu, 29 Oct 2020 12:31:50 -0700 From: John-Mark Gurney To: Dirk-Willem van Gulik Cc: "freebsd-hackers@freebsd.org" Subject: Re: spigen under uftdi Message-ID: <20201029193150.GK31099@funkthat.com> Mail-Followup-To: Dirk-Willem van Gulik , "freebsd-hackers@freebsd.org" References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Operating-System: FreeBSD 11.3-STABLE amd64 X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7 ED9B D5FF 5A51 C0AC 3D65 X-Files: The truth is out there X-URL: https://www.funkthat.com/ X-Resume: https://www.funkthat.com/~jmg/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.6.1 (2016-04-27) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (gold.funkthat.com [127.0.0.1]); Thu, 29 Oct 2020 12:31:53 -0700 (PDT) X-Rspamd-Queue-Id: 4CMbDC16YGz4FR9 X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of jmg@gold.funkthat.com has no SPF policy when checking 208.87.223.18) smtp.mailfrom=jmg@gold.funkthat.com X-Spamd-Result: default: False [-0.20 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; ARC_NA(0.00)[]; FREEFALL_USER(0.00)[jmg]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-0.54)[-0.539]; RCVD_TLS_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[funkthat.com]; AUTH_NA(1.00)[]; MID_RHS_MATCH_FROM(0.00)[]; NEURAL_HAM_LONG(-0.36)[-0.364]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.50)[-0.499]; RCPT_COUNT_TWO(0.00)[2]; R_SPF_NA(0.00)[no SPF record]; FORGED_SENDER(0.30)[jmg@funkthat.com,jmg@gold.funkthat.com]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:32354, ipnet:208.87.216.0/21, country:US]; FROM_NEQ_ENVFROM(0.00)[jmg@funkthat.com,jmg@gold.funkthat.com]; MAILMAN_DEST(0.00)[freebsd-hackers]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Oct 2020 19:31:56 -0000 Dirk-Willem van Gulik wrote this message on Wed, Oct 28, 2020 at 13:58 +0100: > Various USB based FT2232H usb to rs232 (and cypress CY7C65211) have a variant mode where they support SPI (or I2C). > > I've got this working in a rudimentary way in the uftdi(4) driver. > > But I'd like to have this surface as a 'normal' spigen(4) device. So it works with anything that already works on that device*. > > However - spigen(4) seems very tied to the FDT tree. > > Is this a viable path ? yes, this is possible, but it will require a bit of kernel coding... You need to add code to uftdi, to say that it can attach as to a spibus like one of the other spi drivers does, e.g. gpiospi... As avg said, hints can/should be able to stand in for OFT, BUT, that would only be needed for devices to attach to the spi bus, w/ USB, it should be able to automatically attach a spibus instance to itself when needed... > Or am I better off using the defintions of the ioctl(4) and simply have the uftdi create something like a /dev/uftdi-spi0.0 sort of device ? The advantage of hooking up to the spibus is that other kernel drivers that talk on the spi bus can use it, whereas this method, only userland consumers would be able to use it... -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." From owner-freebsd-hackers@freebsd.org Thu Oct 29 20:30:16 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E1C1145D054; Thu, 29 Oct 2020 20:30:16 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CMcWX5ZLgz4JF7; Thu, 29 Oct 2020 20:30:16 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from venus.codepro.be (venus.codepro.be [5.9.86.228]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx1.codepro.be", Issuer "Let's Encrypt Authority X3" (verified OK)) (Authenticated sender: kp) by smtp.freebsd.org (Postfix) with ESMTPSA id 883C526DC2; Thu, 29 Oct 2020 20:30:16 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: by venus.codepro.be (Postfix, authenticated sender kp) id A74FF2AE84; Thu, 29 Oct 2020 21:30:14 +0100 (CET) From: "Kristof Provost" To: "Carsten =?utf-8?q?B=C3=A4cker?=" Cc: freebsd-hackers@freebsd.org, freebsd-arm@freebsd.org Subject: Re: Problem with checksum offloading on RPi3 (PF + Jails involved) Date: Thu, 29 Oct 2020 21:30:14 +0100 X-Mailer: MailMate (1.13.2r5673) Message-ID: In-Reply-To: <5130ee46-5832-d4df-d774-c6bd32e10b30@gmx.de> References: <748edc3d-4ef7-c4de-291f-7c0b460a6052@gmx.de> <5130ee46-5832-d4df-d774-c6bd32e10b30@gmx.de> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Oct 2020 20:30:16 -0000 On 29 Oct 2020, at 16:30, Carsten Bäcker wrote: > Sure, i am willing to help. > > Device is a Raspberry Pi 3B (not +), using the onboard-ethernet. > I attached a bunch of information. > > Configuration is stripped down to the minimum required to reproduce > the > problem. > Okay, so that’s an SMC2 LAN9514_ETH device. That’s the dev/usb/net/if_smsc.c driver. However, before we dig into that driver we should make sure that we’re really looking at a checksum problem. It’s entirely normal for TX checksums to be incorrect when logged on the sending host itself (if the hardware does checksum offloading the checksum in the packet sent to the MAC is incorrect, and left to the hardware to fix). So, can you confirm that the `"[bad udp cksum 0xe58a -> 0x482d!]` you reported was on an inbound packet? And let’s be safe: try to capture packets on a different machine. That’ll give us the true packet, after the hardware has done checksum calculations. Best regards, Kristof From owner-freebsd-hackers@freebsd.org Thu Oct 29 20:36:42 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D3B9045D397 for ; Thu, 29 Oct 2020 20:36:42 +0000 (UTC) (envelope-from leres@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CMcfy4x3Dz4JqJ for ; Thu, 29 Oct 2020 20:36:42 +0000 (UTC) (envelope-from leres@freebsd.org) Received: from ice.alameda.xse.com (unknown [IPv6:2600:1700:a570:11f0:f2ad:4eff:fe0b:a065]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: leres) by smtp.freebsd.org (Postfix) with ESMTPSA id 4485D26FE7 for ; Thu, 29 Oct 2020 20:36:42 +0000 (UTC) (envelope-from leres@freebsd.org) To: "freebsd-hackers@freebsd.org" From: Craig Leres Subject: mouse tilt wheel between 12.1 and 12.2 Message-ID: <9bc997ae-096c-c38b-377d-3bf64f530715@freebsd.org> Date: Thu, 29 Oct 2020 13:36:40 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="------------38DC90EB44CAF29A724ACEC3" Content-Language: en-US X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Oct 2020 20:36:42 -0000 This is a multi-part message in MIME format. --------------38DC90EB44CAF29A724ACEC3 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit For whatever reason mouse tilt wheel side buttons are a fragile feature. Over the last year I've noticed that this stops work with different versions of firefox and return with a later version. When I upgraded a desktop from 12.1 to 12.2 this week I found tilt wheel stopped working with firefox (e.g. tilt-left does not go back a page). I didn't find anything in UPDATING. And just to verify it was not the fact that during the OS upgrade I also updated firefox from 82.0,2 -> 82.0.1,2, I built and installed the older version but still no tilt wheel. I have been running moused: moused_flags="-m 4=6 -m 5=7" which results in: 2703 - Ss 0:27.60 /usr/sbin/moused -m 4=6 -m 5=7 -p /dev/ums0 -t auto -I /var/run/moused.ums0.pid 2759 - Is 0:00.00 /usr/sbin/moused -m 4=6 -m 5=7 -p /dev/ums1 -t auto -I /var/run/moused.ums1.pid and my xorg.conf is attached. I also tried turning off moused and adding: Section "ServerFlags" Option "BlankTime" "0" Option "StandbyTime" "30" Option "SuspendTime" "0" Option "OffTime" "0" + Option "AutoAddDevices" "False" EndSection +Section "ServerLayout" + Identifier "X.org Configured" + Screen 0 "Screen0" 0 0 + InputDevice "Mouse0" "CorePointer" + InputDevice "Keyboard0" "CoreKeyboard" +EndSection + +EndSection + +Section "InputDevice" + Identifier "Keyboard0" + Driver "kbd" +EndSection + +Section "InputDevice" + Identifier "Mouse0" + Driver "mouse" + Option "Protocol" "auto" + Option "Device" "/dev/ums0" + Option "ZAxisMapping" "4 5 6 7" EndSection which was the same. My mouse is a Cherry USB optical (MC 2000). Here is a little Xorg.0.log output: [ 601.547] (**) evdev: vendor 0x0557 product 0x2419, class 0/0, rev 1.10/1.00, addr 10: Device: "/dev/input/event9" [ 601.547] (--) evdev: vendor 0x0557 product 0x2419, class 0/0, rev 1.10/1.00, addr 10: Vendor 0x557 Product 0x2419 [ 601.547] (--) evdev: vendor 0x0557 product 0x2419, class 0/0, rev 1.10/1.00, addr 10: Found 3 mouse buttons [ 601.547] (--) evdev: vendor 0x0557 product 0x2419, class 0/0, rev 1.10/1.00, addr 10: Found scroll wheel(s) [ 601.547] (--) evdev: vendor 0x0557 product 0x2419, class 0/0, rev 1.10/1.00, addr 10: Found relative axes [ 601.547] (II) evdev: vendor 0x0557 product 0x2419, class 0/0, rev 1.10/1.00, addr 10: Forcing relative x/y axes to exist. [ 601.547] (II) evdev: vendor 0x0557 product 0x2419, class 0/0, rev 1.10/1.00, addr 10: Configuring as mouse [ 601.547] (II) evdev: vendor 0x0557 product 0x2419, class 0/0, rev 1.10/1.00, addr 10: Adding scrollwheel support [ 601.547] (**) evdev: vendor 0x0557 product 0x2419, class 0/0, rev 1.10/1.00, addr 10: YAxisMapping: buttons 4 and 5 [ 601.547] (**) evdev: vendor 0x0557 product 0x2419, class 0/0, rev 1.10/1.00, addr 10: EmulateWheelButton: 4, EmulateWheelInertia: 10, EmulateWheelTimeout: 200 Does anybody see my issue? Craig --------------38DC90EB44CAF29A724ACEC3 Content-Type: text/plain; charset=UTF-8; name="xorg.conf" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="xorg.conf" IyBAKCMpICRJZDogeG9yZy1udmlkaWEuY29uZiA4OSAyMDIwLTEwLTI5IDAzOjM1OjA2WiBs ZXJlcyAkIChMQkwpCgpTZWN0aW9uICJTZXJ2ZXJGbGFncyIKCU9wdGlvbiAgICAgICAiQmxh bmtUaW1lIiAiMCIKCU9wdGlvbiAgICAgICAiU3RhbmRieVRpbWUiICIzMCIKCU9wdGlvbiAg ICAgICAiU3VzcGVuZFRpbWUiICIwIgoJT3B0aW9uICAgICAgICJPZmZUaW1lIiAiMCIKRW5k U2VjdGlvbgoKU2VjdGlvbiAiRmlsZXMiCglNb2R1bGVQYXRoICAgIi91c3IvbG9jYWwvbGli L3hvcmcvbW9kdWxlcyIKCUZvbnRQYXRoICAgICAiL3Vzci9sb2NhbC9zaGFyZS9mb250cy9t aXNjLyIKCUZvbnRQYXRoICAgICAiL3Vzci9sb2NhbC9zaGFyZS9mb250cy9UVEYvIgoJRm9u dFBhdGggICAgICIvdXNyL2xvY2FsL3NoYXJlL2ZvbnRzL09URiIKCUZvbnRQYXRoICAgICAi L3Vzci9sb2NhbC9zaGFyZS9mb250cy9UeXBlMS8iCglGb250UGF0aCAgICAgIi91c3IvbG9j YWwvc2hhcmUvZm9udHMvMTAwZHBpLyIKCUZvbnRQYXRoICAgICAiL3Vzci9sb2NhbC9zaGFy ZS9mb250cy83NWRwaS8iCglGb250UGF0aCAgICAgIi91c3IvbG9jYWwvc2hhcmUvZm9udHMv c3VuLyIKCUZvbnRQYXRoICAgICAiL3Vzci9sb2NhbC9zaGFyZS9mb250cy93ZWJmb250cy8i CglGb250UGF0aCAgICAgIi91c3IvbG9jYWwvc2hhcmUvZm9udHMvdXJ3Zm9udHMvIgoJRm9u dFBhdGggICAgICJjYXRhbG9ndWU6L3Vzci9sb2NhbC9ldGMvWDExL2ZvbnRwYXRoLmQiCkVu ZFNlY3Rpb24KClNlY3Rpb24gIk1vZHVsZSIKCUxvYWQgICJkYmUiCglMb2FkICAiZHJpIgoJ TG9hZCAgImRyaTIiCglMb2FkICAiZXh0bW9kIgoJTG9hZCAgInJlY29yZCIKCUxvYWQgICJn bHgiCglMb2FkICAiZ2x4c2VydmVyX252aWRpYSIKRW5kU2VjdGlvbgoKU2VjdGlvbiAiTW9u aXRvciIKCUlkZW50aWZpZXIgICAiTW9uaXRvcjAiCkVuZFNlY3Rpb24KClNlY3Rpb24gIkRl dmljZSIKCUlkZW50aWZpZXIgICJDYXJkMCIKCURyaXZlciAgICAgICJudmlkaWEiCiMJQnVz SUQgICAgICAgIlBDSToxOjA6MCIKRW5kU2VjdGlvbgoKU2VjdGlvbiAiU2NyZWVuIgoJSWRl bnRpZmllciAiU2NyZWVuMCIKCURldmljZSAgICAgIkNhcmQwIgoJTW9uaXRvciAgICAiTW9u aXRvcjAiCglEZWZhdWx0RGVwdGggICAgMjQKCVN1YlNlY3Rpb24gIkRpc3BsYXkiCgkJVmll d3BvcnQgICAwIDAKCQlEZXB0aCAgICAgMjQKCUVuZFN1YlNlY3Rpb24KRW5kU2VjdGlvbgo= --------------38DC90EB44CAF29A724ACEC3-- From owner-freebsd-hackers@freebsd.org Thu Oct 29 20:42:46 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1662C45D818 for ; Thu, 29 Oct 2020 20:42:46 +0000 (UTC) (envelope-from sblachmann@gmail.com) Received: from mail-lj1-x234.google.com (mail-lj1-x234.google.com [IPv6:2a00:1450:4864:20::234]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CMcnx5JD2z4KHN; Thu, 29 Oct 2020 20:42:45 +0000 (UTC) (envelope-from sblachmann@gmail.com) Received: by mail-lj1-x234.google.com with SMTP id i2so4592188ljg.4; Thu, 29 Oct 2020 13:42:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Jbnk6t6FHgSBzemJsPp2rMpVZ2vrUIvyp//MZefgCIs=; b=uPMr3CHG4yZ4I8Se+L7ymxB1PgL+Qs66966GfuZF+xuXcQyPZ3+zV+yTWV+QIRnzLt zzXBatavPsCkyLlerM1d2Bt+islBhImsZb/Cfk42o7UGDfJ0tEjgofcv+SCTKvo/8J4m eUejKy4aVx6JkKoUHK+oDEA9cvuAaTUvZTDVNk9sOolH22pfQnlYnjazdRLifD2v1rsT brVnFYAld9SVf0ZtIkXRWM9/vwd+hMlfJa8eqxmTleD2bbWo/WJ9MXPrrsxdof56HEGm i50kuAynXYdSrL3W7uVEnH/K0Z7CAU2R+3ZHxARRZlpXkmiX/8Dwcv0aDPzD8noXlVi3 Poqw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Jbnk6t6FHgSBzemJsPp2rMpVZ2vrUIvyp//MZefgCIs=; b=K3nQMlV4IQhV6tNnVffOP4g39kC0lASmRU0ot8A0bePxfYkdRu8V6Sd9ff+VSuFsLo i+naQS5I9PokB0uZ/Aio1AHc0sxpytthRUeXGWjpdkHltspmvML+r5yf6sIGOTzyQBDV wrWv2XIbKFwsDRsOQdAw3y7GWH4FA/9NKvHqc26muHj+Okf84Vsrze+GI2PiaruDDWN6 pIbkN7so5fqXc22X78CS2QC7iA79YiAxMmWJOIWookW2juvD/WGA2zzDL6WwxAUO56c9 UbPnFYhGbcACr8Q7cuP6zxTTRexUPQHWKyuO7ky27qYBqRinCS1vWSbH47/BlSnbjmMu xhAA== X-Gm-Message-State: AOAM5335mzoZvQEveEmrmUlg37yJkrmhGlEjTYz4VKpx83uf4huiXTAs esUqw01TJFXqNMX4P6e6gK0N+Xhb8xVLCeJmmYwg4URw X-Google-Smtp-Source: ABdhPJyQ6XiD4XNsJ6W4kC5bBmSFxkXEjFQ9xJV0sB2QS1eMlRqXK2dtitv1FZRcL4GmhuPDF9vqakiQf2mPWgZvPnA= X-Received: by 2002:a2e:97c5:: with SMTP id m5mr2857473ljj.22.1604004163522; Thu, 29 Oct 2020 13:42:43 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a2e:9f13:0:0:0:0:0 with HTTP; Thu, 29 Oct 2020 13:42:42 -0700 (PDT) In-Reply-To: <9bc997ae-096c-c38b-377d-3bf64f530715@freebsd.org> References: <9bc997ae-096c-c38b-377d-3bf64f530715@freebsd.org> From: Stefan Blachmann Date: Thu, 29 Oct 2020 21:42:42 +0100 Message-ID: Subject: Re: mouse tilt wheel between 12.1 and 12.2 To: Craig Leres Cc: "freebsd-hackers@freebsd.org" Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4CMcnx5JD2z4KHN X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Oct 2020 20:42:46 -0000 Just curious, does your xorg use evdev or libinput? On Linux, such issues happen, too, as a consequence of switching to from traditional evdev to wayland-compatible libinput. If you do not care about Wayland, just avoid libinput (blacklist if possible) and all is fine. On 10/29/20, Craig Leres wrote: > For whatever reason mouse tilt wheel side buttons are a fragile feature. > Over the last year I've noticed that this stops work with different > versions of firefox and return with a later version. > > When I upgraded a desktop from 12.1 to 12.2 this week I found tilt wheel > stopped working with firefox (e.g. tilt-left does not go back a page). I > didn't find anything in UPDATING. And just to verify it was not the fact > that during the OS upgrade I also updated firefox from 82.0,2 -> > 82.0.1,2, I built and installed the older version but still no tilt wheel. > > I have been running moused: > > moused_flags="-m 4=6 -m 5=7" > > which results in: > > 2703 - Ss 0:27.60 /usr/sbin/moused -m 4=6 -m 5=7 -p > /dev/ums0 -t auto -I /var/run/moused.ums0.pid > 2759 - Is 0:00.00 /usr/sbin/moused -m 4=6 -m 5=7 -p > /dev/ums1 -t auto -I /var/run/moused.ums1.pid > > and my xorg.conf is attached. I also tried turning off moused and adding: > > Section "ServerFlags" > Option "BlankTime" "0" > Option "StandbyTime" "30" > Option "SuspendTime" "0" > Option "OffTime" "0" > + Option "AutoAddDevices" "False" > EndSection > > +Section "ServerLayout" > + Identifier "X.org Configured" > + Screen 0 "Screen0" 0 0 > + InputDevice "Mouse0" "CorePointer" > + InputDevice "Keyboard0" "CoreKeyboard" > +EndSection > + > > +EndSection > + > +Section "InputDevice" > + Identifier "Keyboard0" > + Driver "kbd" > +EndSection > + > +Section "InputDevice" > + Identifier "Mouse0" > + Driver "mouse" > + Option "Protocol" "auto" > + Option "Device" "/dev/ums0" > + Option "ZAxisMapping" "4 5 6 7" > EndSection > > which was the same. My mouse is a Cherry USB optical (MC 2000). Here is > a little Xorg.0.log output: > > [ 601.547] (**) evdev: vendor 0x0557 product 0x2419, class 0/0, rev > 1.10/1.00, addr 10: Device: "/dev/input/event9" > [ 601.547] (--) evdev: vendor 0x0557 product 0x2419, class 0/0, rev > 1.10/1.00, addr 10: Vendor 0x557 Product 0x2419 > [ 601.547] (--) evdev: vendor 0x0557 product 0x2419, class 0/0, rev > 1.10/1.00, addr 10: Found 3 mouse buttons > [ 601.547] (--) evdev: vendor 0x0557 product 0x2419, class 0/0, rev > 1.10/1.00, addr 10: Found scroll wheel(s) > [ 601.547] (--) evdev: vendor 0x0557 product 0x2419, class 0/0, rev > 1.10/1.00, addr 10: Found relative axes > [ 601.547] (II) evdev: vendor 0x0557 product 0x2419, class 0/0, rev > 1.10/1.00, addr 10: Forcing relative x/y axes to exist. > [ 601.547] (II) evdev: vendor 0x0557 product 0x2419, class 0/0, rev > 1.10/1.00, addr 10: Configuring as mouse > [ 601.547] (II) evdev: vendor 0x0557 product 0x2419, class 0/0, rev > 1.10/1.00, addr 10: Adding scrollwheel support > [ 601.547] (**) evdev: vendor 0x0557 product 0x2419, class 0/0, rev > 1.10/1.00, addr 10: YAxisMapping: buttons 4 and 5 > [ 601.547] (**) evdev: vendor 0x0557 product 0x2419, class 0/0, rev > 1.10/1.00, addr 10: EmulateWheelButton: 4, EmulateWheelInertia: 10, > EmulateWheelTimeout: 200 > > Does anybody see my issue? > > Craig > From owner-freebsd-hackers@freebsd.org Thu Oct 29 20:55:06 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 073ED45E001 for ; Thu, 29 Oct 2020 20:55:06 +0000 (UTC) (envelope-from leres@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CMd496QDKz4L8j; Thu, 29 Oct 2020 20:55:05 +0000 (UTC) (envelope-from leres@freebsd.org) Received: from ice.alameda.xse.com (unknown [IPv6:2600:1700:a570:11f0:f2ad:4eff:fe0b:a065]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: leres) by smtp.freebsd.org (Postfix) with ESMTPSA id 7A05F271F7; Thu, 29 Oct 2020 20:55:05 +0000 (UTC) (envelope-from leres@freebsd.org) Subject: Re: mouse tilt wheel between 12.1 and 12.2 To: Stefan Blachmann References: <9bc997ae-096c-c38b-377d-3bf64f530715@freebsd.org> Cc: "freebsd-hackers@freebsd.org" From: Craig Leres Message-ID: <4aaf098f-d9b7-1b1f-c320-3903eb782278@freebsd.org> Date: Thu, 29 Oct 2020 13:55:04 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Oct 2020 20:55:06 -0000 On 2020-10-29 13:42, Stefan Blachmann wrote: > Just curious, does your xorg use evdev or libinput? I think this is telling me evdev? [ 601.523] (II) config/devd: EVDEV_SUPPORT is enabled, ignoring device atkbd0 I do not find the string "libinput" in Xorg.0.log. Ah, my x11-drivers/xorg-drivers options have EVDEV selected and LIBINPUT unselected. And I do see that I'm building x11-servers/xorg-server with DEVD when UDEV and that the default for FreeBSD 11 is DEVD and 12/13 is UDEV. So lemme try switching to UDEV. > On Linux, such issues happen, too, as a consequence of switching to > from traditional evdev to wayland-compatible libinput. > If you do not care about Wayland, just avoid libinput (blacklist if > possible) and all is fine. I'm sure there are good reasons for all of the changes under the hood but it sure is frustrating when regaining lost desktop features is so time consuming... Craig From owner-freebsd-hackers@freebsd.org Thu Oct 29 21:36:26 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A77BC45E846; Thu, 29 Oct 2020 21:36:26 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gate2.funkthat.com", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CMdzt0zZCz4MwF; Thu, 29 Oct 2020 21:36:25 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id 09TLaNh1031842 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 29 Oct 2020 14:36:23 -0700 (PDT) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.15.2/8.15.2/Submit) id 09TLaNTM031841; Thu, 29 Oct 2020 14:36:23 -0700 (PDT) (envelope-from jmg) Date: Thu, 29 Oct 2020 14:36:23 -0700 From: John-Mark Gurney To: Kristof Provost Cc: Carsten =?iso-8859-1?Q?B=E4cker?= , freebsd-hackers@freebsd.org, freebsd-arm@freebsd.org Subject: Re: Problem with checksum offloading on RPi3 (PF + Jails involved) Message-ID: <20201029213622.GM31099@funkthat.com> Mail-Followup-To: Kristof Provost , Carsten =?iso-8859-1?Q?B=E4cker?= , freebsd-hackers@freebsd.org, freebsd-arm@freebsd.org References: <748edc3d-4ef7-c4de-291f-7c0b460a6052@gmx.de> <5130ee46-5832-d4df-d774-c6bd32e10b30@gmx.de> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Operating-System: FreeBSD 11.3-STABLE amd64 X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7 ED9B D5FF 5A51 C0AC 3D65 X-Files: The truth is out there X-URL: https://www.funkthat.com/ X-Resume: https://www.funkthat.com/~jmg/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.6.1 (2016-04-27) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (gold.funkthat.com [127.0.0.1]); Thu, 29 Oct 2020 14:36:23 -0700 (PDT) X-Rspamd-Queue-Id: 4CMdzt0zZCz4MwF X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:32354, ipnet:208.87.216.0/21, country:US] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Oct 2020 21:36:26 -0000 Kristof Provost wrote this message on Thu, Oct 29, 2020 at 21:30 +0100: > On 29 Oct 2020, at 16:30, Carsten Bäcker wrote: > > Sure, i am willing to help. > > > > Device is a Raspberry Pi 3B (not +), using the onboard-ethernet. > > I attached a bunch of information. > > > > Configuration is stripped down to the minimum required to reproduce > > the > > problem. > > > Okay, so that???s an SMC2 LAN9514_ETH device. > That???s the dev/usb/net/if_smsc.c driver. > > However, before we dig into that driver we should make sure that we???re > really looking at a checksum problem. > It???s entirely normal for TX checksums to be incorrect when logged on > the sending host itself (if the hardware does checksum offloading the > checksum in the packet sent to the MAC is incorrect, and left to the > hardware to fix). > > So, can you confirm that the `"[bad udp cksum 0xe58a -> 0x482d!]` you > reported was on an inbound packet? And let???s be safe: try to capture > packets on a different machine. That???ll give us the true packet, after > the hardware has done checksum calculations. One interesting point is that the smsc driver claims to not do TX offload, and a brief check shows that it doesn't allow a user to set the TXCSUM. I was thinking that the bad checksum might be due to tcpdump just complaining. does netstat -s show packets being received w/ bad checksums? -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." From owner-freebsd-hackers@freebsd.org Thu Oct 29 21:39:41 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A7F8445ECAC; Thu, 29 Oct 2020 21:39:41 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CMf3d3yy5z4NRr; Thu, 29 Oct 2020 21:39:41 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from venus.codepro.be (venus.codepro.be [5.9.86.228]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx1.codepro.be", Issuer "Let's Encrypt Authority X3" (verified OK)) (Authenticated sender: kp) by smtp.freebsd.org (Postfix) with ESMTPSA id 3D7F3274C8; Thu, 29 Oct 2020 21:39:41 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: by venus.codepro.be (Postfix, authenticated sender kp) id C28EE2AEA5; Thu, 29 Oct 2020 22:39:39 +0100 (CET) From: "Kristof Provost" To: "John-Mark Gurney" Cc: "Carsten =?utf-8?q?B=C3=A4cker?=" , freebsd-hackers@freebsd.org, freebsd-arm@freebsd.org Subject: Re: Problem with checksum offloading on RPi3 (PF + Jails involved) Date: Thu, 29 Oct 2020 22:39:39 +0100 X-Mailer: MailMate (1.13.2r5673) Message-ID: <55713894-A896-4F12-ABB9-93DFEB2F16B9@FreeBSD.org> In-Reply-To: <20201029213622.GM31099@funkthat.com> References: <748edc3d-4ef7-c4de-291f-7c0b460a6052@gmx.de> <5130ee46-5832-d4df-d774-c6bd32e10b30@gmx.de> <20201029213622.GM31099@funkthat.com> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Oct 2020 21:39:41 -0000 On 29 Oct 2020, at 22:36, John-Mark Gurney wrote: > Kristof Provost wrote this message on Thu, Oct 29, 2020 at 21:30 > +0100: >> On 29 Oct 2020, at 16:30, Carsten Bäcker wrote: >>> Sure, i am willing to help. >>> >>> Device is a Raspberry Pi 3B (not +), using the onboard-ethernet. >>> I attached a bunch of information. >>> >>> Configuration is stripped down to the minimum required to reproduce >>> the >>> problem. >>> >> Okay, so that???s an SMC2 LAN9514_ETH device. >> That???s the dev/usb/net/if_smsc.c driver. >> >> However, before we dig into that driver we should make sure that >> we???re >> really looking at a checksum problem. >> It???s entirely normal for TX checksums to be incorrect when logged >> on >> the sending host itself (if the hardware does checksum offloading the >> checksum in the packet sent to the MAC is incorrect, and left to the >> hardware to fix). >> >> So, can you confirm that the `"[bad udp cksum 0xe58a -> 0x482d!]` you >> reported was on an inbound packet? And let???s be safe: try to >> capture >> packets on a different machine. That???ll give us the true packet, >> after >> the hardware has done checksum calculations. > > One interesting point is that the smsc driver claims to not do TX > offload, > and a brief check shows that it doesn't allow a user to set the > TXCSUM. > It does seem to do RX offload, and the comments in the driver suggest some .. ahem, creative hardware behaviour: /* The checksum appears to be simplistically calculated * over the udp/tcp header and data up to the end of the * eth frame. Which means if the eth frame is padded * the csum calculation is incorrectly performed over * the padding bytes as well. Therefore to be safe we * ignore the H/W csum on frames less than or equal to * 64 bytes. * * Ignore H/W csum for non-IPv4 packets. */ It’s not impossible that there’s some more issues like that in the hardware, or even that there are different chip revisions out there. That also matches up with `ifconfig ue0 -rxcsum` fixing things. Best regards, Kristof From owner-freebsd-hackers@freebsd.org Fri Oct 30 15:45:26 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E3A81454CBE for ; Fri, 30 Oct 2020 15:45:26 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CN68Q5jSmz475n; Fri, 30 Oct 2020 15:45:26 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from John-Baldwins-MacBook-Pro.local (unknown [IPv6:2601:648:8681:1cb0:883c:5f2d:bc59:967b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: jhb) by smtp.freebsd.org (Postfix) with ESMTPSA id 253D22F6E2; Fri, 30 Oct 2020 15:45:26 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Subject: Re: QAT driver To: Rick Macklem , Mark Johnston Cc: Neel Chauhan , "freebsd-hackers@freebsd.org" References: <20201026200059.GA66299@raichu> <723fbd7326df42ce30cd5e361db9c736@neelc.org> <20201027032720.GB31663@raichu> <20201027125508.GD31663@raichu> From: John Baldwin Autocrypt: addr=jhb@FreeBSD.org; keydata= mQGiBETQ+XcRBADMFybiq69u+fJRy/0wzqTNS8jFfWaBTs5/OfcV7wWezVmf9sgwn8TW0Dk0 c9MBl0pz+H01dA2ZSGZ5fXlmFIsee1WEzqeJzpiwd/pejPgSzXB9ijbLHZ2/E0jhGBcVy5Yo /Tw5+U/+laeYKu2xb0XPvM0zMNls1ah5OnP9a6Ql6wCgupaoMySb7DXm2LHD1Z9jTsHcAQMD /1jzh2BoHriy/Q2s4KzzjVp/mQO5DSm2z14BvbQRcXU48oAosHA1u3Wrov6LfPY+0U1tG47X 1BGfnQH+rNAaH0livoSBQ0IPI/8WfIW7ub4qV6HYwWKVqkDkqwcpmGNDbz3gfaDht6nsie5Z pcuCcul4M9CW7Md6zzyvktjnbz61BADGDCopfZC4of0Z3Ka0u8Wik6UJOuqShBt1WcFS8ya1 oB4rc4tXfSHyMF63aPUBMxHR5DXeH+EO2edoSwViDMqWk1jTnYza51rbGY+pebLQOVOxAY7k do5Ordl3wklBPMVEPWoZ61SdbcjhHVwaC5zfiskcxj5wwXd2E9qYlBqRg7QeSm9obiBCYWxk d2luIDxqaGJARnJlZUJTRC5vcmc+iGAEExECACAFAkTQ+awCGwMGCwkIBwMCBBUCCAMEFgID AQIeAQIXgAAKCRBy3lIGd+N/BI6RAJ9S97fvbME+3hxzE3JUyUZ6vTewDACdE1stFuSfqMvM jomvZdYxIYyTUpC5Ag0ERND5ghAIAPwsO0B7BL+bz8sLlLoQktGxXwXQfS5cInvL17Dsgnr3 1AKa94j9EnXQyPEj7u0d+LmEe6CGEGDh1OcGFTMVrof2ZzkSy4+FkZwMKJpTiqeaShMh+Goj XlwIMDxyADYvBIg3eN5YdFKaPQpfgSqhT+7El7w+wSZZD8pPQuLAnie5iz9C8iKy4/cMSOrH YUK/tO+Nhw8Jjlw94Ik0T80iEhI2t+XBVjwdfjbq3HrJ0ehqdBwukyeJRYKmbn298KOFQVHO EVbHA4rF/37jzaMadK43FgJ0SAhPPF5l4l89z5oPu0b/+5e2inA3b8J3iGZxywjM+Csq1tqz hltEc7Q+E08AAwUIAL+15XH8bPbjNJdVyg2CMl10JNW2wWg2Q6qdljeaRqeR6zFus7EZTwtX sNzs5bP8y51PSUDJbeiy2RNCNKWFMndM22TZnk3GNG45nQd4OwYK0RZVrikalmJY5Q6m7Z16 4yrZgIXFdKj2t8F+x613/SJW1lIr9/bDp4U9tw0V1g3l2dFtD3p3ZrQ3hpoDtoK70ioIAjjH aIXIAcm3FGZFXy503DOA0KaTWwvOVdYCFLm3zWuSOmrX/GsEc7ovasOWwjPn878qVjbUKWwx Q4QkF4OhUV9zPtf9tDSAZ3x7QSwoKbCoRCZ/xbyTUPyQ1VvNy/mYrBcYlzHodsaqUDjHuW+I SQQYEQIACQUCRND5ggIbDAAKCRBy3lIGd+N/BCO8AJ9j1dWVQWxw/YdTbEyrRKOY8YZNwwCf afMAg8QvmOWnHx3wl8WslCaXaE8= Message-ID: Date: Fri, 30 Oct 2020 08:45:24 -0700 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:68.0) Gecko/20100101 Thunderbird/68.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Oct 2020 15:45:26 -0000 On 10/27/20 2:15 PM, Rick Macklem wrote: > Mark Johnston wrote: >> On Tue, Oct 27, 2020 at 04:32:40AM +0000, Rick Macklem wrote: > [stuff snipped] >>> Can it be made to work with the KERN_TLS in head? >>> (KERN_TLS works fine for me using the ktls_ocf and aesni modules.) >>> I think it is only head and requires the patched OpenSSL3 that jhb@ >>> currently has. >> >> I hadn't looked at ktls_ocf.c before but at a glance it looks like it >> can make use of any hardware or software opencrypto driver that supports >> the requested algorithms. The qat(4) port implements the algorithms >> referenced by ktls_ocf_try(). > Well, if you were inspired to try it out, the basic doc for NFS-over-TLS is here: > https://people.freebsd.org/~rmacklem/nfs-over-tls-setup.txt > (Same file is in base/projects/nfs-over-tls on subversion.) > For someone who is used to building/running head kernels, it should be > pretty straightforward. > > You could become the first tester in the whole wide world;-) rick > ps: Although the NFS code uses it in the kernel, I think that an application > that uses OpenSSL's SSL_read()/SSL_write via a patched OpenSSL library, > has the encrypt/decrypt done in the kernel and the userspace library > code just does socket I/O with unencrypted data. > pss: Hopefully jhb@ will correct me if I got this wrong. > >> I know nothing about it, except that it seems to work well, doing >> the TLS application data records in the kernel for a TCP socket >> enabled by the patched OpenSSL library. >> I've cc'd jhb@, so hopefully he can let us know what it needs? qat(4) should work with KERN_TLS. I've used ccr(4) with the KERN_TLS bits many times. It is a good throughput test, though you will need a fast network connection to really push it (e.g. with ccr(4) I've done about 50 Gbps of TLS traffic using nginx with the KTLS patches to use sendfile, so that requires a 100G NIC and/or two 40G NICs.) -- John Baldwin From owner-freebsd-hackers@freebsd.org Fri Oct 30 20:21:11 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B343545A4E5; Fri, 30 Oct 2020 20:21:11 +0000 (UTC) (envelope-from dsl@mcusim.org) Received: from trac.mcusim.org (trac.mcusim.org [176.58.93.53]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4CNDGZ0H4Mz4Rbn; Fri, 30 Oct 2020 20:21:09 +0000 (UTC) (envelope-from dsl@mcusim.org) Received: from x230.ds (unknown [83.26.214.190]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by trac.mcusim.org (Postfix) with ESMTPSA id 9EBB651006; Fri, 30 Oct 2020 21:21:01 +0100 (CET) Date: Fri, 30 Oct 2020 21:21:00 +0100 From: Dmitry Salychev To: freebsd-hackers@freebsd.org Cc: freebsd-arm@freebsd.org Subject: Kernel debugging using Remote GDB on ARM Message-ID: <20201030202100.GA87402@x230.ds> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Rspamd-Queue-Id: 4CNDGZ0H4Mz4Rbn X-Spamd-Bar: -- X-Spamd-Result: default: False [-2.84 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[83.26.214.190:received]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+a]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.004]; NEURAL_HAM_MEDIUM(-0.98)[-0.978]; NEURAL_HAM_SHORT(-0.06)[-0.058]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[mcusim.org,reject]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:36236, ipnet:176.58.93.0/24, country:US]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-arm,freebsd-hackers]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Oct 2020 20:21:11 -0000 Hi, Is it possible to debug kernel with remote GDB on an ARM target? I'm talking about BeagleBone Black. I've tried to compile with: options KDB options DDB options GDB but there's only DDB available: # sysctl debug.kdb.available debug.kdb.available: ddb I've also tried to follow [1], but never seen "Next trap will enter GDB remote protocol mode". Am I missing something? Regards, Dmitry [1] https://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/kerneldebug-online-gdb.html From owner-freebsd-hackers@freebsd.org Sat Oct 31 15:06:54 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D272944DFE1; Sat, 31 Oct 2020 15:06:54 +0000 (UTC) (envelope-from carbaecker@gmx.de) Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CNjFT6cWyz4Xbb; Sat, 31 Oct 2020 15:06:53 +0000 (UTC) (envelope-from carbaecker@gmx.de) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1604156802; bh=482RM7wq/s9Y12NSPdqiuyX4SCJSN7MpqI2sHzzX1c0=; h=X-UI-Sender-Class:Subject:To:Cc:References:From:Date:In-Reply-To; b=jDSDhehnsM1Kr1hL+/zPoOnjVaiITi/qT/1mYNGBFQ5vODkRHqpxObVwJiUXhkQnr uBrx6lt55r3oOvsY0ld/qYK+9ViEGpJl7mVq8WmleGY4VBkv6j9liqRFg9PLJVVR8o CDu6Z3FoFEKVCJ/OEzTCuE9TavZ1UHYKLyfmVnXE= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from [192.168.178.30] ([94.31.96.148]) by mail.gmx.com (mrgmx004 [212.227.17.190]) with ESMTPSA (Nemesis) id 1MzyuS-1kCNVM0PA6-00x5AZ; Sat, 31 Oct 2020 16:06:42 +0100 Subject: Re: Problem with checksum offloading on RPi3 (PF + Jails involved) To: Kristof Provost , John-Mark Gurney Cc: freebsd-hackers@freebsd.org, freebsd-arm@freebsd.org References: <748edc3d-4ef7-c4de-291f-7c0b460a6052@gmx.de> <5130ee46-5832-d4df-d774-c6bd32e10b30@gmx.de> <20201029213622.GM31099@funkthat.com> <55713894-A896-4F12-ABB9-93DFEB2F16B9@FreeBSD.org> From: =?UTF-8?Q?Carsten_B=c3=a4cker?= Message-ID: Date: Sat, 31 Oct 2020 16:06:40 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.12.1 MIME-Version: 1.0 In-Reply-To: <55713894-A896-4F12-ABB9-93DFEB2F16B9@FreeBSD.org> Content-Type: multipart/mixed; boundary="------------582D89986A452AA4BF8553AD" Content-Language: de-DE X-Provags-ID: V03:K1:P+b+KS5KmYqRojrnE8eLHhKAKtLXl5XfdPbEAuRr1v3dp0ncIGe SBf2vOGMwD2L5aJ4aNDXAO6mXASSrhF4oWig9BojpBBKzuSzffmR0SL/Ml5w8FMQ+eO3ZlB uYn/EE4wOx2YuHvJ02ypKSB3mF9wFOCp3gFoeFL5MPN3+TgDMH9TCoseiGGmsS5PO5rRKEe atxpOZSEKVG5i1LqAX+5Q== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:D7CBfDliZk4=:ra8Wqrul96RKOHKDwXX6KF 6aaBZJEvPlAc2tV8HOSNtzmpYp9AIY8QiI4zkUsA5MRcEhPG5tsT4zEGdPduImQt4noYIf51j 5XVWhHJOotKf6iGcOrnddy9N0PkusnU3FmEcy/ZFJdhkyAg+y3CxxRlDUji1kha+T8V6klBXF 6/REnsHMpRIJg/1c/rk1SEM2kiY2jtlSMt+ISdy/7f/fHQPBdUIS16nQ8YdBrqx0c7DGfXtMn SMVjHF2cE4+7j/+mocbimmko9ahCwywNkABAwBFVtBeS33JMPzlAISFVu+b3PnQxoQfYJZnph O9ClXopGug3fBEKf4c1jtkOUKDiurWEbDkytn6xVM5sVKqsBStN334dN3xOPpqgBR9YTk4C60 T7nMZyT3sS7Mnr6gM8TqrN1FXaPqZTLAG7LMTtrU2XQCsbONEqG9OMz+0rLfB+KnASCKxJdCt Sfc0Bm0rS7/03BgYqOicq8pPNDSv10Fq9+Fr3A8+/TROOs1JJDiI6fdj8M1Wdy7G4isf1kSAq DU+dhXvF6cQVnFqRXKMt9uAUlTpVTAQyDfGAdeK+RRKHaRTtAOkjpoJZqzvTfjWmPCsac9Cdq jlOaFr/MHxpDEQ83UHoTeD9ZPONOGDpogbltSBk4EgrrsCkt7iO7KRzGSJInASbfdqvyM2r0o NriWSsQMp2y6zD+tc21ZiIlXJZoSpC5CMz+KJTVTUJZWNpS/btkMOdlXhrT+wczW7lkTxAF+o ax5pwkdAlyFmo13fZEWKl+U42/sqIxzdkxwuUNlbM0T5rJ4k41s2nWfJ+poZlNhKqHg5OMVwr umiOvqx2hbxqnNF2bLIHo8Q28szlq3PBsWcIoprzksQf5EOC7C9MFouvsjYCDz2gQiKR5Iuda xR5zBHbOTGo1SemtUz1A== X-Rspamd-Queue-Id: 4CNjFT6cWyz4Xbb X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmx.net header.s=badeba3b8450 header.b=jDSDhehn; dmarc=none; spf=pass (mx1.freebsd.org: domain of carbaecker@gmx.de designates 212.227.15.15 as permitted sender) smtp.mailfrom=carbaecker@gmx.de X-Spamd-Result: default: False [-2.73 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmx.de]; R_SPF_ALLOW(-0.20)[+ip4:212.227.15.0/25]; HAS_ATTACHMENT(0.00)[]; DKIM_TRACE(0.00)[gmx.net:+]; NEURAL_HAM_SHORT(-0.09)[-0.086]; RECEIVED_SPAMHAUS_PBL(0.00)[94.31.96.148:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmx.de]; MID_RHS_MATCH_FROM(0.00)[]; ASN(0.00)[asn:8560, ipnet:212.227.0.0/16, country:DE]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.03)[-1.025]; R_DKIM_ALLOW(-0.20)[gmx.net:s=badeba3b8450]; RCVD_IN_DNSWL_LOW(-0.10)[212.227.15.15:from]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; NEURAL_HAM_LONG(-1.02)[-1.017]; MIME_GOOD(-0.10)[multipart/mixed,text/plain]; DMARC_NA(0.00)[gmx.de]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[212.227.15.15:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-hackers,freebsd-arm] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Oct 2020 15:06:54 -0000 This is a multi-part message in MIME format. --------------582D89986A452AA4BF8553AD Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Am 29.10.2020 um 22:39 schrieb Kristof Provost: > > On 29 Oct 2020, at 22:36, John-Mark Gurney wrote: > > Kristof Provost wrote this message on Thu, Oct 29, 2020 at 21:30 > +0100: > > On 29 Oct 2020, at 16:30, Carsten B=C3=A4cker wrote: > > Sure, i am willing to help. > > Device is a Raspberry Pi 3B (not +), using the > onboard-ethernet. > I attached a bunch of information. > > Configuration is stripped down to the minimum required to > reproduce > the > problem. > > Okay, so that???s an SMC2 LAN9514_ETH device. > That???s the dev/usb/net/if_smsc.c driver. > > However, before we dig into that driver we should make sure > that we???re > really looking at a checksum problem. > It???s entirely normal for TX checksums to be incorrect when > logged on > the sending host itself (if the hardware does checksum > offloading the > checksum in the packet sent to the MAC is incorrect, and left > to the > hardware to fix). > > So, can you confirm that the `"[bad udp cksum 0xe58a -> > 0x482d!]` you > reported was on an inbound packet? And let???s be safe: try to > capture > packets on a different machine. That???ll give us the true > packet, after > the hardware has done checksum calculations. > > One interesting point is that the smsc driver claims to not do TX > offload, > and a brief check shows that it doesn't allow a user to set the > TXCSUM. > > It does seem to do RX offload, and the comments in the driver suggest > some .. ahem, creative hardware behaviour: > > |/* The checksum appears to be simplistically calculated * over the > udp/tcp header and data up to the end of the * eth frame. Which means > if the eth frame is padded * the csum calculation is incorrectly > performed over * the padding bytes as well. Therefore to be safe we * > ignore the H/W csum on frames less than or equal to * 64 bytes. * * > Ignore H/W csum for non-IPv4 packets. */ | > > It=E2=80=99s not impossible that there=E2=80=99s some more issues like t= hat in the > hardware, or even that there are different chip revisions out there. > > That also matches up with |ifconfig ue0 -rxcsum| fixing things. > > Best regards, > Kristof > Hello again, just gave it another try, using "ping heise.de" (twice) from within the jail. This is the output of tcpdump: # tcpdump -i pflog0 -vv tcpdump: listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 262144 bytes 14:06:04.293996 IP (tos 0x0, ttl 64, id 19576, offset 0, flags [none], proto UDP (17), length 54) =C2=A0=C2=A0=C2=A0 PC-192-168-178-3.fritz.box.52421 > fritz.box.domain: [= bad udp cksum 0xe589 -> 0x0a2c!] 64654+ A? heise.de. (26) Netstat: # netstat -s -p udp | grep checksum =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 4 with bad checksum =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 0 with no checksum Packet-capture from the router is attached. Best regards, Carsten --------------582D89986A452AA4BF8553AD Content-Type: application/octet-stream; name="rxcsum.pcap" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="rxcsum.pcap" NM2yoQIABAAAAAAAAAAAAAAIAABpAAAAinydXzNVBwBeAAAAXgAAAAAAAAAAAAAAiAMsAOAo beXM8obHpkdLw+AobeXM72A0uCfrVX5wAACqqgMAAAAIAEUAADZ8AAAAQBEZYcCosgPAqLIB 0iUANQAiIdHfiQEAAAEAAAAAAAAFaGVpc2UCZGUAAAEAAYp8nV/7XAcAbgAAAG4AAAAAAAAA AAAAAIgDMAGGx6ZHS8PgKG3lzPK4J+tVfnDAXOAobeXM7wAAqqoDAAAACABFAABGOBAAAEAR XUHAqLIBwKiyAwA10iUAMmdi34mBgAABAAEAAAAABWhlaXNlAmRlAAABAAHADAABAAEAASgF AATBY5BQ --------------582D89986A452AA4BF8553AD-- From owner-freebsd-hackers@freebsd.org Sat Oct 31 19:48:13 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id F2F4F454A65 for ; Sat, 31 Oct 2020 19:48:13 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from mail.metricspace.net (mail.metricspace.net [IPv6:2001:470:1f11:617::107]) by mx1.freebsd.org (Postfix) with ESMTP id 4CNqV46lKvz3cfs for ; Sat, 31 Oct 2020 19:48:12 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from [IPv6:2001:470:1f11:617:3210:b3ff:fe77:becd] (unknown [IPv6:2001:470:1f11:617:3210:b3ff:fe77:becd]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: eric) by mail.metricspace.net (Postfix) with ESMTPSA id 065D728B8 for ; Sat, 31 Oct 2020 19:48:05 +0000 (UTC) Subject: Re: Mounting encrypted ZFS datasets/GELI for users? To: FreeBSD Hackers References: <8d467e98-237f-c6a2-72de-94c0195ec964@metricspace.net> <20201026221215.GB31099@funkthat.com> From: Eric McCorkle Message-ID: <794d789d-4056-4152-e7f6-bf9d10d42518@metricspace.net> Date: Sat, 31 Oct 2020 15:48:00 -0400 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.4.0 MIME-Version: 1.0 In-Reply-To: <20201026221215.GB31099@funkthat.com> Content-Type: text/plain; charset=windows-1252 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4CNqV46lKvz3cfs X-Spamd-Bar: +++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of eric@metricspace.net has no SPF policy when checking 2001:470:1f11:617::107) smtp.mailfrom=eric@metricspace.net X-Spamd-Result: default: False [3.18 / 15.00]; SUBJECT_ENDS_QUESTION(1.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FREEFALL_USER(0.00)[eric]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; ARC_NA(0.00)[]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_SPAM_MEDIUM(0.35)[0.353]; DMARC_NA(0.00)[metricspace.net]; TO_DN_ALL(0.00)[]; NEURAL_SPAM_LONG(0.59)[0.591]; NEURAL_SPAM_SHORT(0.24)[0.237]; R_SPF_NA(0.00)[no SPF record]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_COUNT_TWO(0.00)[2]; ASN(0.00)[asn:6939, ipnet:2001:470::/32, country:US]; MAILMAN_DEST(0.00)[freebsd-hackers] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 31 Oct 2020 19:48:14 -0000 On 10/26/20 6:12 PM, John-Mark Gurney wrote: > Eric McCorkle wrote this message on Mon, Oct 05, 2020 at 09:45 -0400: >> I'm presently looking into options presented by ZFS encryption. One >> idea I had was something like this (I'm going to go with ZFS for now, >> but you could presumably do something like this with GELI, with more >> effort). > > I'd still recommend using GELI. Even w/ ZFS's native encryption, the > metadata for ZFS remains unencrypted, and able to be munged. If you > geli w/ ZFS and a strong checksum, like sha512/256, I believe that this > is the equiavlent to authenticated encryption, ala geli's authenticated > mode, but with significantly less overhead... Something to note is that GELI's authenticated mode changes the block size, because it uses the last bytes in each block to hold the MAC. This is likely to have consequences for performance. However, this also does suggest a ZFS feature that would create a MAC code for the root block of the filesystem (I am less familiar with the ZFS on-disk format, but as it's a write-once format with MAC information stored at each block pointer, this would have the effect of protecting the entire filesystem from offline tampering. > This has already been implemented in PEFS: > https://pefs.io/ > > and there's already a port for it: > https://www.freshports.org/sysutils/pefs-kmod/ Thanks, I'll look into this.