While out for a run this afternoon, I hear the swoop of wings. Very, very close. Looking up, I see a large bird climbing back up from the pass, circling back around, and diving in for another overhead pass. Two, three, four, five feet miss, max. I think that happened five or six times. Second last time, I involuntarily ducked, it was that close. That bird had no fear. I felt I could have reached up and plucked the bird from the air!.
Saturday, May 29. 2021
Dive Bombed by an Aerial Rodent Hunter
linux diskstats
More TODO looking:
$ cat /proc/diskstats 259 0 nvme0n1 63840307 12937870 2293335051 33430251 96127804 61305555 15099846424 191811657 0 96413608 239045439 0 0 0 0 3690911 13803530 259 1 nvme0n1p1 393 1000 29745 67 2 0 2 13 0 404 81 0 0 0 0 0 0 259 2 nvme0n1p2 416 506 23256 48 98 1 214 252 0 356 301 0 0 0 0 0 0 259 3 nvme0n1p3 279609 8152 46434210 58163 765192 382955 254395816 7307992 0 3161560 7366155 0 0 0 0 0 0 259 4 nvme0n1p4 5696585 40470 560165192 6789555 256010 14505 38464520 203018 0 2718956 6992574 0 0 0 0 0 0 259 5 nvme0n1p5 5997688 132712 465611808 3669012 19168871 263191 2499497624 45842492 0 18926656 49511505 0 0 0 0 0 0 259 6 nvme0n1p6 12243830 121349 803005424 12340941 59298520 1387653 11690638024 89369664 0 53198444 101710606 0 0 0 0 0 0 259 7 nvme0n1p7 39621442 12633681 418051776 10572440 13066758 59257250 616850224 35479804 0 15527632 46052244 0 0 0 0 0 0 179 0 mmcblk0 704 1577 43388 8432 142 96 11206 16617 0 4792 25049 0 0 0 0 0 0 179 1 mmcblk0p1 14 0 112 68 0 0 0 0 0 76 68 0 0 0 0 0 0 179 2 mmcblk0p2 31 0 2104 288 0 0 0 0 0 192 288 0 0 0 0 0 0 179 3 mmcblk0p3 116 224 4960 1977 9 6 30 1627 0 2440 3605 0 0 0 0 0 0 179 4 mmcblk0p4 197 1314 16138 1046 81 67 1184 10153 0 2904 11199 0 0 0 0 0 0 179 5 mmcblk0p5 78 0 5056 1666 7 5 1040 1024 0 2164 2690 0 0 0 0 0 0 179 6 mmcblk0p6 72 38 4746 1185 8 1 72 1210 0 2232 2396 0 0 0 0 0 0 179 7 mmcblk0p7 138 1 8056 2103 37 17 8880 2601 0 2980 4704 0 0 0 0 0 0
linux hwmon
TODO: look at what is covered and what is missing:
$ ls -al /sys/class/hwmon total 0 drwxr-xr-x 2 root root 0 May 29 11:02 . drwxr-xr-x 62 root root 0 May 28 15:09 .. lrwxrwxrwx 1 root root 0 May 29 11:02 hwmon0 -> ../../devices/virtual/thermal/thermal_zone0/hwmon0 lrwxrwxrwx 1 root root 0 May 29 11:02 hwmon1 -> ../../devices/pci0000:00/0000:00:1d.0/0000:72:00.0/hwmon/hwmon1 lrwxrwxrwx 1 root root 0 May 29 11:02 hwmon2 -> ../../devices/pci0000:00/0000:00:01.0/0000:01:00.0/hwmon/hwmon2 lrwxrwxrwx 1 root root 0 May 29 11:02 hwmon3 -> ../../devices/platform/coretemp.0/hwmon/hwmon3 lrwxrwxrwx 1 root root 0 May 29 11:02 hwmon4 -> ../../devices/virtual/thermal/thermal_zone2/hwmon4 lrwxrwxrwx 1 root root 0 May 29 11:02 hwmon5 -> ../../devices/virtual/thermal/thermal_zone4/hwmon5 rpb@nuc8i7hvk01:~/data/passwords$ sensors pch_skylake-virtual-0 Adapter: Virtual device temp1: +55.5°C amdgpu-pci-0100 Adapter: PCI adapter vddgfx: 800.00 mV edge: +55.0°C (crit = +89.0°C, hyst = -273.1°C) power1: 9.04 W (cap = 75.00 W) acpitz-acpi-0 Adapter: ACPI interface temp1: +27.8°C (crit = +119.0°C) temp2: +29.8°C (crit = +119.0°C) iwlwifi_1-virtual-0 Adapter: Virtual device temp1: +46.0°C coretemp-isa-0000 Adapter: ISA adapter Package id 0: +64.0°C (high = +100.0°C, crit = +100.0°C) Core 0: +60.0°C (high = +100.0°C, crit = +100.0°C) Core 1: +61.0°C (high = +100.0°C, crit = +100.0°C) Core 2: +60.0°C (high = +100.0°C, crit = +100.0°C) Core 3: +64.0°C (high = +100.0°C, crit = +100.0°C) nvme-pci-7200 Adapter: PCI adapter Composite: +42.9°C (low = -273.1°C, high = +80.8°C) (crit = +80.8°C) Sensor 1: +42.9°C (low = -273.1°C, high = +65261.8°C) Sensor 2: +42.9°C (low = -273.1°C, high = +65261.8°C)
Re: [PATCH bpf-next] xsk: support AF_PACKET (XDP)
> In xsk mode, users cannot use AF_PACKET(tcpdump) to observe the current > rx/tx data packets. This feature is very important in many cases. So > this patch allows AF_PACKET to obtain xsk packages.
You can use xdpdump to dump the packets from the XDP program before it gets redirected into the XSK: https://github.com/xdp-project/xdp-tools/tree/master/xdp-dump
Doens't currently work on egress, but if/when we get a proper TX hook that should be doable as well.
Wiring up XSK to AF_PACKET sounds a bit nonsensical: XSK is already a transport to userspace, why would you need a second one?
Yes, it is rather cool (credit to Eelco). Notice the extra info you can capture from 'exit', like XDP return codes, if_index, rx_queue. The tool uses the perf ring-buffer to send/copy data to userspace. This is actually surprisingly fast, but I still think AF_XDP will be faster (but it usually 'steals' the packet).
Another (crazy?) idea is to extend this (and xdpdump), is to leverage Hangbin's recent XDP_REDIRECT extension e624d4ed4aa8 ("xdp: Extend xdp_redirect_map with broadcast support"). We now have a xdp_redirect_map flag BPF_F_BROADCAST, what if we create a BPF_F_CLONE_PASS flag?
The semantic meaning of BPF_F_CLONE_PASS flag is to copy/clone the packet for the specified map target index (e.g AF_XDP map), but afterwards it does like veth/cpumap and creates an SKB from the xdp_frame (see __xdp_build_skb_from_frame()) and send to netstack. (Feel free to kick me if this doesn't make any sense)
> This would be a smooth way to implement clone support for AF_XDP. If > we had this and someone added AF_XDP support to libpcap, we could both > capture AF_XDP traffic with tcpdump (using this clone functionality in > the XDP program) and speed up tcpdump for dumping traffic destined for > regular sockets. Would that solve your use case Xuan? Note that I have > not looked into the BPF_F_CLONE_PASS code, so do not know at this > point what it would take to support this for XSKMAPs.
Recently also ended up with something similar for our XDP LB to record pcaps [0] My question is.. tcpdump doesn't really care where the packet data comes from, so why not extending libpcap's Linux-related internals to either capture from perf RB or BPF ringbuf rather than AF_PACKET sockets? Cloning is slow, and if you need to end up creating an skb which is then cloned once again inside AF_PACKET it's even worse. Just relying and reading out, say, perf RB you don't need any clones at all.
Anyway, xdpdump does have a "pipe pcap to stdout" feature so you can do `xdpdump | tcpdump` and get the interactive output; and it will also save pcap information to disk, of course (using pcap-ng so it can also save metadata like XDP program name and return code).
Thursday, May 27. 2021
Linux Event Testing
From a bug report I learned about a tool called evtest: listens for and documents events from devices such as keyboards:
evtest No device specified, trying to scan all of /dev/input/event* Available devices: /dev/input/event0: AT Translated Set 2 keyboard /dev/input/event1: Video Bus /dev/input/event2: PS/2 Generic Mouse /dev/input/event3: Apple, Inc Apple Keyboard /dev/input/event4: Apple, Inc Apple Keyboard /dev/input/event5: PixArt USB Optical Mouse [...] Select the device event number [0-24]: 3 Input driver version is 1.0.1 Input device ID: bus 0x3 vendor 0x5ac product 0x221 version 0x111 Input device name: "Apple, Inc Apple Keyboard" [...] Testing ... (interrupt to exit) Event: time 1622014586.354418, type 1 (EV_KEY), code 28 (KEY_ENTER), value 0 Event: time 1622014586.354418, -------------- SYN_REPORT ------------ Event: time 1622014588.314431, type 1 (EV_KEY), code 59 (KEY_F1), value 1 Event: time 1622014588.314431, -------------- SYN_REPORT ------------ éEvent: time 1622014588.402405, type 1 (EV_KEY), code 59 (KEY_F1), value 0 ....
The successor package is evemu-tools:
- evtest - utility to monitor Linux input device events
- evemu-tools - Linux Input Event Device Emulation Library - test tools
Thursday, May 20. 2021
iMX8 SoC Implementations
- Nitrogen 8M - boundarydevices.com/product/nitrogen8m/
- Solidrun Cubox M - shop.solid-run.com/product/SRMP8QDWB1D04GE008X00CE/
- Hummingboard Pulse - shop.solid-run.com/product-category/embedded-computers/nxp-family/hummingboard-m/
- Purism Librem 5 Phone - en.wikipedia.org/wiki/Librem_5
- Compulab SBC-iMX8X - www.compulab.com/products/sbcs/sbc-imx8x-nxp-i-mx-8x-single-board-computer/ - (supported since 5.4.24)
- Toradex Apalis iMX8 CoM - www.toradex.com/computer-on-modules/apalis-arm-family/nxp-imx-8
Enabled with CONFIG_ARCH_MXC=y in debian/config/arm64/config
Reflected in Debian Bug#985862
Monday, May 17. 2021
URL Shorteners - behind the scenes
Something I didn't know: if you add a '+' to the end of a bitly or tinyurl url, it will show what the actual url is and when it was created.
But twitter's t.co doesn't work that way.
Someone said Google's Translate will do something similar. So that might be an alternative.
wheregoes.com will also perform the checking. Ironically, from the tweet it goes through a t.co link, which does do the lookup.
Sunday, May 16. 2021
Public Open DNS Resolvers
- cloudflare 1.1.1.1 1.0.0.1 2606:4700:4700::1111 2606:4700:4700::1001
- comodo: 8.26.56.26 8.20.247.20
- dyn: 216.146.35.35 216.146.36.36
- google: 8.8.8.8 8.8.4.4 2001:4860:4860::8888 2001:4860:4860::8844
- level3: 4.2.2.2 4.2.2.1
- norton: 199.85.126.10 199.85.127.10
- opendns: 208.67.222.222 208.67.220.220
- quad9: 9.9.9.9 149.112.112.112 2620:fe::fe 2620:fe::9
- ultradns: 156.154.71.1 156.154.70.1
A reference to Open DNS Resolvers, whether they are meant to be or not: public-dns.info
Another interesting resolvers.
And from a definition perspective: wikipedia.
Unrelated, but kinda a DNS question:
Is there a tool that would allow me to identify all the DNS servers on our networks that are using dnsmasq?
Response: github.com/kirei/fpdns, which was derived in reference to determining versions of DNSMasq due to the dnspooq attack.
Firmware Update
For some devices, there is an easy to manage firmware upgrade path. I heard about it at How To Update Samsung SSD Firmware on Linux. Only some manufacturers support it at the moment. Continue reading "Firmware Update" »
Friday, May 14. 2021
Google DNS Cluster Resolution
For those that don't know this, if you want to know which cluster you're hitting, you can run:
$ dig o-o.myaddr.l.google.com -t txt +short @8.8.8.8 "172.253.192.142" "edns0-client-subnet x.x.x.0/24"
That will return the ipv4/ipv6 address of the server that handled your request. To get a list of what subnets map to which locations (airport codes), you can run:
$ dig -t TXT +short locations.publicdns.goog. @8.8.8.8 snip... "172.253.192.0/24 cbf ..snip cbf = Council Bluffs, IA
Wednesday, May 12. 2021
Random Command
lspci - Show a tree-like diagram containing all buses, bridges, devices and connections between them.
# lspci -tv -[0000:00]-+-00.0 Intel Corporation Xeon E3-1200 v6/7th Gen Core Processor Host Bridge/DRAM Registers +-01.0-[01]--+-00.0 Advanced Micro Devices, Inc. [AMD/ATI] Polaris 22 XT [Radeon RX Vega M GH] | \-00.1 Advanced Micro Devices, Inc. [AMD/ATI] Polaris 22 HDMI Audio +-01.1-[02]----00.0 ASMedia Technology Inc. ASM2142 USB 3.1 Host Controller +-01.2-[03]----00.0 O2 Micro, Inc. SD/MMC Card Reader Controller +-08.0 Intel Corporation Xeon E3-1200 v5/v6 / E3-1500 v5 / 6th/7th/8th Gen Core Processor Gaussian Mixture Model +-14.0 Intel Corporation 100 Series/C230 Series Chipset Family USB 3.0 xHCI Controller +-14.2 Intel Corporation 100 Series/C230 Series Chipset Family Thermal Subsystem +-15.0 Intel Corporation 100 Series/C230 Series Chipset Family Serial IO I2C Controller #0 +-15.1 Intel Corporation 100 Series/C230 Series Chipset Family Serial IO I2C Controller #1 +-15.2 Intel Corporation 100 Series/C230 Series Chipset Family Serial IO I2C Controller #2 +-16.0 Intel Corporation 100 Series/C230 Series Chipset Family MEI Controller #1 +-1c.0-[04]-- +-1c.1-[05]----00.0 Intel Corporation I210 Gigabit Network Connection +-1c.2-[06]----00.0 Intel Corporation Wireless 8265 / 8275 +-1c.4-[07-71]----00.0-[08-71]--+-00.0-[09]-- | +-01.0-[0a-3c]-- | +-02.0-[3d]----00.0 Intel Corporation JHL6540 Thunderbolt 3 USB Controller (C step) [Alpine Ridge 4C 2016] | \-04.0-[3e-71]-- +-1d.0-[72]----00.0 Samsung Electronics Co Ltd NVMe SSD Controller SM981/PM981/PM983 +-1e.0 Intel Corporation 100 Series/C230 Series Chipset Family Serial IO UART #0 +-1f.0 Intel Corporation HM175 Chipset LPC/eSPI Controller +-1f.2 Intel Corporation 100 Series/C230 Series Chipset Family Power Management Controller +-1f.3 Intel Corporation CM238 HD Audio Controller +-1f.4 Intel Corporation 100 Series/C230 Series Chipset Family SMBus \-1f.6 Intel Corporation Ethernet Connection (2) I219-LM
On an Intel NUC8i7HVK
For additional detail, look at 'lshw'
Saturday, May 8. 2021
Package vital stats via dpkg
# dpkg -s sc Package: sc Status: install ok installed Priority: optional Section: math Installed-Size: 440 Maintainer: Adam MajerArchitecture: amd64 Source: sc (7.16-4) Version: 7.16-4+b3 Depends: libc6 (>= 2.14), libncurses6 (>= 6), libtinfo6 (>= 6) Description: Text-based spreadsheet with VI-like keybindings "Spreadsheet Calculator" is a much modified version of the public- domain spread sheet sc, which was posted to Usenet several years ago by Mark Weiser as vc, originally by James Gosling. It is based on rectangular table much like a financial spreadsheet. . Its keybindings are familiar to users of 'vi', and it has most features that a pure spreadsheet would, but lacks things like graphing and saving in foreign formats. It's very stable and quite easy to use once you've put a little effort into learning it.
Debian Versioning
# lsb_release -a No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux bullseye/sid Release: testing Codename: bullseye
dmidecode the basic box
# dmidecode -t 1 # dmidecode 3.3 Getting SMBIOS data from sysfs. SMBIOS 3.1.1 present. Handle 0x0001, DMI type 1, 27 bytes System Information Manufacturer: Intel Corporation Product Name: NUC8i7HVK Version: J71485-502 Serial Number: HD16880967000xx UUID: 9dd0b962-8d45-42ab-8688-54b2030473f9 Wake-up Type: Power Switch SKU Number: Family: Intel NUC
# lshw nuc8i7hvk01 description: Desktop Computer product: NUC8i7HVK vendor: Intel Corporation version: J71485-502 serial: HD1688096700097 width: 64 bits capabilities: smbios-3.1.1 dmi-3.1.1 smp vsyscall32 configuration: boot=normal chassis=desktop family=Intel NUC uuid=62B9D09D-458D-AB42-8688-54B2030473F9 .....