Messages

46

19.1 Legacy Series / Re: VM of OPNsense on Hyper-V Win Svr 2019 Std - Fails

« on: March 06, 2019, 09:43:07 pm »

So you need a 550 €-NUC with an i5 for testing? Really?

All Core i* CPUs have the SLAT instruction, which Hyper-V requires. The Intel NUC uses Core i* processors.

47

19.1 Legacy Series / Re: VM of OPNsense on Hyper-V Win Svr 2019 Std - Fails

« on: March 06, 2019, 08:05:53 pm »

Well, as stated by multiple people, any somehow Windows 10 Pro machine will do, as you can just enable Hyper-V and installing a Gen2 VM with OPNSense shows the same issue. While I expect the issue for Gen2 VM's the same as with UEFI enabled bare-metal hardware, I can't of course not sure of that. HAving said that, it's extremely easy to create an environment that manifestates the issue.

The problem is that all my systems run HardenedBSD. ;P

My employer has lent me a laptop on which I can install the 180 day Windows Server 2019 eval. I'll be working on that today. I hope to have some results to report back within the next week or two.

For full Hyper-V debugging support, I'd need a permanent system. I've set up an Amazon Wishlist for HardenedBSD: https://smile.amazon.com/registry/wishlist/2AKXCIOXYO28N/ref=cm_sw_r_cp_ep_ws_MuDECbATM7CVZ

48

19.1 Legacy Series / Re: Kernel panic after upgrade

« on: March 06, 2019, 07:48:23 pm »

Never fear, for lattera is here!

I'm at least looking into the Hyper-V regression(s). I, too, am doing this in my spare time, but it's worth it.

49

19.1 Legacy Series / Re: Kernel panic after upgrade

« on: March 06, 2019, 05:43:02 pm »

For shits and giggles I created a Hyper-V gen1 VM, installed 19.1 and updated to the latest-as-of-yet 19.1.2, ran fine under gen1. Mounted the disk under a Gen2, and *poof*, still crash. So no, 19.1.2 didn't fix it, although we would have already known that.

While I totally understand the limited resources of the team (all respect for them!), it's getting hard for us to rely on this given that 18.x is now EOL (ie not secure in my book) but 19.x doesn't run at all.

Microsoft's documentation shows that FreeBSD isn't supported in gen2: https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/plan/should-i-create-a-generation-1-or-2-virtual-machine-in-hyper-v#BKMK_FreeBSD

However, the documentation linked to above shows the 10.x line, not the 11.2 version that OPNsense is on.

There's also this document: https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/plan/should-i-create-a-generation-1-or-2-virtual-machine-in-hyper-v#use-uefi-firmware

I've started work on debugging Hyper-V regressions. My employer lent me some hardware to test on. I've got it for a period of one to three weeks. I hope to report back soon with results.

50

19.1 Legacy Series / Re: Server 2019 Hyper-V Gen 2 boot failure

« on: March 05, 2019, 03:02:37 am »

My employer has lent me some hardware in which I can install Windows Server on to test Hyper-V. I'll report back when I've tested and know more.

51

Hardware and Performance / Re: PCENGINES APU[1-5] Bios

« on: March 04, 2019, 08:05:18 pm »

To get around this, I installed 18.7, then followed the upgrade procedure to get me to 19.1.2.

52

Hardware and Performance / Re: PCENGINES APU[1-5] Bios

« on: March 04, 2019, 07:28:24 pm »

I'm getting the attached error when attempting to install OPNsense 19.1 on an APU3 running BIOS firmware v4.9.0.2.

53

19.1 Legacy Series / Re: VM of OPNsense on Hyper-V Win Svr 2019 Std - Fails

« on: March 02, 2019, 02:14:11 pm »

If the price is right, I will be looking to acquire a budget-friendly system on which to run Hyper-V. HardenedBSD's budget for this kind of thing would be $500 USD.

Just a quick reminder that HardenedBSD accepts donations, both monetary and hardware. We appreciate all contributions of any kind.

54

19.1 Legacy Series / Re: Kernel panic after upgrade

« on: March 02, 2019, 12:49:07 am »

If the price is right, I will be looking to acquire a budget-friendly system on which to run Hyper-V. HardenedBSD's budget for this kind of thing would be $500 USD.

Just a quick reminder that HardenedBSD accepts donations, both monetary and hardware. We appreciate all contributions of any kind.

55

19.1 Legacy Series / Re: Problem installing 19.1.2 onto a BHYVE FreeNAS 11.2U2 VM

« on: March 01, 2019, 09:07:18 pm »

You'll need to have FreeNAS pass the -w option to bhyve. I don't run FreeNAS, so you'll need to consult FreeNAS's documentation to see how to do that (I don't know if they even have that documented).

56

19.7 Legacy Series / Re: Move to FreeBSD 12?

« on: February 17, 2019, 08:35:17 pm »

I could offer a dedicated server to build weekly ISOs to reach a broader base of testers

Now that would be awesome!

57

19.7 Legacy Series / Re: Move to FreeBSD 12?

« on: February 17, 2019, 08:05:42 pm »

In early March, Franco and I plan to start work on incorporating HardenedBSD 12, with the goal of releasing OPNsense 20.1 based on HardenedBSD 12.

58

19.1 Legacy Series / Re: Kernel panic after upgrade

« on: February 15, 2019, 01:59:59 am »

@TheGrandWazoo

I think it is UEFI specific also. Which would make sense considering the broad spectrum of hardware and virtual platforms being impacted.

Looking at the contents of the ISO and comparing between 18.7 and 19.1. The files supporting EFI boot have been updated. Being /BOOT/BOOT1.EFI and /BOOT/LOADER.EFI

https://wiki.freebsd.org/UEFI
https://www.freebsdfoundation.org/freebsd-uefi-secure-boot/     Bit easier to understand but is looking at Secure Boot


Looks to be a FreeBSD or HardenedBSD issue?

Edit:  Tried a Hyper-V install using HardenedBSD-11-STABLE-v1100056.13-amd64-bootonly
Kernel Panic at the same point. Similar output, non responsive.

FYI: I'll be looking at the Hyper-V boot issue soon. I'm teaming up with a member of the HardenedBSD Foundation who relies on Hyper-V in parts of his infrastructure. As soon as our schedules match up, we'll be working this out together.

I'll report back as soon as I have more information. Thanks for your continued patience and support!

59

Hardware and Performance / Re: PCENGINES APU[1-5] Bios

« on: February 14, 2019, 07:48:52 pm »

Hi all,
my name is Piotr Król and I'm the founder of 3mdeb Embedded Systems Consulting company. As stated here 3mdeb maintains PC Engines Open Source Firmware on behalf of PC Engines. Please note we are a licensed provider of coreboot consulting services. If you are doing some high-end security stuff with hardware please let us know - we are very interested in TPM, secure/verified boot, Xen, virtualization, SRTM/DRTM, and other things. We sometimes write about that on our blog .

We are working on our mission of Open Source Firmware for a network appliance. Soon you should hear about another known brand of a network appliance to switch to Open Source Firmware. Stay tuned.

I would like to thank tillsense, miroco and others for keeping this thread and exchanging valuable information related to PC Engines hardware and firmware.

Our goal is to provide open and healthy discussion about firmware quality, priorities and what can be improved. It would be great to get feedback from OPNsense community and understand your needs. We will be glad to address problems if there would be enough resources. We are committed to long term support and monthly releases.

P.S. Please note that there is some report about v4.9.0.2 instability here. This is because we enabled CPU Performance Boost, which in some workloads may give 20% boost - problem is that we can't validate all possible configuration so there may be some problems in the field. If some can afford to test we would appreciate your feedback.

Very rarely do I see such quality transparent collaboration and communication. I don't really have anything technical to add, but I'd like to say thank you, Piotr, for supporting PC Engines. I absolutely love these little APU devices. Firmware work tends to be underappreciated, but it's hard work and I would like to thank you for your efforts.

Putting my HardenedBSD and OPNsense hats on: if there's anything HardenedBSD and/or OPNsense can do to support PC Engines and 3mdeb, please let me know.

60

19.1 Legacy Series / Re: Kernel panic after upgrade

« on: February 13, 2019, 08:46:32 pm »

I thought the bhyve UEFI boot issue was worked around by passing the -w flag to bhyve. Are there other issues related to booting OPNsense 19.1 in bhyve?