LKL(Linux Kernel Library)

Golang program with LKL

issue

Golang has no Glibc dependency, it calls linux’s syscalls directly. Thus golang program compiled with gc(normal go compiler) can’t be hijacked by liblkl-hijack.so.

Two methods

1. add LKL arch to golang. (add LKL syscalls)
2. use gccgo to compile the golang program. As program compiled by gccgo will use glibc to call syscalls.

Compiling golang program(v2ray) with gccgo needs some modifications. But the program compiled with gccgo will occupy huge memory than normal v2ray.

v2ray(gccgo): 8% memory

v2ray(gc)(normal): 2% memory

raw/packet socket backend for LKL in openVZ

OpenVZ’s venet0 network interface is a Cooked interface. Its raw packet has no MAC layer(14 bytes).

It can’t use AF_PACKET/SOCK_RAW, can only use AF_PACKET/SOCK_DGRAM.

And thus, It has no ARP protocol packet, only has IP protocol packet. How about IPSEC?(I don’t know.)

It don’t need gateway, it’s a pointopoint network interface.

LKL has a native support for raw/packet socket backend. But it’s not for openVZ, it need send ARP packet. While, we can modify some pieces of code to suport raw/packet socket in openVZ.

Test send/recv with AF_PACKET/SOCK_DGRAM

As buffer is a form of struct iovec. Thus can only use writev/readv or sendmsg/recvmsg. And as the socket type is SOCK_DGRAM, It’s connectionless, you must specify the destination address, thus can’t use writev/readv, but can use sendmsg/recvmsg.

The setting of LKL’s network interface(eth0)

We can’t use original setting of LKL’s network interface. As it for network with a gateway. But openVZ has no gateway and we also can’t set a tun/tap interface to act as a gateway for LKL. We can set eth0(LKL’s network interface) to POINTOPOINT mode, just like the openVZ’s venet0 interface. But haven’t find a method to set eth0 to POINTOPOINT mode. Surprisingly, we can set eth0 interface to NOARP mode. And it indeed work just like wanted.

You can test it(the NOARP method) with ping program(without LKL) on your linux box. Remember to use tcpdump to monitor the interface. First, you set your network interface without a gateway, and you ping, you can’t find output of tcpdump. But when you set your interface to NOARP mode, you ping, and it will work(the tcpdump program will output something ).

the tcpdump command:

$ sudo tcpdump -nnq -i your-interface icmp

The struct iovec type buffer in LKL

LKL’s rx function’s iovec * iov pointer array’s first iovec buffer is useless. You should only use the second buffer iov[1].

TODO

If we use TCP with LKL(raw socket), it will fail. As LKL’s network stack will return RST packet to peer to cutoff the connection. Thus in order to distinguish the LKL network stack with native network stack, we should workout on it.

One workaround is to use LKL for listen socket(server port), not for client socket.

Welcome to Hexo! This is your very first post. Check documentation for more info. If you get any problems when using Hexo, you can find the answer in troubleshooting or you can ask me on GitHub.

Quick Start

Create a new post

1

$ hexo new "My New Post"

More info: Writing

Run server

1

$ hexo server

More info: Server

Generate static files

1

$ hexo generate

More info: Generating

Deploy to remote sites

1

$ hexo deploy

More info: Deployment

Welcome to Hexo! This is your very first post. Check documentation for more info. If you get any problems when using Hexo, you can find the answer in troubleshooting or you can ask me on GitHub.

Quick Start

Create a new post

1

$ hexo new "My New Post"

More info: Writing

Run server

1

$ hexo server

More info: Server

Generate static files

1

$ hexo generate

More info: Generating

Deploy to remote sites

1

$ hexo deploy

More info: Deployment

Install

NPM

sudo pacman -S npm

China mirror

sudo npm config set registry https://registry.npm.taobao.org

Hexo

As pacman install the npm in the /usr path.^[1] We need root priveledge to install Hexo. But this will make running npm and Hexo need root previledge.

##npm config get prefix

sudo npm install hexo-cli -g[^fn2]

Setup a blog

$ sudo hexo init blog

Need root priveledge, and the current directory need to not be in NTFS or FAT filesystem. As it will make symbolic link. And then you should better change the ownership.

1
$ sudo chown -R vagrant:vagrant blog

I use vagrant:vagrant here, you should set yourself userName:groupName.

Hexo plugin

git^[2]

1
$ npm install hexo-deployer-git --save

This will install it in the local directory, the blog directory.

Edit settings. _config.yml

1
2
3
4
deploy:
  type: git
  repo: <repository url>
  branch: [branch]

mathjax^[3][4]

1
$ npm install hexo-math --save

footnote

Hexo’s default markdown render don’t support footnote. use hexo-renderer-markdown-it^[5] instead.

install

1
2
$ npm un hexo-renderer-marked --save
$ npm i hexo-renderer-markdown-it --save

configure^[6]

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
markdown:
  render:
    html: true
    xhtmlOut: false
    breaks: false
    linkify: true
    typographer: true
    quotes: '“”‘’'
  plugins:
     - markdown-it-footnote
     - markdown-it-abbr
 anchors:
     level: 1
     collisionSuffix: 'v'
     permalink: true
     permalinkClass: header-anchor
     permalinkSymbol: ' '

If under the footnote, there has some block, such as code block. The code block will be act as footnote. You should put the footnote to the end of the article Or use the Horizontal rule/line to cut them.

Attention: the Horizontal rule/line break is *** here. Not ---.

comment [Todo]

Use

Create a new post

$ sudo hexo new "Hello Hexo"

Generate static files

$ sudo hexo generate

or

$ sudo hexo g

Deploy

$ sudo hexo deploy

or

$ sudo hexo d

or with generate

$ sudo hexo d -g

If it didn’t pop up the input hint to input name/password. You should manually git push.

$ cd blog/.deploy_git
$ git push

Backup (Use hexo-git-backup)

Use git and .gitignore to backup other source directory to another branch. Make a shell script.

Or use https://github.com/coneycode/hexo-git-backup

$ npm install hexo-git-backup --save

You should configure this plugin in _config.yml.

backup:
    type: git
    repository:
       github: git@github.com:xxx/xxx.git,branchName
       gitcafe: git@github.com:xxx/xxx.git,branchName

$ hexo backup

or

$ hexo b

删除文章

https://joilence.github.io/2016/07/14/improve-blog/ 在使用 hexo new 生成新文章之后，想要删除，如果只是直接在 /source/_post 中将相关 md 文件删除，可能在生成网页后还会重现。删除文章比较完备的步骤如下：

在 /source/_post 中删除相关 md 文件 在博客根目录下使用 sudo hexo clean 删除博客根目录下的 db.json 文件 再重新生成网页就可以了。

Todo

comment

use Travis CI to auto-build the output

For writing blog on another machine. Don’t need to setup the build environment in Linux.

Docker???

refer to: http://notes.iissnan.com/2016/publishing-github-pages-with-travis-ci/   https://djw8605.github.io/2017/02/08/deploying-docs-on-github-with-travisci/   important https://github.com/alrra/travis-scripts/blob/master/doc/github-deploy-keys.md

half50Mac OS 10.12.0Chrome 50.0.2661.75 这篇文章可以有更好的实现方式 文章的方式是使用 personal_token 可以对所有项目进行读写等行为 现在 github 上每个项目有 deploy_key 对该项目有读写权限（push 需要打勾）

我优化后的部署配置流程是

1. 用命令 ssh-keygen -t rsa 生成密钥
2. 复制公钥 id_rsa.pub 内容添加到项目的 deploy_key 并打勾写权限
3. 将密钥 id_rsa 通过 travis 加密工具加密并提交到 master 分支
4. 在 travis 上自动部署的时候用 ssh-agent bash -c 'ssh-add /path/to/id_rsa; git push -f -q git@github.com/repo.git master:gh-pages'

TOC(Topic of content)

font, CSS, javaScript

http://crazymilk.github.io/2015/12/28/GitHub-Pages-Hexo搭建博客/#more

$a^2+b^2=c^2$

$$ a^2+b^2=c^2 $$

Inline:

Simple inline $a = b + c$. Block:

$$\frac{\partial u}{\partial t} = h^2 \left( \frac{\partial^2 u}{\partial x^2} + \frac{\partial^2 u}{\partial y^2} + \frac{\partial^2 u}{\partial z^2}\right)$$ Tag:

Single line content will be parsed as inline math (same as $…$):

This equation $\cos 2\theta = \cos^2 \theta - \sin^2 \theta = 2 \cos^2 \theta - 1$ is inline. Multiple line content will be parsed as block math (same as $$…$$)