Screenshot instructions:
Windows
Mac
Red Hat Linux
Ubuntu
Click URL instructions:
Right-click on ad, choose "Copy Link", then paste here →
(This may not be possible with some types of ads)
|
From: Chris Laprise <tasket@op...> - 2016-08-03 00:54:33
|
Hello, On Qubes OS 3.2rc2, a tboot-based boot sequence will fail with a system reset unless the 'min_ram=0x2000000' parameter is specified in grub. See Qubes issue #2155: https://github.com/QubesOS/qubes-issues/issues/2155 Currently, Qubes uses tboot version 1.8.2 from the Fedora 23 repository. The other relevant components are Linux kernel 4.4.14 and Xen 4.6.1. If Linux is downgraded to 4.2 then the system is able to boot without crashing. This parameter would normally be used to rectify a milder condition where the system boots with less memory available than it should. Using it to avoid a catastrophic crash does not seem right, so I'd like to ask what is the best course of action from the tboot devs: Is this a bug in tboot or Linux? Should Qubes devs consider using 'min_ram' for all tboot installations? Would it be worth the trouble to try upgrading tboot to the current version? And if so, are signatures available for the tboot code? Chris |
|
From: Sun, Ning <ning.sun@in...> - 2016-08-03 03:35:37
|
There is an explanation in README of tboot source code about 'min_ram' parameter: https://sourceforge.net/p/tboot/code/ci/default/tree/. To identify this issue as a generic or a specific one with Qubes OS, needs to run Qubes OS and tboot on several different platforms from different vendors if possible. There are new releases of tboot available since tboot 1.8.2, to help verify if tboot has a bug relevant to this crash/reset. -ning -----Original Message----- From: Chris Laprise [mailto:tasket@...] Sent: Tuesday, August 02, 2016 5:54 PM To: tboot-devel@... Subject: [tboot-devel] Crash/system reset with linux 4.4 Hello, On Qubes OS 3.2rc2, a tboot-based boot sequence will fail with a system reset unless the 'min_ram=0x2000000' parameter is specified in grub. See Qubes issue #2155: https://github.com/QubesOS/qubes-issues/issues/2155 Currently, Qubes uses tboot version 1.8.2 from the Fedora 23 repository. The other relevant components are Linux kernel 4.4.14 and Xen 4.6.1. If Linux is downgraded to 4.2 then the system is able to boot without crashing. This parameter would normally be used to rectify a milder condition where the system boots with less memory available than it should. Using it to avoid a catastrophic crash does not seem right, so I'd like to ask what is the best course of action from the tboot devs: Is this a bug in tboot or Linux? Should Qubes devs consider using 'min_ram' for all tboot installations? Would it be worth the trouble to try upgrading tboot to the current version? And if so, are signatures available for the tboot code? Chris ------------------------------------------------------------------------------ _______________________________________________ tboot-devel mailing list tboot-devel@... https://lists.sourceforge.net/lists/listinfo/tboot-devel |
|
From: Jan Schermer <jan@sc...> - 2016-08-03 15:57:53
|
Just FYI - I'm using tboot with 4.4 kernels (Ubuntu 16.04) and I haven't had this issue Jan > On 03 Aug 2016, at 05:35, Sun, Ning <ning.sun@...> wrote: > > There is an explanation in README of tboot source code about 'min_ram' parameter: https://sourceforge.net/p/tboot/code/ci/default/tree/. > To identify this issue as a generic or a specific one with Qubes OS, needs to run Qubes OS and tboot on several different platforms from different vendors if possible. > There are new releases of tboot available since tboot 1.8.2, to help verify if tboot has a bug relevant to this crash/reset. > > -ning > > -----Original Message----- > From: Chris Laprise [mailto:tasket@...] > Sent: Tuesday, August 02, 2016 5:54 PM > To: tboot-devel@... > Subject: [tboot-devel] Crash/system reset with linux 4.4 > > Hello, > > > On Qubes OS 3.2rc2, a tboot-based boot sequence will fail with a system reset unless the 'min_ram=0x2000000' parameter is specified in grub. See Qubes issue #2155: > > https://github.com/QubesOS/qubes-issues/issues/2155 > > Currently, Qubes uses tboot version 1.8.2 from the Fedora 23 repository. > The other relevant components are Linux kernel 4.4.14 and Xen 4.6.1. If Linux is downgraded to 4.2 then the system is able to boot without crashing. > > This parameter would normally be used to rectify a milder condition where the system boots with less memory available than it should. Using it to avoid a catastrophic crash does not seem right, so I'd like to ask what is the best course of action from the tboot devs: Is this a bug in tboot or Linux? Should Qubes devs consider using 'min_ram' for all tboot installations? Would it be worth the trouble to try upgrading tboot to the current version? And if so, are signatures available for the tboot code? > > Chris > > > ------------------------------------------------------------------------------ > _______________________________________________ > tboot-devel mailing list > tboot-devel@... > https://lists.sourceforge.net/lists/listinfo/tboot-devel > > ------------------------------------------------------------------------------ > _______________________________________________ > tboot-devel mailing list > tboot-devel@... > https://lists.sourceforge.net/lists/listinfo/tboot-devel |
|
From: Chris Laprise <tasket@op...> - 2016-08-05 18:54:10
|
Hi Jan, Which version of tboot are you using? Chris On 08/03/2016 11:28 AM, Jan Schermer wrote: > Just FYI - I'm using tboot with 4.4 kernels (Ubuntu 16.04) and I haven't had this issue > > Jan > >> On 03 Aug 2016, at 05:35, Sun, Ning <ning.sun@...> wrote: >> >> There is an explanation in README of tboot source code about 'min_ram' parameter: https://sourceforge.net/p/tboot/code/ci/default/tree/. >> To identify this issue as a generic or a specific one with Qubes OS, needs to run Qubes OS and tboot on several different platforms from different vendors if possible. >> There are new releases of tboot available since tboot 1.8.2, to help verify if tboot has a bug relevant to this crash/reset. >> >> -ning >> >> -----Original Message----- >> From: Chris Laprise [mailto:tasket@...] >> Sent: Tuesday, August 02, 2016 5:54 PM >> To: tboot-devel@... >> Subject: [tboot-devel] Crash/system reset with linux 4.4 >> >> Hello, >> >> >> On Qubes OS 3.2rc2, a tboot-based boot sequence will fail with a system reset unless the 'min_ram=0x2000000' parameter is specified in grub. See Qubes issue #2155: >> >> https://github.com/QubesOS/qubes-issues/issues/2155 >> >> Currently, Qubes uses tboot version 1.8.2 from the Fedora 23 repository. >> The other relevant components are Linux kernel 4.4.14 and Xen 4.6.1. If Linux is downgraded to 4.2 then the system is able to boot without crashing. >> >> This parameter would normally be used to rectify a milder condition where the system boots with less memory available than it should. Using it to avoid a catastrophic crash does not seem right, so I'd like to ask what is the best course of action from the tboot devs: Is this a bug in tboot or Linux? Should Qubes devs consider using 'min_ram' for all tboot installations? Would it be worth the trouble to try upgrading tboot to the current version? And if so, are signatures available for the tboot code? >> >> Chris >> >> >> ------------------------------------------------------------------------------ >> _______________________________________________ >> tboot-devel mailing list >> tboot-devel@... >> https://lists.sourceforge.net/lists/listinfo/tboot-devel >> >> ------------------------------------------------------------------------------ >> _______________________________________________ >> tboot-devel mailing list >> tboot-devel@... >> https://lists.sourceforge.net/lists/listinfo/tboot-devel > |
|
From: Jan Schermer <jan@sc...> - 2016-08-05 18:57:49
|
Newest compiled from git current (that is about 1 month ago, haven't touched that since). I hit other problems, but nothing that min_ram would fix. But that was Ubuntu distribution kernel - no idea what Qubes kernel has inside in terms of patches etc... I can maybe try Qubes kernel on Monday for you, to see if it boots on my hw and with my tboot. Tboot 1.8.2 is old and there are vulnerabilities that make it worthless in terms of security anyway (unless they backported the patches of course). Jan > On 05 Aug 2016, at 20:53, Chris Laprise <tasket@...> wrote: > > Hi Jan, > > > Which version of tboot are you using? > > > Chris > > > On 08/03/2016 11:28 AM, Jan Schermer wrote: >> Just FYI - I'm using tboot with 4.4 kernels (Ubuntu 16.04) and I haven't had this issue >> >> Jan >> >>> On 03 Aug 2016, at 05:35, Sun, Ning <ning.sun@...> wrote: >>> >>> There is an explanation in README of tboot source code about 'min_ram' parameter: https://sourceforge.net/p/tboot/code/ci/default/tree/. >>> To identify this issue as a generic or a specific one with Qubes OS, needs to run Qubes OS and tboot on several different platforms from different vendors if possible. >>> There are new releases of tboot available since tboot 1.8.2, to help verify if tboot has a bug relevant to this crash/reset. >>> >>> -ning >>> >>> -----Original Message----- >>> From: Chris Laprise [mailto:tasket@...] >>> Sent: Tuesday, August 02, 2016 5:54 PM >>> To: tboot-devel@... >>> Subject: [tboot-devel] Crash/system reset with linux 4.4 >>> >>> Hello, >>> >>> >>> On Qubes OS 3.2rc2, a tboot-based boot sequence will fail with a system reset unless the 'min_ram=0x2000000' parameter is specified in grub. See Qubes issue #2155: >>> >>> https://github.com/QubesOS/qubes-issues/issues/2155 >>> >>> Currently, Qubes uses tboot version 1.8.2 from the Fedora 23 repository. >>> The other relevant components are Linux kernel 4.4.14 and Xen 4.6.1. If Linux is downgraded to 4.2 then the system is able to boot without crashing. >>> >>> This parameter would normally be used to rectify a milder condition where the system boots with less memory available than it should. Using it to avoid a catastrophic crash does not seem right, so I'd like to ask what is the best course of action from the tboot devs: Is this a bug in tboot or Linux? Should Qubes devs consider using 'min_ram' for all tboot installations? Would it be worth the trouble to try upgrading tboot to the current version? And if so, are signatures available for the tboot code? >>> >>> Chris >>> >>> >>> ------------------------------------------------------------------------------ >>> _______________________________________________ >>> tboot-devel mailing list >>> tboot-devel@... >>> https://lists.sourceforge.net/lists/listinfo/tboot-devel >>> >>> ------------------------------------------------------------------------------ >>> _______________________________________________ >>> tboot-devel mailing list >>> tboot-devel@... >>> https://lists.sourceforge.net/lists/listinfo/tboot-devel >> > |
|
From: Chris Laprise <tasket@op...> - 2016-08-06 09:25:00
|
Thanks. I don't know why Fedora (Qubes dom0) hasn't updated tboot in their repo; I'll try a newer version as your feedback suggests. Chris On 08/05/2016 02:57 PM, Jan Schermer wrote: > Newest compiled from git current (that is about 1 month ago, haven't touched that since). > I hit other problems, but nothing that min_ram would fix. > But that was Ubuntu distribution kernel - no idea what Qubes kernel has inside in terms of patches etc... > I can maybe try Qubes kernel on Monday for you, to see if it boots on my hw and with my tboot. > Tboot 1.8.2 is old and there are vulnerabilities that make it worthless in terms of security anyway (unless they backported the patches of course). > > > Jan |
|
From: Sun, Ning <ning.sun@in...> - 2016-08-06 13:42:40
|
Just got .hg removed from the tboot-1.9.4.tar.gz to reduce the tarball size, other things remains same as tagged for v1.9.4 release. There has been many changes since 1.8.3, so we made the latest release version 1.9.4 by skipping many internal release updates. Thanks, -Ning -----Original Message----- From: Marek Marczykowski-Górecki [mailto:marmarek@...] Sent: Saturday, August 06, 2016 3:03 AM To: Chris Laprise <tasket@...> Cc: Jan Schermer <jan@...>; Sun, Ning <ning.sun@...>; tboot-devel@...; Andrew David Wong <adw@...> Subject: Re: [tboot-devel] Crash/system reset with linux 4.4 On Sat, Aug 06, 2016 at 05:24:45AM -0400, Chris Laprise wrote: > On 08/05/2016 02:57 PM, Jan Schermer wrote: > > Newest compiled from git current (that is about 1 month ago, haven't touched that since). > > I hit other problems, but nothing that min_ram would fix. > > But that was Ubuntu distribution kernel - no idea what Qubes kernel has inside in terms of patches etc... > > I can maybe try Qubes kernel on Monday for you, to see if it boots on my hw and with my tboot. > > Tboot 1.8.2 is old and there are vulnerabilities that make it worthless in terms of security anyway (unless they backported the patches of course). > > Thanks. I don't know why Fedora (Qubes dom0) hasn't updated tboot in > their repo; I'll try a newer version as your feedback suggests. Where I can find *signed* tboot source code? Also, why 1.9.4 tarball is four times bigger than previous? Is it because inclusion of ".hg"? Sounds like a mistake... Also having 1.9.4 just after 1.8.3 sounds suspicious. -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? |
|
From: Chris Laprise <tasket@op...> - 2016-08-31 21:44:53
|
Ning, Would it be possible for you to sign the tboot tarball? That would enable us to test the new version with Qubes and consider it for inclusion in the repository. Regards, Chris On 08/06/2016 09:42 AM, Sun, Ning wrote: > Just got .hg removed from the tboot-1.9.4.tar.gz to reduce the tarball size, other things remains same as tagged for v1.9.4 release. > There has been many changes since 1.8.3, so we made the latest release version 1.9.4 by skipping many internal release updates. > > > Thanks, > -Ning > > -----Original Message----- > From: Marek Marczykowski-Górecki [mailto:marmarek@...] > Sent: Saturday, August 06, 2016 3:03 AM > To: Chris Laprise <tasket@...> > Cc: Jan Schermer <jan@...>; Sun, Ning <ning.sun@...>; tboot-devel@...; Andrew David Wong <adw@...> > Subject: Re: [tboot-devel] Crash/system reset with linux 4.4 > > On Sat, Aug 06, 2016 at 05:24:45AM -0400, Chris Laprise wrote: >> On 08/05/2016 02:57 PM, Jan Schermer wrote: >>> Newest compiled from git current (that is about 1 month ago, haven't touched that since). >>> I hit other problems, but nothing that min_ram would fix. >>> But that was Ubuntu distribution kernel - no idea what Qubes kernel has inside in terms of patches etc... >>> I can maybe try Qubes kernel on Monday for you, to see if it boots on my hw and with my tboot. >>> Tboot 1.8.2 is old and there are vulnerabilities that make it worthless in terms of security anyway (unless they backported the patches of course). >> Thanks. I don't know why Fedora (Qubes dom0) hasn't updated tboot in >> their repo; I'll try a newer version as your feedback suggests. > Where I can find *signed* tboot source code? Also, why 1.9.4 tarball is four times bigger than previous? Is it because inclusion of ".hg"? > Sounds like a mistake... > Also having 1.9.4 just after 1.8.3 sounds suspicious. > > -- > Best Regards, > Marek Marczykowski-Górecki > Invisible Things Lab > A: Because it messes up the order in which people normally read text. > Q: Why is top-posting such a bad thing? |