Bart's Blog

Ian just posted the screen casts of the Linux Kernel Walkthroughs that I ran last week.

Here is the same video on google/video... it's a lot lower rez :(

I will be kicking off a new series of talks at OCLUG later this month. The idea is not mine, but a copy of a similar series ran by Silicon Valley Linux Users Group. Kudos to them!

Here is the info on the first Kernel Walkthrough: Source Tree Layout. I will start off by covering the tree structure and talk a bit about the components, before handing control of the talk over to the audience and let them drive the types of things they would like to explore.

We are being hosted by the TheCodeFactory, which is a very cool concept. From the website:

"TheCodeFactory is a collaborative work space located in downtown Ottawa at 246 Queen Street, between Bank and Kent, above the Green Papaya Restaurant. TheCodeFactory is a clubhouse or water cooler for the Start-up community in Ottawa."

In short they are a place where startups can meet and collaborate way before they have any office space of their own. Ottawa being such a hotspot for startups, this is clearly a good idea.

When Linux runs low on memory it tries to kill off applications that may be responsible for the high memory usage. It sometimes gets is all wrong, so the kernel has a way to tell it which processes are to be treated differently by the OOM killer.

I am using ssh to run some stress tests. Occasionally they cause memory to run out, and when I am not paying attention sshd is killed off... which means I cannot turn off the tests.

Here is a script that makes sshd immune to OOM killer.

    for pid in $(pidof sshd) ; do
            echo "disabling oom on pid $pid"
            echo -17 | sudo tee /proc/$pid/oom_adj > /dev/null
    done

NOTE: the sudo tee is a useful trick when you want to write to a file as root w/o spawning a subshell.

I've been working on a contract for Symbio Technologies for the last month. They are makers of a few thin client terminals.

My work for Symbio involves talking to a SATA hard disk using ATA command set. What makes this a bit more interesting is that /dev/hda is the way of the past. New devices are covered by libata drives which fit into the SCSI subsystem.

So, the challenge for me was how to send raw ATA messages using the SCSI layer to the SATA drive. Besides the fact that the interface is sparsely documented, it was pretty easy.

[Read More]

Last time I wrote about openswan I commented how Martin and I chopped off 18 thousand lines from KLIPS.

Most recently I finished rewriting IPCOMP handling to use CryptoAPI's api to zlib, and Martin was able to remove the zlib that was duplicated in KLIPS. Here are the updated stats:

    $ git diff origin/public HEAD -- include/openswan net/ipsec/ | diffstat | tail -n1
     135 files changed, 14549 insertions(+), 39839 deletions(-)

That, along with other cleanup, bumped us up to 25k lines less then the #public branch of openswan.

It may also be interesting to note that so far we have removed about half the KLIPS code:

    $ git diff v2.6.18 HEAD -- include/openswan net/ipsec/ | diffstat | tail -n1
     77 files changed, 28290 insertions(+)

We're not quite there, but working hard :)

If you wish to play with the code, please seed from kernel.org before fetching from me:

    $ git clone git://git2.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.git/ linux-2.6.git
    $ git clone --reference linux-2.6.git git://tachyon.jukie.net/klips-fsm.git/ klips-fsm.git

It would seem that either no one that codes for the Linux kernel does so under vim, or if they do they don't have the time to share their vim configuration that doesn't conflict with the kernel's CodingStyle.

Below I will discuss some changes I had to make to my .vimrc and .vim/c.vim to work with C efficiently.

[Read More]

I started working for Xelerance in April of 2006, and the contract ended in December. Since then I've been working on a KLIPS-ng, of sorts. The idea was to remove all the crypto code from KLIPS and convert it to use CryptoAPI already in the Linux kernel.

Last objective of my work was to add OCF support to KLIPS, so that we could take advantage of the asynchronous crypto facilities provided there, as well as several OCF hardware drivers. The BSD kernels have been using OCF, Open Cryptographic Framework, for some time and more recently it was ported to Linux.

[Read More]

I was installing openswan on my sbc router box. The sbc doesn't have much hardware on it, and what it does have did not contribute to the entropy pool.

I have a few boxes around with relatively good entropy (keyboard/mouse input), but there was no way to pass that entropy to the router for RSA key generation. I had to write some code to fix it. Be warned, it's pretty EVIL...

UPDATE: see below about rng-tools.

[Read More]

Sometimes I have a need to reproduce bugs on other platforms. When that platform uses a heavily patched kernel, it makes it hard to debug. Below are some notes I took while building a RHEL4 kernel with kdb support.

[Read More]

As part of some driver work for a client I looked at some fast logging methods since logging via printk() to syslog sucks.

Here are the hits I got:

• ULOG - it's what netfilter uses for logging packets. It relies on netlink for transport and a ulogd in user space to treat the logs. Apparently ULOG2 is in the works.
• DBUS - patch from Robert Love that adds a fast event notification mechanism to the kernel. It too relies on netlink for transport. It's mostly meant for events like "Your CPU is overheating", not packet logging.
• relayfs - a patch that adds a flexible buffering scheme for logging. Seems like the most flexible of the bunch.

Looks like none of the above are flexible and supported by deployed kernels (our target is RHEL3)... so syslog it is in the interim.