You are here

thinktime

Retribution

Seth Godin - Tue 16th Dec 2014 20:12
"He deserved it," is usually the explanation we hear for behavior that strikes us as unproductive, inhumane or counter-productive. The bully is always happy to point a finger at the person he hurt, to cast blame for his inexcusable actions....         Seth Godin
Categories: thinktime

linux.conf.au News: Speaker Feature: Jonathan Corbet, Josh Berkus, Mark McClain

Planet Linux Australia - Tue 16th Dec 2014 19:12
Jonathan Corbet The kernel report

11:35am Wednesday 14th January 2015

Jonathan Corbet is the lead editor of LWN.net, co-author of Linux Device Drivers, a member of the Linux Foundation's Technical Advisory Board, and a occasional kernel contributor.

For more information on Jonathan and his presentation, see here.



Josh Berkus PostgreSQL Replication Tutorial

1:20pm Wednesday 14th January 2015

Josh Berkus is best known as a core team member of the global PostgreSQL database project. He's also CEO of PostgreSQL Experts Inc., and sits on the board of several database startups. As well as PostgreSQL, Josh dabbles Python, Perl, Redis, and Docker these days, but ask him for an update when you see him. He's had a Linux desktop since 1998.

For more information on Josh and his presentation, see here.



Mark McClain Tunnels and bridges: A drive through OpenStack Networkings

1:20pm Thursday 15th January 2015

Mark McClain is a Senior Principal Architect at Yahoo!, member of the OpenStack Technical Committee, and is a core reviewer of the the OpenStack Networking Project. He served as the Technical Lead for Neutron during the Havana and Icehouse cycles. Mark has 14 years of software development experience and OpenStack Networking combines two of his favorite interests: networking and Python.

For more information on Mark and his presentation, see here.



Categories: thinktime

The annual plan construction set

Seth Godin - Mon 15th Dec 2014 21:12
It's that time of year, when big companies race to put together their annual plan for the coming year. These documents, even though they're now digital, involve thousands of hours of analog meetings and discussion and compromise. To save you...         Seth Godin
Categories: thinktime

Michael Still: Ghost

Planet Linux Australia - Mon 15th Dec 2014 11:12






ISBN: 9781416520870

LibraryThing

Trigger warning, I suppose.























This like a Tom Clancy book, but with weirder sex, much of it non-consensual. Also, not as well thought through or as well researched or as believable. I couldn't bring myself to finish it.



Tags for this post: book john_ringo terrorism nuclear

Related posts: Citadel; Hell's Faire; Princess of Wands; East of the Sun, West of the Moon; Watch on the Rhine; Cally's War Comment Recommend a book
Categories: thinktime

Michael Still: How are we going with Nova Kilo specs after our review day?

Planet Linux Australia - Mon 15th Dec 2014 10:12
Time for another summary I think, because announcing the review day seems to have caused a rush of new specs to be filed (which wasn't really my intention, but hey). We did approve a fair few specs on the review day, so I think overall it was a success. Here's an updated summary of the state of play:







API







API (EC2)



  • Expand support for volume filtering in the EC2 API: review 104450.
  • Implement tags for volumes and snapshots with the EC2 API: review 126553 (fast tracked, approved).




Administrative



  • Actively hunt for orphan instances and remove them: review 137996 (abandoned); review 138627.
  • Check that a service isn't running before deleting it: review 131633.
  • Enable the nova metadata cache to be a shared resource to improve the hit rate: review 126705 (abandoned).
  • Implement a daemon version of rootwrap: review 105404.
  • Log request id mappings: review 132819 (fast tracked).
  • Monitor the health of hypervisor hosts: review 137768.
  • Remove the assumption that there is a single endpoint for services that nova talks to: review 132623.




Block Storage



  • Allow direct access to LVM volumes if supported by Cinder: review 127318.
  • Cache data from volumes on local disk: review 138292 (abandoned); review 138619.
  • Enhance iSCSI volume multipath support: review 134299.
  • Failover to alternative iSCSI portals on login failure: review 137468.
  • Give additional info in BDM when source type is "blank": review 140133.
  • Implement support for a DRBD driver for Cinder block device access: review 134153.
  • Refactor ISCSIDriver to support other iSCSI transports besides TCP: review 130721 (approved).
  • StorPool volume attachment support: review 115716.
  • Support Cinder Volume Multi-attach: review 139580 (approved).
  • Support iSCSI live migration for different iSCSI target: review 132323 (approved).




Cells







Containers Service







Database







Hypervisor: Docker







Hypervisor: FreeBSD



  • Implement support for FreeBSD networking in nova-network: review 127827.




Hypervisor: Hyper-V







Hypervisor: Ironic







Hypervisor: VMWare



  • Add ephemeral disk support to the VMware driver: review 126527 (fast tracked, approved).
  • Add support for the HTML5 console: review 127283.
  • Allow Nova to access a VMWare image store over NFS: review 126866.
  • Enable administrators and tenants to take advantage of backend storage policies: review 126547 (fast tracked, approved).
  • Enable the mapping of raw cinder devices to instances: review 128697.
  • Implement vSAN support: review 128600 (fast tracked, approved).
  • Support multiple disks inside a single OVA file: review 128691.
  • Support the OVA image format: review 127054 (fast tracked, approved).




Hypervisor: libvirt







Instance features







Internal



  • A lock-free quota implementation: review 135296.
  • Automate the documentation of the virtual machine state transition graph: review 94835.
  • Fake Libvirt driver for simulating HW testing: review 139927 (abandoned).
  • Flatten Aggregate Metadata in the DB: review 134573 (abandoned).
  • Flatten Instance Metadata in the DB: review 134945 (abandoned).
  • Implement a new code coverage API extension: review 130855.
  • Move flavor data out of the system_metadata table in the SQL database: review 126620 (approved).
  • Move to polling for cinder operations: review 135367.
  • PCI test cases for third party CI: review 141270.
  • Transition Nova to using the Glance v2 API: review 84887.
  • Transition to using glanceclient instead of our own home grown wrapper: review 133485 (approved).




Internationalization



  • Enable lazy translations of strings: review 126717 (fast tracked).




Networking







Performance



  • Dynamically alter the interval nova polls components at based on load and expected time for an operation to complete: review 122705.




Scheduler



  • A nested quota driver API: review 129420.
  • Add a filter to take into account hypervisor type and version when scheduling: review 137714.
  • Add an IOPS weigher: review 127123 (approved, implemented); review 132614.
  • Add instance count on the hypervisor as a weight: review 127871 (abandoned).
  • Allow extra spec to match all values in a list by adding the ALL-IN operator: review 138698 (fast tracked, approved).
  • Allow limiting the flavors that can be scheduled on certain host aggregates: review 122530 (abandoned).
  • Allow the remove of servers from server groups: review 136487.
  • Convert get_available_resources to use an object instead of dict: review 133728 (abandoned).
  • Convert the resource tracker to objects: review 128964 (fast tracked, approved).
  • Create an object model to represent a request to boot an instance: review 127610 (approved).
  • Decouple services and compute nodes in the SQL database: review 126895 (approved).
  • Enable adding new scheduler hints to already booted instances: review 134746.
  • Fix the race conditions when migration with server-group: review 135527 (abandoned).
  • Implement resource objects in the resource tracker: review 127609.
  • Improve the ComputeCapabilities filter: review 133534.
  • Isolate Scheduler DB for Filters: review 138444.
  • Isolate the scheduler's use of the Nova SQL database: review 89893.
  • Let schedulers reuse filter and weigher objects: review 134506 (abandoned).
  • Move select_destinations() to using a request object: review 127612 (approved).
  • Persist scheduler hints: review 88983.
  • Refactor allocate_for_instance: review 141129.
  • Stop direct lookup for host aggregates in the Nova database: review 132065 (abandoned).
  • Stop direct lookup for instance groups in the Nova database: review 131553 (abandoned).
  • Support scheduling based on more image properties: review 138937.
  • Trusted computing support: review 133106.




Scheduling







Security



  • Make key manager interface interoperable with Barbican: review 140144 (fast tracked, approved).
  • Provide a reference implementation for console proxies that uses TLS: review 126958 (fast tracked, approved).
  • Strongly validate the tenant and user for quota consuming requests with keystone: review 92507.




Service Groups







Sheduler



  • Add soft affinity support for server group: review 140017 (approved).




Tags for this post: openstack kilo blueprint spec nova

Related posts: Specs for Kilo; One week of Nova Kilo specifications; Compute Kilo specs are open; Specs for Kilo; Juno nova mid-cycle meetup summary: slots; Juno nova mid-cycle meetup summary: nova-network to Neutron migration



Comment
Categories: thinktime

Michael Still: Soft deleting instances and the reclaim_instance_interval in Nova

Planet Linux Australia - Mon 15th Dec 2014 09:12
I got asked the other day how the reclaim_instance_interval in Nova works, so I thought I'd write it up here in case its useful to other people.



First off, there is a periodic task run the nova-compute process (or the computer manager as a developer would know it), which runs every reclaim_instance_interval seconds. It looks for instances in the SOFT_DELETED state which don't have any tasks running at the moment for the hypervisor node that nova-compute is running on.



For each instance it finds, it checks if the instance has been soft deleted for at least reclaim_instance_interval seconds. This has the side effect from my reading of the code that an instance needs to be deleted for at least reclaim_instance_Interval seconds before it will be removed from disk, but that the instance might be up to approximately twice that age (if it was deleted just as the periodic task ran, it would skip the next run and therefore not be deleted for two intervals).



Once these conditions are met, the instance is deleted from disk.



Tags for this post: openstack nova instance delete

Related posts: One week of Nova Kilo specifications; Specs for Kilo; Juno nova mid-cycle meetup summary: nova-network to Neutron migration; Juno Nova PTL Candidacy; Juno nova mid-cycle meetup summary: scheduler; Juno nova mid-cycle meetup summary: ironic



Comment
Categories: thinktime

Andrew McDonnell: Experiments with hardening OpenWRT: applying the grsecurity patches

Planet Linux Australia - Mon 15th Dec 2014 00:12

A well known set of security enhancements to the Linux kernel is the grsecurity patch.  The grsecurity patch is a (large) patch that applies cleanly against selected supported stock Linux kernel versions. It brings with it PAX, which protects against various well known memory exploits, plus  a number of other hardening features including logging time and mount changes. In particular it enables features such as Non-executable stack (NX) on platforms that do not provide NX in hardware, such as MIPS devices and older x86.

OpenWRT hardening

OpenWRT is a widely adopted embedded / router Linux distribution. It would benefit greatly from including grsecurity, in particular given most MIPS platforms do not support NX protection in hardware. However for a long time the differences between the OpenWRT kernel and the kernel revisions that grsecurity is supported on have been significant and would likely have taken an extreme effort to get working, let alone get working securely.

This is a shame, because there is malware targeted at consumer embedded routers, and it must only be a matter of time before OpenWRT is targeted.  OpenWRT is widely regarded as relatively secure compared to many consumer devices, at least if configured properly,  but eventually some bug will allow a remote binary to be dropped. It would be helpful if the system can be hardened and stay one step ahead of things.

The OpenWRT development trunk (destined to become the next release, ‘Chaos Calmer’ in due course) has recently migrated most devices to the 3.14 kernel tree.  Serendipidously this aligns with the long term supported grsecurity revision 3.14.  When I noticed this I figured I’d take a look at whether it was feasible to deploy grsecurity with OpenWRT.

Applying grsecurity – patch

In late November I pulled the latest OpenWRT sources and the kernel version was 3.14.25, which I noticed matched the current grsecurity stable branch 3.14.25

The grsecurity patch applies cleanly against a stock kernel, and OpenWRT starts with a stock kernel and then applies a series of patches designed to extend hardware support to many obscure embedded things not present in the mainline kernel, along with patches that reduce the memory footprint. Some of the general patches are pushed upstream but may not yet have been accepted, and some could be backports from later kernels.  Examples of generic patches  include a simplified crash report.

Anyway, I had two choices, and tried them both: apply grsecurity, then the OpenWRT patches; or start with the OpenWRT patched kernel.  In both cases there were a number of rejects, but there seemed to be less when I applied grsecurity last. I also decided this would be easier for me to support for myself going forward, a decision later validated successfully.

OpenWRT kernel patches are stored in two locations; generic patches applying against any platform, then platform specific patches.  My work is tested against the Carambola2, an embedded MIPS board supported by the ‘ar71xx’ platform in OpenWRT, so for my case, there were ar71xx patches.

To make life easy I wrote a script that would take a directory of OpenWRT kernel patches, apply to a git kernel repository and auto-commit. This allowed me to use gitg and git difftool to examine things efficiently.  It also worked well with using an external kernel tree to OpenWRT so I didnt have to worry yet about integrating patches into OpenWRT. This script is on github, it should be easily adaptable for other experiments.

(Note: to use an external tree, managed by git, use config options like the following:

CONFIG_KERNEL_GIT_CLONE_URI="path/to/linux-stable" CONFIG_KERNEL_GIT_LOCAL_REPOSITORY="path/to/linux-stable" CONFIG_KERNEL_GIT_BRANCH="owrt_grsec_v3.14.25"

There were four primary rejects that required fixing.  This involved inspecting each case and working out what OpenWRT had changed in the way. Generally, this was caused because one or the other had modified the end of the same structure or macro, but luckily it turned out nothing significant and I was able to easily reconcile things. The hardest was because OpenWRT modifies vmstat.c for MIPS and the same code was modified by grsecurity to add extra memory protections.  At this point I attempted to build the system, and discovered three other minor cases that broke the build. These mispatches essentially were due to movements in one or two lines, or new code using internal kernel API modified by grsecurity, and were also easily repaired.  The most difficult mispatch to understand was where OpenWRT rewrites the kernel module loader code, apparently to make better use of MIPS memory structures and it took me a little while to understand how to try and fix things.

The end result is on github at https://github.com/pastcompute/openwrt-cc-linux-3.14.x-grsecurity

Applying grsecurity – OpenWRT quirks

One strange bug that had to be worked around was some new dependency in the kernel build process, where extra tools that grsecurity adds were not being built in the correct order with other kernel prerequisites.

In the end I had to patch how OpenWRT builds the kernel to perform an extra ‘make olddefconfig‘ to sort things out.

I also had to run ‘make kernel_menuconfig‘ and turn on grsecurity.

As the system built, I eventually hit another problem area: building packages. This was a bit of an ‘OH-NO’ moment as I thought it had the potential to become a big rabbit hole. Luckily as it turned out, only one package was affected in the end: compat-wireless.  This package builds some extra user space tools and wifi drivers, and used a macro, ACCESS_ONCE, that was changed by grsecurity to be more secure; and required use of a new macro to make everything work again, ACCESS_ONE_RW. There were rather a number of calls to this macro, but luckily it turned out to be fixable using sed!

Booting OpenWRT with grsecurity – modules not loading

I was able to then complete an INITRAMFS image that I TFTP’d into my carambola2 via uboot.

Amazingly the system booted and provided me with a prompt.

U-Boot 1.1.4-g33f82657-dirty (Sep 16 2013 - 16:09:28) ===================================== CARAMBOLA2 v1.0 (AR9331) U-boot   Starting kernel ... [ 0.000000] Linux version 3.14.26-grsec (andrew@atlantis4) (gcc version 4.8.3 (OpenWrt/Linaro GCC 4.8-2014.04 r43591) ) #3 Sun Dec 14 18:08:52 ACDT 2014

I then discovered that no kernel modules were loading. A bit of digging and it turns out that a grsecurity option, CONFIG_GRKERNSEC_RANDSTRUCT  will auto-enable CONFIG_MODVERSIONS. One thing I learned at this point is that OpenWRT does not support CONFIG_MODVERSIONS=y, due to the way it packages modules with its packaging system. So an iteration later with the setting disabled, and everything appeared to be “working”

Testing OpenWRT with grsecurity

Of course, all this work is moot if we cant prove it works.

Easy to check is auditing. For example, we now had these messages:

[ 4.020833] grsec: mount of proc to /proc by /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0, parent /[swapper:0] uid/euid:0/0 gid/egid:0/0 [ 4.020833] grsec: mount of sysfs to /sys by /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0, parent /[swapper:0] uid/euid:0/0 gid/egid:0/0 [ 4.041666] grsec: mount of tmpfs to /dev by /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0, parent /[swapper:0] uid/euid:0/0 gid/egid:0/0

However, the acid test would be enforcement of the NX flag. Here I used the code from http://wiki.gentoo.org/wiki/Hardened/PaX_Quickstart to test incorrect memory protections. Result:

[19111.666360] grsec: denied RWX mmap of <anonymous mapping> by /tmp/bad[bad:1497] uid/euid:0/0 gid/egid:0/0, parent /bin/busybox[ash:467] uid/euid:0/0 gid/egid:0/0 mmap failed: Operation not permitted

Success!

Revisiting Checksec, and tweaking PAX

In an earlier blog I wrote about experimenting with checksec.  Here I used it to double-check that the binaries were built with NX protection. MOst were, due to a patch I previously submitted to OpenWRT for MIPS. However, openssl was missing NX. It turns out that OpenSSL amongst everything else it has been discussed for this year, uses assembler in parts of the encryption code! I was able to fix this by adding the relevant linker ‘.note.GNU-stack‘ directive.

The PAX component can be tweaked using the paxctl command, so I had to build that with the OpenWRT toolchain to try it out. I discovered that it doesnt work for files on the JFFS2 partition, only in the ramdisk. Further to enable soft mode, you need to add a kernel boot command line argument. To do this for OpenWRT, edit a file called target/linux/$KERNEL_PLATFORM/generic/config-default where in my case, $KERNEL_PLATFORM is ar71xx

Moving Targets

Right in the middle of all this, OpenWRT bumped the kernel to 3.14.26. So I had to exercise a workflow in keeping the patch current.  As it happened the grsecuroty patch was also updated to 3.14.26 so I presume this made life easier.

After downloading the stock kernel and pulling the latest OpenWRT, I again re-created the patch series, then applied grsecurity 3.14.26.  The same four rejects were present again, so fingers crossed I cherry-picked all my work from 3.14.25 onto 3.14.26. As luck would have it this was one smooth rebase!

Recap of OpenWRT grsecurity caveats
  • CONFIG_GRKERNSEC_RANDSTRUCT is not compatible with the OpenWRT build system; using it will prevent modules loading
  • Some packages may need to be modified to support NX – generally, if these use assembly language and don’t use the proper linker directive.
  • For some reason paxctl only seems to work on files in /tmp not in the JFFS overlay. This is probably only a problem when debugging
  • Your experience with the debugger gdb will probably be sub-optimal unless you put the debug target on /tmp and use paxctl to mark it with exceptions
Summary

After concluding the above, I converted the change set from my local Linux working copy into a set of additional patches on OpenWRT and rebuilt everything to double check.

The branch ‘ar71xx-3.14.26-grsecurity’ in https://github.com/pastcompute/openwrt-cc-ar71xx-hardened has all the work, along with some extra minor fixes I made to some other packages related to checksec scan results.

THIS MAY EXPLODE YOUR COMPUTER AND GET YOU POWNED! This has been working for me on one device with minimal testing and is just a proof of concept.

Categories: thinktime

What kind of customers do you want?

Seth Godin - Sun 14th Dec 2014 21:12
Do you want customers (donors, backers, voters, members, vendors) who are: Litigious Price shoppers Loyal Bureaucratic Demonstrative Followers Leaders Luxury-focused Skittish Trusting Bottom fishers Eager Confident Easily amused Uncomfortable talking about money Part of the crowd Afraid Outliers Desperate Rich...         Seth Godin
Categories: thinktime

David Rowe: FSK over FM

Planet Linux Australia - Sun 14th Dec 2014 10:12

I’m interested in developing a VHF mode for FreeDV. One intriguing possibility is to connect a modem to legacy analog FM radios, which would allow them to be re-purposed for digital voice. One candidate is FSK at about 1200 bit/s, which is often used over FM for APRS. This operates through FM radios using the mic/speaker ports on $50 HTs, no special data ports required.

So I want to know the performance of FSK over FM in terms of Bit Error Rate (BER) for a given SNR. That got me thinking. When you send FSK through a SSB radio, it faithfully mixes them up to RF and you get FSK over the channel. The SSB radio just adds a frequency translation step. So we can model FSK like this:

However sending a FSK modem signal through a FM radio is very different:

FSK over FM is not FSK when you look at the over the air waveform. The spectrum is no longer two tones bouncing back and forth. So what is it?

I wrote a simulation called fsk.m to find out. This involved building up a FSK modem, and an analog FM radio simulation. The modem took me only a few hours but I was struggling with the analog FM simulation for a week! In particular making my FM demodulator get the same results as the theory. FM is a bit old school for me, so I had to hit the ARRL handbook and do a bit of research.

FSK Modem

It’s a BEL202 simulation (as used for the APRS physical layer); 1200/2200 Hz tones, 1200 bit/s. I’m using the integrate and dump demodulation method and it matches the theoretical curves for non-coherent BFSK. Here is the FSK modem in action. First the FSK time domain signal and spectrum. The spectrum is a bunch of energy between 1200 and 2200 Hz. Makes sense as the modulator keeps moving back and forth between those two frequencies.

The next figure shows the sames signals with a 10dB SNR. Although the time domain signal looks bad, it actually has a BER one error in every 1000 bits (1E-3). The reason it looks so bad is that in the time domain we are seeing the noise from the entire bandwidth (our sample rate is Fs=96kHz). The demod effectively filters most of that out.

This next plot shows the output from the 1200 and 2200Hz integrators in the FSK demodulator for the 10dB SNR case. The height measures the energy of the tone during that bit period. As we would expect, they are mirror images. When one detects a large amount of energy, the other detects a small amount of the other tone.

Analog FM

The next step was to build a simulation of the modulator and demodulator in an analog FM radio. I wrote some code to test the input Carrier to Noise Ratio (CNR) versus output SNR. The test signal was a 1000 Hz tone, and the modulator had a maximum deviation of 5kHz, and a maximum input audio frequency of 3 kHz. After the demodulator I notched out the 1000 Hz tone so I could measure the noise power, the input to the notch filter was signal plus noise.

Here is the spectrum at the FM demodulator input for a 1000 Hz test tone:

The top plot is the tx signal centred on a 24 kHz carrier, in the bottom plot it has been mixed down to baseband and filtered. The FM signal is 16 kHz wide, as per Carsons rule. Here is the output of the FM demodulator:

At the top is a nice sine wave, and the bottom also shows the sine wave. You can see the effect of the output 3kHz low pass filter used to limit the noise bandwidth of the demod output.

When tested over a range of CNR inputs, I achieved output SNRs (red) in line with the text books (green):

At about 9dB the demodulator falls away from theory as the FM demodulator falls over, this is pretty typical. The theoretical model I have used is only valid above this 9dB threshold. You often hear this threshold effect in FM. The blue line is SSB for comparison. Over a certain threshold FM does quite a bit better in terms of output SNR for the same input CNR.

FSK over FM

OK so lets combine the simulations and look at the BER performance:

Oh dear. If my simulations are accurate, it appears FSK over FM is a lemon. About 7dB worse than regular FSK for the same BER. So using a FSK modem over a SSB radio would allow you to use 7dB less power than running the same modem through a FM radio. Coherent PSK is 3dB better again that FSK so that would get you a 10dB improvement. Simple FSK or PSK transmitters are easy to build too, and needing 7-10dB less output power would simplify them again (e.g. 100mW versus 1W).

Here is the spectrum at the FM demodulator input when sending FSK:

Note the FM spectrum looks nothing like regular FSK “over the air”, which looks like this:

So What went Wrong?

Given the plot of analog FM performance (say compared to SSB) above I had expected better results from FSK over FM.

I think I know where the problem lies. The input CNR is a measure of carrier power to noise power in the input bandwidth of the demodulator. Another way of looking at the VHF channel noise is a “floor”, which can be modelled as the average noise power per 1 Hz of bandwidth, called No.

So the Universe has given us a fixed “noise floor”, which will be the same for any modem. The FM demod input bandwidth is much wider, so it’s sucking up much more noise from the channel, which the poor demodulator has to deal with.

Lets plot the analog FM demod performance again, this time against C/No rather than C/N:

This takes into account the noise bandwidth, everything is “normalised” to the noise floor. When the C/No is beneath 48dB SSB looks much better. We can see a 7dB improvement over FM at low C/No values. This also explains why the microwave guys prefer SSB for their long shots.

Here is the BER curve scaled for C/No:

Conclusion

It appears the key to good modem performance is the RF bandwidth of the signal. Given a constant noise floor No, the signal bandwidth sets the total noise power N=NoB the demodulator has to deal with.

This has put me off the idea of a FreeDV VHF mode based on BEL202 FSK through legacy FM radios. I’d really like to come up with a mode that has sparkling BER versus SNR performance. I haven’t spent years making Codec 2 operate at low bit rates just to throw all those gains away in the modem!

Couple of ways forward:

  • Take a look at GMSK.
  • Consider developing a version of the SM1000 into an (open source) VHF SDR radio that can do PSK. Not as crazy as it seems. We are already planning a HF SDR version. Radio hardware is getting simple now the signal processing is all moving to software. We can make the modem so efficient that the PA can be modest (100s of mW).
  • Dream up waveforms that can pass through legacy FM radios and have a low over-the air bandwidth. For example FSK that shifts between 300 and 400 Hz. In the past I’ve dreamed up new Codec 2 modes (1300 and 450 bit/s) to suit the properties of HF channels. So why no design a modem waveform to suit us? Go open source!
  • Cop the performance hit and use BEL202 FSK. It might still be useful to use legacy FM radios for DV even with a 7dB loss in modem performance. It seems to work fine for APRS. If your C/No is high (as is often the case) then FSK over FM will have zero errors.
Categories: thinktime

Costs before and after

Seth Godin - Sat 13th Dec 2014 21:12
Before you finish your new idea or launch your new project, it's worth taking a few minutes to realize that two costs are dramatically underestimated: 1. The cost of selling. How much will it cost you to sell this to...         Seth Godin
Categories: thinktime

Andrew Pollock: [life] Day 317: Doctor again, final Tumble Tastics, a good deed and general fun

Planet Linux Australia - Sat 13th Dec 2014 12:12

Zoe slept solidly until 6:48am. It was overcast and cooler, so I dare say that helped. Uninterrupted sleep is always nice. We had a nice snuggle in bed before we started the day.

First up, we had another doctor's appointment so the doctor could have another go at freezing off the wart on her hand. Despite some initial uncertainty, Zoe was much braver this time, and the doctor got to really hit it this time. Zoe was very proud of herself.

After the obligatory Freddo Frog for bravery, we headed home via the Valley to clear my PO box.

After a little bit of TV, we scootered to Tumble Tastics for her final class.

Tumble Tastics has been really great for Zoe. Zoe's always enjoyed gymnastics, and has definitely enjoyed this. She was very fond of Mr Fletcher, her teacher (she seems to really like male teachers) and especially loved the rope swing they had in the classroom. I was personally impressed by the theme that they did each week, and their ability to keep the activities in the relatively small room fresh and varied each week. They use the limited space that they have quite effectively. The fact that it was an easy distance from home was a bonus.

On our way back home, we discovered a stray dog on the side of Hawthorne Road. I checked its collar, and it had a mobile phone number on it, so I gave it a call. It turned out the owner was down at the supermarket, and his wife was at home with a baby, so I offered to return the dog for him.

It was only about a 500 metre walk, but it was very back-breaking, as the dog was pretty dumb and wouldn't follow us, so I head to lead it by the collar all the way, which involved me having to walk bent over all the way. Zoe wanted to help, but he was a bit to big and heavy for her to lead.

He was an interesting cross-breed. He had the markings of a blue heeler, but the head and general body shape of a terrier of some sort.

Due to some ambiguous letterboxes, we ended up at the the wrong house (off by one) and this house had a black Siamese cat that emerged from a boat parked in the front yard when I knocked on the door. Of course the dog decided to chase off after the cat, and I thought all was lost at that point, but he came back after having chased the cat away.

We then proceeded to the right house, returned the dog and went home for a well earned lunch.

After lunch, we went for a walk in the rain to post a letter. Zoe had a great time puddle jumping in her rain boots. We also made an opportunistic Christmas present purchase, and then went home again.

We had an unplanned afternoon of silly play for a while, with lots of running around and tickles and laughter. It was nice. Our downstairs neighbour, Deana, popped up to hang out for a bit as well, which was nice.

Zoe watched a bit of TV after that, and then Sarah arrived to pick her up.

Categories: thinktime

Glen Turner: USB product IDs for documentation - success

Planet Linux Australia - Fri 12th Dec 2014 23:12
Motivation

In a previous posting I reported a lack of success when enquiring of the USB Implementors' Forum if a Vendor ID had been reserved for documentation.

To recap my motivation, a Vendor ID -- or at least a range of Product IDs -- is desirable to:

  • Avoid defamation, such as using a real VID:PID to illustrate a "workaround", which carries the implication that the product is less-than-perfect. Furthermore, failing to check if a VID:PID has actually been used is "reckless defamation".

  • Avoid consumer law, such as using a real VID:PID to illustrate a a configuration for a video camera, when in fact the product is a mouse.

  • Avoid improper operation, as may occur if a user cuts-and-pastes an illustrative example and that effects a real device.

  • Avoid trademark infringment.

For these reasons other registries of numbers often reserve entries for documentation: DNS names, IPv4 addresses, IPv6 addresses.

Allocation of 256 Product IDs, thanks to OpenMoko

OpenMoko has been generous enough to reserve a range of Product IDs for use by documentation:

0x1d50:0x5200 through to 0x1d50:0x52ff

Note carefully that other Product IDs within Vendor ID 0x1d50 are allocated to actual physical USB devices. Only the Product IDs 0x1d50:0x5200 through to 0x1d50:0x52ff are reserved for use by documentation.

My deep thanks to OpenMoko and Harald Welte.

Application form

The application form submitted to OpenMoko read:

  • a name and short description of your usb device project

    Documentation concerning the configuration of USB buses and devices.

    For example, documentation showing configuration techniques for Linux's udev rules.

    The meaning of "documentation" shall not extend to actual configuration of a actual device. It is constrained to showing methods for configuration. If an VID:PID for an actual device is required then these can be obtained from elsewhere.

    OpenMoko will not assign these "Documentation PIDs" to any actual device, now or forever.

    Operating systems may refuse to accept devices with these "documentation VID:PIDs". Operating systems may refuse to accept configuration which uses these "documentation VID:PIDs".

  • the license under which you are releasing the hardware and/or software/firmware of the device

    The documentation may use any license. Restricting use to only free documentation is problematic: the definition of "free" for documents is controversial; and it would be better if the PID:VIDs were well known and widely used by all authors of technical documentation.

  • a link to the project website and/or source code repository, if any

    Nil, one can be created if this is felt to be necessary (eg, to publicise the allocation).

  • if you need multiple Product IDs, please indicate + explain this at the first message, rather than applying for a second ID later

    Approximately 10.

Categories: thinktime

Go for a walk

Seth Godin - Fri 12th Dec 2014 21:12
The best time is when you don't feel like it. Going for a walk when you don't feel like it will change your mood, transform your posture and get you moving. And if you don't feel like talking with someone,...         Seth Godin
Categories: thinktime

This week's sponsor: MyFonts

a list apart - Fri 12th Dec 2014 02:12

Thanks to MyFonts for sponsoring A List Apart this week! Take a look at their list of the 50 most popular fonts on the web right now.

Categories: thinktime

Rachel Andrew on the Business of Web Dev: The Ways We’ve Changed—and Stayed the Same

a list apart - Fri 12th Dec 2014 00:12

In 2005, my husband and business partner Drew McLellan had an idea for a website. He emailed friends and colleagues, we filled in the gaps, and 24 ways was launched: 24 articles in the run-up to Christmas, advent-calendar style. As I write this article, we are on day six of season 10 of that project. By 24 December, there will be 240 articles by 140 authors—many of them well-known names in web design and development. As a fun holiday season retrospective, I thought I would take a look at what 10 seasons of 24 ways can tell us about how our industry has changed—and what hasn’t changed.

Hacking our way to CSS complexity

The first season of 24 ways, prior to Christmas 2005, brought us techniques such as using JavaScript to stripe table rows, image techniques for rounded corners, and an article on Avoiding CSS Hacks for IE due to the imminent arrival of Internet Explorer 7. In that first season, we were still very much working around the limitations of browsers that didn’t have full support for CSS2.1.

By 2006, Andy Budd was teasing us with the rounded corner possibilities brought to us in CSS3 and in 2007, Drew McLellan helped us to get transparent PNG images to work in Internet Explorer 6. The article titles from those early years show how much of our time as designers and developers was spent dealing with browser bugs and lack of CSS to deal with the visual designs we wanted to create. The things we wanted to do were relatively simple—we wanted rounded corners, nice quote marks, and transparency. The hoops we had to jump through were plentiful.

The introduction to the 2013 archive of 24 ways notes that 2013 was the year that the Web Standards Project “buzzed its last.” By 2013, browsers had converged on web standards. They were doing standard things in standard ways. We were even seeing innovation by browser vendors via the established standards process. My article for the 2013 season described the new CSS Grid Layout specification, initially developed by Microsoft.

Since 2005, the CSS that we can consider usable in production has grown. We have far more CSS available to us through browser support for the new modules that make up CSS3. The things that CSS can do are also far more complex, expressive, and far reaching. We’ve moved on from spending our time trying to come up with tricks to achieve visual effects, and are spending a lot of time working out what to do with all of this CSS. How do we manage websites and web applications that are becoming more like complex pieces of software than the simple styled HTML documents of days gone by? Topics in recent years include new approaches to using CSS selectors, front-end style guides, Git, and Grunt. The web has changed, and the ways in which we spend our time have changed too.

We all got mobile

In the 2006 edition of 24 ways, Cameron Moll explained that,

The mobile web is rapidly becoming an XHTML environment, and thus you and I can apply our existing “desktop web” skills to understand how to develop content for it. With WML on the decline, the learning curve is much smaller today than it was several years ago. I’m generalizing things gratuitously, but the point remains: Get off yo’ lazy butt and begin to take mobile seriously.

The Mobile Web Simplified

The iPhone wasn’t launched until 2007, a move by Apple that forced us all to get off our lazy butts and think about mobile! In December 2007, Brian Fling explained the state of the mobile landscape half a year after the launch of the iPhone. It wasn’t until responsive design was brought to life by Ethan Marcotte on A List Apart in May 2010, however, that articles about mobile really became numerous on 24 ways. The 2011 season had four articles with the words “responsive design” in the title!

By 2012, we were thinking through the implications of designing for mobile, and for mobile data. Paul Lloyd took a look back at the two approaches for responsive images discussed in the 2011 season and the emerging proposals for picture and srcset in Responsive Images: What We Thought We Needed. Tim Kadlec reminded us that,

… there’s one part of the web’s inherent flexibility that seems to be increasingly overlooked: the ability for the web to be interacted with on any number of networks, with a gradient of bandwidth constraints and latency costs, on devices with varying degrees of hardware power.

Responsive Responsive Design

As we rushed to implement responsive sites and take advantage of new platforms, we had to take care that we weren’t excluding people by way of bandwidth limitations. Whether it is IE6 or mobile data, some things never change. We get excited about new technologies, then come back to earth with a bump as the reality of using them without excluding a chunk of our audience kicks in!

The work of change

I’m too old to be launching websites at midnight.

— Drew McLellan (@drewm) November 30, 2014


In these 10 seasons, we can see how much the web has changed and we have changed, too. Every year, 24 ways picks up a new audience and new authors, many of whom would have still been in school in 2005.

Always, 24 ways has tried to highlight the new, the experimental, and the technically interesting. However, it has also addressed more challenging aspects. Whether an old hand or a newcomer to the industry, we can all feel overwhelmed at times, as if we are constantly running to keep up with the latest new thing. In 2013, Christopher Murphy wrote Managing a Mind, a piece that starkly illustrated the challenges that constantly keeping up can bring. This year, we are given a reminder that we need to take care of our bodies while performing the repetitive tasks that design and programming require.

The business of web development

Often, 24 ways has featured articles that deal with the business of being a web designer, developer, or agency owner. In 2007, Paul Boag gave us 10 tips for getting designs signed off by the client. As the recession hit in 2008, Jeffrey Zeldman wrote up his Recession Tips for Web Designers. We’ve seen articles on subjects ranging from side projects to contracts and everything in-between.

The business archive contains some of the most evergreen content on the site, demonstrating that good business knowledge can serve you well throughout a career.

The industry that shares

Another thing that hasn’t changed over these 10 seasons is the enthusiasm of each 24 ways contributor for their subject, and their generosity in writing and sharing their thoughts. This reflects our industry, an industry where people share their thoughts, research, and hard-earned experience for the benefit of their peers.

On that note, I’ll close my final A List Apart column of 2014. Best wishes to all of you who are celebrating at this time of year. I look forward to sharing my thoughts on the business side of our industry throughout 2015.

Categories: thinktime

Andrew Pollock: [life] Day 316: Bike riding play date and picnic

Planet Linux Australia - Thu 11th Dec 2014 22:12

Zoe woke up at around 1:30am. I think the fact that her nightlight had gotten unplugged didn't help matters, and despite fixing that up, she jumped into bed with me at 1:50am.

We had a slow start to the day, but that said, I did manage to bake a batch of mince pies and make pastry for a quiche before we headed out at 9:30am, so it wasn't an unproductive morning.

I'd organised with Kelley to have a bike riding play date with Chloe at the Minnippi Parklands. I figured that since Chloe can already ride a bike, it might encourage Zoe.

It was a pretty hot morning, and not a lot of attempted bike riding happened before Zoe had had enough. No major breakthroughs happened, but it was very handy having a second adult. I think I need to put Zoe's bike seat up, as she's grown a bit since she first started trying to learn.

After we gave up on the bikes, the girls went and played on the pretend aeroplane and air traffic control tower for the rest of the morning, and we watched a storm roll in.

By early afternoon, the storm was looking a bit ominous, and Kelley had to be back at school, so we dropped them back home, and Zoe played for a bit at Chloe's place before we headed home to get ready for swim class.

In the mean time, the storm hit and appeared to pass, so we drove to swim class, but there was still lightning around, so swim class was canceled.

We headed back home so I could finish making dinner. Zoe was pretty tired from the day's activities, so I'm hoping she has a good sleep tonight.

Categories: thinktime

Andrew Pollock: [life] Day 315: End of Kindergarten

Planet Linux Australia - Thu 11th Dec 2014 21:12

Well, the day finally arrived. Zoe graduated from Kindergarten.

I started the morning failing to go for a run again. I should just give up until after Summer I think. I had my chiropractic adjustment and did some blogging, before heading out to Zoe's Kindergarten for their farewell morning tea.

The morning tea was nice, and we were free to take our kids home afterwards, so we were out of there by about midday.

The Kindergarten year feels like it's flown by so quickly. I've been really happy with the Seven Hills C&K. I'm grateful my friend Kim told me about C&K while there was still time to get Zoe a place, and that I've been able to have the year off to allow her to go. I think it's definitely a better environment than long day care. The transition statement, which I guess can best be described as an exit report card for Zoe was absolutely lovely. Time will tell, but I think it has prepared her well for Prep next year.

It was also great to be able to serve on the Kindergarten's Parent Advisory Group committee this year. That gave some insight into how the Kindergarten, and C&K in general operate.

Seven weeks of school holidays lie ahead of us, which I'm sure will fly by pretty quickly.

Megan came over with her Mum in the afternoon for a play date, and I prepared some more mince pies.

Zoe and I went out for dinner with my cousin, Renata, to celebrate Zoe's graduation from Kindergarten and we had a nice dinner out.

Categories: thinktime

Get the word out vs. Find the others

Seth Godin - Thu 11th Dec 2014 21:12
If Sylvia makes the math team, there are two ways for the school to find out. One method is that she alerts people she has a relationship with. Call this a hard network, a direct connection. The other method is...         Seth Godin
Categories: thinktime

David Rowe: SM1000 Part 9 – First Betas

Planet Linux Australia - Thu 11th Dec 2014 18:12

Edwin and his team at Dragino have hand assembled the first two SM1000 Beta units in Shenzhen. I’m working with him to perform some initial tests while we wait a few days for the prototype enclosures to be made. Then Rick and I will both get a SM1000 shipped to us for testing. We’ve found a few little issues so far which we will correct before the Qty 100 beta run later this month.







Categories: thinktime

Stewart Smith: skiboot-4.1

Planet Linux Australia - Thu 11th Dec 2014 17:12

I just posted this to the mailing list, but I’ve tagged skiboot-4.1, so we have another release! There’s a good amount of changes since 4.0 nearly a month ago and this is the second release since we hit github back in July.

For the full set of changes, “git log” is your friend, but a summary of them follows:

  • We now build with -fstack-protector and -Werror
  • Stack checking extensions when built with STACK_CHECK=1
  • Reduced stack usage in some areas, -Wstack-usage=1024 now.
    • Some functions could use 2kb stack, now all are <1kb
  • Unsafe libc functions such as sprintf() have been removed
  • Symbolic backtraces
  • expose skiboot symbol map to OS (via device-tree)
  • removed machine check interrupt patching in OPAL
  • occ/hbrt: Call stopOCC() for implementing reset OCC command from FSP
  • occ: Fix the low level ACK message sent to FSP on receiving {RESET/LOAD}_OCC
  • hardening to errors of various FSP code
    • fsp: Avoid NULL dereference in case of invalid class_resp bits
    • abort if device tree parsing fails
    • FSP: Validate fsp_msg in fsp_queue_msg
    • fsp-elog: Add various NULL checks
  • Finessing of when to use error log vs prerror()
  • More i2c work
  • Can now run under Mambo simulator (see external/mambo/skiboot.tcl) (commonly known as “POWER8 Functional Simulator”)
  • Document skiboot versioning scheme
  • opal: Handle more TFAC errors.
    • TB_RESIDUE_ERR, FW_CONTROL_ERR and CHIP_TOD_PARITY_ERR
  • ipmi: populate FRU data
  • rtc: Add a generic rtc cache
  • ipmi/rtc: use generic cache
  • Error Logging backend for bmc based machines
  • PSI: Drive link down on HIR
  • occ: Fix clearing of OCC interrupt on remote fix

So, who worked on this release? We had 84 csets from 17 developers. A total of 3271 lines were added, 1314 removed (delta 1957).

Developers with the most changesets Stewart Smith 24 28.6% Benjamin Herrenschmidt 17 20.2% Alistair Popple 8 9.5% Vasant Hegde 6 7.1% Ananth N Mavinakayanahalli 5 6.0% Neelesh Gupta 4 4.8% Mahesh Salgaonkar 4 4.8% Cédric Le Goater 3 3.6% Wei Yang 3 3.6% Anshuman Khandual 2 2.4% Shilpasri G Bhat 2 2.4% Ryan Grimm 1 1.2% Anton Blanchard 1 1.2% Shreyas B. Prabhu 1 1.2% Joel Stanley 1 1.2% Vaidyanathan Srinivasan 1 1.2% Dan Streetman 1 1.2% Developers with the most changed lines Benjamin Herrenschmidt 1290 35.1% Alistair Popple 963 26.2% Stewart Smith 344 9.4% Mahesh Salgaonkar 308 8.4% Ananth N Mavinakayanahalli 198 5.4% Neelesh Gupta 186 5.1% Vasant Hegde 122 3.3% Shilpasri G Bhat 39 1.1% Vaidyanathan Srinivasan 24 0.7% Joel Stanley 21 0.6% Wei Yang 20 0.5% Anshuman Khandual 15 0.4% Cédric Le Goater 12 0.3% Shreyas B. Prabhu 9 0.2% Ryan Grimm 3 0.1% Anton Blanchard 2 0.1% Dan Streetman 2 0.1% Developers with the most lines removed Mahesh Salgaonkar 287 21.8% Developers with the most signoffs (total 54) Stewart Smith 44 81.5% Vasant Hegde 4 7.4% Benjamin Herrenschmidt 4 7.4% Vaidyanathan Srinivasan 2 3.7% Developers with the most reviews (total 2) Vasant Hegde 2 100.0%
Categories: thinktime

Pages

Subscribe to KatteKrab aggregator - thinktime