| --- | Log | opened Mon Dec 08 00:00:10 2008 |
| 02:00 | -!- | camby [~root@60.205.80.132] has joined #uml |
| 03:46 | -!- | kos_tom [~thomas@humanoidz.org] has joined #uml |
| 04:24 | -!- | tchan [~tchan@c-24-12-190-140.hsd1.il.comcast.net] has quit [Ping timeout: 480 seconds] |
| 04:31 | -!- | kos_tom [~thomas@humanoidz.org] has quit [Ping timeout: 480 seconds] |
| 05:55 | -!- | tchan [~tchan@67.173.9.133] has joined #uml |
| 06:15 | -!- | kos_tom [~thomas@jau31-2-82-230-108-106.fbx.proxad.net] has joined #uml |
| 11:13 | -!- | jdike [~jdike@pool-96-237-60-64.bstnma.fios.verizon.net] has joined #uml |
| 11:13 | <jdike:#uml> | Hi guys |
| 11:38 | -!- | kos_tom [~thomas@jau31-2-82-230-108-106.fbx.proxad.net] has quit [Remote host closed the connection] |
| 12:11 | -!- | hfb [~hfb@pool-96-247-109-136.lsanca.dsl-w.verizon.net] has joined #uml |
| 12:21 | -!- | anderiv_ is now known as anderiv |
| 12:25 | -!- | balbir [~balbir@122.167.195.11] has quit [Ping timeout: 480 seconds] |
| 13:02 | -!- | hfb_ [~hfb@pool-96-229-38-185.lsanca.dsl-w.verizon.net] has joined #uml |
| 13:08 | -!- | hfb [~hfb@pool-96-247-109-136.lsanca.dsl-w.verizon.net] has quit [Ping timeout: 480 seconds] |
| 13:29 | -!- | ctrace [chris@pool-98-117-41-109.bltmmd.fios.verizon.net] has joined #uml |
| 13:32 | <ctrace:#uml> | was wondering if somebody might be able to help answer a question about vde_switch ... |
| 13:32 | <ctrace:#uml> | i have been using vde_switch for some time with a 2.6.23.9 uml guest kernel, and that has been working fairly well |
| 13:33 | <ctrace:#uml> | however now that i am finally compiling a newer kernel (2.6.27.8), i see that there is a CONFIG_UML_NET_VDE option |
| 13:35 | <ctrace:#uml> | i'm not sure whether i really even need that (i use vde_switch with arguments like -unix /tmp/xyz -hub -tap tap0), but i received the following error when compiling the kernel: |
| 13:35 | <ctrace:#uml> | arch/um/drivers/vde_user.c:81: error: implicit declaration of function 'kmalloc' |
| 13:35 | <ctrace:#uml> | ...so found the patch to change 'kmalloc' to 'uml_kmalloc' and now i get: |
| 13:35 | <ctrace:#uml> | ld -r -dp -o arch/um/drivers/vde.o arch/um/drivers/vde_kern.o arch/um/drivers/vde_user.o -m elf_i386 -r libvdeplug.a |
| 13:35 | <ctrace:#uml> | ld: libvdeplug.a: No such file: No such file or directory |
| 13:38 | <jdike:#uml> | you need to install vde stuff |
| 13:38 | <ctrace:#uml> | oh, whoops :-) i guess i forgot to install libvdeplug |
| 13:38 | <jdike:#uml> | right |
| 13:38 | <ctrace:#uml> | hi jeff :-) |
| 13:38 | <ctrace:#uml> | thx |
| 13:38 | <jdike:#uml> | np |
| 13:39 | <ctrace:#uml> | what is the advantage (if any?) of using CONFIG_UML_NET_VDE ? |
| 13:39 | <jdike:#uml> | it's a more featurefull replacement for uml_switch |
| 13:40 | <ctrace:#uml> | yes i have been using vde_switch as a replacement for uml_switch for some time |
| 13:40 | <ctrace:#uml> | (but with an older 2.6.23 kernel which did not have CONFIG_UML_NET_VDE) |
| 13:48 | <ctrace:#uml> | ah, so in the past i have been using the daemon backend (ethX=daemon,,unix,/tmp/xyz/ctl) in conjunction with vde_switch |
| 13:49 | <ctrace:#uml> | but with the new vde driver i could use ethX=vde,[...] |
| 13:50 | <ctrace:#uml> | looks like i will have to experiment a bit :-) |
| 14:09 | <ctrace:#uml> | i must be missing something ... |
| 14:11 | <ctrace:#uml> | i can see that i have libvdeplug.a in /usr/local/lib (i had to run ldconfig /usr/local/lib before these libs showed up in the output of ldconfig -p) |
| 14:11 | <ctrace:#uml> | but i still get this when compiling the kernel: |
| 14:11 | <ctrace:#uml> | ld: libvdeplug.a: No such file: No such file or directory |
| 14:17 | <ctrace:#uml> | weird, if I run this manually from the CLI, my build proceeds: |
| 14:17 | <ctrace:#uml> | # ld -r -dp -o arch/um/drivers/vde.o arch/um/drivers/vde_kern.o arch/um/drivers/vde_user.o -m elf_i386 -L/usr/local/lib -r /usr/local/lib/libvdeplug.a |
| 14:22 | -!- | phao_br [~phao@189.13.215.84] has joined #uml |
| 15:36 | -!- | phao_br [~phao@189.13.215.84] has quit [Quit: Leaving] |
| 15:51 | -!- | kos_tom [~thomas@humanoidz.org] has joined #uml |
| 16:02 | -!- | stmartin [~stmartin@oucs1099.otago.ac.nz] has joined #uml |
| 16:05 | <stmartin:#uml> | I'm currently in the process of upgrading my production UML server to a new x86_64 machine and would like the know the best triple of guest kernel version, host kernel version and skas version, and I'm finding it difficult to answer this myself from looking at the mailing list archive. Any advice would be appreciated. |
| 16:06 | <jdike:#uml> | generally, the latest UML is good |
| 16:06 | <stmartin:#uml> | Host is Ubuntu 8.04 LTS with (currently) vanilla Ubuntu 2.6.24-22-server kernel. |
| 16:06 | <stmartin:#uml> | thanks, for both host and guest? Is SKAS4 in mainline yet? |
| 16:07 | <jdike:#uml> | no |
| 16:08 | <stmartin:#uml> | Would you suggest SKAS4 or SKAS3? I would like to be able to easily source a suitable SKAS patch for the suitably latest host kernel to keep up with any security updates. |
| 16:08 | * | stmartin:#uml has to be able to hand this off to UML newbies as a project deliverable. |
| 16:08 | <jdike:#uml> | skas4 has been stable for me, and it's available for newer kernels than skas3 |
| 16:09 | <stmartin:#uml> | Great, is the current patch-set available in a repository or should I trawl through the UML devel mailing list archive? |
| 16:10 | <jdike:#uml> | http://user-mode-linux.sourceforge.net/downloads.html |
| 16:11 | <stmartin:#uml> | Ah, great. I was under the impression that site was rather out of date. |
| 16:12 | <stmartin:#uml> | That's very useful. Thanks. |
| 16:16 | <stmartin:#uml> | Do I need to do anything with my existing 32-bit guests to run on my 64-bit host? |
| 16:17 | <jdike:#uml> | nope |
| 16:17 | <jdike:#uml> | another advantage of skas4 |
| 16:18 | <stmartin:#uml> | Oh thank goodness. That I was really concerned about because I need to have this delivered by the end of the week ;^) |
| 16:20 | <stmartin:#uml> | I've been reading something about the /dev/random issues; am I correct in thinking that I should prevent OpenSSL-based applications from crashing by enabling support for Hardware RNG on my host or by changing UML to use the hosts /dev/urandom? |
| 16:20 | <stmartin:#uml> | Or has this been fixed in the latest kernel? |
| 16:21 | <jdike:#uml> | I've even had problems with sufficient randomness on my laptop, which has a keyboard, mouse, and everything |
| 16:21 | <jdike:#uml> | and if the host doesn't have entropy, the guests can just forget it |
| 16:22 | <jdike:#uml> | however, current best practice is enable the UML hardware random driver, which hooks itself up to the host's /dev/random |
| 16:22 | <stmartin:#uml> | Typically this should just make those processes block, right? |
| 16:22 | <jdike:#uml> | and make sure hwrng-tools are installed in the guest |
| 16:22 | <jdike:#uml> | processes should block |
| 16:23 | <jdike:#uml> | but they can choose to do non-blocking reads, and do something strange if they get EAGAIN |
| 16:23 | <stmartin:#uml> | Oh, in the guest... I would have thought the host. Does this mean that when accessing the guest's /dev/random the request is _not_ passed through to the host's /dev/random? |
| 16:24 | <jdike:#uml> | it is |
| 16:24 | <jdike:#uml> | that's the point of the UML random driver |
| 16:24 | <jdike:#uml> | it makes the host's entropy available as well as however much entropy the UML is able to gather itself |
| 16:25 | <jdike:#uml> | actually, that's not quite true |
| 16:25 | <jdike:#uml> | accesses to the UML /dev/random don't go to the host's /dev/random |
| 16:26 | <jdike:#uml> | hwrng-tools take entropy from /dev/hwrng (which is hooked up to the host's /dev/random) and mix that into the UML's random pool |
| 16:27 | <stmartin:#uml> | Oh, I see... my VMs aren't security sensitive at all (I'm working on an educational environment) so I think it would be simpler and less failure prone to hove the guests /dev/random use the hosts /dev/urandom after its exhausted its own entropy pool. Does this seem reasonable? Is this an easy change to make? |
| 16:28 | <jdike:#uml> | it's a one-character change in arch/um/drivers/random.c |
| 16:28 | <stmartin:#uml> | That's what I was hoping for. Many thanks... you've been very helpful. |
| 16:33 | <stmartin:#uml> | Are there any known issues with transferring sparse files over NFS? |
| 16:33 | <jdike:#uml> | not that I know of |
| 16:33 | <stmartin:#uml> | Cool, just thinking ahead. |
| 16:34 | <jdike:#uml> | the utilities generally need to be told to preserve sparsness |
| 16:48 | <stmartin:#uml> | Hmmm, should the link to the SKAS4 patch on the link you gave above be updated to point to this one ("Rebased on 2.6.25"): http://marc.info/?l=user-mode-linux-devel&m=121088437926424&q=raw ? |
| 16:52 | <jdike:#uml> | yeah it probably should |
| 16:54 | <stmartin:#uml> | The SKAS4 patch against 2.6.25 should work fine with the latest kernel 2.6.27.8 ? |
| 16:54 | <jdike:#uml> | I wouldn't count on it |
| 16:54 | <jdike:#uml> | but if it patches OK, it should work |
| 16:55 | <stmartin:#uml> | Should I use 2.6.25 instead then? Or the latest 2.6.25.X ? |
| 16:55 | <jdike:#uml> | .X would be better |
| 16:55 | <stmartin:#uml> | Thanks, I'll put this in my documentation. |
| 17:27 | <fo0bar:#uml> | oi... I just tried a test patch of the skas4 patch against 2.6.27.8 |
| 17:27 | <fo0bar:#uml> | more chunks failed than succeeded |
| 17:29 | <caker:#uml> | you need some fuzz |
| 17:30 | <fo0bar:#uml> | increasing from 2 to 3 helps some, but it would still be a long road |
| 17:37 | -!- | jdike [~jdike@pool-96-237-60-64.bstnma.fios.verizon.net] has quit [Quit: Leaving] |
| 19:11 | <fo0bar:#uml> | OTOH, I may have a working 2.6.25 SKAS3 patch at the moment :) |
| 19:11 | <fo0bar:#uml> | (baby steps...) |
| 19:11 | -!- | Basic [~Basic@warden.real-time.com] has joined #uml |
| 19:53 | -!- | aindilis [~aindilis@75.146.96.198] has joined #uml |
| 20:58 | -!- | hfb_ [~hfb@pool-96-229-38-185.lsanca.dsl-w.verizon.net] has quit [Quit: Leaving] |
| 21:03 | <stmartin:#uml> | hmmm, I don't see /proc/mm in my SKAS4-patched host kernel, what gives? I don't see any UML related options in menuconfig... |
| 21:04 | <stmartin:#uml> | host arch is x86_64 |
| 21:09 | * | stmartin:#uml recalls that an open of /proc/mm is no-longer needed, so it probably no-longer exists. |
| 21:54 | -!- | balbir_ [~balbir@122.167.195.11] has joined #uml |
| 22:27 | <stmartin:#uml> | jdike: the FedoraCore 64-bit root_fs linked from http://user-mode-linux.sourceforge.net/index.html is missing. |
| 22:57 | <stmartin:#uml> | Okay, so I've got SKAS4 mode running, but my 32-bit guest (which has previously been running on a 32-bit host) is now failing to start... |
| 22:57 | <stmartin:#uml> | request_module: runaway loop modprobe binfmt-464c |
| 22:58 | <stmartin:#uml> | I was under the impression from Jeff that this would work. Am I doing something wrong? |
| 22:59 | <stmartin:#uml> | CONFIG_BINFMT_ELF and CONFIG_ELF_CORE are both y in guests .config |
| 23:03 | -!- | balbir_ [~balbir@122.167.195.11] has quit [Ping timeout: 480 seconds] |
| 23:03 | <stmartin:#uml> | perhaps I should bite the bullet and use the opportunity to upgrade my guest to 8.04 LTS with a new 64-bit image. |
| 23:21 | -!- | stmartin is now known as stmartin_away |
| 23:24 | -!- | ferret_0667 [~ferret_05@cpe-70-120-93-94.satx.res.rr.com] has quit [Ping timeout: 480 seconds] |
| 23:38 | <fo0bar:#uml> | stmartin_away: IIRC, a SKAS4 host is pretty much transparent on the host; /proc/mm was replaced with syscalls |
| 23:57 | -!- | ferret_0567 [~ferret_05@cpe-70-120-93-94.satx.res.rr.com] has joined #uml |
| 23:59 | -!- | VS_ChanLog [~stats@ns.theshore.net] has left #uml [Rotating Logs] |
| 23:59 | -!- | VS_ChanLog [~stats@ns.theshore.net] has joined #uml |
| --- | Log | closed Tue Dec 09 00:00:12 2008 |
![[FSF Associate Member]](/assets/fsf.png){kind=small}
