home tags events about login

honks by ontology: openbsd

kuijsten honked back 27 May 2025 11:22 +0200
in reply to: https://bsd.network/users/AFresh1/statuses/114508554539806282

Thanks all for the feedback.

===
UPDATE: Protectli suspects that it's a race condition in igc(4). According to them OpenBSD's igc might not be as stable as the driver for Linux.
===

I received a brand new Protectli VP2430 yesterday and it felt very solid. I've installed OpenBSD 7.7 stable and have been testing it by running ssh vp2430 'cat /dev/random' >/dev/null the whole night and most of today. First from one host it reached 72 MByte/sec with a load of 1.6. Then added another ssh session and it topped at 118 MByte/sec with a load of 3.8. It got quite hot but I could still hold my hand on it without burning.

This was all over igc0, then I started testing on igc1 with a MTU of 1420 (but the VPN server was another host) and after about 4 hours I got a kernel panic. I'm not sure if it has anything to do with igc(4):

*cpu2: vmmaplk rwlock 0xfffffd8401c63698: enter read deadlock
ddb{2}> trace
db_enter() at db_enter+0x14
panic(ffffffff82553cb9) at panic+0xdd
rw_do_enter_read(fffffd8401c63698,0) at rw_do_enter_read+0x175
uvmfault_lookup(ffff800048a9f3b0,0) at uvmfault_lookup+0x8a
uvm_fault_check(ffff800048a9f3b0,ffff800048a9f3e8,ffff800048a9f418,0) at uvm_fault_check+0x38
uvm_fault(fffffd8401c635b0,6cc016ed000,0,1) at uvm_fault+0xed
kpageflttrap(ffff800048a9f530,6cc016ed024) at kpageflttrap+0x158
kerntrap(ffff800048a9f530) at kerntrap+0xaf
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
uvm_map_uaddr(6cc016ed000,6cc016ed000) at uvm_map_uaddr+0x1e
uvm_map_splitentry(fffffd8401c635b0,6cc016ed000,6cc016ee000,0) at uvm_map_splitentry+0x20b
sys_mprotect(ffff800048a847f0,ffff800048a9f7d0,ffff800048a9f740) at sys_mprotect+0x17c
syscall(ffff800048a9f7d0) at syscall+0x5ec
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x701102e59f30, count: -14

$ pkg_info
intel-firmware-20250512v0 microcode update binaries for Intel CPUs
inteldrm-firmware-20250509 firmware binary images for inteldrm(4) driver
quirks-7.103        exceptions to pkg_add rules
symon-2.89p0        active host monitoring tool
updatedb-0p0        pkg_add speed up cache
vmm-firmware-1.16.3p0 firmware binary images for vmm(4) driver

https://dmesgd.nycbug.org/index.cgi?do=view&id=8380

#Protectli #OpenBSD

/cc @mischa @dartov @tomka @wickedshell @treefifty @AFresh1

kuijsten honked 13 May 2025 19:47 +0200

I'm looking for a more powerful successor of the APU2. Does anyone have a recommendation? Anyone maybe experience with the devices from Protectli, the Vault Pro VP2430 with Intel I226-V igc(4) perhaps?

It has to run #OpenBSD and a dozen of 100mbit #WireGuard tunnels.

/cc @mischa

kuijsten bonked 26 Oct 2024 16:08 +0200
original: [email protected]

Thanks to jsing@, #OpenBSD's Go port (lang/go) now supports branch tracking control flow integrity (BTCFI) and enabled it by default on arm64/amd64, for Intel 11th Gen+ and Apple M2.

jsing@ modified ports/lang/go/*: Add branch tracking control flow integrity (BTCFI) support to lang/go.

This adds BTCFI support to lang/go on arm64 (in the form of BTI) and amd64 (in the form of IBT). Resulting Go binaries are no longer marked with OPENBSD_NOBTCFI.

Thanks to sthen@ and tb@ for testing.

ok tb@

And _MODGO_SYSTEM_VERSION has been bumped to force recompiling of Go packages.

Bump _MODGO_SYSTEM_VERSION due to lang/go BTCFI support.

Also remove USE_NOBTCFI, since this is no longer the case on amd64 and arm64 (the flag is still set on other architectures for the time being, but this is ineffective).

ok sthen@

#go #golang #CFI #ROP

kuijsten honked 08 Oct 2024 01:45 +0200

#OpenBSD 7.6, my personal favorite: "dhcp6leased(8), a daemon to acquire IPv6 prefix delegations from DHCPv6 servers".

I have been running it for 124 days now with zero problems. Tnx @florian !

kuijsten bonked 12 Jun 2024 19:19 +0200
original: [email protected]

Would a batch of 10,000 AI generated patches against the #openbsd network stack be useful?

A recent discussion on openbsd-tech concludes with https://marc.info/?l=openbsd-tech&m=171817275920057&w=2 from Theo de Raadt, preceded by Otto Moerbeek https://marc.info/?l=openbsd-tech&m=171817212419752&w=2 with a bit of reasoning.

But please do read the whole thread.

#openbsd #ai #llms #machinelearning #ArtificialIntelligence #automatedbullshit #bullshiteering

kuijsten bonked 03 Jun 2024 00:07 +0200
original: [email protected]

#OpenBSD -current now has a DHCPv6-PD implementation in base!

florian@ modified src/sbin/dhcp6leased: Import dhcp6leased(8)

dhcp6leased is a daemon to manage IPv6 prefix delegations. It requests a prefix from an upstream DHCPv6 server and configures downstream network interfaces. rad(8) can be used to advertise available prefixes to clients.

It's a transmogrified dhcpleased(8), so it's a bit rough around the edges. But it can already request and renew prefixes and configure interfaces. It's time to hack on it in-tree.

OK deraadt

Previously it was necessary to install e.g: dhcpcd from ports/packages.