i've just finished working on a new toolchain for Efika. It is a very hard and time consuming task - since it's going to be a hardened toolchain, creating a special kind of binaries, to mittigate most of the attacks. After a lot of help i've got from the uclibc and embedded gentoo projects (yes, i know hardened gentoo should be interested in ppc - but that's typical, they don't care at all because it works on x86). finally i have what i was expecting. cross hardened toolchain, with support for PIE, SSP, secure plt (required many days of co-work with uclibc hacker). PaX project that's going to be used here have also been tested on Efika with success (both on vanilla and hardened userland). Same goes for RSBAC - makes no problems and just works. Aparently, the most problems i'm having come from autoconf/automake crap (gues why i'm calling it autocrap ;) - many of tests it does before setting up a build enviroment for application is done by compiling some small app for a target ppc and trying to run it. That's breaking cross compilation all the time, so i have to develop some 'hacks' to get around it. Other applications are also trying to make my life 'interesting' - using say, altivec instructions even if i explictly specyfiy i don't want one. It took me a lot of time before i've discovered this strange behaviour - apps were just segfaulting without any good reason. Hacking into source code does fix it...but i'm really disapointed. The only thing i can do is fill a bug and hope somebody fixes it upstream.

For now i've decided i will be using gcc-4.1.1 or never, binutils at least 2.17, some decent uclibc as a base for this system. It's going to be based on gentoo. Already have set up cross compile enviroment on my other x86_64. Efika itself will have an operating system "image" - just the applications needed there, no header files, no ducomentation (like manuals, info pages and such), no toolchain (gcc, binutils). And of course no portage! I'm going to make a separate gentoo portage profile for this project, specyfing the needed ones and virtual to package mapping. Oh and of course ebuild for a kernel. Beeing a kernel developer i could not just use something ready for Efika;) Choosing a right kernel with modifications is a long way to go - for now i know that's going to be based on something later than 2.6.20, with RSBAC 1.3 or 1.4 (the matter of features i need - 1.3 is definitely sufficient and stable as a rock), PAX and some more patches. Default kconfig will be included (maybe enable with some use flag, will see). I'm choosing openssh instead of dropbear crap of course. No busybox and similar either. Init scripts done myself. pdksh as a /bin/sh and users/administrators shell. Speaking about sheels - i've made some kind of simple comparision - pdksh is using about 400 KB RSS / 600 KB VM - comparing to over 1.5 MB for zsh, bash or tcsh. Oh and pdksh is using virtualy no cpu - rarely going beyond 0.1%, most frequent showing up with nothing. That's very nice comparing to over 3% or more for bash,zsh,tcsh. And since Efika is going to be plug-in-and-play device there's no need for some big and complicated sheels with a lot of features and even more resource hungry. It's going to be rarely used anyway.

Indeed, it can. When you are waiting for the only company in Poland shipping CF <-> IDE 2.5' connectors to phone you with good news that they have it and you can come to grab it now. Yesterday i've phonned them (luckily boss of this company is some friend of mine) if they have it - maybe they do, the answer was, but since they need to make the end-of-the-year-usual-magic what all companies do exactly in the very perfect moment you deadly need them, i am to phone tommorow. So i did. Wait a second, i've heard, we will check it and call you in minutes. ok - after next 15 minutes they indeed called me with an information they have it - but i have to be there before 1 pm. it was 11:55 o'clock and i had to drive 45 km to the city plus some usual around the city things. It's too long to describe how do you feel speeding throught the city over 130 km/h and above 160 km/h outside it, breaking the law in every possible way. Finally - i was there. It took definitelly too much time to go throught the security of this building (it's a high security building) but i've got it! Another speeding - this time home, some non-computer activities and i could put it inside of efika! I have to say it matches perfectly. It's a nice one pcengines converter, which fits exactly like it should. Even the holes are aligned like they should be, so i can mount it and secure properly. After some parted joy (mklabel amiga, mkpart boot 128 MB and root all the rest, mkfs.ext2, blockdev --rereadpt), i could copy my efika system (was much faster than i thought it would be) and boot from it. Now Efika has above 2:40 hours of uptime, average load is below 0.10 (it's playing some music while i'm writing it, some irc jerks from ##gentoo-pl are calling it efika-love, let it be;) and i cannot see any problems. I'm using tmpfs for /tmp, /var/tmp, /var/run and /var/lock to avoid creating temporary files on a flash (even if it does have some internal wear leveling mechamism).
pictures below:
prepare for the moment

said connector

efika hardware is now complete!

i had to wear it when in the building

actualy i was just holding it in my hand ;)
now i wonder what's the best filesystem for such a device - it needs to have small cpu usage, small memory demands, perform not bad, be rock solid even in a case of sudden power loos - and i think it should not be journaled one.

Yesterday i've been in a neighbour city and when going back i've decided to change my plans - and look for a 5.25 outside ide case and some memory card to be used as efika storage. After visiting few shops i've managed to get everything i wanted in the last one i would think was going to have it. Anyway - I've got a nice looking and well build aluminium case and a 2 GB Kingston (elite pro 50x - so about 7.5 MB/s, maybe more - single 1x is about 150 KB/s). It cost me more or less 30 usd (90 pln) for a case and slightly more than 60 usd (160 pln) for a memory card. Not bad, or maybe very well, comparing to what i i've seen in other places. Anyway, i've unpacked it just after returning home - and was quite suprised (in a positive meaning) to discover what was inside. Actualy everything possible, a case itself, power supply (a nice brick), drivers (for this funny system that needs it, windows or something like it;), manual in english (another useless gadget, i actualy know very well how to install drivers in windows;) and even a...screwdriver with a lot of screws. That one was definitelly nice. Of course i've took quite a lot of pictures, so what's left to say...better look yourself. Here there are.
What i've got...

unpacked...

won't have much use from it...

yes, the screwdriver was _really_ included. pretty amazing :)

ok, let's go inside of this box...

well, having it on the table i could not refuse myself making a little test - putting some cdrom inside. so i did - and the performance was closer to my old 4x cdrom ages ago that anything similar. average transfer when copying entire cd about 600 KB/s. The only advantage of this test (except for learning to never ever use cdrom via usb) was that i've took few more shoots. At least it looks much better than works ;)



anyway, i haven't bought it for keeping cdrom in! so i thought and immidiatelly begun to disassemble it. it took a while, but was easy and here are the effects


i've took some more shots and switched to some other things, non-computers releated. some random shots below





till the next time!

From the moment i've got it few days ago it only took 15 minutes to get it running. First, that i just could not wait longer. Second, it was just a snap to set up. I've had a spare ATX PSU (which is almost of the size of Efika, what can be seen on the second picture, that one showing them together), i'm booting from tftp fetched kernel and nfs root. Since i'm living from a kernel development serial cable wasn't a problem either ;) The only problem was an operating system: or rather not system itself (obviously linux!) but rather its distribution. I've took gentoo even if i don't like it (a lot of reasons to think about it as just another toy for killing free time for those who have too much of it rather than an operating system). But anyway, the only good (and actualy doing something, oposite to the rest, even if only for themself and not providing it to the public) team in the gentoo project is embedded branch. So i have now Efika running on a ready stage3 uclibc. Will see how it goes futher. This or that way: here are the pictures.


Hope you like it. In a next stage i'll describe fun of compilling own kernel for Efika and mine (just started, as of 23.12.2006) own init system. Till than :)

From few days actualy. After a lot of waiting (definitely worth it!) i've got a phone call from Fedex that they have something for me and it was waiting for the customs clearance. As is quickly turned out, it wasn't simple at all to get it throught - nobody at customs was going to believe that computer can be worth as little (and that i'm probably going to cheat them ;) that it can be so small and someone is sending it for free, taking all the costs themself. Anyway, after faxing and snail mailing a lot of documents (fedex wanted everything, from photocopy of my ID to almost size of shoes...not that i would give then all they asked. Beeing paranoid i haven't faxed/mailed them an ID photocopy...also they wanted a translation of commercial invoice in polish...sigh, nobody in fedex speaks english or what? didn't do that either;)....finally i've got an information that i'm now suposed to wait for the customs office. how long will it take i asked - at least three _weeks_, maybe more, the woman respond. i've shruged and called their boss and customs office. it quickly turned out that it could be processed much faster - and it was, indeed. Next day in the morning my Efika was on the way to me, or so the fedex tracking said. Anyway, an hour later i've read that it will go by the next plane (btw fedex is sending everything by plane, nice) because of the customs office delay - it was late by a whole five minutes. oh well. It was maybe 1 pm. I was to go away for a few hours. About 4pm i was getting back home and was so anxious to get the efika finally that i've even send sms home if anything was delivered. Nothing was there. Finally, about an hour after i've got home, the messenger came with Efika! It was an awesome experience to unpack it, take out, look at it. I was excited. In the next post i'm going to put some photos i've took just after i've got it. And first time booting too.