encryption speed – Debian vs Fedora

December 22, 2006 | etbe

I’m in the process of converting my Fedora/rawhide laptop to Debian.

On Fedora the AES encrypted filesystems deliver about 38MB/s read speed according to dd. On Debian the speed is 2.4MB/s when running Xen and 2.7MB/s when not running Xen. The tests were done on the same block device.

Debian uses a SMP kernel (there are no non-SMP kernels in Debian), but I don’t expect this to give an order of magnitude performance drop. Both systems use i686 optimised kernels.

Update: As suggested I replaced the aes module with the aes_586 module. Unfortunately it made no apparent difference.

Update2: As suggested by a comment I checked the drive settings with hdparm and discovered that my hard drive was not using DMA. After I configured the initramfs to load the piix driver first it all started working correctly. Thanks for all the suggestions, I’ll post some benchmarks of encryption performance in a future blog entry.

dunc-tank and motivation

October 4, 2006 | etbe

The dunc-tank project was established to raise money to compensate some Debian developers who are essential to producing a timely release of Debian. There has been a lot of acrimoneous debate about whether this is a good or bad thing. The positive side of it is that the release managers will get to spend more time working on Debian, the negative side is that some volunteers will lose motivation.

However I have felt more motivated to do my unpaid Debian work. During the time that I was employed by Red Hat I was fairly slack about my Debian development work (incidentally Red Hat management were happy for me to continue Debian work so there was no pressure from Red Hat in this regard). Since leaving Red Hat I have been busy doing paid work.

Recently I have started getting involved in Debian work again. I am about to upload a new version of Postal for the first time in three years, I have set up a Xen server for Debian SE Linux development, and I am about to start serious Debian SE Linux development work again.

One factor in this has been my impression that other DDs are taking the release seriously. In the past schedules for release have slipped repeatedly without end. Now there is a schedule and this gives me more motivation to get bugs fixed!

mailing list culture

September 15, 2006 | etbe

There is currently a big debate in progress in Debian. I am not going to mention any specifics because too much of it has already been blogged (maybe in the same syndication in which you read my blog).

I think that the way things are going is more an illustration of the failings of mailing list culture than of failings of Debian. Maybe another mechanism would be more productive in leading towards a solution.

One option that occurred to me is debate via wiki. If each side had a wiki page that they could modify then in a small amount of time we should get a set of two main consensus opinions which would each be explained clearly and summarised well. Then with two options clearly expressed the people who have less strong opinions could decide which option they favor. For this to be a quick solution honorable behaviour would be required from all people involved, if people start trying to sabotage the other group’s wiki entries then it would significantly increase the time taken to achieve things.

Another possibility that occurred to me is debate via blog. The quality of blog postings is expected to be a lot higher than that of mailing list discussions as all posts are tied to the author’s public image. Writing content-free messages on a mailing list is easy, but every blog entry needs to stand on it’s own to a certain extent and anyone who writes flames in most of their blog entries will probably find that the readers like it less than the readers of a typical mailing list.

Maybe when an issue is recognised as highly contentious a few people could blog about it and then form groups to develop wikis to promote their views. A debate might start out with five or more different competing views, some of them would merge until there were only two main opinions being pushed. Then once the two remaining groups had sorted out their positions a vote would be easier to arrange.

What do you think?

Debian SE Linux

September 3, 2006 | etbe

Yesterday Erich Schubert blogged about reducing Debian SE Linux work due to lack of hardware. To solve such problems I’ve put a Debian/unstable machine on the net and given Erich the root password. Also now I am starting work on Debian SE Linux again too. There should be some significant developments in Debian SE Linux in the near future.

Also if anyone else has a problem of a lack of hardware getting in the way of free software development the first thing to do is to mention it on the IRC channel for the project in question. While Erich has demonstrated that blogging works, IRC is faster.

planet debian, spam, and SE Linux

September 3, 2006 | etbe

In regard to my post yesterday about Planet Debian I received the following response:
James Purser said I’m betting that your feed is an atom feed. We had the same problem on PLOA with Jeff and Pias feeds when they switched to atom. Planet needs to be upgraded.
Well I am using an atom feed, so this probably explains it. Sorry for the inconvenience to the Planet Debian readers, I guess that things will stay the way they are until it is upgraded.

Also when viewing my blog entry in Planet Debian I realised that much of a spam message had got pasted in to the URL field for the Planet Debian link. Oh the irony that I only found this embarassing error because of a bug in the Planet software.

This brings me to another issue, Security Enhanced X. With SE-X (before you ask, I didn’t invent the acronym) you can use SE Linux to control communication between windows on an X desktop. With a modification to the clipboard manager (klipper in the case of KDE) every piece of data that’s copied from an application will have a security context assigned to it and this context will be checked against the context of an application that is to be the target of a paste operation. Klipper will also have to support relabeling clipboard data. Therefore if I want to cut text from my email client (Kmail) and paste it into Firefox then I would have to relabel it with the appropriate MCS categories. This would permit me to paste text from an email into a web form with a few extra mouse clicks, but would prevent me from accidentally pasting the wrong text. Keeping in mind the fact that there are many more embarassing things that could be accidentally pasted into a blog entry than the contents of a spam this doesn’t seem overly difficult.

PS Before anyone jumps to conclusions. When I receive GPG encrypted email or other material that should be kept confidential I try and avoid cutting it, and if I have to do so I clear the clipboard buffer afterwards. Keeping spam a secret is not really a priority to me so I didn’t take adequate precautions in this case.

planet debian

September 2, 2006 | etbe

I am aware of the problems in displaying my blog in Planet Debian. I have filed a bug report with blogger and informed mako. There’s nothing else I can do at the moment, if you use Planet Linux Australia then things work OK. I’m not sure whether Planet Debian or Blogger is at fault.

Sorry for the inconvenience, if you only use Planet Debian then you will have to read my blog directly.

etbe – Russell Coker

Linux, politics, and other interesting things

Tag Archives: Debian