Hardware crypto support

[Nik Clayton]

[ slashdot.org hat firmly on head, FU set to me ]

Does FreeBSD support hardware crypto?

There'll shortly be a story on /. about OpenBSD's hardware crypto support,
in the form of the HiFn 7751 chip.  OpenBSD recommend buying them from
www.powercrypt.com.

If you go there you'll see that FreeBSD support is listed, but there are
no details.

If FreeBSD's got support for this card (even if it's through third party
drivers) I'll recast the story so it's more of a "BSD supports hardware
crypto", rather than being solely OpenBSD.  But if OpenBSD have it first
they get the honours :-)

If you're using this (or any other) card for hardware crypto, can you drop
me a line?  If you can include real-world performance details as well that'd
be great.

N
-- 
Internet connection, $19.95 a month.  Computer, $799.95.  Modem, $149.95.
Telephone line, $24.95 a month.  Software, free.  USENET transmission,
hundreds if not thousands of dollars.  Thinking before posting, priceless.
Somethings in life you can't buy.  For everything else, there's MasterCard.
  -- Graham Reed, in the Scary Devil Monastery


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Hardware crypto support

[Sheldon Hearn]

On Thu, 13 Apr 2000 10:30:04 +0100, Nik Clayton wrote:

> Does FreeBSD support hardware crypto?

We've issued a device major number for nCipher's nFast PCI hardware
cryptographic accelerator.  I'd suggest contacting the nCipher guy who
asked for the device major, John Hartley <[EMAIL PROTECTED]> and ask how
they're progressing. :-)

Ciao,
Sheldon.


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Hardware crypto support

[Len Conrad]

Similarly, what about hardware compression support?  Say in conjunction 
with the LanMedia 1504P 4-port  T1/E1 card?

Len





> > Does FreeBSD support hardware crypto?
>
>We've issued a device major number for nCipher's nFast PCI hardware
>cryptographic accelerator.  I'd suggest contacting the nCipher guy who
>asked for the device major, John Hartley <[EMAIL PROTECTED]> and ask how
>they're progressing. :-)
>
>Ciao,
>Sheldon.
>
>
>To Unsubscribe: send mail to [EMAIL PROTECTED]
>with "unsubscribe freebsd-hackers" in the body of the message



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

unsubscribe freebsd-hackers

[Vlad Dymchenko]

unsubscribe freebsd-hackers




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Debugging kernel data

[Mark Huizer]

Hi

I'm trying to debug a kernel that is not crashing but hanging, with all
processes in 'inode' wchan. So I did a 'call panic()', and now I have
the crashdump, but is there a way to get to the data structures of the
kernel???

Mark
-- 
Nice testing in little China...


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

copyin() return val 14 (EINVAL).

[Andrew Reiter]

Hi,

I semi-talked with Alfred Perlstein about this on IRC I keep getting a
return value of 14 (EINVAL) when I call copyin().  While issue may be my
fault, that is not the issue... the issue is that atleast in the main
page, it's undocumented.  After randomly finding a man page in digital
unix (iirc), I remember it stating that when EINVAL is returned it means
that the userland pointer that is passed to copyin() is invalid, or..
(forgive me for lack of remembering) "something" does not have rights to
access "something."   Sorry for the ambiguity on the latter.

Anyway, Im not sure if that was just a mistake on not including it in the
man page, or whether Im missing something.

Also, Im wondering anyone would like to take a stab at why exactly Im
always getting EINVAL... no matter what I do in the code.  If you'd like
to help, just drop me a line and I'll send you source.

Thanks,

Andrew

-
Andrew Reiter<[EMAIL PROTECTED]> 
Computer Security Engineer 



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

image_params.fname

[Murray Stokely]

  I'm having trouble displaying the value of image_params->fname in
this small snippet of code from imgact_elf.c.  When the system execs
an unbranded elf binary it doesn't tell you the name of the actual
file that you tried to exec, which can be very annoying when you run
an obfuscated shell-installer for a Linux application.  Anyway this
code always ends up with nonsense in the path; what am I doing wrong?

if (brand_info == NULL) {
if (brand[0] == 0) {
  uprintf("ELF binary type not known."
"  Use \"brandelf\" to brand it.\n");
uprintf("imgp->fname : %p\n",imgp->fname); /* user space */
uprintf("fname   : %p\n",&path[0]); /* kernel space */
error = copyinstr(imgp->fname,&path[0],MAXPATHLEN,&length);
if (!error) {
  uprintf("Filename : '%s'\n",path);
  uprintf("length   : %d\n",length);
}
}

$ ./Mathematica
ELF binary type not known.  Use "brandelf" to brand it.
imgp->fname : 0x80a6a00
fname   : 0xc0d39800
Filename :j
length   : 3
Abort

- Murray



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

RE: Hardware crypto support

[Charles Randall]

Speaking of hardware support for compression...

I've been looking for hardware accelerated zlib for a while. I even
contacted the guys zlib developers and Hi/fn and came up with nothing.

Any suggestions?

Charles

-Original Message-
From: Len Conrad [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 13, 2000 4:04 AM
To: [EMAIL PROTECTED]
Subject: Re: Hardware crypto support 


Similarly, what about hardware compression support?  Say in conjunction 
with the LanMedia 1504P 4-port  T1/E1 card?

Len




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Authorization broken in 4.0 REL/XDM?

[Robert Withrow]

I asked about this in questions...

It appears that authorization is broken in XDM in 4.0 REL.  At least
if I start XDM using the default everything, just the way I have
for the last several releases, all attempts to log into the server
fail with authentication rejections.

The only suggestion on questions was to turn off authorization on
the :0 display, which doesn't seem safe.

Any other ideas?

-- 
Robert Withrow -- (+1 978 288 8256)
[EMAIL PROTECTED]



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Authorization broken in 4.0 REL/XDM?

[Kris Kennaway]

On Thu, 13 Apr 2000, Robert Withrow wrote:

> Any other ideas?

Do you have an up to date /etc?

/etc/pam.conf contains:

# XDM is difficult; it fails or moans unless there are modules for each
# of the four management groups; auth, account, session and password.
xdm authrequiredpam_unix.so
#xdmauthsufficient  pam_kerberosIV.so   try_first_pass
xdm account requiredpam_unix.so try_first_pass
xdm session requiredpam_deny.so
xdm password required   pam_deny.so

Kris


In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <[EMAIL PROTECTED]>



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Authorization broken in 4.0 REL/XDM?

[Robert Withrow]

[EMAIL PROTECTED] said:
:- Do you have an up to date /etc? 

Yes.  This is a virgin installation of 4.0 REL.

bash-2.03$ uname -sr
FreeBSD 4.0-RELEASE
bash-2.03$ grep -A 6 XDM /etc/pam.conf 
# XDM is difficult; it fails or moans unless there are modules for each
# of the four management groups; auth, account, session and password.
xdm authrequiredpam_unix.so
#xdmauthsufficient  pam_kerberosIV.so   try_first_pass
xdm account requiredpam_unix.so try_first_pass
xdm session requiredpam_deny.so
xdm password required   pam_deny.so
bash-2.03$ 

-- 
Robert Withrow -- (+1 978 288 8256)
[EMAIL PROTECTED]



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Hardware crypto support

[Daniel C. Sobral]

Nik Clayton wrote:
> 
> Does FreeBSD support hardware crypto?

It does.

> There'll shortly be a story on /. about OpenBSD's hardware crypto support,
> in the form of the HiFn 7751 chip.  OpenBSD recommend buying them from
> www.powercrypt.com.
> 
> If you go there you'll see that FreeBSD support is listed, but there are
> no details.
> 
> If FreeBSD's got support for this card (even if it's through third party
> drivers) I'll recast the story so it's more of a "BSD supports hardware
> crypto", rather than being solely OpenBSD.  But if OpenBSD have it first
> they get the honours :-)
> 
> If you're using this (or any other) card for hardware crypto, can you drop
> me a line?  If you can include real-world performance details as well that'd
> be great.

I once wrote a driver for a cryptography card for FreeBSD. The hardware
was a brazilian one, and the driver was/is being used with a commercial
firewall product that is available for a number of platforms, including
FreeBSD.

I wouldn't be the least surprised if other crypto hardware had drivers
available for FreeBSD. Frankly, I see nothing special in the above. It
sure didn't took me very long to write the driver.

-- 
Daniel C. Sobral(8-DCS)
[EMAIL PROTECTED]
[EMAIL PROTECTED]
[EMAIL PROTECTED]

GPL certainly doesn't meet Janis Joplin's definition of freedom:
"Freedom is just another word for nothing left to loose."


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Acroread4

[Andre Albsmeier]

On Wed, 12-Apr-2000 at 21:33:34 +0200, Wilko Bulte wrote:
> On Wed, Apr 12, 2000 at 03:02:10PM -0400, Sean O'Connell wrote:
> > Wilko Bulte stated:
> > > On Wed, Apr 12, 2000 at 10:38:04AM -0400, Vivek Khera wrote:
> > > > > "A" == Asmodai   writes:
> > > > 
> > > > >> I don't think this is a 4.0 issue.  I get the same on a couple of 3.4R 
> > > > >> systems, minus the locale message.
> > > > 
> > > > A> I can, on my 3.4-STABLE, get acroread4 to coredump time and again.
> > > > 
> > > > I've never had acroread version 4 croak on my 3.4-STABLE system.  It
> > > > works just perfectly fine.
> > > 
> > > Well... (just installed):
> > > 
> > > acroread-4.05 gives: 
> > > 
> > > WKB ~>acroread4 
> > > Floating point exception (core dumped)
> > > 
> > > on 3.4-stable. Is this what Vivek is seeing?
> > 
> > Wilko-
> > 
> > I think you can get around this by installing the 
> > /sys/i386/include/npx.h (version 1.18) from RELENG_4,5 
> > and rebuilding your kernel (this also helps with linux
> > netscape/realplayer and a few other linux goodies).
> 
> Hmm, interesting. Unfortunately it is no so simple as it appears. 
> You also need globals.h which is not in 3.4-stable. Pulled that out of
> CVS. Now I see vm-machdep.c fail the compile..

Don't use the whole npx.h 1.18, only the latest patch which sets
__INITIAL_NPXCW__  to 0x127F.

This made it work for me...

-Andre


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Authorization broken in 4.0 REL/XDM?

[Ted Faber]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Content-Type: text/plain; charset=us-ascii

Robert Withrow wrote:
>I asked about this in questions...
>
>It appears that authorization is broken in XDM in 4.0 REL.  At least
>if I start XDM using the default everything, just the way I have
>for the last several releases, all attempts to log into the server
>fail with authentication rejections.
>
>The only suggestion on questions was to turn off authorization on
>the :0 display, which doesn't seem safe.

I just had this one upgrading to 4.0-stable.  Edit
/usr/X11R6/lib/X11/xdm/xdm-config and add:

DisplayManager._0.authName: MIT-MAGIC_COOKIE-1

(If you use more than DISPLAY :0 add lines for them, too...)

xdm seems to have been compiled to use both MIT-MAGIC_COOKIE-1 and
XDM-AUTHORIZATION-1 authorization schemes, although the other
parameters in the default configuration don't seem to support
XDM-AUTHORIZATION-1.  This results in the spurious failures.  It took
me an hour to figure this out today, and I'll be delighted if it
solves your problem. :-)

- --
Ted Faber[EMAIL PROTECTED]
USC/ISI Computer Scientist   http://www.isi.edu/~faber
(310) 448-9190 PGP Keys: http://www.isi.edu/~faber/pubkeys.asc



-BEGIN PGP SIGNATURE-
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv

iQA/AwUBOPYsq2lM93/mX/l7EQKNPwCgxKwJbn+6xtoEml6hoz41zImuGfEAniTS
7/4LPAc2/DimmHp0TQBLiSGd
=lF09
-END PGP SIGNATURE-



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Authorization broken in 4.0 REL/XDM?

[Robert Withrow]

[EMAIL PROTECTED] said:
:- It took me an hour to figure this out today, and I'll be delighted if
:- it solves your problem. :-)

You da man!

Here is the change I made.  Dear core team, please add to
errata!  Thanks!

*** xdm-config.orig Thu Apr 13 16:37:35 2000
--- xdm-config  Thu Apr 13 16:37:52 2000
***
*** 10,16 
--- 10,18 
  ! X terminals will be configured that way, so by default
  ! use authorization only for local displays :0, :1, etc.
  DisplayManager._0.authorize:  true
+ DisplayManager._0.authName: MIT-MAGIC_COOKIE-1
  DisplayManager._1.authorize:  true
+ DisplayManager._1.authName: MIT-MAGIC_COOKIE-1
  ! The following three resources set up display :0 as the console.
  DisplayManager._0.setup:  /usr/X11R6/lib/X11/xdm/Xsetup_0
  DisplayManager._0.startup:/usr/X11R6/lib/X11/xdm/GiveConsole

-- 
Robert Withrow -- (+1 978 288 8256)
[EMAIL PROTECTED]



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Setting device options

[Gary T. Corcoran]

Now that my device driver basically works (I can successfully do pings
and ftp transfers through it) using default settings, I'd like to
start polishing it up a bit...

This is a driver for a DSL device (Lucent WildWire), and our driver
has lots of options because there are many "flavors" of DSL and
things that need to be set depending on who is providing DSL service
to your location.  The device driver currently makes our DSL device
look like an Ethernet card, though I will also be adding more code
to support WAN (PPP) modes (that is, of course, one of the options
that I need to set before the device is initialized).

So, I want to know how I can "automagically" set the device options,
every time a user kldload's the device driver.
To give you a little background, here's how it works on the other
operating systems, and thus this is the type of thing I'm looking
for in FreeBSD.

In Windows, after installation the options are stored in that
"wonderful" hack called the Registry.  The driver, upon initialization,
reads the settings (i.e. the options) from the registry, and uses
those settings to initialize.

In Linux, by declaring some global variables with the "MODULE_PARM"
macro, this allows these variables to automatically have their value
set as the module is being loaded, overriding whatever default was
compiled into the module.  One only has to provide settings in the
/etc/conf.modules file for the options to override, and these values
are picked up by the "insmod" (insert module, equivalent to kldload)
command.  Thus, when the module is loaded, if there were any options
set, the values of the global variables are set, even before the
init_module() routine gets called.

In other words, once you set the options you need in conf.modules,
all settings are automatically handled, you don't have to remember
to run some "extra" program after loading your module but before
you bring up your link with ifconfig.

Is there some equivalent way of handling device driver option settings
in FreeBSD?  I would prefer an "automatic" way of having the
device options set, similar in function to the way you can set
options for your ethernet card with the ifconfig command - so
that once you define, for example, your ifconfig command and
put it in your rc file, you just automatically bring things up
the desired way.  Any suggestions?  (For FreeBSD 4.x)

Thanks,
Gary


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Setting device options

[Warner Losh]

Two options.

Once is that you can get hints, the other is that you can get
environment variables.  The third is to have sysctls, but those can't
be set until after the driver has finished loading.  Which one do you
want me to talk about?

Warner


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Setting device options

[Gary T. Corcoran]

Warner,

> Two options.
> 
> Once is that you can get hints, the other is that you can get
> environment variables.  The third is to have sysctls, but those can't
> be set until after the driver has finished loading.  Which one do you
> want me to talk about?

I'm sorry, but I don't know what "hints" are.  Can you briefly explain
(to start)?

As to sysctls, not available until after driver loading: I believe
that I need to know, before I reach the end of my attach routine, whether
I'm going to be in a LAN mode or a WAN mode, so I know whether
to do an ether_attach() or an sppp_attach().  So does that rule out
sysctls?

Thanks,
Gary


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

RFC: if_wi.c bridging patch

[Nick Sayer]

I have had some wi cards for a while, and while I have managed to get
an Airport to work (a friend helped me out), I believe that adding wi
to the list of bridge compatible interfaces may be helpful.

According to the documentation, the IBSS mode of the driver doesn't
work. That's too bad, as in combination with this patch, you could
make your own "airport" this way. IBSS is desirable because it allows
power management mode to work on the BSS client machines. C'est la
guerre.

I don't have a wi in a position that is comfortable for me to test.
But if someone can verify that this works, I will commit it.

This is relative to RELENG_4.

--- if_wi.c.origThu Apr 13 16:36:37 2000
+++ if_wi.c Thu Apr 13 16:48:53 2000
@@ -102,6 +102,10 @@
 
 #include 
 
+#ifdef BRIDGE
+#include 
+#endif
+
 #include 
 #include 
 
@@ -425,8 +429,31 @@
ifp->if_ipackets++;
 
/* Handle BPF listeners. */
-   if (ifp->if_bpf) {
+   if (ifp->if_bpf)
bpf_mtap(ifp, m);
+
+#ifdef BRIDGE
+   if (do_bridge) {
+   struct ifnet *bdg_ifp;
+   bdg_ifp = bridge_in(m);
+   if (bdg_ifp == BDG_DROP) {
+   if (m)
+   m_free(m);
+   return; /* and drop */
+   }
+   if (bdg_ifp != BDG_LOCAL)
+   bdg_forward(&m, bdg_ifp);
+   if (bdg_ifp != BDG_LOCAL && bdg_ifp != BDG_BCAST &&
+   bdg_ifp != BDG_MCAST) {
+   if (m)
+   m_free(m);
+   return; /* and drop */
+   }
+   /* all others accepted locally */
+   }
+   else
+#endif
+   {
if (ifp->if_flags & IFF_PROMISC &&
(bcmp(eh->ether_dhost, sc->arpcom.ac_enaddr,
ETHER_ADDR_LEN) && (eh->ether_dhost[0] & 1) == 0)) {


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Problems with 4.0-20000408-STABLE and Asus K7M/AMD K7-750

[Ulf Zimmermann]

Finaly got my new desktop system for work in, but I am having problems
that the probe at install hangs. Booting verbose, the last message
I can get from scroll back in regards to ATA:

ata0-master: success setting up UMDA4 mode on VIA chip
ad0:  ATA-4 disk at ata0 as master
ad0: 19574MB (40088160 sectors), 39770 cyls, 16 heads, 63 S/T, 512 B/S
ad0: 16 secs/int, 32 depth queue, UDMA66
ad0: piomode=4 dmamode=2 udmamode=4 cblid=1
Creating DISK ad0
Creating DISK wd0
ata0-slave: success setting up UMDA4 mode on VIA chip
ad1:  ATA-4 disk at ata0 as slave
ad1: 19574MB (40088160 sectors), 39770 cyls, 16 heads, 63 S/T, 512 B/S
ad1: 16 secs/int, 32 depth queue, UDMA66
ad1: piomode=4 dmamode=2 udmamode=4 cblid=1
Creating DISK ad1
Creating DISK wd1
Mounting root from ufs:/dev/md0c

It then changes into sysinstall. The probing devices then just hangs. 
Output from the second screen:

[All kinds of messages about fd, worm, idad]
ad0: invalid primary partition table: no magic
ad1: invalid primary partition table: no magic
ad0: invalid primary partition table: no magic
DEBUG: Found a disk device named ad0
ad1: invalid primary partition table: no magic
DEBUG: Found a disk device named ad1

After this nothing, CTRL-ALT-DEL leads to the "Do you want to
reboot" message. Any ideas ?

-- 
Regards, Ulf.

-
Ulf Zimmermann, 1525 Pacific Ave., Alameda, CA-94501, #: 510-769-2936
Alameda Networks, Inc. | http://www.Alameda.net  | Fax#: 510-521-5073


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Problems with 4.0-20000408-STABLE and Asus K7M/AMD K7-750

[Ulf Zimmermann]

On Thu, Apr 13, 2000 at 05:11:44PM -0700, Ulf Zimmermann wrote:
> Finaly got my new desktop system for work in, but I am having problems
> that the probe at install hangs. Booting verbose, the last message
> I can get from scroll back in regards to ATA:
> 
> ata0-master: success setting up UMDA4 mode on VIA chip
> ad0:  ATA-4 disk at ata0 as master
> ad0: 19574MB (40088160 sectors), 39770 cyls, 16 heads, 63 S/T, 512 B/S
> ad0: 16 secs/int, 32 depth queue, UDMA66
> ad0: piomode=4 dmamode=2 udmamode=4 cblid=1
> Creating DISK ad0
> Creating DISK wd0
> ata0-slave: success setting up UMDA4 mode on VIA chip
> ad1:  ATA-4 disk at ata0 as slave
> ad1: 19574MB (40088160 sectors), 39770 cyls, 16 heads, 63 S/T, 512 B/S
> ad1: 16 secs/int, 32 depth queue, UDMA66
> ad1: piomode=4 dmamode=2 udmamode=4 cblid=1
> Creating DISK ad1
> Creating DISK wd1
> Mounting root from ufs:/dev/md0c
> 
> It then changes into sysinstall. The probing devices then just hangs. 
> Output from the second screen:
> 
> [All kinds of messages about fd, worm, idad]
> ad0: invalid primary partition table: no magic
> ad1: invalid primary partition table: no magic
> ad0: invalid primary partition table: no magic
> DEBUG: Found a disk device named ad0
> ad1: invalid primary partition table: no magic
> DEBUG: Found a disk device named ad1
> 
> After this nothing, CTRL-ALT-DEL leads to the "Do you want to
> reboot" message. Any ideas ?

Rebooted again (without debug) and this time sysinstall went
through probing with flying colors. Only difference, I disabled the
second IDE controller in the startup kernel config. Rebooted again
with both controllers in the kernel config and sysinstall probe
goes through fine again. Sigh, don't we hate non reproducable 
problems 

> 
> -- 
> Regards, Ulf.
> 
> -
> Ulf Zimmermann, 1525 Pacific Ave., Alameda, CA-94501, #: 510-769-2936
> Alameda Networks, Inc. | http://www.Alameda.net  | Fax#: 510-521-5073
> 
> 
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-hackers" in the body of the message

-- 
Regards, Ulf.

-
Ulf Zimmermann, 1525 Pacific Ave., Alameda, CA-94501, #: 510-769-2936
Alameda Networks, Inc. | http://www.Alameda.net  | Fax#: 510-521-5073


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Setting device options

[Mike Smith]

> Two options.
> 
> Once is that you can get hints, the other is that you can get
> environment variables.  The third is to have sysctls, but those can't
> be set until after the driver has finished loading.  Which one do you
> want me to talk about?

You forgot module arguments, which, along with kernel environment 
variables, can only be set by the loader.

(This is a bug; kldload should know how to set module arguments.)

-- 
\\ Give a man a fish, and you feed him for a day. \\  Mike Smith
\\ Tell him he should learn how to fish himself,  \\  [EMAIL PROTECTED]
\\ and he'll hate you for a lifetime. \\  [EMAIL PROTECTED]




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: image_params.fname

[Boris Popov]

On Thu, 13 Apr 2000, Murray Stokely wrote:

>   I'm having trouble displaying the value of image_params->fname in
> this small snippet of code from imgact_elf.c.  When the system execs
> an unbranded elf binary it doesn't tell you the name of the actual
> file that you tried to exec, which can be very annoying when you run
> an obfuscated shell-installer for a Linux application.  Anyway this
> code always ends up with nonsense in the path; what am I doing wrong?

fname field is never filled in the code. Field 'uap' can be more
useful.

--
Boris Popov
http://www.butya.kz/~bp/



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: RFC: if_wi.c bridging patch

[Jim Flowers]

We were unable to get a wi configured on 4.0 release yesterday but it may 
be that we didn't have the time to check out the configuration fully.  
Was never recognized on boot-up.  We've got a few more to get configured 
over the next week so we'll put your patch in and try again.

Jim Flowers <[EMAIL PROTECTED]>
#4 ISP on C|NET, #1 in Ohio

On Thu, 13 Apr 2000, Nick Sayer wrote:

> 
> I have had some wi cards for a while, and while I have managed to get
> an Airport to work (a friend helped me out), I believe that adding wi
> to the list of bridge compatible interfaces may be helpful.
> 
> According to the documentation, the IBSS mode of the driver doesn't
> work. That's too bad, as in combination with this patch, you could
> make your own "airport" this way. IBSS is desirable because it allows
> power management mode to work on the BSS client machines. C'est la
> guerre.
> 
> I don't have a wi in a position that is comfortable for me to test.
> But if someone can verify that this works, I will commit it.
> 
> This is relative to RELENG_4.
> 
> --- if_wi.c.orig  Thu Apr 13 16:36:37 2000
> +++ if_wi.c   Thu Apr 13 16:48:53 2000
> @@ -102,6 +102,10 @@
>  
>  #include 
>  
> +#ifdef BRIDGE
> +#include 
> +#endif
> +
>  #include 
>  #include 
>  
> @@ -425,8 +429,31 @@
>   ifp->if_ipackets++;
>  
>   /* Handle BPF listeners. */
> - if (ifp->if_bpf) {
> + if (ifp->if_bpf)
>   bpf_mtap(ifp, m);
> +
> +#ifdef BRIDGE
> + if (do_bridge) {
> + struct ifnet *bdg_ifp;
> + bdg_ifp = bridge_in(m);
> + if (bdg_ifp == BDG_DROP) {
> + if (m)
> + m_free(m);
> + return; /* and drop */
> + }
> + if (bdg_ifp != BDG_LOCAL)
> + bdg_forward(&m, bdg_ifp);
> + if (bdg_ifp != BDG_LOCAL && bdg_ifp != BDG_BCAST &&
> + bdg_ifp != BDG_MCAST) {
> + if (m)
> + m_free(m);
> + return; /* and drop */
> + }
> + /* all others accepted locally */
> + }
> + else
> +#endif
> + {
>   if (ifp->if_flags & IFF_PROMISC &&
>   (bcmp(eh->ether_dhost, sc->arpcom.ac_enaddr,
>   ETHER_ADDR_LEN) && (eh->ether_dhost[0] & 1) == 0)) {
> 
> 
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-hackers" in the body of the message
> 


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Setting device options

[Mike Smith]

> So, I want to know how I can "automagically" set the device options,
> every time a user kldload's the device driver.

If you want to support this mode of operation, you really don't have a 
lot of options right now.  This is, in one fashion at least, my fault.  
Sorry.  8(

I would be inclined, given the way things currently are, to create a 
sysctl in your driver, and then hang most of your attach routine off the 
sysctl write handler.  ie.  you actually perform the "real" attach when 
the sysctl is written (and then disable this so re-writing it doesn't do 
it again...)

> Is there some equivalent way of handling device driver option settings
> in FreeBSD?  I would prefer an "automatic" way of having the
> device options set, similar in function to the way you can set
> options for your ethernet card with the ifconfig command - so
> that once you define, for example, your ifconfig command and
> put it in your rc file, you just automatically bring things up
> the desired way.  Any suggestions?  (For FreeBSD 4.x)

Well, teaching kldload about module parameters would make it into 4.1, if 
that's good enough.

-- 
\\ Give a man a fish, and you feed him for a day. \\  Mike Smith
\\ Tell him he should learn how to fish himself,  \\  [EMAIL PROTECTED]
\\ and he'll hate you for a lifetime. \\  [EMAIL PROTECTED]




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

login.conf question

[James Halstead]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

hey out there!
This is my first time doing someting like an i am having problems
with one part. The session limit does not seem to be working. My
understanding was that this was a hard limit for the number of
simutanious logins a person may have. I created a test account and
was able to have 6 logins open even though the limit is set to 4.
Also I am curious if i set the idletime and warntime right, and if i
need to have the accounting enabled in order for things to work. 

thanks for any help.

James

-  begin login.conf 

# login.conf - login class capabilities database.
# After each edit don't forget to run:
# cap_mkdb /etc/login.conf

#defaults - defaults for all users except root
# NOTE: default gives no recource limits!!

default:\
 :cputime=unlimited:\
 :filesize=unlimited:\
 :datasize=unlimited:\
 :stacksize=unlimited:\
 :coredumpsize=unlimited:\
 :memoryuse=unlimited:\
 :memorylocked=unlimited:\
 :maxproc=unlimited:\
 :openfiles=unlimited:\
 :manpath=/usr/share/man /usr/local/man:\
 :nologin=/var/run/nologin:\
 :path=~/bin /usr/local/bin /usr/bin /bin:\
 :priority=0:\
 :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\
 :term=vt100:\
 :umask=022:\
 :welcome=/etc/motd:\
 :minpasswordlen=8:\
 :copyright=/etc/COPYRIGHT:\
 :idletime=unlimited:\
 :sessionlimit=unlimited:

#root - make absolutly sure root can do anything.
root:\
 :ignorenologin:\
 :umask=077:\
 :tc=default:
 
#cstudent - limit the recources for c class students.
cstudent:\
 :accounted:\
 :cputime=1h:\
 :filesize=5m:\
 :datasize=10m:\
 :stacksize=10k:\
 :coredumpsize=1m:\
 :memoryuse=10m:\
 :memorylocked=5m:\
 :maxproc=12:\
 :openfiles=20:\
 :requirehome:\
 :umask=077:\
 :sessionlimit=4:\
 :idletime=3h:\
 :warntime=2h45m:\
 :tc=default:

#cprof - give the prof a little more leeway to work with.
cprof:\
 :cputime=1h30m:\
 :datasize=15m:\
 :stacksize=1m:\
 :coredumpsize=2m:\
 :memoryuse=15m:\
 :memorylocked=10m:\
 :maxproc=20:\
 :openfiles=20:\
 :requirehome:\
 :umask=077:\
 :tc=default:

#superuser - more powerful accounts, but not root powerful.
superuser:\
 :ignorenologin:\
 :umask=077:\
 :tc=default:\

daemon:\
 :tc=default:

news:\
 :tc=default:

dialer:\
 :tc=default:

-  end login.conf 
- ---
For my public key please visit:
http://www.dreamscape.com/halstead/jh.asc
- ---

-BEGIN PGP SIGNATURE-
Version: PGPfreeware 6.5.1 for non-commercial use 

iQA/AwUBOPZ62SdhQGc59hmGEQIg6gCg2LHCsV7DxykNmA5wfu7cZ+BI0C0AoKeg
CxHDm0zb7FCrBzoTZRv/vIww
=DFqR
-END PGP SIGNATURE-




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Setting device options

[Gary T. Corcoran]

Mike Smith wrote:

> > So, I want to know how I can "automagically" set the device options,
> > every time a user kldload's the device driver.
> 
> If you want to support this mode of operation, you really don't have a
> lot of options right now.
> Well, teaching kldload about module parameters would make it into 4.1, if
> that's good enough.

Well, unless there are some of you out there that have Lucent WildWire cards
*and* compatible DSL service, and you just can't wait to get a driver, I can
wait a little while...  ;-)  That is, presuming you meant "_should_ make it
into 4.1" :), which isn't *that* far away...

When and where should I look for information on how "module parameters"
work?  (I don't have the time or resources to run both 4.x and -current)

BTW, there *are* hundreds of thousands of the boards out there in Compaq,
Dell, and HP computers, but most of them are being used only as V.90 
Winmodems for the time being -- the boards can do either V.90 or DSL with
the appropriate driver, though not simultaneously...

Thanks,
Gary
-- 
=
 Gary Corcoran - Distinguished Member of Technical Staff
Lucent Microelectronics - Client Access Broadband Systems
   Communications Protocol & Driver Development Group
   "We make the drivers that make communications work"
  Email: [EMAIL PROTECTED]
-
There are only two kinds of machines - those that fail
little by little, and those that fail all at once.
=


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: login.conf question

[Bhishan Hemrajani]

Alright, a couple things come to mind here.

1. Did you make the database? (# cap_mkdb /etc/login.conf)
2. Did you add the user to the class (# chfn user)
   (and then put the class name in the class field)
3. If you did do that, login as the user (not su), and
   type "limit" and give me an output.

--bhishan

[Internal error while calling pgp, raw data follows]
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> hey out there!
> This is my first time doing someting like an i am having problems
> with one part. The session limit does not seem to be working. My
> understanding was that this was a hard limit for the number of
> simutanious logins a person may have. I created a test account and
> was able to have 6 logins open even though the limit is set to 4.
> Also I am curious if i set the idletime and warntime right, and if i
> need to have the accounting enabled in order for things to work. 
> 
> thanks for any help.
> 
> James
> 
> -  begin login.conf 
> 
> # login.conf - login class capabilities database.
> # After each edit don't forget to run:
> # cap_mkdb /etc/login.conf
> 
> #defaults - defaults for all users except root
> # NOTE: default gives no recource limits!!
> 
> default:\
>  :cputime=unlimited:\
>  :filesize=unlimited:\
>  :datasize=unlimited:\
>  :stacksize=unlimited:\
>  :coredumpsize=unlimited:\
>  :memoryuse=unlimited:\
>  :memorylocked=unlimited:\
>  :maxproc=unlimited:\
>  :openfiles=unlimited:\
>  :manpath=/usr/share/man /usr/local/man:\
>  :nologin=/var/run/nologin:\
>  :path=~/bin /usr/local/bin /usr/bin /bin:\
>  :priority=0:\
>  :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\
>  :term=vt100:\
>  :umask=022:\
>  :welcome=/etc/motd:\
>  :minpasswordlen=8:\
>  :copyright=/etc/COPYRIGHT:\
>  :idletime=unlimited:\
>  :sessionlimit=unlimited:
> 
> #root - make absolutly sure root can do anything.
> root:\
>  :ignorenologin:\
>  :umask=077:\
>  :tc=default:
>  
> #cstudent - limit the recources for c class students.
> cstudent:\
>  :accounted:\
>  :cputime=1h:\
>  :filesize=5m:\
>  :datasize=10m:\
>  :stacksize=10k:\
>  :coredumpsize=1m:\
>  :memoryuse=10m:\
>  :memorylocked=5m:\
>  :maxproc=12:\
>  :openfiles=20:\
>  :requirehome:\
>  :umask=077:\
>  :sessionlimit=4:\
>  :idletime=3h:\
>  :warntime=2h45m:\
>  :tc=default:
> 
> #cprof - give the prof a little more leeway to work with.
> cprof:\
>  :cputime=1h30m:\
>  :datasize=15m:\
>  :stacksize=1m:\
>  :coredumpsize=2m:\
>  :memoryuse=15m:\
>  :memorylocked=10m:\
>  :maxproc=20:\
>  :openfiles=20:\
>  :requirehome:\
>  :umask=077:\
>  :tc=default:
> 
> #superuser - more powerful accounts, but not root powerful.
> superuser:\
>  :ignorenologin:\
>  :umask=077:\
>  :tc=default:\
> 
> daemon:\
>  :tc=default:
> 
> news:\
>  :tc=default:
> 
> dialer:\
>  :tc=default:
> 
> -  end login.conf 
> - ---
> For my public key please visit:
> http://www.dreamscape.com/halstead/jh.asc
> - ---
> 
> -BEGIN PGP SIGNATURE-
> Version: PGPfreeware 6.5.1 for non-commercial use 
> 
> iQA/AwUBOPZ62SdhQGc59hmGEQIg6gCg2LHCsV7DxykNmA5wfu7cZ+BI0C0AoKeg
> CxHDm0zb7FCrBzoTZRv/vIww
> =DFqR
> -END PGP SIGNATURE-
> 
> 
> 
> 
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-hackers" in the body of the message
> 
[End of raw data]



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message

Re: Hardware crypto support

[Peter Wemm]

"Daniel C. Sobral" wrote:
> Nik Clayton wrote:
> > 
> > Does FreeBSD support hardware crypto?
> 
> It does.
> 
> > There'll shortly be a story on /. about OpenBSD's hardware crypto support,
> > in the form of the HiFn 7751 chip.  OpenBSD recommend buying them from
> > www.powercrypt.com.

Also, don't forget that nCipher is still running Hotmail's SSL stuff under
FreeBSD.  It has been doing so since at least before August 1999.

Cheers,
-Peter



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message