[Trisquel-users] linux-libre 4.16 still vulnerable to CVE-2017-5715 aka Spectre Variant 2
Hi to all i just installed to test fresh linux-libre kernel on a old core2duo cpu and found linux-libre is still vulnerable to CVE-2017-5715 aka Spectre Variant 2. Spectre and Meltdown mitigation detection tool v0.36+ Checking for vulnerabilities on current system Kernel is Linux 4.16.0-gnu #1 SMP Mon Apr 2 00:58:20 UTC 2018 x86_64 CPU is Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz Hardware check * Hardware support (CPU microcode) for mitigation techniques * Indirect Branch Restricted Speculation (IBRS) * SPEC_CTRL MSR is available: NO * CPU indicates IBRS capability: NO * Indirect Branch Prediction Barrier (IBPB) * PRED_CMD MSR is available: NO * CPU indicates IBPB capability: NO * Single Thread Indirect Branch Predictors (STIBP) * SPEC_CTRL MSR is available: NO * CPU indicates STIBP capability: NO * Enhanced IBRS (IBRS_ALL) * CPU indicates ARCH_CAPABILITIES MSR availability: NO * ARCH_CAPABILITIES MSR advertises IBRS_ALL capability: NO * CPU explicitly indicates not being vulnerable to Meltdown (RDCL_NO): NO * CPU microcode is known to cause stability problems: NO (model 23 stepping 10 ucode 0xa07) * CPU vulnerability to the three speculative execution attack variants * Vulnerable to Variant 1: YES * Vulnerable to Variant 2: YES * Vulnerable to Variant 3: YES CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1' * Mitigated according to the /sys interface: YES (kernel confirms that the mitigation is active) * Kernel has array_index_mask_nospec (x86): YES (1 occurence(s) found of 64 bits array_index_mask_nospec()) * Kernel has the Red Hat/Ubuntu patch: NO * Kernel has mask_nospec64 (arm): NO > STATUS: NOT VULNERABLE (Mitigation: __user pointer sanitization) CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2' * Mitigated according to the /sys interface: NO (kernel confirms your system is vulnerable) * Mitigation 1 * Kernel is compiled with IBRS/IBPB support: YES * Currently enabled features * IBRS enabled for Kernel space: UNKNOWN * IBRS enabled for User space: UNKNOWN * IBPB enabled: UNKNOWN * Mitigation 2 * Kernel has branch predictor hardening (arm): NO * Kernel compiled with retpoline option: YES * Kernel compiled with a retpoline-aware compiler: NO (kernel reports minimal retpoline compilation) > STATUS: VULNERABLE (Vulnerable: Minimal generic ASM retpoline) CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3' * Mitigated according to the /sys interface: YES (kernel confirms that the mitigation is active) * Kernel supports Page Table Isolation (PTI): YES (found 'CONFIG_PAGE_TABLE_ISOLATION=y') * PTI enabled and active: YES * Running as a Xen PV DomU: NO > STATUS: NOT VULNERABLE (Mitigation: PTI)
Re: [Trisquel-users] Vulnerable to meltdown?
Linux 4.15 Git kernel built with GCC 8.0.1 and full Retpoline protection as well as the yet-to-be-merged RETPOLINE_UNDERFLOW support for Skylake and Kabylake systems. That is what we need if we don`t want intel closed microcode.
Re: [Trisquel-users] Uruk GNU/Linux 2.0 (Alpha)
Is it System D distro if is system D no Thx!
[Trisquel-users] linux-libre 4.12 Qemu problem
On linux-libre 4.12 Qemu stop working on macbook2,1 2.1Ghz. Back to linux-libre 4.11.8 all work fine is anyone can explain why is this ?
Re: [Trisquel-users] Asus KFSN 4-DRE at the end of november 2016
You can install on other PC then change HDD no problem if you use standart kernel and mesa.
Re: [Trisquel-users] Asus KFSN 4-DRE at the end of november 2016
Board can`t boot from usb and i wonder is there some good sata to iso hardware emulator like xbox360 hardware cd-rom emulator. Is anyone tryed to enable NVIDIA Kepler reclining on devuan with linux-libre 4.10 ? cat /sys/kernel/debug/ -- > and nothing after debug... any idea ? nouveau.pstate=1 no need for kernel > 4.5 cat /sys/class/drm/card0/ but no pstate there ? card0-DVI-D-1/ card0-HDMI-A-1/ device/ subsystem/ card0-DVI-I-1/ dev
Re: [Trisquel-users] AMD PSP technology
Try to get lenovo G505s and install coreboot. To install core boot on it you will need external flasher.
Re: [Trisquel-users] BIOS firmware on ARM
Depend on ARM chip but if you talking for dev boards AMlogic or Rockchip or Allwiner then yes. I think big problem is now in sofware cos if we talking for security linux kernel is very big and very small number of people can understand it even is open source.
[Trisquel-users] GnuBee open NAS
One very intersting mips open NAS device. http://www.iot-dev.net/full.php?ar=134
[Trisquel-users] AmigaONE A1222 and X5000 maybe new PowerPC libre system ?
https://www.youtube.com/watch?v=0Isypss8kzU Is this mashine firmware is free ?
[Trisquel-users] How to disable ME on SandyBridge and IvyBridge platforms
Article about how to disable ME on SandyBridge and IvyBridge platforms! http://hardenedlinux.org/firmware/2016/11/17/neutralize_ME_firmware_on_sandybridge_and_ivybridge.html
Re: [Trisquel-users] Trisquel 8 iso images updated
Why not triquel version based on Devuan with linux-libre ?
Re: [Trisquel-users] Asus KFSN 4-DRE at the end of november 2016
Yes old problems are fixed only this 30 sec lag is there. Yes build coreboot with no microcode, x64 is ok. AMD boards (NIC firmware, AMD IMC, AMD XHCI) NIC firmware i think this is in other rom . XHCI this is only for usb 3.0 so no wory. Libreboot old fork of coreboot for this board.
Re: [Trisquel-users] Asus KFSN 4-DRE at the end of november 2016
Hi board work perfect i use it evryday with gtx 650.
Re: [Trisquel-users] Trisquel 8 is using systemd?!
To bad i will swich to Devuan !
Re: [Trisquel-users] Best Choice for a Single Board Computer (Today)
Try this https://www.armbian.com/orange-pi-plus-2/ Sd card is extreame slow for web.
[Trisquel-users] World first Open Source RISC-V MCU E310 is here
Freedom Everywhere Arduino-Compatible HiFive1 is now coming to IoT world! Freedom E310 is the industry's first commercially available RISC-V SoC. Designed for embedded, IoT, and wearable applications the FE310 features 32-bit RV32IMAC core running at 320 Mhz, which make it not only Open but among the fastest microcontrollers in the market. http://www.iot-dev.net/full.php?ar=100
Re: [Trisquel-users] What computer should i get?
On libreboot page they said PCI-E slot not work on Gigabyte ES2L. I was thinking to make one mini libre pc for 4k using this board and with same Xeon 5460. vita_cell how i can install last mesa 12.xx on trisquel is there some good repo ? i tryed https://launchpad.net/~paulo-miguel-dias/+archive/ubuntu/mesa Supported Ubuntu versions: - 16.04 LTS (xenial) - 16.10 (yakkety) Is there some backports for 14.04 ?
Re: [Trisquel-users] libreCMC Router
TP-LINK-wdr4300 is the best posible one. http://www.iot-dev.net/ar1p1.html --> how-to build
Re: [Trisquel-users] Trisquel 8 is almost 6 months late. Do something. Anything.
I`m trying to use mesa 12.1 padoka PPA with kepler but requre 16.04 system! https://launchpad.net/~paulo-miguel-dias/+archive/ubuntu/mesa/
Re: [Trisquel-users] Purism Is Still Hoping To Build A GNU/Linux Free Software Librem Smartphone
Is Neo900 gsm modem and LTE modem have open firmware ?
Re: [Trisquel-users] Libreboot leaves FSF. Says FSF shouldn't exist anymore.
Someone try to destroy the project cos it is only alternative to free Pc! I can say we must fork it ! Cos is based on coreboot!
Re: [Trisquel-users] Thoughts on J-core?
Edmund Humenberger talks about open source FPGA tool IceStorm at TuxCon 2016. https://www.youtube.com/watch?v=bQxVaScu9tg
Re: [Trisquel-users] Best free software friendly router
Yes it runs only free software and it is best router that can be found on the market has dual wifi and 128 mb ram dual usb.
Re: [Trisquel-users] Best free software friendly router
TP-LINK-wdr4300 http://iot-dev.net/ar1p1.html
Re: [Trisquel-users] Libreboot 20160818
On asus kfsn4-dre there is long delay before it boot. In coreboot there is no such bug still don`t understend why this is not fixed yet in libreboot.
Re: [Trisquel-users] Linux high profile TCP vulnerability
Is Debian 7 with 3.2 kernel is vulnerable ? I read that after 3.6 kernal but just in case i will add this pach to 3.2 debian.
Re: [Trisquel-users] Which Video Card is the best choice today?
Try GeForce 6xx series with mesa 12.xx.
[Trisquel-users] SiFive come with U500 and E500 Open Source RISC-V SoCs
http://www.iot-dev.net/full.php?ar=51
[Trisquel-users] LibreCMC and TP-LINK-wdr4300
http://www.iot-dev.net/full.php?ar=16 Building secure gateway with LibreCMC.
[Trisquel-users] olimex open laptop
http://www.iot-dev.net/full.php?ar=7 Great news we can have something very good soon.
Re: [Trisquel-users] Open source hardware IP-cores
Something new about Risc-V. Very interesting video. https://www.youtube.com/watch?v=mD-njD2QKN0
Re: [Trisquel-users] Open source hardware IP-cores
http://opencores.org/forum,OpenRISC%20-%20ASIC%20Funding,0,5599 Last status here
Re: [Trisquel-users] Open source hardware IP-cores
http://www.xilinx.com/products/boards-and-kits/arty.html#hardware This look good and they offer Reference Design featuring MicroBlaze and FreeRTOS Webserver
Re: [Trisquel-users] turis omnia open source router
I think the only free routers must be FPGA router. Two FPGA chips one for main OS some RTOS and second fpga for custom encryption accelerator that user can use different encryption ! PHY chips must be implemented in main FPGA. If anyone know some project like this let me know.
Re: [Trisquel-users] Totally Libre Version of Chromium?
iridium-browser stop working and givme this error : :~$ iridium-browser *** autoupdate was enabled, overriding with false Bus error anyone ?
Re: [Trisquel-users] Totally Libre Version of Chromium?
deb https://downloads.iridiumbrowser.de/ubuntu trusty main Yes it worked perfect yesterday all day and today i power on my pc givme this error. Tryed to apt-get remove then install but same think very strange hm...
Re: [Trisquel-users] asus/kfsn4-dre libreboot
Ok i think i was read somewhere that nvidia bios was reversed and coreboot can use this this vbios file to boot system. I use quadro 3800 1G vram like this http://www.newegg.com/Product/Product.aspx?Item=N82E16814133271 Also i can change card if this bios is not reversed.
Re: [Trisquel-users] asus/kfsn4-dre libreboot
Video :) https://goblinrefuge.com/mediagoblin/u/lilos/m/asus-kfsn4-dre-coreboot/
Re: [Trisquel-users] asus/kfsn4-dre libreboot
I want to update to mesa 11. Is building from source is best solution or i must search some repo that have backported to ubuntu 14.04 and install to trisquel ?
Re: [Trisquel-users] asus/kfsn4-dre libreboot
After some time i was able to fix all my problem :) Libreboot do not work. Coreboot works ! I build with no microcode updates and with seabios! Coreboot have one bug also but in irc we fixed configuration file generation!
Re: [Trisquel-users] asus/kfsn4-dre libreboot
I spend 4-5 hours in IRC and it seems libreboot git for KFSN4-DRE is broken. I will build coreboot tomorow wich is also blob free for this board. I talked with one coreboot developer and he ask me to try coreboot git. So tomorow will try to build from coreboot git.
Re: [Trisquel-users] asus/kfsn4-dre libreboot
Yes i have 30 delay. Also for now it only boot with one CPU.If i put second cpu did`t boot. Will try difrent memory configuration to see what will happend.My memory is 4 GB hynix ECC REG DDR2 800.
Re: [Trisquel-users] asus/kfsn4-dre libreboot
Pics
[Trisquel-users] asus/kfsn4-dre libreboot
Hi my asus/kfsn4-dre arrive and i install libbre boot from git. But usb keyboard not work i`m unable to select from boot menu. Any quick help ?
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
EFIUpdaterApp.efi checks if version is 1,1 or 1,0 Changes what i make was 2 or 3 checks of CRC checksum not one. Also i did not download update from site.I push autoupdate in control panel apple firmware is download then he ask me to reboot i cancel it then copy from apple update files firmware update tool and remove firmware checks.But my firmware version was 1.0. So the only think that is left is to be removed current firmware version check.This can be done by hex editing EFIUpdaterApp.efi and searching for string that check what is your current version. And this string must be changed to firmware 1,1 string so result will be maching and EFIUpdaterApp.efi will flash libreboot I alredy flashed my macbook1,1 (works very well ~ 1-2m after flashing) and can`t test this.
Re: [Trisquel-users] How To Make Sure You Stay Libre
What about we use FPGA with Softcore CPU ?
Re: [Trisquel-users] How To Make Sure You Stay Libre
LiteBSD has been ported to PIC32 MIPS 200MHz with MMU. I think LiteBSD is freesoftware.
Re: [Trisquel-users] would anyone know of any online classes that i could learn more about linux?
I can`t understand what is non free java script.Browser use javascript and execute it like php but it is text file and can`t be hiden or i`m wrong ? And if i`m wrong how javascript can be hidden sorry if i`m asking noob question but i`m c c++ more guy not web in fact html looks me very difrent but javascript is like c.Let someone explain me.
Re: [Trisquel-users] would anyone know of any online classes that i could learn more about linux?
I understand that javascript is not like php.PHP have executible that execute php code. Yes browsers are all different with different render engines and they execute javascript in different way. But how java script program will not include source code ? Code need to be loaded in browser to run it and is pure text file not compiled executible or i`m wrong ?
Re: [Trisquel-users] ASUS KGPE-D16 server motherboard added to libreboot
Fantastic news :) 2x 16 core opteron 6386 se + 256 GB DDR3 memory :) seems fast :)
Re: [Trisquel-users] would anyone know of any online classes that i could learn more about linux?
I`m thinking for project like facebook but not for sharing pictures and collect people info but to be people place for learning like "SmartBook" place that evryone can work onine to develop and learn linux or any new os, free hardware etc... cos we have many distros but very small number of people can actualy understand how kernel is working and to help develop new stuff and also learn .. live chat live clasess.We have internet just i don`t know is there some app or website that can do this kind of stuff ?
Re: [Trisquel-users] would anyone know of any online classes that i could learn more about linux?
Maybe yes maybe no. I sure if we have some free place for sharing knowledge live online people will start using it. Also we can have paid consulting services and clases.
Re: [Trisquel-users] Coreboot Now Supports The Sandy Bridge MacBook Air 4.2
Dam i was thinking that apple as intel partner can be able to remove ME but it seems mac are not so custom
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
What firmware version you have ? Also what version is your OSX ?
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
It seems that you have last version of firmware boot rom 1.1 My version was 1.0 and i was able to update. I need to remove protection for reflashing with same firmware cos it seems that APPLE did`t allow to flash 2 times same version of firmware. So for now this will work if you only have macbook 1,1 with bootrom ver 1,0.
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
sha256sum macbook\ efi.arj 6fc5d813e945f4fa2d5cf6ae97ce95ced578ab02aa6182e63b83de39b45ee324 macbook efi.arj
Re: [Trisquel-users] libreboot t400 is now available for purchase on minifree (gluglug)
Some T400 and T500 models have ati 3650 video. Did anyone know is this is removable pci-e card ? I can`t find picturies of mainboard with ati card.
Re: [Trisquel-users] libreboot t400 is now available for purchase on minifree (gluglug)
I found very good model. Lenovo ThinkPad T400 с T9900 2x3.06GHz/4GB DDR3/1440x900/14’ Question is pannel at 1440x900 will work with libreboot ?
Re: [Trisquel-users] libreboot t400 is now available for purchase on minifree (gluglug)
For the high-res panels, re-compiling with register "gfx.lvds_dual_channel" = "1" partially solves the problem for those displays; there is still no display in GRUB, but once the kernel takes over, there is a display. And this is no big deal :) just will don`t have grub menu And when kernel is loading will load driver so i will get it :) This is for only 200 USD :) and is fast :)
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
MacBook 2,1 Works verty good Problems that i have with Macbook 1,1 with internal mic and ethernet now works in Macbook 2,1. Is someone flashed macbook 1,1 with libreboot to confirm missing internal mic and ethernet ?
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
Macbook 1,1 drops cpu to 1,1 and is not hot i was using it with new 4.2 kernel also 3.16 , mesa 10,5,9 Kodi is abble to paly 1080p in cpu at ~55% if you put SSD and use 4.2 kernel seems very good for web music movies :) and is still look better than ugli ibm pads :)
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
My Macbook 2.1 is old and still can do 1h and 50 min on battery i beleve when i change it can do 4h with new battery. I will get new battery and will test.
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
Hm i tested 760 GTX with mesa mesa 10.6.6 not bad maybe you use some old version ? Also kernel 4.3 will have big nvidia rewrite and performase optimization.
Re: [Trisquel-users] Google Chrome For Trisquel
No
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
Default is mesa 10.1 ... very old and try parabola you will see big chages and then update kernel and mesa on trisquel.
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
GeForce GTX Titan Black CPU is AMD Opteron 2393SE (Quad-Core) (3.1G) (C2)
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
Ultimate Libre boot laptop will be Lenovo T500 with This CPU http://ark.intel.com/products/36727/Intel-Core2-Extreme-Processor-QX9300-12M-Cache-2_53-GHz-1066-MHz-FSB 8G Ram and SSD And if we clock in some way this CPU in 3 Ghz by FSB Will have killer Laptop 4 core 12M cashe that will be on same level performase like modern laptop and LIBRE 100% Free :)
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
If you install hameleon on usb flash try to boot it maybe will boot not tested. Aslo other idea is to try to burn VMware Fusion iso and use it like efi loader or maybe use other free EFI implemetation like Clover EFI bootloader
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
1 . You will need OSX (tested on osx 10.6.8) working on macbook 1,1 2.Download moded EFI app (inside have libre boot) and run it.It will bless libre-boot ready for flashing just like normal mac efi firmware update. http://www.fileconvoy.com/dfl.php?id=g213b0c00487c5e2d999715871454a19feece0a351 3 After restart hold power button until beeps and apple efi tool will flash libreboot automaticaly. 4. Restart You have Libre boot on macbook 1,1 Then install Trisquel and delete OSX :) 5 Optional If you want to update to lasted libre boot you can build from GIT and flash using flashrom or use my attached files.
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
I will but not shure how to do it.Maybe someone can explain me.
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
I was able to build from Git and flash using flashrom. flashrom --verbose --programmer internal:laptop=force_I_want_a_brick --chip SST25VF016B --read macbook21_usqwerty_vesafb.rom >flashrom_read.log 2>&1 This worked fine for me. Erase/write done. Verifying flash... VERIFIED. Restoring MMIO space at 0xb7645070 Restoring MMIO space at 0xb764507c Restoring MMIO space at 0xb7645078 Restoring MMIO space at 0xb7645076 Restoring MMIO space at 0xb7645074 Restoring PCI config space for 00:1f:0 reg 0xdc
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
I don`t know is this my laptop problem but ethernet interface not work.Tested with my buid and original 05.18 libreboot build. Forget to test with OSX, Wifi works very good.
[Trisquel-users] MacBook 1,1 to Libreboot in software way
Hi to all in forum! I buyed new macbook 1,1 and latter found that is not supported in software flash to update to libreboot. So i found way to make it posible. Here is pached version on appleEFI update tool for macbook 1,1. You will need OSX (tested on osx 10.6.8) working on macbook 1,1 to update and then can delete it and install trisquel or any libre linux. http://www.fileconvoy.com/dfl.php?id=g213b0c00487c5e2d999715871454a19feece0a351 this will update to 05/18/2015 libreboot you can check file is same as libreboot mirrors and is inside updatetool app just renamed to mach to apple original file name and also apple efi update tool is pached for libreboot version 05/18/2015
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
Don`t know for flashrom but next what i`m thinking is to try to make libreboot work on this :) http://www.everymac.com/systems/apple/mac_mini/specs/mac-mini-core-2-duo-2.0-specs.html
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
Apple efi update tool have protection to flash only apple firmware so need to be pached for specific rom to work
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
I used hex editor to patch it.Will post method letter.
Re: [Trisquel-users] MacBook 1,1 to Libreboot in software way
Something strange that i found is internal mic is disabled from libreboot and only when put external one is works. Is anyone have same problem ?