on-going issues on overlayfs in Linux kernel

As of 2016-02-11, the following issues are critical known bugs about overlayfs in Linux kernel.

making firewall to allow multipath-tcp packets

If a multipath-tcp-capable guest VM cannot communicate to the Internet, try to check the firewall on the host,

# iptables -L FORWARD
target     prot opt source               destination
REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

You need to allow packets with multipath TCP (TCP option 30).

# iptables -D FORWARD -p all -j REJECT --reject-with icmp-host-prohibited
# iptables -A FORWARD -p tcp --tcp-option 30 -m state --state NEW -j ACCEPT
# iptables -A FORWARD -p all -j REJECT --reject-with icmp-host-prohibited

Running Linux on Dell XPS 15 9530

It has been multiple weeks since I started running Fedora Linux on a new laptop, Dell XPS 15 9530. General hardware specification of the laptop is introduced on http://www.dell.com/us/business/p/xps-15-9530/pd?oc=&model_id=xps-15-9530&l=en&s=bsd. I wanted to install Fedora 22, removing the pre-installed Windows 10.

After installing the distro, several issues popped up. \* Wireless interface didn’t work. Chipset is Broadcom BCM4352. \* Bluetooth interface didn’t work, which is Broadcom BCM20702A0. \* Graphic card driver didn’t entirely work. While the Intel integrated graphics controller did work with i915 driver, the other 3D graphics controller, Nvidia GK107M (GeForce GT 750M) couldn’t get recognized at all.

[Read More]

data corruption with TRIM on MD-RAID in Linux Kernel

Last a month a blog post was published on a lengthy investigation on mysterious data corruption. Recently author of the article has updated with a core reason: a bug in MD-RAID 0/10/linear in Linux kernel.

The author did made a contact with Samsung electronics, as he originally thought that its a firmware issue of Samsung SSD. Though it turned out to be a general Linux kernel bug. Consequently a Linux developer Seunguk Shin posted a patch on RAID0 to fix that, which is again modified by Martin Petersen like that.

[Read More]

Why did 5163 Army division send 686,000 Euros to Hacking Team?

(This article is an english verison of the blog post by rainygirl, which is originally written in Korean. written by rainygirl, translated by hipporoll)

On Jul. 6th, an Italian spyware company ‘Hacking Team’ (HT) was compromised, so that its internal data in size of 400 GB was entirely leaked via torrent. The leaked archive contains internal files such as software source codes, employees’ personal information like salaries or bonus rankings, and even resignations of ex-employees. Above all, there was the most important reason why it interested international media: the leaked archive contained the whole evidences of having sold surveillance tools to national intelligence agencies, i.e. governments.

[Read More]

What Silicon Valley Can Learn From Seoul

(…)

The app was quickly adopted by Korean users as a free alternative to text messaging. Part of its success is due to the fact that KakaoTalk functions like its own version of the Internet within a smartphone: Users don’t have to close the app, ever, to check the news, talk to friends, order dinner or play games. To an American, the app’s design is insane, like stepping into a demented fun house. Pages are drenched in neon and populated with googly-eyed cartoon animals.

[Read More]

Initial release of seafile fuse-client

I’ve written up a simple client for Seafile, based on FUSE-client under Linux. See https://github.com/dongsupark/seafile-fuse-client for details.

To install it, do like the following:

1. Prequisites

a. Install python-seafile.

Python-seafile is needed as seafile-fuse-client depends on python API provided by seafile:

$ git clone https://github.com/dongsupark/python-seafile.git
$ cd python-seafile
$ python setup.py install

b. Install required packages:

(on Debian/Ubuntu/etc.)

$ sudo apt-get install libfuse2 python-setuptools

(on Fedora/CentOS/SuSE/etc.)

$ sudo yum install fuse python-setuptools

c. Set up a seafile server

Install seafile server as well as seahub, as introduced in tutorials on http://manual.seafile.com/.

[Read More]

simplify block layer based on immutable biovecs

[RFC PATCH 00/17] simplify block layer based on immutable biovecs https://lkml.org/lkml/2014/12/22/128

This is the first attempt of simplifying block layer based on immutable biovecs. Immutable biovecs, implemented by Kent Overstreet, have been available in mainline since v3.14. Its original goal was actually making generic_make_request() accept arbitrarily sized bios, and pushing the splitting down to the drivers or wherever it’s required. See also discussions in the past, [1] [2] [3].

This will bring not only performance improvements, but also a great amount of reduction in code complexity all over the block layer. Performance gain is possible due to the fact that bio_add_page() does not have to check unnecesary conditions such as queue limits or if biovecs are mergeable. Those will be delegated to the driver level. Kent already said that he actually benchmarked the impact of this with fio on a micron p320h, which showed definitely a positive impact.

[Read More]

Südkorea: Langer Schatten der Diktatur

http://www.jungewelt.de/2014/12-20/045.php

Langer Schatten der Diktatur Südkoreas Verfassungsgericht verbietet linke Oppositionspartei UPP. Kritiker beklagen Ende der Demokratie Von Michael Streitberg

Als Lee Jung-hee, Vorsitzende der linken Vereinigten Fortschrittlichen Partei (UPP), zu ihren vor dem Verfassungsgericht in Seoul versammelten Anhängern sprach, hatte sie Tränen in den Augen: »Der heutige Tag markiert den Untergang unserer Demokratie«, brachte sie ihre Empfindungen nach dem kurz zuvor erfolgten Verbot ihrer Partei am Freitag vormittag zum Ausdruck. Südkoreas Präsidentin Park Geun-hye, Tochter des langjährigen Militärdiktators Park Chun-hee, sei zum diktatorischen Führungsstil ihres Vaters zurückgekehrt. Das Verfassungsgericht habe die Tür entriegelt, »die uns zum Totalitarismus führt«, wird Lee vom Korean Herald zitiert.

[Read More]