Kernel Planet

Evgeniy Polyakov: Netchannels come to the start line.

Fri, 05 Sep 2008 19:00:39 +0000

Or finish one. Depending on the point to look from.

zbr@gavana$ make SUBDIRS=net/core/netchannel/

  WARNING: Symbol version dump /home/zbr/aWork/git/linux-2.6/linux-2.6.netchannels/Module.symvers
             is missing; modules will have no dependencies and modversions.

  CC      net/core/netchannel/netchannel.o
  CC      net/core/netchannel/storage.o
  CC      net/core/netchannel/user.o
  LD      net/core/netchannel/built-in.o
  Building modules, stage 2.
  MODPOST 0 modules
zbr@gavana$ wc -l net/core/netchannel/*.c include/linux/netchannel.h
  430 net/core/netchannel/netchannel.c
  140 net/core/netchannel/storage.c
  244 net/core/netchannel/user.c
  92 include/linux/netchannel.h
  906 total

I want to make a new netchannels release this weekend. It will not contain dynamically resizable hash table though, but if there will be no major bugs in the core, I will consider to complete it for the new release.

I also plan to convert userspace network stack to the libtcp.so or libunetstack.so library, so it could be much easier to create applications with this stack, no matter if implemented on top of netchannels or packet socket, but so far it is only in plans. Comments (0)

Pete Zaitcev: Red Hat and KVM

Fri, 05 Sep 2008 17:15:26 +0000

Seen at Riotek:

redhatがqumranetを買収しちゃった。

Wait a second, isn't 〜しちゃった a casual form of 〜しまいました? It's usually heard when someone にげちゃった. If so, Rio is not entirely happy with the acquisition, is that right? Why? What's not to like?

Matthew Garrett: Power management and graphics

Fri, 05 Sep 2008 14:46:13 +0000

It's the X Development Summit in Edinburgh this week, so I've been hanging out with the graphics crowd. There hasn't been a huge amount of work done in the field of power management in graphics so far - Intel have framebuffer compression and there's the lvds reclocking patch I wrote (I've cleaned this up somewhat since then, but it probably wants some refactoring to avoid increasing CPU usage based on its use of damage for update notifications). That still leaves us with some fun things to look at, though.

The most obvious issue is the gpu clock. Intel's chipset implements clock gating, where unused sections of chip automatically unclock themselves. This is pleasingly transparent to the OS, and we get power savings without any complexity we have to care about. However, there's no way to control the core clock of the GPU - it's part of the northbridge and fiddling with the clocking of that would be likely to upset things. Nvidia and Radeon hardware is more interesting in this respect, since we can control the gpu clock independently of anything else. The problem is trying to do so in a reasonable way.

In an ideal universe, we can change these clock frequencies quickly and without any visual artifacts. That way it's possible to leave it in the lowest state and clock it up as load develops. There's a couple of problems with this - non ideal hardware, and the software in the first place. Jerome's been testing a little on Radeon and discovered that changing the memory clock through Atom results in visual corruption. It's conceivable that this is due to some memory transaction cycles getting corrupted as the clock gets changed. If we could ensure that the reclock happens during the vertical blank interval, that's something that could potentially be avoided (of course, then we have the entertainment of working out when the vertical blank interval actually is when you have a dual head output...). The other problem is that 3D software tends to consume as many resources as are available. Games will produce as many frames per second as possible. Demand-based clocking will simply ramp the gpu to full speed in that situation, which isn't necessarily what you want in the battery case (as the number of frames per second goes up, so does the cpu usage - even more power draw) but is probably pretty reasonable in the powered case.

Handwavy testing suggests that this can save a pretty significant amount of power, so it's something that I'm planning on working on. Further optimisations include things like making sure that we're not running any PLLs that aren't being used at the time (oscillators chew power), not powering up output ports when you're not outputting to them and enabling any hardware-level features that we're currently ignoring. And, ideally, doing all of this without causing the machine to hang on a regular basis.

Evgeniy Polyakov: New Metallica album: Death Magnetic.

Fri, 05 Sep 2008 12:00:42 +0000

Although it will be released only next week, good people shared it with me.
What can I say: I did not buy previous one, I think after "Garage Inc" and "Symphony Metallica" they made real crap, including "St. Anger", but "Death Magnetic" is better. Much better.

It sounds somewhat similar to "Reload", but unfortunately there are no killing songs like "Fuel" and "The Unforgiven 2", which, in my opinion, were the best songs on that album, although there is a song with piano intro. Called "The Unforgiven 3".
Nevertheless "Death Magnetic" is a good album. Not the best, not something new and exception, just good.

Recommend. Comments (2)

James Morris: Memory protections followup

Thu, 04 Sep 2008 23:53:36 +0000

Following up on a couple of the comments on my last entry on SELinux memory protections vs. Zend Optimizer:

The policy does indeed look like it was generated automatically by audit2why or similar. This very clearly highlights a core problem with "learning mode" security schemes, which can blindly encapsulate dangerous behavior in a buggy application, or even an attack in progress. This issue was previously expounded by Josh Brindle in Status Quo Encapsulation.

Such techniques do have their place, although it is always recommended that such resulting policy be reviewed. Again, it is easy to find help.

It's unfortunate that some vendors promote automated policy generation schemes as a core usability feature, leading many people to assume that this is a great idea, and even the way things are supposed to work.

Of course, nobody would ever capitalize on peoples' combined fear and lack of expertise in an area and sell a "miracle" solution which doesn't quite work. No, that would never happen.

As H.L. Mencken and some character on the single episode of CSI I suffered through said: "... there is always an easy solution to every problem — neat, plausible and wrong.".

The idea that the problem of OS security can be solved effortlessly with the click of a mouse should be raising alarm bells in everyone's heads by now, surely ?

Pete Zaitcev: Elon gives a video tour of SpaceX

Thu, 04 Sep 2008 23:36:31 +0000

I saw something something horrifying today: in a video tour of SpaceX, Elon Musk lauds cubicles. Back when I worked in such inhumane conditions, I mostly slept whole day and then worked at night, because otherwise it was impossible to have anything done. My CEO caught me sleeping several times, yet he tried to talk me out of quitting and going to Red Hat. Ironically, Elon makes an appeal to prospective employees in the end of part 4. He honestly believes that cubicles are great, he sits in one himself. My groundless speculation is the curse of the gifted. His mind probably continues to function despite being in the monkey corral. Where normal engineer needs a door and place to think in order to be productive, Elon shrugs it off. Sounds wild, but is there an other explanation? Maybe I should ask old PayPal grunts about this.

Pete Zaitcev: Hardware

Thu, 04 Sep 2008 22:11:02 +0000

Prompted by Alan (Cox) to look into it, I'm convinced that code in usb-serial has races, but they are not easy to trigger, and thus any patches to fix them are not easy to defend. The usual way to do expose such bugs is "rmmod ohci_usb" in a loop, but this forces me to look at the issue with the controller and module removal which I do not want to tackle at this time.

So, I built a little gadget: hercon relay, powered from a serial port, is spliced into a USB cable. An LED is in sequence with the relay's coil so that -12V energizes the relay, but not +12V. The LED also provides a bonus of visual indication.

Unfortunately, result is failure. The damn thing works fine, but still triggers nothing. Modern Linux kernel is much too hard to break, I think.

Evgeniy Polyakov: The table and shelves.

Thu, 04 Sep 2008 21:00:37 +0000

That's how my self-made table looks.
It was made out of old enter wood door. Table's geometry is roughly 2000x1500 mm. Table has single steel leg (I thought to continue it to the ceiling and put some shelves on it, but it is future development, if will be started at all) and is attached to the wall and was made as windowsill continuation.

Now I need to get a good computer chair and install several book shelves on top of the left side of the table (which is located at the left of the window on the picture), since books and prints are scattered all over the room.

While searched for the wood screws in the cellar, found a special ceramic tile drill, and although I'm pretty sure it will not be enough to drill lots of holes in my tiles, I will be able to create 2-4 holes for the shower cabin and shower guide.

Also finished bottle X-shelves.

Will install them later though. Also I do not have enough bottles (of whatever) to fill it right now, there are 24 cells in the shelves. Comments (0)

Val Henson: Latest KHB: UNIX Internals

Thu, 04 Sep 2008 18:24:46 +0000

The latest installment in my Kernel Hacker's Bookshelf series is on UNIX Internals, my favorite operating systems textbook:

http://lwn.net/Articles/296738/

UNIX Internals is an in-depth, practical review of actual UNIX operating system implementations. You learn the theory by examining the practice. Quite good.

James Morris: SELinux memory protections are your friend

Thu, 04 Sep 2008 14:54:24 +0000

I don't know what a Zend Optimizer is, but it apparently does not play well with SELinux. I've encountered a blog entry by someone who has tried to do the right thing and keep SELinux enabled, after finding the code for a policy module which makes this stuff work.

I was surprised when I saw the source of the module, which includes:


allow httpd_t self:process execstack;
allow httpd_t self:process execmem;
allow httpd_t self:process execheap;
allow httpd_t usr_t:file execute;

When loaded, this will enable the web server to execute memory on its heap, stack or certain types of executable memory allocated via mmap(2). These are well-known attack vectors and disable some very important memory protection mechanisms. See Ulrich Drepper's SELinux Memory Protection Tests for details.

The file execute permission is also very concerning, as it allows the web server to execute generically labeled user files. Combined with disabled memory protections, and third-party software using unsafe memory execution techniques, I'd recommend being cautious about deploying this solution.

What I would suggest, if you don't understand the security policy, is to run it by your nearest SELinux community. Many mailing lists and IRC channels exist where people will be able to help: see User Resources from the SELinux Project Wiki.

It's important to note that whatever this code is supposed to be doing (apparently, dealing with some form of source code obfuscation), techniques such as making a stack executable are inherently insecure and should never be necessary.

SELinux really is trying to help you here, and free expert advice is merely an email away. At the very least, someone will be able to explain what the risks are, and help you make an informed decision on how to proceed: perhaps it will be better for your particular requirements to allow certain accesses rather than disabling SELinux for the entire system. And if the code is not trying to do something dangerous, an SELinux developer may write a simple module for you to load to work around the issue.

Val Henson: Emacs key bindings for Firefox and other stupid "power user" tricks

Thu, 04 Sep 2008 01:01:06 +0000

I've just installed Fedora 9 and I'm doing the usual re-configuration drill to get things to work the Right Way.

I use emacs. I want emacs key bindings in Firefox. Check out Firemacs from Kazu Yamamoto:

http://www.mew.org/~kazu/proj/firemacs/

I agree with the advice about disabling the up and down arrow keys for editing so you can use them to select auto-complete options. To do that, go to Tools->Add-ons->Firemacs, pick the "Edit" tab and delete the fields containing "up" and "down". (Ctrl-N an Ctrl-P still work.)

Since I've been using a Mac for a few months, I reset the Firefox accel key to meta, so now meta-N opens a new window, meta-Q quits, etc. This gives you both Emacs key bindings AND Firefox shortcuts. To set this, type "about:config" in the URL window. Search for "accel" and set this line:

ui.key.accelKey;224

(224 is the key code for Meta, there is an on-going project to allow only slightly less understandable key words to be used instead.)

What used to work for emacs key bindings was to put the following in .gtkrc-2.0:

gtk-can-change-accels = 1
gtk-key-theme-name = "Emacs"
gtk-entry-select-on-focus = 0

I'm sure this has some effect on other apps. I'm not really sure if the first line is necessary or what the third line does, but I must have liked it at some point.

Finally, get rid of the irritating folders and icons on the desktop. Nautilus is responsible for this travesty. Disable with:

gconftool-2 -t bool /apps/nautilus/preferences/show_desktop -s false

Evgeniy Polyakov: Simple exploit for Bernstein/Torek 33 hash.

Wed, 03 Sep 2008 22:00:36 +0000

Example:

$ ./djb_crack 0x12345678 0 0xffffffff 0xabcdef12
07 1a 11 19 01 0c hash: 12345678, calc: 12345678: MATCH
00 hash: 00000000, calc: 00000000: MATCH
03 0a 18 14 1a 09 03 hash: ffffffff, calc: ffffffff: MATCH
02 07 15 11 00 20 03 hash: abcdef12, calc: abcdef12: MATCH

Exploit takes multiple hash values and searches for data which will produce the same hash value (it prints it to stdout as one can see above).

Since this hash is so simple, it is actually possible to find matching data using brute force, but it is not interesting.

Exploit can not work, if we limit the smallest byte value to something except 1 or 0. Since we do not know actual value of the hash, but only its modulo for 2^32, there is a possibility, that given value can not be represented as sum with fixed multiplicators of the bytes we can operate on (like we can not represent 13 as sum of whatever positive integers, if the smallest one is bigger than 6). But it is always possible to represent any value in the system where the smallest possible byte is zero.

Because of the above limitation for the smallest byte value, every hash can be matched by the array of at most 7 bytes (33^7 is bigger than 2^32).

I want to think some more on the cases, when we we know only modulo (by dividing real result by 2^32 for example) of the result, but we have to find input bytes, so that hash on them would match required one, and input bytes are limited by some set, and the smallest byte is not 1 or 0. This can be tricky task... value Comments (0)

Pete Zaitcev: Blizzard on Chrome

Wed, 03 Sep 2008 14:04:24 +0000

It's hard to fathom just how Chris can be so blind:

It’s also great to see the end user features flowing from browser to browser. The malware/phishing stuff mentioned in the comic is already shipping in Firefox 3. JS performance is something that everyone is working on. Inside of Mozilla we’ve been talking about the multi-process model that they have decided to use in order to get proper rights mgmt on the mac and windows. [...]

He thinks about the intrabrowser resource management, isolation, and compartmentalization as yet another feature, like the Awesome Bar. But in fact it's a development of a paramount importance, which Mozilla should had made an absolute priority. Instead they tried to goof off with nslObserverService. Mozilla people thought that nobody else could do anything about it, that they had a monopoly lock-on and could set the agenda. Well guess what, they didn't.

Evgeniy Polyakov: On multiplier selection for the Bernstein/Torek 33 hash.

Wed, 03 Sep 2008 14:00:36 +0000

Hash, as known, uses follofing scheme:

hash = hash * 33 + data[i];

where initially hash was set to zero, and data[i] means i'th byte of the input data.

This can also be written as following:

hash = hash + hash  5 + data[i];

Now, let's take a look at hash analysis. As we can see, final hash is a sum of the multiplication of the power of 33 and data bytes. Let's split sum into neighbour pairs, like following (assuming big enough number of input bytes n):

hash = (33^(n-2))*(33*a[0] + a[1]) + ... + (33^(n-k-1))*(33*a[k] + a[k+1]) + ...

Now let's check single multiplier using above shift equation for the multiplication:

33*a[k] + a[k+1] = a[k] + a[k]  5 + a[k+1]

Using any other multiplier, which does not result in a[k] + a[k+1], will lead to worse distribution, since number of used bits decreases. Particular bad (if not the worst) multplier is 31, which leads to the following sum:

31*a[k] + a[k+1] = a[k]  5 - a[k] + a[k+1]

This hash will have too small active bits, particular only differece between neighbour bytes will play a role in the final hash production.

Now, getting the history of the hash, namely its part, which tells us that hash was first introduced for strings, we can conclude, that above 5 bits shift is used to shift a value to the amount of bits needed to put there new english ASCII character, i.e. shift value could be bigger to work with higher bytes (so that non-zero bits fit the new space).

Now because of the time shift I made for myself because of US embassy interview (awake at 5:30 AM, going to sleep at 1:00 AM), my brain does not allow to work on big projects, so I will try to create an exploit for this hash standing on regular several-cups-of-cofee drug. Stay tuned! Comments (9)

Dave Miller: Bumbershoot 2008

Wed, 03 Sep 2008 07:38:00 +0000

This past weekend the Bumbershoot festival was held here in Seattle. It's basically a showcase of both local and world known artists, primarily focusing on music and comedy. It's usually held over Labor Day holiday weekend, and lasts 3 days. You pay seperately for a general admission ticket for each day, it's about $35.00 USD

Originally admission was free. It first began in 1971 during the near collapse of local megacorp Boeing. The idea was to have something to lift the spirits of local Seattle folks. The event quickly grew to the point where the city couldn't fund and run the whole thing any longer, so now a private entity runs the thing and charges admission.

I attended Saturday, primarily to see Beck, who I already was familiar with and whose work I like a lot. But in the end the best part turned out to be all the new bands I got to sample and become familiar with.

Saul Williams was particularly impressive. After seeing him perform it was no surprise for me to later learn that he used to be primarily a poet in New York City. Real powerful stuff, great delivery, lots of energy. He also hates our current president, so this guy is perfect.

I'm not usually much of an R and B person, but Estelle gets great marks. She's a UK hiphop artist, and her songs are quite smooth. I would definitely put her album into the rotation for long car drives. Unfortunately her live performance didn't translate as well as it could have, so I'm kind of glad I went after the show and listened to her album nonetheless.

Finally, Asylum Street Spankers, man these guys were a hoot. From Texas, they play this folk'ish music to sometimes serious but mostly funny (bordering on hysterical) lyrics.

Of particular note, at least for me, was their song "Jailhouse". The first few verses describe some criminal (a crack dealer, a thief, etc.) and then the chorus "he's in the Jailhouse now" is sung 2 or 3 times. Then the final verse cleverly describes George W. Bush indirectly, and the chorus becomes "he's in the White House now". The delivery was incredibly well done, and I was in stitches.

I won't say much about Beck, there's tons of info about him online and he's quite established. His performance was great, and what struck me most was how calm, cool, and confident he seemed. They did this bit using Roland TR 808 boxes that was absolutely phenominal. I think they performed two entire songs using nothing but a set of Roland TR 808s that each of them had at least one of.

Overall a fun experience. For a quite reasonable price I got to see an act I already liked and also became familiar with three new acts I get to enjoy now as well.

Yeah, I've been hacking too. More on that later...

Dave Jones: lockdep lolz.

Wed, 03 Sep 2008 00:37:01 +0000

My entry for the "most extensive debug output from a single event" world record.

.. and with that, I'm off on vacation for a week.

Evgeniy Polyakov: Linux Kernel Summit.

Tue, 02 Sep 2008 08:00:15 +0000

I got visa after short interview in the USA embassy, so will be Portland September 13-20. Although consul asked me in russian about what I will be doing in USA, what is my experience, education and degrees, and so on, I somewhat suddenly started to answer in english. My 'perfect' pronunciation frequently confused even myself, but consul looks like understood something from that flow of sounds. I hope he knows what are filesystems and Linux now.

See you in Portland in a 1.5 weeks! Comments (2)

Evgeniy Polyakov: Some recent hash analysis: Bernstein/Torek famous (hash * 33) hash.

Mon, 01 Sep 2008 18:00:21 +0000

Lots of people know about very old hash, which uses simple sum and multiplication technique (works good not only for strings):

unsigned long hash(const char *s)
{
	unsigned long   h;

	for (h = 0; *s; s++) {
		h *= 33;
		h += *s;
	}
	return h;
}

This hash appeared in Bernstein's djbdns server quite long ago (although Dr. Bernstein now favours version with XOR instead of sum), but it looks like it appeared in comp.lang.c on behalf of Chris Torek.

I've spent some time on it to determine how it works. One can check clickable picture below to get my thoughts. Short details below.

Bernstein/Torek hash analysis.

In a nutshell, Bernstein/Torek 33 hash is a linear composition of the input bytes.
Each input byte is multiplied by a constant value (namely 33 in a power, which equals to the number of bytes minus position of the input word minus one), and then summed. One can check C source code.

It is simple only because all operations are performed in the same field F(2^32) (namely sum and multiplication, which is effectively the same), if one would add XOR there (like Dr. Bernstein did in the recent version), it shifts the whole approach to the mix of F(2^32) and F(2^1) fields, which is a completely different moster.
In the former case, particulary, it is possible to first multiple/sum lots of elements, and only then apply modulo operation, while in the latter mixed case it is not easily possible (well, I'm searching for group algebra books/articles about operations in mixed fields, so far without much success).

Linear combinations of the input bytes allows very simple way to create an input, which will have the same output hash value as you want. Actually I do not belive in all those attacks, which say, that with our technique we managed to reduce something from X to x. Until there is working realization, which does break appropriate cipher, hash or anything else, it is just words. I do not have a breaking code right now (although belive that it is simple), so nothing was broken and in fact can be completely wrong idea :)
But I will develop it to show myself, that my basic algebra skills are still valid... Comments (2)

Rusty Russell: Welcome Arabella Lilly Russell, into a complex world

Mon, 01 Sep 2008 17:59:00 +0000

At 10:58am Adelaide time, on the first day of the Southern Hemisphere spring, Arabella was born as planned, 10 weeks premature and 1.06 kg (37 ounces). Pink and wiggly, and spending at least 6 weeks in hospital.

As some of you know, Alli and I are separated: she left me 3 months ago. I came to Adelaide for Arabella's birth, then I'm going back for a couple of weeks to pack up the farm, then returning to Adelaide because Arabella is here. I hope we manage to raise Arabella OK despite our split.

Evgeniy Polyakov: Netchannels strike back.

Mon, 01 Sep 2008 13:00:16 +0000

A while ago I implamented Van Jackobson idea of netchannels - peer-to-peer connection module, which pushed all protocol processing as close to the end peers as possible.
In my first realization, TCP processing was done on behalf of running process (instead of mostly bottom-half context), which resulted in a slightly better performance. Then I implemented userspace network stack as a continuation of this idea. Despite its huge performance improvement, I do not think particul reason is netchannels architecture, but instead amount of syscalls to be made to process bulk traffic flow via small packets. Nevertheless it can also be considered as a netchannels architecture improvement, which resulted in so exceptionally good batching abilities.

Now I want to move further: kernel netchannels side will be made completely lockless and simultaneously very cache-friendly. As in the first implementation, idea is not completely mine, approach I will test is based on Van Jackobson's array design to store network buffers.

During its lifetime, netchannels got NAT support (actually just to show to those people, who do not belive in netchannels architecture, that it is possible to implement filtering and packet mangling), but now I drop it from the project. Netchannels also got tricky multidimentsional trie-based storage, which, after being ported to the socket core, resulted in a noticeable perforamance win, although I did not complete it to support statistics. Actually netchannels implementation of this trie is broken, and it required quite a few steps in socket code to be fixed.
Now I drop it from netchannels patchset too and move to the usual hash tables.
I will make RCU locking for them and make netchannels hash table optionally automatically resizeable. This feature does not exist in socket hash tables, but right now I want to experiment smaller code base, since algorithm I have in mind is a bit tricky.

So, there are lots of interesting ideas, which I've started to work on and plan to finish sooner than later. But since I will move to the USA counsil department for the interview, and then want to finish appartment development tasks, and then, hopefully, move to the Kernel Summit and Plumbers conference, it can take quite long... Please note that I do not forget about other projects.
Code is not dead if not marked appropriately in the TODO list :)
Stay tuned nevertheless! Comments (0)

Harald Welte: FAQs to the VIA open source driver

Mon, 01 Sep 2008 02:00:00 +0000

There have been numerous questions regarding the recent open source release of VIA's 2D Xorg driver.

Why did VIA publish yet another driver, rather than improving any of the existing Xorg/openchrome/unichrome drivers?
Because this driver is all but new! It was the base for all the binary-only driver releases that VIA has made (and is still making) for select Linux distributions. So rather than having written a new driver, this is just the disclosure of an existing driver.

One of the commonly asked questions is _why_ not the complete source, including codec acceleration, TV out and 3D was published. I cannot disclose the particular reasons for VIA, sorry. But I can comment on the general reasons on why companies cannot disclose certain source code. As you may have noticed, the situation with regard to the ATI driver e.g. shows certain similarities.... Usually there are some parts of the code, particularly for the 3D driver, which cannot be disclosed due to either

parts of the source code are under a proprietary license from a 3rd party
parts of the source code refer to technologies (e.g. macrovision) which are subject to very strong NDA's by the licensor, which in turn prohibit the open documentation or distribution in source code form

Will VIA learn to build a community around that new driver? Will there be mailing lists and a public revision control system?
As of now, this is unlikely. Not because VIA doesn't believe in the community, but rather because the disclose of VIA's source now enables everyone involved to look at all the available drivers. Some consensus has to be found on which driver is best to be used as a base for a future Xorg mainline driver, and then the community and VIA can work together on merging bits from other drivers into that base. Creating VIA's own mailing lists (and community) would lead to more fragmentation, rather than unification.

Evgeniy Polyakov: Meanwhile at appartment development side.

Sun, 31 Aug 2008 17:00:18 +0000

I did not work with my appartment development quite for a while already, and it was not because there is nothing to do, but instead because of my lazyness and lots of other tasks to complete.
Other projects suddenly did not dissapear, but today was so cold for the summer (and where is the global warming, when it is needed?), that I decided not to move to the office what I do every other day.

Today's appartment development included table painting and shower cabin installation.
Those who follow my blog quite for a while could rememeber that I started to make my own table many many months ago, but now it is close to its finish as was never before. The only task to be made is downside drawing and waiting for layers to become dry. I will then install it to the wall and connect single leg. This table will not be moved, since it has only single leg and hardly attached to the walls in the corner.

That is roughly how table will look like.
Color of the left wall is white, back wall is blue, carpet is somewhat blue too.

Shower cabin installation actually was not planned (as long as anything else), since I have so strong ceramic tiles on the walls, that usuall thin drill (6 mm) can only produce single hole, it is almost impossible to drill multiple holes, since drill becomes blunt. I wanted to move to the development shop and buy number of special drills for this task, but then decided to experiment with pobedit drills I have. They are supposed to drill super concrete without problems, but they failed to work with my ceramic tiles. Well, I killed three drills and managed to drill 8 holes only, and I needed to first drill smaller hole (4 mm) and then extend it with 6 mm drill. This is the only way to drill my walls :)
Then I needed to drill a concrete wall, but using perforator and appropriate augers it is not a complex task at all: several seconds for 6 mm hole with essentially any (supported by the auger of course) depth.

Unfortunately to install a shower cabin I need to have 10 holes: two times of 4 holes to fix the glass wall guides, since there are two fixed walls and single moving one, and two holes to fix special stabilizing bar, which is used to hold the walls in a different dimension. But I did not drill the last two holes, since I have no sharp drills anymore and would not want to drill the concrete walls with perforator at this time (I believe it is quite late for this kind of work Sunday evening).

That is how my shower cabin will look like ("Cezares Illusion" model). Interior is different of course.

Also filled number of holes between tiles (which is fixed last time, when I bought special rubber hammer) with water-resistant paste. Next time (it would be great to finish it next week, but as usual it can be postponed for the couple of months) I will complete shower cabin installation, finally install my table, paint appropriate places and start (or even complete) bricks glueing (well, not bricks itself, but small tiles with approprite texture) in the kitchen... There are so many things to complete, and although it requires really not that lots of time, I still can not finish them. Comments (0)

Stephen Hemminger: Only aliens can configure selinux?

Sun, 31 Aug 2008 14:02:07 +0000

Sunday 8/31 user friendly cartoon is great.
Do these people look like aliens?
Guess I'll have to give up on trying to setup selinux.

Harald Welte: Photographs of disassembly and PCB of a e-ten glofiish X800

Sat, 30 Aug 2008 02:00:00 +0000

Heh. You could say I'm now among other things a professional hardware reverse engineer. This mostly started as a kid, where I always had to take everything apart. In more recent years, I've mostly been doing hardware reverse engineering as part of the gpl-violations.org effort, or projects like openezx.org.

Now, I've actually been asked by a company to buy a device on their expense to disassemble and photograph it, to find out about the components it uses, etc. And no, before you start to wonder, I don't work for Openmoko anymore. So they are not that company ;)

The device in question is the E-TEN glofiish X800, a full-vga 3.5G Windows Mobile PDA-Phone with AGPS, Wifi and bluetooth. You can find the pictures of the disassembly process and PCB photographs here.

As you can see, the device employs the following major components / chipsets:

Samsung S3C2442B SoC with integrated SDRAM and NAND (same like Openmoko GTA02)
CSR4 based Bluetooth (same like Openmoko and many other devices)
microSD slot, must be connected to S3C2442 SD/MMC controller
WiFi Module using a Marvell 8686 chipset (you actually can't see that, I had to peel open the shielding of the module and the angle didn't allow any good photographs)
TD028TTEC1 LCD module, exactly the same as the OpenMoko GTA01/GTA02
AKM 4641 audio codec, reportedly used in HP iPAQ and HTC Universal
Two cameras of unknown type, must be using the S3C2442 camera interface
Ericsson based quad-band GSM and tri-band 3.5G chipset centered around the DB3150, which is used in many Sony-Ericcson 3G/3.5G phones. Sony-Ericsson has excellent public documentation on their AT-commandset for their phones. Since they are likely to use the same firmware base, the AT commandset should thus be known.
A Xilinx CPLD

So now what does all this mean? Setting aside the CPLD and the unknown camera modules, this device (and its keyboard-enabled brother the M800) should be a very attractive target for porting Linux to it. Known SoC, wifi with driver already in mainline, GSM/3.5G modem with documented AT commands, etc.

Big question is the power management. It looks like they're using a lot of discrete regulators rather than an integrated PMU. Also, the CPLD is likely to cause a lot of trouble since neither the external connection nor the internal logic is known...

Rik van Riel: Kiva - better than charity

Sat, 30 Aug 2008 01:04:17 +0000

Having lived in a poor country and having seen poverty on a regular basis, I believe that poor people deserve help. However, making poor people dependent on charity will just make their lives worse, because they will have less control over their own lives. I believe in helping people make themselves richer through micro financing with Kiva.

With most microfinance organizations, entrepreneurs in poor countries get access to loans, provided they have a business plan to make sure their earnings increase. Not only does this make sure they repay the loan, it also allows them to continue to have a better income after the loan is repaid. Having more money will mean they spend more money, most of it locally with other local business owners.

Lending through Kiva allows you to help a local entrepreneur in a poor country and stimulate the local economy around that small company. Better still, after a while you get your money back and you can recycle it into the next micro loan, helping people over and over again.

Pavel Machek: Searching for usable libosm

Sat, 30 Aug 2008 00:05:58 +0000

We got "address" points for 10% of Czech Republic (and can actually use them), which is cool. I'd like to use them to automatically name residential streets that miss names. (If there are many address points with same streetname along unnamed way, just copy that name to the name of street.)

But that means that I'll need to operate on OSM data, and I prefer not to parse XML by hand etc. libosm in svn (applications/lib/libosm) looks like tool to use, unfortunately it is outdated -- only knows about v 0.3 API.
Is there better library to use? Or some application that can be easily modified?

Evgeniy Polyakov: The winners football team!

Fri, 29 Aug 2008 21:00:28 +0000

We are the champions of the ~~world~~ dream championship! (that is how it was called officially)

What I want to note, that our competitors (even the strongest ones) frankly wrote about the games. I.e. there were not stuff in the blog entries like "they played unfair" or other similar crap. Everyone agrees that we won just because we were stronger and arrived only to win.
Games were fair, and we were just stronger. Everyone played just bloody cool, and result is fair.
Let's see, what will be in a month at the return championship :) Comments (0)

Rusty Russell: Linux Next Graphing

Fri, 29 Aug 2008 13:10:00 +0000

Some neat stats just graphing the size of the bz2 patch for Linux next for the last 108 days (12 May through 28 August). Since Stephen doesn't produce patches on weekends, you can see the gaps (dashed lines are Mondays, Australian time)

The -rc1 dip is really clear (these patches are produced against the last labelled Linus kernel, so hence it's a one day drop), and you can see the -rc2, -rc3 and -rc4 dips diminishing like they're supposed to. Those sharp-eyed will note that during the merge window, kernel hackers work weekends :)

James Morris: Linux Plumbers Conference

Fri, 29 Aug 2008 06:14:24 +0000

I'll be attending the Linux Plumbers Conference in Portland OR a few weeks from now. It seems like a really useful event for developers, and even a little unusual in that Linus will be giving a git tutorial.

If there's anyone attending who'd like to meet up & discuss SELinux, especially distro integration issues and similar, let me know. Kees Cook from the Ubuntu project will be there, so if we have enough people, it might also be worth organizing a BoF session (it seems there are currently slots available).

Similarly, if anyone is interested in discussing the integration of MAC security with KVM (i.e. sVirt -- a project I'll discuss in more detail soon), also let me know.

Harald Welte: VIA releases open source Xorg driver

Fri, 29 Aug 2008 02:00:00 +0000

VIA has just released a open source Xorg driver for their integrated graphics chips on their linux.via.com.tw portal. Here's the actual download link for the source code tarball.

I am very happy to see this! It's one more step that VIA has been working on to improve and show their support for Free Software and Linux.

Please notice that this driver (as opposed to VIA's proprietary binary-only Xorg driver) has no support for 3D, hardware video codec or TV encoder support. Nevertheless, it is a big step ahead.

Of course everyone involved understands that this simple "code drop" is not enough and that it is just the first step for actual 'Free Software integration'. There is a lot to be done to harmonize the current FOSS driver landscape for VIA's graphics products, from the old via driver in the Xorg git tree, over the unichrome and openchrome and now this new driver. Stay tuned!

Pavel Machek: Games I'd like to see -- camera shooter

Thu, 28 Aug 2008 23:21:13 +0000

Target shooting game with a twist: you shoot with your digital camera instead of your mouse.

Some image recognition neccessary for automatically evaluating the results,
but you get camera benchmark for free. It should also be more fun than shooting with the mouse.

Jesse Barnes: hi my name is jbarnes and it's been three weeks since my last blog entry

Thu, 28 Aug 2008 20:40:03 +0000

Things have been busy in the last few weeks (in roughly chronological order):

fed lots of PCI fixes to Linus
mostly finished porting the kernel modesetting bits into xf86-video-intel master
fixed lots of gfx bugs
hacked on GTT mapping for GEM
argued about the upstream DRM development process
worked to close the gap between upstream DRM and current DRM master trees
released 2.4.97.0 of xf86-video-intel (first test release for 2.5.0)
…and various other bits of Intel internal work

PCI

Got lots of good PCI stuff upstream this merge cycle. Mostly hotplug and PM related. Just drained the last couple of regression fixes on Monday, so things should be in pretty good shape for 2.6.27. For 2.6.28 there are bunch of random cleanups & fixes queued, and I’m trying to find time to review TJ’s PCI address space code; there’s a lot of room for improvement in what’s currently upstream, so I’m hoping his stuff will help.

xf86-video-intel

The 2.5 release is shaping up to be an aggressive one: we’ve already merged both GEM and kernel mode setting support into the tree along with a slew of bug fixes. Neither of the new features is available by default, but if you have a suitably capable kernel you can try them out and report any bugs we’ve introduced.

The bug queue on the 2D side isn’t looking too horrible, and the blocker list looks manageable. The first test release went out on Monday and I don’t think I’ve heard of any new issues specific to that release yet, so I’m fairly happy about it so far.

DRM

Since both GEM and kernel mode setting are really kernel features, I’ve been spending a lot of time in the DRM tree lately. In order for kernel mode setting and GEM to work really well, we need a way to map GEM objects using their GTT address, rather than the backing store physical address. Given that we’re doing this from a module using an ioctl, it’s a little tricky, and we also need to handle invalidation when the object is kicked out of the GTT and faulting for when it gets accessed again. This was one of TTM’s strong points, but we were hoping to get away without having to do it with GEM. Unfortunately that’s not the case, and it really needs to be done to make kernel mode setting and UXA possible, so making it work is at the top of my list at the moment.

On the process front, things are looking really good. The first step in fixing a problem is admitting that it exists. After some heated arguments on IRC and dri-devel it looks like people mostly recognize that the current DRM development scheme doesn’t isn’t very good at getting code into upstream kernel releases and ultimately out to users. Dave has proposed a new process (see this wiki page for the current thinking) that should make it much more obvious which bits are going to head upstream and which aren’t. It should also make sync’ing with other OSes easier since development will be more transparent, and hopefully occur on the mailing list a bit more than it has in the past, where developers typically just pushed stuff into the DRM master tree and hoped Dave would do the hard work to get it upstream.

There is a downside to the new process however. In the DRM (and in particular in the i915 driver), features have been accumulating for a long time, causing the diff between upstream Linux and DRM master to grow over time. So I’ve been working to narrow that gap and push mature features into the drm-next branch so that they’re ready for the 2.6.28 merge window. The i915 driver has had quite a few features not present upstream for a long time now, like pipe/plane swapping support, vblank rework support, page flipping, and a few other changes & bug fixes. Once these changes get upstream OSVs will start to pick them up and users will start seeing the benefit of the new development model. I’m not sure what’s happening with other drivers; several of them (like radeon) have similar issues, and some aren’t upstream at all (like XGI and mach64, among others), so someone will have to step up to do that work.

Overall it’s an exciting time in Linux-land; it’s really good to see so many improvements come together and get into the hands of users. Hopefully over time the lag between feature development, bug fixing and getting stuff to users will shrink even more.

Evgeniy Polyakov: We have WOOON!

Thu, 28 Aug 2008 18:00:17 +0000

Today we had a serious football championship against 3 commands. After 5 hours of games we won the first place. Last year we miserably lose against our main competitor in this match.
We played play-off scheme and had following scores: 8:2 (against the strongest team except us) and 7:2 in the final of the championship.

It was not a very simple matches, since we played indoor the first time. But we had longer football bench (i.e. more players), so we were able to change players and continue to support overall very fast rate. Also key players were not tired too much to be able to hold the game even at the very end.

I did not make a goal, but had several precise ball transfers which couple of times results in a goal. Also had several strikes into the gates area, but with no success, goalkeepers were good.
Actually I do not consider my contribution as noticeable, but I found my problems in the game, and thus can try to fix it on trainings.

Because of this exceptionally good result (we won against strong competitors and even people who work against us sometimes :), we consider to seriously continue our trainings (rivals ask for return match this September, hopefully I will not be in USA on conferences).

I will post team and match photos tomorrow. Stay tuned! Comments (0)

Dave Jones: Open source noise machines.

Wed, 27 Aug 2008 17:00:13 +0000

this is pretty cool.
I'm an avid collector of effect units (I lost count a while back just how many I have). Having something tweakable in this manner is kind of neat. Though I don't think I'll be getting one for a few reasons.

First, I use my noise-making as an escape from open source. Sometimes, even I need to switch off, and moving to a different room to run gdb in a different use-case isn't really escaping.

Secondly, since the beginning of the year I've been building a modular analog synth. The beauty of this thing is it's pretty much entirely open. Want more oscillators? fine, buy some, screw them in. Extra filters? same deal. Once you have a collection of mounted modules, you then get a large number of possible patch combinations between the various modules. For many of the modules, people have even made various 'hacks' to improve them in some manner or other. The manufacturers have in some cases even adopted those changes in later revisions of modules which is really awesome.

Whilst as a synth, it's primarily for the creation of sound, it also works really well as a sound-mangler of any input source, making it a supe r guitar effects pedal on steroids. And with cool sounding modules like "malgorithm", I'm easily persuaded.
The nice advantage of analog gear is that it rarely goes wrong in the sense that computers do. It frequently does completely unpredictable things, but it's usually a 'happy accident' than a complete disaster.

The only downside is these things get to be habit forming, and start to take over the house. Mine has already
grown to twice the size I was initially expecting, and will probably increase some more before I'm "done".

I keep meaning to record some of the output of this and other devices. One of these days I'll get to it. Until then, just imagine mains hum modulated by howling feedback with sub-bass that makes the walls shake, and you're probably pretty close to the sorts of sonic mayhem this thing puts out. (It's not /all/ it can do, it's just what I tend to make it do a lot).

Dave Jones: Highlighting.

Wed, 27 Aug 2008 16:44:52 +0000

I'm a big fan of highlighting text. (But only on computer screens, I hate highlighters on paper, and really don't understand those people who selectively highlight semi-random parts of books). To this end, I have the usual things set up, like my .vimrc enables syntax highlighting to show me when I've forgotten what C should look like. I've also started extending it to other uses. Like highlighting common bugs. It turns out to be handy when both writing code, and reviewing other peoples.

It's pretty simple to do in vim. For example..
highlight kmalloc ctermbg=red guibg=red match kmalloc /k[mzc]alloc(GFP_/ highlight memset ctermbg=red guibg=red match memset /memset.*\,$\ \|$0$\ \|$);/

Now, go ahead and try that zero sized memset. Or a kmalloc with swapped arguments. The bright red text screaming AWOOGA in your face should be attention grabbing enough for you to instantly realize what's up as soon as you've written the erroneous line of code.

The above regexps aren't new either. I've posted blog entries before about how I recursive grepped for the latter across all 80gb of the Fedora source tree periodically. (And it still keeps turning up new casualties).

I've also extended mutt to catch this nonsense.

color index red default '~b "memset.*\,$\ \|$0$\ \|$);"'

When paging through my inbox, when I see a mail in red, I know there's something silly in it, which needs further review. (Very handy for reading things like commit mailing lists, or code review lists).

Even if you don't write C, there are probably regexps for catching API misuses in other languages too, so the above principles should be useful. (I use vim/mutt almost exclusively, no idea how to make highlighting work with emacs etc, but I'm sure it's doable there too).

Michael Kerrisk (manpages): man-pages-3.08 is released

Wed, 27 Aug 2008 17:22:41 +0000

I've uploaded man-pages-3.08 into the release directory (or view the online pages). Notable changes in man-pages-3.08 are:

A new numa(7) page gives an overview of the Linux NUMA interfaces.
A new getnetent_r(3) page documents getnetent_r(), getnetbyname_r(), and getnetbyaddr_r(), the reentrant equivalents of getnetent(), getnetbyname(), and getnetbyaddr().
A new getprotoent_r(3) page documents getprotoent_r(), getprotobyname_r(), and getprotobynumber_r(), the reentrant equivalents of getprotoent(), getprotobyname(), and getprotobynumber().
A new getrpcent_r(3) page documents getrpcent_r(), getrpcbyname_r(), and
getrpcbynumber_r(), the reentrant equivalents of getrpcent(), getrpcbyname(), and getrpcbynumber().
A new getservent_r(3) page documents documents getservent_r(), getservbyname_r(), and getservbyport_r(), the reentrant equivalents of getservent(), getservbyname(), and getservbyport().
Further updates related to changes in the recently approved POSIX.1-2008 standard.

Evgeniy Polyakov: Completely new Distributed STorage (DST) release.

Wed, 27 Aug 2008 16:00:35 +0000

DST is a block layer network device, which among others has following features:

Kernel-side client and server. No need for any special tools for data processing (like special userspace applications) except for configuration.
Bullet-proof memory allocations via memory pools for all temporary objects (transaction and so on).
Zero-copy sending (except header) if supported by device using sendpage().
Failover recovery in case of broken link (reconnection if remote node is down).
Full transaction support (resending of the failed transactions on timeout of after reconnect to failed node).
Dynamically resizeable pool of threads used for data receiving and crypto processing.
Initial autoconfiguration. Ability to extend it with additional attributes if needed.
Support for any kind of network media (not limited to tcp or inet protocols) higher MAC layer (socket layer). Out of the box kernel-side IPv6 support (needs to extend configuration utility, check how it was done in POHMELFS).
Security attributes for local export nodes (list of allowed to connect addresses with permissions). Not used currently though.
Ability to use any supported cryptographically strong checksums. Ability to encrypt data channel.

Distributed storage was completely rewritten from scratch recenly. I dropped essentially mirrored features of teh device mapper in favour of the more robust block io processing and effective protocol.

One can grab sources (various configuration examples can be found in 'userspace' dir) from archive, or via kernel and userspace GIT trees. Comments (0)

Stephen Hemminger: Exploring transactional filesystems

Wed, 27 Aug 2008 16:20:44 +0000

In order to implement router style semantics, Vyatta allows setting many different configuration variables and then applying them all at once with a commit command. Currently, this is implemented by a combination of shell magic and unionfs. The problem is that keeping unionfs up to date and fixing the resulting crashes is major pain.

There must be better alternatives, current options include:

Replace unionfs with aufs which has less users yelling at it and more developers.
Use a filesystem like btrfs which has snapshots. This changes the model and makes api's like "what changed?" hard to implement.
Move to a pure userspace model using git. The problem here is that git as currently written is meant for users not transactions.
Use combination of copy, bind mount, and rsync.
Use a database for configuration. This is easier for general queries but is the most work. Conversion from existing format would be a pain.

Looks like a fun/hard problem. Don't expect any resolution soon.

Matthew Garrett

Wed, 27 Aug 2008 01:24:47 +0000

Jesus fuck, Dell, why do you have a WMI event interface that seems to do nothing but pass back things that look awfully like keyboard scancodes? I mean, E045? Come on, now.

Driver forthcoming for those who really want the little battery button on their Precision M6300s to work.

Dave Jones: My ass has a carbon footprint.

Tue, 26 Aug 2008 23:00:59 +0000

I've really enjoyed not traveling anywhere this last month. As much as I like seeing different places, I really enjoy being back home. I find that miss the little things. I miss having a routine.
Next week sees the restart of lots[*] of traveling.

Beginning with a vacation. I'm in San Francisco from next Wednesday through Sunday. (locals: drop me a mail if you'd like to meet up for a food/beer or whatever.) I've got stuff planned for most the week, but there's guaranteed to be a bunch of free time too. On Thursday I'm off to Alcatraz for a few hours, which should be interesting. And on Friday night, I'm heading over to Oakland to see Nine Inch Nails which should be good fun. (if any locals I know are also going, send hot mailz. I need knowledge on how to survive Oakland without getting stabbed/shot/etc. Teach me your survival skills.)

Assuming I survive my outing to Oakland, I get back to Boston on Sunday evening, and get a whole week at home, before heading back out to the west coast again, this time to Portland, Oregon for the Linux kernel summit, and plumbers conf. I'm giving a talk there on how much of an awesome idea it would be if every Linux distro shipped a standard initrd. It's either going to be awesome, or a lead balloon.

[*] ok, it's not "lots", but two coast to coast trips in the same month are still what I deem 'excessive'.

Muli Ben-Yehuda: I'm a-twitter

Tue, 26 Aug 2008 15:43:59 +0000

I was working from home today and didn't have anyone to talk to. So I finally bit the bullet and figured, why talk to *someone*, when I can talk to *everyone*? Hence, muliby on twitter. Leave a comment if you're on twitter.

Pavel Machek: Viking for GPS track analyzing

Mon, 25 Aug 2008 20:25:31 +0000

I knew few web services that analyzed GPS data, to make pretty graphs of speed during time, etc... and long thought that I'll need to write something like that.

Well, it turns out, someone else already did, and result is called Viking. It can do openstreetmap/openaerialmap (SuSE version), and it can do transparency, so results look pretty well.

On a related note, I hacked tangogps a bit, and found out that POIs are indeed pretty easy to import with some sql scripting.

#!/bin/bash
gpsbabel -i gpx -o csv $1 /tmp/delme.csv
( while IFS=, read A B C; do
        echo -n 'INSERT INTO "poi" VALUES ('
        echo "'628450940673161107', $A, $B, 1.0, 0.0, 0.0, '$C', '', 3.0, 0.0, NULL,NULL,NULL,NULL,NULL);"
  done
) < /tmp/delme.csv | sqlite3 ~/.tangogps/poi.db

Evgeniy Polyakov: Football evening. Testing spikes.

Mon, 25 Aug 2008 20:00:35 +0000

And spikes showed that I bought them not for nothing. Contact with the field was exceptionally good even on very slick grass, I was able to accelerate and stop really quickly from essentially all positions. Spikes do not disturb the hit, although I had not that many possibilities to test it.

And then started the rain. Sometimes it was quite good waterfall with the strong wind and effectively zero vision where there were no special field lights (we even moved to the neighbour field because of that). And you know, I did not even notice that contact with the field changed. It was exceptionally cool to play in such conditions. One could not go without contacts and small traumas of course. Well, now I can run on the field noticebly faster, so contacts become more dangerous, but that's actually not a problem, I like it.

That was a very good game! Comments (0)

Pete Zaitcev: A terabyte of RAM

Mon, 25 Aug 2008 19:00:11 +0000

20 years ago my official job title was "Chief of Computer" (начальник машины), and the computer could not be upgraded to one megabyte due to lack of funds (we had to get by with 768KB). Gigabyte boxes started to pop up around the break of the century. Now, the terabyte:

Sometime leading up to the F9 kernel my very large ia64 system (64 cpu 1TB ram, bunch of PCI busses and I/O) fails to boot. It appears to be something in how nash/mkinitrd gets information from sysfs. [...]

Dave Jones: Continuing the adventure with password changes.

Mon, 25 Aug 2008 16:06:04 +0000

After having to change my Fedora passwords/keys last week, I went about changing pretty much every other password I had too.
In doing so, I realised something enlightening. (read as: I'd made a horrific novice mistake).

I knew I'd committed the sin of writing down passwords for certain things. But "ah, I'll just encrypt the file and it'll be ok" was in hindsight pretty dumb. What I had done though was this..

gpg password.txt.gpg vi password.txt gpg -e password.txt

GAME. OVER.

Encrypting this file was utterly pointless. If my computer had been stolen, all an attacker would have had to do to see the contents of that file was strings /dev/sda and it would have found the plaintext password.txt easily enough.

Had I done the above operation in tmpfs, and moved the resulting .gpg file to hard disk afterward, I would have been okay. But because I'm a dumbass, I'd done the above directly on hard disk. Numerous times.

Tools like scrub exist to scribble over a file before it gets erased, but they wouldn't have helped me in the situation above, as it's gpg that removes the original unencrypted file. Also, scrub isn't necessarily reliable on a journalled filesystem.

What I really needed is a 'scrub unused data blocks' utility. In the absence of such a utility, I did dd if=/dev/zero of=/dev/sda and reinstalled. (It was long overdue a fresh reinstall anyway).

Evgeniy Polyakov: POHMELFS configuration extension.

Mon, 25 Aug 2008 15:00:40 +0000

I've committed changes from Varun Chandramohan (varunc_linux.vnet.ibm.com) which extends POHMELFS to support ADD/REMOVE/SHOW configuration groups.

Configuration group is a global object inside pohmelfs core, which contains information about servers to work with and various configuration parameters. When administrator mounts new pohmelfs filesystem, he or she has to setup appropriate configuration group and use its index as mount option parameter. There is special configuration utility for this purpose inside POHMELFS userspace package.

Now it is possible not only to add or remove groups, but also to show them to the administrator.
I've pushed chages into the kernel and userspace GIT trees. Comments (0)

Jaya Kumar: E-Ink

Mon, 25 Aug 2008 07:01:27 +0000

CIOL's Pradeep Chakraborty has an interesting article on E-Ink detailing his/her conversation with E-Ink's VP of Marketing, Sriram Peruvemba. I would agree with a lot that is said there. I really hope that local companies start picking up on this and develop product using the technology. All of Gangaram's on an SD card would be pretty cool.

Pavel Machek: What does this horse see?

Sun, 24 Aug 2008 22:43:49 +0000

There's page about horse eyesight, certainly interesting (but I find some info hard to believe -- really no one knows if horses can see colors?)

Anyway, it does not provide answer to one interesting question: "how well does this particular horse see"?

So, if you horse hits walls, you can probably figure out he has some problems, and there are other clues... like if you enter the stables and horse rotates his head 180 degrees -- that usually means that the eye originally facing you is blind or very weak.

Anyway, there's arabian mare called Hawkey, and she's nice, but I'm starting to suspect she's really short-sighted. Some objects, like stubs and logs near to the path, "scare" her: she'll decelerate suddenly, maybe change direction slightly to avoid the object, but then appears to look at the "scary" object and accelerate.

Today scary object was a bit of mud crossing the path. Then she tried to run away from a meadow -- unfortunately there was clearly visible fence in her escape path -- she appeared to only see it when it was like 2 meters away.

It is true that it makes her "interesting" to ride, but... (and it only happens when she goes first, so it is not that bad problem) I guess it would be nice to teach her not to do that...? (how?)

Is there some chance to verify how well her eyes actually work?

(I know there are quite big differences between horses; I have seen stallion not able to recognize "his" mare from 50 meters; and I have seen horse noticing fiber lying on the road... And many horses have problems finding apples on the ground... but is there some easy way to test horse's eyesight?)

Dave Jones: credit card fail.

Sun, 24 Aug 2008 20:35:44 +0000

Yesterday, when I was about to pay for groceries, the cashier asked to see my ID. This puzzled me, so I asked why, as I wasn't buying alcohol or anything unusual. Turned out that the signature strip on the back of my credit card had been worn down so much that my signature was illegible. Of course, this had to be one of the occasions when I didn't have any ID on me. Fortunately, she accepted the signature off of one of my other cards.

Today I decided I'd rather not have to do this again, so I called up customer service to order a replacement card. "Enter your account number" *beep beep beep...* "enter your zip code" *beep beep beep* "This account is closed".

w.t.f.

I waited a short time to get through to a human, and explained what had happened. Turns out that a few days ago, "fraud activity" was spotted on my account, and they blocked the card. Apparently there's a new one in the mail to me already.

I asked for more information on what exactly had happened, but they weren't very forthcoming with details. From the way she described it, they don't have a lot of details themselves. Putting the scant details together, it appears that what happened was something along the lines of a store got broken into which had my details, the perpetrators were caught, and law enforcement told the credit card company the list of potential card numbers that could be compromised. Turns out mine was one of those that was. Something like $2000 of bogus charges were run up before it was blocked, which were refunded before I'd even realized there was a problem.

Sucky, But at least it's all sorted.

Evgeniy Polyakov: Weather 0:1 Parachute Jumping.

Sun, 24 Aug 2008 20:00:37 +0000

That was fucking awesome!

One minute of the free fall from the 4 km high, wing parachute opened after we fell to 1.6 km.

We whirled several times during free fall and then made number of figures with the parachute. I drove the wing to make several simple figures with quite heavy turns around.

Of course I actually was just a piece of meat linked to the instructor, who really did all complex parts namely parachute opening, heavy rotations and landing, but it was my first jump and that was exceptionally cool! I'm sure I will jump again in Aerograd, but this time not linked to the instructor but myself (with instructors in the air though).

More photos in the gallery.
There are also two videos (DVD format): Aerograd promo (185 MB) and a bit clumpsy video of my jump itself (474 MB). Stupid youtube says that I'm 'ineligible' for that service, so there is no compressed version.

Enjoy! :) Comments (2)

Dave Jones: rawhide is old.

Sun, 24 Aug 2008 19:35:16 +0000

In the midst of all of last weeks chaos, rawhide saw its tenth birthday.

Val Henson: Giant squid on display at the Smithsonian

Sun, 24 Aug 2008 04:31:48 +0000

Bruce Schneier's Friday Squid Blogging informs me that two giant squid are going on display at the Smithsonian at the end of September!

http://www.mnh.si.edu/exhibits/ocean_hall/squid.html

I am seriously considering a trip to D.C. just to see them.

No, I don't know why Bruce is into giant squid, but I've been fascinated with them ever since I learned they were not, in fact, entirely mythical. It was like learning that, say, pegasusses[1] had been discovered roaming the Siberian tundra. My last encounter with a giant squid:

[1] I googled for the correct plural of "pegasus" and to my vast amusement, found that the best reference is a letter from the Laurel King of Arms. for the Society of Creative Anachronism dated 1985, in which he complains of not having enough time because he's working for a "hightech startup." This is amusing because (1) somehow I think of startups as something that began in the 90's, (2) I used to be in the SCA:

Summary: pegasusses and pegasi are both correct.

Evgeniy Polyakov: Distributed storage.

Sat, 23 Aug 2008 19:00:21 +0000

Here we go, DST got all problems with reference counters fixed, there is somewhat new observation I made for myself: block device has to provide open and release callbacks to block device operation structure, which have to increase and decrease appropriate reference counters of the underlying object, since otherwise it is possible to remove it with proper del_gendis(), blk_cleanup_queue() and put_disk(), but some references will exist in the mapping (like in the block device info structure), so subsequent sync will crash the machine. Also tested lots of reconnection stuff, transaction resending and timeout and so on.

Actually I would make a new release, but decided to test crypto stuff first. It was copied from POHMELFS and should work out of the box, but this requires an additional check of course.
Since tomorrow I will have an almost minute free fall from the several kilometers high if weather permits, checks, bug fixes and release are postponed for the start of the week. Obviously if there will be no 'issues' with landing...

Stay tuned! Comments (0)

Harald Welte: Back to Taipei: More work with VIA.

Sat, 23 Aug 2008 02:00:00 +0000

I've just arrived in Taipei two days ago. I'm looking forward to an exciting four weeks of close work with VIA, talking with various different groups in management as well as actual software engineers.

I can only repeat my earlier statements: It still feels great to be able to play such a substantial role in improving the Free Software interaction of a large chip maker and key player in the PC industry.

Of course being in Taipei also enables me to meet again with former colleagues at OpenMoko. I just returned from a very nice dinner conversation with jserv.

Pavel Machek: etrade.com sucks, and it is not only online security

Fri, 22 Aug 2008 20:57:24 +0000

To create account, they mail you password via unprotected snail-mail. Uh, ok. Then they tell you "Visit www.etrade.com/activate". So I type https://www.etrade.com/activate, and get page not found... ouch. Those idiots only have the page available over unencrypted link.

...then they request information that is none of their business, like my birth date.

Then the fun continues... they ask for more personal questions (like my ID number; this would probably be illegal under czech law)... and then they want to authenticate you using "challenge question only you know the answer"... and present you list of 7 questions; of them 2 are not usually known in... The answer is actually echoed on screen :-(.

...and then they want you to agree to this crap... I wonder what happens on clicking disagree? This is blackmail :-(.

I UNDERSTAND THAT THIS ACCOUNT IS GOVERNED BY A PREDISPUTE ARBITRATION CLAUSE. I ACKNOWLEDGE THAT I HAVE RECEIVED AND READ A COPY OF THE CUSTOMER AGREEMENT (AVAILABLE AT ETRADE.COM/CUSTAGREE OR BY CALLING CUSTOMER SERVICE) WHICH CONTAINS A PRE-DISPUTE ARBITRATION AGREEMENT AT SECTION 8, PAGES 36-37 OF THE E*TRADE SECURITIES CUSTOMER AGREEMENT.

...heh, ETRADE.COM/CUSTAGREE does not actually exist. I guess I can agree to _that_.

Then you get to create password.. may not contain special characters. WTF?

Val Henson: Linux Plumbers Conference on track to sell out

Fri, 22 Aug 2008 17:13:24 +0000

The Linux Plumbers Conference early bird registration has come and gone, and looking at the registration numbers, we appear to be on track to sell out! We're limiting attendance to 300 people to keep it small, collaborative, and focused on getting things done. If you've been thinking about going but haven't registered yet, you should probably do so soon:

http://www.linuxplumbersconf.org/register/

In related news, I have a free ticket to LPC to give away (as a reward for doing LPC publicity). Email me if you're a deserving Linux developer with no corporate means of getting your registration paid.

Evgeniy Polyakov: Trumpeting in C.

Fri, 22 Aug 2008 12:00:19 +0000

That was somewhat strange playing. I managed to play small octave C# (trumpet Eb), which is beyond official range, and third E-F (trumpet Gb-G), which are the highest tones in the official trumpet range. It was not very reliable of course, although third C was played lots of times.
I do not know how I managed to sound them, but I did. Maybe because of two day delay in morning exercises (what the heck, I can not wake up as early as usual for the last several days).

But when I started to play some melodies (namely "He's a pirate" main theme in the 1-2 octaves, second noteset moved to 1A, i.e. one octave higher), I managed to make lips tired so quickly, that the same 10-20 first notes (not counting introduction) of the theme sounded cool only couple of times, although I 'played' about a hour.

Strange. Also found that my sounds are not clean (at least in the first octave), since they also contain sound of the breathing itself, but I noticed it at the end of the exercises, so likely I was just too tired at the end. But I will continue. Comments (0)

James Morris: Nano HOWTO: Getting started with libvirt hacking

Fri, 22 Aug 2008 09:20:56 +0000

How to build libvirt from git on Fedora:

mkdir ~/rpmbuild

(cd ~/rpmbuild && mkdir BUILD BUILDROOT RPMS SOURCES SPECS SRPMS)

git clone git://git.et.redhat.com/libvirt.git

cd libvirt

git checkout -b mystuff

export AUTOBUILD_INSTALL_ROOT=$HOME/builder

./autobuild.sh

The above will clone the tree, checkout a branch to hack on, build and test the code, then generate source and binary RPMS. You'll also be set then to do local manual builds.

Thanks to danpb for clues.

Evgeniy Polyakov: Football accessories.

Thu, 21 Aug 2008 22:00:19 +0000

Got couple of new football toys.

Now I can play on wet slick field.

Always wanted to have football gloves. In the past life I was not that bad goalkeeper, and liked it alot.

Comments (0)

Andy Grover: Cats and headphones

Thu, 21 Aug 2008 19:47:54 +0000

We have a new kitten named Abby whom we love very much but who has turned out to be quite precocious. And she likes to chew things.

I thought this was fine (cute, really) but I noticed today that my headphones were only coming in on one side. Hmm, weird. Hey, what's this gash in the cord with teeth marks all around it??

Abby!!!!! <Abby makes cute trilling sound>

These headphones are Sony MDR7506s -- really nice btw, with a nice long cord. They cost $99, so I really wanted to fix them, not buy a new set just because the cord went bad. I found the service manual online and got the parts number for the cord. I also found the number for the Sony Professional service number. The original part 158079221 would have been $44.95, but it's no longer available. It forwarded to a new part number 158079213, which costs $82.12. This is a "cord (with plug)". Isn't that crazy?