Language Selection

English French German Italian Portuguese Spanish

Debian

Syndicate content
Planet Debian - https://planet.debian.org/
Updated: 6 days 15 hours ago

John Goerzen: Recovering Our Lost Free Will Online: Tools and Techniques That Are Available Now

Monday 22nd of February 2021 04:13:28 AM

As I’ve been thinking and writing about privacy and decentralization lately, I had a conversation with a colleague this week, and he commented about how loss of privacy is related to loss of agency: that is, loss of our ability to make our own choices, pursue our own interests, and be master of our own attention.

In terms of telecommunications, we have never really been free, though in terms of Internet and its predecessors, there have been times where we had a lot more choice. Many are too young to remember this, and for others, that era is a distant memory.

The irony is that our present moment is one of enormous consolidation of power, and yet also one of a proliferation of technologies that let us wrest back some of that power. In this post, I hope to enlighten or remind us of some of the choices we have lost — and also talk about the ways in which we can choose to regain them, already, right now.

I will talk about the possibilities, the big dreams that are possible now, and then go into more detail about the solutions.

The Problems & Possibilities

The limitations of “online”

We make the assumption that we must be “online” to exchange data. This is reinforced by many “modern” protocols; Twitter clients, for instance, don’t tend to let you make posts by relaying them through disconnected devices.

What would it be like if you could fully participate in global communities without a constant Internet connection? If you could share photos with your friends, read the news, read your email, etc. even if you don’t have a connection at present? Even if the device you use to do that never has a connection, but can route messages via other devices that do?

Would it surprise you to learn that this was once the case? Back in the days of UUCP, much email and Usenet news — a global discussion forum that didn’t require an Internet connection — was relayed via occasional calls over phone lines. This technology remains with us, and has even improved.

Sadly, many modern protocols make no effort in this regard. Some email clients will let you compose messages offline to send when you get online later, but the assumption always is that you will be connected to an IP network again soon.

NNCP, on the other hand, lets you relay messages over TCP, a radio, a satellite, or a USB stick. Email and Usenet, since they were designed in an era where store-and-forward was valued, can actually still be used in an entirely “offline” fashion (without ever touching an IP-based network). All it takes is for someone to care to make it happen. You can even still do it over UUCP if you like.

The physical and data link layers

Many of us just accept that we communicate in a few ways: Wifi for short distances, and then cable modems or DSL for our local Internet connection, and then many people are fuzzy about what happens after that. Or, alternatively, we have 4G phones that are the local Internet connection, and the same “fuzzy” things happen after.

Think about this for a moment. Which of these do you control in any way? Sometimes just wifi, sometimes maybe you have choices of local Internet providers. After that, your traffic is handled by enormous infrastructure companies.

There is choice here.

People in ham radio have been communicating digitally over long distances without the support of the traditional Internet for decades, but the technology to do this is now more accessible to anyone. Long-distance radio has had tremendous innovation in the last decade; cheap radios can now communicate over several miles/km without any other infrastructure at all. We all carry around radios (Wifi and Bluetooth) in our pockets that don’t have to be used as mere access points to the Internet or as drivers of headphones, but can also form their own networks directly (Briar).

Meshtastic is an example; it’s an instant messenger that can form a mesh over many miles/km and requires no IP infrastructure at all. Briar is similar. XBee radios form a mesh in hardware, allowing peers to reach each other (also over many miles/km) with a serial or framed protocol.

Loss of peer-to-peer

Back in the late 90s, I worked at a university. I had a 386 on my desk for a workstation – not a powerful computer even then. But I put the boa webserver on it and could just serve pages on the Internet. I didn’t have to get permission. Didn’t have to pay a hosting provider. I could just DO it.

And of course that is because the university had no firewall and no NAT. Every PC at the university was a full participant on the Internet as much as the servers at Microsoft or DEC. All I needed was a DNS entry. I could run my own SMTP server if I wanted, run a web or Gopher server, and that was that.

There are many reasons why this changed. Nowadays most residential ISPs will block SMTP for their customers, and if they didn’t, others would; large email providers have decided not to federate with IPs in residential address spaces. Most people have difficulty even getting a static IP address in the first place. Many are behind firewalls, NATs, or both, meaning that incoming connections of any kind are problematic.

Do you see what that means? It has weakened the whole point of the Internet being a network of peers. While IP still acts that way, as a practical matter, there are clients that are prevented from being servers by administrative policy they have no control over.

Imagine if you, a person with an Internet connection to your laptop or phone, could just decide to host a website, or a forum on it. For moderate levels of load, they are certainly capable of this. The only thing in the way is the network management policies you can’t control.

Elaborate technologies exist to try to bridge this divide, and some, like Tor or cjdns, can work quite well. More on this below.

Expense of running something popular

Related to the loss of peer-to-peer infrastructure is the very high cost of hosting something popular. Do you want to share videos with lots of people? That almost certainly is going to require expensive equipment and bandwidth.

There is a reason that there are only a small handful of popular video streaming sites online. It requires a ton of money to host videos at scale.

What if it didn’t? What if you could achieve economies of scale so much that you, an individual, could compete with the likes of YouTube? You wouldn’t necessarily have to run ads to support the service. You wouldn’t have to have billions of dollars or billions of viewers just to make it work.

This technology exists right now. Of course many of you are aware of how Bittorrent leverages the swarm for files. But projects like IPFS, Dat, and Peertube have taken this many steps further to integrate it into a global ecosystem. And, at least in the case of Peertube, this is a thing that works right now in any browser already!

Application-level “walled gardens”

I was recently startled at how much excitement there was when Github introduced “dark mode”. Yes, Github now offers two colors on its interface. Already back in the 80s and 90s, many DOS programs had more options than that.

Git is a decentralized protocol, but Github has managed to make it centralized.

Email is a decentralized protocol — pick your own provider, and they all communicate — but Facebook and Twitter aren’t. You can’t just pick your provider for Facebook. It’s Facebook or nothing.

There is a profit motive in locking others out; these networks want to keep you using their platforms because their real customers are advertisers, and they want to keep showing you ads.

Is it possible to have a world where you get to pick your own app for sharing photos, and it works even if your parents use a different one? Yes, yes it is.

Mastodon and the Fediverse are fantastic examples for social media. Pixelfed is specifically designed for photos, Mastodon for short-form communication, there’s Pleroma for more long-form communication, and they all work together. You can use Mastodon to read Pleroma content or look at Pixelfed photos, and there are many (free) providers of each.

Freedom from manipulation

I recently wrote about the dangers of the attention economy, so I won’t go into a lot of detail here. Fundamentally, you are not the customer of Facebook or Google; advertisers are. They optimize their site to keep you on it as much as possible so that they can show you as many ads as possible which makes them as much money as possible. Ads, of course, are fundamentally seeking to manipulate your behavior (“buy this product”).

By lowering the cost of running services, we can give a huge boost to hobbyists and nonprofits that want to do so without an ultimate profit motive. For-profit companies benefit also, with a dramatically reduced cost structure that frees them to pursue their mission instead of so many ads.

Freedom from snooping (privacy and anonymity)

These days, it’s not just government snooping that people think about. It’s data stolen by malware, spies at corporations (whether human or algorithmic), and even things like basic privacy of one’s own security footage. Here the picture is improving; encryption in transit, at least at a basic level, has become much more common with TLS being a standard these days. Sadly, end-to-end encryption (E2EE) is not nearly as much, perhaps because corporations have a profit motive to have access to your plaintext and metadata.

Closely related to privacy is anonymity: that is, being able to do things in an anonymous fashion. The two are not necessarily equal: you could send an encrypted message but reveal who the correspondents are, as with email; or, you could send a plaintext message over a Tor exit node that hides who the correspondents are. It is sometimes difficult to achieve both.

Nevertheless, numerous answers exist here that tackle one or both problems, from the Signal messenger to Tor.

Solutions That Exist Today

Let’s dive in to some of the things that exist today.

One concept you’ll see in many of these is integrated encryption with public keys used for addressing. In other words, your public key is akin to an IP address (and in some cases, is literally your IP address.)

Data link and networking technologies (some including P2P)

  • Starting with the low-power and long-distance technologies, I’ve written quite a bit about LoRA, which are low-power long-distance radios. They can easily achieve several miles/km while still using much less than 1W of power. LoRA is a common building block of mesh off-the-grid messenger systems such as meshtastic, which forms an ad-hoc mesh of LoRA devices with days-long battery life and miles-long communication abilities. LoRA trades speed for bandwidth; in its longest-distance modes, it may operate at 300bps or less. That is not a typo. Some LoRAWAN devices have battery life measured in years (usually one-way sensors and such).
  • Similar to LoRA is XBee SX from Digi. While not quite as long-distance as LoRA, it does still do quite a bit with low power and also goes many miles. XBee modules have automatic mesh routing in firmware, and can be used in either frame mode or “serial cable emulation” mode in which they act as if they’re a serial cable. Unlike plain LoRA, XBee radios do hardware retransmit. They also run faster, at up to about 150Kbps – though that is still a lot slower than wifi.
  • I’ve written about secure mesh messengers recently. One of them, Briar, particularly stands out in that it is able to form an ad-hoc mesh using phone’s Bluetooth radios. It can also route messages over the public Internet, which it does exclusively using Tor.
  • I’ve also written a lot about NNCP, the sort of modernized UUCP. NNCP is completely different than the others here in that it is a store-and-forward network – sort of a modern UUCP. NNCP has easy built-in support for routing packets using USB drives, clean serial interfaces, TCP, basically anything you can pipe to, even broadcast satellite and such. And you don’t even have to pick one; you can use all of the above: Internet when it’s available, USB sticks or portable hard drives when not, etc. It uses Tor-line onion routing with E2EE. You’re not going to run TCP over NNCP, but files (including videos), backups, email, even remote execution are all possible. It is the most “Unixy” of the modern delay-tolerant networks and makes an excellent choice for a number of use cases where store-and-forward and extreme flexibility in transportation make a lot of sense.
  • Moving now into the range of speeds and technologies we’re more used to, there is a lot of material out there on building mesh networks on Wifi or Wifi-adjacent technology. Amateur radio operators have been active in this area for years, and even if you aren’t a licensed ham and don’t necessarily flash amateur radio firmware onto your access points, a lot of the ideas and concepts they cover could be of interest. For instance, the Amateur Radio Emergency Data Network covers both permanent and ad-hoc meshs, and this AREDN video covers device selection for AREDN — which also happens to be devices that would be useful for quite a few other mesh or long-distance point-to-point setups.
  • Once you have a physical link of some sort, cjdns and the Hyperboria network have the goals of literally replacing the Internet – but are fully functional immediately. cjdns assigns each node an IPv6 address based on its public key. The network uses DHT for routing between nodes. It can run directly atop Ethernet (and Wifi) as its own native protocol, without an IP stack underneath. It can also run as a layer atop the current Internet. And it can optionally be configured to let nodes find an exit node to reach the current public Internet, which they can do opportunistically if given permission. All traffic is E2EE. One can run an isolated network, or join the global Hyperboria network. The idea is that local meshes could be formed, and then geographically distant meshes can be linked together by simply using the current public Internet as a dumb transport. This, actually, strongly resembles the early days of Internet buildout under NSFNet. The Torento Mesh is a prominent user of cjdns, and they publish quite a bit of information online.
  • Similar in concept to cjdns is Yggdrasil, which uses a different algorithm and isn’t yet as mature in design.
  • Althea is a startup in this space, hoping to encourage communities to build meshes whose purpose is to provide various routes to access to the traditional Internet, including digital currency micropayments. This story documents how one rural community is using it.
  • Tor is a somewhat interesting case. While it doesn’t provide kernel-level routing, it does provide a SOCKS5 proxy. Traditionally, Tor is used to achieve anonymity while browsing the public Internet via an exit node. However, you can stay entirely in-network by using onion services (basically ports that are open to Tor). All Tor traffic is onion-routed so that the originating IP cannot be discovered. Data within Tor is E2EE, though if you are using an exit node to the public Internet, that of course can’t apply there.

P2P Infrastructure

While some of the technologies above, such as cjdns, explicitly facitilitate peer-to-peer communication, there are some other application-level technologies to look at.

  • IPFS has been having a lot of buzz lately, since the Brave browser integrated support. IPFS headlines as “powers the distributed web”, but it is actually more than that; various other apps layer atop it. The core idea is that content you request gets reshared by your node for some period of time, somewhat akin to Bittorrent. IPFS runs atop the regular Internet and is typically accessed through an app.
  • The Dat Protocol is somewhat similar in concept to IPFS, though the approach is somewhat different; it emphasizes efficient distribution of updates at the expense of requiring a git-like history.
  • IPFS itself is based on libp2p, which is designed to be a generic infrastructure for adding P2P capabilities to your own code. It is probably fair to say libp2p is still quite complex compared to ordinary TCP, and the language support is in its infancy, but nevertheless it is quite an exciting development to watch.
  • Of course almost all of us are familiar with Bittorrent, the software that first popularized the idea of a distributed mesh sharing knowledge about which chunks of a dataset they have in order to maximize the efficiency of distributing the whole thing. Bittorrent is still in wide use (and, despite its reputation, that wide use includes legitimate users such as archive.org and Debian).
  • I recently wrote about building a delay-tolerant offline-capable mesh with Syncthing. Syncthing, on its surface, is something like an open source Dropbox. But look into a bit and you realize it’s fully P2P, serverless, can support various network topologies including intermittent connectivity between network parts, and such. My article dives into that in more detail. If your needs are mostly related to files, Syncthing can make a fine mesh infrastructure that is auto-healing and is equally at home on the public Internet, a local wifi access point with no Internet at all, a private mesh like cjdns, etc.
  • Also showing some promise is Secure Scuttlebutt (SSB). It’s most well-known application is a social network, but in my opinion some of the other applications atop SSB are more interesting. SSB is designed to be offline-friendly, can do things like automatically exchange data with peers on the same Wifi (eg, a coffee shop), etc., though it is an append-only log that can be unwieldy on mobile sometimes.

Instant Messengers and Chat

I won’t go into a lot of detail here since I recently wrote a roundup of secure mesh messengers and also a followup article about Signal and some hidden drawbacks of P2P. Please refer to those articles for some interesting things that are happening in this space.

Matrix is a distributed IM platform similar in concept to Slack or IRC, but globally distributed in a mesh. It supports optional E2EE.

Social Media

I wrote recently about how to join the Fediverse, which covered joining Mastodon, a federeated, decentralized social network. Mastodon is the largest of these, with several million users, and is something of a much nicer version of Twitter.

Mastodon is also part of what is known as the “Fediverse”, which are applications that are loosely joined together by their support of the ActivityPub protocol. Other populat Fediverse applications include Pixelfed (similar to Instagram) and Peertube for sharing video. Peertube is particularly interesting in that it supports Webtorrent for efficiently distributing popular videos. Webtorrent is akin to Bittorrent running efficiently inside your browser.

Concluding Remarks

Part of my goal with this is encouraging people to dream big, to ask questions like:

What could you do if offline were easy?

What is possible if you have freedom in the physical and data link layers? Dream big.

We’re so used to thinking that it’s quite difficult for two devices on the Internet to talk to each other. What would be possible if this were actually quite easy?

The assumption that costs rise dramatically as popularity increases is also baked into our thought processes. What if that weren’t the case — could you take on Youtube from your garage? Would lowering barriers to entry lower the ad economy and let nonprofits have more equal footing with large corporations?

We have so many walled gardens, from Github to Facebook, that we almost forget it doesn’t have to be that way.

So having asked these questions, my secondary point is to suggest that these aren’t pie-in-the-sky notions. These possibilites are with us right now.

You’ll notice from this list that virtually every one of these technologies is ad-free at its heart (though some would be capable of serving ads). They give you back your attention. Many preserve privacy, anonymity, or both. Many dramatically improve your freedom of association and communication. Technologies like IPFS and Bittorrent ease the burden of running something popular.

Some are quite easy to use (Mastodon or Peertube) while others are much more complex (libp2p or the lower-level mesh network systems).

Clearly there is still room for improvement in many areas.

But my fundamental point is this: good technology is here, right now. Technical people can vote with their feet and wallets and start using it. Early adopters will help guide the way for the next set of improvements. Join us!

Russ Allbery: Review: Finder

Monday 22nd of February 2021 04:06:00 AM

Review: Finder, by Suzanne Palmer

Series: Finder Chronicles #1 Publisher: DAW Books Copyright: 2019 ISBN: 0-7564-1511-X Format: Kindle Pages: 391

Fergus Ferguson is a repo man, or professional finder as he'd prefer. He locates things taken by people who don't own them and returns them to their owners. In this case, the thing in question is a sentient starship, and the person who stole it is Arum Gilger, a warlord in a wired-together agglomeration of space habitats and mined-out asteroids named Cernekan. Cernee, as the locals call it, is in the backwaters of human space near the Gap between the spiral arms of the galaxy.

One of Fergus's first encounters in Cernee is with an old lichen farmer named Mattie Vahn who happens to take the same cable car between stations that he does. Bad luck for Fergus, since that's also why Gilger's men first disable and then blow up the cable car, leaving Mattie dead and Fergus using the auto-return feature of Mattie's crates to escape to the Vahns' home station. The Vahns are not a power in Cernee, not exactly, but they do have some important alliances and provide an inroads for Fergus to get the lay of the land and map out a plan to recover the Venetia's Sword.

This is a great hook. I would happily read a whole series about an interstellar repo man, particularly one like Fergus who only works for the good guys and recovers things from petty warlords. Fergus is a thoughtful, creative loner whose style is improvised plans, unexpected tactics, and thinking on his feet rather than either bluster or force (although there is a fair bit of death in this book, some of which is gruesome). About two-thirds of the book is in roughly that expected shape. Fergus makes some local contacts, maps out the political terrain, and maneuvers himself towards his target through a well-crafted slum of wired-together habitats and working-class miners. Also, full points for the creative security system on the starship that tries to solve a nearly impossible problem (a backdoor supplementing pre-shared keys with a cultural authentication scheme that can't be vulnerable to brute force or database searches).

Halfway through, though, Palmer throws a curve ball at the reader that involves the unexplained alien presence that's been lurking around the system. That part of the plot shifts focus somewhat abruptly from the local power struggle Fergus has been navigating to something far more intrusive and personal. Fergus has to both reckon with a drastic change in his life and deal with memories of his early life on an Earth drowning in climate change, his abusive childhood, and his time spent in the Martian resistance.

This is also a fine topic for an SF novel, but I think Finder suffered a bit from falling between two stools. The fun competence drama of the lone repossession agent striking back against petty tyrants by taking away their toys is derailed by the sudden burst of introspection and emotional processing, but the processing is not deep or complex enough to carry the story on its own. Fergus had an awful and emotionally alienated childhood followed by some nasty trauma, to which he has responded by carefully never getting close to anyone so that he never hurts anyone who relies on him. And yet, he's a fundamentally decent person and makes friends despite himself, and from there you can probably write the rest of the arc yourself. There's nothing wrong with this as the emotional substrate of a book that's primarily focused on an action plot, but the screeching change of focus threw me off.

The good news is that the end of the book returns to the bits that I liked about the first half. The mixed news is that I thought the political situation in Cernee resolved much too easily and much too straightforwardly. I would have preferred the twisty alliances to stay twisty, rather than collapse messily into a far simpler moral duality. I will also speak on behalf of all the sentient starship lovers out there and complain that the Venetia's Sword was woefully underused. It had better show up in a future volume!

This unsteadiness and a few missed opportunities make Finder a good book rather than a great one, but I was still happily entertained and willing to write that off as first-novel unevenness. There are a lot of background elements left unresolved for a future volume, but Finder comes to a satisfying conclusion. Recommended if you're looking for an undemanding space action story with a quick pace and decent, if not very deep, characters.

Followed by Driving the Deep.

Rating: 7 out of 10

Erich Schubert: My first Rust crate: faster kmedoids clustering

Sunday 21st of February 2021 11:18:00 PM

I have written my first Rust crate: kmedoids.

Python users can use the wrapper package kmedoids.

It implements k-medoids clustering, and includes our new FasterPAM algorithm that drastically reduces the computational overhead. As long as you can afford to compute the distance matrix of your data set, clustering it with k-medoids is now feasible even for large k. (If your data is continuous and you are interested in minimizing squared errors, k-means surely remains the better choice!)

My take on Rust so far:

  • Pedantic. Which is good if you want quality code. Which is bad if you want others to contribute.
  • Run time was very fast, I liked that. The pedanticness gives the compiler additional information to optimize better, of course.
  • Tooling is okay, but can be improved. Compilers give good error messages, but the color scheme assumes a black background terminal.
  • I’d prefer to have it properly integrated in my OS, rather than having yet-another-package-manager in the form of rustup. This is the road to madness that everything now brings its own package manager, this should be part of the operating system.
  • The python module generation with PyO3 is crazy shit, but cool to have.
  • I like the exception handling and optionals so far. And with Rust you know that it will be optimize out very well. With Java you know pretty well that it wont when you’d most need it…
  • It is a pity that there seems to be a secret Rust convention to never documentation internal functions or code, only APIs. Java overdid it the other direction with the convention of documenting stupid getters and setters, but there ought to be a middle ground.
  • They overdid it with making everything as few characters as possible. Code does not get better if its shorter. I have never been a fan of omitting “return” statements (just 6 chars)! But Rust is not the worst here because at least it has strong typing. Implicit returns are error-prone.
  • A simple for i in 0..n { already causes a clippy warning; the clippy rule clearly is overshooting its own description. It fails to detect if the index i is actually needed. So the alternative would be a for (i, item) in list.iter().enumerate() {. And apparently there is some weird reason why iterators are even faster than a range for loop?!?
  • My first interactions with the Rust community were not particularly welcoming.

Will I use it more?

I don’t know. Probably if I need extreme performance, but I likely would not want to do everything my self in a pedantic language. So community is key, and I do not see Rust shine there.

Enrico Zini: Software development links

Sunday 21st of February 2021 11:00:00 PM

Next time we'll iterate on Himblick design and development, Raspberry Pi 4 can now run plain standard Debian, which should make a lot of things easier and cleaner when developing products based on it.

Somewhat related to nspawn-runner, random links somehow related to my feeling that nspawn comes from an ecosystem which gives me a bigger sense of focus on security and solidity than Docker:

I did a lot of work on A38, a Python library to deal with FatturaPA electronic invoicing, and it was a wonderful surprise to see a positive review spontaneously appear! ♥: Fattura elettronica, come visualizzarla con python | TuttoLogico

A beautiful, hands-on explanation of git internals, as a step by step guide to reimplementing your own git: Git Internals - Learn by Building Your Own Git

I recently tried meson and liked it a lot. I then gave unity builds a try, since it supports them out of the box, and found myself with doubts. I found I wasn't alone, and I liked The Evils of Unity Builds as a summary of the situation.

A point of view I liked on technological debt: Technical debt as a lack of understanding

Finally, a classic, and a masterful explanation for a question that keeps popping up: RegEx match open tags except XHTML self-contained tags

Dmitry Shachnev: ReText turns 10 years

Sunday 21st of February 2021 06:30:00 PM

Exactly ten years ago, in February 2011, the first commit in ReText git repository was made. It was just a single 364 lines Python file back then (now the project has more than 6000 lines of Python code).

Since 2011, the editor migrated from SourceForge to GitHub, gained a lot of new features, and — most importantly — now there is an active community around it, which includes both long-time contributors and newcomers who create their first issues or pull requests. I don’t always have enough time to reply to issues or implement new features myself, but the community members help me with this.

Earlier this month, I made a new release (7.2), which adds a side panel with directory tree (contributed by Xavier Gouchet), option to fully highlight wrapped lines (contributed by nihillum), ability to search in the preview mode and much more — see the release page on GitHub.

Also a new version of PyMarkups module was released, which contains all the code for processing various markup languages. It now supports markdown-extensions.yaml files which allow specifying complex extensions options and adds initial support for MathJax 3.

Also check out the release notes for 7.1 which was not announced on this blog.

Future plans include making at least one more release this year, adding support for Qt 6. Qt 5 support will last for at least one more year.

Matthew Garrett: Making hibernation work under Linux Lockdown

Sunday 21st of February 2021 08:37:25 AM
Linux draws a distinction between code running in kernel (kernel space) and applications running in userland (user space). This is enforced at the hardware level - in x86-speak[1], kernel space code runs in ring 0 and user space code runs in ring 3[2]. If you're running in ring 3 and you attempt to touch memory that's only accessible in ring 0, the hardware will raise a fault. No matter how privileged your ring 3 code, you don't get to touch ring 0.

Kind of. In theory. Traditionally this wasn't well enforced. At the most basic level, since root can load kernel modules, you could just build a kernel module that performed any kernel modifications you wanted and then have root load it. Technically user space code wasn't modifying kernel space code, but the difference was pretty semantic rather than useful. But it got worse - root could also map memory ranges belonging to PCI devices[3], and if the device could perform DMA you could just ask the device to overwrite bits of the kernel[4]. Or root could modify special CPU registers ("Model Specific Registers", or MSRs) that alter CPU behaviour via the /dev/msr interface, and compromise the kernel boundary that way.

It turns out that there were a number of ways root was effectively equivalent to ring 0, and the boundary was more about reliability (ie, a process running as root that ends up misbehaving should still only be able to crash itself rather than taking down the kernel with it) than security. After all, if you were root you could just replace the on-disk kernel with a backdoored one and reboot. Going deeper, you could replace the bootloader with one that automatically injected backdoors into a legitimate kernel image. We didn't have any way to prevent this sort of thing, so attempting to harden the root/kernel boundary wasn't especially interesting.

In 2012 Microsoft started requiring vendors ship systems with UEFI Secure Boot, a firmware feature that allowed[5] systems to refuse to boot anything without an appropriate signature. This not only enabled the creation of a system that drew a strong boundary between root and kernel, it arguably required one - what's the point of restricting what the firmware will stick in ring 0 if root can just throw more code in there afterwards? What ended up as the Lockdown Linux Security Module provides the tooling for this, blocking userspace interfaces that can be used to modify the kernel and enforcing that any modules have a trusted signature.

But that comes at something of a cost. Most of the features that Lockdown blocks are fairly niche, so the direct impact of having it enabled is small. Except that it also blocks hibernation[6], and it turns out some people were using that. The obvious question is "what does hibernation have to do with keeping root out of kernel space", and the answer is a little convoluted and is tied into how Linux implements hibernation. Basically, Linux saves system state into the swap partition and modifies the header to indicate that there's a hibernation image there instead of swap. On the next boot, the kernel sees the header indicating that it's a hibernation image, copies the contents of the swap partition back into RAM, and then jumps back into the old kernel code. What ensures that the hibernation image was actually written out by the kernel? Absolutely nothing, which means a motivated attacker with root access could turn off swap, write a hibernation image to the swap partition themselves, and then reboot. The kernel would happily resume into the attacker's image, giving the attacker control over what gets copied back into kernel space.

This is annoying, because normally when we think about attacks on swap we mitigate it by requiring an encrypted swap partition. But in this case, our attacker is root, and so already has access to the plaintext version of the swap partition. Disk encryption doesn't save us here. We need some way to verify that the hibernation image was written out by the kernel, not by root. And thankfully we have some tools for that.

Trusted Platform Modules (TPMs) are cryptographic coprocessors[7] capable of doing things like generating encryption keys and then encrypting things with them. You can ask a TPM to encrypt something with a key that's tied to that specific TPM - the OS has no access to the decryption key, and nor does any other TPM. So we can have the kernel generate an encryption key, encrypt part of the hibernation image with it, and then have the TPM encrypt it. We store the encrypted copy of the key in the hibernation image as well. On resume, the kernel reads the encrypted copy of the key, passes it to the TPM, gets the decrypted copy back and is able to verify the hibernation image.

That's great! Except root can do exactly the same thing. This tells us the hibernation image was generated on this machine, but doesn't tell us that it was done by the kernel. We need some way to be able to differentiate between keys that were generated in kernel and ones that were generated in userland. TPMs have the concept of "localities" (effectively privilege levels) that would be perfect for this. Userland is only able to access locality 0, so the kernel could simply use locality 1 to encrypt the key. Unfortunately, despite trying pretty hard, I've been unable to get localities to work. The motherboard chipset on my test machines simply doesn't forward any accesses to the TPM unless they're for locality 0. I needed another approach.

TPMs have a set of Platform Configuration Registers (PCRs), intended for keeping a record of system state. The OS isn't able to modify the PCRs directly. Instead, the OS provides a cryptographic hash of some material to the TPM. The TPM takes the existing PCR value, appends the new hash to that, and then stores the hash of the combination in the PCR - a process called "extension". This means that the new value of the TPM depends not only on the value of the new data, it depends on the previous value of the PCR - and, in turn, that previous value depended on its previous value, and so on. The only way to get to a specific PCR value is to either (a) break the hash algorithm, or (b) perform exactly the same sequence of writes. On system reset the PCRs go back to a known value, and the entire process starts again.

Some PCRs are different. PCR 23, for example, can be reset back to its original value without resetting the system. We can make use of that. The first thing we need to do is to prevent userland from being able to reset or extend PCR 23 itself. All TPM accesses go through the kernel, so this is a simple matter of parsing the write before it's sent to the TPM and returning an error if it's a sensitive command that would touch PCR 23. We now know that any change in PCR 23's state will be restricted to the kernel.

When we encrypt material with the TPM, we can ask it to record the PCR state. This is given back to us as metadata accompanying the encrypted secret. Along with the metadata is an additional signature created by the TPM, which can be used to prove that the metadata is both legitimate and associated with this specific encrypted data. In our case, that means we know what the value of PCR 23 was when we encrypted the key. That means that if we simply extend PCR 23 with a known value in-kernel before encrypting our key, we can look at the value of PCR 23 in the metadata. If it matches, the key was encrypted by the kernel - userland can create its own key, but it has no way to extend PCR 23 to the appropriate value first. We now know that the key was generated by the kernel.

But what if the attacker is able to gain access to the encrypted key? Let's say a kernel bug is hit that prevents hibernation from resuming, and you boot back up without wiping the hibernation image. Root can then read the key from the partition, ask the TPM to decrypt it, and then use that to create a new hibernation image. We probably want to prevent that as well. Fortunately, when you ask the TPM to encrypt something, you can ask that the TPM only decrypt it if the PCRs have specific values. "Sealing" material to the TPM in this way allows you to block decryption if the system isn't in the desired state. So, we define a policy that says that PCR 23 must have the same value at resume as it did on hibernation. On resume, the kernel resets PCR 23, extends it to the same value it did during hibernation, and then attempts to decrypt the key. Afterwards, it resets PCR 23 back to the initial value. Even if an attacker gains access to the encrypted copy of the key, the TPM will refuse to decrypt it.

And that's what this patchset implements. There's one fairly significant flaw at the moment, which is simply that an attacker can just reboot into an older kernel that doesn't implement the PCR 23 blocking and set up state by hand. Fortunately, this can be avoided using another aspect of the boot process. When you boot something via UEFI Secure Boot, the signing key used to verify the booted code is measured into PCR 7 by the system firmware. In the Linux world, the Shim bootloader then measures any additional keys that are used. By either using a new key to tag kernels that have support for the PCR 23 restrictions, or by embedding some additional metadata in the kernel that indicates the presence of this feature and measuring that, we can have a PCR 7 value that verifies that the PCR 23 restrictions are present. We then seal the key to PCR 7 as well as PCR 23, and if an attacker boots into a kernel that doesn't have this feature the PCR 7 value will be different and the TPM will refuse to decrypt the secret.

While there's a whole bunch of complexity here, the process should be entirely transparent to the user. The current implementation requires a TPM 2, and I'm not certain whether TPM 1.2 provides all the features necessary to do this properly - if so, extending it shouldn't be hard, but also all systems shipped in the past few years should have a TPM 2, so that's going to depend on whether there's sufficient interest to justify the work. And we're also at the early days of review, so there's always the risk that I've missed something obvious and there are terrible holes in this. And, well, given that it took almost 8 years to get the Lockdown patchset into mainline, let's not assume that I'm good at landing security code.

[1] Other architectures use different terminology here, such as "supervisor" and "user" mode, but it's broadly equivalent
[2] In theory rings 1 and 2 would allow you to run drivers with privileges somewhere between full kernel access and userland applications, but in reality we just don't talk about them in polite company
[3] This is how graphics worked in Linux before kernel modesetting turned up. XFree86 would just map your GPU's registers into userland and poke them directly. This was not a huge win for stability
[4] IOMMUs can help you here, by restricting the memory PCI devices can DMA to or from. The kernel then gets to allocate ranges for device buffers and configure the IOMMU such that the device can't DMA to anything else. Except that region of memory may still contain sensitive material such as function pointers, and attacks like this can still cause you problems as a result.
[5] This describes why I'm using "allowed" rather than "required" here
[6] Saving the system state to disk and powering down the platform entirely - significantly slower than suspending the system while keeping state in RAM, but also resilient against the system losing power.
[7] With some handwaving around "coprocessor". TPMs can't be part of the OS or the system firmware, but they don't technically need to be an independent component. Intel have a TPM implementation that runs on the Management Engine, a separate processor built into the motherboard chipset. AMD have one that runs on the Platform Security Processor, a small ARM core built into their CPU. Various ARM implementations run a TPM in Trustzone, a special CPU mode that (in theory) is able to access resources that are entirely blocked off from anything running in the OS, kernel or otherwise.

comments

Russ Allbery: Review: The Fated Sky

Sunday 21st of February 2021 04:43:00 AM

Review: The Fated Sky, by Mary Robinette Kowal

Series: Lady Astronaut #2 Publisher: Tor Copyright: August 2018 ISBN: 0-7653-9893-1 Format: Kindle Pages: 380

The Fated Sky is a sequel to The Calculating Stars, but you could start with this book if you wanted to. It would be obvious you'd missed a previous book in the series, and some of the relationships would begin in medias res, but the story is sufficiently self-contained that one could puzzle through.

Mild spoilers follow for The Calculating Stars, although only to the extent of confirming that book didn't take an unexpected turn, and nothing that wouldn't already be spoiled if you had read the short story "The Lady Astronaut of Mars" that kicked this series off. (The short story takes place well after all of the books.) Also some minor spoilers for the first section of the book, since I have to talk about its outcome in broad strokes in order to describe the primary shape of the novel.

In the aftermath of worsening weather conditions caused by the Meteor, humans have established a permanent base on the Moon and are preparing a mission to Mars. Elma is not involved in the latter at the start of the book; she's working as a shuttle pilot on the Moon, rotating periodically back to Earth. But the political situation on Earth is becoming more tense as the refugee crisis escalates and the weather worsens, and the Mars mission is in danger of having its funding pulled in favor of other priorities. Elma's success in public outreach for the space program as the Lady Astronaut, enhanced by her navigation of a hostage situation when an Earth re-entry goes off course and is met by armed terrorists, may be the political edge supporters of the mission need.

The first part of this book is the hostage situation and other ground-side politics, but the meat of this story is the tense drama of experimental, pre-computer space flight. For those who aren't familiar with the previous book, this series is an alternate history in which a huge meteorite hit the Atlantic seaboard in 1952, potentially setting off runaway global warming and accelerating the space program by more than a decade. The Calculating Stars was primarily about the politics surrounding the space program. In The Fated Sky, we see far more of the technical details: the triumphs, the planning, and the accidents and other emergencies that each could be fatal in an experimental spaceship headed towards Mars. If what you were missing from the first book was more technological challenge and realistic detail, The Fated Sky delivers. It's edge-of-your-seat suspenseful and almost impossible to put down.

I have more complicated feelings about the secondary plot. In The Calculating Stars, the heart of the book was an incredibly well-told story of Elma learning to deal with her social anxiety. That's still a theme here but a lesser one; Elma has better coping mechanisms now. What The Fated Sky tackles instead is pervasive sexism and racism, and how Elma navigates that (not always well) as a white Jewish woman.

The centrality of sexism is about the same in both books. Elma's public outreach is tied closely to her gender and starts as a sort of publicity stunt. The space program remains incredibly sexist in The Fated Stars, something that Elma has to cope with but can't truly fix. If you found the sexism in the first book irritating, you're likely to feel the same about this installment.

Racism is more central this time, though. In The Calculating Stars, Elma was able to help make things somewhat better for Black colleagues. She has a much different experience in The Fated Stars: she ends up in a privileged position that hurts her non-white colleagues, including one of her best friends. The merits of taking a stand on principle are ambiguous, and she chooses not to. When she later tries to help Black astronauts, she does so in a way that's focused on her perceptions rather than theirs and is therefore more irritating than helpful. The opportunities she gets, in large part because she's seen as white, unfairly hurt other people, and she has to sit with that. It's a thoughtful and uncomfortable look at how difficult it is for a white person to live with discomfort they can't fix and to not make it worse by trying to wave it away or point out their own problems.

That was the positive side of this plot, although I'm still a bit wary and would like to read a review by a Black reviewer to see how well this plot works from their perspective. There are some other choices that I thought landed oddly. One is that the most racist crew member, the one who sparks the most direct conflict with the Black members of the international crew, is a white man from South Africa, which I thought let the United States off the hook too much and externalized the racism a bit too neatly. Another is that the three ships of the expedition are the Niña, the Pinta, and the Santa Maria, and no one in the book comments on this. Given the thoughtful racial themes of the book, I can't imagine this is an accident, and it is in character for United States of this novel to pick those names, but it was an odd intrusion of an unremarked colonial symbol. This may be part of Kowal's attempt to show that Elma is embedded in a racist and sexist world, has limited room to maneuver, and can't solve most of the problems, which is certainly a theme of the series. But it left me unsettled on whether this book was up to fully handling the fraught themes Kowal is invoking.

The other part of the book I found a bit frustrating is that it never seriously engaged with the political argument against Mars colonization, instead treating most of the opponents of space travel as either deluded conspiracy believers or cynical villains. Science fiction is still arguing with William Proxmire even though he's been dead for fifteen years and out of office for thirty. The strong argument against a Mars colony in Elma's world is not funding priorities; it's that even if it's successful, only a tiny fraction of well-connected elites will escape the planet to Mars. This argument is made in the book and Elma dismisses it as a risk she's trying to prevent, but it is correct. There is no conceivable technological future that leads to evacuating the Earth to Mars, but The Fated Sky declines to grapple with the implications of that fact.

There's more that I haven't remarked on, including an ongoing excellent portrayal of the complicated and loving relationship between Elma and her husband, and a surprising development in her antagonistic semi-friendship with the sexist test pilot who becomes the mission captain. I liked how Kowal balanced technical problems with social problems on the long Mars flight; both are serious concerns and they interact with each other in complicated ways.

The details of the perils and joys of manned space flight are excellent, at least so far as I can tell without having done the research that Kowal did. If you want a fictionalized Apollo 13 with higher stakes and less ground support, look no further; this is engrossing stuff. The interpersonal politics and sociology were also fascinating and gripping, but unsettling, in both good ways and bad. I like the challenge that Kowal presents to a white reader, although I'm not sure she was completely in control of it.

Cautiously recommended, although be aware that you'll need to grapple with a sexist and racist society while reading it. Also a content note for somewhat graphic gastrointestinal problems.

Followed by The Relentless Moon.

Rating: 8 out of 10

Louis-Philippe Véronneau: dput-ng or: How I Learned to Stop Worrying and Love the Hooks

Saturday 20th of February 2021 09:30:13 PM

As my contributions to Debian continue to grow in number, I find myself uploading to the archive more and more often.

Although I'm pretty happy with my current sbuild-based workflow, twice in the past few weeks I inadvertently made a binary upload instead of a source-only one.1

As it turns out, I am not the only DD who has had this problem before. As Nicolas Dandrimont kindly pointed to me, dput-ng supports pre and post upload hooks that can be used to lint your uploads. Even better, it also ships with a check-debs hook that lets you block binary uploads.

Pretty neat, right? In a perfect world, enabling the hook would only be a matter of adding it in the hook list of /etc/dput.d/metas/debian.json and using the following defaults:

"check-debs": { "enforce": "source", "skip": false },

Sadly, bug #983160 currently makes this whole setup more complex than it should be and forces me to use two different dput-ng profiles pointing to two different files in /etc/dput.d/metas: a default source-only one (ftp-master) and a binary upload one (ftp-master-binary).

Otherwise, one could use a single profile that disallows binary uploads and when needed, override the hook using something like this:

$ dput --override "check-debs.enforce=debs" foo_1.0.0-1_amd64.changes

I did start debugging the --override issue in dput-ng, but I'm not sure I'll have time to submit a patch anytime soon. In the meantime, I'm happy to report I shouldn't be uploading the wrong .changes file by mistake again!

  1. Thanks to Holger Levsen and Adrian Bunk for catching those and notifying me. 

Kentaro Hayashi: Tokyo area Debian meeting Feb, 2021 was held on online

Saturday 20th of February 2021 02:12:33 PM

I gave a short presentation - WAF on Debian.

Especially, I talked about usage of ModSecurity-nginx.

slide.rabbit-shocker.org

Jonathan Dowland: Wrist Watches

Friday 19th of February 2021 04:50:42 PM

red strap

This is everything I have to say about watches (or time pieces, or chronometers, if you prefer: I don't).

I've always worn a watch, and still do; but I've never really understood the appeal of the kind of luxury watches you see advertise here there and everywhere, with their chunky cases, over-complicated faces and enormous price-tags. So the world of watch-appreciation was closed to me, until my 30th birthday (a while ago) when my wife bought me a Mondaine Evo "Big Date" quartz watch.

It's not an analogue watch nor an "heirloom timepiece", neither of which are properties that matter to me. The large face has almost nothing extraneous on it, although my model includes day-of-the-month. I like it very much.

And so I cracked open the door a little onto the world of watches and watch fashion and had a short spell of interest in some other styles, types, and the like. This drew to a close with buying a selection of cheap, coloured nylon fabric "nato"-style straps. Now whenever I feel the itch for a change, I just change the strap.

Smart Watches have never appealed to me. I can see some of their advantages, but the last thing I need is another gadget to regularly charge, or another avenue to check my email.

I appreciate that wearing a wrist watch at all is anachronistic (sorry), and I did wonder whether it's a habit I could get out of. A few weeks ago, during our endless Lockdown, my watch battery ran out, so I spent a couple of weeks un-learning my reliance on a wristwatch to orient myself. I've managed to get it replaced now (some watch repair places being considered Essential Services) and I'm comfortably back in my default mode of wearing and relying upon it.

Steinar H. Gunderson: plocate LWN post

Friday 19th of February 2021 04:49:00 PM

My debian-devel thread about getting plocate in standard didn't turn into anything in Debian, but evidently, it turned into an LWN post!

My favorite quote from the comments: “It's funny that some people argue that updatedb is too costly while others argue that "find /" (which costs hardly less) is fast enough.”

Reproducible Builds (diffoscope): diffoscope 167 released

Friday 19th of February 2021 12:00:00 AM

The diffoscope maintainers are pleased to announce the release of diffoscope version 167. This version includes the following changes:

* Temporary directory handling: - Ensure we cleanup our temporary directory by avoiding confusion between the TemporaryDirectory instance and the underlying directory. (Closes: #981123) - Use a potentially-useful suffix to our temporary directory based on the command-line passed to diffoscope. - Fix some tempfile/weakref interaction in Python 3.7 (ie. Debian buster). (Closes: reproducible-builds/diffoscope#239) - If our temporary directory does not exist anymore (eg. it has been cleaned up in tests, signal handling or reference counting), make sure we recreate it. * Bug fixes: - Don't rely on magic.Magic(...) to have an identical API between file's magic.py and PyPI's "python-magic" library. (Closes: reproducible-builds/diffoscope#238) - Don't rely on dumpimage returning an appropriate exit code; check that the file actually exists after we call it. * Codebase changes: - Set a default Config.extended_filesystem_attributes. - Drop unused Config.acl and Config.xattr attributes. - Tidy imports in diffoscope/comparators/fit.py. * Tests: - Add u-boot-tools to test dependencies so that salsa.debian.org pipelines actually test the new FIT comparator. - Strip newlines when determining Black version to avoid "requires black >= 20.8b1 (18.9b0\n detected)" in test output (NB. embedded newline). - Gnumeric is back in testing so re-add to test dependencies. - Use assert_diff (over get_data, etc.) in the FIT and APK comparators. - Mark test_apk.py::test_android_manifest as being allowed to fail for now. - Fix the FIT tests in buster and unstable.

You find out more by visiting the project homepage.

Dirk Eddelbuettel: td 0.0.2 on CRAN: Updated and Expanded

Thursday 18th of February 2021 11:23:00 PM

The still very recent td package for accessing the twelvedata API for financial data has been updated and is now at version 0.0.2.

The time_series access point is now vectorised: supply a vector of symbols, and you receive list of data.frame (or xts) objects. See this tweet teasing out the earliest support for this new featire, and showing a quick four-securities plot. We also added simpler accessors get_quote() and get_price() rounding out the basic API support.

One first bug report alerting us to the fact that our use of RcppSimdJson requires an additional sanitizing of the temporary filename if used on Windows. We will fix that properly soon in new release 0.1.5 of that package; in the meantime you can get hot-fix binary 0.1.4.1 for Windows via install.packages("RcppSimdJson", repos="https://ghrr.github.io/drat") from the ghrr drat.

The NEWS entry follows.

Changes in version 0.0.2 (2021-02-18)
  • The time_series is now vectorised and can return a list of return objects when given a vector of symbols

  • The use of tools::R_user_dir() is now conditional on having R 4.0.0 or later, older versions can use env.var for api key

  • New helper function store_key to save api key.

  • New simple accessors get_quote and get_price

Courtesy of my CRANberries, there is a comparison to the previous release. For questions or comments use the issue tracker off the GitHub repo.

If you like this or other open-source work I do, you can now sponsor me at GitHub.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Julian Andres Klode: APT 2.2 released

Thursday 18th of February 2021 08:09:27 PM

APT 2.2.0 marks the freeze of the 2.1 development series and the start of the 2.2 stable series.

Let’s have a look at what changed compared to 2.2. Many of you who run Debian testing or unstable, or Ubuntu groovy or hirsute will already have seen most of those changes.

New features
  • Various patterns related to dependencies, such as ?depends are now available (2.1.16)
  • The Protected field is now supported. It replaces the previous Important field and is like Essential, but only for installed packages (some minor more differences maybe in terms of ordering the installs).
  • The update command has gained an --error-on=any option that makes it error out on any failure, not just what it considers persistent ons.
  • The rred method can now be used as a standalone program to merge pdiff files
  • APT now implements phased updates. Phasing is used in Ubuntu to slow down and control the roll out of updates in the -updates pocket, but has previously only been available to desktop users using update-manager.
Other behavioral changes
  • The kernel autoremoval helper code has been rewritten from shell in C++ and now runs at run-time, rather than at kernel install time, in order to correctly protect the kernel that is running now, rather than the kernel that was running when we were installing the newest one.

    It also now protects only up to 3 kernels, instead of up to 4, as was originally intended, and was the case before 1.1 series. This avoids /boot partitions from running out of space, especially on Ubuntu which has boot partitions sized for the original spec.

Performance improvements
  • The cache is now hashed using XXH3 instead of Adler32 (or CRC32c on SSE4.2 platforms)
  • The hash table size has been increased
Bug fixes
  • * wildcards work normally again (since 2.1.0)
  • The cache file now includes all translation files in /var/lib/apt/lists, so multi-user systems with different locales correctly show translated descriptions now.
  • URLs are no longer dequoted on redirects only to be requoted again, fixing some redirects where servers did not expect different quoting.
  • Immediate configuration is now best-effort, and failure is no longer fatal.
  • various changes to solver marking leading to different/better results in some cases (since 2.1.0)
  • The lower level I/O bits of the HTTP method have been rewritten to hopefully improve stability
  • The HTTP method no longer infinitely retries downloads on some connection errors
  • The pkgnames command no longer accidentally includes source packages
  • Various fixes from fuzzing efforts by David
Security fixes
  • Out-of-bound reads in ar and tar implementations (CVE-2020-3810, 2.1.2)
  • Integer overflows in ar and tar (CVE-2020-27350, 2.1.13)

(all of which have been backported to all stable series, back all the way to 1.0.9.8.* series in jessie eLTS)

Incompatibilities
  • N/A - there were no breaking changes in apt 2.2 that we are aware of.
Deprecations
  • apt-key(1) is scheduled to be removed for Q2/2022, and several new warnings have been added.

    apt-key was made obsolete in version 0.7.25.1, released in January 2010, by /etc/apt/trusted.gpg.d becoming a supported place to drop additional keyring files, and was since then only intended for deleting keys in the legacy trusted.gpg keyring.

    Please manage files in trusted.gpg.d yourself; or place them in a different location such as /etc/apt/keyrings (or make up your own, there’s no standard location) or /usr/share/keyrings, and use signed-by in the sources.list.d files.

    The legacy trusted.gpg keyring still works, but will also stop working eventually. Please make sure you have all your keys in trusted.gpg.d. Warnings might be added in the upcoming months when a signature could not be verified using just trusted.gpg.d.

    Future versions of APT might switch away from GPG.

  • As a reminder, regular expressions and wildcards other than * inside package names are deprecated (since 2.0). They are not available anymore in apt(8), and will be removed for safety reasons in apt-get in a later release.

Jonathan McDowell: Hacking and Bricking the EE Opsrey 2 Mini

Thursday 18th of February 2021 06:44:12 PM

I’ve mentioned in the past my twisted EE network setup from when I moved in to my current house. The 4GEE WiFi Mini (also known as the EE Osprey 2 Mini or the EE40VB, and actually a rebadged Alcatel Y853VB) has been sitting unused since then, so I figured I’d see about trying to get a shell on it.

TL;DR: Of course it’s running Linux, there’s a couple of test points internally which bring out the serial console, but after finding those and logging in I discovered it’s running ADB on port 5555 quite happily available without authentication both via wifi and the USB port. So if you have physical or local network access, instant root shell. Well done, folks. And then I bricked it before I could do anything more interesting.

There’s a lack of information about this device out there - most of the links I can find are around removing the SIM lock - so I thought I’d document the pieces I found just in case anyone else is trying to figure it out. It’s based around a Qualcomm MDM9607 SoC, paired with 64M RAM and 256M NAND flash. Wifi is via an RTL8192ES. Kernel is 3.18.20. Busybox is v1.23.1. It’s running dnsmasq but I didn’t grab the version. Of course there’s no source or offer of source provided.

Taking it apart is fairly easy. There’s a single screw to remove, just beside the SIM slot. The coloured rim can then be carefully pried away from the back, revealing the battery. There are then 4 screws in the corners which need removed in order to be able to lift out the actual PCB and gain access to the serial console test points.

My mistake was going poking around trying to figure out where the updates are downloaded from - I know I’m running a slightly older release than what’s current, and the device can do an automatic download + update. Top tip; don’t run Jrdrecovery. It’ll error on finding /cache/update.zip and wipe the main partition anyway. That’ll leave you in a boot loop where the device boots the recovery partition which tries to install /cache/update.zip which of course still doesn’t exist.

So. Where next? First, I need to get the device into a state where I can actually do something other than watch it boot into recovery, fail to flash and reboot. Best guess at present is to try and get it to enter the Qualcomm EDL (Emergency Download) mode. That might be possible with a custom USB cable that grounds D+ on boot. Alternatively I need to probe some of the other test points on the PCB and see if grounding any of those helps enter EDL mode. I then need a suitable “firehose” OEM-signed programmer image. And then I need to actually get hold of a proper EE40VB firmware image, either via one of the OTA update files or possibly via an Alcatel ADSU image (though no idea how to get hold of one, other than by posting to a random GSM device forum and hoping for the kindness of strangers). More updates if/when I make progress…

Qualcomm bootloader log Format: Log Type - Time(microsec) - Message - Optional Info Log Type: B - Since Boot(Power On Reset), D - Delta, S - Statistic S - QC_IMAGE_VERSION_STRING=BOOT.BF.3.1.2-00053 S - IMAGE_VARIANT_STRING=LAATANAZA S - OEM_IMAGE_VERSION_STRING=linux3 S - Boot Config, 0x000002e1 B - 105194 - SBL1, Start D - 61885 - QSEE Image Loaded, Delta - (451964 Bytes) D - 30286 - RPM Image Loaded, Delta - (151152 Bytes) B - 459330 - Roger:boot_jrd_oem_main B - 461526 - Welcome to key_check_poweron!!! B - 466436 - REG0x00, rc=47 B - 469120 - REG0x01, rc=1f B - 472018 - REG0x02, rc=1c B - 474885 - REG0x03, rc=47 B - 477782 - REG0x04, rc=b2 B - 480558 - REG0x05, rc= B - 483272 - REG0x06, rc=9e B - 486139 - REG0x07, rc= B - 488854 - REG0x08, rc=a4 B - 491721 - REG0x09, rc=80 B - 494130 - bq24295_probe: vflt/vsys/vprechg=0mV/0mV/0mV, tprechg/tfastchg=0Min/0Min, [0C, 0C] B - 511546 - come to calculate vol and temperature!! B - 511637 - ##############battery_core_convert_vntc: NTC_voltage=1785690 B - 517280 - battery_core_convert_vntc: <-44C, 1785690uV>, present=0 B - 529358 - bq24295_set_current_limit: setting=0mA, mode=-1, input/fastchg/prechg/termchg=-1mA/0mA/0mA/0mA B - 534360 - bq24295_set_charge_current, rc=0,reg_val=0,i=0 B - 539636 - bq24295_enable_charge: setting=0, chg_enable=-1, otg_enable=0 B - 546072 - bq24295_enable_charging: enable_charging=0 B - 552172 - bq24295_set_current_limit: setting=0mA, mode=-1, input/fastchg/prechg/termchg=-1mA/0mA/0mA/0mA B - 561566 - bq24295_set_charge_current, rc=0,reg_val=0,i=0 B - 567056 - bq24295_enable_charge: setting=0, chg_enable=0, otg_enable=0 B - 579286 - come to calculate vol and temperature!! B - 579378 - ##############battery_core_convert_vntc: NTC_voltage=1785777 B - 585539 - battery_core_convert_vntc: <-44C, 1785777uV>, present=0 B - 597617 - charge_main: battery is plugout!! B - 597678 - Welcome to pca955x_probe!!! B - 601063 - pca955x_probe: PCA955X probed successfully! D - 27511 - APPSBL Image Loaded, Delta - (179348 Bytes) B - 633271 - QSEE Execution, Start D - 213 - QSEE Execution, Delta B - 638944 - >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>Start writting JRD RECOVERY BOOT B - 650107 - >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>Start writting RECOVERY BOOT B - 653218 - >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>read_buf[0] == 0 B - 659044 - SBL1, End D - 556137 - SBL1, Delta S - Throughput, 2000 KB/s (782884 Bytes, 278155 us) S - DDR Frequency, 240 MHz littlekernel aboot log Android Bootloader - UART_DM Initialized!!! [0] welcome to lk [0] SCM call: 0x2000601 failed with :fffffffc [0] Failed to initialize SCM [10] platform_init() [10] target_init() [10] smem ptable found: ver: 4 len: 17 [10] ERROR: No devinfo partition found [10] Neither 'config' nor 'frp' partition found [30] voltage of NTC is 1789872! [30] voltage of BAT is 3179553! [30] usb present is 1! [30] Loading (boot) image (4171776): start [530] Loading (boot) image (4171776): done [540] DTB Total entry: 25, DTB version: 3 [540] Using DTB entry 0x00000129/00010000/0x00000008/0 for device 0x00000129/00010000/0x00010008/0 [560] JRD_CHG_OFF_FEATURE! [560] come to jrd_target_pause_for_battery_charge! [570] power_on_status.hard_reset = 0x0 [570] power_on_status.smpl = 0x0 [570] power_on_status.rtc = 0x0 [580] power_on_status.dc_chg = 0x0 [580] power_on_status.usb_chg = 0x0 [580] power_on_status.pon1 = 0x1 [590] power_on_status.cblpwr = 0x0 [590] power_on_status.kpdpwr = 0x0 [590] power_on_status.bugflag = 0x0 [590] cmdline: noinitrd rw console=ttyHSL0,115200,n8 androidboot.hardware=qcom ehci-hcd.park=3 msm_rtb.filter=0x37 lpm_levels.sleep_disabled=1 earlycon=msm_hsl_uart,0x78b3000 androidboot.serialno=7e6ba58c androidboot.baseband=msm rootfstype=ubifs rootflags=b [620] Updating device tree: start [720] Updating device tree: done [720] booting linux @ 0x80008000, ramdisk @ 0x80008000 (0), tags/device tree @ 0x81e00000 Linux kernel console boot log [ 0.000000] Booting Linux on physical CPU 0x0 [ 0.000000] Linux version 3.18.20 (linux3@linux3) (gcc version 4.9.2 (GCC) ) #1 PREEMPT Thu Aug 10 11:57:07 CST 2017 [ 0.000000] CPU: ARMv7 Processor [410fc075] revision 5 (ARMv7), cr=10c53c7d [ 0.000000] CPU: PIPT / VIPT nonaliasing data cache, VIPT aliasing instruction cache [ 0.000000] Machine model: Qualcomm Technologies, Inc. MDM 9607 MTP [ 0.000000] Early serial console at I/O port 0x0 (options '') [ 0.000000] bootconsole [uart0] enabled [ 0.000000] Reserved memory: reserved region for node 'modem_adsp_region@0': base 0x82a00000, size 56 MiB [ 0.000000] Reserved memory: reserved region for node 'external_image_region@0': base 0x87c00000, size 4 MiB [ 0.000000] Removed memory: created DMA memory pool at 0x82a00000, size 56 MiB [ 0.000000] Reserved memory: initialized node modem_adsp_region@0, compatible id removed-dma-pool [ 0.000000] Removed memory: created DMA memory pool at 0x87c00000, size 4 MiB [ 0.000000] Reserved memory: initialized node external_image_region@0, compatible id removed-dma-pool [ 0.000000] cma: Reserved 4 MiB at 0x87800000 [ 0.000000] Memory policy: Data cache writeback [ 0.000000] CPU: All CPU(s) started in SVC mode. [ 0.000000] Built 1 zonelists in Zone order, mobility grouping on. Total pages: 17152 [ 0.000000] Kernel command line: noinitrd rw console=ttyHSL0,115200,n8 androidboot.hardware=qcom ehci-hcd.park=3 msm_rtb.filter=0x37 lpm_levels.sleep_disabled=1 earlycon=msm_hsl_uart,0x78b3000 androidboot.serialno=7e6ba58c androidboot.baseband=msm rootfstype=ubifs rootflags=bulk_read root=ubi0:rootfs ubi.mtd=16 [ 0.000000] PID hash table entries: 512 (order: -1, 2048 bytes) [ 0.000000] Dentry cache hash table entries: 16384 (order: 4, 65536 bytes) [ 0.000000] Inode-cache hash table entries: 8192 (order: 3, 32768 bytes) [ 0.000000] Memory: 54792K/69632K available (5830K kernel code, 399K rwdata, 2228K rodata, 276K init, 830K bss, 14840K reserved) [ 0.000000] Virtual kernel memory layout: [ 0.000000] vector : 0xffff0000 - 0xffff1000 ( 4 kB) [ 0.000000] fixmap : 0xffc00000 - 0xfff00000 (3072 kB) [ 0.000000] vmalloc : 0xc8800000 - 0xff000000 ( 872 MB) [ 0.000000] lowmem : 0xc0000000 - 0xc8000000 ( 128 MB) [ 0.000000] modules : 0xbf000000 - 0xc0000000 ( 16 MB) [ 0.000000] .text : 0xc0008000 - 0xc07e6c38 (8060 kB) [ 0.000000] .init : 0xc07e7000 - 0xc082c000 ( 276 kB) [ 0.000000] .data : 0xc082c000 - 0xc088fdc0 ( 400 kB) [ 0.000000] .bss : 0xc088fe84 - 0xc095f798 ( 831 kB) [ 0.000000] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1 [ 0.000000] Preemptible hierarchical RCU implementation. [ 0.000000] NR_IRQS:16 nr_irqs:16 16 [ 0.000000] GIC CPU mask not found - kernel will fail to boot. [ 0.000000] GIC CPU mask not found - kernel will fail to boot. [ 0.000000] mpm_init_irq_domain(): Cannot find irq controller for qcom,gpio-parent [ 0.000000] MPM 1 irq mapping errored -517 [ 0.000000] Architected mmio timer(s) running at 19.20MHz (virt). [ 0.000011] sched_clock: 56 bits at 19MHz, resolution 52ns, wraps every 3579139424256ns [ 0.007975] Switching to timer-based delay loop, resolution 52ns [ 0.013969] Switched to clocksource arch_mem_counter [ 0.019687] Console: colour dummy device 80x30 [ 0.023344] Calibrating delay loop (skipped), value calculated using timer frequency.. 38.40 BogoMIPS (lpj=192000) [ 0.033666] pid_max: default: 32768 minimum: 301 [ 0.038411] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes) [ 0.044902] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes) [ 0.052445] CPU: Testing write buffer coherency: ok [ 0.057057] Setting up static identity map for 0x8058aac8 - 0x8058ab20 [ 0.064242] [ 0.064242] ********************************************************** [ 0.071251] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** [ 0.077817] ** ** [ 0.084302] ** trace_printk() being used. Allocating extra memory. ** [ 0.090781] ** ** [ 0.097320] ** This means that this is a DEBUG kernel and it is ** [ 0.103802] ** unsafe for produciton use. ** [ 0.110339] ** ** [ 0.116850] ** If you see this message and you are not debugging ** [ 0.123333] ** the kernel, report this immediately to your vendor! ** [ 0.129870] ** ** [ 0.136380] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** [ 0.142865] ********************************************************** [ 0.150225] MSM Memory Dump base table set up [ 0.153739] MSM Memory Dump apps data table set up [ 0.168125] VFP support v0.3: implementor 41 architecture 2 part 30 variant 7 rev 5 [ 0.176332] pinctrl core: initialized pinctrl subsystem [ 0.180930] regulator-dummy: no parameters [ 0.215338] NET: Registered protocol family 16 [ 0.220475] DMA: preallocated 256 KiB pool for atomic coherent allocations [ 0.284034] cpuidle: using governor ladder [ 0.314026] cpuidle: using governor menu [ 0.344024] cpuidle: using governor qcom [ 0.355452] msm_watchdog b017000.qcom,wdt: wdog absent resource not present [ 0.361656] msm_watchdog b017000.qcom,wdt: MSM Watchdog Initialized [ 0.371373] irq: no irq domain found for /soc/pinctrl@1000000 ! [ 0.381268] spmi_pmic_arb 200f000.qcom,spmi: PMIC Arb Version-2 0x20010000 [ 0.389733] platform 4080000.qcom,mss: assigned reserved memory node modem_adsp_region@0 [ 0.397409] mem_acc_corner: 0 <--> 0 mV [ 0.401937] hw-breakpoint: found 5 (+1 reserved) breakpoint and 4 watchpoint registers. [ 0.408966] hw-breakpoint: maximum watchpoint size is 8 bytes. [ 0.416287] __of_mpm_init(): MPM driver mapping exists [ 0.420940] msm_rpm_glink_dt_parse: qcom,rpm-glink compatible not matches [ 0.427235] msm_rpm_dev_probe: APSS-RPM communication over SMD [ 0.432977] smd_open() before smd_init() [ 0.437544] msm_mpm_dev_probe(): Cannot get clk resource for XO: -517 [ 0.445730] smd_channel_probe_now: allocation table not initialized [ 0.453100] mdm9607_s1: 1050 <--> 1350 mV at 1225 mV normal idle [ 0.458566] spm_regulator_probe: name=mdm9607_s1, range=LV, voltage=1225000 uV, mode=AUTO, step rate=4800 uV/us [ 0.468817] cpr_efuse_init: apc_corner: efuse_addr = 0x000a4000 (len=0x1000) [ 0.475353] cpr_read_fuse_revision: apc_corner: fuse revision = 2 [ 0.481345] cpr_parse_speed_bin_fuse: apc_corner: [row: 37]: 0x79e8bd327e6ba58c, speed_bits = 4 [ 0.490124] cpr_pvs_init: apc_corner: pvs voltage: [1050000 1100000 1275000] uV [ 0.497342] cpr_pvs_init: apc_corner: ceiling voltage: [1050000 1225000 1350000] uV [ 0.504979] cpr_pvs_init: apc_corner: floor voltage: [1050000 1050000 1150000] uV [ 0.513125] i2c-msm-v2 78b8000.i2c: probing driver i2c-msm-v2 [ 0.518335] i2c-msm-v2 78b8000.i2c: error on clk_get(core_clk):-517 [ 0.524478] i2c-msm-v2 78b8000.i2c: error probe() failed with err:-517 [ 0.531111] i2c-msm-v2 78b7000.i2c: probing driver i2c-msm-v2 [ 0.536788] i2c-msm-v2 78b7000.i2c: error on clk_get(core_clk):-517 [ 0.542886] i2c-msm-v2 78b7000.i2c: error probe() failed with err:-517 [ 0.549618] i2c-msm-v2 78b9000.i2c: probing driver i2c-msm-v2 [ 0.555202] i2c-msm-v2 78b9000.i2c: error on clk_get(core_clk):-517 [ 0.561374] i2c-msm-v2 78b9000.i2c: error probe() failed with err:-517 [ 0.570613] msm-thermal soc:qcom,msm-thermal: msm_thermal:Failed reading node=/soc/qcom,msm-thermal, key=qcom,core-limit-temp. err=-22. KTM continues [ 0.583049] msm-thermal soc:qcom,msm-thermal: probe_therm_reset:Failed reading node=/soc/qcom,msm-thermal, key=qcom,therm-reset-temp err=-22. KTM continues [ 0.596926] msm_thermal:msm_thermal_dev_probe Failed reading node=/soc/qcom,msm-thermal, key=qcom,online-hotplug-core. err:-517 [ 0.609370] sps:sps is ready. [ 0.613137] msm_rpm_glink_dt_parse: qcom,rpm-glink compatible not matches [ 0.619020] msm_rpm_dev_probe: APSS-RPM communication over SMD [ 0.625773] mdm9607_s2: 750 <--> 1275 mV at 750 mV normal idle [ 0.631584] mdm9607_s3_level: 0 <--> 0 mV at 0 mV normal idle [ 0.637085] mdm9607_s3_level_ao: 0 <--> 0 mV at 0 mV normal idle [ 0.643092] mdm9607_s3_floor_level: 0 <--> 0 mV at 0 mV normal idle [ 0.649512] mdm9607_s3_level_so: 0 <--> 0 mV at 0 mV normal idle [ 0.655750] mdm9607_s4: 1800 <--> 1950 mV at 1800 mV normal idle [ 0.661791] mdm9607_l1: 1250 mV normal idle [ 0.666090] mdm9607_l2: 1800 mV normal idle [ 0.670276] mdm9607_l3: 1800 mV normal idle [ 0.674541] mdm9607_l4: 3075 mV normal idle [ 0.678743] mdm9607_l5: 1700 <--> 3050 mV at 1700 mV normal idle [ 0.684904] mdm9607_l6: 1700 <--> 3050 mV at 1700 mV normal idle [ 0.690892] mdm9607_l7: 1700 <--> 1900 mV at 1700 mV normal idle [ 0.697036] mdm9607_l8: 1800 mV normal idle [ 0.701238] mdm9607_l9: 1200 <--> 1250 mV at 1200 mV normal idle [ 0.707367] mdm9607_l10: 1050 mV normal idle [ 0.711662] mdm9607_l11: 1800 mV normal idle [ 0.716089] mdm9607_l12_level: 0 <--> 0 mV at 0 mV normal idle [ 0.721717] mdm9607_l12_level_ao: 0 <--> 0 mV at 0 mV normal idle [ 0.727946] mdm9607_l12_level_so: 0 <--> 0 mV at 0 mV normal idle [ 0.734099] mdm9607_l12_floor_lebel: 0 <--> 0 mV at 0 mV normal idle [ 0.740706] mdm9607_l13: 1800 <--> 2850 mV at 2850 mV normal idle [ 0.746883] mdm9607_l14: 2650 <--> 3000 mV at 2650 mV normal idle [ 0.752515] msm_mpm_dev_probe(): Cannot get clk resource for XO: -517 [ 0.759036] cpr_efuse_init: apc_corner: efuse_addr = 0x000a4000 (len=0x1000) [ 0.765807] cpr_read_fuse_revision: apc_corner: fuse revision = 2 [ 0.771809] cpr_parse_speed_bin_fuse: apc_corner: [row: 37]: 0x79e8bd327e6ba58c, speed_bits = 4 [ 0.780586] cpr_pvs_init: apc_corner: pvs voltage: [1050000 1100000 1275000] uV [ 0.787808] cpr_pvs_init: apc_corner: ceiling voltage: [1050000 1225000 1350000] uV [ 0.795443] cpr_pvs_init: apc_corner: floor voltage: [1050000 1050000 1150000] uV [ 0.803094] cpr_init_cpr_parameters: apc_corner: up threshold = 2, down threshold = 3 [ 0.810752] cpr_init_cpr_parameters: apc_corner: CPR is enabled by default. [ 0.817687] cpr_init_cpr_efuse: apc_corner: [row:65] = 0x15000277277383 [ 0.824272] cpr_init_cpr_efuse: apc_corner: CPR disable fuse = 0 [ 0.830225] cpr_init_cpr_efuse: apc_corner: Corner[1]: ro_sel = 0, target quot = 631 [ 0.837976] cpr_init_cpr_efuse: apc_corner: Corner[2]: ro_sel = 0, target quot = 631 [ 0.845703] cpr_init_cpr_efuse: apc_corner: Corner[3]: ro_sel = 0, target quot = 899 [ 0.853592] cpr_config: apc_corner: Timer count: 0x17700 (for 5000 us) [ 0.860426] apc_corner: 0 <--> 0 mV [ 0.864044] i2c-msm-v2 78b8000.i2c: probing driver i2c-msm-v2 [ 0.869261] i2c-msm-v2 78b8000.i2c: error on clk_get(core_clk):-517 [ 0.875492] i2c-msm-v2 78b8000.i2c: error probe() failed with err:-517 [ 0.882225] i2c-msm-v2 78b7000.i2c: probing driver i2c-msm-v2 [ 0.887775] i2c-msm-v2 78b7000.i2c: error on clk_get(core_clk):-517 [ 0.893941] i2c-msm-v2 78b7000.i2c: error probe() failed with err:-517 [ 0.900719] i2c-msm-v2 78b9000.i2c: probing driver i2c-msm-v2 [ 0.906256] i2c-msm-v2 78b9000.i2c: error on clk_get(core_clk):-517 [ 0.912430] i2c-msm-v2 78b9000.i2c: error probe() failed with err:-517 [ 0.919472] msm-thermal soc:qcom,msm-thermal: msm_thermal:Failed reading node=/soc/qcom,msm-thermal, key=qcom,core-limit-temp. err=-22. KTM continues [ 0.932372] msm-thermal soc:qcom,msm-thermal: probe_therm_reset:Failed reading node=/soc/qcom,msm-thermal, key=qcom,therm-reset-temp err=-22. KTM continues [ 0.946361] msm_thermal:get_kernel_cluster_info CPU0 topology not initialized. [ 0.953824] cpu cpu0: dev_pm_opp_get_opp_count: device OPP not found (-19) [ 0.960300] msm_thermal:get_cpu_freq_plan_len Error reading CPU0 freq table len. error:-19 [ 0.968533] msm_thermal:vdd_restriction_reg_init Defer vdd rstr freq init. [ 0.975846] cpu cpu0: dev_pm_opp_get_opp_count: device OPP not found (-19) [ 0.982219] msm_thermal:get_cpu_freq_plan_len Error reading CPU0 freq table len. error:-19 [ 0.991378] cpu cpu0: dev_pm_opp_get_opp_count: device OPP not found (-19) [ 0.997544] msm_thermal:get_cpu_freq_plan_len Error reading CPU0 freq table len. error:-19 [ 1.013642] qcom,gcc-mdm9607 1800000.qcom,gcc: Registered GCC clocks [ 1.019451] clock-a7 b010008.qcom,clock-a7: Speed bin: 4 PVS Version: 0 [ 1.025693] a7ssmux: set OPP pair(400000000 Hz: 1 uV) on cpu0 [ 1.031314] a7ssmux: set OPP pair(1305600000 Hz: 7 uV) on cpu0 [ 1.038805] i2c-msm-v2 78b8000.i2c: probing driver i2c-msm-v2 [ 1.043587] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: Bus driver not ready. [ 1.052935] i2c-msm-v2 78b8000.i2c: msm_bus_scale_register_client(mstr-id:86):0 (not a problem) [ 1.062006] irq: no irq domain found for /soc/wcd9xxx-irq ! [ 1.069884] i2c-msm-v2 78b7000.i2c: probing driver i2c-msm-v2 [ 1.074814] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: Bus driver not ready. [ 1.083716] i2c-msm-v2 78b7000.i2c: msm_bus_scale_register_client(mstr-id:86):0 (not a problem) [ 1.093850] i2c-msm-v2 78b9000.i2c: probing driver i2c-msm-v2 [ 1.098889] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: Bus driver not ready. [ 1.107779] i2c-msm-v2 78b9000.i2c: msm_bus_scale_register_client(mstr-id:86):0 (not a problem) [ 1.167871] KPI: Bootloader start count = 24097 [ 1.171364] KPI: Bootloader end count = 48481 [ 1.175855] KPI: Bootloader display count = 3884474147 [ 1.180825] KPI: Bootloader load kernel count = 16420 [ 1.185905] KPI: Kernel MPM timestamp = 105728 [ 1.190286] KPI: Kernel MPM Clock frequency = 32768 [ 1.195209] socinfo_print: v0.10, id=297, ver=1.0, raw_id=72, raw_ver=0, hw_plat=8, hw_plat_ver=65536 [ 1.195209] accessory_chip=0, hw_plat_subtype=0, pmic_model=65539, pmic_die_revision=131074 foundry_id=0 serial_number=2120983948 [ 1.216731] sdcard_ext_vreg: no parameters [ 1.220555] rome_vreg: no parameters [ 1.224133] emac_lan_vreg: no parameters [ 1.228177] usbcore: registered new interface driver usbfs [ 1.233156] usbcore: registered new interface driver hub [ 1.238578] usbcore: registered new device driver usb [ 1.244507] cpufreq: driver msm up and running [ 1.248425] ION heap system created [ 1.251895] msm_bus_fabric_init_driver [ 1.262563] qcom,qpnp-power-on qpnp-power-on-c7303800: PMIC@SID0 Power-on reason: Triggered from PON1 (secondary PMIC) and 'cold' boot [ 1.273747] qcom,qpnp-power-on qpnp-power-on-c7303800: PMIC@SID0: Power-off reason: Triggered from UVLO (Under Voltage Lock Out) [ 1.285430] input: qpnp_pon as /devices/virtual/input/input0 [ 1.291246] PMIC@SID0: PM8019 v2.2 options: 3, 2, 2, 2 [ 1.296706] Advanced Linux Sound Architecture Driver Initialized. [ 1.302493] Add group failed [ 1.305291] cfg80211: Calling CRDA to update world regulatory domain [ 1.311216] cfg80211: World regulatory domain updated: [ 1.317109] Switched to clocksource arch_mem_counter [ 1.334091] cfg80211: DFS Master region: unset [ 1.337418] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp), (dfs_cac_time) [ 1.354087] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (N/A, 2000 mBm), (N/A) [ 1.361055] cfg80211: (2457000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm), (N/A) [ 1.370545] NET: Registered protocol family 2 [ 1.374082] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (N/A, 2000 mBm), (N/A) [ 1.381851] cfg80211: (5170000 KHz - 5250000 KHz @ 80000 KHz), (N/A, 2000 mBm), (N/A) [ 1.389876] cfg80211: (5250000 KHz - 5330000 KHz @ 80000 KHz), (N/A, 2000 mBm), (N/A) [ 1.397857] cfg80211: (5490000 KHz - 5710000 KHz @ 80000 KHz), (N/A, 2000 mBm), (N/A) [ 1.405841] cfg80211: (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 2000 mBm), (N/A) [ 1.413795] cfg80211: (57240000 KHz - 63720000 KHz @ 2160000 KHz), (N/A, 0 mBm), (N/A) [ 1.422355] TCP established hash table entries: 1024 (order: 0, 4096 bytes) [ 1.428921] TCP bind hash table entries: 1024 (order: 0, 4096 bytes) [ 1.435192] TCP: Hash tables configured (established 1024 bind 1024) [ 1.441528] TCP: reno registered [ 1.444738] UDP hash table entries: 256 (order: 0, 4096 bytes) [ 1.450521] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes) [ 1.456950] NET: Registered protocol family 1 [ 1.462779] futex hash table entries: 256 (order: -1, 3072 bytes) [ 1.474555] msgmni has been set to 115 [ 1.478551] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 251) [ 1.485041] io scheduler noop registered [ 1.488818] io scheduler deadline registered [ 1.493200] io scheduler cfq registered (default) [ 1.502142] msm_rpm_log_probe: OK [ 1.506717] msm_serial_hs module loaded [ 1.509803] msm_serial_hsl_probe: detected port #0 (ttyHSL0) [ 1.515324] AXI: get_pdata(): Error: Client name not found [ 1.520626] AXI: msm_bus_cl_get_pdata(): client has to provide missing entry for successful registration [ 1.530171] msm_serial_hsl_probe: Bus scaling is disabled [ 1.074814] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: Bus driver not ready. [ 1.083716] i2c-msm-v2 78b7000.i2c: msm_bus_scale_register_client(mstr-id:86):0 (not a problem) [ 1.093850] i2c-msm-v2 78b9000.i2c: probing driver i2c-msm-v2 [ 1.098889] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: Bus driver not ready. [ 1.107779] i2c-msm-v2 78b9000.i2c: msm_bus_scale_register_client(mstr-id:86):0 (not a problem) [ 1.167871] KPI: Bootloader start count = 24097 [ 1.171364] KPI: Bootloader end count = 48481 [ 1.175855] KPI: Bootloader display count = 3884474147 [ 1.180825] KPI: Bootloader load kernel count = 16420 [ 1.185905] KPI: Kernel MPM timestamp = 105728 [ 1.190286] KPI: Kernel MPM Clock frequency = 32768 [ 1.195209] socinfo_print: v0.10, id=297, ver=1.0, raw_id=72, raw_ver=0, hw_plat=8, hw_plat_ver=65536 [ 1.195209] accessory_chip=0, hw_plat_subtype=0, pmic_model=65539, pmic_die_revision=131074 foundry_id=0 serial_number=2120983948 [ 1.216731] sdcard_ext_vreg: no parameters [ 1.220555] rome_vreg: no parameters [ 1.224133] emac_lan_vreg: no parameters [ 1.228177] usbcore: registered new interface driver usbfs [ 1.233156] usbcore: registered new interface driver hub [ 1.238578] usbcore: registered new device driver usb [ 1.244507] cpufreq: driver msm up and running [ 1.248425] ION heap system created [ 1.251895] msm_bus_fabric_init_driver [ 1.262563] qcom,qpnp-power-on qpnp-power-on-c7303800: PMIC@SID0 Power-on reason: Triggered from PON1 (secondary PMIC) and 'cold' boot [ 1.273747] qcom,qpnp-power-on qpnp-power-on-c7303800: PMIC@SID0: Power-off reason: Triggered from UVLO (Under Voltage Lock Out) [ 1.285430] input: qpnp_pon as /devices/virtual/input/input0 [ 1.291246] PMIC@SID0: PM8019 v2.2 options: 3, 2, 2, 2 [ 1.296706] Advanced Linux Sound Architecture Driver Initialized. [ 1.302493] Add group failed [ 1.305291] cfg80211: Calling CRDA to update world regulatory domain [ 1.311216] cfg80211: World regulatory domain updated: [ 1.317109] Switched to clocksource arch_mem_counter [ 1.334091] cfg80211: DFS Master region: unset [ 1.337418] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp), (dfs_cac_time) [ 1.354087] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (N/A, 2000 mBm), (N/A) [ 1.361055] cfg80211: (2457000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm), (N/A) [ 1.370545] NET: Registered protocol family 2 [ 1.374082] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (N/A, 2000 mBm), (N/A) [ 1.381851] cfg80211: (5170000 KHz - 5250000 KHz @ 80000 KHz), (N/A, 2000 mBm), (N/A) [ 1.389876] cfg80211: (5250000 KHz - 5330000 KHz @ 80000 KHz), (N/A, 2000 mBm), (N/A) [ 1.397857] cfg80211: (5490000 KHz - 5710000 KHz @ 80000 KHz), (N/A, 2000 mBm), (N/A) [ 1.405841] cfg80211: (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 2000 mBm), (N/A) [ 1.413795] cfg80211: (57240000 KHz - 63720000 KHz @ 2160000 KHz), (N/A, 0 mBm), (N/A) [ 1.422355] TCP established hash table entries: 1024 (order: 0, 4096 bytes) [ 1.428921] TCP bind hash table entries: 1024 (order: 0, 4096 bytes) [ 1.435192] TCP: Hash tables configured (established 1024 bind 1024) [ 1.441528] TCP: reno registered [ 1.444738] UDP hash table entries: 256 (order: 0, 4096 bytes) [ 1.450521] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes) [ 1.456950] NET: Registered protocol family 1 [ 1.462779] futex hash table entries: 256 (order: -1, 3072 bytes) [ 1.474555] msgmni has been set to 115 [ 1.478551] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 251) [ 1.485041] io scheduler noop registered [ 1.488818] io scheduler deadline registered [ 1.493200] io scheduler cfq registered (default) [ 1.502142] msm_rpm_log_probe: OK [ 1.506717] msm_serial_hs module loaded [ 1.509803] msm_serial_hsl_probe: detected port #0 (ttyHSL0) [ 1.515324] AXI: get_pdata(): Error: Client name not found [ 1.520626] AXI: msm_bus_cl_get_pdata(): client has to provide missing entry for successful registration [ 1.530171] msm_serial_hsl_probe: Bus scaling is disabled [ 1.535696] 78b3000.serial: ttyHSL0 at MMIO 0x78b3000 (irq = 153, base_baud = 460800�[ 1.544155] msm_hsl_console_setup: console setup on port #0 [ 1.548727] console [ttyHSL0] enabled [ 1.548727] console [ttyHSL0] enabled [ 1.556014] bootconsole [uart0] disabled [ 1.556014] bootconsole [uart0] disabled [ 1.564212] msm_serial_hsl_init: driver initialized [ 1.578450] brd: module loaded [ 1.582920] loop: module loaded [ 1.589183] sps: BAM device 0x07984000 is not registered yet. [ 1.594234] sps:BAM 0x07984000 is registered. [ 1.598072] msm_nand_bam_init: msm_nand_bam_init: BAM device registered: bam_handle 0xc69f6400 [ 1.607103] sps:BAM 0x07984000 (va:0xc89a0000) enabled: ver:0x18, number of pipes:7 [ 1.616588] msm_nand_parse_smem_ptable: Parsing partition table info from SMEM [ 1.622805] msm_nand_parse_smem_ptable: SMEM partition table found: ver: 4 len: 17 [ 1.630391] msm_nand_version_check: nand_major:1, nand_minor:5, qpic_major:1, qpic_minor:5 [ 1.638642] msm_nand_scan: NAND Id: 0x1590aa98 Buswidth: 8Bits Density: 256 MByte [ 1.646069] msm_nand_scan: pagesize: 2048 Erasesize: 131072 oobsize: 128 (in Bytes) [ 1.653676] msm_nand_scan: BCH ECC: 8 Bit [ 1.657710] msm_nand_scan: CFG0: 0x290408c0, CFG1: 0x0804715c [ 1.657710] RAWCFG0: 0x2b8400c0, RAWCFG1: 0x0005055d [ 1.657710] ECCBUFCFG: 0x00000203, ECCBCHCFG: 0x42040d10 [ 1.657710] RAWECCCFG: 0x42000d11, BAD BLOCK BYTE: 0x000001c5 [ 1.684101] Creating 17 MTD partitions on "7980000.nand": [ 1.689447] 0x000000000000-0x000000140000 : "sbl" [ 1.694867] 0x000000140000-0x000000280000 : "mibib" [ 1.699560] 0x000000280000-0x000000e80000 : "efs2" [ 1.704408] 0x000000e80000-0x000000f40000 : "tz" [ 1.708934] 0x000000f40000-0x000000fa0000 : "rpm" [ 1.713625] 0x000000fa0000-0x000001000000 : "aboot" [ 1.718582] 0x000001000000-0x0000017e0000 : "boot" [ 1.723281] 0x0000017e0000-0x000002820000 : "scrub" [ 1.728174] 0x000002820000-0x000005020000 : "modem" [ 1.732968] 0x000005020000-0x000005420000 : "rfbackup" [ 1.738156] 0x000005420000-0x000005820000 : "oem" [ 1.742770] 0x000005820000-0x000005f00000 : "recovery" [ 1.747972] 0x000005f00000-0x000009100000 : "cache" [ 1.752787] 0x000009100000-0x000009a40000 : "recoveryfs" [ 1.758389] 0x000009a40000-0x00000aa40000 : "cdrom" [ 1.762967] 0x00000aa40000-0x00000ba40000 : "jrdresource" [ 1.768407] 0x00000ba40000-0x000010000000 : "system" [ 1.773239] msm_nand_probe: NANDc phys addr 0x7980000, BAM phys addr 0x7984000, BAM IRQ 164 [ 1.781074] msm_nand_probe: Allocated DMA buffer at virt_addr 0xc7840000, phys_addr 0x87840000 [ 1.791872] PPP generic driver version 2.4.2 [ 1.801126] cnss_sdio 87a00000.qcom,cnss-sdio: CNSS SDIO Driver registered [ 1.807554] msm_otg 78d9000.usb: msm_otg probe [ 1.813333] msm_otg 78d9000.usb: OTG regs = c88f8000 [ 1.820702] gbridge_init: gbridge_init successs. [ 1.826344] msm_otg 78d9000.usb: phy_reset: success [ 1.830294] qcom,qpnp-rtc qpnp-rtc-c7307000: rtc core: registered qpnp_rtc as rtc0 [ 1.838474] i2c /dev entries driver [ 1.842459] unable to find DT imem DLOAD mode node [ 1.846588] unable to find DT imem EDLOAD mode node [ 1.851332] unable to find DT imem dload-type node [ 1.856921] bq24295-charger 4-006b: bq24295 probe enter [ 1.861161] qcom,iterm-ma = 128 [ 1.864476] bq24295_otg_vreg: no parameters [ 1.868502] charger_core_register: Charger Core Version 5.0.0(Built at 20151202-21:36)! [ 1.877007] i2c-msm-v2 78b8000.i2c: msm_bus_scale_register_client(mstr-id:86):0x3 (ok) [ 1.885559] bq24295-charger 4-006b: bq24295_set_bhot_mode 3 [ 1.890150] bq24295-charger 4-006b: power_good is 1,vbus_stat is 2 [ 1.896588] bq24295-charger 4-006b: bq24295_set_thermal_threshold 100 [ 1.902952] bq24295-charger 4-006b: bq24295_set_sys_min 3700 [ 1.908639] bq24295-charger 4-006b: bq24295_set_max_target_voltage 4150 [ 1.915223] bq24295-charger 4-006b: bq24295_set_recharge_threshold 300 [ 1.922119] bq24295-charger 4-006b: bq24295_set_terminal_current_limit iterm_disabled=0, iterm_ma=128 [ 1.930917] bq24295-charger 4-006b: bq24295_set_precharge_current_limit bdi->prech_cur=128 [ 1.940038] bq24295-charger 4-006b: bq24295_set_safty_timer 0 [ 1.945088] bq24295-charger 4-006b: bq24295_set_input_voltage_limit 4520 [ 1.972949] sdhci: Secure Digital Host Controller Interface driver [ 1.978151] sdhci: Copyright(c) Pierre Ossman [ 1.982441] sdhci-pltfm: SDHCI platform and OF driver helper [ 1.989092] sdhci_msm 7824900.sdhci: sdhci_msm_probe: ICE device is not enabled [ 1.995473] sdhci_msm 7824900.sdhci: No vreg data found for vdd [ 2.001530] sdhci_msm 7824900.sdhci: sdhci_msm_pm_qos_parse_irq: error -22 reading irq cpu [ 2.009809] sdhci_msm 7824900.sdhci: sdhci_msm_pm_qos_parse: PM QoS voting for IRQ will be disabled [ 2.018600] sdhci_msm 7824900.sdhci: sdhci_msm_pm_qos_parse: PM QoS voting for cpu group will be disabled [ 2.030541] sdhci_msm 7824900.sdhci: sdhci_msm_probe: sdiowakeup_irq = 353 [ 2.036867] sdhci_msm 7824900.sdhci: No vmmc regulator found [ 2.042027] sdhci_msm 7824900.sdhci: No vqmmc regulator found [ 2.048266] mmc0: SDHCI controller on 7824900.sdhci [7824900.sdhci] using 32-bit ADMA in legacy mode [ 2.080401] Welcome to pca955x_probe!! [ 2.084362] leds-pca955x 3-0020: leds-pca955x: Using pca9555 16-bit LED driver at slave address 0x20 [ 2.095400] sdhci_msm 7824900.sdhci: card claims to support voltages below defined range [ 2.103125] i2c-msm-v2 78b7000.i2c: msm_bus_scale_register_client(mstr-id:86):0x5 (ok) [ 2.114183] msm_otg 78d9000.usb: Avail curr from USB = 1500 [ 2.120251] come to USB_SDP_CHARGER! [ 2.123215] Welcome to sn3199_probe! [ 2.126718] leds-sn3199 5-0064: leds-sn3199: Using sn3199 9-bit LED driver at slave address 0x64 [ 2.136511] sn3199->led_en_gpio=21 [ 2.139143] i2c-msm-v2 78b9000.i2c: msm_bus_scale_register_client(mstr-id:86):0x6 (ok) [ 2.150207] usbcore: registered new interface driver usbhid [ 2.154864] usbhid: USB HID core driver [ 2.159825] sps:BAM 0x078c4000 is registered. [ 2.163573] bimc-bwmon 408000.qcom,cpu-bwmon: BW HWmon governor registered. [ 2.171080] devfreq soc:qcom,cpubw: Couldn't update frequency transition information. [ 2.178513] coresight-fuse a601c.fuse: QPDI fuse not specified [ 2.184242] coresight-fuse a601c.fuse: Fuse initialized [ 2.192407] coresight-csr 6001000.csr: CSR initialized [ 2.197263] coresight-tmc 6026000.tmc: Byte Counter feature enabled [ 2.203204] sps:BAM 0x06084000 is registered. [ 2.207301] coresight-tmc 6026000.tmc: TMC initialized [ 2.212681] coresight-tmc 6025000.tmc: TMC initialized [ 2.220071] nidnt boot config: 0 [ 2.224563] mmc0: new ultra high speed SDR50 SDIO card at address 0001 [ 2.231120] coresight-tpiu 6020000.tpiu: NIDnT on SDCARD only mode [ 2.236440] coresight-tpiu 6020000.tpiu: TPIU initialized [ 2.242808] coresight-replicator 6024000.replicator: REPLICATOR initialized [ 2.249372] coresight-stm 6002000.stm: STM initialized [ 2.255034] coresight-hwevent 606c000.hwevent: Hardware Event driver initialized [ 2.262312] Netfilter messages via NETLINK v0.30. [ 2.266306] nf_conntrack version 0.5.0 (920 buckets, 3680 max) [ 2.272312] ctnetlink v0.93: registering with nfnetlink. [ 2.277565] ip_set: protocol 6 [ 2.280568] ip_tables: (C) 2000-2006 Netfilter Core Team [ 2.285723] arp_tables: (C) 2002 David S. Miller [ 2.290146] TCP: cubic registered [ 2.293915] NET: Registered protocol family 10 [ 2.298740] ip6_tables: (C) 2000-2006 Netfilter Core Team [ 2.303407] sit: IPv6 over IPv4 tunneling driver [ 2.308481] NET: Registered protocol family 17 [ 2.312340] bridge: automatic filtering via arp/ip/ip6tables has been deprecated. Update your scripts to load br_netfilter if you need this. [ 2.325094] Bridge firewalling registered [ 2.328930] Ebtables v2.0 registered [ 2.333260] NET: Registered protocol family 27 [ 2.341362] battery_core_register: Battery Core Version 5.0.0(Built at 20151202-21:36)! [ 2.348466] pmu_battery_probe: vbat_channel=21, tbat_channel=17 [ 2.420236] ubi0: attaching mtd16 [ 2.723941] ubi0: scanning is finished [ 2.732997] ubi0: attached mtd16 (name "system", size 69 MiB) [ 2.737783] ubi0: PEB size: 131072 bytes (128 KiB), LEB size: 126976 bytes [ 2.744601] ubi0: min./max. I/O unit sizes: 2048/2048, sub-page size 2048 [ 2.751333] ubi0: VID header offset: 2048 (aligned 2048), data offset: 4096 [ 2.758540] ubi0: good PEBs: 556, bad PEBs: 2, corrupted PEBs: 0 [ 2.764305] ubi0: user volume: 3, internal volumes: 1, max. volumes count: 128 [ 2.771476] ubi0: max/mean erase counter: 192/64, WL threshold: 4096, image sequence number: 35657280 [ 2.780708] ubi0: available PEBs: 0, total reserved PEBs: 556, PEBs reserved for bad PEB handling: 38 [ 2.789921] ubi0: background thread "ubi_bgt0d" started, PID 96 [ 2.796395] android_bind cdev: 0xC6583E80, name: ci13xxx_msm [ 2.801508] file system registered [ 2.804974] mbim_init: initialize 1 instances [ 2.809228] mbim_init: Initialized 1 ports [ 2.815074] rndis_qc_init: initialize rndis QC instance [ 2.819713] jrd device_desc.bcdDevice: [0x0242] [ 2.823779] android_bind scheduled usb start work: name: ci13xxx_msm [ 2.830230] android_usb gadget: android_usb ready [ 2.834845] msm_hsusb msm_hsusb: [ci13xxx_start] hw_ep_max = 32 [ 2.840741] msm_hsusb msm_hsusb: CI13XXX_CONTROLLER_RESET_EVENT received [ 2.847433] msm_hsusb msm_hsusb: CI13XXX_CONTROLLER_UDC_STARTED_EVENT received [ 2.855851] input: gpio-keys as /devices/soc:gpio_keys/input/input1 [ 2.861452] qcom,qpnp-rtc qpnp-rtc-c7307000: setting system clock to 1970-01-01 06:36:41 UTC (23801) [ 2.870315] open file error /usb_conf/usb_config.ini [ 2.876412] jrd_usb_start_work open file erro /usb_conf/usb_config.ini, retry_count:0 [ 2.884324] parse_legacy_cluster_params(): Ignoring cluster params [ 2.889468] ------------[ cut here ]------------ [ 2.894186] WARNING: CPU: 0 PID: 1 at /home/linux3/jrd/yanping.an/ee40/0810/MDM9607.LE.1.0-00130/apps_proc/oe-core/build/tmp-glibc/work-shared/mdm9607/kernel-source/drivers/cpuidle/lpm-levels-of.c:739 parse_cluster+0xb50/0xcb4() [ 2.914366] Modules linked in: [ 2.917339] CPU: 0 PID: 1 Comm: swapper Not tainted 3.18.20 #1 [ 2.923171] [<c00132ac>] (unwind_backtrace) from [<c0011460>] (show_stack+0x10/0x14) [ 2.931092] [<c0011460>] (show_stack) from [<c001c6ac>] (warn_slowpath_common+0x68/0x88) [ 2.939175] [<c001c6ac>] (warn_slowpath_common) from [<c001c75c>] (warn_slowpath_null+0x18/0x20) [ 2.947895] [<c001c75c>] (warn_slowpath_null) from [<c034e180>] (parse_cluster+0xb50/0xcb4) [ 2.956189] [<c034e180>] (parse_cluster) from [<c034b6b4>] (lpm_probe+0xc/0x1d4) [ 2.963527] [<c034b6b4>] (lpm_probe) from [<c024857c>] (platform_drv_probe+0x30/0x7c) [ 2.971380] [<c024857c>] (platform_drv_probe) from [<c0246d54>] (driver_probe_device+0xb8/0x1e8) [ 2.980118] [<c0246d54>] (driver_probe_device) from [<c0246f30>] (__driver_attach+0x68/0x8c) [ 2.988467] [<c0246f30>] (__driver_attach) from [<c02455d0>] (bus_for_each_dev+0x6c/0x90) [ 2.996626] [<c02455d0>] (bus_for_each_dev) from [<c02465a4>] (bus_add_driver+0xe0/0x1c8) [ 3.004786] [<c02465a4>] (bus_add_driver) from [<c02477bc>] (driver_register+0x9c/0xe0) [ 3.012739] [<c02477bc>] (driver_register) from [<c080c3d8>] (lpm_levels_module_init+0x14/0x38) [ 3.021459] [<c080c3d8>] (lpm_levels_module_init) from [<c0008980>] (do_one_initcall+0xf8/0x1a0) [ 3.030217] [<c0008980>] (do_one_initcall) from [<c07e7d4c>] (kernel_init_freeable+0xf0/0x1b0) [ 3.038818] [<c07e7d4c>] (kernel_init_freeable) from [<c0582d48>] (kernel_init+0x8/0xe4) [ 3.046888] [<c0582d48>] (kernel_init) from [<c000dda0>] (ret_from_fork+0x14/0x34) [ 3.054432] ---[ end trace e9ec50b1ec4c8f73 ]--- [ 3.059012] ------------[ cut here ]------------ [ 3.063604] WARNING: CPU: 0 PID: 1 at /home/linux3/jrd/yanping.an/ee40/0810/MDM9607.LE.1.0-00130/apps_proc/oe-core/build/tmp-glibc/work-shared/mdm9607/kernel-source/drivers/cpuidle/lpm-levels-of.c:739 parse_cluster+0xb50/0xcb4() [ 3.083858] Modules linked in: [ 3.086870] CPU: 0 PID: 1 Comm: swapper Tainted: G W 3.18.20 #1 [ 3.093814] [<c00132ac>] (unwind_backtrace) from [<c0011460>] (show_stack+0x10/0x14) [ 3.101575] [<c0011460>] (show_stack) from [<c001c6ac>] (warn_slowpath_common+0x68/0x88) [ 3.109641] [<c001c6ac>] (warn_slowpath_common) from [<c001c75c>] (warn_slowpath_null+0x18/0x20) [ 3.118412] [<c001c75c>] (warn_slowpath_null) from [<c034e180>] (parse_cluster+0xb50/0xcb4) [ 3.126745] [<c034e180>] (parse_cluster) from [<c034b6b4>] (lpm_probe+0xc/0x1d4) [ 3.134126] [<c034b6b4>] (lpm_probe) from [<c024857c>] (platform_drv_probe+0x30/0x7c) [ 3.141906] [<c024857c>] (platform_drv_probe) from [<c0246d54>] (driver_probe_device+0xb8/0x1e8) [ 3.150702] [<c0246d54>] (driver_probe_device) from [<c0246f30>] (__driver_attach+0x68/0x8c) [ 3.159120] [<c0246f30>] (__driver_attach) from [<c02455d0>] (bus_for_each_dev+0x6c/0x90) [ 3.167285] [<c02455d0>] (bus_for_each_dev) from [<c02465a4>] (bus_add_driver+0xe0/0x1c8) [ 3.175444] [<c02465a4>] (bus_add_driver) from [<c02477bc>] (driver_register+0x9c/0xe0) [ 3.183398] [<c02477bc>] (driver_register) from [<c080c3d8>] (lpm_levels_module_init+0x14/0x38) [ 3.192107] [<c080c3d8>] (lpm_levels_module_init) from [<c0008980>] (do_one_initcall+0xf8/0x1a0) [ 3.200877] [<c0008980>] (do_one_initcall) from [<c07e7d4c>] (kernel_init_freeable+0xf0/0x1b0) [ 3.209475] [<c07e7d4c>] (kernel_init_freeable) from [<c0582d48>] (kernel_init+0x8/0xe4) [ 3.217542] [<c0582d48>] (kernel_init) from [<c000dda0>] (ret_from_fork+0x14/0x34) [ 3.225090] ---[ end trace e9ec50b1ec4c8f74 ]--- [ 3.229667] /soc/qcom,lpm-levels/qcom,pm-cluster@0: No CPU phandle, assuming single cluster [ 3.239954] qcom,cc-debug-mdm9607 1800000.qcom,debug: Registered Debug Mux successfully [ 3.247619] emac_lan_vreg: disabling [ 3.250507] mem_acc_corner: disabling [ 3.254196] clock_late_init: Removing enables held for handed-off clocks [ 3.262690] ALSA device list: [ 3.264732] No soundcard�[ 3.274083] UBIFS (ubi0:0): background thread "ubifs_bgt0_0" started, PID 102 [ 3.305224] UBIFS (ubi0:0): recovery needed [ 3.466156] UBIFS (ubi0:0): recovery completed [ 3.469627] UBIFS (ubi0:0): UBIFS: mounted UBI device 0, volume 0, name "rootfs" [ 3.476987] UBIFS (ubi0:0): LEB size: 126976 bytes (124 KiB), min./max. I/O unit sizes: 2048 bytes/2048 bytes [ 3.486876] UBIFS (ubi0:0): FS size: 45838336 bytes (43 MiB, 361 LEBs), journal size 9023488 bytes (8 MiB, 72 LEBs) [ 3.497417] UBIFS (ubi0:0): reserved for root: 0 bytes (0 KiB) [ 3.503078] UBIFS (ubi0:0): media format: w4/r0 (latest is w4/r0), UUID 4DBB2F12-34EB-43B6-839B-3BA930765BAE, small LPT model [ 3.515582] VFS: Mounted root (ubifs filesystem) on device 0:12. [ 3.520940] Freeing unused kernel memory: 276K (c07e7000 - c082c000) INIT: version 2.88 booting

Russ Allbery: Review: Solutions and Other Problems

Thursday 18th of February 2021 05:19:00 AM

Review: Solutions and Other Problems, by Allie Brosh

Publisher: Gallery Books Copyright: September 2020 ISBN: 1-9821-5694-5 Format: Hardcover Pages: 519

Solutions and Other Problems is the long-awaited second volume of Allie Brosh's work, after the amazing Hyperbole and a Half. The first collection was a mix of original material and pieces that first appeared on her blog. This is all new work, although one of the chapters is now on her blog as a teaser.

As with all of Brosh's previous work, Solutions and Other Problems is mostly drawings (in her highly original, deceptively simple style) with a bit of prose in between. It's a similar mix of childhood stories, off-beat interpretations of day-to-day life, and deeper and more personal topics. But this is not the same type of book as Hyperbole and a Half, in a way that is hard to capture in a review.

When this book was postponed and then temporarily withdrawn, I suspected that something had happened to Brosh. I was hoping that it was just the chaos of her first book publication, but, sadly, no. We find out about some of what happened in Solutions and Other Problems, in varying amounts of detail, and it's heart-wrenching. That by itself gives the book a more somber tone.

But, beyond that, I think Solutions and Other Problems represents a shift in mood and intention. The closest I can come to it is to say that Hyperbole and a Half felt like Brosh using her own experiences as a way to tell funny stories, and this book feels like Brosh using funny stories to talk about her experiences. There are still childhood hijinks and animal stories mixed in, but even those felt more earnest, more sad, and less assured or conclusive. This is in no way a flaw, to be clear; just be aware that if you were expecting more work exactly like Hyperbole and a Half, this volume is more challenging and a bit more unsettling.

This does not mean Brosh's trademark humor is gone. Chapter seventeen, "Loving-Kindness Exercise," is one of the funniest things I've ever read. "Neighbor Kid" captures my typical experience of interacting with children remarkably well. And there are, of course, more stories about not-very-bright pets, including a memorable chapter ("The Kangaroo Pig Gets Drunk") on just how baffling our lives must be to the animals around us. But this book is more serious, even when there's humor and absurdity layered on top, and anxiety felt like a constant companion.

As with her previous book, many of the chapters are stories from Brosh's childhood. I have to admit this is not my favorite part of Brosh's work, and the stories in this book in particular felt a bit less funny and somewhat more uncomfortable and unsettling. This may be a very individual reaction; you can judge your own in advance by reading "Richard," the second chapter of the book, which Brosh posted to her blog. I think it's roughly typical of the childhood stories here.

The capstone of Hyperbole and a Half was Brosh's fantastic two-part piece on depression, which succeeded in being hilarious and deeply insightful at the same time. I think the capstone of Solutions and Other Problems is the last chapter, "Friend," which is about being friends with yourself. For me, it was a good encapsulation of both the merits of this book and the difference in tone. It's less able to find obvious humor in a psychological struggle, but it's just as empathetic and insightful. The ending is more ambiguous and more conditional; the tone is more wistful. It felt more personal and more raw, and therefore a bit less generalized. Her piece on depression made me want to share it with everyone I knew; this piece made me want to give Brosh a virtual hug and tell her I'm glad she's alive and exists in the world. That about sums up my reaction to this book.

I bought Solutions and Other Problems in hardcover because I think this sort of graphic work benefits from high-quality printing, and I was very happy with that decision. Gallery Books used heavy, glossy paper and very clear printing. More of the text is outside of the graphic panels than I remember from the previous book. I appreciated that; I thought it made the stories much easier to read. My one quibble is that Brosh does use fairly small lettering in some of the panels and the color choices and the scrawl she uses for stylistic reasons sometimes made that text difficult for me to read. In those few places, I would have appreciated the magnifying capabilities of reading on a tablet.

I don't think this is as good as Hyperbole and a Half, but it is still very good and very worth reading. It's harder reading, though, and you'll need to brace yourself more than you did before. If you're new to Brosh, start with Hyperbole and a Half, or with the blog, but if you liked those, read this too.

Rating: 8 out of 10

Dirk Eddelbuettel: dang 0.0.13: New intradayMarketMonitor

Thursday 18th of February 2021 01:42:00 AM

A new release of the dang package got to CRAN earlier today, a few months since the last relase. The dang package regroups a few functions of mine that had no other home as for example lsos() from a StackOverflow question from 2009 (!!) is one, this overbought/oversold price band plotter from an older blog post is another.

This release adds one function I tweeted about one month ago. It takes a function Josh Ulrich originally tweeted about in November with a reference to this gist. I refactored this into a proper functions and polished a few edges: the data now properly rolls off after a fixed delay (of two days), should work with other symbols (though we both focused on ^GSPC as a free (!!) real-time SP500 index (albeit only during trading hours), properly gaps between trading days and more. You can simply invoke it via

dang::intradayMarketMonitor()

and a chart just like the one here will grow (though there is no “state”: if you stop it, or reboot, or … the plot starts from scratch).

The short NEWS entry follows.

Changes in version 0.0.13 (2021-02-17)
  • New function intradayMarketMonitor based on an earlier gist-posted snippet by Josh Ulrich.

  • The CI setup was generalized as a test for 'r-ci' and is used essentially unchanged with three different providers.

Courtesy of my CRANberries, there is a comparison to the previous release. For questions or comments use the issue tracker off the GitHub repo.

If you like this or other open-source work I do, you can now sponsor me at GitHub.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Norbert Preining: Debian KDE/Plasma Status 2021-02-18

Wednesday 17th of February 2021 09:08:21 PM

Lots of time has passed since the last status update, and Debian is going into pre-release freeze, so let us report a bit about the most recent changes: Debian/bullseye will have Plasma 5.20.5, Frameworks 5.78, Apps 20.12. Debian/experimental already carries Plasma 5.21 and Frameworks 5.79, and that is also the level at the OSC builds.

Debian Bullseye

We are in soft freeze now, and only targeted fixes are allowed, but Bullseye is carrying a good mixture consisting of the KDE Frameworks 5.78, including several backports of fixes from 5.79 to get smooth operation. Plasma 5.20.5, again with several cherry picks for bugs will be in Bullseye, too. The KDE/Apps are mostly at 20.12 level, and the KDE PIM group packages (akonadi, kmail, etc) are at 20.08.

Debian experimental

In the last days I have uploaded frameworks 5.79 and Plasma 5.21 to Debian/experimental. For Plasma there is still some NEW processing to be done, but in due time the packages will be available and installable from experimental.

OBS packages

The OBS packages as usual follow the latest release, and currently ship KDE Frameworks 5.79, KDE Apps 20.12.2, and Plasma 5.21.0. The package sources are as usual (note the different path for the Plasma packages and the App packages, containing the release version!), for Debian/unstable:

deb https://download.opensuse.org/repositories/home:/npreining:/debian-kde:/frameworks/Debian_Unstable/ ./ deb https://download.opensuse.org/repositories/home:/npreining:/debian-kde:/plasma521/Debian_Unstable/ ./ deb https://download.opensuse.org/repositories/home:/npreining:/debian-kde:/apps2012/Debian_Unstable/ ./ deb https://download.opensuse.org/repositories/home:/npreining:/debian-kde:/other/Debian_Unstable/ ./

and the same with Testing instead of Unstable for Debian/testing.

Digikam beta

There is also a separate repository for the upcoming digikam release:

deb https://download.opensuse.org/repositories/home:/npreining:/debian-kde:/digikam-beta/Debian_Unstable/ ./

just in case you want to test the rc release of digikam 7.2.0.

Martin-&#201;ric Racine: OpenWRT: WRT54GL: Backfire: IPv6 issues

Wednesday 17th of February 2021 06:09:51 PM

While having a Debian boxen as a router feels nice, I kept on longing for something smaller and quieter. I then remembered that I still had my old WRT54GL somewhere. After upgrading the OpenWRT firmware to the latest supported version for that hardware (Backfire 10.03.1, r29592), I installed radvd and wide-dhcpv6-client. Configuring radvd to deliver consistent results was easy enough.

The issue I keep on experiencing is the external interface (wan) dropping the IPv6 address it received from the ISP via router advertisement, which in turn kills the default IPv6 route to the outside world. Logging in via SSH and manually running "rdisc6 eth0.1" restores the IPv6 gateway. I just honestly wished I didn't have to do this every time I need to reboot the router.

Does this issue sound familiar to anyone? What was the solution?

PS: No, I won't just go and ditch this WRT54GL just because new toys exist on the market. This is obviously a software issue, so I need a software solution.

PPS: IPv6 pretty much works out of the box on the Debian boxen I had been using as my router. I previously wrote about this on my blog. Basically, it's unlikely to be an ISP issue.

Louis-Philippe Véronneau: What are the incentive structures of Free Software?

Wednesday 17th of February 2021 05:00:00 AM

When I started my Master's degree in January 2018, I was confident I would be done in a year and half. After all, I only had one year of classes and I figured 6 months to write a thesis would be plenty.

Three years later, I'm finally done: the final version of my thesis was accepted on January 22nd 2021.

My thesis, entitled What are the incentive structures of Free Software? An economic analysis of Free Software's specific development model, can be found here 1. If you care about such things, both the data and the final document can be built from source with the code in this git repository.

Results and analysis

My thesis is divided in four main sections:

  1. an introduction to FOSS
  2. a chapter discussing the incentive structures of Free Software (and arguing the so called “Tragedy of the Commons” isn't inevitable)
  3. a chapter trying to use empirical data to validate the theories presented in the previous chapter
  4. an annex on the various FOSS business models

If you're reading this blog post, chances are you'll find both section 1 and 4 a tad boring, as you might already be familiar with these concepts.

Incentives

So, why do people contribute to Free Software? Unsurprisingly, it's complicated. Many economists have studied this topic, but for some reason, most research happened in the early 2000s.

Although papers don't all agree with each other and most importantly, about the variables' importance, the main incentives2 can be summarized by:

  • expectation of monetary gain
  • writing FOSS as a hobby (that includes “scratching your own itch”)
  • liking the FOSS community and feeling a sense of belonging
  • altruism (writing FOSS for Good™)

Giving weights to these variables is not an easy thing: the FOSS ecosystem is highly heterogeneous and thus, people tend to write FOSS for different reasons. Moreover, incentives tend to shift with time as the ecosystem does. People writing Free Software in the 1990s probably did it for different reasons than people in 2021.

These four variables can also be divided in two general categories: extrinsic and intrinsic incentives. Monetary gain expectancy is an extrinsic incentive (its value is delayed and mediated), whereas the three other ones are intrinsic (they have an immediate value by themselves).

Empirical analysis

Theory is nice, but it's even better when you can back it up with data. Sadly, most of the papers on the economic incentives of FOSS are either purely theoretical, or use sample sizes so small they could as well be.

Using the data from the StackOverflow 2018 survey, I thus tried to see if I could somehow confirm my previous assumptions.

With 129 questions and more than 100 000 respondents (which after statistical processing yields between 28 000 and 39 000 observations per variable of interest), the StackOverflow 2018 survey is a very large dataset compared to what economists are used to work with.

Sadly, it wasn't entirely enough to come up with hard answers. There is a strong and significant correlation between writing Free Software and having a higher salary, but endogeneity problems3 made it hard to give a reliable estimate of how much money this would represent. Same goes for writing code has a hobby: it seems there is a strong and significant correlation, but the exact numbers I came up with cannot really be trusted.

The results on community as an incentive to writing FOSS were the ones that surprised me the most. Although I expected the relation to be quite strong, the coefficients predicted were in fact quite small. I theorise this is partly due to only 8% of the respondents declaring they didn't feel like they belonged in the IT community. With such a high level of adherence, the margin for improvement has to be smaller.

As for altruism, I wasn't able get any meaningful results. In my opinion this is mostly due to the fact there was no explicit survey question on this topic and I tried to make up for it by cobbling data together.

Kinda anti-climatic, isn't it? I would've loved to come up with decisive conclusions on this topic, but if there's one thing I learned while writing this thesis, it is I don't know much after all.

  1. Note that the thesis is written in French. 

  2. Of course, life is complex and so are people's motivations. One could come up with dozen more reasons why people contribute to Free Software. The "fun" of theoretical modelisation is trying to make complex things somewhat simpler. 

  3. I'll spare you the details, but this means there is no way to know if this correlation is the result of a causal link between the two variables. There are ways to deal with this problem (using an instrumental variables model is a very popular one), but again, the survey didn't provide the proper instruments to do so. For example, it could very well be the correlation is due to omitted variables. If you are interested in this topic (and can read French), I talk about this issue in section 3.2.8. 

More in Tux Machines

today's leftovers

  • Snapcraft Clinic Successes

    On Thursday I mentioned we were restarting the Snapcraft Clinic. Basically we stand up a regular video call with engineers from the snap and snapcraft team & us from Snap Advocacy. Developers of applications and publishers of snaps are invited to join to troubleshoot. There was nothing especially secret or private discussed, but as we don’t record or stream the calls, and I don’t have direct permission to mention the applications or people involved, so I’ll keep this a little vague. In future I think we should ask permission and record the outcomes of the calls. We had a few productive discussions. One developer brought an application which they’d requested classic confinement for, and wished to discuss the options for confinement. We had a rather lengthy open discussion about the appropriateness of the available options. The developer was offered some choices, including making changes to their application to accomodate confinement, and another was (as always) not to snap the application. They appreciated our openness in terms of accepting that there are limitations with all software, and not everything always makes sense to be packaged as a snap, at the moment. We also had a productive discusison with a representative of a group responsible for publishing multiple snaps. They had difficulties with a graphical snapped application once it had been updated to use core20. The application would launch and almost immediately segfault. As the application was already published in the Snap Store, in a non-stable channel, we were all able to install it to test on our own systems.

  • Kraft Version 0.96

    Ich freue mich, heute das Release Version 0.96 von Kraft herauszugeben. Die neue Version kann über die Homepage heruntergeladen werden.

  • A new data format has landed in the upcoming GTG 0.5

    Diego’s changes are major, invasive technological changes, and they would benefit from extensive testing by everybody with “real data” before 0.5 happens (very soon). I’ve done some pretty extensive testing & bug reporting in the last few months; Diego fixed all the issues I’ve reported so far, so I’ve pretty much run out of serious bugs now, as only a few remain targetted to the 0.5 milestone… But I’m only human, and it is possible that issues might remain, even after my troll-testing. Grab GTG’s git version ASAP, with a copy of your real data (for extra caution, and also because we want you to test with real data); see the instructions in the README, including the “Where is my user data and config stored?” section. Please torture-test it to make sure everything is working properly, and report issues you may find (if any). Look for anything that might seem broken “compared to 0.4”, incorrect task parenting/associations, incorrect tagging, broken content, etc.

  • MAS ‘Ocean strainer’ technology to be open source

    Inspired by the success of its ‘Ocean Strainer’ floating trash trap, a pilot project launched in the Dehiwala Canal last year, MAS Holdings will make the ‘Ocean Strainer’ technology available to interested parties, to replicate and scale up the solution.

  • Notes on Addressing Supply Chain Vulnerabilities

    One of the unsung achievements of modern software development is the degree to which it has become componentized: not that long ago, when you wanted to write a piece of software you had to write pretty much the whole thing using whatever tools were provided by the language you were writing in, maybe with a few specialized libraries like OpenSSL. No longer. The combination of newer languages, Open Source development and easy-to-use package management systems like JavaScript’s npm or Rust’s Cargo/crates.io has revolutionized how people write software, making it standard practice to pull in third party libraries even for the simplest tasks; it’s not at all uncommon for programs to depend on hundreds or thousands of third party packages. [...] Even packages which are well maintained and have good development practices routinely have vulnerabilities. For example, Firefox recently released a new version that fixed a vulnerability in the popular ANGLE graphics engine, which is maintained by Google. Both Mozilla and Google follow the practices that this blog post recommends, but it’s just the case that people make mistakes. To (possibly mis)quote Steve Bellovin, “Software has bugs. Security-relevant software has security-relevant bugs”. So, while these practices are important to reduce the risk of vulnerabilities, we know they can’t eliminate them. Of course this applies to inadvertant vulnerabilities, but what about malicious actors (though note that Brewer et al. observe that “Taking a step back, although supply-chain attacks are a risk, the vast majority of vulnerabilities are mundane and unintentional—honest errors made by well-intentioned developers.”)? It’s possible that some of their proposed changes (in particular forbidding anonymous authors) might have an impact here, but it’s really hard to see how this is actionable. What’s the standard for not being anonymous? That you have an e-mail address? A Web page? A DUNS number?[3] None of these seem particularly difficult for a dedicated attacker to fake and of course the more strict you make the requirements the more it’s a burden for the (vast majority) of legitimate developers. I do want to acknowledge at this point that Brewer et al. clearly state that multiple layers of protection needed and that it’s necessary to have robust mechanisms for handling vulnerability defenses. I agree with all that, I’m just less certain about this particular piece.

  • 26 Firefox Quantum About:Config Tricks You Need to Learn - Make Tech Easier

    “Here be dragons,” reads the ominous disclaimer when you type about:config into Firefox’s URL bar, warning you that tweaking things in this area is largely experimental and can cause instability to your browser. Sounds exciting, right? And even though it sounds a little scary, the fact is you will almost certainly be okay when you start playing around in this area and can actually use the features here to improve and speed up your browser. These are Make Tech Easier’s favorite Firefox about:config tricks, freshly updated for Firefox Quantum.

  • Attackers collaborate to exploit CVE-2021-21972 and CVE-2021-21973 - Blueliv

Programming Leftovers

  • The HTTP Referer header is fading away (at least as a useful thing)

    The HTTP Referer header on requests is famously misspelled (it should be Referrer), and also famously not liked because of privacy and security concerns. The privacy and security concerns are especially strong with external ('cross-origin') Referers, which is also the ones that many people find most useful because they tell you where visitors to your pages are coming from and let you find places where people have linked to you or are mentioning you.

  • Top 10 Natural Language Processing (NLP) Trends To Look Forward

    AI and Machine Learning have gifted us marvelous things. NLP or Natural Language Processing is one of them. It is one of the most prominent applications of AI. We are using this technology in our day-to-day life without even knowing. Translators, speech recognition apps, chatbots are actually NLP-powered products. Tech giants like Google and Microsoft are making new developments in NLP every year. If you are an AI enthusiast, you should go deep inside NLP. Chill! We got you covered. Just go through the article, and know about the top NLP trends that most data scientists are talking about.

  • Russ Allbery: DocKnot 4.01

    DocKnot is my software documentation and release management tool. This release adds support for a global user configuration file separate from the metadata for any given project and adds support for signing generated distribution tarballs with GnuPG. Currently, the only configuration options for the global configuration file are to set the destination location of generated distributions and the PGP key to use when signing them.

  • horizonator: terrain renderer based on SRTM DEMs

    I just resurrected and cleaned up an old tool I had lying around. It's now nice and usable by others. This tool loads terrain data, and renders it from the ground, simulating what a human or a camera would see. This is useful for armchair exploring or for identifying peaks. This was relatively novel when I wrote it >10 years ago, but there are a number of similar tools in existence now. This implementation is still useful in that it's freely licensed and contains APIs, so fancier processing can be performed on its output.

  • Happy birthday, Python, you're 30 years old this week: Easy to learn, and the right tool at the right time

    The 30th anniversary of Python this week finds the programming language at the top of its game, but not without challenges. "I do believe that Python just doesn’t have the right priorities these days," said Armin Ronacher, director of engineering at software monitoring biz Sentry and creator of Flask, the popular Python web app framework, in an email interview with The Register. Ronacher, a prolific Python contributor, remains a fan of the language. He credits Python's success to being both easy to learn and having an implementation that was easy to hack. And in its early years, Python didn't have a lot of competitors with those same characteristics, he said.

  • Google fires 150 game developers hired for Stadia: Report

    In about two years, Google has announced to shut down the in-house Stadia game development division, as it sees a great adoption of its technology by third-party developers and publishers to create world-class games.

    Google has said that it will not be investing further in bringing exclusive content from its internal development team SG&E, beyond any near-term planned games.

Benchmarks at Phoronix and Phoronix Test Suite

  • Vulkan Ray-Tracing Along With Other New/Updated Benchmarks For February - Phoronix

    Below is a look at all of the updates now available via OpenBenchmarking.org for Phoronix Test Suite users or if simply wanting to go to the test profile pages to gauge the CPU/GPU performance in the different real-world workloads. All these updates are available to Phoronix Test Suite users automatically if on an Internet connection when the metadata automatically updates or by running phoronix-test-suite openbenchmarking-refresh to force refresh.

  • The Phoronix Test Suite Gains Vulkan Ray-Tracing Benchmarks

    The versatile Phoronix Test Suite, developed and used by the Linux news website Phoronix, has gained profiles for benchmarking Vulkan ray-tracing performance using two different benchmarks as well as the JPEG XL benchmarks. There's also updates to many of the existing tests as well as a new 10.2.2 release of the Phoronix Test Suite software. [...] Michael Larabel has also updated many existing benchmarks, including the ones for the commercial closed-source games Portal 2, Insurgency and Civilization VI, blender, the libavif AVIF image encoder, the dav1d AV1 video encoder, GROMACS (GROningen MAchine for Chemical Simulations), ParaView, V-RAY (commercial), Pennant (OpenMP benchmark), NWChem and the free software platform game DDraceNetwork.

today's howtos

  • How To Use chmod and chown Command in Linux

    How do I use chmod and chown command under Linux / Unix operating systems? Use the chown command to change file owner and group information. we run the chmod command command to change file access permissions such as read, write, and access. This page explains how to use chmod and chown command on Linux or Unix-like systems.

  • How To Add Route on Linux – devconnected

    As a network engineer, you probably spend a lot of time thinking and planning your network infrastructure. You plan how computers will be linked, physically using specific cables but also logically using routing tables. When your network plan is built, you will have to implement every single link that you theorized on paper. In some cases, if you are using Linux computers, you may have to add some routes in order to link it to other networks in your company. Adding routes on Linux is extremely simple and costless : you can use the Network Manager daemon (if you are running a recent distribution) or the ifconfig one. In this tutorial, you will learn how you can easily add new routes on a Linux machine in order to link it to your physical network.

  • syncing subtitles in freedom

    The topic of creating subtitles with Free Software has often come up in my circles of Emacs-oriented users, and I haven't had a good recommendation to share, until this idea hit me the other day. Subtitle files are largely blocks of start/end time associated with blocks of text. I figured, once you got a transcript, existing Emacs Org Mode features could be used, perhaps along with keyboard macros, to turn the transcript into a synced subtitle file.

  • How To Install Minecraft on Ubuntu 20.04 LTS [Ed: Proprietary and Microsoft; not an attractive option as Free/libre alternatives exist]

    In this tutorial, we will show you how to install Minecraft on Ubuntu 20.04 LTS. For those of you who didn’t know, Minecraft is the most popular sandbox video game developed by Mojang studios but later purchased by Microsoft. It can be used with all major platforms like Linux, macOS, and Windows. Most Minecraft players would agree that the secrete to the game’s success lies in its creativity-inspiring design. Players are free to explore a large, procedurally generated world made of blocks, each of which can be interacted with, moved, or transformed into resources for crafting. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Minecraft on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

  • Ubuntu: format SD card [Guide]

    Are you new to Ubuntu? Do you need to format your SD card but can’t figure out how to do it? If so, this guide is for you! Follow along as we go over a few ways you can format SD cards on Linux.

  • How to remove a remove apt repository from Debian

    Do you have an Apt repository on your Debian Linux PC that you want to delete? Can’t figure out how to do it? We can help! Follow along as we go over two ways you can remove Apt repositories from Debian!

  • The Raspberry PI Cheat Sheet – Raspberry PI User

    The Raspberry PI cheat sheet gives a quick overview of common commands, installation tips and links to guides to help you set up your Raspberry PI as a desktop computer.

  • Do a Kernel Upgrade the Easy Way in Linux Mint

    Upgrading the Linux kernel can be difficult, especially for new Linux users. In Linux Mint, however, it's possible to upgrade to a newer kernel with zero hassle. Today we'll find out how to do it, and what to do if you experience problems.