First, check lspci output for let’s say a wireless card:

$ lspci | grep -i wireless
01:00.0 Network controller: Atheros Communications Inc. AR928X Wireless Network Adapter (PCI-Express) (rev 01)

Note the number 01:00.0 in lspci output, in which 01 represents the bus number the device is attached to, 00 is the device number and final 0 is PCI device function. To get more information on that device we could list the entries in /sys/bus/pci/devices/0000:01:00.0 directory of sysfs (a RAM file system that exports kernel structures, attributes and their inner links. udev uses sysfs also to create dynamic device files). lspci actually reads sysfs.

Next, we print raw (-n option) PCI identification data that includes the previous numbers:

$ lspci -n | grep 01:00.0
01:00.0 0280: 168c:002a (rev 01)

These numbers are from /usr/share/misc/pci.ids file. Lets brake down the numbers:

• 01:00.0 – 01 is bus number, 00 device number, 0 device function
• 0280 – device class
• 168c – vendor ID
• 002a – device ID

We use the vendor ID and device ID numbers and compare them to a modinfo of kernel drivers:

$ find /lib/modules/$(uname -r)/kernel/drivers -type f -exec modinfo "{}" \; | grep -B 200 -i 168c | grep -B 50 -i 002a | grep filename
filename:       /lib/modules/2.6.31-23-generic/kernel/drivers/net/wireless/ath/ath5k/ath5k.ko
filename:       /lib/modules/2.6.31-23-generic/kernel/drivers/net/wireless/ath/ath9k/ath9k.ko

So, my wireless card is supported by the ath9k driver. If I didn’t got the output from modinfo, it would probably mean that the hardware is not supported and that I need to get the driver from the device vendor. I could also search only for the vendor ID to get some results but that could yield some unexpected results I suppose.

No mater if you have a 19″ rack, some servers might not fit in. There is a standard named EIA-310-D which defines “standard rack” and specifies design features for 19″ racks.

The problem is that this standard does not define some details such as how deep is rack’s mounting width, rack holes (threaded, rounded, square…). For example, rack holes are the number one problem for server and rack incompatibility. Things should be good if you have square holes on your rack – you can always add threads with a cage nut if you need them.

In December of 1995 the EIA-310-D standard was updated. The changes made were mostly grammatical. The mechanical requirements were left unchanged. The updated documentation was originally known as EIA-310-E. It is currently referred to as EIA/ECA-310-E

So, be careful when choosing new servers for your racks, always double check the compatibility between them.

It is released under LGPL license and is MINEX-certified (fingerprint template interoperability standard). It’s written in C++ and can run on Linux, Windows, Android and some other operating systems. FingerJetFX runs well on embedded chips, desktop computers and servers. They say that it is easy to use – it can be used with as little as one function call.

More information @ http://digitalpersona.com/fingerjetfx

Introduction

The new server was meant to be placed in our DMZ and should run a few virtual machines providing services to external clients.

Some basic hardware requirements were:

• 1U rack mount
• 1 x Xeon based CPU
• 8 GB RAM
• 2 x 500 GB
• Hardware RAID
• 2 x Intel NIC, 1Gbps

The software and services which are planned to be installed or implemented:

• Debian Squeeze
• KVM
• MySQL
• NTP
• JBoss
• EJBCA
• VPN
• …

Some virtualization notes

There are different performance goals:

• Single guest performance
• Aggregate performance
• Density (as much guests running on single host)

Virtualization optimization depends on the needs. Experiment with transparent huge pages, try different IO schedulers, try hyperthreading… High performance virtualization is hard. Some things just cannot be emulated efficiently. Timekeeping has always been a virtualization headache. It is good to have a tickless kernel, and pvclock so guests can ask the host what time it is.

KVM

KVM (Kernel-based Virtual Machine) is virtualization hypervisor. It is integrated in kernel, lightweight and great in performance. The host machines need to be running either Intel VT or AMD-V chipsets that support hardware-assisted virtualization.

Hardware

CPU

Since Xeon was on the requirements list, I was looking for ones with the following capabilities:

• VT-x
• Hyperthreading (?)
• ECC

From the Xeon-5500 series, probably the best model for virtualization is E5520 (2.26GHz) in price/performance estimation. We have chosen quad-core Intel® Xeon® E5620. It is a quad core CPU that supports VT-x, ECC memory and hyperthreading.

By the way, the main difference between some cheaper consumer CPU’s such as Intel’s I7 and enterprise targeted CPU’s such as Intel’s Xeon, is the support for ECC memory which is a must for mission critical applications.

VT

Nowadays, Virtualization Technology instruction set is implemented inside the CPU’s, which makes hypervisors simpler, thus providing better performance over software-only virtualization solutions.

Hyperthreading

Is Hyperthreading an advantage or can it have even a negative impact on the system? Because HT takes advantage of unknown variables (cache misses for example), it is hard to take advantage of HT. It seems that nobody has a real idea of how HT impacts on application performances. Depending on application internal architecture HT execution of threads can be a benefit or a real pain. Some suggest switching HT off.

Hyperthreading can reduce scheduling latencies, which reduces spinlock worst case overhead.

Memory

Registered on unbuffered?

In enterprise server systems, it is a question of registered or unbuffered memory modules. Registered (also called buffered) memory modules have a register between the DRAM modules and the system’s memory controller. They place less electrical load on the memory controller and allow single systems to remain stable with more memory modules than they would have otherwise.

The difference between registered memory and unbuffered memory is whether there are registers on the memory module. Almost all system memory in today’s PCs is unbuffered memory. For those who need to utilize more than 4GB of memory (maybe more like 16GB or 32GB) in a system, registered memory is absolutely a must-have. Registered memory is all about scalability and stability. A small performance hit is generally incurred.

ECC

ECC stands for Error Checking and Correction. ECC detects and corrects memory errors so it is highly advisable to use this type of modules in servers that utilize multi-gigabytes of memory and usually run 24/7, and have increased probability of soft errors.

Storage adapter (RAID)

Beware of fakeraid controllers! Check driver support for your operating system or support in Linux vanilla kernel, and decide whether to use battery backed cache. The cache memory in RAID controllers improves performance to some extent by storing information that was recently used, or that the controller predicts will be used in the future, so it can be supplied to the system at high speed if requested instead of necessitating reads from the slow hard disk platters. Battery backed cache is for data protection from unexpected power outage. In every case, the goal of the cache is the same: to provide a temporary storage area that allows a faster device to run without having to wait for a slower one.

One area where caching can impact performance significantly is write caching, sometimes also called write-back caching. When enabled, on a write, the controller tells the system that the write is complete as soon as the write enters the controller’s cache; the controller then “writes back” the data to the drives at a later time. The reason that write-back caching is so important with RAID is while writes are slightly slower than reads for a regular hard disk, for many RAID levels they are much slower.

Read performance under mirroring is far superior to write performance.

Chosen controller for our system is ServeRAID M5014 SAS/SATA Controllers because it is supported in Linux vanilla kernel (driver name is megaraid_sas), and it provides additional performance advantages of an adequate amount of cache (256MB) + we ordered a standard battery backup unit.

Hard drives

We have chosen 2 x IBM 500GB 7200 6Gbps NL SAS 2.5″ SFF Slim-HS HDD.

SAS vs. SATA

• SAS is full duplex
• SATA uses the ATA command set; SAS uses the SCSI command set
• SAS hardware allows multipath I/O to devices while SATA (prior to SATA 3Gb/s) does not
• SATA is more consumer, SAS targets critical server applications
• SAS error-recovery and error-reporting use SCSI commands which have more functionality than the ATA SMART commands used by SATA drives

Network adapters

We have chosen Intel Ethernet Dual Port Server Adapter I340-T2 for IBM System x, as it is based on 82580 chip that is supported by Linux in igb driver.:

# dpkg -S "igb.ko"
linux-image-2.6.31-19-generic: /lib/modules/2.6.31-19-generic/kernel/drivers/net/igb/igb.ko
linux-image-2.6.31-20-generic: /lib/modules/2.6.31-20-generic/kernel/drivers/net/igb/igb.ko
linux-image-2.6.31-14-generic: /lib/modules/2.6.31-14-generic/kernel/drivers/net/igb/igb.ko
linux-image-2.6.31-22-generic: /lib/modules/2.6.31-22-generic/kernel/drivers/net/igb/igb.ko
linux-image-2.6.31-23-generic: /lib/modules/2.6.31-23-generic/kernel/drivers/net/igb/igb.ko

...
01:00.0 Ethernet controller: Intel Corporation 82580 Gigabit Network Connection (rev 01)
        Subsystem: Intel Corporation Ethernet Server Adapter I340-T2
...

When choosing network adapter always be careful to look if the device is supported by Linux (for example, for some Broadcom NeXtreme NIC’s you don’t have a driver for Debian).

Software

Operating system

KVM supports both 32 and 64 bit guests. According to KVM’s guest list, Debian Squeeze is supported.

References

1. http://www.linux-kvm.org/page/Main_Page
2. http://www.linux-kvm.org/page/HOWTO
3. http://publib.boulder.ibm.com/infocenter/lnxinfo/v3r0m0/index.jsp?topic=/liaai/kvminstall/liaaikvminstallstart.htm
4. http://searchservervirtualization.techtarget.com/answer/Hyperthreading-in-virtualized-environments
5. http://www.redhat.com/promo/summit/2010/presentations/summit/in-the-weeds/thurs/riel-420-kernel/summit2010-kvm-optimizations.pdf
6. http://www.pcguide.com/ref/hdd/perf/raid/conf/advCaching-c.html
7. http://blog.fastmail.fm/2009/10/19/ibm-x3550-m2-or-x3650-m2-and-debianubuntu/

The article (in Serbian language) can be found @ http://www.phearless.org/i4/Client-Server_Systems.txt

You can check your users and their account statuses by using sqlplus, logging in as SYSDBA and checking the information found in DBA_USERS table with the following query:

SQL> SELECT USERNAME,ACCOUNT_STATUS,EXPIRY_DATE FROM DBA_USERS;

Note expired users from the resultset and change their password. There are several ways to do this, but the easiest may be to log in as the expired user by using sqlplus, which will ask you for your old password, and then it will prompt you to enter the new one.

Introduction

HA clusters provide highly available services by eliminating SPOF’s and by failing over services from one cluster node to another in case a node becomes inoperative.

The RedHat’s High Availability Add-On consists of the following major components:

• Cluster Infrastructure (provides fundamental functions such as configuration, membership, lock management and fencing)
• Service Management (provides failover of services)
• Administration Tools

Cluster Infrastructure

cman

CMAN manages cluster quorum and cluster membership. It runs on each node and keeps track of cluster quorum by monitoring the count of cluster nodes, and keeps track of membership by monitoring messages from other cluster nodes. The algorithm that is used to compute the quorum is simple majority – more than half the nodes in cluster should be online and in communication, in order for quorum to exist. In clustering, if quorum doesn’t exist, the service can not be provided. Also, quorum prevents a serious condition that could lead to file system inconsistency – a split-brain. Read about Two Generals’ Problem thought experiment and Paxos algorithm (The most widely known algorithm that solves consensus is Paxos, which can tolerate failure of up to half of the participating nodes). The important thing is that quorum actually can not prevent a split-brain scenario in a literal meaning, but rather decides who is dominant and allowed to function in a cluster. Should split-brain occur, quorum prevents one cluster group from doing anything.

Quorum is determined by communication of messages among cluster nodes via Ethernet. There are some additional checks that can be done prior determining whether to fence a network disconnected node (Quorum Disc, Tie-Breakers).

Corosync is used as the cluster communication layer (as opposed to openais from RHEL 5.x).

fenced

Fencing is the disconnection of a node from the cluster’s shared storage. It is an ultimate cure for the Split-brain condition. Fencing cuts off I/O from shared storage, thus ensuring data integrity. The cluster infrastructure performs fencing through the fence daemon, fenced. When CMAN determines that a node has failed, it communicates to other cluster-infrastructure components that the node has failed. fenced, when notified of the failure, fences the failed node. Other cluster-infrastructure components determine what actions to take — that is, they perform any recovery that needs to done. For example, DLM and GFS2, when notified of a node failure, suspend activity until they detect that fenced has completed fencing the failed node.

Upon confirmation that the failed node is fenced, DLM and GFS2 perform recovery. DLM releases locks of the failed node; GFS2 recovers the journal of the failed node.

Two key elements in the cluster configuration file define a fencing method: fencing agent and fencing device. The fencing program makes a call to a fencing agent specified in the cluster configuration file. The fencing agent, in turn, fences the node via a fencing device. When fencing is complete, the fencing program notifies the cluster manager.

The High Availability Add-On provides a variety of fencing methods:

• Power fencing — A fencing method that uses a power controller to power off an inoperable node
• Fibre Channel switch fencing — A fencing method that disables the Fibre Channel port that connects storage to an inoperable node.
• Other fencing — Several other fencing methods that disable I/O or power of an inoperable node, including IBM Bladecenters, PAP, DRAC/MC, HP ILO, IPMI, IBM RSA II, and others.

The way in which a fencing method is specified depends on if a node has either dual power supplies or multiple paths to storage. If a node has dual power supplies, then the fencing method for the node must specify at least two fencing devices — one fencing device for each power supply.

dlm_controld

Lock management is a common cluster-infrastructure service that provides a mechanism for other cluster infrastructure components to synchronize their access to shared resources. GFS2 and CLVM use locks from the lock manager. rgmanager uses DLM to synchronize service states.

Configuration Management

The cluster configuration file is located at /etc/cluster/cluster.conf. The configuration file is an XML file that describes the following cluster characteristics:

• Cluster name – cluster name, cluster.conf revision level, basic fence timing properties
• Cluster – node, node name, node ID, number of quoting votes, fencing method for that node
• Fence device – fence device with parameters such as IP, user, pass…
• Managed resources – specifies resources required to create cluster services – failover domains, resources (IP for example) and services.

Service Management

rgmanager

rgmanager implements cold failover for off-the-shelf (not need to be customized) applications. It allows administrators to define, configure, and monitor cluster services. A cluster service comprises cluster resources which are building blocks that you create and manage in the cluster configuration file — for example, an IP address, an application initialization script, or a GFS2 shared partition. In the event of a node failure, rgmanager will relocate the clustered service to another node with minimal service disruption.

There are various processes and agents that combine to make rgmanager work.

You can associate a cluster service with a failover domain. A failover domain is a subset of cluster nodes that are eligible to run a particular cluster service.

There are five service operations, options to clusvcadm command that administrator may call to apply one of the following actions:

• enable (start the service. If start fails it will relocate)
• disable (stop the service, place in disabled state. Only permissible if service is in failed state)
• relocate (move the service to another node)
• stop (stop the service, place in stopped state)
• migrate (for virtual machines)

There are five service states in which the service can be:

• disabled (until administrator re-enables the service)
• failed (the service is presumed dead, usually when stop operation failed. The Administrator must check that there are no any allocated resources (mounted file systems for example) prior to issuing disable request)
• stopped (just a temporary measure)
• recovering (the cluster is trying to recover the service. This may be stopped by disabling the service)
• started

Administration Tools

Conga

Conga is a user interface for installing, configuring and managing clusters. It has two components:

• luci – application server that provides web interface
• ricci – software daemon that manages the distribution of cluster configuration. In RHEL 6 ricci replaces ccsd. Users define the configuration using Luci interface, and it is passed to corosync for distribution to cluster nodes. ricci must be run on every cluster node.

Command Line Tools

There are a few handy CLI tools at administrator’s disposal for checking and managing the cluster.

Starting the cluster software on a node

Run commands in the following order:

# service cman start
# service rgmanager start

Stopping the cluster software on a node

Run commands in the following order:

# service rgmanager stop
# service cman stop

Stopping cluster software on a node causes its HA services to fail over to another node. As an alternative to that, consider relocating or migrating HA services to another node before stopping cluster software, using the clusvcadm command.

clustat

Use the clustat utility to display cluster-wide status, such as membership information, quorum and state of services:

# clustat -l
Cluster Status for MY_CLUSTER @ Mon Jun 20 15:59:48 2011
Member Status: Quorate

 Member Name                                                     ID   Status
 ------ ----                                                     ---- ------
 node01                                                             1 Online, Local, rgmanager
 node02                                                             2 Online, rgmanager

Service Information
------- -----------

Service Name      : service:MY_SERVICE
  Current State   : started (112)
  Owner           : node01
  Last Owner      : node01
  Last Transition : Tue Jun 14 09:46:25 2011

Service status can be one of the following:

• Started
• Recovering – The service is pending start on another node.
• Disabled – disabled service is never automatically started by the cluster.
• Stopped – temporary state, the service will be evaluated for starting after the next service or node transition. You may disable or enable the service from this state.
• Failed – the service is dead. A service is placed into this state whenever a resource’s stop operation fails. After a service is placed into this state, you must verify that there are no resources allocated (mounted file systems, for example) prior to issuing a disable request. The only operation that can take place when a service has entered this state is disable.
• Uninitialized

clusvcadm

clusvcadm is a cluster administration utility, which enables an administrator to enable, disable, relocate and restart user services in cluster. Some of the useful clusvcadm commands are:

• clusvcadm -e <service_name> -m <member> – start the service.
• clusvcadm -d <service_name> – stop the service and place in disabled state. This is the only permissible operation when a service is in the failed state.
• clusvcadm -r <service_name> -m <member> – relocate the service to another node. If no permissible target node in the cluster successfully starts the service, the relocation fails and the service is attempted to be restarted on the original owner. If the original owner cannot restart the service, the service is placed in the stopped state.
• clusvcadm -s <service_name> – stop the service and place in stopped state.
• clusvcadm -R <service_name> – restart the service.

cman_tool

cman_tool manages the cluster management subsystem. You can use this tool to join the node to a cluster, leave the cluster, kill another cluster node… Some useful cman_tool commands are:

• cman_tool version -r – distribute the new cluster.conf version to all the nodes
• cman_tool debug -d <value> – sets  the  debug  level  of the running cman daemon. Debug output will be sent to syslog level LOG_DEBUG. The -d switch specifies the new logging level:
  • 2 Barriers
  • 4 Membership messages
  • 8 Daemon operation, including command-line interaction
  • 16 Interaction with Corosync
  • 32 Startup debugging (cman_tool join operations only)

fence_tool

fence_tool controls and queries the fenced daemon. Some useful commands are:

• fence_tool ls – display internal fenced state
• fence_tool dump – print the internal fenced debug buffer to stdout

fence_node

fence_node can be used to fence the node using agent based on cluster.conf parameters.

Troubleshooting

Cluster can be difficult to troubleshoot and diagnose, but there are some common issues that system administrators are more likely to encounter when administrating the cluster. Here is a small list, that will hopefully expand over time:

• Cluster uses multicast for communication between nodes, so make sure that this is not blocked, delayed or otherwise interfered
• Ensure that firewall rules are not blocking the traffic
• Ensure that interfaces that are used for cluster communication are not using some exotic bonding mode (0 or round-robin mode is fine) or VLAN tagging
• Use tcpdump on each node to check network traffic
• Cluster services may hang, and cluster nodes may have different view of cluster membership. Sometimes it is necessary to reboot the nodes to make the cluster up and running again. This conditions can be checked in the following ways:
  • Fence operation may have failed (check the logs for any failed fence messages)
  • Verify if network is up
  • Verify that if some nodes have left the cluster, if the cluster is quorate (if it is not – the service or storage fill hang)
• Common problem is unusual failover behaviour. The services may refuse to start on failover. Make sure you understand how some features and conditions of your cluster service may affect failover.
• The root cause of fences is always when a node loses a token, meaning that it lost communication with the rest of the cluster and stopped returning heartbeats.
  • If a node does not return a token within token interval, fence is taking place. Default token interval is 10 seconds, and it can be specified in cluster.conf

# fdisk -l                                                                                                                 

Disk /dev/sda: 200.0 GB, 200000143360 bytes
255 heads, 63 sectors/track, 24315 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1               1       24315   195310206   83  Linux 

Disk /dev/sdb: 2000 MB, 2000683008 bytes
62 heads, 62 sectors/track, 1016 cylinders
Units = cylinders of 3844 * 512 = 1968128 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/sdb1               1        1016     1952721   83  Linux 

Disk /dev/sdc: 140.0 GB, 140000624640 bytes
255 heads, 63 sectors/track, 17020 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/sdc1               1       17020   136713118+  83  Linux 

Disk /dev/sdd: 400.0 GB, 400000286720 bytes
255 heads, 63 sectors/track, 48630 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/sdd1               1       48630   390620443+  83  Linux 

Disk /dev/sde: 2857.7 GB, 2857795321856 bytes
255 heads, 63 sectors/track, 347440 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/sde1               1      267349  2147480811   83  Linux
/dev/sde2          267350      347440   643330957+  83  Linux

Disk /dev/sdf: 899.9 GB, 899949789184 bytes
255 heads, 63 sectors/track, 109412 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/sdf1               1      109412   878851858+  83  Linux

Disk /dev/sdg: 599.9 GB, 599965827072 bytes
255 heads, 63 sectors/track, 72941 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/sdg1               1       72941   585898551   83  Linux

Disk /dev/cciss/c0d0: 146.7 GB, 146778685440 bytes
255 heads, 63 sectors/track, 17844 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

           Device Boot      Start         End      Blocks   Id  System
/dev/cciss/c0d0p1   *           1          13      104391   83  Linux
/dev/cciss/c0d0p2              14       17844   143227507+  8e  Linux LVM

Disk /dev/cciss/c0d1: 146.7 GB, 146778685440 bytes
255 heads, 32 sectors/track, 35132 cylinders
Units = cylinders of 8160 * 512 = 4177920 bytes

Disk /dev/cciss/c0d1 doesn't contain a valid partition table

But, you can compare fdisk output with the contents of sysfs virtual filesystem which exports information about devices and drivers, for example:

# ls -l /sys/block/*/device
lrwxrwxrwx 1 root root 0 Jun 20 14:58 /sys/block/cciss!c0d0/device -> ../../devices/pci0000:00/0000:00:03.0/0000:06:00.0/disk0
lrwxrwxrwx 1 root root 0 Jun 20 14:58 /sys/block/cciss!c0d1/device -> ../../devices/pci0000:00/0000:00:03.0/0000:06:00.0/disk1
lrwxrwxrwx 1 root root 0 Jun 20 14:58 /sys/block/hda/device -> ../../devices/pci0000:00/0000:00:1f.1/ide0/0.0
lrwxrwxrwx 1 root root 0 Jun 20 14:58 /sys/block/sda/device -> ../../devices/pci0000:00/0000:00:02.0/0000:09:00.0/0000:0a:00.0/0000:0b:00.0/host0/target0:0:1/0:0:1:1
lrwxrwxrwx 1 root root 0 Jun 20 14:58 /sys/block/sdb/device -> ../../devices/pci0000:00/0000:00:02.0/0000:09:00.0/0000:0a:00.0/0000:0b:00.0/host0/target0:0:1/0:0:1:2
lrwxrwxrwx 1 root root 0 Jun 20 14:58 /sys/block/sdc/device -> ../../devices/pci0000:00/0000:00:02.0/0000:09:00.0/0000:0a:00.0/0000:0b:00.0/host0/target0:0:1/0:0:1:3
lrwxrwxrwx 1 root root 0 Jun 20 14:58 /sys/block/sdd/device -> ../../devices/pci0000:00/0000:00:02.0/0000:09:00.0/0000:0a:00.0/0000:0b:00.0/host0/target0:0:1/0:0:1:4
lrwxrwxrwx 1 root root 0 Jun 20 14:58 /sys/block/sde/device -> ../../devices/pci0000:00/0000:00:02.0/0000:09:00.0/0000:0a:00.0/0000:0b:00.0/host0/target0:0:1/0:0:1:5
lrwxrwxrwx 1 root root 0 Jun 20 14:58 /sys/block/sdf/device -> ../../devices/pci0000:00/0000:00:02.0/0000:09:00.0/0000:0a:00.0/0000:0b:00.0/host0/target0:0:1/0:0:1:6
lrwxrwxrwx 1 root root 0 Jun 20 14:58 /sys/block/sdg/device -> ../../devices/pci0000:00/0000:00:02.0/0000:09:00.0/0000:0a:00.0/0000:0b:00.0/host0/target0:0:1/0:0:1:7

So, in this output I see that /dev/cciss/c0d0 and /dev/cciss/c0d1 are local drives (cciss is a driver for HP’s Smart Array disk controllers), /dev/hda is probably mapped to my CD-ROM device, and /dev/sd[a-g] are exports from SAN storage (note the host0 and target0).

Vendor suite introduction

Aladdin’s software suite has a number of tools, for example the HASP SRM Envelope which wraps the application with a protective shield which incorporates anti-reverse engineering, file encryption, code obfuscation, system-level anti-debugging, and automatic licensing. There is also HASP SRM Business Studio and Business Studio Server which give a single centralized system for management of the licences and protection keys.

To protect the software, I have used hardware based protection keys (HASP HL), which come in the form of dongles. Dongles are USB plugs with a little more EPROM than usual and custom ASIC coated in epoxy to prevent tampering. The idea behind a dongle protection is that the developer is issuing checks against return values obtained from the dongle, either by reading directly from its memory or using some internal algorithm. Aladdin’s hardware keys implement full on-chip AES encryption. With a symmetric encryption system such as AES all of the security rests in the secrecy of the actual key, AES has thus far proven itself very resistant indeed to any known attacks aimed at recovering the key,  and this implies that HASP-HL itself ought to be very secure as well.

Vendor keys

I’ve been provided with two HASP SRM Vendor Keys:

1. Master key – used for licence production (it is connected to the Business Studio Server machine)
2. Developer key – used to protect programs

I used the Cross-Locking technology which enabled a protected application to work with a HASP HL key, since I only wanted to employ the copy protection.

Roles

The HASP SRM system is role-based, I will briefly describe some of them:

• Product Manager determines the product components to be protected (called Features).
• Development role is for protecting the software using the HASP SRM Envelope
• Order Management role is for defining and managing customer orders
• Production role is for producing customer orders

Steps to protect the software

The steps to copy protect the application are enumerated:

• Install the software (HASP SRM Business Studio Server and Vendor Suite)

I have choosen to install the software on a VirtualBox machine, and I encountered a problem – while starting the installation of HASP SRM, the machine (Windows XP SP3) would just go to blue screen of death and restart. To resolve the problem I had to have a VT-x capable processor, that is to support hardware virtualization, which I luckily enough had:

$ grep vmx /proc/cpuinfo
 flags           : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc arch_perfmon pebs bts pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 xsave lahf_lm ida tpr_shadow vnmi flexpriority
 flags           : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx lm constant_tsc arch_perfmon pebs bts pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 xsave lahf_lm ida tpr_shadow vnmi flexpriority

But to get it to work, I did had to enable these virtualization extensions through my BIOS first, and then for the VirtualBox machine.

• Launch HASP SRM Vendor Suite and introduce two Vendor keys to the system
• Define Features in Business Studio (a Feature is an identifiable functionality of a software application that can be independently licensed).
• Use Envelope in Work Offline mode to apply protection to my application. Prior to protecting the .exe I had to select my Vendor Code, and add a few required assemblies for my application to a folder, and include that folder in assembly path in Envelope, or otherwise I would get errors complaining that some DLLs are missing.
• Define a Product in Business Studio (Manage Products) with a perpetual license.
• Define and produce Orders in Business Studio (Manage Orders), for previously defined products, and lock its license to the HASP HL protection key. The Orders are produced for a specific customer that has to be created in the system. In this section I have also burned the data to HASP HL key. If I hadn’t burned the key and tried to run the application with the key pluged in, I would get the “Feature not found (H0031)” error.
• As an end-user I have tested everything: copied the protected binary over the unprotected one, installed the drivers for HASP HL protection keys (otherwise it would print an error message “Unable to access HASP SRM Run-time Environment (H0033)“), and tested it with the wrong key (error message was “Feature not found (H0031)”), without the key (it showed an error message that I have defined), and with the key with success.