Discussion about the port of NetBSD to the virtual machine monitor Xen ()

Greg Troxel | 1 Dec 2005 17:30

Picon

ok to remove DDB_ONPANIC=1 from XEN{0,U}?

After splitting GENERIC.local/INSTALL.local, I'm going over my configs
and putting what I want (IPSEC, stf(4)) in GENERIC.local.   I found
that I also had disabled DDB_ONPANIC, and think this doesn't belong in
XEN's GENERIC equivalent since it is unsuitable for production.  Any
objections to committing the following?

Index: XEN0
===================================================================
RCS file: /cvsroot/src/sys/arch/i386/conf/XEN0,v
retrieving revision 1.22
diff -u -r1.22 XEN0
--- XEN0	25 Nov 2005 16:41:31 -0000	1.22
+++ XEN0	1 Dec 2005 16:28:06 -0000
 <at>  <at>  -56,7 +56,7  <at>  <at> 
 options 	DEBUG		# expensive debugging checks/support 
 options 	KMEMSTATS	# kernel memory statistics (vmstat -m)
 options 	DDB		# in-kernel debugger
-options 	DDB_ONPANIC=1	# see also sysctl(8): `ddb.onpanic'
+#options 	DDB_ONPANIC=1	# see also sysctl(8): `ddb.onpanic'
 options 	DDB_HISTORY_SIZE=512	# enable history editing in DDB
 #options 	KGDB		# remote debugger
 #options 	KGDB_DEVNAME="\"com\"",KGDB_DEVADDR=0x2f8,KGDB_DEVRATE=57600
Index: XENU
===================================================================
RCS file: /cvsroot/src/sys/arch/i386/conf/XENU,v
retrieving revision 1.13
diff -u -r1.13 XENU
--- XENU	25 Nov 2005 16:41:31 -0000	1.13
+++ XENU	1 Dec 2005 16:28:06 -0000
 <at>  <at>  -53,7 +53,7  <at>  <at>

(Continue reading)

Jonathan A. Kollasch | 1 Dec 2005 18:41

Re: ok to remove DDB_ONPANIC=1 from XEN{0,U}?

On Thu, Dec 01, 2005 at 11:30:28AM -0500, Greg Troxel wrote:
> After splitting GENERIC.local/INSTALL.local, I'm going over my configs
> and putting what I want (IPSEC, stf(4)) in GENERIC.local.   I found
> that I also had disabled DDB_ONPANIC, and think this doesn't belong in
> XEN's GENERIC equivalent since it is unsuitable for production.  Any
> objections to committing the following?

While it may be unsuitable for production, there is precedence for
having DDB_ONPANIC set in GENERIC. All archs I know about (alpha, i386,
macppc) have it set by default. Not having it set makes postmortem
debugging nearly impossible. IMHO this should be unset by sysctl after
boot if desired.

	Jonathan Kollasch

Greg Troxel | 1 Dec 2005 19:15

Picon

Re: ok to remove DDB_ONPANIC=1 from XEN{0,U}?

"Jonathan A. Kollasch" <jakllsch <at> kollasch.net> writes:

> On Thu, Dec 01, 2005 at 11:30:28AM -0500, Greg Troxel wrote to port-xen:
> > After splitting GENERIC.local/INSTALL.local, I'm going over my configs
> > and putting what I want (IPSEC, stf(4)) in GENERIC.local.   I found
> > that I also had disabled DDB_ONPANIC, and think this doesn't belong in
> > XEN's GENERIC equivalent since it is unsuitable for production.  Any
> > objections to committing the following?
> 
> While it may be unsuitable for production, there is precedence for
> having DDB_ONPANIC set in GENERIC. All archs I know about (alpha, i386,
> macppc) have it set by default. Not having it set makes postmortem
> debugging nearly impossible. IMHO this should be unset by sysctl after
> boot if desired.

Thanks for pointing that out - I was confused.  Having "options DDB"
leads to ddb-on-panic unless one has

  options	DDB_ONPANIC=0

because src/sys/ddb/ddb_variables.c has

/*
 * If this is non-zero, the DDB will be entered when the system
 * panics.  Initialize it so that it's patchable.
 */
#ifndef DDB_ONPANIC
#define DDB_ONPANIC	1
#endif
int		db_onpanic = DDB_ONPANIC;

(Continue reading)

John R. Shannon | 1 Dec 2005 20:45

Shared Crypto Device

Is it possible to share a crypto accelerator such as ubsec amoung domainU's? 
If so, how is this specified?

--

-- 
John R. Shannon, CISSP
Sr. Software Scientist
Science Applications International Corporation
john.r.shannon <at> saic.com
john.r.shannon <at> us.army.mil
john <at> johnrshannon.com

Jason Thorpe | 1 Dec 2005 21:50

Re: Shared Crypto Device

On Dec 1, 2005, at 11:45 AM, John R. Shannon wrote:

> Is it possible to share a crypto accelerator such as ubsec amoung  
> domainU's?
> If so, how is this specified?

I don't think there's a way to do that.  Perhaps its time to extend  
Xen to give it an OpenCrypto virtual device and a xencrypt driver for  
client OSs.

-- thorpej

Manuel Bouyer | 1 Dec 2005 21:33

Re: Shared Crypto Device

On Thu, Dec 01, 2005 at 12:45:49PM -0700, John R. Shannon wrote:
> Is it possible to share a crypto accelerator such as ubsec amoung domainU's? 
> If so, how is this specified?

No, I don't think it is possible. The dom0 should have the device and
provide a service to domU though the hypervisor, but as far as I know
there's no interface defined for this.

--

-- 
Manuel Bouyer <bouyer <at> antioche.eu.org>
     NetBSD: 26 ans d'experience feront toujours la difference
--

Hernani Marques Madeira | 1 Dec 2005 23:26

Using XEN0-kernel with acpi/cardbus support

Hello.

There was already a similar post:
http://mail-index.netbsd.org/port-xen/2005/05/09/0000.html

However, I don't want to export acpi/cardbus devices to any guest
system, I only want to use them for domain0; isn't that possible?

--

-- 
hernani

John R. Shannon | 2 Dec 2005 20:21

Entropy Source

What device should I use for an entropy source?

postfix/smtp[2523]: warning: no entropy for TLS key generation: 
disabling TLS support

--

-- 
John R. Shannon, CISSP
Sr. Software Scientist
Science Applications International Corporation
john <at> johnrshannon.com
john.r.shannon <at> us.army.mil
john.r.shannon <at> saic.com
shannonjr <at> NetBSD.org

Juan RP | 2 Dec 2005 20:34

Re: Entropy Source

On Fri, 02 Dec 2005 12:21:15 -0700
"John R. Shannon" <john <at> johnrshannon.com> wrote:

> What device should I use for an entropy source?
> 
> postfix/smtp[2523]: warning: no entropy for TLS key generation: 
> disabling TLS support

I think it's /dev/urandom.

Thor Lancelot Simon | 2 Dec 2005 20:46

Re: Entropy Source

On Fri, Dec 02, 2005 at 12:21:15PM -0700, John R. Shannon wrote:
> What device should I use for an entropy source?

Did you build a kernel without pseudo-device random?  Don't do that.  We
should probably make it impossible to do that.  It breaks many much less
obvious things.

We should find a way to have domain 0 hand the client domains a chunk of
entropy at startup time.

Thor

Group

gmane.os.netbsd.ports.xen.

Advertisement

Project Web Page

Discussion about the port of NetBSD to the virtual machine monitor Xen ()

Search Archive

Page

1 | 2 | 3 | 4 | 5

Articles in period: 47

December 2005

Language

Change language

Options

Current view: Threads only / Showing only 20 lines / Not hiding cited text.
Change to All messages, whole messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane

Recent entries

Slow performance on DomU (24 May 2013)
Slow performance on DomU (23 May 2013)
Xen 4.2 added to pkgsrc (15 May 2013)
iPod in windows domU (9 May 2013)
Fwd: Xen 4.2 xl - failed to create bootloader dir /var/run/xen/bootloa (9 May 2013)
NetBSD xencommons not starting on boot (9 May 2013)
iommu hardware and vga pass through with nbsd 6 dom0 (29 Apr 2013)
iommu hardware and vga pass through with nbsd 6 dom0 (29 Apr 2013)
serial console (7 Apr 2013)
Xen GSoC 2013: Testing NetBSD (25 Mar 2013)
HEAD/6.1_RC2 DOM0 problems? (23 Mar 2013)
State of Stub- and Driver-Domains on NetBSD/Xen (30 Jan 2013)
mbuf leak on 6.0.1? (25 Jan 2013)
Earn 100 dollars for every survey you take within your zip code in the (24 Jan 2013)
PCI pass through Xen 4.1.x and NetBSD 6 (22 Jan 2013)
new system configuration advice (21 Jan 2013)
modload: Function not implemented (19 Jan 2013)
Xen GPLPV driver [ Re: new system configuration advice wanted ] (19 Jan 2013)
iommu hardware and vga pass through with nbsd 6 dom0 (15 Jan 2013)
xenstore entry for "can migrate"? (11 Jan 2013)
new system configuration advice wanted (10 Jan 2013)

Archives

6	June 2013
30	May 2013
5	April 2013
26	March 2013
2	February 2013
66	January 2013
65	December 2012
74	November 2012
1	October 2012
95	September 2012
25	August 2012
57	July 2012
154	June 2012
26	May 2012
4	April 2012
11	March 2012
76	February 2012
43	January 2012
17	December 2011
7	November 2011
29	October 2011
83	September 2011
66	August 2011
23	July 2011
71	June 2011
77	May 2011
114	April 2011
90	March 2011
26	February 2011
38	January 2011
27	December 2010
44	November 2010
35	October 2010
64	September 2010
18	August 2010
48	July 2010
86	June 2010
53	May 2010
34	April 2010
132	March 2010
56	February 2010
65	January 2010
44	December 2009
43	November 2009
108	October 2009
67	September 2009
124	August 2009
73	July 2009
115	June 2009
100	May 2009
52	April 2009
72	March 2009
70	February 2009
110	January 2009
26	December 2008
86	November 2008
119	October 2008
120	September 2008
222	August 2008
71	July 2008
131	June 2008
200	May 2008
114	April 2008
120	March 2008
174	February 2008
191	January 2008
38	December 2007
84	November 2007
48	October 2007
98	September 2007
65	August 2007
47	July 2007
145	June 2007
55	May 2007
100	April 2007
78	March 2007
62	February 2007
100	January 2007
72	December 2006
139	November 2006
114	October 2006
96	September 2006
34	August 2006
127	July 2006
41	June 2006
88	May 2006
96	April 2006
205	March 2006
17	February 2006
107	January 2006
47	December 2005
65	November 2005
47	October 2005
36	September 2005
46	August 2005
23	July 2005
75	June 2005
88	May 2005
169	April 2005
164	March 2005
25	February 2005
6	January 2005
104	December 2004
1	November 2004
5	September 2004
1	August 2004
1	July 2004
1	June 2004
38	May 2004
34	April 2004

Design

Zawodny | Right Menu | Left Menu

Your Own Design

Paste the URL of your CSS below. Download CSS template