Posts Tagged ‘code’

kernel coolness, finally!

Thursday, November 5th, 2009

Many things worth blogging about are happening lately! In fact, so many things that there is not enough time to blog about them. Ah, where to begin!

Quickly now:

PRADS

Ebf0 and myself had a lecture about our fine host detection application at Dagen@IFI (Institute for informatics, UiO). Presentation available here, at least until we upload it to the project website.

We now know that our Proof of Concept is k00l and Ebf has started the high-performance C implementation.

Kernel hacks

Did you know you’re missing out on cool kernel features? Well, yes you are. Here are some of them:

  • grsecurity : Better security in linux! Fixes thousands of attack vectors for desktops and servers alike
  • compcache: compressed memory swap might sound counter intuitive, but memory is lightning fast compared to disk, and you can cram more apps into compressed memory!
  • nilfs: Every wished you hadn’t deleted that file 5 seconds ago? Or wasted an hour waiting for a fsck? Log structured file systems scream write performance. And NILFS aids in data recovery too, as it’ll take automatic snapshots of your data every synchronous write. Very sweet.
  • reiser4: Don’t get me started. This is still not reached mainline. Hans be damned. However, reiser4 is still the fastest file system around.
  • ++++ low-latency, preemptible, tickless system, loads of hardware support and lots more!

The upshot?

The -lied patchset is back!

I now track Ubuntu karmic git and I provide i686 packages:

Add the following to your /etc/apt/sources.list :

deb http://www.cs.mcgill.ca/~kwysoc/debian/binary ./

then install the package:

# add the archive key:

gpg --recv-key 089ac586 && gpg --armor --export 089ac586 | sudo apt-key add -

# update package database:

sudo apt-get update

# install the kernel package

sudo apt-get install linux-image-2.6.31.3-lied-grsec-dirty

# check grub or lilo and then reboot into the kernel!

amd64 binaries are coming as soon as I get a chance to compile them. For now grab the karmic git, the patchset and .config and roll your own :-)

What else?

Bifrost is coming along, and might be close to a release soon, and

Multiframe needs a new client release (which I am w0rking on)

oh and I’ve made an

auto-migrate from ISC dhcpd to dnsmasq by script

…with my quick and dirty perl f00 : dhcpd2dnsmasq.pl.

Be mindful that it is best for those with a lot of host definitions, and does not support all the ISC syntax out there.

The script is interesting because it consicely illustrates how to make a simple but powerful parser with the minimal amount of lines (and fuss) using the AND-OR Waterfall method.

Honk and Drop me a comment if you like / hate / fake it~!

xtend your battery so y ou can GO ALL NITE

Monday, September 14th, 2009

K3ep going all n1te just like all that sp4m c0ming in through your mailbox.10 watts, it's a new record!

10 watts, it's a new record!

From joke to revolver as we say, I’ve noted that many of you find hacking away from power sources quite useful. Here’s how to keep at it longer with low power.

(more…)

HOWTO avoid pains with NetCom 3g USB on jaunty

Sunday, September 6th, 2009

Internet anywhere, ain’t it great?

If you have one of those 3g netcome HSDPA USB dongles you might hve noticed how they don’t really work so well out of the box.

After I had spent 4 hours trying to get the thing working Martin smugly told me these things should be plug’n'play and proceeded to… fail to get it working. oW hELL…

Cutting to the chase and sparing you the gritty details I have a recipie for getting 3g working with the Netcom ZTE-MF636 USB dongle. This recipie should work in ubuntu jaunty and similar recent distros, and most of the instructions apply to other USB dongles too. Included are also all the tips you need to avoid spending 4 hours hammering your head against the wall…
(more…)

never ask for root again

Monday, August 17th, 2009

just a short note to all of you:

linux is not secure. Passwordless root is here :-*

Yes, it has been published elsewhere, but I’ll do mine to push this meme to you: there can be no “untrusted local users” nor do I believe that your services aren’t exploitable.

Two seconds later I have root on your box.

Despite LSM. Despite SELinux. Despite jails and virtualization. Despite all your assumptions.

You will need some very fine security gents and a little of your own smarts to secure your nets. Call us :-)

The best link on this issue so far has been:

cr0: bypassing linux with null pointer

Do you want security? Go run carpal-tunnel-inducing OpenBSD, swell swell if only it smelled well FreeBSD, or, *drum rolls*

drop-in up-to-date secure and invulnerable grsec kernel for ubuntu and debian

Only disadvantage I can see is that they don’t provide amd64 and desktop builds.

Dilligence and perseverence is the path to victory,
and although paranoia may not be the path to safety
noone should leave their front door open.

In other news, and probably a little lame for those of you coming thru the planet feed, security.vcl is here – properly used, understood and abused it could save you some worries, making sure no “untrusted user” went “local” in the first place.

Also, tell your friends: there is a Facebook virus about. It sends links to you from your friends accounts. If you click on the link, you too will be sending your friends links.

Yeah, I know, that sounds like what I do on facebook all day. Except the difference is you don’t know you’re sending links.

So watch out.

And tell your less savvy friends.

Xorg is a steaming pile of gonzales so turn on your UXA

Sunday, June 7th, 2009

Hei folks,

if you have a newer Intel or ATI gfx card, and you’re running a suitably dishy distribution (Ubuntu Jaunty maybe, xorg 7.4, kernels 2.6.27 and up perhaps?) maybe you’ve noticed how sluggish and slow Xorg is. Sometimes it’ll be a dick and eat heaps of your RAM, and maybe hog 98% of your CPU time for no damn raisins.

Furthermore, that sleek graphics card seems to be causing loads of garbage rendering – what gives? I wish I could show you some screenshots but honestly, I don’t really wanna see that shit again, so here’s to not reproducing it. Instead, why don’t you do like I do and enable UXA? Edit your /etc/X11/xorg.conf file and add
Option "AccelMethod" "uxa" to your acting Device section like so:

Section "Device"
   Identifier    "integrated"
   Driver "intel"
      Option "AccelMethod" "uxa"
      Option "RenderAccel" "on"
      Option "PageFlip" "on"
EndSection

Now logout and back into X again, restart GDM, KDM or whatever and whoop de doo your /var/log/Xorg.0.log should say something like:

(**) intel(0): Using UXA for acceleration
[... snip irrelevant shit ...]
(II) intel(0): [DRI2] Setup complete
[... more irrelevant crap ...]
(II) UXA(0): Driver registered support for the following operations:
(II)         solid
(II)         copy
(II)         composite (RENDER acceleration)
[... further noise ...]
(II) intel(0): direct rendering: DRI2 Enabled

Also, windows should draw/move/resize snappier and there should be much rejoicing. If everything went all right that is.

Note that my glxgears performance dropped from 1300fps (w/xcompmgr) down to 660fps (xcompmgr) and 994fps (no composition manager) so there seems to be a tradeoff here, but I really really prefer my gooey windows snappy, artifact-free and less crash-prone. maybe.

K out

useful scripts for digging through code

Monday, March 30th, 2009

After a little bit of digging on my now seldom used desktop machine I found some useful scripts I’d share with you all. They’re real good if you’re in the CLI a lot trying to make sense of large amounts of code.

Amongst others, a ~/.bashrc file to rule them all.

The bash goodness:

g foo: what lines of what files contain the word foo?
cat somefile | gi foo

.... : cd ../../..

f foo: case-insensitive search for file foo.

finn foo: find filenames containing ‘foo’. Sensitive but won’t print svn garbage.

p foo: highlight processes matching ‘foo’

fsym foo: search for symbol foo in all objects in subfolders.

rsym foo: check if libfoo.so links properly

Persistent vim windows.

Further: gvimws allows you to always open new files in the same editor on the current desktop. It also closes the file in any other editor on any other desktop automatically.

And the kicker: ve will allow you to quickly open the files you’ve been searching for (using gvimws)

Putting it together

kwy@amaeth ~$ dmesg | gi error
1404:[27214.044072] iwlagn: Error sending REPLY_ADD_STA: time out after 500ms.
kwy@amaeth ~$ cd /usr/src/linux
kwy@amaeth /usr/src/linux$ f iwl-core
./drivers/net/wireless/iwlwifi/iwl-core.h
./drivers/net/wireless/iwlwifi/iwl-core.c
# doubleclick-select midclick-paste the above line.
kwy@amaeth /usr/src/linux$ cdd  ./drivers/net/wireless/iwlwifi/iwl-core.c
kwy@amaeth  /usr/src/linux/drivers/net/wireless/iwlwifi$ g time out
iwl3945-base.c:767:			IWL_ERROR("Error sending %s: time out after %dms.n",
iwl3945-base.c:1590:			IWL_ERROR("Time out reading EEPROM[%d]", addr);
iwl-eeprom.c:246:			IWL_ERROR("Time out reading EEPROM[%d]", addr);
iwl-hcmd.c:186:			IWL_ERROR("Error sending %s: time out after %dms.n",
#select-paste filename:lineno pair from above
kwy@amaeth  /usr/src/linux/drivers/net/wireless/iwlwifi$ ve iwl-hcmd.c:186:
# BAM you have found the problem

The fsym and rsym functions are the kind of thing that you’ll never need unless you’re maintaining a large build with libraries that often break. fsym will find the object file that contains the symbol you’re looking for. rsym will do more than ldd and the compiler do to check if your lib is linking correctly.

The all singing, all dancing vimrc file

It’s swell. Switch buffers with F3/F4, do typeahead search and all kinds of crazy things you’ll never find out about until you happen to press the wrong button. Just like all of vim.

cross-reference like CSI

Friday, March 27th, 2009

I was watching The Mentalist the other night and during the course of a murder investigation they ask the cute geeky cop to “cross-reference” the list of people with brown cars with the list of buyers of a specific toothpaste brand.

She brings up a fancy display of two lists and punches the keyboard a few times, and suddenly a couple of entries in the list are highlighted – the murder suspects. So without further ado I bring you this ultimate crime-fighting tool:

crossref
(link updated)
Usage: Download; mv crossref.pl.txt bin/crossref; chmod +x bin/crossref; crossref list1 list2

If you’re on windows you’ll need ActivePerl or Strawberry Perl.

It may not have any fancy graphics, but it’ll get the job done and hey – this isn’t a TV series.

the important bits

Monday, March 16th, 2009

instead of giving you another machine-breaking tip I’ll just point you to http://www.bsd-box.net/ where you’ll find writ a collection for your reading pleasure…