headers
Alexander Leidinger | 1 Dec 2009 09:32
Favicon

Re: UNIX domain sockets on nullfs still broken?

Quoting Ivan Voras <ivoras <at> freebsd.org> (from Mon, 30 Nov 2009  
16:14:40 +0100):

> xorquewasp <at> googlemail.com wrote:
>> On 2009-11-30 15:43:01, Ivan Voras wrote:
>>> xorquewasp <at> googlemail.com wrote:
>>>> 76030 initial thread STRU  struct sockaddr { AF_LOCAL,  
>>>> /tmp/jack-11001/default/jack_0 }
>>>> 76030 initial thread NAMI  "/tmp/jack-11001/default/jack_0"
>>>> 76030 initial thread RET   connect -1 errno 61 Connection refused
>>> I would expect to see this result from the jail since it's  
>>> obviously a Bad Idea, but does it work from the same (host) machine

It is not a bad idea, at least not if we talk about mounting something  
from JailA to JailB. Think about the MySQL socket. I have a jail with  
MySQL, and I have a jail which wants to connect to it. I do not want  
to allow network connections between those jails (be it for  
performance reasons, or that I do not want to involve a network  
connection, or that I do not want to give the MySQL jail an IP at all  
or whatever).

Solution: give access to the socket via the FS. Ideally by putting the  
socket in its own directory and mounting this directory over to the  
jail. A workaround for this scenario is below.

>>> without the jail in between (i.e. just the nullfs, no jails)?
>>
>> Hm, yes, you're right. It does work without a jail involved.
>>
>> What's the sane solution, then, when the only method of communication
(Continue reading)

Permalink | Reply | 1 comment |
headers
Alexander Best | 1 Dec 2009 14:22
Picon
Favicon

i386_set_ioperm(2)/i386_get_ioperm(2) replacement after switch from x86 to amd64

hi there,

i recently switch from x86 to amd64. right now i'm looking for a way to
replace i386_set_ioperm(2) and i386_get_ioperm(2) (which are x86 specific).
any suggestions?

* full /dev/io access is rather nasty
* the app i'm developing is using inb/outb opcodes through inline assembly in
order to access the parallel port. i tried using ppi(4), but that slows down
things dramatically (see:
http://lists.freebsd.org/pipermail/freebsd-hackers/2009-July/029188.html)

cheers.
alex
_______________________________________________
freebsd-hackers <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe <at> freebsd.org"
Permalink | Reply | 4 comments |
headers
Kostik Belousov | 1 Dec 2009 15:13
Picon

Re: i386_set_ioperm(2)/i386_get_ioperm(2) replacement after switch from x86 to amd64

On Tue, Dec 01, 2009 at 02:22:23PM +0100, Alexander Best wrote:
> hi there,
> 
> i recently switch from x86 to amd64. right now i'm looking for a way to
> replace i386_set_ioperm(2) and i386_get_ioperm(2) (which are x86 specific).
> any suggestions?
> 
> * full /dev/io access is rather nasty
> * the app i'm developing is using inb/outb opcodes through inline assembly in
> order to access the parallel port. i tried using ppi(4), but that slows down
> things dramatically (see:
> http://lists.freebsd.org/pipermail/freebsd-hackers/2009-July/029188.html)

FreeBSD 8.0 supports these syscalls on amd64.
Permalink | Reply | 3 comments |
headers
xorquewasp | 1 Dec 2009 15:17

Re: UNIX domain sockets on nullfs still broken?

On 2009-12-01 09:32:56, Alexander Leidinger wrote:
> 
> My workaround with MySQL is to have the jail and the socket in the  
> same FS (I would prefer to have them on separate FS). Then you can do  
> a hardlink of the socket into the jail (obviously after each restart  
> of the software, but this can be scripted). This works for me.
> 

Interesting. I'll try it. Thanks.

Regards,
xw
_______________________________________________
freebsd-hackers <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe <at> freebsd.org"
Permalink | Reply | 0 comments |
headers
Alexander Best | 1 Dec 2009 16:21
Picon
Favicon

Re: i386_set_ioperm(2)/i386_get_ioperm(2) replacement after switch from x86 to amd64

i'm getting this during compilation/linking:

undefined reference to `i386_set_ioperm'

do i need to link against some x86 compat lib?

alex

ps: also the ioperm manuals are not getting installed on amd64 it seems.

Kostik Belousov schrieb am 2009-12-01:
> On Tue, Dec 01, 2009 at 02:22:23PM +0100, Alexander Best wrote:
> > hi there,

> > i recently switch from x86 to amd64. right now i'm looking for a
> > way to
> > replace i386_set_ioperm(2) and i386_get_ioperm(2) (which are x86
> > specific).
> > any suggestions?

> > * full /dev/io access is rather nasty
> > * the app i'm developing is using inb/outb opcodes through inline
> >   assembly in
> > order to access the parallel port. i tried using ppi(4), but that
> > slows down
> > things dramatically (see:
> > http://lists.freebsd.org/pipermail/freebsd-hackers/2009-July/029188.html)

> FreeBSD 8.0 supports these syscalls on amd64.
_______________________________________________
(Continue reading)

Permalink | Reply | 2 comments |
headers
Linda Messerschmidt | 1 Dec 2009 16:22
Picon

Re: UNIX domain sockets on nullfs still broken?

On Mon, Nov 30, 2009 at 10:14 AM, Ivan Voras <ivoras <at> freebsd.org> wrote:
>> What's the sane solution, then, when the only method of communication
>> is unix domain sockets?
>
> It is a security problem. I think the long-term solution would be to add a
> sysctl analogous to security.jail.param.securelevel to handle this.

Out of curiosity, why is allowing accessing to a Unix domain socket in
a filesystem to which a jail has explicitly been allowed access more
or less secure than allowing access to a file or a devfs node in a
filesystem to which a jail has explicitly been allowed access?
_______________________________________________
freebsd-hackers <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe <at> freebsd.org"
Permalink | Reply | 6 comments |
headers
Kostik Belousov | 1 Dec 2009 16:50
Picon

Re: i386_set_ioperm(2)/i386_get_ioperm(2) replacement after switch from x86 to amd64

On Tue, Dec 01, 2009 at 04:21:39PM +0100, Alexander Best wrote:
> i'm getting this during compilation/linking:
> 
> undefined reference to `i386_set_ioperm'
Libc wrappers for these syscalls are not provided by amd64 libc.
Use sysarch(2) to execute them.

> 
> do i need to link against some x86 compat lib?
You cannot link 32bit library to amd64 binary.

> 
> alex
> 
> ps: also the ioperm manuals are not getting installed on amd64 it seems.
> 
> Kostik Belousov schrieb am 2009-12-01:
> > On Tue, Dec 01, 2009 at 02:22:23PM +0100, Alexander Best wrote:
> > > hi there,
> 
> > > i recently switch from x86 to amd64. right now i'm looking for a
> > > way to
> > > replace i386_set_ioperm(2) and i386_get_ioperm(2) (which are x86
> > > specific).
> > > any suggestions?
> 
> > > * full /dev/io access is rather nasty
> > > * the app i'm developing is using inb/outb opcodes through inline
> > >   assembly in
> > > order to access the parallel port. i tried using ppi(4), but that
(Continue reading)

Permalink | Reply | 1 comment |
headers
Ravi Shankar | 1 Dec 2009 23:00
Picon

Regarding enabling IOAPIC on Intel Dual core processor based boards having Broadcom controller

Hi,

 We are using Freebsd6.2 bases OS on our LV 5200 Series Intel Dual Core Xeon
bases processor(Wolfdale-DP-ULV). In the carrier board hosting the processor
we have BCM5703 controller.
Currently we are using only one core in 32 bit mode and planning to use dual
core where we need to enable IOAPIC. When IOAPIC is not enabled I see the
bcm/bge driver is attached to IRQ10 and everything works fine, but when I
enable IOAPIC I still see the boot msgs show that bge is attached to irq10
but the Broadcom controller does not come up. I found interrupt storm on
irq17 ( remember without IOAPIC enable there are not IRQ assignments beyond
IRQ16),looks like the controller is interrupting on 17 while driver waits on
10.

  When I stop and loader and assign it manually using config command "set
hw.pci8.9.INTA.irq=”17”" , everything works fine. Would be great if some one
can throw some light on this IRQ mapping when IOAPIC is enabled and possible
fix ( Software or BIOS?)

Thanks,
Ravi

--

-- 
Thanks,
Ravi
"The most influential person who will talk to you all day is you, so
you should be very careful about what you say to you!"
_______________________________________________
freebsd-hackers <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
(Continue reading)

Permalink | Reply | 1 comment |
headers
Ravi Shankar | 2 Dec 2009 00:11
Picon
Favicon

Regarding enabling IOAPIC on Intel Dual core processor based boards having Broadcom controller

Hi,

 We are using Freebsd6.2 bases OS on our LV 5200 Series Intel Dual Core Xeon bases
processor(Wolfdale-DP-ULV). In the carrier board hosting the processor we have BCM5703 controller.
Currently we are using only one core in 32 bit mode and planning to use dual core where we need to enable
IOAPIC. When IOAPIC is not enabled I see the bcm/bge driver is attached to IRQ10 and everything works fine,
but when I enable IOAPIC I still see the boot msgs show that bge is attached to irq10 but the Broadcom
controller does not come up. I found interrupt storm on irq17 ( remember without IOAPIC enable there are
not IRQ assignments beyond IRQ16),looks like the controller is interrupting on 17 while driver waits on 10.

  When I stop and loader and assign it manually using config command "set hw.pci8.9.INTA.irq=”17”" ,
everything works fine. Would be great if some one can throw some light on this IRQ mapping when IOAPIC is
enabled and possible fix ( Software or BIOS?)

NOTE: Other devices ( Intel controller (em driver)) are working fine only this BCM5703 is having issues
with IOAPIC

Thanks,
Ravi

      
_______________________________________________
freebsd-hackers <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe <at> freebsd.org"
Permalink | Reply | 1 comment |
headers
Jiandong Lu | 2 Dec 2009 07:42
Picon
Favicon

about zlib on FreeBSD

zlib package of ms windows could handle .zip archives,it compiles minizip into the zip library.
the library libz on FreeBSD does not compiles minizip. Should we merge minizip into libz ? 
Minizip's licence is the same to zlib,so there is no licence barrie.
minizip has only three samll  *.c files.If we merge minizip into libz, libz's size  would not be larger too much.

btw,I maintain some servers both on windpws and FreeBSD now.They use zlib on windows,and I have compiled
minizip on FreeBSD for my projects.I hope that minizip 
will be merged into libz on FreeBSD.
Thanks

      ___________________________________________________________ 
  好玩贺卡等你发,邮箱贺卡全新上线! 
http://card.mail.cn.yahoo.com/
_______________________________________________
freebsd-hackers <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe <at> freebsd.org"
Permalink | Reply | 6 comments |

Gmane