|
Zbr's notes...
|
Diary has been moved to the following
location.
|
|
10 Jul 2005
|
GPRS sucks - it is slow, expensive and very unstable link.
But good news is that it works with Sony-Ericsson T630 and
my HP nc6000 laptop, connected via bluetooth,
and Debian Sarge. I could even say that it works
out of the box, although if I disable nipdefault option in
ppp config, linux kernel hangs when first packet
enters the stack.
Acrypto will be discussed in upcoming
netconf 2005
linux kernel network development conference - Herbert Xu will have
a speech about async crypto developments, it's impact on IPsec and other.
|
|
9 Jul 2005
|
Tennis day - I played with WiJo again - this time
it was better, may be because of the weather, may be
because we played longer...
Hacking map waler finally - it works andcan even
generate a shortes path graph using Dijkstra
algorithm (but without Fibonacci trees now)
in a real time with about 100 vertexes now.
I plan to create some kind of alpha version tomorrow
and put some ugly screenshots here.
|
|
8 Jul 2005
|
unmap_mapping_range() is my friend - if call it before
remapping, remap_pfn_range() does not crash with
mapped PTE, but it is still wrong - there is no data
in mapped area. ok, after some digging into remap_pte_range()
and friends, I found some new issues - now userspace
application prints something, but it is not looks like
what I'm looking for, and without global TLB flush it
does not work, although I suspect it will work
with tlb_flush_mm(), but it is not exported to modules.
What I want to say, is that it is quite hard to develop
something in VM area without deep understanding, what
exactly is being doing - will read documentation
this weekend and play tennis.
Climbing today was great - I did several old traces easily and
finally finished my favorite and the most complex
for my skills for now. After that I finished
on-sight technically not very complex,
but strange thing is, that it has some quite high
rate there...
|
|
7 Jul 2005
|
Ok, it is not so easy to hack VMM in linux especially
if I did not do it before... BUG_ON in remap_pte_range()
is being caused by remapping pte that is already mapped,
i.e. pte.pte_low is not 0, which is always true since
PMD is not present and new PTE is allocated by alloc_pages().
|
|
6 Jul 2005
|
Sniffer development has been striken with unability
to remap physical pages into userspace's virtual,
since even in process context with sniff_taks->mm->semaphore
being held remap_pte_range() fails on BUG_ON(!pte_none(*pte)).
Will investigate it further...
|
|
5 Jul 2005
|
Although I live without TV, radio and internet, I still do not
continue map walker development, but startedto write a zero-copy
sniffer, although it is not as easy as I thought. It fails
each time I remap physical page from interrupt context.
|
|
4 Jul 2005
|
Climbed a little today - nothing speciall, only several old traces.
|
|
3 Jul 2005
|
Moved to the new loft today - some wearing apparel, laptop, books
and washing stuff and couple of other stuff - will move other things
later this week. Without internet at home it will be quite
hard to read mail and news, but hacking productivity will increase, I'm sure.
So I hope to create alpha version of map walker program this week and
begin to write fast kernelspace sniffer, which will allow
network packets "transfer" to userspace without any copying.
All existing fast packet socket implementation do at least one copy
with predefined threshold - either mmaped packet socket, or
PF_RING.
My implementation will "cost" one TLB replace vs. packet copy,
so I'm definitely sure it will be much faster.
I'm also want to start using blosxom
blog engine with RSS and archive and do not hurt people to
download about 200kb each time.
|
|
2 Jul 2005
|
I played big tennis today with WiJo - about of an hour in Luzhniki -
it was fun, I almost recalled all my old trainings and "experience",
if it can be called so.
We celebrated Grange's house-warming today! I congratulate him with
new loft - it is nice flat in a new house, but without any furniture
yet. I wish him nice living there!
|
|
1 Jul 2005
|
Climbing today - I failed most of the time with on-sight new traces -
thay are really complex, but I think I will finish them after several
trainings. Me and Grange are going to visit Krym and climb there
on a real rocks, hopefully it will happen in the middle of August.
|
|
30 Jun 2005
|
Fixed my in-kernel CARP implementation to work with the latest 2.6
kernel tree - one can find it in
archive.
It is not compatible with
OpenBSD's one
and with userspace implementation
due to security issues with the original code - it does not have
protect against replay attack.
One can find some discussion about it's usefulness in kernel
in the following
discussion
in netdev@ one year ago, when I first time presented it to public.
|
|
29 Jun 2005
|
Wrote several E1 flows to analyse - interesting channels are
r2(regional and foreign), ss5. R2 detector, HDLC and CAS bridges work
as expected, so everything flowed smoothly.
Read new kernel blog -
DaveM's blog.
It has some interesting projects in Linux networking
TODO list.
|
|
28 Jun 2005
|
Climbing! It was excellent today - I finally finished old
but very interesting trace without any wrong hold. It is quite
complex trace, many thanks to girl instructor Anna - one magic
moving and it is done!
|
|
27 Jun 2005
|
Some uninteresting cruft at work - we try to start CAS bridge
on top of my E1 driver and userspace - quite boring work, but
it must be done.
Hacked my in-kernel
CARP
implementation - although it is not compatible with OpenBSD one,
but has a security fix - appropriate counters protect
my protocol agaist repeated-send-attack.
|
|
26 Jun 2005
|
New blog engine - I will convert existing blog into new
www.blosxom.com engine
format and will begin to use it. Blosxom engine supports
RSS and archives - this is all I need fom weblog.
|
|
25 Jun 2005
|
Relaxing day - me and Grange decided to begin more aggressive
climbing training - hopefully at the end of August we will move
to Krim and real rocks.
|
|
24 Jun 2005
|
Day of big meetings - bosses decided to kick ours parts of bodies,
so we listened quite long lecture about slow development, bugs in
hardware and software, requirements of the market and so on.
Finally I've reached the end - I pressed bosses (small and big)
to 1. say what they do want from projects, 2. set priorities for all projects,
3. create detailed agenda. Unfortunately they did not understand or did not know
that when someone is being continuosly interrupted from different persons
and different projects none project will have progess.
I won!
Finally we moved climbing to skala-city. It was not easy - bottom rope trace
was easy, but I had not a power to finish it - arms were completely tired.
|
|
23 Jun 2005
|
Ok, from July, 1 I will live in a north-east part of Moscow - Severnoe Tushino -
not far from my work, not far from transport channels, with nice view to the
several garages, many trees and if you raise eyes a bit upper you will see
nice water are with several quite big ships - it is Himkinsky reservoir,
hopefully I will like that place and will live there without problems until
by my own flat.
|
|
22 Jun 2005
|
Ok, I found new flat - will move there in a week, it is nice loft, but without internet
access, may be it is even a good thing, since there will be much more time to develop
interesting things.
|
|
21 Jun 2005
|
I wonder why people so like to make photographies?
They do it using different photo cameras, discuss pixels to death,
make photos of almost everything, and it looks like they
really like it. What? What is so interesting in it?
I even can understand phonomania - mobile phone is small and
has nice set of features like games, organizer and so on, although
I never used mobile phone for something except speaking, and
and anyone can use it when he has nothing to do, but what is
so especially attractive in photo cameras?
|
|
20 Jun 2005
|
Installed Fedora Core 4 on one of my test machines at work - x86_64
version has only one bug I found - openoffice.org-core rpm is broken,
which one time required me to reboot and repeat installation
from scratch. This machine is my main desktop now instead of previous
P4 with broken hard drive. Nothing particular interesting at work,
but the whole day was spent in something small hacks all over the place.
Tomorrow will go to synchronously capture 8 E1 flows with "new" E1 driver
for linux kernel 2.6 and new userspace.
|
|
19 Jun 2005
|
I've written Dijkstra algorithm implementation (simple one for now,
sithout Fibonacci trees) and appropriate
graph abstraction, also modified a bit my crossroads detecting
algo, I hope next week I can find some time to link them to each other
and create first alpha version of my bitmap road walker.
My index page with blog becomes too huge - about 170Kb, I need to
search something new instead of grange's sources -
something small, very easy for setup, with archive,
it could be very nice to have RSS support too.
Any ideas?
|
|
18 Jun 2005
|
No, I'm not going into that flat, and it is good. Instead I've almost sold my car -
I've given it to man who will clean it, fix small bugs if they are, and actually
sell - I like such business approach since I completely have no time and wish
to do it myself. I did not ride in my car already about two months, since
ensurance and technical examination were finished, but time did not allowed
to get new ones, and actually I was not upset about it.
Met with Abr and Tanya today - Abr will return to London in Monday,
spoke about his life, about Abr's heir Anton, about anything and nothing -
it was very nice to see him in Moscow.
|
|
17 Jun 2005
|
Found a new flat - it has couple of disadvantages, like distance from transport
points and small size, but it is nice, probably will move there next week.
|
|
16 Jun 2005
|
I pinged linux kernel crypto maintainer again, let's see what it will result in.
It resulted in "not-yet, too busy"...
|
|
15 Jun 2005
|
Climbing! Finally climbing! It was good, very good.
Grange was there with his frind Oksana - nice girl, she climbed first time,
but shinned up quite well.
I did only two old traces, and found interesting finish after "official" one,
where people said there is no trace - very nice trace. Next time
I plan to go there in a couple of days - it's time to start new investigations.
|
|
14 Jun 2005
|
First day after vacations brings me several surprises -
first one and the most unpleasant, is that my hard drive
Maxtor 6Y080M0 died with all work on it. I have backups
so I do not worry much about it, but it takes already too long
to setup new system, restore from backup and so on...
And none of my test machines has X or even framebuffer.
Second surprise is "nothing-works" words, after filtering
emotional noise I found, that I did not wrote some makefile correctly,
so that project did not compiled, noone replied when I asked, why
noone changed one string with default directory in Makefile. Ok, my fault.
Third surprise was long negative flow about unability to other developers
to commit into my projects. Heh, I did already opened
my trees to public commit, and they were broken in a couple of
days with huge amount of negative comments about bugs.
Magically noone says nothing when I asked why projects were
changed without my OK, so I just decided to drop rw access
to my trees. Heh, people really do not like and are scared when some
responsibility will be placed on theirs shoulders after
commit without OK, so after small lecture for colleagues
about distributed development and some rules in it,
we decided to postpone this discussion.
So, I'm sitting near half-working test machine with broken
HDD too (sigh, it is Maxtor too - 6E040L0),
writing in a 80x25 console and waiting while multi-gigabyte
home dir is being copied from one disk to another...
|
|
13 Jun 2005
|
Working on map analyzing program - it promises to be very interesting
projects - Wijo and Perec already participated to promote it,
they are managers in Formoza and Nortel, so happy future with my own
start-up not very far away :)
Basical idea behind this program is to analyze bitmaps, obtained
for example from scanner or on-line map sites, and convert them
using my own algo into road-graph,
so graph alogrithms can be used to find the shortest
path, it also can have GPS binding and some feedback from operator
with info about traffic-james and so on. As far as I know it
does not have any analogues, since any such systems always use
pre-loaded expensive vector maps, for example BMW in Russia only
has maps for Moscow and St. Petersburg, while my program
uses original bitmaps and thus can be used in any area.
But since it uses not precies vector-maps, it is not precise
in it's analysis, like one may not rely on GPS binding to the original bitmaps.
I'm going to write a simple note today about future of acrypto and let's
see how good I am in future prognosis.
Here we go: my acrypto future
prognosis.
|
|
12 Jun 2005
|
Bicycling and swimming day - whole day was spent on a river -
we drove there on bikes, had small drink, talking and swimming -
it was very nice time.
|
|
11 Jun 2005
|
Meet with old friends - Wijo and Perec - we drunk a little beer, discussed
some news, talked about friends and so on. When I'd begun to
clean the loft I calculated more than 20 empty beer bottles - nice meeting...
|
|
10 Jun 2005
|
I've begun to search new living place - unfortunately
without much success yet but with a good start. Hopefully
next week I will move to the new location.
|
|
9 Jun 2005
|
Grange finished it's Master's degree. My congratulations!
|
|
8 Jun 2005
|
Fighting with IPsec a little - it does not work in transport mode between
test SMP machine and my gateway - second phase is not being seen by
receiver side. Turned soekris board on - it does not start userspace
or start in in a weird manner - I see nfs is mounted but ping does not
work. Without HIFN card everything works fine.
|
|
7 Jun 2005
|
Relaxing day... You know, if starting day from several glasses of brandy,
day becomes absulutely different. Rest of the day was spent reading
Vladimir Gilyarovskiy "Moscow and Moscowers" - interesting documentation
book about Moscow and it's borns at the end of 19'th century,
in many aspects those life is not different from current one.
|
|
6 Jun 2005
|
Studied LRW and EME crypto modes - they are an AES modifications to support
tweakable IV, although it is not exactly IV, since it is per-block
multiplication of the "iv" in the finit field GF(2^128), it can not be transfrmed
into normal AES block operations and then multiplication of the
whole buffer in general, although in ECB mode it can be splitted
and thus can use hardware crypto acceleration using crypto routing.
|
|
5 Jun 2005
|
Found Windows history graph
at Dave Jones's blog -
it has so many "releases" so I wonder how many people work in MS in kernel development...
Today we celebrate Mephody's moving to Ireland and Ira's birthday - nice Moscow's "Yakitoriya" -
tons of sushi and wasabi (hugh, it's a really nice stuff!) and some japanese meat -
it was really tasty but I do not want to go there again - japanese food is not for me definitely.
Later we moved to some latina bar - nice dancing there, normal russian vodka... It was the last
meeting with Mephody before he goes to Ireland - I wish him much success at Dell there!
|
|
4 Jun 2005
|
Bike season has been opened! Nice 2 hours riding in a deep swamp
near Moscow - dirty up to ears, tired unspeakable - and that was great!
|
|
3 Jun 2005
|
Applied all Ben's patches and wrote new reconnect feature for w1:
if on start there are no registered families all new devices will
have defailt family, later when driver for appropriate family is loaded,
slaves, which were faound earlier, will still have defult family instead
of right one. Reconnect feature will force control thread to
run through all master devices and all slaves found
and search for slaves with default family id and try to reconnect them.
Sent all 6 patches to lm-sensors@ and GregKH. Also updated an
w1 archive.
|
|
2 Jun 2005
|
Climbing was good today - I finally finished all last found traces without
major problems, but then found that the most complex one that I finished
before does not have couple of holds now, so I did it before not fairly
and now fail just on the start. Grange did not climbed today - only one trace,
he damaged his arm, I hope he turns itself on shortly.
Ben Gardner BGardner_Wabtec.com has created a patch for w1
which implementes new on-demand scanning, alarm search and some
other cool stuff. I like that changes, thanks Ben.
|
|
1 Jun 2005
|
Vacations! Vacations! Vacations! I like my work, but it becomes to boring,
so I think it is good time to have a rest from it for a couple of weeks.
|
|
31 May 2005
|
The last day at work before vacations! Inspired by this fact
I went climbing - it was great! I finished couple of old traces -
where I failed on-sight, they are definitely tricky, especially
one with super relief finish with negative slope on wave at the end.
|
|
30 May 2005
|
Finally after couple of happy years without mobile phone I've bought it.
Sigh...
Probably it is first step to new life? I hope it is not.
My vacations planned to start tomorrow postponed to wednesday -
people at work still needs to me to confirm that bugs are fixed
and all are happy - unfortunately they are not - since
there are always many bugs, there is no need to check that couple of
them have been removed under the last day pressure...
Tomorrow I want to be free.
|
|
29 May 2005
|
Hacked passive OS fingerprint module: clean code up, added kernel connector support.
One can find the latest version in archive.
|
|
28 May 2005
|
Drunk a little with Grange - discussed geopolitical situation in the world,
new space technologies and modern science directions in physics,
psychology and social states. Or did not and only drunk beer a little
with volgograd's fish chuhon'? Maybe...
|
|
27 May 2005
|
Climbing was great - found new trace, but it was latest, so
on-sight failed. Will finish it next time. Either a day was very hot or something,
but I failed every trace, but nevertheless it was good.
Found an exploit for watermark attack against cryptoloop -
some day ago I fixed it in bd
and concider it theoretical.
|
|
26 May 2005
|
I've finished asynchronous IPsec and acrypto patch - you can find it in archive,
but it was not tested yet - there are some tasks at work.
|
|
25 May 2005
|
Electricity in a quite big part of Moscow was turned off today morning - some problems
on Kapotnya power station and central energetical ring in Moscow -
south districts and part of central one did not have an electricity,
some of them even water. It seems that all is fixed this evening.
|
|
24 May 2005
|
Spent big part of the morning chinwaging with colleagues about how my code
is working - my main goal was to convince some of them that without
looking into the code it is quite hard to determine where the problem
is and even state that problem exists, unfortunately I failed to do it.
Later began to work and found that it is quite hard to live between
a rock and a hard place when someone wants functionality extension while
others do not. That is why I hate to and will not be project manager.
|
|
23 May 2005
|
First hot day - more than 20 degrees centigrade today.
The whole day was spent fighting with HDLC processing code - finally it works
after more than 10 hours at work. Evening was spent gaming (!) into
FreeCiv2 - it is a super game!
|
|
22 May 2005
|
Climbed in Extreme - nice place alhtough I did not finish on-sight
one interesting trace I definitely like it.
|
|
21 May 2005
|
Small acrypto update - do not use deprecated sleep_on* and do not use
direct schedule_timeout() calls.
I've read an article
about Christianity, Jesus and his descendants Merovingians,
Order of Temple and Order of Sion, theirs purposes to set
to all world powers only descendants of Jesus Christ,
and that current Russian president Vladimir Putin is such descendant.
Interesting funny reading...
|
|
20 May 2005
|
It looks like connector is going to be removed from -mm again.
And I'm not going to stop them. Again.
People either completely misunderstand what it is and how it works,
or just do not want that code. Unfortunately there are at least 5 persons
who dislike my code, although they never said what exactly they do not
want, and only two who want that code. As far as I can see, there is
just no way to solve message bus problem without all those stuff
connector provides. But some people think that simple netlink
wrapper will magically solve theirs requirements to send messages
to userspace. Ok, it can solve _notification_ problem,
and will not require kobject, iscsi, audit and others to reinvent the wheel
and process skb by itself, but it just can not deliver messages
in the reverse direction - from userspace to kernelspace.
This requires either new socket number and new input data callback
for each user, and thus each of them must know what skb is, how
it must be processed, freed and so on, or one needs to create
only one device with one socket number and one callback, and
parse input data and deliver it to the registered users.
This is all what connector does. As a bonus, which some people
want to remove, it also allows an easy creation of the new transports
under it, for example like TCP sockets or ioctl, without complete
rewrite of the driver.
I hope people will think a lot before creating new message bus implementation,
and it will be definitely the best system for it's tasks.
I've updated w1 sources in archive and pushed it upstream - some cleanups mostly.
|
|
19 May 2005
|
Climbing was great today - new traces, old ones - I finally found how to solve
one trace that tormented me a lot - but now I know it. Next time I'm sure
I will finish all those traces without musch problems.
|
|
18 May 2005
|
Badminton training today - it was fun to fight with the wind with
shuttlecock almost without feather with it's unpredictible trajectory...
|
|
17 May 2005
|
That was Rox! Climbing was excellent! Not too much time at the walls,
but definitely it was very good - I wonder I still can shin up
even after such a long delay. I want to repeat it already, but need
to wait a day to relax.
|
|
16 May 2005
|
Monday - too many problems at work, and all they must be fixed before
my short planned at June vacations. Fixed some D16 bugs, worked with IPtel
and new E1 userspace tool, talked with colleagues about nothing -
day has been finished very fast and actually nothing wos done. Bad.
Fortunately tomorrow will go climbing - I was not there couple of weeks
already. Very bad.
|
|
15 May 2005
|
Big shopping day - I think next such a day will be in a year minimum...
Modern supermarkets are really monster-shops - one can find there _anything_
it wants. It's gigantic square can not be observed per diem.
What is really nice that all shops there are comfortable and well-designed
with pleasant people and really good commodities.
|
|
14 May 2005
|
Discovered some bugs in network/xfrm core while thinking about async IPsec,
Herbert Xu pointed that my analysis uncovered similar bugs in other places,
hopefully they all will be fixed in the next kernel release.
|
|
13 May 2005
|
I've read both books about Hadja Nasreddin - "Vozmutitel Spokoystviya" (Incendiary)
and "Ocharovanniy Prince" (Charmed Prince). It was a really nice week with
that books - his wit, humour and faith in the real goodness of all men
gives me confidence and much pleasure of life.
|
|
12 May 2005
|
Managers... I hate that people - the whole day I need to sit with them
and listen about marketing, clients, theirs stupidity and so on,
I could work only at morning, when they were still either at home or
did not combined thiers effort to spoil my day yet. The most unpleasant thing
is that we did not solve any problem, only senselessly spent our time.
|
|
11 May 2005
|
Some D16 work today - it is almost finished, hopefully tomorrow I begin
to work with E1 userspace rewrite... As stated in some of Murphy's law -
there is always no time to think before project and finish it right from the first attempt,
but there is always time for complete rewrite. I would like to be able to
look sometimes into other's mind (especially my project managers) before starting to
even think about project design.
|
|
10 May 2005
|
Relaxing day - nothing interesting happend today - various reading, film watching
and so on. The main agendo for the upcoming week is to create acrypto support
in asynchronous IPsec and finish pending work with E1 driver and attached userspace rewrite,
it is also required to add several features for D16 digital telephony board.
|
|
9 May 2005
|
I congratulate you with Victory Day!
|
|
8 May 2005
|
We decided to have a friends meeting today - there were Mephody and Ira,
Fedor, Ira and Yulia (junior), Lyasha and Olga (first meeting today
with Lyasha's wife Olga, btw), vel0city (Pavel Poloskov) and his girlfriend Nadezhda,
perec, Yulia, Alexander, Max and me. It was very nice meeting at forest with shashlik(barbecue),
hot drinks, nice jokes and... rain. People usually do not like rain, but not me,
it was quite good time there with my friends, although all were wet and cold,
but nevertheless quite content.
|
|
7 May 2005
|
I've done bookshop robbery - have bought several books about
Hadja Nasseredin and Peter the First. Hadja's adventures
in an ancent Near East are optimistic, ironic from some point of view
and really funny - it brings good mood and fervour.
I've seen film "Dogma" - nice theological comedy.
|
|
6 May 2005
|
Much work at work - driver changes for E1 card, big userspace rewrite
has been started - nothing interesting but boring...
|
|
5 May 2005
|
Today we celebrate Abr's heir birth - he will be called Anton probably.
The longest time he can keep silence is about 2.5 hours - parents
already distinguish his screams and spirits. Nice child.
|
|
4 May 2005
|
Conector has been included into -mm tree.
|
|
3 May 2005
|
I've done asynchronous IPsec
patch
[without debug] benchmark with netperf:
./netperf -l 60 -H gw -t TCP_STREAM -i 10,2 -I 99,5 -- -m 4096 -s 57344 -S 57344
TCP STREAM TEST to gw : +/-2.5% @ 99% conf.
async-ipsec, 10^6bits/sec: 35.42
sync-ipsec, 10^6bits/sec: 37.11
So with descibed timer deferring without any additional hardware acceleration
or full SMP usage it is only ~4% slower due to asynchronous overhead.
|
|
2 May 2005
|
Updated w1 - it now supports new simple rom chip with
family ID 0x81 - it is used in DS9490* w1 adapters.
|
|
1 May 2005
|
I congratulate you with the May First - day of spring and labour, or
something like that and also with Easter.
What I want to say about tequila, is that it is drunk much
easier and pleasurer than classical russian vodka, yesteday
me and Grange finished 0.7 liter of "Sauza gold" and it
was quite good time. Since today, when I've woken up, I still
drunk I believe I will not drive climbing...
|
|
30 Apr 2005
|
Updated w1 archive - this update is cleanups only, I did not change
functionality. There is a bug there - if sysfs file is referenced,
but operation was not yet performed and w1 object is removed,
it can reference freed memory. And I also want to rework it's
control logic and put most of it into existing control thread,
that will alllow easy w1 object control from any context
and thus using connector for that.
Asynchronous IPsec procesing was not commented yet, I think I
should also publish some my thoughs about that patch. I've put
patch into
archive
and some description into
README.
Ok, I've sent basic ideas and above patch description to netdev@
and some networking people - hopefully patch reviewing and commenting
will be accelerated.
|
|
29 Apr 2005
|
Asynchronous IPsec works now!
I believe my approach has some bugs,
but it is only the start, I've sent it to netdev@ and
wait networking people to send me some feedback about it.
|
|
28 Apr 2005
|
Asynchronous IPsec [if it could be called so, now it is only 20 lines of code
on top of existing native IPsec] crashes instantly,
unfortunately I do not have serial console here and netconsole
does not work with e100 and 2.6.11-rc4-mm1 kernel,
so debugging is almost impossible. I need some tea
and think a lot about moving my test environment to more recent
kernels...
Ok, new kernel is 2.6.12-rc2 - netconsole probably works,
although with KERN_WARN and above log levels, KERN_INFO - does not,
do not want to investigate why it is so, I've concentrated on IPsec,
found why it crashes and hopefully tomorrow will fix it.
And now I'm going climbing - I was not there more than a week!
|
|
27 Apr 2005
|
Long discussion about connector and it's "bugs" finally
has been finished - no bugs were found, design was opened,
discussed and chewed. I've sent connector/CBUS
patch to Andrew Morton - hopefully it will be integrated into
next -mm release.
IPsec has begun to crash - this is definitely a progress,
unfortunately it dumps too many unrelated data,
so I can not see the reason now, but I strongly believe
that it will be not to hard to fix - many thanks to Linux'
stackable DST entries in network core.
|
|
26 Apr 2005
|
Updated connector - it was moved to kthread API and has some
small cleanups. Updated w1 - mostly untested yet cleanups,
will add more stuff and test all changes later today.
I plan to support slave management callback in w1 family strucuture,
that will allow per-slave attributes creation and
implement various per-slave tuning things.
|
|
25 Apr 2005
|
I've returned from my trip to Belgorod - it is very
nice and clean city, which is being rebuilt directly
in our presence.
|
|
20 Apr 2005
|
Morning hacking - rox, when I'm at work in 7 o'clock
there are plenty of time to do the things: today I fixed
many bugs in E1 driver and finished big refactoring work,
which has highlited some bugs and now slowly move to
the driver finish, unfortunately next big task
is userspace changes, which are very uninteresting and boring.
|
|
19 Apr 2005
|
Ok, I removed AH mode from IPsec and recreated configuration
files for racoon without automatic RedHat tools and
host to host tunnel mode works now. I need to do
some usefull things which are directly concerned to my
work and after it I begin to work on IPsec support
for asynchronous crypto processing.
|
|
18 Apr 2005
|
Trying to set IPsec host to host tunnel and finilly begin
to change Linux 2.6 native IPsec to work with
asynchronous crypto layers, but simple configuration cloning
from one Fedora Core 3 machine to another with appropriate DST changes
does not work - IPsec fails on the second SA negotiation stage.
|
|
17 Apr 2005
|
Added support for ds18b20 and ds1822 thermal sensors to w1 driver.
That required soldering iron work - my w1 test setup was completely
broken, but now it seems that w1 works good.
|
|
16 Apr 2005
|
I called all my friend today to "5 oborotov" - I hope
Mephody with Irina, Wijo with Alexandra, Yuliana, Fedor and Irina
will be there. Unfortunately Abr is in England and will
go here not very soon.
Abr will be a father! I've seen Tatyana - Abr's wife,
theirs son will be borned in a couple of weeks!
I wish them happiness and success.
|
|
15 Apr 2005
|
Magically many years ago I was born... So I celebrate it today.
"5 oborotov" is a nice place - good beer, pleasant decor, nice atmosphere...
|
|
14 Apr 2005
|
Ok, I've written big part of the new E1 driver - now it detects
the main DSPs, time slot interchanger (Lucent Ambassador TSI),
so I think it is enough for now.
Climbed in Skala-city - one trace took the whole time,
but I failed, that was interesting bottom rope trace with the strong negative
slope - I need more training, more technique...
|
|
13 Apr 2005
|
What would you expect? I fought with the sleep again...
I need to find some motivation to finish E1 driver
rewrite for our E1 board,
and also I want to start IPsec encryption part rewrite to
support acrypto - I localized this area already and even have
some thoughts how to move it out of xfrm BH lock and
change to use acrypto, but it requires time and again - motivation.
Unfortunately Herbert Xu, new crypto maintainer, after some discussion
with me last week, when he asked about crypto device standard API
for crypto sessin processing, and I described him my design, showed
HIFN, VIA and FCRYPT drivers ported to acrypto,
but after it he began to keep silence again...
|
|
12 Apr 2005
|
Fought with the sleep at work and waited tonight climbing.
It was good - although we could climb more time there.
Connector/CBUS has sinked into the silence - either all like it
or did not even reviewed, and thus it does not bother them.
Probably at the end of the week I will ping Andrew to include
it into -mm again.
I congratulate you with Cosmonautics Day - in 1961 Yuri Gagarin
had done first space flight.
|
|
11 Apr 2005
|
Updated connector sources and sent connector/CBUS into netdev@,
linux-kernel@ and network hackers for review.
Began to read "Kutuzov" - excellent historical reading.
|
|
10 Apr 2005
|
SMP machine with HIFN 7955 adapter does not boot,
it looks like that card completely takes control
and fuzzes the bus, main CPU even does not check memory
and other PCI adapters.
Climbed a little - some small progress is still there,
which only gladens.
Unstoppable discussion about connector merits -
people really do not want it, but there are allies -
people who understand why messaging system is good
and why it is needed in a way connector implements it.
|
|
9 Apr 2005
|
I've updated connector and bd sources.
Connector/CBUS now has new API - it uses GFP mask
in sending call, so it is rock stable against OOM
in situations where usage is happen in process context.
bd has new bd_net filer, which is only prototype,
which is not usefull - speed is too low, since there are
some long sleeps in sending/receiving pathes, but
since bd was never a high-priority project, it
probably will not be fixed soon.
I hope to devote much time to HIFN or
asynchronous crypto in IPsec support this weekend.
Also updated Soekris SuperIO PC8736x package and acrypto to use
new connector API.
Updated acrypto - fixed one crypto route related bug, but it requires
testing. Also moved some bits around reference counters and locks.
Katpyxa presented a bottle of Sauza Tequila Gold to me - that is a
good sign so something must happen.
Update HIFN driver - fixed (implemented) FIPS startup check, removed unused code,
coding style celanups and so on... Moved my PCI HIFN 7955 card
into SMP test machine, so I hope to make more testing and developing
in this area.
|
|
8 Apr 2005
|
Extended connector/CBUS' functionality to support
GFP allocation flags in insert/send operation,
also added check for CBUS' queue length and remove probable DOS
condition if queue becomes too big.
Later read about
superstring theory,
which is the leading candidate for the theory
of all fundamental interactions in the universe.
I learned quantum physics some day ago
so it was very interesting to see how far is
modern physics from what I remember.
|
|
7 Apr 2005
|
Connector and superio were dropped from -mm again,
Andrew Morton rejects CBUS since he does not understand
it's profit. Greg also dropped connector, superio
and kobject_uevent changes from his trees,
"because he's radically changing the way he handles patches."
|
|
6 Apr 2005
|
Wrote several patches for connector and CBUS, mostly small
cleanups, code documentation and so on...
I was offered to remotely create w1 driver for DS1957
Java powered iButton, but unfortunately acrypto and connector
currently take all my free time. I mean free after reading and
climbing.
|
|
5 Apr 2005
|
I've ported
one of our video board
to 2.6 today - it was quite messy, since a lot of API/ABI was
changed from 2.4 time and driver itself was written with bugs.
|
|
4 Apr 2005
|
I've been told today, that copy_to/from_user may use MMX registers
in kernel mode. Author of the above sentence is quite respectible
person in a company, he even recommend me to RTFM... Magically
after objdumping a little we found that MMX is never used
in kernelspace for the common tasks, but he just has gone.
C'est la vie.
|
|
3 Apr 2005
|
Abr says that in Germany it is like russain ealy summer -
blooming bushes, clean streets. In Moscow only couple of days
temperature is higher than 0 degrees Centigrade - dirty streets,
thaw ice.
Whole day I'm reading the book, did not even go climbing
and did not hack HIFN today - I definitely must turn priorities
over, since there is almost no time at work to do it.
|
|
2 Apr 2005
|
Grange finally has taken his driver's certificate after 4 months
of official circumlocutions - it is so common situation unfortunately.
I become absorbed in "Petr Perviy" book - after so many years
it is still the best reading.
|
|
1 Apr 2005
|
Day of jokes and fools - some people believed in my patch,
which completely removes i386 arch from Linux kernel.
Long discussion with Andrew Morton about connector's design
in linux-kernel@. Mostly small cleanups and suggestions.
But he definitely disagree with CBUS design - Andrew
thinks that it was designed to improove connector's speed,
but it is not, the main CBUS design is to greatly decrease
event insertion time and latency. And CBUS perfectly solves
given task. Benchmarks showed that with CBUS and
fork event with fork bomb event notification has
less than 0.5% overhead over the whole fork()+exit() time.
|
|
31 Mar 2005
|
Climbing. It was real climbing. It was just damn good climbing.
I've done old trace which drove me nuts - now it's finished.
So I need to find new itch.
|
|
30 Mar 2005
|
It looks like people are dissapointing about connector, even
if they can not create better implementation,
and any existing are worse. But it actually not
a bothering problem - do not want, do not use.
|
|
29 Mar 2005
|
Third day climbing - hard time, no progress actually,
only tiredness.
|
|
28 Mar 2005
|
Father brought me my favorits books:
- Alexey Tolstoy "Petr Perviy" [Peter the First]
- Leontiy Rakovskiy "Kutuzov".
I learned a lot from them, now I want to remember.
Climbing with father in Skala-city - it was his first time
at climbing zone, I do not know if he liked that, but
he was too tired, he already not in the young age,
so he was the oldest man climbing there.
|
|
27 Mar 2005
|
Climbing day - finally I've done whole relief trace, also
shinned on some new traces with the upper rope.
I absolutely did not notice how quickly day was finished.
While relaxing I watched new cartoon film "Robots" -
excellent movie! I recommend it for everyone from the
kids to the oldmen.
|
|
26 Mar 2005
|
Relaxing day - watching the films, listening to the music, eating
and drunking. OCF as concurrent asynchronous crypto layer was recently
released with RNG and Public Key support. OCF required some changes
to support it, but acrypto needs only definitions of the new crypto
operations/modes. I've ported hw_random.c which supports AMD, Intel
and VIA chipsets with HW RNG, but I also want to implement PK support
for HIFN, since it will be first open source public PK implementation
for theirs hardware, I believe it will not be so easy, I still remember
how I fought with symmetric crypto in that chip. OCF supports PK
engine for
SafeXcel 1741 and
SafeXcel 1142
crypto co-processors, which is simpler and slower than HIFN
(1741 model has about 320 Mbps of 3des/sha1 IPsec transform, which is
the same as HIFN 7955 and about 1.5 times slower than HIFN 7956 (534 Mbps)).
I would like to have other hardware to create acrypto drivers,
but unfortunately it is not possible in Russia - there are no selling
firms, HIFN's trade delegates was created in Russia only last year,
and I doubt there are any other, delivering from the Europe requires
remote contacts. I really hope new generation
VIA
boards will appear in Russia quickly after it's presentation in May.
It would be really great to implemet it's excellent crypto capability
before any other OS on the market.
Unfortunately other vendors with theirs really great production solutions
are not presented on russian crypto market (if it can be called so).
|
|
25 Mar 2005
|
Ported hw_crypto to acrypto framework. Not tested, but is obvious enough.
Since I cleaned acrypto archive a lot (removed plenty of unused crypto test
drivers), I updated acrypto archive too.
Climbing was great - I've done power start for relief bouldering
and can say that I've finished that trace - I think it will be
my main limbering-up trace in Extreme.
I've also opened some new holds for the new traverse, but it
is still not even half-finished.
|
|
24 Mar 2005
|
I've added acrypto support for hw_random.c - it is very basic, only upto 4
bytes supported now, but it was quite easy, so I wiil add full support
later today.
I wanted to go climbing today - but unfortunately yesterday I drove people
up to the late night, so I decided to skip todays training - maybe tomorrow
or definitely this weekend...
|
|
23 Mar 2005
|
What do you expect? It was yet another lazy day - nothing, absolutely nothing
interesting.
|
|
22 Mar 2005
|
Ok, fixed bd_net crash, it was small typo in hashing function, which returned
index counted from 1, not 0. Now it can send and receive data,
so I will test it's performance soon and try to tune it. Sending part
currently takes too much CPU, it needs to be fixed too.
Grange can not go climbing today, so I will go to
Extreme alone, I want to finish
balancing traverse over the reliefs and some new traces that instructors
showed to me last Monday.
Climbing was excellent - I finished [I think so] relief trace,
although found that it was simple variant, which can be complicated with
a powerfull start. Also found various new traverses, so there are
plenty of things to work on.
|
|
21 Mar 2005
|
Spring decided to joke - minus 10 degrees Centigrade was this morning.
I feel myself insane - today at 7 o'clock I was at work, and since all
normal people still sleep or only awake that time, there were plenty of place to park
my car, but I decided to move it into the snowdrift...
After the work I spend quite a long time trying to dig my car out - hopeless
business.
But fortunately there are good people here - one man volunteered to
pull my car on his SUV, great thanks!
|
|
20 Mar 2005
|
I've announced CBUS in linux-kernel@ and go climbing. Day begins very good.
Climbing was really great - new traverces and old reliefs, negative slopes
and vertical walls, that was very exciting.
|
|
19 Mar 2005
|
My car has something strange under the bonnet - it magically worked today
after blowing through and the trial. Tomorrow I finally will go to the
weekend climbing.
Writing cbus today - ok, it works now, I will benchmark it later today or tomorrow,
and expect negligible speed degradation on insert operations.
Ok, after some performance tuning vanilla kernel and kernel with fork connector
enabled perform absolutely the same - cbus just works as designed.
I've updated connector's source in
archive
and will announce it tomorrow in linux-kernel@.
|
|
18 Mar 2005
|
bd_net works now - but two issues remain - the first one is performance testing
and tuning(from the asynchronous crypto provider creation experience)
and the second one is that bd currently allows only one backend filter, which
means that bd_net can not be used for anything, since it currently receives/transfers
data but can not access the real storage, since file backend can not be registered.
It is very simple task, so I hope it will be fixed this weekend and I can become
cbus (very fast for insert operation message bus based on connector) creation.
That bus can (and hopefully will) be used in accounting modules. Current
fork() accounting module uses connector's methods directly which requires
big lock holding and shared between multiple CPUs memory access, which
is not scalable for large CPUs number.
|
|
17 Mar 2005
|
I'm too close to bd_net finish - last thing to do is finishing data acknowledgeing
mechanism, currently it is only semi-functional since only receiving part was
created. bd itself has very interesting ideas inside, but it can not be used,
since there can not be several BIOs processed at once, although bd core
may be extended to have some information about currently asynchronously
processed BIOS, and wait only when new BIO comes which accesses area that
another BIO has and that BIO is not finished yet. bd_net is a break line
since it intruduces fully asynchronous event - new command must be received
to finish some old command, so bd_net has various hashing mechanisms inside
to optimize request searches, but all that complexity actually is not needed.
But it was quite challenging to write such a monster like bd - it currently
has almost the same possibility as device mapper(with all it's backends
like sw raid, dm-crypt) with greater speed (although I tested only dm-crypt)a
nd with bd_net it will be far away in feature set. Although one may always
say that it is not task for device mapper, but only for backend devices
(loopdev, dm-crypt, nbd).
|
|
16 Mar 2005
|
Fixed some cruft at work - but that magically turned me into laziness mode -
no bd hacking, nothing interesting - only asleep fighting.
Got to home and began to watch stupid films.
Nice day...
|
|
15 Mar 2005
|
bd does not crash the system already, but still is not very usable, hopefully tomorrow
I will find time to finish it, since some bugs apeared at work...
Climbing was good today - although I did not finish any trace absolutely
clean(sometimes it was wrong hold, there was some hovering with bottom rope),
but nevertheless I feel I can do them. It was really exciting.
|
|
14 Mar 2005
|
Acrypto has some ineterest for people - Herbert Xu (new kernel crypto maintainer)
did not rejected it, but asked about some design notes, and the way they can
be changed. I disagree with him, so let's see what will be next.
bd hacking - it already crashes the system, so I can release alpha version...
It does not support feedback and thus READ command yet, but the majority of
the subsystem is already written and hopefully today will function properly.
Ok, bd_net can somehow handle requests but it can only send them to the remote service,
unfortunately it can not receive data in kernel mode(not replays, but requests itself)
and it looks like vanilla nbd also can only send data
(and receives replays, but I suspect bd_net filter can receive replays too).
This is not what I expected...
Ok, bd receives requests in kernel mode, and crashes the system there - it is very good!
I think it is enough for today, tomorrow will fix the bugs and finish protocol realisation.
|
|
13 Mar 2005
|
Spring! Spring! +3 degrees Centigrade in Moscow!
|
|
12 Mar 2005
|
Badminton training today - that was great, couple of hour of running, jumping,
striking and floods of sweat and pleasure. I like it.
My car has a problems with carburettor, so I do not go climbing
on weekends now, which is very dissapointing. I definitely want to change this
situation.
|
|
11 Mar 2005
|
MD5 officially cracked -
link to Schneier's blog.
8 hours on 1.6Ghz computer to generate two X509 sertificates with the identical
signatures using md5 as hash function.
|
|
10 Mar 2005
|
Lazy day - I try to work on bd_net, but it moves slowly...
I've tested bd_fd file backend filter with various combinations like
chaining(one bd device is a backend for the second), also tested
swap over bd - all works, so one may create [encrypted] software raid using
bd and use itfor example as encrypted swap. When I finish bd_net it also may be used
in raid or as swap since current in-kernel nbd can not.
I stick developing bd_net protocol - I want it to be simple, have very little
overhead (compared to nbd's one) and allow management information exchange
(to allow remote discovery, which is completely missed in nbd),
but laziness stops me.
Ugh, power climbing was today - after the first trace I became completely broken,
later on the trace that I tried before only once, something jumped out of my
shoulder and did not want to return back, so I shinned up not high today,
but nevertheless it was really good.
|
|
9 Mar 2005
|
I started to write bd_net backend filter - network block device replacement,
which will be integrated into the bd framework. The next will be split filter,
it is software raid analog, after it I may say that bd framework is completed.
They are purely software projects, thus without hardware bugs, so I think
I will finish them this week.
I've just thought, why do I need split filter, when I already
can add several file backend filters to the same device, so block
request already can pass several real devices exactly like it is done
in software raid? One thing, that should be changed, is filter flags -
currently file backend filter has a WAIT flag, which means that next
filter will not be processed until current one is finished. It is not needed
for the all but the last file backend filters, since we want data to be written
as much in parallel as possible to achieve greater speeds. bd however will wait
until BIO is processed in all filters before it begins next one.
|
|
8 Mar 2005
|
I congratulate all women with International Women's Day - if you even
do not know about such a holiday - just make them something pleasant.
I've received about a dozen e-mails with different janitirial suggestions and
nothing more.
Ok, Herbert Xu, new kernel crypto maintainer, replayed -
acrypto and other implementations will be reviewed next couple of weeks.
I've written and published in lkml@ small patch for bd_fd.c file
backend filter for bd
which verifies on binding time integrity of the storage and compares
produced digest output with provided from userspace one, thus closes
"major security vulnerability" which allows encrypted device data
manipulation without "detection". It was created just to show
how easy is bd filter creation process.
|
|
7 Mar 2005
|
Patchbomb of 53 e-mails has been sent to the linux-kernel mail list.
It includes acrypto and bd without acrypto drivers.
Directory with source files/patches to be sent was about 280k in size.
Let's see what will happen.
I've updated acrypto in archive.
|
|
6 Mar 2005
|
Changed crypto session allocation to use memory pools per crypto device.
Tomorrow will send acrypto and bd patches to lkml@.
|
|
5 Mar 2005
|
Acrypto changes - moved session allocation to use memory caches, probably I will create some
kind of memory pool fallback for the Out-of-Memory conditions for that.
I'm going to the WiJo's birthday - I did not see him quite for a long time
I'm sure it will be very nice meeting.
|
|
4 Mar 2005
|
Relaxing day - some small cruft at work...
Climbing was good today - I've done one new trace with the bottom rope,
although with hovering, some old traces - I think progress still there...
I've gotten 2-way P2 SMP machine - thanks to Alexander Yurchenko.
Herbert Xu is the new crypto maintainer instead of James Morris.
James said good words about Herbert's networking work - it is really true,
and he hopes that async crypto will be integrated faster.
I hope Herbert is less konservative and will merge acrypto after my SMP tests.
Made some SMP setups - HW setup, compilation and so on.
Tomorrow I will run Bonnie++ benchmark on this machine - it is 2-way SMP P2 400 Mhz
with 256 mb of ram, benchmarks of cource will not be exciting, but I expect acrypto+bd
win over both device mapper and cryptoloop.
|
|
3 Mar 2005
|
bd+acrypto benchmark can be found
here.
bd+acrypto works exactly as cryptoloop (attitude of the performance
acrypto vs. cryptoloop is always the same as CPU usage attitude,
BUT!, I can not setup bd+acrypto to use the same amount of CPU as loopdev!,
so in absolute numbers, cryptoloop is faster).
dm_crypt is slower.
I've sent above performance test to dm-crypt@ and cryptoapi@ maillists and to various kernel
hackers. Let's see what will it be.
I think small running time (100 seconds, while default is 10 minutes) calls forth
dbench jumping results.
It looks like iPaq w1 bus master and battery monitor are ported to mainline w1 core.
handhelds.org has ds2760 and SAMSUNG SAMCOP & HAMCOP ASIC
drivers in it's CVS.
|
|
2 Mar 2005
|
Added CBC support to the async_provider(due to in-kernel crypto algo TFM structure,
the same TFM can be used only for one crypto mode, i.e. either ECB or CBC).
Result:
acrypto+bd CBC (1 async thread) - 3m37.049s
Benchmarks using dbench-3.03 on 2-way[1+1HT CPUs] SMP machine:
bd+acrypto:
Throughput 81.3293 MB/sec 1 procs
Throughput 44.0513 MB/sec 10 procs
Throughput 29.0552 MB/sec 20 procs
Throughput 17.5176 MB/sec 30 procs
Throughput 18.4578 MB/sec 30 procs
Throughput 19.7678 MB/sec 30 procs
Throughput 22.3552 MB/sec 30 procs
Throughput 19.5758 MB/sec 30 procs
Throughput 32.9461 MB/sec 40 procs
Throughput 22.549 MB/sec 40 procs
Throughput 6.6336 MB/sec 100 procs
cryptoloop:
Throughput 89.461 MB/sec 1 procs
Throughput 112.094 MB/sec 10 procs
Throughput 28.9077 MB/sec 20 procs
Throughput 22.4318 MB/sec 30 procs
Throughput 16.4201 MB/sec 40 procs
Throughput 8.8141 MB/sec 100 procs
dm-crypt:
Throughput 90.3013 MB/sec 1 procs
Throughput 105.844 MB/sec 10 procs
Throughput 105.655 MB/sec 10 procs
Throughput 94.1135 MB/sec 20 procs
Throughput 73.5397 MB/sec 30 procs
Throughput 18.7783 MB/sec 40 procs
Throughput 7.7103 MB/sec 40 procs
Throughput 18.8779 MB/sec 40 procs
Throughput 4.19936 MB/sec 100 procs
bd+acrypto is not on top...
Really strange dm-crypt results...
I will rerun bd+acrypto with two async_threads later today
and will run bonnie++ tomorrow.
dbench with 2 async threads:
Throughput 58.0999 MB/sec 40 procs
Throughput 24.2878 MB/sec 40 procs
Throughput 3.8036 MB/sec 40 procs
Throughput 2.77681 MB/sec 40 procs
Throughput 5.59606 MB/sec 40 procs
Throughput 70.3283 MB/sec 10 procs
Throughput 53.2285 MB/sec 10 procs
Throughput 5.24802 MB/sec 30 procs
Throughput 56.811 MB/sec 30 procs
It is quite strange results, since bulk writing (2 dd, 900mb each)
was about two times slower than that with only one async thread.
Definitely, two async threads are fighting with each other on
Hyper-Threaded processor. Since results jumps are inexplicable, I can
not trust them, let's wait until bonnie++ finished.
|
|
1 Mar 2005
|
First day of spring - minus 15 degres Centigrade in Moscow.
Small bd outperforming compared to previous 20% is actually a feature -
in the previous revision bd asynchronously run through all BIOs provided,
but that could lead to BIO processing reordering, which could be
disastrous if there were writes into the same area on the storage.
So new code waits until BIO processing is finished, and only then begins
to handle new one.
Changed asynchronous crypto provider a bit:
acrypto+bd ECB (1 async thread) - 2m42.008s [ Profiling is on! ]
It becomes interesting... Will test more aggressively tomorrow.
|
|
28 Feb 2005
|
I have come to grief - acrypto + bd are totally fallen:
1800 mb encryption:
acrypto+bd ECB (1 async thread) - 4m28.150s
acrypto+bd ECB (2 async threads) - terminated, but about 2 times worse than 1 thread
cryptoloop CBC - 3m37.424s
I can complain that I have only one CPU + one HT CPU, which on encryption/decryption
tasks can not provide any benefit, but I see, that asynchronous management
(various queues and locks) takes too much time because of it.
To prove acrypto and bd ideas I need a real SMP machine.
After redesign some bits, bd outperforms loopdev on about 5% (1m29sec vs. 1m34sec),
so it is acrypto that has nitpics somewhere. Magically actuall crypting processes
take only upto 50% each(in case of two async threads, when there is only
one thread it takes about 60-65%), when cryptoloop takes all 100%.
I've updated bd and acrypto sources in the
archive.
|
|
27 Feb 2005
|
Couple glasses of rum with cola and business becomes right...
Some small OSF cleanups, some bd hacking.
Bd have had a next step away from loopdev design to the new async one today.
Some notes about: If we have WRITE operation we can not modify bvec's
page in place, since block layer cache will scream, so
bd creates array of bd_filter_transfer structures(page, size and offset),
which has exactly number of bio vectors(bio->bi_vcnt) items,
and uses them as destination addresses.
Then, when next filter is used, above pages are used as
source and destination addresses. Backend filter does not use
destination adresses, but instead position inside the storage,
so it is ok to pass destination the same as source here.
I've tested acrypto bd filter - it works fine, but it was only simple
quick test - one megabyte partition with various writings/readings over it
on UP machine - that is, by the way, the first acrypto test which
works without any errors over bd partitions.
|
|
26 Feb 2005
|
I had an ultra power badminton training today - too much running,
jumping and badminton racket striking - that was quite good.
I remembered how I was trained couple of years ago for badminton,
several years of tennis tranings at school...
I always thought it was useless, but now I see it really
gave me much profit.
|
|
25 Feb 2005
|
Changing bd slowly - hopefully tomorrow it will be finally finished,
It is not as easy as expected to link fully synchronous block layer
with various asynchronous filters, which may be applied to the block
dataflow.
Sent to Greg some w1 and connector cleanups, broken big endian
support for w1 was somehow sneaked into -mm tree without my ok,
so I've sent updated version for test.
|
|
24 Feb 2005
|
I'm da lazy boom slacker - bd is having a rest today...
Various small problems at work - digital telephony is not as pleasant as
I thought first time - but while working with it I become to understand that
real time processing actually can be replaced with the proper state machine
and right work deferring.
Read some small notes about big SMP systems at
Anton's Blanchard place - it is really
exciting how powerfull can be SMP machines.
I would not object against testing my asynchronous cruft on such computers...
I'm quite sure results would be very interesting and challenging.
|
|
23 Feb 2005
|
Ok, I have to admit that my current bd design, based on loopdev design,
is totaly broken with respect to asynchronous operations.
Current implementation is fully asynchronous in the first BIO processing
step, when BIO is splitted into many bvecs each of which is processed
asynchronously, but later, when data needs to be written to the storage
itself, bd (actually it's file backend) can not be asynchronous,
since VFS core perform read/write operations with the file,
mainly sendfile(), using ->actor() callback which performs data
copying itself. Since ->actor() method is heavy serialized with the VFS
core, it can not be asynchronous and thus no asynchronous filter
may be processed in it. bd_xor filter which runs more than 24 hours already
on SMP machine is fully synchronous process, so it works well.
Original idea without backend filters was right, since filter transfer methods
were called not from serialized with some synchronous dataflow callbacks,
so next transfer in the filter list can be called either
after previous one is finished from it's callback method,
or asynchronously from bd core.
I will return to the previous schema with some modifications tomorrow,
these modifications will include scratch buffer allocation for the
write operation, since I do not want to mark pages as dirty and
thus flush block cache.
|
|
22 Feb 2005
|
BD issues are successfully resolved - it currently runs with XOR filter
simultanously on several devices for some time without any errors.
Although I still have some ideas about bd behaviour, I think tomorrow
all major nitpicks will be fixed.
|
|
21 Feb 2005
|
Found why bd does not work - nifty bug.
Consider following schema:
WRITE operation - block core has one page in it's cache, this page
is provided to bd to be written to the storage, page is being
transferred through all filters, but crypto filter modifies page itself,
and then correct page is written to the storage, but bug already created -
page in block cache has been modified. Block cache later will write the same page
again(actually it modifies it a little), but block cache does not know, that
the page is encrypted and MUST be reread from the storage to have correct data,
after this write data contains garbage...
I can not mark BIO pages as dirty from that context - page can not be locked
there, and I doubt it can help - even if page will be reread from the storage,
it is too expensive operation.
So I decided to change bd logic a bit - now it has only one so called
backend filter - it is backend filter that is directly connected to the
storage itself, thus it performs the very first READ operation and fills
BIO pages, and only then filters are applied to that page, and the very first
WRITE operation, but(by design, at least file backend filter works in that way)
without commiting it to the storage itself, but applying all filters to that buffer,
and only then write it to the storage.
|
|
20 Feb 2005
|
No hacking today - only cleaning, washing and relaxing - watching the films,
listening to a music, reading e-mails...
Tomorrow's morning will be devoted to the bd entirely.
|
|
19 Feb 2005
|
I had a really excellent climbing in Extreme today - new traces,
boulderings and traverses, even one not finished trace with the bottom rope.
I really enjoy the day.
Really the best finish of the really excellent day - me and Grange
finish the day after climbing and hacking with drinking a rum bottle,
presented and brought to me by Abr from England...
|
|
18 Feb 2005
|
Greg applied bunch of my superio, w1 and connector patches, so it looks like
my kernel queue is empty.
More bd hacking - read/write operation sequence fixed, but acrypto filter still does
not work - strange cruft happens, when writing something to the partition,
it is written but then magically disapears, it looks like some vfs/journal
transaction is finished without crypto filter, although dmesg shows that anything
is right, I'm sure I will fix it tomorrow.
|
|
17 Feb 2005
|
Some bd hacking - I found bd_acrypto problem - it was not crypto transactions
reordering but read operations processing - since acrypto filter is placed before
file backend, then it will be called for read operations with the destination buffer
before it is filled in file backend, and then it will be refilled from encrypted
file. I need to put some brain power into this problem...
Guillaume Thouvenin announced fork() auditing module which is used in
conjunction with a per-process accounting information, like BSD or CSA,
ELSA provides a per-group of processes accounting, which uses kernel connector
as it's transport layer - this is first(not mine) public project which
is based on the connector.
Climbing was especially good today - small boulderings and negative slope traces
with the bottom rope, all was very exciting.
|
|
16 Feb 2005
|
Solved send-to-self problem - in linux kernel netlink message,
if is being sent in unicast mode, will reach only it's own socket, i.e. not
userspace one, broadcast mode in contrary will deliver message only to
the remote groups. Since shared skbs are not allowed in netlink messages
(actully will not be allowed), I clone original skb and if it fails, will
deliver message only to the remote groups, i.e. userspace.
bd_acrypto hacks - I finished userspace binding program, now it supports both
file backend filter and acrypto one, but bd itself can not work yet.
It looks like encryption and file reading/writing are mixed... I will investigate
it tomorrow.
|
|
15 Feb 2005
|
Climbing was good - I finally solved one bouldering problem produced by Vasya and
finished one trace with the bottom insurance. I think the most curved and ugly
traces that you can find in Skala-City were created by Vasya, especially if
it is bouldering or small traverse.
Was striken with the send-to-self connector's problem - you an not use it to
send netlink messages to connector itself, which is very disappointing -
I need to think about it some more...
|
|
14 Feb 2005
|
I congratulate all with the Saint Valentine day. Don't worry, be happy.
|
|
13 Feb 2005
|
Relaxing day - my car is in service, it's signalling is badly broken, so I decided to
replace it with the new one. Because of it I did not go to the climbing zone
today, sigh, I become too lazy. Instead I woke up in 1 p.m. and watch films
the whole day... I hope I will hack userspace bd part at the evening, or will
do it tomorrow at work, I want to publish acrypto results in various mail lists
this week.
I do not understand Yahoo - it's search bot already about dozen times tries to get connector
design picture - Yahoo's Slurp tries to read it from diferent IP's
almost at the same time several days. It does not go over the other links on that page,
just reading the same address again and again.
|
|
12 Feb 2005
|
Some bd_acrypto hacking - it is ready, but I need to extend simple userspace
utility to allow more generic filter bindings, not only file and acrypto.
Probably tomorrow I will finish it and run acrypto tests.
Fruhwirth Clemens asked about comparison bd_acrypto vs cryptoloop vs dm-crypt,
I think I even add loop-aes there too.
|
|
11 Feb 2005
|
Ok, while fighting IPtel bugs(hugh, people(and my manager)
even call my cruft powerfull and quite good)
I found some time to work on bd - it works stable now - as expected panic
occured due to race between asynchronous BIO removal and last access from bvec
injecting code.
Hmm, it looks like I've burned one of my Xeon's - second processor smells and looks
like deadman. Motherboard's socket has some slash fire...
Sigh, now my best system only has 2 CPU (1+1 HT).
Ok, first tests:
time sudo dd if=/dev/zero of=/mnt/data bs=1M count=500
After running about 10 times we have following average number of seconds to perform above
transaction:
async - ~34.196
sync - ~41.219
Asynchronous block device without encryption already outperforms vanilla loopdev on
about 20.5% on 2-way system(actually it is 1 CPU + 1 HT CPU)!
I've announced bd in cryptoapi@ and dm-crypt@ mail lists.
|
|
10 Feb 2005
|
Hugh, some bd hacking - can not find redzone slab corruption happend in my code,
I'm quite sure it is simple, probably it is due to the race between asynchronous
BIO processing finishing and bio_for_each_segment().
Climbing was very good today - new traces with bottom insurance, several old ones,
progress is not staying on the one place.
|
|
9 Feb 2005
|
Bad day - it began from problems, it had problems upto evening, and when
something gray began to dawn in the dark, day finished. With bad emotions.
Shit happens - some times more frequently sometimes less, but it is not the
cause to give up and move into deprssion no matter how badly it was.
Tomorrow will be new day with new things and new moving.
Heh, I do not go down the life's zebra anymore.
|
|
8 Feb 2005
|
bd is being moved to it's finish and final tests.
Filtering layer itself is finished and acrypto filter is almost ready.
If nothing wrong happens tomorrow at work I will finish bd.
Climbing was very good today - we begun from upper insurance traces
from different categories, several boulderings and finally bottom insurance
climbing - the whole training was very productive.
|
|
7 Feb 2005
|
Various updates all opver the place - mostly atomic operations sanitizing -
according to upcoming atomic_ops.txt by David Miller and Anton Blanchard
some archs may reorder atomic operations with nonatomic, since
the former are always visible but the latter are not, this can lead
to unpredicted behaviour.
Also fixed libipt_osf (library for my passive OS fingerprint iptables matching
module)
compilation.
Asnychronous block device(bd) was changed - design is simple - each BIO contains of
variablu number of bio_vecs(each one in turn is page-size-offset triple),
so I create my own transfer structure which contains one bio_vec and asynchronously inject
it using work queue incrementing appropriate bio reference counter.
Filter module (like file backend filter) must call provided callback
to inform bd core that transfer is finished. It can be done for example from acrypto callback.
When bio reference counter becomes zero the whole block request is completed.
|
|
6 Feb 2005
|
Lazy day - I even did not go climbing. Block device also stays where it was -
alsthough it has some performance nitpicks, so I will rewrite a bit it's main
session injector tomorrow.
|
|
5 Feb 2005
|
Asynchronous block device with file backend filter works now.
While fighting with in-memory backend filter I found, that if even close exlusively
opened file(using open_bdev_excl/close_bdev_excl), then block layer
will not allow any further access to the appropriate file.
It looks like my fault, so I will investigate it further.
|
|
4 Feb 2005
|
Block device is being tested actively - it already hangs the system, so I can publish
first alpha version...
With file binding it only get 15-16 first requests and that is all - nothing hangs,
no panic or oops, mount process just stops. In-memory bd filter still does not work,
I will fix it tomorrow.
|
|
3 Feb 2005
|
Negative slopes with bottom insurance rocks - me and grange spend most of the time
with it, alsthough after such a trainings we have woody hands and aching body.
It is like our first trainings on the vertical walls - no experience, no technique,
only wish for the climbing...
|
|
2 Feb 2005
|
Ok, test block device is ready and is awaiting big tests.
It even has gotten it's first filter - file backend.
The idea behind this backend is providing file binding and routing of all block requests
to the given file - exactly like loopdevice works.
Both file filter and block device itself are not tested yet and obviously have bugs,
since file backend was heavily changed from it's parent loopdevice, and such block device
itself is absolutely new subsystem(it is by design fully asynchronous, but with ability
to process filters in synchronus way, if such filter requests it).
I think such device already can not be called "test block device", since
it (when totally implemted) is complete replacement for loop device and various
buildings on top of it and it's deisgn - cryptoloop, loop-aes. With modular filter design
it is much easier to create replacement for network block device which is broken
a bin in 2.6.
|
|
1 Feb 2005
|
Day of the bottom insurance climbing - that was really cool - sense of freedom, obstacle absence,
negative slope and high energy!
|
|
31 Jan 2005
|
With big work I digged out my car again - it is already not very fun...
Updated fcrypt and HIFN drivers, now they use right scatterlist processing code and
even can be used probably. It looks like I need to buy Via Nehemiah CPU and motherboard
to test acrypto on, and also I need to finish HIFN - it looks like it has some locking problems.
If nothing wrong will happen today at work I will try to finish test block device, or
at least it's block part with file descriptor binding.
Added startup test for HIFN driver - now if it can not pass AES test with FIPS vector,
then driver can not be loaded. It can eliminate HIFN 7956 problem, when hardware was detected,
but could not work and stuck unloadable due to queue full of uncompleted crypto sessions.
|
|
30 Jan 2005
|
We returned from Pokrovskoe - it was really very good time.
We definitely need to repeat it sometime.
|
|
29 Jan 2005
|
Today we celebrate Grange's birthday in the rest home
Pokrovskoe - it is really nice place
in 35 kilometers from Moscow with beautifull nature, fresh air,
nice little cottages and the whole infrastructure.
I was glad to meet Grange's almost wife Masha - nice interesting girl.
|
|
28 Jan 2005
|
As expected digging out my car from snowdrift was fun - some spade work, pushing
and finally Nikolay "Burst" Kryukov pulled my car on his Subaru Forrester -
that was fun.
|
|
27 Jan 2005
|
There is strange weather anomaly in Moscow - I did not see it for a long time -
frost is about -20 degrees Centigrade, huge snowfall and very strong snowstorm,
it will be fun to dig out my car tomorrow...
Finally superio empty trafic has almost gone - now I can do interesting things.
Sent several small trivial cleanups of the w1 code which lived in my tree for a
long time, but people fall apart without them.
Acrypto was updated a little - now it sends notification when finish direct
crypto access to the userspace process' memory. I really must preempt other tasks
and finish promising block device, hopefully will become it tomorrow.
|
|
26 Jan 2005
|
Due to superio mail trafic I can not get into acrypto and test block device.
Although all comments are mostly "change := into +=" and so on, it really
takes too much time.
|
|
25 Jan 2005
|
SuperIO incllusion have burned huge discussion in lkml about it's "sneaking"
into the tree. Ah, sorry, I forget to announce it in lkml, so people
were quite dissapointed...
|
|
24 Jan 2005
|
Grange
(grange ! openbsd.org) has a birthday today - that man can reach any
heights and he demostrate it every day - so we just can not wish him
anything - he will get it by himself.
BD is almost ready for file descriptor operations separation.
Next step is to separate file operations into different loadable module and
add registration/calling path into bd itself.
I need to finish janitorial over acrypto drivers - they still require
small changes due to scaterlist processing changes in acrypto.
|
|
23 Jan 2005
|
Climbing was good - fingers feel laptop's keyboard keys like needles.
I found several new very interesting little traces with negative slope
which can be done without insurance although one of them is about 5 meters high
(it is safe since there are thick floor-mats under the trace).
I especially like the one over the relief on the walls - it is quite hard,
but trains very good technique.
bd code compiles but it does not do anything usefull.
File backend is almost finished. Actually it requires testing.
Two big parts remain: create modular "filters" for block requests [1]
and test it all [2].
1. Filter is a module which registers itself with bd and then each
block request will be passed through it. Each bio will be splitted
into pages(as it contains of bvec which is actually a page helper)
and filter's callback will be called with it. For example loopback
binding to the file is a filter, and it's crypting capability
is just another "filter". Next step will be network block device
replacement with such a filter. Since each filter does not know about
it's neighbours it is very flexible and allows very strong control
over the dataflow.
2. After I test file backend I will create acrypto filter and test it
with my acrypto and OCF by David McCullough davidm@snapgear.com.
Then I will compare results with dm-crypt, loop-aes and cryptoloop.
Hopefully if I will not be beaten with digital telephony problems at work
tomorrow I will test and probably create all points.
|
|
22 Jan 2005
|
Lazy day - nothing interesting was done. Got my car from the service -
after oil substitution it feels itself much better - less noise,
better engine "sound". I've altough replaced accumulator - hopeully
it will not discharge too fast in frost, like it was with my old 6-year
old one.
|
|
21 Jan 2005
|
Deadline problem is being slowly solved, and tomorrow probably will be very good day,
since I probably will finish D16 tasks and can silently switch to more interesting block device and acrypto
tasks. I suspect my boss will not be happy if he would read about my preferences and
tasks whose time is spent on my personal projects, but hey, they pay me too little :)
Kernel connector(with kobject_uevent changes) and SuperIO subsystem were included into Greg's tree
and thus into -mm. Very good.
|
|
20 Jan 2005
|
Strong power climbing - all deadlines at work, problems and other cruft are dropping dead.
I'm a muggle - I forget my magnesium bag in skala-city, but nevertheless fill myself
just damn good.
Found discussion in linux-crypto@ and linux-kernel@ about loop-aes vs. mainline cryptoloop vs.
dm-crypt and so on... Theoretical pseudo attacks and such cruft really bothers people,
but babblers do not hear others. Found speed comparison of cryptoloop vs. loop-aes,
the former is slower but faster than dm-crypt, although noone presented loop-aes numbers.
I'm quite sure acrypto will bet them all, since it is the only crypto layer that allows
scalable software crypting currently. If I will not finish alpha version of my test block device
with acrypto transport functionality this weekend feel free to call me super lame pseudo hacker.
Although not all is clear at work and there is no time I definitely need to show first acrypto benefits.
|
|
19 Jan 2005
|
Masterpiece can not be born without long suffering, but result is worth it's price.
|
|
18 Jan 2005
|
Skala-city was full of people today, I never saw such amount of climbers in one place
and in one time, but nevertheless climbing was good. I've understood that my success
was actually not so big as I thought, so I've long way to go...
Grange finally turned his be300 Cassiopea on and OpenBSD there traps not
in virtual memory initialisation like before, but far away from hardware - when forking init.
Very promising start - probably this week it will run userspace and thus OpenBSD will
be ported on yet another unneeded platform.
|
|
17 Jan 2005
|
Yet another deadline at work... It delays acrypto and test block device work a little,
but I plan to resolve all digital telephony problems tomorrow and will return to bd.
|
|
16 Jan 2005
|
Slowly writing test block device, I'm going to put there too many things so probably it
will not appear very soon, but I hope it will be finished next week at least
it will be usefull for acrypto testing.
I think about acrypto queues more and more, what if remove linked list of sessions,
and replace it with queue, which only allows dequeue the first session and
insert session, but not reading the whole queue. This will eliminate current
locking problem with session list if it exists.
|
|
15 Jan 2005
|
Magically noone in linux-kernel@ commented acrypto, probably they did not find
it's subject line interesting, but nevertheless it means I will announce it later,
when finish a bit test block device and run acrypto vs. crypto test
in real conditions and bigger sizes than 40Mb.
|
|
14 Jan 2005
|
I've spontaneously sent all acrypto related projects to linux-kernel@.
Hugh, what will begin...
Grange commited initial part of his bluetooth stack into OpenBSD cvs repository,
it is quite significant step on my opinion, I think very soon OpenBSD
will have full bluetooth stack.
Hmm, acrypto related message size is more than 150K, I suspect it will not appear in the
linux-kernel@ mail list, like it was with netdev@.
Let's do it once I've begun - I've split huge patchet to the 6 mails and bombed them again
to linux-kernel@ and other people.
|
|
13 Jan 2005
|
Hugh, resent connector patch, superio patch and new kobject_uevent patch,
which allows kobject notification to be broadcasted using kernel connector.
Greg returned from vacations and I think he will apply them all this week.
Read a comparison
article
about educational systems in Russia and USA - I mostly agree with author
both from pride and impartial points of view based on
opinion of my friends, which lived and were studied there.
|
|
12 Jan 2005
|
I've added disk write emulation into async and sync crypto providers, and what do we see:
actual disk write speed is about 46 kb/msec, encryption speed is about 68 kb/msec.
Encryption of one byte takes ~0.014 usec, disk writing thus will take ~0.014/46*68 = 0.019 usec.
With such delay I've gotten following numbers on 4-way system:
scaled to 4 processors async_provider: 800 Mb in 12.6376 sec.
scaled to 1 processor async_provider: 800 Mb in 12.1828 sec.
sync_provider: 800 Mb in 13.5662 sec.
Actually the former two tests with async_provider show the same values
in average when running several times.
|
|
11 Jan 2005
|
Small updates to acrypto and testing block device. I've run bd test with
acrypto and async_provider loaded for 1 CPU and 4 CPUs on 4-way(2*(1+HT))
system, but results are the same, maybe SMP test was a bit faster,
but I think it is in the experiment's inaccuracy boundaries.
Test suite creates 50mb in-memory partition, mounts it and write 40mb
of data into it using 1mb chunks. All is repeated 20 times. Also it
hangs permanently each time I run two tests in parallel somewhere in
aes_enc_blk().
|
|
10 Jan 2005
|
Acrypto now has full userspace support through ioctl.
It is done using ioctl() with 2 copyings from+to userspace data.
Session processing contains of 3 major parts:
1. Session creation. CRYPTO_SESSION_ALLOC ioctl.
User must provide special structure which has src, dst, key and iv data sizes
and crypto initializer(crypto operation, mode, type and priority).
2. Data filling. User must call several CRYPTO_FILL_DATA ioctls.
Each one requires data size and data type(structure crypto_user_data) and
data itself.
3. Finish. User must call CRYPTO_SESSION_ADD ioctl
with pointer to the are whre crypting result must be stored.
The latter ioctl will sleep while session is being processed.
I've updated archive, which has both direct vma and ioctl based userspace
support and appropriate userspace code(ucon_crypto.c and iok.c).
It is major point in acrypto development, and thus requires celebration.
|
|
9 Jan 2005
|
Climbing was good - I again found confirmation of the fact, that
changing line of work is the best rest - it sounds strange,
but bouldering after traverses on negative slope really makes
me feel rested. Several hours on the walls and I amd contended.
|
|
8 Jan 2005
|
Among other features acrypto now has initial userspaace support.
Userspace support.
It is done using direct access process' vmas and pages from
acrypto, pointers are transferred using special kernel
connector structure.
PoC userspace code can be found in archive.
Obviously it can not be used with the most hardware and
sizes more than one page, but I like the idea itself.
More generic method with at least 2(from_user and to_user)
copyings is coming.
I've sent a patch to netdev@ and cryptoapi@ but I'm quite sure noone will comment.
I've updated w1 sources - now archive contains the latest ->search()
implementations.
|
|
7 Jan 2005
|
Noone travers was finished today too, but it does not matter -
I slowly move to the finish, and this movement is already a progress.
Created patch for W1 which allows w1_search() to be overwritten
by bus_master drivers. It is very usefull for several devices, like
found in iPaq w1 bus master.
I congratulate anyone with Orthodox Christmas and wish abstract peace all over the world.
|
|
6 Jan 2005
|
I did not finish noone traverse, instead stopped my hads up and very tired,
but it was good, I will go climbing again after tomorrow, I need to finish
several interesting traces.
Little connector updates - nothing major, just simple fixes in test module.
I've written simple archive script, hopefully it will speed tsn updates up,
so anyone could get the latest releases.
Wrote simple module(thanks to kernel/ptrace.c)
which modifies userspace process' virtual memory -
I will probably use such a hack in userspace acrypto.
|
|
5 Jan 2005
|
Silence, all keep silence, as usuall. Let's write it off due to vacations.
I feel myself like old rusty engine, which each day becomes only worse and worse,
tomorrow I need to go climbing, since all my partners are either on vocatins
or ill, I will go myself to do traverses and make campus-board training.
|
|
4 Jan 2005
|
Fighting with HIFN driver bugs - fixed several typos, changed debug a bit,
hopefully fix 7956 bug, when PUC was not be reset.
Fixed some little bugs in async_provider - now it works as expected
with bd test module.
I've put all acrypto related projects(connector,bd and acrypto itself) to my projects page.
One can browse source tree at archive page.
I've also put HIFN, fcrypt and via-padlock drivers to the above archive.
Here one can found little
README about supported hardware.
Sent to GregKH lib/kobject_uevent.c update - it can use kernel connector now.
Patch is simple, here is how it looks from userspace:
s0mbre@kuasar:~/aWork/connector$ sudo ./kobj
Tue Jan 4 05:41:49 2005 : [abcd.0] [seq=1635085120, ack=980574579], add@/devices/pci0000:00/0000:00:1d.2/usb3/3-1.
Tue Jan 4 05:41:50 2005 : [abcd.0] [seq=1936024425, ack=1768124463], add@/devices/pci0000:00/0000:00:1d.2/usb3/3-1/3-1:1.0.
Tue Jan 4 05:41:51 2005 : [abcd.0] [seq=1936024425, ack=1768124463], add@/class/bluetooth/hci0.
Tue Jan 4 05:41:52 2005 : [abcd.0] [seq=1936024425, ack=1768124463], add@/devices/pci0000:00/0000:00:1d.2/usb3/3-1/3-1:1.1.
Tue Jan 4 05:41:53 2005 : [abcd.0] [seq=1936024425, ack=1768124463], add@/devices/pci0000:00/0000:00:1d.2/usb3/3-1/3-1:1.2.
Tue Jan 4 05:42:01 2005 : [abcd.0] [seq=1936024425, ack=0], remove@/class/bluetooth/hci0.
Tue Jan 4 05:42:02 2005 : [abcd.0] [seq=1935764579, ack=1818374003], remove@/devices/pci0000:00/0000:00:1d.2/usb3/3-1/3-1:1.0.
Tue Jan 4 05:42:03 2005 : [abcd.0] [seq=1935764579, ack=1818374003], remove@/devices/pci0000:00/0000:00:1d.2/usb3/3-1/3-1:1.1.
Tue Jan 4 05:42:04 2005 : [abcd.0] [seq=1935764579, ack=1818374003], remove@/devices/pci0000:00/0000:00:1d.2/usb3/3-1/3-1:1.2.
Tue Jan 4 05:42:05 2005 : [abcd.0] [seq=1935764579, ack=1818374003], remove@/devices/pci0000:00/0000:00:1d.2/usb3/3-1.
|
|
3 Jan 2005
|
Lazy day - about 16 hours of sleeping. It is vacations...
|
|
2 Jan 2005
|
I've added full SMP utilization into async_provider - now it can be scaled
up to any number of CPUs because of the nature of asynchronous communications,
and thus acrypto. I will think about generic network tunnel driver later today,
this idea lives in my head quite a long time, and now it can be transformed
into the lightweight crypto tunnel without all those IPsec stuff
but with full acrypto support.
|
|
1 Jan 2005
|
Happy New Year!
|
|
31 Dec 2004
|
New Year is coming.
This year was spent very good - I met new good people around,
created many interesting things and can not say that it was bad time,
although not all were perfect. I hope you can say the same and we will win again.
My congratulations!
|
|
30 Dec 2004
|
IPtel enters finish line - I combine D16 board and SORM protocol,
now they use the same codebase, except low-level data reading/controlling functions.
D-channel daemons already can parse several common digital telephone line protocols
including for example DECT Ericsson. Systemm becomes better and better each day.
Whole evening and a night were devoted to the party in "Dom otdiha" club.
Drinks, snacks, music, billiards(both pool and russian), bowling and many other
interesting things. Fortunately company was very friendly and nice so nothing could
sadden our celebration.
I smashed our Windows system administrator in pool, and all my hardware and software
developers colleagues in a table hockey - I recall all theirs bugs and ugliness
beginning from E1 microcode up to h323 decoder. Of course all it was a joke,
but I think they uderstood my gentle hint.
Day was spent very gladly.
|
|
29 Dec 2004
|
New Year celebration is began: Vocord CEO Dmitriy Zavarikin had a speech today at office,
then we moved to the dinning-room where had some drinks and light snacks. Tomorrow
will move to the official Vocord party to the bowling center.
Tomorrow's evening promises to be very interesting.
|
|
28 Dec 2004
|
Friends meeting - Mephody and Ira, Wijo, Yulia, we sat in "Svarnya" - beer restaurant
not far from "Timiryazevskaya" subway station - although it has nice blacksmith' interior,
beer and music were not very good there, I would recommend "5 oborotov" instead.
I joined them after good power climbing, and although I failed on power negative slope
trace, that was very good.
|
|
27 Dec 2004
|
Oh fscking IPtel and H323, but you know, after several unsuccessfull attempts
to convict people of it's bugs, I decided to redesign my modules - now
they are flexible enough to seize all current and hopefully future "features",
so I feel myself quite contended about quality of my software.
Received some feedback from Fruhwirth Clemens about acrypto - my HIFN driver does
not work with his 7956 board, PUC unit can not be reset, need to
check OpenBSD's one and datasheet, I believe I missed something obvious.
I congratulate anyone with Catholic Christmas and wish abstract peace all over the world.
|
|
26 Dec 2004
|
Lazy day - checked that car works, accumulator was not run down - nothing
special. Then dozen of various films and a little of beer, usual day.
|
|
25 Dec 2004
|
Abr returned from England Imperial Colledge of Science - we talked about
various things. As he said, englishmen often drink even more than russians.
He explained career flow in a science - while you are young, you make investigations,
when you are older, you write articles and some times monograms, when you are 40,
you alredy do not want to do anything by yourself, but prefer to manage -
thus your post-graduates make investigation, and you press for grantes and write
reports... It is sad.
He bought interesting book there - "50 methods to kill slugs",
I especially like this one:
you need to fill a dish with a good beer and then slugs creep to drink
and then will sink.
Very instructive.
Abr brought me from England one liter of the good barbados rum "Mount gay rum" -
will drink it for the everybody's health in a new year holidays with my turtle Socket.
Sent SuperIO patch to GregKH, I hope he will apply it and connector in this year.
|
|
24 Dec 2004
|
I know 4 languages: russian normal, russian indecent, russian obscene and language of fists,
and only using the latest two I can explain what is our IPtel. Now they found new game -
now theirs bugs are officially called features, but mine are still bugs.
|
|
23 Dec 2004
|
As expected noone objects against kernel connector, I will wait some more and send SuperIO patches on week-end.
|
|
22 Dec 2004
|
GregKH finally found my e-mails where I bothered him with kernel connector and agreed that it is good thing.
He even volunteered to commit that cruft if noone in linux-kernel@ objects, so I've sent patches
and wait for the results. If it will be commited very soon I will send SuperIO patches and thus put several new
bugs to the upcoming (after) new year's kernel release.
|
|
21 Dec 2004
|
Acrypto was tested on 4-way SMP and UP, 32 and 64 bit platforms(although they all are x86, little endian),
and as usual core developers are sitting like have goten liters of water into the ... mouth.
GregKH also keeps silence about connector. Probably I should create black list of linux hackers.
Hugh, climbing was great - new strong traces and then discussion about bone cracking when failing from 1 meter's
trace with instructor. He said, that climbing not an extreme sport, and I totally agree with him,
instructor recommended free climbing for that purpose - that is without insurance -
but when I tried it sometime ago( not very high, just about 3 meters)
several instructors began to scream in one voice and almost pulled me down by force.
So, FYI, you can get fracture in a 3 places just after falling down from 1 meter's trace.
|
|
20 Dec 2004
|
Sent to cryptoapi@ VIA PadLock updated driver and driver for
SuperCrypt CE99C003B chip from Michal Ludvig
(fcrypt)
where I only made them compile and added acrypto support.
Both were only compile tested, due to lack of hardware, thus I hope Michal's
work is good and he will test it. Since fcrypt driver did not compile,
I've removed several code pieces, so it definitely requires testing.
So let's see what will it be.
|
|
19 Dec 2004
|
It is raining in Moscow - new year in the doorway, and it is raining,
this place is going to become like London - such a weather is not changing
several days already.
|
|
18 Dec 2004
|
Today with Grange and Alexander we were in extreme-shop climbing zone - that was
just damn good, today's training had boldering problems on various reliefs, new
vertical traces and even some horizontal slopes... After several hours there
I had understood that any my problems are just inessential and are nothing
in general, which can be solved easily on my demand.
It really instils new energy, that is quite exciting.
|
|
17 Dec 2004
|
pcix$ cat /sys/class/acrypto/crypto_provider/scompleted && sleep 1 && cat /sys/class/acrypto/crypto_provider/scompleted
213767950
213768463
pcix$
Acrypto still works with 1 session per msec delay on a 4-way system, promising test.
After accumulator was charged my car feels itself quicker than any live,
or something like that.
|
|
16 Dec 2004
|
Sent HIFN driver into cryptoapi@ and Fruhwirth Clemens to test.
Hopefully all nitpicks were resolved in it.
Climbing was hard and very good, I really like skala-city and my trainings there.
|
|
15 Dec 2004
|
acrypto still works with one session per jiffie delay - 6.5 millions sessions are already prossed.
I need to test HIFN driver, and if it works fix and retest block device.
HIFN driver test found interesting issue - either driver is broken, or hardware has a bug,
but it sometimes produces interrupt storm on exit. I added reset and hope this will help,
but can not check - that was really very strange condition.
Acrypto was acked by Fruhwirth Clemens, but others still keep silence.
|
|
14 Dec 2004
|
Found several locking bugs in acrypto - but fixes for them broke my (almost)lockless
design a bit... Anyway, on a 4-way slow Xeon system I can run it for a quite long period of time:
pcix$ cat /sys/class/acrypto/crypto_provider/scompleted
1163126
pcix$
System crypts with 128 bits aes in ecb mode, since only one CPU in a time performs
crypto operations(crypto_provider is a wrapper over synchronous crypto layer)
numbers are not so exciting: about 250-350 sessions per second, each one works
with 32 bytes block. Test crypto consumer injects new session each 3 milliseconds.
An interesting note about linux work_queues: when I inject new crypto_session each 2
msecs - work_queue's threads for 2 of 4 CPUs are loaded about the same 3-10% of
the CPU time, but when I inject sessions each 3 or 1 msec - only one queue's thread
gets all sessions callbacks and takes about 100% of the CPU time.
With 2msec delay I get
about 500 sessions per second, with 1msec - little more than 1000.
Sent acrypto's first reincarnation to the public - netdev@ and cryptoapi@ - no
response yet. James Morris finally found time after his SElinux huge update
and gave me some advises, but besides coding style and discussion about
pluggable load balancer merits he did not say anything,
but he said that concurrent OCF implementation from David McCullough is very
interesting, which puts it on my guard... Will run tomorrow HIFN test with
new acrypto.
Finally got out climbing - devilishly tired, not everithing is going
like it was before, but nevertheless it was very good.
I want more.
|
|
13 Dec 2004
|
Grange became to create new OpenBSD MIPS port to his Cassiopea BE300 handheld.
It already can print various cruft to the screen, but bootstrap still fails.
He uses linux4be bootloader, NetBSD's one is really buggy.
I tried to turn gprs over bluetooth on - it succedes, but 2.6.10-rc3 kernel panics
when I try to send first packet over established ppp link in kfree_skb()
if I remember correctly. I was impressed by size of the whole bluetooth stack -
so huge amount of different protocols need to be turned on and configured
just to configure media transport level.
Fighted with acrypto bugs - in my laptop it never hangs, but in an old desktop
it freezes without any error message almost each time. Machines have the same
amount of memory and almost the same mhzs - 1.3 Cel vs. 1.4 PM, so
I completely misunderstand this magic.
Will try tomorrow 4-way SMP(2+2HT) machine at work. It's alredy time to include
this monster, which will pull kernel connector and thus SuperIO.
Huge amount of bugs are ready for new year.
|
|
12 Dec 2004
|
I congratulate you with the Constitution Day of Russian Federation.
|
|
11 Dec 2004
|
Sent OSF update - now it can handle fragmented skbs, although I do not quite
understand what should be done with poor skb that IP and TCP headers are moved
into fragments.
|
|
10 Dec 2004
|
Lazy relaxing day: various films, beer and very long sleep...
|
|
9 Dec 2004
|
Let's play the game "10 things I hate about IP-telephony". I will be definitely in the first
places.
Bu-gha-gha, project deadline. The last deadline. It is very fun - about dozen unknown people are
trying to understand why do they need it. H323 listening is not very popular request...
Sigh, as usually nothing works, and since I was _volunteered_ to replace our project manager
since he was switched into another direction just several days ago
(what's the interesting management decision...), I've gotten all those bugs...
And since I'm an author of several modules, I decided to crack them in a very villainous way
to patch the most scary ones.
The code now really looks like a minefield - small peaces live without
/*
* Hack zone.
*/
And now I'm sitting and awaiting while top management team is discussing something...
Stupid design can not be turned into nice candy.
Shit happens - they like it.
|
|
8 Dec 2004
|
I've known that IPtel demonstration almost failed yesterday - I wish only success my
colleagues this friday.
I hate core linux kernel maintainers - unfortunately they like to forget and to drop
ideas and even patches very frequently. grange@ is one of the examples, although he is from
other camp - OpenBSD core team. I understand that they are very busy but then replay
at least "I'm very busy, please notice me in a week.", at least it would be better than
silence. I'm not asking "please see my code, it _could_ solve some problems or intruduce new one",
I present good code which is _needed_ and is not complained about by others but only approved.
|
|
7 Dec 2004
|
IP-telephony has a deadline today - very funny... I hope I will go climbing before
angry people kill me. Due to this work-always-in-progress cruft I do not have any time
for acrypto and HIFN.
Shit happens, I would expect it - noone wants to go climbing today, thus I'm doomed
to go home and drink, and probably hack up acrypto bugs.
|
|
6 Dec 2004
|
Work, sweet work. I hate deadlines - even if my part works stable it
does not mean that I will not be beaten for something else.
|
|
5 Dec 2004
|
Stil trying to figure out where the bug lives. Actually it can live in hifn driver,
but it is so simple and straightforward so I do not htink so.
If I show HIFN crypto numbers this week(or at least this year) it will be
really cool.
|
|
4 Dec 2004
|
Have a problem with accumulator and thus can not go to the climbing zone. Sigh, my
car begins to dissapoint me sometimes.
Hence today I'm at home, I try to kill strange locking bug in acrypto which is caught
when session allocation runs from softirq context.
|
|
3 Dec 2004
|
While HIFN and acrypto itself works as expected, my block device testing
module is broken - will try tomorrow to fix it and finally obtain numbers.
|
|
2 Dec 2004
|
"If you've woken up and nothing ails you then you are dead" as I said ealier.
Today ails anything, body really tries to prove, that it has unknown
pieces that can be disturbed and shaked up.
Discussion about OCF is proceeded - this system is really broken
and/or badly designed, but now I see: locking is a big problem in FreeBSD
(from what OCF was orginally ported instead of native OpenBSD subsystem)
and OpenBSD.
I've fixed several bugs in uglymoron called HIFN driver - it now can crypt/decrypt
data, tomorrow I expect numbers from my block device - I'm almost sure
they will be equal to the sum of SW and HIFN HW rates.
|
|
1 Dec 2004
|
Today was the real power climbing - only several ceiling excursion - the rest of the
training was weight-lifting exercises - "gibbon's start", horizontal slope...
My organism trys to tell that it can not work anymore ina such rate,
but I know it can.
|
|
31 Nov 2004
|
Relaxing after climbing... IPtel bugs are being treated slowly.
Today was obtained the first sound over our IPtel/E1 bridges -
some Alsou's song - in a-law it sounds not so uglier than in a real life...
David McCullough announced his second release of the OpenBSD crypto framework port.
It has very strange results(10 simultaneous threads have better performance than one)
and tons of locking bugs from OpenBSD driver. I need to quickly demostrate
my numbers with HIFN hardware and my own driver before rivals
even get chance to compete with acrypto :).
|
|
30 Nov 2004
|
Climbing in skala-city was extremely good today - I found new trace with
a quite strong negative slope. After such a rest only beer can make me
normal man but not a sportsman.
|
|
29 Nov 2004
|
Yes, Ive encrypted what I wanted and not what HIFN processor decided to crypt.
Here is the first dmesg:
Chip hifn0: ram size=32K, max_sessions=2.
Chip hifn0: Public key engine has been successfully initialised.
Chip hifn0: RNG engine has been successfully initialised.
Chip hifn0: command 0: stat 80808084 ier 7a7a7a7b
src: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
src sg: 0 c117fde0 bfef000 16.
Chip hifn0: command src: stat 80808084 ier 7a7a7a7b, nbytes=16.
Chip hifn0: command dst: stat 80808084 ier 7a7a7a7b
0 cmdr: 0c6d4000 0
1 srcr: 0c6d40c8 0
1 dstr: 0c6d4350 0
0 resr: 0c6d45d8 0
src: p=0bfef000 l=a3000010
dst: p=0d5c0000 l=a3000010
Chip hifn0: command bas: stat 80808084 ier 7a7a7a7b, session_num=0001
Chip hifn0: command cry: stat 80808084 ier 7a7a7a7b
hifn0: irq: stat=8898888c, dmareg=7a7a7a7b, events=08180808
hifn0: irq: stat=80808084
cmd=4, is waiting.
|