search for: siewior

From: Sebastian Andrzej Siewior <sebastian at breakpoint.cc> OpenSSL 3.1.0 uses the same ABI as OpenSSL 3.0.x series. Further 3.1.x release are just stable updates and no ABI change (is expected) just like the 3.0.x series. Relax the version check for OpenSSL 3+ and rely on ABI compatibility. Signed-off-by: Sebastian And...

I added ZSTD support to OpenSSH roughly over a year and I've been playing with it ever since. The nice part is that ZSTD achieves reasonable compression (like zlib) but consumes little CPU so it is unlikely that compression becomes the bottle neck of a transfer. The compression overhead (CPU) is negligible even when uncompressed data is tunneled over the SSH connection (SOCKS proxy, port

On 2020-03-17 00:03:03 [+0100], Dimitrios Apostolou via rsync wrote: > On Thursday, February 20, 2020 10:34:53 PM CET, Sebastian Andrzej Siewior > via rsync wrote: > > > > I'm still not sure if rsync requires a cryptographic hash _or_ if a > > strong hash like xxHash64 would be just fine for the job. > > I'm fairly sure the hash should *not* be easy to spoof, so I'd say a > cryptographic hash is n...

On 2020-02-20 20:06:39 [+0100], Markus Ueberall wrote: > On 2020-02-09 23:19, Sebastian Andrzej Siewior wrote: > > [...] > > My primar motivation to use SHA1 for checksumming (by default) instead > > of MD5 is not the additional security bits but performance. On a decent > > x86 box the SHA1 performance is almost the same as MD5's but with > > acceleration it outperf...

...the driver before removing multi-instance hotplug callbacks. This order avoids the warning issued from __cpuhp_remove_state_cpuslocked when the number of remaining instances isn't yet zero. Fixes: 8017c279196a ("net/virtio-net: Convert to hotplug state machine") Cc: Sebastian Andrzej Siewior <bigeasy at linutronix.de> Signed-off-by: Andrew Jones <drjones at redhat.com> --- drivers/net/virtio_net.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index 99a26a9efec1..f41ab0ea942a 100644 --- a/drivers/net/...

...the driver before removing multi-instance hotplug callbacks. This order avoids the warning issued from __cpuhp_remove_state_cpuslocked when the number of remaining instances isn't yet zero. Fixes: 8017c279196a ("net/virtio-net: Convert to hotplug state machine") Cc: Sebastian Andrzej Siewior <bigeasy at linutronix.de> Signed-off-by: Andrew Jones <drjones at redhat.com> --- drivers/net/virtio_net.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index 99a26a9efec1..f41ab0ea942a 100644 --- a/drivers/net/...

I hacked zstd support into OpenSSH a while ago and just started to clean it up in the recent days. The cleanup includes configuration support among other things that I did not have. During testing I noticed the following differences compared to zlib: - highly interactive shell output (as in refreshed at a _very_ high rate) may result in higher bandwidth compared to zlib. Since zstd is quicker

...in Debian unstable (targeting Buster) supports TLS1.2 by default. The library itself supports also TLS1.1 and TLS1.0. If the admin decides to also support TLS1.[01] users he can then enable the lower protocol version in case the users can't update their system. Signed-off-by: Sebastian Andrzej Siewior <sebastian at breakpoint.cc> --- src/config/all-settings.c | 1 + src/lib-master/master-service-ssl-settings.c | 2 ++ src/lib-master/master-service-ssl-settings.h | 1 + src/login-common/ssl-proxy-openssl.c | 15 ++++++++++++++- 4 files changed, 18 inse...

On Sunday, May 7, 2023 3:53 PM, Sebastian Andrzej Siewior wrote: >OpenSSL 3.1.0 uses the same ABI as OpenSSL 3.0.x series. Further 3.1.x release are >just stable updates and no ABI change (is expected) just like the 3.0.x series. > >Relax the version check for OpenSSL 3+ and rely on ABI compatibility. > >Signed-off-by: Sebastian Andrzej...

...transfer. An alternative would be to use ftruncate() and shorten the file to the size which has been transfered in case of an error. posix_fallocate() isn't used because this function maybe implemented by multiple write() calls which is not what I had in mind. Signed-off-by: Sebastian Andrzej Siewior <sebastian at breakpoint.cc> --- configure.in | 9 +++++++++ receiver.c | 9 ++++++++- rsync.h | 4 ++++ syscall.c | 9 +++++++++ 4 files changed, 30 insertions(+), 1 deletions(-) diff --git a/configure.in b/configure.in index 9de88d1..3e6ce55 100644 --- a/configure.in...

Hi, more or less a year ago Kurt Roeckx provided an initial port towards the OpenSSL 1.1 API [0]. The patch has been left untouched [1] and it has been complained about a missing compat layer of the new vs the old API within the OpenSSL library [2]. This is how I reconstructed the situation as of today and I am not aware of any progress in regard to the newer library within the OpenSSH project.

On 2020-05-22 22:54:18 [-0700], Wayne Davison via rsync wrote: > Thanks for the optimizing patches, Jorrit! I've merged your latest changes > into the git master branch. Wouldn't it be better to add support for a crypto library (like openssl) which would provide optimized algorithms for more than just one platform without the need to maintain it separately? > ..wayne..

On 27 August 2017 08:32:06 CEST, Timo Sirainen <tss at iki.fi> wrote: >> DEF(SET_STR, ssl_protocols), >> DEF(SET_STR, ssl_cert_username_field), >> DEF(SET_STR, ssl_crypto_device), >> + DEF(SET_STR, ssl_lowest_version), > >Does it really require a new setting? Couldn't it use the existing >ssl_protocols setting? You need to set a minimal version.

https://bugzilla.mindrot.org/show_bug.cgi?id=2888 Bug ID: 2888 Summary: Consider adding other compression schemes (lz4, zstd) Product: Portable OpenSSH Version: 7.7p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: Miscellaneous Assignee:

On 2020-09-07 11:21:13 [+1000], Darren Tucker wrote: > The zstd part would be a larger discussion because we would need to > either carry it as a Portable patch or have zstd added to OpenBSD > base, and I don't know if that would be accepted. Do you have any > performance numbers for zstd in this application? A key stroke is here 10 bytes of raw data which zstd compresses usually

From: Sebastian Andrzej Siewior <sebastian at breakpoint.cc> The "zstd at breakpoint.cc" compression algorithm enables ZSTD based compression as defined in RFC8478. The compression is delayed until the server sends the SSH_MSG_USERAUTH_SUCCESS which is the same time as with the "zlib at openssh.com" met...

...oodmis.org> Cc: Jiri Kosina <trivial at kernel.org> Cc: Thomas Gleixner <tglx at linutronix.de> Cc: "H. Peter Anvin" <hpa at zytor.com> Cc: Konrad Rzeszutek Wilk <konrad.wilk at oracle.com> Cc: Jeremy Fitzhardinge <jeremy at goop.org> Cc: Sebastian Andrzej Siewior <sebastian at breakpoint.cc> Cc: x86 at kernel.org Cc: xen-devel at lists.xensource.com Cc: virtualization at lists.linux-foundation.org Signed-off-by: Jiang Liu <liuj97 at gmail.com> --- arch/x86/include/asm/xen/events.h | 1 - arch/x86/xen/smp.c | 38 ++---------------...

...oodmis.org> Cc: Jiri Kosina <trivial at kernel.org> Cc: Thomas Gleixner <tglx at linutronix.de> Cc: "H. Peter Anvin" <hpa at zytor.com> Cc: Konrad Rzeszutek Wilk <konrad.wilk at oracle.com> Cc: Jeremy Fitzhardinge <jeremy at goop.org> Cc: Sebastian Andrzej Siewior <sebastian at breakpoint.cc> Cc: x86 at kernel.org Cc: xen-devel at lists.xensource.com Cc: virtualization at lists.linux-foundation.org Signed-off-by: Jiang Liu <liuj97 at gmail.com> --- arch/x86/include/asm/xen/events.h | 1 - arch/x86/xen/smp.c | 38 ++---------------...

...oodmis.org> Cc: Jiri Kosina <trivial at kernel.org> Cc: Thomas Gleixner <tglx at linutronix.de> Cc: "H. Peter Anvin" <hpa at zytor.com> Cc: Konrad Rzeszutek Wilk <konrad.wilk at oracle.com> Cc: Jeremy Fitzhardinge <jeremy at goop.org> Cc: Sebastian Andrzej Siewior <sebastian at breakpoint.cc> Cc: x86 at kernel.org Cc: xen-devel at lists.xensource.com Cc: virtualization at lists.linux-foundation.org Signed-off-by: Jiang Liu <liuj97 at gmail.com> --- arch/x86/include/asm/xen/events.h | 1 - arch/x86/xen/smp.c | 38 ++---------------...

Both call sites, that access kmmio_ctx, access kmmio_ctx with interrupts disabled. There is no need to use get_cpu_var() which additionally disables preemption. Use this_cpu_ptr() to access the kmmio_ctx variable of the current CPU. Signed-off-by: Sebastian Andrzej Siewior <bigeasy at linutronix.de> --- arch/x86/mm/kmmio.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/arch/x86/mm/kmmio.c b/arch/x86/mm/kmmio.c index 49d7814b59a9b..9994353fb75de 100644 --- a/arch/x86/mm/kmmio.c +++ b/arch/x86/mm/kmmio.c @@ -260,7 +260,7 @@ int km...