Contributed by mtu on from the can't-sleep-got-too-much-to-do dept.
c2k8 General Hackathon (Part 5) - June 7-15, 2008, Edmonton, Alberta, Canada
I had the pleasure of working beside Todd Fries (todd@) for my second hackathon. Two years ago at c2k6, we were working on ipsecctl testing together. Even then, he was a heavy IPv6 user. I would also wager a bet that he uses his Zaurus more than any other developer (mcbride@ is a close second) and I don't mean for building snapshots or packages.
Read on to find out what weird networking is all about:
I've met a lot of developers that are in awe of what Todd does and/or how he does it. In fact, he's got a reputation (actually many) in the OpenBSD developer community. For example, he's right up there with Theo and Owain Ainsworth (oga@) when it comes to sleep deprivation at hackathons. You will never hear him swear. He also doesn't deviate from policy, however painful.
Todd lives in Oklahoma, but he has a policy of buying plane tickets solely on the basis of price. As a result, he spent more time in the air and at various transit airports on his way to the c2k8 hackathon than the developers from Australia! Okay, I'm exaggerating a little, but just a little. It's a good policy for collecting air miles but you have to wonder how much he's paying his chiropractor to fix his back from the many hours sitting in those lousy airplane seats ;-).
Sitting beside Todd for a week was a real learning experience. Lately I've been playing with different Window Managers. fvwm(1) is nice for the Spartan in us, but for the past couple of years I've been using fluxbox for a little more eye candy. Then earlier this year, I switched to Enlightenment but have recently switched to cwm(1) :-). Not quite full circle but I think that cwm is where I'll sit for now. So, I look over at Todd's screen and notice that all his xterms have transparency; I just had to ask! A few moments later, he sends me this:
install x11/xcompmgr, type:install x11/transset-df, type:xcompmgr -c &... click on a windowtransset-df
...and now I have eye candy with cwm :-) Thanks Todd!
Here is what Todd had to say about his time at the c2k8 hackathon:
As per usual I arrived with a list of things I wanted to work on, and so I did start on them. However, as per usual other things became more interesting once I was at the hackathon; not the least of which was a powerbook g4 that was donated to me by Jason Dixon.
Suddenly the fact that bwi(4) panicked on the powerbook g4 was interesting to me, and Jonathan Gray (jsg@) and I spent some wee hours in the early morning on debugging the situation. It seems that by zeroing memory with the wrong pointer can corrupt the kernel memory. See this commit for the fix.
bwi(4) panic debugging session quickly made me seek out Dale Rahn (drahn@) who I knew had some knowledge of macppc, since he was the person who did the majority of the original work for powerpc! Something about not having keyboard access at ddb> is rather frustrating, and we both resigned to fix the logic.
To understand the logic, we must go back a few years when apple first released the powerbooks. They came with bluetooth. Nice feature. Too bad they decided they wanted bluetooth keyboards at their firmware prompt. They did not want (I presume) to implement bluetooth in the openfirmware, but they already had usb keyboard and mouse support, and the bluetooth device inside the powerbook is on the usb bus. So they flashed the firmware of the usb bluetooth device to have multiple personalities. One personality is a normal bluetooth device, so the OS can pair with normal bluetooth devices. Once this is done, the system can switch the device to being its alternate personality, appearing to be a USB keyboard and mouse, pairing with devices it's paired with in the past. The joy of this is that the bluetooth device's usb keyboard/mouse profile is default on powerup, which makes the logic for choosing console keyboards on powerbooks (and ibooks) rather moot. The logic was basically 'if it has usb and adb, choose usb'. The diff changes this to 'if it has usb and adb, choose adb for powerbooks and ibooks, otherwise choose usb'. It was not until after the hackathon was over that this was committed, but we both had numerous interruptions and versions of the diff to contemplate in the interim: link1 link2
Those who know me know that I like to use IPv6 as often as I can. This also means that I do IPSec with IPv6 as well. Turns out there were a couple of bugs lurking that were annoyingly hard to track down:
So ... you see, in the kernel, we have '#ifdef INET6' sprinkled in the appopriate places so as to let floppy disks fit like say alpha which is so tight it can't even fit IPv6 code. And if you are programming in C, you need to compare the address family to AF_INET6 to check to see if it is an IPv6 packet. From the very first version of ipsec_input.c, it appears no one had tested IPv4 inside IPv6 since this was a bug from the very first version.
Another bug related to IPv6 IPSec was causing issues only with ICMP. And only for the host that was doing the encapsulation; it could route IPv4 icmp traffic inside an IPv6 IPSec tunnel just fine, it just couldn't generate the icmp packet itself. Well, not entirely true, it could generate it, it just would go out with bad checksum:
14:16:14.259435 (authentic,confidential): SPI 0x036d23e3: 2001:240:58a:100::41 > 2001:240:58a::1: 10.0.0.201 > 10.0.0.33: icmp: echo request (id:d764 seq:1) (ttl 255, id 1993, len 84, bad cksum 0!) (len 84, hlim 64) 0000: 6000 0000 0054 0440 2001 0240 058a 0100 `....T.@ ..@.... 0010: 0000 0000 0000 0041 2001 0240 058a 0000 .......A ..@.... 0020: 0000 0000 0000 0001 4500 0054 07c9 0000 ........E..T.É.. 0030: ff01 0000 0a00 00c9 0a00 0021 0800 47dd ÿ......É...!..GÝ 0040: d764 0001 485a b07e 0003 f4dd 0809 0a0b ×d..HZ°~..ôÝ.... 0050: 0c0d 0e0f 1011 1213 1415 1617 1819 1a1b ................ 0060: 1c1d 1e1f 2021 2223 2425 2627 2829 2a2b .... !"#$%&'()*+ 0070: 2c2d 2e2f 3031 3233 3435 3637 ,-./01234567
After mentioning this to Alexander Bluhm (bluhm@) we started debugging this.
If you follow the traffic, you'll note that there is 'ff01 0000 0a00 00c9 0a00 0021' in there. Translated to what it stands for, then, we have: ttl 255 (standard for icmp before it gets routed, -1 at each router) protocol 1 (icmp protcol number) checksum 0 (why all zeros? did someone zero this out?) IP 10.0.0.201 (source IPv4 inner packet) IP 10.0.0.33 (destination IPv4 inner packet)
We tried printing the checksum header in various parts of the kernel code and eventually narrowed it down to the portion of this file that was added in 2004 by itojun@. The reason he was clearing the scope ID on IPv6 packets is because the KAME implementation of IPv6 sets the scope id in the address in the kernel, and is supposed to clear it before it hits the wire. Surprisingly, he did not consider using IPv4 inside IPv6 IPSec, or he would have added the check we did in this commit. See the changes here.
Oh the irony. Only because protocol 1 was ICMP and that it used a 255 TTL by default did it fail. TCP protcol is 6 and UDP protocol is 17, and they worked just fine. Now with this fix, finally, icmp worked too.
Todd Fries .. email@example.com
Sitting on the other side of Todd was a Ellick Chan (emchan@), a student brought in by Dale Rahn (drahn@). He is new to the Project as a developer but has started work getting the Zaurus architecture to run in QEMU. "For what?", do you say? After all, they have discontinued selling the Zaurus as of last year. Well there are a lot of developers that have one (and some have two) :-).
Anyone who has a Zaurus will tell you how convenient it is as a small functional computer that runs OpenBSD. It even has a real hard drive and it is small enough that you can fit it into your shirt pocket. However, they'll also tell you that it takes at least a day or so to do a make build :-(. So, imagine building packages and snapshots for the Zaurus in QEMU on a really fast computer :-). Now think of some other possibilities such as working on removing the linux boot loader that is embedded on the flash without making your real Zaurus unusable in the process :-).
Here is what Ellick had to say about his work and time at the c2k8 hackathon:
Bringing up the Zaurus port of OpenBSD to run on the QEMU emulator in Zaurus CL-3000 (spitz) emulation mode. We managed to get a trivial root filesystem to boot to the shell, and we are working on getting a more advanced filesystem to start. With a bit more work, we hope to get full Zaurus support in the emulator.
For me, the Hackathon was a very interesting experience. I had taken software engineering courses at the University before, and we used an extreme-programming style approach for our project group of eight members. The Hackathon basically took this simple idea and expanded it to a larger scale while mixing in lots of alcohol, fun, and really smart people. It basically "supersized" the entire small team experience without compromising the small team agility and feel. I think the experience was fairly unique, and I'd love to bring some of the feel of it to the University and/or work environment. I'm pretty sure most software developers would appreciate adopting some of the principles heralded by the Hackathon model.
I would like to thank Todd for his great work at the hackathon. I'm sure that the he slept for a week after it was all over. The bug fixes and improvements are impressive and we appreciate your efforts, wonderful personality and friendly tutoring. As for Ellick, I enjoyed talking with you over pizza and I hope that the hackathon gave you a taste of something that we all find special in the OpenBSD developer community. I look forward to running Zaurus in QEMU :-). Thanks for your effort and time on this.
(c2k8 hackathon summary to be continued)
(Comments are closed)