Next Page: 10000

          

Ambiano Kettle Popcorn Maker

 Cache   

Upcoming ALDI Finds

each $39.99 *

Description

  • Pops 10 cups
  • Removable plastic tray for easy serving
  • Easy-to-use crank handle to empty kettle after popping
  • Light switch illuminates interior while popping
  • Easy access door with handle
  • Stainless Steel nonstick kettle is easy to clean
  • Includes dual measuring spoon for accurate oil and kernel measuring
  • Product Code: 44210

          

Clancy's Popcorn Kernels

 Cache   

Upcoming ALDI Finds

each $1.59 *
32 oz.

Description

  • Product Code: 42530

          

Deepin, el Linux que acudió al rescate de Huawei cuando no pudo usar Windows y que ahora prepara su propio asistente de voz

 Cache   

Deepin, el Linux que acudió al rescate de Huawei cuando no pudo usar Windows y que ahora prepara su propio asistente de voz

Existen muchas distribuciones GNU/Linux enfocadas al usuario medio, aunque no tantas que ofrezcan lo que éste, acostumbrado a la facilidad de uso de los últimos Windows o a la refinada estética de los Mac, exige. Pero entre las pocas elegidas de esta breve lista encabezada por Ubuntu, en los últimos años ha empezado a destacar una pequeña distribución 'made in China' llamada Deepin.

Su ascenso se inició, irónicamente, cuando en 2015 dejó de estar basada en Ubuntu para pasar a estarlo, como esta última, en Debian, mejorando en el proceso el rendimiento y la experiencia de usuario. Si sumamos a eso su escritorio, posiblemente uno de los más bonitos del mundillo linuxero (desarrollado específicamente para esta distribución y llamado igual que ella) y su sencillo proceso de instalación, se explica el crecimiento exponencial de su base de usuarios.

Colaboración con Huawei y viejas acusaciones de 'spyware'

Pero ha sido este 2019 el año en que ha empezado a estar en boca de muchos que nunca se habrían preocupado de una pequeña distribución Linux, aunque en gran parte ha sido por un hecho ajeno a sus capacidades como sistema operativo: cuando la guerra comercial entre EE.UU. y China afectó de lleno a Huawei, limitando su acceso al software estadounidense, todos los ojos se volvieron hacia su departamento de smartphones y las repercusiones que eso tendría sobre su uso de Android.

Pero Huawei también es fabricante de portátiles, y ante la imposibilidad de acceder a licencias de Microsoft Windows, el pasado mes de septiembre las unidades de su gama Matebook salieron al mercado equipadas con Linux. Concretamente con la última versión de Deepin:

Huawei Linux 3

Ahora, en una entrevista realizada en Forbes esta misma semana a dos altos cargos de Wuhan Deepin Technology, la compañía desarrolladora de Deepin. Su responsable de desarrollo (Hualet Wang) y su director de tecnología (Raphael Zhang) han aprovechado para hablar de las repercusiones de esta colaboración con Huawei, y del futuro cercano de su distribución.

"Huawei es un socio de Deepin [...] y estamos colaborando estrechamente. [...] Estamos desarrollando sistemas operativos para dispositivos Huawei".

Ante la pregunta de que si eso supondrá que veremos más dispositivos Huawei con Deepin pre-instalado, la respuesta de Raphael Zhang se limita a "Es un secreto y no puedo decir nada todavía ;)". Oficialmente, los planes de Huawei pasaban por migrar sus portátiles y tablets a su propio sistema operativo HarmonyOS, aún en proceso de desarrollo, a lo largo de 2020.

Sin embargo, su vinculación con Huawei (acusada por el gobierno estadounidense de espionaje en favor del gobierno chino) ha reavivado viejas polémicas en torno a Wuhan Deepin Technology y su distribución. Tal como plantea Forbes, "parece que Deepin no puede escapar de las acusaciones de ser 'espía', y que genera un poco de desconfianza entre la gente debido a sus orígenes chinos".

A comienzos de 2018, un desarrollador anónimo afirmó, desde su página de GitHub, que la tienda de aplicaciones de Deepin 15.5 contenía un spyware que estaría realizando conexiones no cifradas con el rastreador chino CNZZ. Deepin aclaró al poco tiempo que el backend de su centro de software es una aplicación web y que CNZZ (básicamente, un equivalente chino de Google Analytics) sólo recogía datos referentes a la navegación, que se usaban con fines de mejora del servicio, como ocurre en cualquier web empresarial.

Sin embargo, las acusaciones de ser un 'software espía' han ido retornando periódicamente desde entonces, y su reciente vinculación a Huawei no ha ayudado, precisamente.

"Vamos a tratar de hacer nuestro software tan 'open source' como sea posible [...] pero algunos de nuestros programas tendrán que seguir siendo de código privativo, como los drivers de Nvidia y algunos programas populares de terceros".

"Animaremos a la gente a participar en el proceso de desarrollo de Deepin. Sobre los pocos que se nieguen a ver los hechos, tendremos que dejarles estar".

¿Qué novedades aportarán las próximas versiones de Deepin?

La comunidad global de usuarios de Deepin podrá experimentar en los próximos meses dos nuevas funcionalidades que marcarán la diferencia entre su distribución y otros 'sabores' de Linux.

Por un lado está Deepin Cloud Sync, un servicio que permite sincronizar autómaticamente toda clase de ajustes del sistema con la nube: desde la configuración del Wi-Fi o el ratón, a los ajustes de las actualizaciones, el tema y el fondo de escritorio, etc. Esta característica ya está disponible para los usurios chinos de Deepin, pero desde la compañía señalan que quieren hacerlo disponible a nivel internacional.

"Vamos a experimentar primero aquí en China antes de ponerlo disponible a una audiencia más amplia. También necesitamos tiempo para estudiar las leyes sobre privacidad de los diferentes países. No hemos decidido aún si estaría disponible sin [una cuenta] Deepin ID".

Por otro lado, una de las grandes novedades de la próxima versión (la 20) es que saldrá al mercado con su propio asistente de voz dotado de inteligencia artificial, al estilo de Cortana en Windows o de Siri en MacOS.

Lo sabemos exclusivamente por un vídeo íntegramente en chino difundido en el grupo Telegram de Deepin, en el que se muestra a un usuario preguntando a su sistema operativo y recibiendo respuestas tanto mediante texto (en una ventana emergente) como mediante voz. Pero este nuevo asistente (aún sin nombre, que sepamos) no se limita a solventar dudas con cierta solvencia: también abre páginas web o pantallas de configuración del sistema a petición del usuario, incluso parece redactar e-mails al dictado.

Imagen | Cristoph Michels

También te recomendamos

Llega HarmonyOS: el sistema operativo open source de Huawei basado en el kernel de Linux

[Actualizado] Huawei desmiente que vaya a lanzar su sistema operativo el próximo mes

El veto de EEUU a Huawei nos enseña las consecuencias de un mundo del software oligopólico, y eso no es bueno para los usuarios

-
La noticia Deepin, el Linux que acudió al rescate de Huawei cuando no pudo usar Windows y que ahora prepara su propio asistente de voz fue publicada originalmente en Genbeta por Marcos Merino .


          

Cloudmin GPL install fails on fresh Centos 7 box

 Cache   

I have a fresh install of Centos 7. I have already installed Xen, using these instructions: https://wiki.centos.org/HowTos/Xen/Xen4QuickStart

I downloaded cloudmin-gpl-redhat-install.sh but it seems to want to install Centos 6 stuff.

Specifically, it says: "Enabling Xen kernel repo for CentOS 6 " which is not gonna work. The install script fails a few lines later.

Below is the result when I run the install script.

Reporter: 
bob7123
Created: 
Sat, 11/30/2019 - 13:36
Updated: 
Sat, 11/30/2019 - 13:36

          

6UL PHY device tree and driver change

 Cache   
Currently changing the Ethernet PHY on a board with a connect core 6ul

The original design has the same Ethernet arrangement as the starter kit using a lan8720

Its desired to connected a TI DP83848 in its place.

I have modified the device tree to reference a different phy

ethphy0: ethernet-phy@0 {
compatible = "ethernet-phy-ieee802.3-c22";
dp83848;
reg = <0>;
};

also set CONFIG_DP83848_PHY=y in my defconfig.

compiled with latest dey (2.6-r2)

I have loaded the image onto the device and verified that the dp83848 has been compiled into the kernel drivers.

I get the error
`fec 2188000.ethernet eth0: Unable to connect to phy`
after boot.

Have i missed a step in the device tree for this to work? or are there any additional commands that can be run to debug connected devices?


Many Thanks

Phil
          

Wine Patches Coming To Allow UMIP Emulation - Works Around Issues For Ryzen 3000

 Cache   
Phoronix: Wine Patches Coming To Allow UMIP Emulation - Works Around Issues For Ryzen 3000 Coming up this weekend with the Linux 5.4 kernel is...
          

Onebase Linux

 Cache   
Web site: onebaselinux.com (not active) Origin: India Category: Desktop Desktop environment: KDE Architecture: x86 Based on: Independent Wikipedia: Media: Install The last version | Released: 1.0 | August 17, 2005 Onebase Linux – a multi-purpose operating system (OS) based on the linux kernel for PC (x86) with its own package management and administration tools. Main ... Read moreOnebase Linux
          

AVG Rescue CD

 Cache   
Web site: avg.com/en-ww/homepage Origin: Czech Republic Category: Rescue Desktop environment: CLI Architecture: x86 Based on: Independent ? Wikipedia: Media: Live CD The last version | Released: ? | April 21, 2016 Zobacz po polsku: AVG Rescue CD AVG Rescue CD – a bootable live CD/USB disk, based on the Linux kernel and allows you to ... Read moreAVG Rescue CD
          

Klima-Steuergesetze im Bundesrat vorerst gestoppt

 Cache   
Die Bundesländer wollen zu Kernelementen des Klimapakets den Vermittlungsausschuss hinzuholen.
          

[리눅스커널] 안드로이드/라즈베리 파이 부팅 실패 100% 해결하는 디버깅 패치

 Cache   
Overview

많은 개발자들은 '브링업'이란 개발 업무를 맡고 있습니다. 이 과정에서 다음과 같은 어려움을 많이 겪습니다.

   * 보드 브링업을 하다 보니 컴퓨터의 시작 화면까지 보이지 않는다.
   * 부팅 과정에서 출력하는 화면이 계속 출력된다.

이런 이슈를 겪은 적이 있나요? 보통 이런 상황을 겪으면 굉장히 답답하고 짜증이 납니다. 그 이유는 무엇일까요?

   * 뭔가 문제가 생겨서 부팅이 안되는 상황인데 그 원인을 파악하기 어렵기 때문입니다. 

달리 말씀을 드리면 정확히 어디에 문제가 생겨서 부팅이 안되는지 알 수 없기 때문입니다. 이번 포스팅에서는 이런 상황에서 사용하면 아주 유용한 커널 패치를 소개합니다.

아이디어 

안드로이드나 라즈비안 타겟 부팅 과정에서 init이나 systemd 프로세스가 *.rc나 *.sh 셸 스크립트를 실행하면서 각종 서비스나 프로세스를 초기화합니다. 하지만 리눅스 커널 입장에서는 위 레이어에 안드로이드나 라즈비안 혹은 우분투가 돌아가는지 모릅니다. 이를 다음과 같이 요약해 볼까요?

    "유저 공간에서 프로세스나 스레드 생성 요청이 오면 이를 생성한다."
    "'실행 파일'을 실행할 때 커널은 말 그대로 실행시켜준다."

만약 안드로이드에서 각종 서비스를 실행할 때 커널은 이를 어떻게 처리할까요?

   * /system/bin/sh 파일 처럼 실행할 뿐입니다. 

커널 패치

서론이 길었는데, 먼저 커널 패치 코드를 소개합니다.

diff --git a/fs/exec.c b/fs/exec.c
index 77c03ce..49b51ce 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1681,6 +1681,37 @@ int search_binary_handler(struct linux_binprm *bprm)
 }
 EXPORT_SYMBOL(search_binary_handler);

+#define PROCESS_ARG_BUFF_SIZE 128
+
+void get_process_exec_profile(const char *fname)
+{
+       char process_arg_buf[PROCESS_ARG_BUFF_SIZE] = {0,};
+       int len = 0;
+
+       len = get_cmdline(current, process_arg_buf, PROCESS_ARG_BUFF_SIZE -1);
+
+    if(len == 0) {
+               pr_info("[-] Error: len: %d \n", len);
+               return;
+       }
+
+       if(!fname) {
+               pr_info("[-] Error: fname null \n");
+               return;
+       }
+
+       if (len > PROCESS_ARG_BUFF_SIZE)
+               len = PROCESS_ARG_BUFF_SIZE;
+
+       process_arg_buf[len] = '\0';
+
+       pr_info("[exec:%s-%d] exec_file: %s, arg: [%s] \n",
+                                       current->comm, current->pid, fname, process_arg_buf);
+}
+#endif
+
+
 static int exec_binprm(struct linux_binprm *bprm)
 {
        pid_t old_pid, old_vpid;
@@ -1698,6 +1729,9 @@ static int exec_binprm(struct linux_binprm *bprm)
                trace_sched_process_exec(current, old_pid, bprm);
                ptrace_event(PTRACE_EVENT_EXEC, old_vpid);
                proc_exec_connector(current);
+               get_process_exec_profile(bprm->filename);
        }

        return ret;

패치 코드의 내용은 실행 파일과 실행 파일에 적용되는 아규먼트 옵션을 커널 로그로 출력해주는 것입니다.

커널 로그 확인

커밋을 반영하고 커널 로그를 받아보면 아래와 같은 시그니처를 볼 수 있습니다. 참고로 아래 로그는 안드로이드 디바이스에서 받았습니다.

2735:[   77.839144 / 01-01 06:09:53.099][6] [exec:init-1] exec_file: /init, arg: [/init]
2748:[   78.472964 / 01-01 06:09:53.739][7] [exec:init-1] exec_file: /system/bin/init, arg: [/system/bin/init]
2761:[   78.957614 / 01-01 06:09:54.229][7] [exec:init-1] exec_file: /system/bin/init, arg: [/system/bin/init]
2776:[   79.170175 / 01-01 06:09:54.429][1] [exec:init-542] exec_file: /system/bin/init, arg: [/system/bin/init]
2777:[   79.172863 / 01-01 06:09:54.439][3] [exec:init-543] exec_file: /system/bin/init, arg: [/system/bin/init]
2780:[   79.298571 / 01-01 06:09:54.559][1] [exec:ueventd-544] exec_file: /system/bin/ueventd, arg: [/system/bin/ueventd]
2781:[   79.317985 / 01-01 06:09:54.579][0] [exec:apexd-545] exec_file: /system/bin/apexd, arg: [/system/bin/apexd]
2804:[   79.584330 / 01-01 06:09:54.849][1] [exec:modprobe-546] exec_file: /vendor/bin/modprobe, arg: [/vendor/bin/modprobe]
2828:[   80.124861 / 01-01 06:09:55.389][2] [exec:modprobe-555] exec_file: /vendor/bin/modprobe, arg: [/vendor/bin/modprobe]
3518:[  385.662491 / 01-01 06:15:00.929][5] [exec:servicemanager-562] exec_file: /system/bin/servicemanager, arg: [/system/bin/servicemanager]
3519:[  385.675577 / 01-01 06:15:00.939][6] [exec:logd-560] exec_file: /system/bin/logd, arg: [/system/bin/logd]
3520:[  385.675634 / 01-01 06:15:00.939][7] [exec:hwservicemanage-563] exec_file: /system/bin/hwservicemanager, arg: [/system/bin/hwservicemanager]
3522:[  385.711358 / 01-01 06:15:00.979][5] [exec:vndservicemanag-564] exec_file: /vendor/bin/vndservicemanager, arg: [/vendor/bin/vndservicemanager]
3524:[  385.763532 / 01-01 06:15:01.029][6] [exec:android.hardwar-567] exec_file: /vendor/bin/hw/android.hardware.keymaster@4.0-service-qti, arg: [/vendor/bin/hw/android.hardware.keymaster@4.0-service-qti]
3525:[  385.764325 / 01-01 06:15:01.029][4] [exec:android.hardwar-569] exec_file: /vendor/bin/hw/android.hardware.keymaster@4.0-strongbox-service-qti, arg: [/vendor/bin/hw/android.hardware.keymaster@4.0-strongbo
x-service-qti]
3527:[  385.843622 / 01-01 06:15:01.109][6] [exec:vold-574] exec_file: /system/bin/vold, arg: [/system/bin/vold]
3532:[  385.929238 / 01-01 06:15:01.189][4] [exec:e2fsck-589] exec_file: /system/bin/e2fsck, arg: [/system/bin/e2fsck]
3547:[  386.199287 / 01-01 06:15:01.459][6] [exec:vdc-597] exec_file: /system/bin/vdc, arg: [/system/bin/vdc]
3557:[  386.342132 / 01-01 06:15:01.609][6] [exec:recovery-refres-598] exec_file: /system/bin/recovery-refresh, arg: [/system/bin/recovery-refresh]
3559:[  386.364102 / 01-01 06:15:01.629][4] [exec:spdaemon-599] exec_file: /vendor/bin/spdaemon, arg: [/vendor/bin/spdaemon]
3560:[  386.375250 / 01-01 06:15:01.639][4] [exec:sec_nvm-600] exec_file: /vendor/bin/sec_nvm, arg: [/vendor/bin/sec_nvm]
3563:[  386.412097 / 01-01 06:15:01.679][7] [exec:ipacm-diag-601] exec_file: /system/vendor/bin/ipacm-diag, arg: [/system/vendor/bin/ipacm-diag]
3565:[  386.414373 / 01-01 06:15:01.679][5] [exec:android.hardwar-603] exec_file: /vendor/bin/hw/android.hardware.atrace@1.0-service, arg: [/vendor/bin/hw/android.hardware.atrace@1.0-service]
3566:[  386.418336 / 01-01 06:15:01.679][5] [exec:ipacm-602] exec_file: /system/vendor/bin/ipacm, arg: [/system/vendor/bin/ipacm]
3567:[  386.436995 / 01-01 06:15:01.699][1] [exec:android.hardwar-604] exec_file: /vendor/bin/hw/android.hardware.boot@1.0-service, arg: [/vendor/bin/hw/android.hardware.boot@1.0-service]
3568:[  386.443772 / 01-01 06:15:01.709][5] [exec:wait_for_keymas-607] exec_file: /system/bin/wait_for_keymaster, arg: [/system/bin/wait_for_keymaster]

그렇다면 위 로그를 어떻게 해석할까요? 한 가지 예를 들겠습니다.

[  385.662491 / 01-01 06:15:00.929][5] [exec:servicemanager-562] exec_file: /system/bin/servicemanager, arg: [/system/bin/servicemanager] 

서비스 매니저가 실행됐다는 정보입니다. arg는 파일을 실행할 때의 아규먼트입니다.
이번에 다른 로그를 봅시다.

[  400.060155 / 01-01 06:15:14.839][4] [exec:init.rpi_device.crash-1144] exec_file: /vendor/bin/init.rpi_device.crashdata.sh, arg: [/vendor/bin/sh]

'/vendor/bin/init.rpi_device.crashdata.sh' 셸 스크립트를 init.rpi_device.crash.sh 스크립트가 실행합니다.

부팅하고 난 다음에 다음 시그니처도 확인할 수 있습니다. 
[  442.944003 / 07-30 05:19:25.069][3] [exec:crash_dump64-4141] exec_file: /system/bin/crash_dump64, arg: [crash_dump64]

유저 공간에서 Tombstone이 떨어졌다는 사실을 알 수 있습니다.

다음은 가장 흥미로운 로그입니다.
[  450.178083 / 07-30 05:19:32.299][2] [exec:sh-4946] exec_file: /system/bin/sh, arg: [/system/bin/sh]
[  450.224563 / 07-30 05:19:32.349][7] [exec:dmesg-4946] exec_file: /system/bin/dmesg, arg: [dmesg]

위 로그는 다음 명령어를 실행했다는 사실을 알려줍니다.
      adb shell dmesg > kernel_log.c

결론

이 패치를 적용하면 커널 로그를 통해 임베디드 리눅스의 어떤 배포판(안드로이드, 라즈비안)이던 부팅 과정을 확인할 수 있습니다. 리눅스 시스템 개발자들이여, 비슷한 문제를 겪으면 이 패치을 적용해 조금 더 일찍 퇴근합시다. 

패치 설명 동영상


          

[리눅스] 모듈 방식 드라이버를 설치할 때 커널 코드 분석(sys_init_module)

 Cache   
터미널에서 'insmod module.ko' 명령어를 입력하면 모듈 형식 드라이버를 설치할 수 있습니다. 이번 포스팅에서는 이 과정에서 호출되는 함수를 분석합니다.

TRACE32로 콜스택 확인

먼저 콜스택을 보겠습니다.

-000|NSR:0xBF03B114(asm)  // <<--
-001|do_one_initcall_debug(inline)
-001|do_one_initcall(fn = 0xBF03B000)
-002|do_init_module(inline)
-003|load_module(info = 0xDE895F48, ?, ?)
-004|sys_init_module(umod = -1227014136, len = 284732, uargs = -1097475832)
-005|ret_fast_syscall(asm)

insmod에 대응하는 시스템 콜 핸들러인 sys_init_module() 함수가 호출된다는 사실을 알 수 있습니다.

sys_init_module() 함수 

먼저 sys_init_module() 함수를 보겠습니다.

https://elixir.bootlin.com/linux/v5.4/source/kernel/module.c
SYSCALL_DEFINE3(init_module, void __user *, umod,
        unsigned long, len, const char __user *, uargs)
{
    int err;
    struct load_info info = { };

    err = may_init_module();
    if (err)
        return err;

    pr_debug("init_module: umod=%p, len=%lu, uargs=%p\n",
           umod, len, uargs);

    err = copy_module_from_user(umod, len, &info);
    if (err)
        return err;

    return load_module(&info, uargs, 0);
}

모듈 형식 드라이버의 기본 속성 정보를 저장한 후 load_module() 함수를 호출합니다.

https://elixir.bootlin.com/linux/v5.4/source/kernel/module.c
static int load_module(struct load_info *info, const char __user *uargs,
               int flags)
{
    struct module *mod;
    long err = 0;
    char *after_dashes;

    err = elf_header_check(info);

...
    /* Get rid of temporary copy. */
    free_copy(info);

    /* Done! */
    trace_module_load(mod);

    return do_init_module(mod);

load_module() 함수의 전체 코드를 보면 모듈 드라이버 파일이 오염됐다고 가정하고 다양한 방식으로 예외 처리 코드를 수행합니다.
이 함수에서 체크하는 정보는;
   * 모듈 파일의 해더 정보
   * SIGNATURE 정보
   * 섹션 정보

do_init_module() 함수 

do_init_module() 함수는 모듈 드라이버를 실행시키는 출발점입니다.
이 함수에서 모듈 드라이버의 module_init() 으로 지정된 함수를 호출합니다. do_init_module() 함수를 보겠습니다.

https://elixir.bootlin.com/linux/v5.4/source/kernel/module.c
/*
 * This is where the real work happens.
 *
 * Keep it uninlined to provide a reliable breakpoint target, e.g. for the gdb
 * helper command 'lx-symbols'.
 */
static noinline int do_init_module(struct module *mod)
{
    int ret = 0;
    struct mod_initfree *freeinit;

    freeinit = kmalloc(sizeof(*freeinit), GFP_KERNEL);
    if (!freeinit) {
        ret = -ENOMEM;
        goto fail;
    }
    freeinit->module_init = mod->init_layout.base;

    /*
     * We want to find out whether @mod uses async during init.  Clear
     * PF_USED_ASYNC.  async_schedule*() will set it.
     */
    current->flags &= ~PF_USED_ASYNC;

    do_mod_ctors(mod);
    /* Start the module */
    if (mod->init != NULL)
        ret = do_one_initcall(mod->init);
    if (ret < 0) {
        goto fail_free_freeinit;
    }

핵심 코드는 보시다시피 do_one_initcall() 함수를 호출하는 부분입니다.

디버깅 포인트 

실전 개발에서 다음과 같은 상황을 겼을 수 있습니다. 

   * 모듈 드라이버가 특정 조건에서 설치가 안된다.
   * 모듈 드라이버를 설치할 때 예상치 못한 오류 메시지와 함께 설치가 안된다.

이때 위에서 분석한 함수에 커널 로그를 추가한 후 디버깅을 하면 됩니다.

혹시 이런 문제를 겪으면 당황하지 맙시다. 
'로그 추가' + '테스트'를 무한 반복하면 언젠가는 문제는 반드시 해결됩니다.

          

[Trace32][ARMv7-32비트] MMU CP15 레지스터 파악하기 - 리눅스 커널 디버깅

 Cache   
이전 포스팅

이전 포스팅에서 Trace32에서 유저 공간의 콜스택을 볼 수 있는 설정 방법을 소개했습니다. 요약하면 다음과 같이 가상 메모리를 관리하는 MMU CP15 레지스터의 주소를 지정해야 합니다.

* 레지스터 종류
System Control Register   
Translation Table Base Register 1
Translation Table Base Register 0 
Translation Table Base Control Register

* 명령어
PER.Set.simple C15:0x1 %Long 0x30c0383d  // System Control Register
PER.Set.simple C15:0x102 %Long 0xdeadbeef // TTBR1 Register
PER.Set.simple C15:0x2 %Long 0x12346240  // TTBR0 Register
PER.Set.simple C15:0x202 %Long  0x43214320 // TTBCR Register

이번에는 위 레지스터를 알아 낼 수 있는 패치 코드를 소개합니다.
아래 패치는 ARMv7 32 비트 아키텍처에서 구동되는 라즈비안(라즈베리 파이)에서 작성됐습니다.

diff --git a/arch/arm/kernel/process.c b/arch/arm/kernel/process.c
index 82ab015..4465b68 100644
--- a/arch/arm/kernel/process.c
+++ b/arch/arm/kernel/process.c
@@ -56,6 +56,8 @@ static const char *isa_modes[] __maybe_unused = {
   "ARM" , "Thumb" , "Jazelle", "ThumbEE"
 };

+static unsigned int sctrl_reg, ttbr0_reg, ttbr1_reg, ttbcr_reg;
+
 /*
  * This is our default idle handler.
  */
@@ -180,8 +182,15 @@ void __show_regs(struct pt_regs *regs)
                }
 #endif
                asm("mrc p15, 0, %0, c1, c0\n" : "=r" (ctrl));
-
                printk("Control: %08x%s\n", ctrl, buf);
+
+               asm volatile ("mrc p15, 0, %0, c1, c0, 0\n" : "=r" (sctrl_reg));
+               asm volatile ("mrc p15, 0, %0, c2, c0, 0\n" : "=r" (ttbr0_reg));
+               asm volatile ("mrc p15, 0, %0, c2, c0, 1\n" : "=r" (ttbr1_reg));
+               asm volatile ("mrc p15, 0, %0, c2, c0, 2\n" : "=r" (ttbcr_reg));
+
+               pr_err("TTBR1: %08x  TTBCR: %08x\n", ttbr1_reg, ttbcr_reg);
+               pr_err("SCTRL: %08x  TTBR0: %08x\n", sctrl_reg, ttbr0_reg);
        }
 #endif
 }

물론 위 패치 코드를 반영한 후 컴파일 에러 없이 정상적으로 빌드가 되는 것을 확인했습니다.
그럼 이 패치 코드를 어떻게 활용해 MMU CP15 레지스터를 파악할 수 있을까요?

위 패치 코드에서 +로 표시된 부분을 복사해;

   1. 인라인 함수를 작성해 특정 코드에서 실행하게 하면 바로 MMU CP15 레지스터를 알 수 있습니다.
   2. 아래 전역 변수를 읽어서 MMU 레지스터를 설정하면 됩니다. 
       static unsigned int sctrl_reg, ttbr0_reg, ttbr1_reg, ttbcr_reg;

코어 덤프나 램덤프를 Trace32로 로딩할 때 이 방식을 활용하면 좋습니다.

          

Does The R4 Revolution Work On The 3DS

 Cache   

One of the biggest questions we are asked is Does the R4 Revolution work on the 3DS?  It is a perfectly valid question.  There are a lot of different R4 DS and R4 3DS cards available and it can get pretty confusing as to which cards work on which consoles.  The R4 DS was released at a time when the 3DS was likely not even a thought in developers minds.  As such, it would be very hard for the R4 DS card to predict or anticipate what it needed to have in order to ensure compatibility with a system that was not yet released.

Therefore, the short answer to the question Does The R4 Revolution Work On The 3DS is no, it does not.  Keep reading though to find out about all of the R4 cards that DO work on the 3DS as well as the 2DS systems.  

The situation was similar to the release of the DSi systems.  The original R4 Revolution DS was not compatible with the newer DSi consoles.  It required a new hardware revision in order to make it fully compatible.  Without hardware change it never would have worked.

r4 revolution ds

The R4 3DS cards were released as an upgrade to the R4 DS Revolution cards.  Much like when the DSi was released and our R4i Cards were released, the R4 3DS was the answer to the new Nintendo 3DS consoles.  And with the 3DS support, the 3DS XL and the 2DS consoles are both supported.

It is important to note that while the R4 DS does NOT work on the 3DS systems, all of the newer R4 3DS cards are fully backwards compatible with the DS and the DSi consoles.  This means that you can use it in system, from the Original DS, the DS Lite, DSi, DSi XL and of course all of the 3DS and 2DS handhelds.

These are the following R4 Revolution cards that work on the 3DS console.  Each of the support even the latest 3DS updated system software version.  If you currently have the original R4 Revolution for DS, you will still be able to use it in a DS Lite, or could sell it with your DS Lite console as a package bundle and upgrade yourself to the newer R4 3DS cards that are compatible with the 3DS.

r4 3ds

The R4 3DS card was one of the first cards that worked on the 3DS systems.  It offers all of the same features and functions as the R4 Revolution DS card did, with the added benefit of much newer firmware kernels and of course full support for the 3DS, 3DS XL, 2DS and the 2DS XL systems.

R4i Gold Plus card

Another one of our customers favorites.  The R4i Gold 3DS Plus card is the newest in the line of the R4i Gold 3DS brand cards.   This card replaced the original R4i Gold 3DS by adding an internal switch that switches it from a regular flashcart to an NTRBoot compatible card quickly and easily - without having to flash the card itself.

R4i Gold Pro

For those of us that like the GOLD brand cards, this is another R4 3DS GOLD version. The Newest R4i Gold 3DS Pro offers up another option for gamers.  It does come with the added bonus of being part of our Buy 2 Get 1 FREE promotion and makes a great birthday or Christmas gift.  Especially if you're looking to buy a few cards for various friends and family.

R4 3DS Dual Core Cards

The R4 3DS DUAL CORE is our customer favorite, and one of our very best sellers.  Our newest 4.0b firmware update also does away with some of the minor bugs and the date bug on these cards.  The dual processing power of the authentic dual-core card makes it a fantastic option for using some of the most powerful emulators and has great compatibility with the 2DS, 2DS XL, 3DS and 3DS XL systems.

R4 3DS RTS

Much like the R4 3DS Dual Core, the R4 3DS RTS card offers up an easy to use menu system and full support for even the newest 3DS system software versions.  It also happens ot be another one of our customers favorite cards.  The R4 3DS RTS card, like the other cards in this post, is also backwards compatible with the DS and DSi systems.

This brings us to the end of the quest to find an R4 DS card that will work with the 3DS systems.  If you have an older R4 card, the only way you would be able to ue an R4 on your 3DS is to purchase a new compatible one.  As I mentioned earlier, you can sell your old R4 card to put towards a 3DS compatible card which will likely mean having to add just a few dollars out of pocket to be upgraded to a brand new card.

Enjoy, and keep on playing!   We'll be adding some more amazing new homebrew and freeware games to our 3DS homebrew section in the next coming week as well!  We have also updated the emulation section with some great emulators for classic computer systems such as the Apple II and the ZX Spectrum.  We'll be adding even more in the coming weeks.

If you have any additional questions or comments, please don't hesitate to contact us.  We're here to help.


          

Optimizing Finite Volume Method Solvers on Nvidia GPUs

 Cache   
As scientific applications are increasingly ported to GPUs to benefit from both the powerful computing capacity and high throughput, accelerating explicit solvers for GPU-based finite volume methods is gaining more and more attention. In this paper, based on the detailed analysis of the FVM algorithm, we present a set of novel optimization methods, including the explicit data cache mechanism, optimal global memory loading strategy, as well as the inner-thread rescheduling method, which derives a suitable mapping from the solver algorithm to the underlying GPU hardware architecture, so as to remarkably improve the solving performance of structured mesh based FVM. We demonstrate the impact of our tuning techniques on two widely-used atmospheric dynamic kernels (3-D Euler and 2-D SWE) on five kinds of mainstream GPU platforms, and make a detailed analysis of the different tuning methodologies so as to demonstrate how to select the proper tuning strategy to different applications on various GPU platforms. Specifically, 93.9x speedup is achieved for the 3D Euler solver on Nvidia V100 over one 12-core Intel E5-2697 (v2) CPU, which is a 77 percent improvement compared with the original speedup without adopting the tuning techniques presented in this work.
          

Resource-Aware Scheduling for Dependable Multicore Real-Time Systems: Utilization Bound and Partitioning Algorithm

 Cache   
As the computing devices and software executions are susceptible to manifold faults, fault tolerance has been an important research topic in safety-critical real-time systems. Moreover, multicore processors have recently emerged as prevailing computing engines for modern embedded systems. However, there exists rather rare work on the fault-tolerant scheduling of real-time tasks executing on multicores with shared resources, where the task synchronization originated from resource access contention may significantly degrade the schedulability of task system. With the focus on the partitioned-EDF scheduler with the MSRP (Multiprocessor Stack Resource Policy) protocol and primary/backup recovery mechanism, we first investigate a utilization bound and then identify its anomaly where the bound may decrease when more cores are deployed. Next, following the insights gained by the analysis of the bound, we propose a reliability and synchronization aware task partitioning algorithm (RSA-TPA) together with an efficient version to implement the joint management of task synchronization and system reliability, where several resource-oriented heuristics are developed to improve both the schedulability performance and workload balancing. The extensive simulation results show that the RSA-TPA schemes can obtain higher acceptance ratio (e.g., 60 percent more) and generate more balanced partitions, when compared to the existing schemes that consider either reliability management or task synchronization. Finally, with the different fault arrival rates being considered, the actual implementation in Linux kernel further demonstrates the applicability of RSA-TPA that has lower run-time overhead (e.g., 20 percent less) in comparison with other mapping algorithms.
          

Analysis of nonstandardized stress echocardiography sequences using multiview dimensionality reduction

 Cache   
Analysis of nonstandardized stress echocardiography sequences using multiview dimensionality reduction Nogueira, Mariana; De Craene, Mathieu; Sanchez Martinez, Sergio; Chowdhury, Devyani; Bijnens, Bart; Piella Fenoy, Gemma Alternative stress echocardiography protocols such as handgrip exercise are potentially more favorable towards large-scale screening scenarios than those currently adopted in clinical practice. However, these are still underexplored because the maximal exercise levels are not easily quantified and regulated, requiring the analysis of the complete data sequences (thousands of images), which represents a challenging task for the clinician. We propose a framework for the analysis of these complex datasets, and illustrate it on a handgrip exercise dataset including complete acquisitions of 10 healthy controls and 5 ANT1 mutation patients (1377 cardiac cycles). The framework is based on an unsupervised formulation of multiple kernel learning, which is used to integrate information coming from myocardial velocity traces and heart rate to obtain a lower-dimensional representation of the data. Such simplified representation is then explored to discriminate groups of response and understand the underlying pathophysiological mechanisms. The analysis pipeline involves the reconstruction of population-specific signatures using multiscale kernel regression, and the clustering of subjects based on the trajectories defined by their projected sequences. The results confirm that the proposed framework is able to detect distinctive clusters of response and to provide insight regarding the underlying pathophysiology. Data de publicació electrònica: 6 de novembre de 2019
          

Bull Power Delay creme 30ml

 Cache   

Bull Power Delay creme

Vandbaseret glidecreme med bedøvende effekt, som kan bruges på penis for at nedsætte følelses og dermed forlænge samlejet.

Smøres på penis 10-15min før ønsket effekt.

Kan bruges med kondom.

30ml

Ingredienser:
aqua,peg-7 glyceryl cocoate,peg-40 hydrogenated castor oil, laureth-9,accrylate/c10-30 alkyl acrylate crosspolymer, alcohol, aminomethyl propanol, avena sativa kernel extract, carbomer, glycerin, humulus lupulus cone extract, limonene, mentha piperita oil, tocopherol, benzyl alcohol, ethylhexylglycerin


          

Earthly Body Massage & Body Oil 237ml - Naked in the woods

 Cache   

Earthly Body Massage & Body Oil 237ml - Naked in the woods

Earthly Body naturlige og professionelle massageolie bruger den fineste blanding af vitaminrige olier for at give en uovertruffen og gennemtrængende blødhed. Denne ikke fedtende hamp olie formel efterlader huden glat og smidig efter massage.

Hvorfor nøjes med kedelige og intetsigende massageolie, når du kan forkæle dig selv med de fineste af naturlige ingredienser, og dufte, der passer hver humør? Denne fantastisk duftende og professionelle massageolie er 100 procent vegansk og fri for skadelige ingredienser såsom parabener, mineralolie, farvestoffer, phthalater, propylenglycol, sulfater og alkohol.

Massage & Body Oil effektive ingredienser er perfekt til selv de mest følsomme og sensitive hud.

Den blødgørende olieblanding bearbejder huden og giver overlegen glans uden at huden føles fedtet efter massage. Mandelolie blødgør huden og fremmer hudens styrke med nærende E-vitamin og D, samt anti-aging vitaminet A.
Omega 3, 6 9 fedtsyrer findes i hampfrøolie og virker som et anti-inflammatorisk middel og beroligende på irriteret og følsom hud. Linolsyre, oliesyre og vitamin A og E findes i Abrikos olie hjælper huden genvinde sin elasticitet, klarhed og smidighed. Rosemary olie stimulerer blodgennemstrømningen og forynger og dermed styrker massage oplevelsen. Vindruekerneolie indeholder anti-aging polyphenoler og C-vitamin og hjælper med at forhindre tilstoppede porer, og antioxidanter hjælpe bremse aldringsprocessen.

Ingredienser: Prunus Amygdalus Dulcis Oil, Prunus Armenica Kernel Oil, Vitis Vinifera Seed Oil, Cannabis Sativa Seed Oil, Persea gratissima Olie, Sesamum indicum Seed Oil, Parfum, tocopherol, Rosmarinus Officinalis Leaf Oil


          

Earthly Body Massage & Body Oil 237ml - Guavalava

 Cache   

Earthly Body Massage & Body Oil 237ml - Guavalava

Earthly Body naturlige og professionelle massageolie bruger den fineste blanding af vitaminrige olier for at give en uovertruffen og gennemtrængende blødhed. Denne ikke fedtende hamp olie formel efterlader huden glat og smidig efter massage.

Hvorfor nøjes med kedelige og intetsigende massageolie, når du kan forkæle dig selv med de fineste af naturlige ingredienser, og dufte, der passer hver humør? Denne fantastisk duftende og professionelle massageolie er 100 procent vegansk og fri for skadelige ingredienser såsom parabener, mineralolie, farvestoffer, phthalater, propylenglycol, sulfater og alkohol.

Massage & Body Oil effektive ingredienser er perfekt til selv de mest følsomme og sensitive hud.

Den blødgørende olieblanding bearbejder huden og giver overlegen glans uden at huden føles fedtet efter massage. Mandelolie blødgør huden og fremmer hudens styrke med nærende E-vitamin og D, samt anti-aging vitaminet A.
Omega 3, 6 9 fedtsyrer findes i hampfrøolie og virker som et anti-inflammatorisk middel og beroligende på irriteret og følsom hud. Linolsyre, oliesyre og vitamin A og E findes i Abrikos olie hjælper huden genvinde sin elasticitet, klarhed og smidighed. Rosemary olie stimulerer blodgennemstrømningen og forynger og dermed styrker massage oplevelsen. Vindruekerneolie indeholder anti-aging polyphenoler og C-vitamin og hjælper med at forhindre tilstoppede porer, og antioxidanter hjælpe bremse aldringsprocessen.

Ingredienser: Prunus Amygdalus Dulcis Oil, Prunus Armenica Kernel Oil, Vitis Vinifera Seed Oil, Cannabis Sativa Seed Oil, Persea gratissima Olie, Sesamum indicum Seed Oil, Parfum, tocopherol, Rosmarinus Officinalis Leaf Oil


          

Linux Privilege Escalation using Capabilities

 Cache   

In this article, we will discuss the mechanism of “capability” and Privilege escalation by abusing it. As we know when the system creates a work context for each user where they achieve their tasks with the privileges that are assigned to them. So, to provide some specific functionalities, it is necessary for a non-privileged user to sometimes temporarily acquire a superuser profile to perform a specific task.

This functionality mainly can be achieved by assigning privileges through sudo, or setuid permissions to an executable file which allows the user to adopt the role of the file owner.

To accomplish the same task in a more secure way the system admin uses “capability” which plays an effective role in the security of Linux based operating systems.

Table of Content

Introduction to Capability

  • What is capability?
  • Difference between capability and SUID.
  • Use of capabilities.
  • Working with capability
  • List of capability

Abusing capability for Privilege Escalations

  • Python3
  • Perl
  • Tar

Introduction to Capability

What is capability in Linux

Before capabilities, we only had the binary system of privileged and non-privileged processes and for the purpose of performing permission checks, traditional UNIX implementations distinguish two categories of processes: privileged processes that referred as superuser or root and unprivileged processes (whose effective UID is nonzero).

Capabilities are those permissions that divide the privileges of kernel user or kernel level programs into small pieces so that a process can be allowed sufficient power to perform specific privileged tasks.

Difference between capability and SUID

SUID: SUID stands for set user ID and allows users to execute the file as the file owner. This is defined as giving temporary access to a user to run a program/file with the permissions of the file’s owner rather than the user who runs it. This can easily be detected by the use of the “Find” command. To find all files with SUID set in the current directory we can use-perm option which will print files only with permissions set to 4000.

Capability: Security of Linux systems can be improved by using many actions. One of these measures is called Linux capabilities which are maintained by the kernel. In other words, we can say that they are a little unintelligible but similar in principle to SUID. Linux’s thread privilege checking is based on capabilities.

Uses of capabilities

Capabilities work by breaking the actions normally reserved for root down into smaller portions. The use of capabilities is only beginning to drop into userland applications as most system utilities do not shed their root privileges. Let’s move ahead that how we can use this permission more into our task.

Limited user’s permission: As we know Giving away too many privileges by default will result in unauthorized changes of data, backdoors and circumventing access controls, just to name a few. So to overcome this situation we can simply use the capability to limited user’s permission.

Using a fine-grained set of privileges: Use of capability can be more clearly understood by another example. Suppose a web server normally runs at port 80 and we also know that we need root permissions to start listening on one of the lower ports (<1024). This web server daemon needs to be able to listen to port 80. Instead of giving this daemon all root permissions, we can set a capability on the related binary, like CAP_NET_BIND_SERVICE. With this specific capability, it can open up port 80 in a much easier way.

Working with capability

The operation of capabilities can be achieved in many ways. Some of them are listed below:

Assigning and removing capability: They are usually set on executable files and are automatically granted to the process when a file with a capability is executed. The file capability sets are stored in an extended attribute named as security.capability. This can be done by the use of attribute CAP_SETCAP capability.

To enable the capability for any file frame command as shown below:

Similarly one can also remove file capability by as below mentioned command.

Reading capability: There are many files or program to which capability is predefined so to view that a file has any capability set then you can simply run the command as:

If you’d like to find out which capabilities are already set on your system, you can search your whole file-system recursively with the following command:

List of Capability

On the basis of functionality, the capability is categorized into total 36 in the count. Some of the majorly used are shown below.

Abusing Capabilities Privilege Escalations

Python Capability

Suppose the system administrator wants to grant superuser permission for any binary program, let’s say for python3, which should only be available to a specific user, and admin doesn’t want to give SUID or sudo permission. The admin supposed to used capabilities, for the python3 program that should be executed by specific user let’s say for user “demo”. This can be accomplished with following commands on the host machine.

As a result, the user demo received the privilege to run the python3 program as root because here admin has upraised the privilege by using cap_setuid+ep which means all privilege is assigned to the user for that program. But if you will try to find 4000 permission files or programs then it might not be shown for /home/dome/python3.

Note: the user home directory should be not accessible for other users because if it is accessed to other non-root users then other users will also proficient to take the privilege of capabilities set for user demo.

Exploiting capability using python3

Assuming an intruder has compromised the host machine as local user and spawn the least privilege shell and he looked for system capabilities and found empty capability (ep) over suid is given python3 for user demo that means all privilege is assigned to user for that program, therefore taking advantage of this permission he can escalate into high privilege from low privilege shell.

Hence you can observe the local user demo has accessed the root shell as shown in the given image.

Perl Capability

We have another example “perl” which is same as above where the admin supposed to used capabilities, for the perl program that should be executed by specific user let’s say for user “demo”. This can be accomplished with following commands on the host machine.

As a result, the user demo received the privilege to run the python3 program as root because here admin has upraised the privilege by using cap_setuid+ep which means all privilege is assigned to the user for that program.

Exploiting capability using perl

Repeat above step for exploit perl program to escalate the root privilege:

Tar Capability

We have another example “tar” which is same as above where the admin supposed to used capabilities to extract high privilege file that are restricted for other users, that should be extracted by specific user let’s say by user “demo”.

Let’s take an example: The admin wants to assign a role, where the user “demo” can take the backup of files as root, for this task the admin has set read capability on tar program. This can be accomplished with following commands on the host machine.

Exploiting capability using tar

Repeat same procedure to escalate the privilege, take the access of host machine as a local user and move ahead for privilege escalation. Since this time admin has use CAP_DAC_READ_SEARCH that will help us to bypass file read permission checks and directory read and execute permission checks.

In this, we try to read shadow file where all system’s user password hashes are stored for this you have to follow below steps.

  • Compress the /etc/shadow in the current directory with the help of the tar program.
  • You will get shadow.tar in your current directory.
  • Extract the shadow.tar and you will get a directory as “etc/shadow”.
  • Use cat/head/tail or program to read the hashes of passwords.

As a result, you will have “etc/shadow” file your current directory and you can read the hashes of the password as shown here.

A malicious user can break this password using a tool such as a john the ripper or hash killer etc.

Conclusion:  The system admin should be aware of security loopholes during assigning such capability which can affect the integrity of kernel that can lead to privilege escalation.

References:

http://lists.linuxfromscratch.org/pipermail/hlfs-dev/2011-August/004870.html

https://gtfobins.github.io/

Author: Komal Singh is a Cyber Security Researcher and Technical Content Writer, she is completely enthusiastic pentester and Security Analyst at Ignite Technologies. ContacHere


          

himblick host-setup

 Cache   

This is part of a series of post on the design and technical steps of creating Himblick, a digital signage box based on the Raspberry Pi 4.

A RaspberryPi boots using a little FAT partition which contains kernel, device tree, configuration, and everything else necessary to boot.

It has the conveniente of being able to plug the SD card into pretty much any system, and tweak the knobs that are exposed through it.

While we don't expect that people would want to modify the config.txt that controls the boot process, we would like to give people a convenient way to set up things like host name (which makes the device findable on the net), timezone, screen orientation, and wifi passwords.

We decided to go for a himblick.conf file in the boot partition to give simple knobs for the common system customizations:

[general]
# Host name
name = himblick

# Country used for WiFi settings
wifi country = de

# System keyboard layout
keyboard layout = us

# System timezone
timezone = Europe/Berlin

# Screen orientation: can be normal, inverted, left, right. Default: normal.
screen orientation = normal

# Screen resolution: can be any of the xrandr screen modes. Default: auto.
screen mode = 1920x1080


# WiFi networks that the device will be able to connect to

[wifi ExampleESSID1]
hash = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef

[wifi ExampleESSID2]
password = example cleartext password

WiFi can be configured both with cleartext passwords and with hashes generated by wpa_passphrase.

This can be scheduled to run with systemd early at boot, most importantly before wpa_supplicant is started:

[Unit]
Description=Configure host based on /boot/himblick.conf
ConditionPathExists=/boot/himblick.conf
Before=wpa_supplicant@wlan0.service
Before=network-pre.target
Wants=network-pre.target

[Service]
Type=oneshot
ExecStart=/usr/bin/himblick host-setup
RemainAfterExit=yes

[Install]
WantedBy=basic.target

Here is the code of the host setup part.

The screen-related parts will be configured by the media player code, right after X starts up.

Here are some details about the various steps:

wpa_supplicant

One just needs to configure the country and the networks: networkd does not need anything else from wpasupplicant.

If we provision something, we can use wpa_passphrase to put hashes in the file, but if someone with less technical skills has to update the WiFi configuration, there's a possibility of just putting passwords in the file.

I'm not really sure how much more secure is the hash over the password: with the hash one can connect to that network just fine. However, I guess one can't use it to retrieve the password itself to try it out on different networks.

Keyboard configuration

Keyboard in Debian is configured in /etc/default/keyboard, which is read by various packages:

After changing /etc/default/keyboard, one should apparently invoke /usr/sbin/dpkg-reconfigure -f noninteractive keyboard-configuration, although I haven't exactly figured out what it does, and whether this is just cargo culting.

udevadm trigger --subsystem-match=input --action=change in instead needed to to trigger reloading the keyboard layout in X without needing to restart X.

Timezone

The timezone name, in Debian, is stored in /etc/timezone, and /etc/localtime is a symlink to the right timezone under /usr/share/zoneinfo.

However, just calling timedatectl set-timezone Time/Zone, does all that is needed, including the above.

Hostname

In Debian the hostname is saved in /etc/hostname.

To set in the system, there is the hostname command and possibly other things that the hostnamectl set-hostname command is taking care of.

Here too, just calling hostnamectl set-hostname <hostname> does all that is needed, including the above.


          

ext4 and 32bit arm on 64bit amd64

 Cache   

This is part of a series of post on the design and technical steps of creating Himblick, a digital signage box based on the Raspberry Pi 4.

To provision Himblick systems we rely on using qemu-user-static to chroot into the ARM system.

It turns out that there's an exoteric bug that triggers when accessing an ext4 filesystem with directory hashes with a 32bit architecture which makes syscalls to a 64bit kernel.

We noticed it while investigating why shared-mime-info was creating an empty mime cache database.

We can work around this quite simply by disabling the dir_index feature of ext4 before mounting the filesystem:

tune2fs -O ^dir_index /dev/sdb2

After we're done with provisioning, we can turn on the feature again, and run e2fsck to rebuild the hashes:

tune2fs -O dir_index /dev/sdb2
e2fsck -f /dev/sdb2

This also took a while to track down, starting from okular claiming that PDF was unsupported, and evince aborting on simple PDF files with warnings about not being able to load PNG icons, which hinted at needing to run update-mime-database.

Running it in the Pi worked, while running it in the chroot produced an empty database but no error messages. It turns out that catching readdir(3) errors is not straightforward.

After getting the source of update-mime-database and debugging it, I tracked the issue down to this simple test case:

#include <sys/types.h>
#include <dirent.h>
#include <stdio.h>
#include <assert.h>
#include <errno.h>

int main(int argc, const char* argv[])
{
   DIR * dir = opendir("/usr/share/mime/packages");
   assert(dir);

   while (1)
   {
      errno = 0;
      struct dirent *e = readdir(dir);
      if (!e)
      {
         if (errno)
            perror("readdir");
         else
            fprintf(stderr, "last!\n");
         break;
      }
      fprintf(stderr, "read %s\n", e->d_name);
   }
}
# gcc -o test test.c && ./test
readdir: Value too large for defined data type

This finally was enough to hit the right spot on the internet and go from the actual cause of the issue to a useful workaround: this is the initial implementation of the workaround.

I guess the workaround would not really be needed if we could work with a proper aarch64 chroot: Raspbian quite legitimately tries to support all Raspberry Pi architectures, so they cannot do that.

I hope Debian will gain Raspberry Pi 4 support soon, so that this and other part of Himblick provisioning could become much more straightforward.


          

Cleanup Raspbian

 Cache   

This is part of a series of post on the design and technical steps of creating Himblick, a digital signage box based on the Raspberry Pi 4.

Rapsbian is designed to be an interactive system, but we want to build a noninteractive black box out of it, which should never ever get a keyboard plug into it. See the "Museum ceiling" use case.

Ideally we should use a plain Debian as a base, but the Raspberry Pi model 4 is not supported yet for that.

Instead, we start from Raspbian Lite, and remove the bits that get in the way.

Review of raspbian's customizations

Here is a review of the Raspbian customizations that we've found, and how we chose to keep them or remove them.

raspberrypi-bootloader, raspberrypi-kernel

It's the code in /boot, and I guess also how it can get updated: keep.

raspbian-archive-keyring

This makes it possible to use the raspbian apt repositories: keep.

raspberrypi-net-mods

Source: https://github.com/RPi-Distro/raspberrypi-net-mods

It's the part that copies /boot/wpa_supplicant.conf to /etc/wpa_supplicant and does other system tweaks.

This we need to remove, to do our own customization.

raspberrypi-sys-mods

Source: https://github.com/RPi-Distro/raspberrypi-sys-mods

It contains a lot of hardware-specific setups and udev rules that should probably be kept.

It also contains the sudo rule that allows pi to sudo without password.

It does have a number of services that we need to disable:

What is the purpose of rpi-display-backlight.service? I could not find an explanation on why it is needed in the file or in the git logs.

raspi-config

Source: https://github.com/RPi-Distro/raspi-config

It's the core of Raspbian's interactive configuration, which we need to remove, to avoid interactive prompts, and replace with doing the configuration we need at rootfs setup time.

It's still useful as a reference on what is the standard way in Raspbian to do things like changing keyboard and timezone, or setting up graphical autologin.

Removing this leaves various things to be done:

  • configuring keyboard and timezone
  • setting a CPU scaling governor at boot cpufrequtils seems to do it automatically
  • sed -i 's| init=/usr/lib/raspi-config/init_resize\.sh||' /boot/cmdline.txt, or boot will fail!

The last one is important: on first boot, Raspbian won't boot the standard system, but run a script to resize the root partition, remove itself from the kernel command line, and reboot into the system proper.

We took care of partitioning ourselves and we do not need this: it would actually fail leaving the boot stuck in an interactive prompt, since it will not expect to find our media partition after the rootfs.

raspi-copies-and-fills

Partial source: https://github.com/bavison/arm-mem, it misses the .deb packaging.

This installs a ld.preload library with hardware accelerated replacements for common functions.

Since Raspbian is supposed to run unmodified on all RaspberryPi hardwares, the base libc is not optimized, and preloads are applied according to platform.

The package installs a /etc/ld.so.preload configuration which contains:

/usr/lib/arm-linux-gnueabihf/libarmmem-${PLATFORM}.so

In my case, ${PLATFORM} is not getting replaced inside the chroot environment, giving slower execution and filling the console with linker warnings.

Since we know we're running on the RaspberryPi 4, we can replace ${PLATFORM} with aarch64 in the rootfs setup.

triggerhappy

It does no harm, but it's a running service that we aren't needing yet, and it makes sense to remove it.

dhcpcd5

dhcpcd5 is a network configurator.

We would rather use systemd-networkd, which is somehow more standard and should play well with a read only root filesystem.

Replace Raspbian's customizations

For the boot partition:

    def cleanup_raspbian_boot(self):
        """
        Remove the interactive raspbian customizations from the boot partition
        """
        # Remove ' init=/usr/lib/raspi-config/init_resize.sh' from cmdline.txt
        # This is present by default in raspbian to perform partition
        # resize on the first boot, and it removes itself and reboots after
        # running. We do not need it, as we do our own partition resizing.
        # Also, we can't keep it, since we remove raspi-config and the
        # init_resize.sh script would break without it
        self.file_contents_replace(
                relpath="cmdline.txt",
                search=" init=/usr/lib/raspi-config/init_resize.sh",
                replace="")

For the rootfs:

    def cleanup_raspbian_rootfs(self):
        """
        Remove the interactive raspbian customizations from the rootfs
        partition
        """
        # To support multiple arm systems, ld.so.preload tends to contain something like:
        # /usr/lib/arm-linux-gnueabihf/libarmmem-${PLATFORM}.so
        # I'm not sure where that ${PLATFORM} would be expanded, but it
        # does not happen in a chroot/nspawn. Since we know we're working
        # on the 4B, we can expand it ourselves.
        self.file_contents_replace(
                relpath="/etc/ld.so.preload",
                search="${PLATFORM}",
                replace="aarch64")

        # Deinstall unneeded Raspbian packages
        self.dpkg_purge(["raspberrypi-net-mods", "raspi-config", "triggerhappy", "dhcpcd5", "ifupdown"])

        # Disable services we do not need
        self.systemctl_disable("apply_noobs_os_config")
        self.systemctl_disable("regenerate_ssh_host_keys")
        self.systemctl_disable("sshswitch")

        # Enable systemd-network and systemd-resolvd
        self.systemctl_disable("wpa_supplicant")
        self.systemctl_enable("wpa_supplicant@wlan0")
        self.systemctl_enable("systemd-networkd")
        self.write_symlink("/etc/resolv.conf", "/run/systemd/resolve/stub-resolv.conf")
        self.systemctl_enable("systemd-resolved")
        self.write_file("/etc/systemd/network/wlan0.network", """[Match]
Name=wlan0

[Network]
DHCP=ipv4

[DHCP]
RouteMetric=20
""")
        self.write_file("/etc/systemd/network/eth0.network", """[Match]
Name=eth0

[Network]
DHCP=all

[DHCP]
RouteMetric=10
""")

After this point, /etc/resolf.conf in the chroot will point to a broken symlink unless resolved is running. To continue working in the chroot and have internet access, we can temporarily replace it with the host's resolv.conf:

    @contextmanager
    def working_resolvconf(self, relpath: str):
        """
        Temporarily replace /etc/resolv.conf in the chroot with the current
        system one
        """
        abspath = self.abspath(relpath)
        if os.path.lexists(abspath):
            fd, tmppath = tempfile.mkstemp(dir=os.path.dirname(abspath))
            os.close(fd)
            os.rename(abspath, tmppath)
            shutil.copy("/etc/resolv.conf", os.path.join(self.root, "etc/resolv.conf"))
        else:
            tmppath = None
        try:
            yield
        finally:
            if os.path.lexists(abspath):
                os.unlink(abspath)
            if tmppath is not None:
                os.rename(tmppath, abspath)

This leaves keyboard, timezone, wifi, ssh, and autologin, still to be configured. We'll do it in the next step.


          

Anaconda Python

 Cache   

아나콘다 3.7 다운로드 https://www.anaconda.com/distribution/

All Users 로 설치하기

import pandasimport pandas as pd 입력하고 Shift+Enter

http://localhost:8888/notebooks/Untitled.ipynb?kernel_name=python3

행과 열로 보기

type 확인할때는 아래와 같이 입력하고 Shift+Enter

데이터 타입을 알아야할때 확인하는 방법(정수, 문자열 등)

NaN (Not to Number)

DataFrame (csv)

예약어가 없어서 아쉬운 점

데이터에 접근하는 시간 차이 비교

order.at[1,"date"] at은 한 구문만 꺼내오고 속도가 빠르다.

조건을 변수로 빼 올수 있다.

원하는 열을 삭제할때

그래프 그려주는 데이터 관련 참고 사이트 http://seaborn.pydata.org/

 


          

Cockos REAPER 5.99 Portable

 Cache   
Cockos REAPER 5.99 Portable



P2P | 30.2 MB


REAPER is a powerful but sensible Windows application that lets you record, arrange, edit, and render multi-track waveform audio. It provides an extensive set of features, but is a very small and lightweight application (the installer is less than 1 megabyte, and includes many effects and a sample project). REAPER supports ASIO, Kernel Streaming, WaveOut, and DirectSound for playback and recording. It reads WAV, OGG, and MP3 files, and records WAV files. You can arrange any number of items in any number of tracks and use audio processing plug-ins (DirectX and Jesusonic). REAPER also supports volume, pan controls and envelopes per track, multi-layer undo/redo, and user creatable color themes.

...
          

FS#64699: alsa-lib 1.2.1.2-1 kernel 5.4 Hardcrash

 Cache   
Description:

After upgrading alsa-lib 1.2.1.1-1 -> 1.2.1.2-1
And kernel 5.4.arch1-1

System seems to be getting hard crashing mouse and screne locking etc.

Tried to figure out if it would be GPU related cause my AMDGPU aco has been somewhat buggy and unstable. But dont think its the case this time

Thou latest recovered message from journalctl i can get before crash is following:

joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: snd_pcm_avail() returned a value that is exceptionally large: 229236 bytes (795 ms).
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: Most likely this is a bug in the ALSA driver 'snd_usb_audio'. Please report this issue to the ALSA developers.
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: snd_pcm_dump():
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: Hardware PCM card 0 'USB2.0 High-Speed True HD Audio' device 0 subdevice 0
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: Its setup is:
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: stream : PLAYBACK
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: access : MMAP_INTERLEAVED
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: format : S24_3LE
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: subformat : STD
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: channels : 2
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: rate : 48000
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: exact rate : 48000 (48000/1)
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: msbits : 24
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: buffer_size : 4800
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: period_size : 1200
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: period_time : 25000
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: tstamp_mode : ENABLE
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: tstamp_type : MONOTONIC
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: period_step : 1
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: avail_min : 1200
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: period_event : 1
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: start_threshold : -1
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: stop_threshold : 5404319552844595200
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: silence_threshold: 0
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: silence_size : 0
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: boundary : 5404319552844595200
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: appl_ptr : 232738845
joulu 01 13:23:01 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: hw_ptr : 232774801
joulu 01 13:23:37 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: snd_pcm_delay() returned a value that is exceptionally large: -5109192 bytes (-17740 ms).
joulu 01 13:24:21 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: Most likely this is a bug in the ALSA driver 'snd_usb_audio'. Please report this issue to the ALSA developers.
joulu 01 13:24:21 Hostname pulseaudio[1293]: E: [alsa-sink-USB Audio] alsa-util.c: snd_pcm_dump():

Reported USB soundcard/DAC is following:

0d8c:0004 C-Media Electronics, Inc. USB2.0 High-Speed True HD Audio


Additional info:

alsa-lib 1.2.1.2-1
lib32-alsa-lib 1.2.1.2-1
linux 5.4.arch1-1 and 5.4.1.arch1-1

Downgraded alsa-lib to version 1.2.1.1-1 for staters to see if its related to that. Thou if its kernel driver bug prob doing that makes no difference.

Havent loaded this yet any upstream.


Steps to reproduce:

Upgrade system

          

Entropic Dynamic Time Warping Kernels for Co-evolving Financial Time Series Analysis

 Cache   

Entropic Dynamic Time Warping Kernels for Co-evolving Financial Time Series Analysis

Bai, L., Cui, L., Xu, L., Wang, Y., Zhang, Z. & Hancock, E. R., 21 Oct 2019, Arxiv (Cornell University).

Research output: Working paper

Publication details

DatePublished - 21 Oct 2019
PublisherArxiv (Cornell University)
Original languageUndefined/Unknown

Abstract

In this work, we develop a novel framework to measure the similarity between dynamic financial networks, i.e., time-varying financial networks. Particularly, we explore whether the proposed similarity measure can be employed to understand the structural evolution of the financial networks with time. For a set of time-varying financial networks with each vertex representing the individual time series of a different stock and each edge between a pair of time series representing the absolute value of their Pearson correlation, our start point is to compute the commute time matrix associated with the weighted adjacency matrix of the network structures, where each element of the matrix can be seen as the enhanced correlation value between pairwise stocks. For each network, we show how the commute time matrix allows us to identify a reliable set of dominant correlated time series as well as an associated dominant probability distribution of the stock belonging to this set. Furthermore, we represent each original network as a discrete dominant Shannon entropy time series computed from the dominant probability distribution. With the dominant entropy time series for each pair of financial networks to hand, we develop a similarity measure based on the classical dynamic time warping framework, for analyzing the financial time-varying networks. We show that the proposed similarity measure is positive definite and thus corresponds to a kernel measure on graphs. The proposed kernel bridges the gap between graph kernels and the classical dynamic time warping framework for multiple financial time series analysis. Experiments on time-varying networks extracted through New York Stock Exchange (NYSE) database demonstrate the effectiveness of the proposed approach.

Bibliographical note

Previously, the original version of this manuscript appeared as arXiv:1902.09947v2, that was submitted as a replacement by a mistake. Now, that article has been replaced to correct the error, and this manuscript is distinct from that article


          

Essays on economics of inequality :: early childhood development and ethnic favoritism /

 Cache   
En esta disertación, investigo las causas y consecuencias de la desigualdad económica a lo largo de dos dimensiones: desarrollo infantil temprano para la desigualdad entre individuos y favoritismo étnico por la desigualdad entre los grupos sociales. En tres ensayos separados, estudio específicamente las consecuencias sobre el desarrollo infantil de las conmociones experimentadas en una etapa temprana de la vida, y la prevalencia y los determinantes del favoritismo étnico en todo el mundo, por otra. El Capítulo 1 estudia el impacto del riesgo de conflicto en la salud infantil y muestra que la inseguridad en áreas propensas a conflictos puede afectar la salud infantil incluso en ausencia de violencia inmediata. Más allá del daño causado a las víctimas directas de la violencia, las respuestas de comportamiento a la inseguridad pueden llevar a grandes contratiempos de salud para los niños pequeños. El temor a la exposición a los eventos de conflicto a menudo desencadena tales respuestas incluso antes / sin ninguna manifestación de violencia en un área determinada. Esto genera un estado de tratamiento (exposición al riesgo de conflicto) que va más allá de la incidencia de violencia. En este capítulo, investigo el impacto del conflicto en la salud infantil utilizando una nueva métrica que captura la inseguridad percibida a nivel local a través de un modelo estadístico de violencia. En este modelo, la violencia es un proceso espacio-temporal con un desconocido. Distribución subyacente que impulsa las expectativas de los agentes en el terreno. Cada observado evento se interpreta como una realización aleatoria de este proceso, y su distribución subyacente Se estima utilizando métodos de estimación de densidad de kernel adaptativos. La nueva medida del riesgo de violencia se utiliza para evaluar el impacto del conflicto en la salud infantil utilizando datos de Costa de Marfil y Uganda. La evidencia empírica sugiere que el conflicto es un mal público local, con cohortes de los niños expuestos a un alto riesgo de violencia que sufren igualmente importantes contratiempos de salud incluso cuando El riesgo no se materializa en eventos violentos a su alrededor. El capítulo 2 de la tesis es un trabajo conjunto con Bruno Conte Leite y Lavinia Piemontese. Investiga el impacto en la salud infantil de la invasión de la plaga de langosta de 2004 en la región del Sahel de África. Argumenta que las invasiones de langostas en estas economías agrícolas generan primero un efecto de precio especulativo / anticipatorio durante la plaga en sí, seguido de un efecto de falla en los cultivos locales que podría constituir un shock de suministro de alimentos para los mercados locales y un shock de ingresos para los agricultores. Usando una estrategia de identificación de Diferencias en diferencias, mostramos que los niños expuestos en el útero a los efectos adversos de las plagas de langostas sufren un importante revés para la salud. Los niños expuestos tienen, en promedio, una puntuación Z de 0. 25 puntos y 0. 48 puntos más bajos que los niños no expuestos en Mali y Senegal, respectivamente. Los niños expuestos al efecto del precio especulativo sufren tanto como los expuestos al efecto de fracaso de la cosecha. Finalmente, el capítulo 3 de esta tesis es un trabajo conjunto con Hannes Mueller y estudia la prevalencia y los determinantes del favoritismo étnico en todo el mundo. Utiliza un conjunto de datos que codifica el poder ejecutivo de 564 grupos étnicos en 130 países en una escala de siete puntos para mostrar que los grupos étnicos que obtienen el poder político se benefician económicamente. Este efecto se mantiene para los grupos que ingresan al gobierno, el amplio margen, y para los grupos que concentran más poder en ellos mismos, el margen intensivo. Ambos efectos desaparecen en presencia de fuertes restricciones políticas sobre el poder ejecutivo. ; In this dissertation, I investigate the causes and consequences of economic inequality along two dimensions: early childhood development for inequality among individuals and ethnic favoritism for inequality among social groups. In three separate essays, I specifically study the consequences on child development of shocks experienced early in life on one hand, and the prevalence and determinants of ethnic favoritism around the world on the other. Chapter 1 studies the impact of conflict risk on child health and it shows that insecurity in conflict-prone areas can affect child health even in absence of immediate violence. Beyond the damage caused to direct victims of violence, behavioral responses to insecurity can lead to major health setbacks for young children. The fear of exposure to conflict events often triggers such responses even before/without any manifestation of violence in a given area. This generates a treatment status (exposure to conflict risk) that goes beyond violence incidence. In this chapter, I investigate the impact of conflict on child health using a new metric that captures perceived insecurity at the local level through a statistical model of violence. In this model, violence is a space-time process with an unknown underlying distribution that drives the expectations of agents on the ground. Each observed event is interpreted as a random realization of this process, and its underlying distribution is estimated using adaptive kernel density estimation methods. The new measure of violence risk is then used to evaluate the impact of conflict on child health using data from Ivory Coast and Uganda. The empirical evidence suggests that conflict is a local public bad, with cohorts of children exposed to high risk of violence equally suffering major health setbacks even when the risk does not materialize in violent events around them. Chapter 2 of the thesis is joint work with Bruno Conte Leite and Lavinia Piemontese. It investigates the impact on child health of the 2004 locust plague invasion in the Sahel region of Africa. It argues that locust invasions in these agricultural economies generate first a speculative/ anticipatory price effect during the plague itself followed by a local crop failure effect that could constitute a food supply shock for local markets and an income shock for farmers. Using a Difference-in-Differences identification strategy, we show that children exposed in utero to the adverse effects of locust plagues suffer major health setback. Exposed children have, on average, a Z-score 0. 25 points and 0. 48 points lower than non-exposed children in Mali and Senegal respectively. Children exposed to the speculative price effect suffer as much as those exposed to the crop failure effect. Finally, chapter 3 of this thesis is joint work with Hannes Mueller and studies the prevalence and determinants of ethnic favoritism around the world. It uses a dataset which codes executive power for 564 ethnic groups in 130 countries on a seven-point scale to show that ethnic groups that gain political power benefit economically. This effect holds for groups that enter government, the extensive margin, and for groups that concentrate more power onto themselves, the intensive margin. Both these effects disappear in the presence of strong political constraints on executive power. Institutional constraints are even effective in preventing favoritism when groups concentrate all power in the executive onto themselves.
          

openSUSE Tumbleweed 本周更新 Linux Kernel 5.3.12、Mesa 19.2.6 和 openssl 1.1.1d 等

 Cache   
openSUSE Tumbleweed 本周发布了 6 个快照(1121、1122、1123、1124、1126、1127),主要更新了 Linux Kernel 5.3.12、Mesa 19.2.6、Mozilla Thunderbird 68.2.2、openssl 1.1.1d、9.14.8 和 FirewallD 0.7.2 等等。
          

vakantiehuisje in Sydals, Denemarken : "Hus nr. 1" voor 5 personen

 Cache   
vakantiehuisje : "Hus nr. 1"Het prachtige strand Kerneland is gelegen in de prachtige natuur, die u te voet of per fiets kunt verkennen en niet ver van Drejet, een populaire plek onder surfers. Hier vindt u dit prachtige vakantiehuis, samen met elf anderen huizen in Skovmose, het beste strand van As. Vanaf hier heeft u uitstekende mogelijkheden om samen plezier te beleven, of in de speeltuin of in de ruime groene gebieden te spelen. In deze omgeving staat er ook een gemeenschapshuis, geschikt voor 60 personen, die gehuurd kan worden voor een feest of andere gelegenheden. Kerneland is ook een goede plek om te vissen, waarschijnlijk de beste in As, en als u vis gevangen heeft kunt u deze in het gemeenschappelijke gebouw schoonmaken. U kunt ook vissen in de open zee. Bij Mommark Marina boten kunt u een boot huren (bij aankomst kunt u hier navraag over doen). Ervaar ook het ontspannen leven in de stad, want vanaf het vakantiehuis is het niet ver naar Sønderborg, waar u onder andere interessante winkels kunt vinden in de winkelcentra en cafés in de haven. De geschiedenis van de regio, kunt u ervaren in musea en op het Dybbøl waar u ook actief kunt deelnemen aan de Slag van 1864. Bij Sønderborg staat een kasteel met veel historie. Op Nordals is het avonturenpark Universe gelegen, waar u gemakkelijk een hele dag kunt doorbrengen, technische verschijnselen zijn hier toegankelijk en worden hier gemaakt voor een interessante beleving. Het goede eten komt uit Zuid-Jutland en is natuurlijk niet onmisbaar, profiteer daarom van de vele mogelijkheden om de voedsel cultuur te ervaren in restaurants en winkels, vooral het legendarische Zuid-Jutland koffie buffet.
          

Beta: kernel and kernel module for CloudLinux 7 hybrid updated

 Cache   
Beta: kernel and kernel module for CloudLinux 7 hybrid updatedCloudLinux 7 hybrid kernel module is now available for download from our updates-testing repository. Changelog lve-kmod KMODLVE-291: added loadavg support for the newer CloudLinux 7 hybrid kernels How to update yum update rhn-client-tools --enablerepo=cloudlinux-updates-testingyum update kernel kmod-lve --enablerepo=cl7h_beta How to install The pro...
          

Apricot in Brandy Marzipan

 Cache   
Apricot in Brandy Marzipan

Apricot in Brandy Marzipan

Sugar, Cocoa Mass, Almonds (11%), Apricot Kernels, Apricots (10%), Glucose Syrup, Alcohol, Cocoa Butter, Brandy (0.9%), Milk Fat, Emulsifier (Rapeseed Lecithins), Thickener (Pectin), Flavouring, Acid (Citric Acid), Preservative (Sorbic Acid, Potassium Sorbate). Dark Chocolate contains 50% Cocoa Solids minimum. Alcohol: 1.5% May contain traces of Nuts. The table below gives an overview of this item's suitability for a variety of dietary requirements and preferences. This information is a guide only, always refer to product packaging for full information. Allergen & Dietary Advice: Suitable for Vegans ✖ Suitable for Vegetarians ✔ Contains Gluten ✖ Contains Milk or Milk Derivatives ✔ Contains Eggs or Egg Derivatives ✖ Contains Peanuts ✖ Contains Other Nuts ✔ Contains Soya ✖ Contains Sulphur Dioxide or Sulphites ✖ Contains Mustard ✖ Contains Celery ✖ Contains Alcohol ✔ Contains Artificial Colours ✖ Contains Artificial Flavours ✔


          

Cherry in Rum Marzipan

 Cache   
Cherry in Rum Marzipan

Cherry in Rum Marzipan

Sugar, Cocoa Mass, Cherries (12%), Almonds (11%), Apricot Kernels, Glucose Syrup, Spirits (Rum (0.5%), Cocoa Butter, Milk Fat, Alcohol, Emulsifier (Rapeseed Lecithins), Thickener (Pectin), Preservative (Sorbic Acid/Potassium Sorbate) Acid (Citric Acid). Dark Chocolate contains 50% Cocoa Solids minimum. Alcohol: 1.4% May contain traces of Nuts. The table below gives an overview of this item's suitability for a variety of dietary requirements and preferences. This information is a guide only, always refer to product packaging for full information. Allergen & Dietary Advice: Suitable for Vegans ✖ Suitable for Vegetarians ✔ Contains Gluten ✖ Contains Milk or Milk Derivatives ✔ Contains Eggs or Egg Derivatives ✖ Contains Peanuts ✖ Contains Other Nuts ✔ Contains Soya ✖ Contains Sulphur Dioxide or Sulphites ✖ Contains Mustard ✖ Contains Celery ✖ Contains Alcohol ✔ Contains Artificial Colours ✖ Contains Artificial Flavours ✔


          

Plum in Madeira Marzipan

 Cache   
Plum in Madeira Marzipan

Plum in Madeira Marzipan

Sugar, Plums (15%), Cocoa Mass, Almonds (11%), Apricot Kernels, Glucose Syrup, Cocoa Butter, Liqueur Wine (Madeira 1.5%), Alcohol, Milk Fat, Emulsifier (Rapeseed Lecithins), Thickener (Pectin), Preservative (Sorbic Acid/Potassium Sorbate), Acid (Citric Acid). Dark Chocolate contains 50% Cocoa Solids minimum. Alcohol: 1.5% May contain traces of Nuts. The table below gives an overview of this item's suitability for a variety of dietary requirements and preferences. This information is a guide only, always refer to product packaging for full information. Allergen & Dietary Advice: Suitable for Vegans ✖ Suitable for Vegetarians ✔ Contains Gluten ✖ Contains Milk or Milk Derivatives ✔ Contains Eggs or Egg Derivatives ✖ Contains Peanuts ✖ Contains Other Nuts ✔ Contains Soya ✖ Contains Sulphur Dioxide or Sulphites ✖ Contains Mustard ✖ Contains Celery ✖ Contains Alcohol ✔ Contains Artificial Colours ✖ Contains Artificial Flavours ✔


          

Reduced Sugar Belgian Seashells 125g - 10 Chocolates

 Cache   
Reduced Sugar Belgian Seashells 125g - 10 Chocolates

Reduced Sugar Belgian Seashells 125g - 10 Chocolates

Cocoa Butter, Full Milk Powder, Alimentary Fibres (Dextrin, Inulin, Oligofructose); Cocoa Mass, Whey Powder (Milk), Sweeteners (Erythritol, Steviol Glycosides); Hazelnuts (8,4%), Vegetable Fats (Palm, Palm Kernel); Skimmed Milk Powder, Emulsifier (Soy Lecithin), Natural Flavourings. Milk Chocolate Cocoa Solids: 36% Minimum, Milk Solids: 30% Minimum; White Chocolate Cocoa Solids: 44% Minimum, Milk Solids: 40% Minimum. Produced in a plant processing Gluten (Wheat, Barley), Egg and Nuts. The table below gives an overview of this item's suitability for a variety of dietary requirements and preferences. This information is a guide only, always refer to product packaging for full information. Allergen & Dietary Advice: Suitable for Vegans ✖ Suitable for Vegetarians ✔ Contains Gluten ✔ Contains Milk or Milk Derivatives ✔ Contains Eggs or Egg Derivatives ✔ Contains Peanuts ✖ Contains Other Nuts ✔ Contains Soya ✔ Contains Sulphur Dioxide or Sulphites ✖ Contains Mustard ✖ Contains Celery ✖ Contains Alcohol ✔ Contains Artificial Colours ✖ Contains Artificial Flavours ✖


          

Strawberry in Champagne Marzipan

 Cache   
Strawberry in Champagne Marzipan

Strawberry in Champagne Marzipan

Sugar, Cocoa Mass, Almonds (11%), Apricot Kernels, Glucose Syrup, Strawberries (10%), Cocoa Butter, Wines (Champagne (1.5%), White Wine), Alcohol, Milk Fat, Flavouring, Emulsifier (Rapeseed Lecithins), Thickener (Pectin), Acid (Citric Acid), Preservative (Sorbic Acid/Potassium Sorbate). Dark chocolate contains 50% Cocoa Solids minimum. Alcohol: 1.6%. May contain traces of Nuts. The table below gives an overview of this item's suitability for a variety of dietary requirements and preferences. This information is a guide only, always refer to product packaging for full information. Allergen & Dietary Advice: Suitable for Vegans ✖ Suitable for Vegetarians ✔ Contains Gluten ✖ Contains Milk or Milk Derivatives ✔ Contains Eggs or Egg Derivatives ✖ Contains Peanuts ✖ Contains Other Nuts ✔ Contains Soya ✖ Contains Sulphur Dioxide or Sulphites ✖ Contains Mustard ✖ Contains Celery ✖ Contains Alcohol ✔ Contains Artificial Colours ✖ Contains Artificial Flavours ✔


          

RE: doska s fpga & sram problem

 Cache   

Manual mam, je alibisticky, akykolvek problem ? 1.kontaktuj vyrobcu alebo dealera. Dealer na mna yebe, vyrobcu z usa kupil a zrusil korporat ktory uz najmenej 4x menil nazov. V manuale pisu ze prvy priznak (can not load data) je pruser a bod 1. Aky je podla tvojho nazoru dovod mat tam baterku a menit ju pod napajanim ? Masina vedela pamatat nejakych 100 programov ktore si mohol uzivatel pomocou par tlacidiel a rotacneho ovladaca naprogramovat. Myslis ze baterka istila iba user programy a ten "kernel" je flashnuty v niektorom z tych malych svabov ? Zajtra skuknem lepsie co su zac bo fotka je rozostrena a neviem niektore precitat. K tym signalom, doska vedela citat z cidiel teplotu, silu vakua, polohu ohrievacieho telesa nad komorou, polohu podavacieho piestu. Riadit vedela teplotu/cas, zopnutie externej vakuovej pumpy, zopnutie tlakoveho vzduchu pre podavaci piest, motor pohybu ohrievacieho telesa, a mozno som na daco este zabudol. V bedni RJ su okrem zdroja este dve ss relatka, jedno dostava signal pre zhaviacu spiralu ohrevu, druhe spina tu externu vakupumpu.


          

RE: doska s fpga & sram problem

 Cache   

Alojz: dik za reakciu, vlavo pod sramkou vedla diodiek je jeden klasicky jumper, vpravo vedla pga nad baterkou biely konektor. Ako by mala vyzerat ta flashka ? Prvy priznak problemu po zapnuti prebiehal tak ze pec klasicky bootovala, na displeji ako vzdy "loading kernel" po nom mal prist test periferii ale namiesto toho sa objavilo ze nevie nacitat data. Pozeram do manualu, idem po novu baterku ale po znovuzapnuti uz nic, displej mrtvy, svieti podsvietenie ale zobrazuje iba klikyhaky a vsetky relatka a stykace periferii cvakaju jak v besm 1. Takze sa neviem dostat nikam, ziadna moznost nacitania alebo cakania na povel. fotka dosky: https://img.janforman.com/20191121082719wlsr.jpg


          

Aceite de albaricoque por mayor - 322,00 €

 Cache   
thumb

Formato ahorro de aceite de albaricoque al por mayor. ¡Aprovecha nuestros descuentos por cantidad! El aceite de albaricoque o de semillas de albaricoque se utiliza en elaboración de productos cosméticos porque posee propiedades antiedad, hidratantes y exfoliantes. Se puede usar incorporándolo a cremas hidratantes y body milk para mejorar la flexiblidad de la piel y evitar el envejecimiento. También es uno de los aceites elegidos en preparación de jabones artesanos. Los productos al por mayor no están incluidos en la promoción de envíos gratuitos.

  • Ingredientes: Apricot kernel (prunus armeniaca) oil.
  • Ingrediente cosmético. No ingerir.

 


          

Hans de Goede: Adventures in fixing suspend/resume on a HP x2 Detachable 10-p0XX

 Cache   
I got contacted by a user with a HP X2 10 p018wm 2-in-1 about the device waking up 10-60 seconds after suspend. I have access to a HP X2 10 p002nd myself which in essence is the same HW and I managed to reproduce the problem there. This is when the fun started:

1. There were a whole bunch of ACPI related errors in dmesg. It turns out that these affect almost all HP laptop models and we have a multiple bugs open for this. Debugging these pointed to the hp-wmi driver. I wrote 2 patches fixes 2 different kind of errors and submitted these upstream. Unfortunately this does not help with the suspend/resume issue, but it does fix all those errors people have been complaining about :)

2. I noticed some weird messages in dmesg with look like a PCI bus re-enumeration is started during suspend when suspending by closing the lid and then the re-enumeration continues after resume. This turns out to be triggered by this piece of buggy AML code which
is used for monitor hotplug notification on gfx state changes (the i915 driver ACPI opregion also tracks the lid state for some reason):

                Method (GNOT, 2, NotSerialized)
                {
                    ...
                    CEVT = Arg0
                    CSTS = 0x03
                    If (((CHPD == Zero) && (Arg1 == Zero)))
                    {
                        If (((OSYS > 0x07D0) || (OSYS < 0x07D6)))
                        {
                            Notify (PCI0, Arg1)
                        }
                        Else
                        {
                            Notify (GFX0, Arg1)
                        }
                    }
                    ...
                }

Notice how "If (((OSYS > 0x07D0) || (OSYS < 0x07D6)))" is always true, the condition is broken the "||" clearly should have been a "&&" this is causing the code to send a hotplug notify to the PCI root instead of to the gfx card, triggering a re-enumeration. Doing a grep for this on my personal DSDT collection shows that 55 of the 93 DSDTs in my collection have this issue!

Luckily this can be easily fixed by setting CHPD to 1 in the i915 driver, which is something which we should do anyways according to the
opregion documentation. So I wrote a patch doing this and submitted it upstream. Unfortunately this also does not help with the suspend/resume issue.

3. So the actual spurious wakeups are caused by HP using an external embedded controller (EC) on the "legacy-free" platform which they use for these laptops. Since these are not designed to use an external EC they lack the standard interface for this, so HP has hooked the EC up over I2C and using an ACPI GPIO event handler as EC interrupt.

These devices use suspend2idle (s2idle) instead of good old firmware handled S3, so the EC stays active during suspend. It does some housekeeping work which involves a round-trip through the AML code every minute. Normally EC wakeups are ignored durin s2idle by some special handling in the kernel, but this is only done for ECs using the standardized ACPI EC interface, not for this bolted on the
side model. I've started a discussion on maybe extending our ACPI event handling to deal with this special case.

For now as a workaround I ended up writing 2 more patches to allow blacklisting wakeup by ACPI GPIO event handlers on select models. This breaks wakeup by opening the LID, the user needs to wake the laptop with the powerbutton. But at least the laptop will stay suspended now.
          

MCP2515, can4linux, and SPI

 Cache   

AFAIK Ramips/Mediateks SPI device is half duplex and it will not work without modifying the SPI driver or the MCP2515 kernel module to control a MCP2515. I've done a dirty hack for a Carambola1 board (RT5350) years ago. The Carambola1 uses non SPI flash (NAND) so the patch doesn't harm the flash access. But the Omega2 uses the SPI flash - bad luck.
The other way would be using bitbanged SPI. It worked better than expected.

As of today I'm using a PIC connected via ttyS1:
http://community.onion.io/topic/1853/connect-omega2-to-canbus
The PIC is programmed inband from the Omega2.

Regards

Gerd


          

Fast Solution of Volume–Surface Integral Equations for Multiscale Structures

 Cache   
Electromagnetic (EM) problems with conducting and penetrable media are formulated by volume–surface integral equations (VSIEs). Traditionally, the VSIEs are solved by the method of moments (MoM) with Rao–Wilton–Glisson (RWG) and Schaubert–Wilton–Glisson (SWG) basis functions. We develop a hybrid method to discretize the VSIEs where the surface integral equation (SIE) for the conducting part is discretized by the standard MoM, while the volume integral equations (VIEs) for the penetrable part are discretized by a point-matching scheme (PMS). The PMS can use unstructured or nonconforming meshes and make the integral kernels of VIEs be free of material parameters. Also, the VIEs can result in well-conditioned system matrices because they are the second kind of integral equations. For electrically large or complex problems with multiscale structures, we unite the hybrid method with the multilevel fast multipole algorithm (MLFMA) to accelerate the solutions. Since the MLFMA is sensitive to the conditioning of system matrices which the multiscale feature will deteriorate and is tedious to implement, using the VIEs can ameliorate the conditioning of system matrices and using the PMS can facilitate the implementation of MLFMA. The approach is demonstrated by several numerical examples and its good performance has been observed.
          

#51 Chromebook

 Cache   

  Muy buenas, oyente de Podcast Linux, mi nombre es Juan Febles y hoy voy a estar contigo para hablar de un sistema operativo y dispositivos linux muy cercanos, o no, a GNU/Linux. Aparca los problemas y vente conmigo, porque Chromebook, el episodio el número 51, arranca ya. En el Núcleo Kernel hablaré del dispositivo Leer más#51 Chromebook[…]

La entrada #51 Chromebook aparece primero en AVpodcast.


          

#49 Libera tu router

 Cache   

  Muy buenas, oyente de Podcast Linux, mi nombre es Juan Febles y hoy estoy puntual a la cita quincenal con un episodio para animarte a liberar tu red doméstica. Ponte cómodo y disfruta de esta casi media hora de programa, el número 49, porque libera tu router comienza ya. En el Núcleo Kernel comentaré Leer más#49 Libera tu router[…]

La entrada #49 Libera tu router aparece primero en AVpodcast.


          

#45 Distros Ligeras

 Cache   

Muy buenas, oyente de Podcast Linux, mi nombre es Juan Febles y hoy estoy puntual a la cita quincenal con un episodio para mostrarte mis experiencias con distros ligeras. En el Núcleo Kernel repasaré las distros ligeras que he probado en un netbook de hace más de 10 años para comprobar sus posibilidades en dispositivos Leer más#45 Distros Ligeras[…]

La entrada #45 Distros Ligeras aparece primero en AVpodcast.


          

#41 Gaming y GNU/Linux

 Cache   

Muy buenas Linuxero. Bienvenido a otro episodio de Podcast Linux. Mi nombre es Juan Febles y 2 veces al mes nos reunimos aquí, un lugar de encuentro para usuarios domésticos de escritorio del sistema operativo del ñu y el pingüino. Ponte cómodo porque el episodio 41 Gaming y GNU/Linux comienza ya. En el Núcleo Kernel Leer más#41 Gaming y GNU/Linux[…]

La entrada #41 Gaming y GNU/Linux aparece primero en AVpodcast.


          

#39 GNU/Linux y Móviles

 Cache   

Muy buenas Linuxero. Bienvenido a otro episodio de Podcast Linux. Mi nombre es Juan Febles y quincenalmente nos encontramos en este programa para usuarios de escritorio del sistema operativo del ñu y el pingüino. Sube el volumen porque el episodio 39 GNU/Linux y móviles comienza ya. En el Núcleo Kernel intentaremos conocer el mundo de Leer más#39 GNU/Linux y Móviles[…]

La entrada #39 GNU/Linux y Móviles aparece primero en AVpodcast.


          

#37 Cultura Libre

 Cache   

Muy buenas Linuxero. Bienvenido a tu cita quincenal con Podcast Linux. Mi nombre es Juan Febles y cada 2 semanas comparto, un nuevo tema o entrevista, del sistema operativo de escritorio que más nos gusta: GNU/Linux. Ponte cómodo porque el episodio 37 Cultura Libre comienza ya. En el Núcleo Kernel nos adentraremos en qué es Leer más#37 Cultura Libre[…]

La entrada #37 Cultura Libre aparece primero en AVpodcast.


          

#35 Formatos Libres

 Cache   

Muy buenas Linuxero. Bienvenido a otro programa de Podcast Linux. Mi nombre es Juan Febles y cada 15 días comparto, un nuevo tema o entrevista, del sistema operativo de escritorio que más nos gusta: GNU/Linux. En el Núcleo Kernel nos adentraremos en los formatos de archivos, contenedores, códecs y la importancia que sean libres y Leer más#35 Formatos Libres[…]

La entrada #35 Formatos Libres aparece primero en AVpodcast.


          

#25 GNU/Linux y NAS

 Cache   

Muy buenas Linuxero. Bienvenido a otro programa de Podcast Linux. Mi nombre es Juan Febles y cada 15 días comparto un nuevo tema o entrevista del sistema operativo de escritorio que más nos gusta: GNU/Linux. Ponte cómodo porque el episodio 25 GNU/Linux y NAS empieza ya. En el Núcleo Kernel nos adentraremos en el mundo Leer más#25 GNU/Linux y NAS[…]

La entrada #25 GNU/Linux y NAS aparece primero en AVpodcast.


          

#23 La Terminal

 Cache   

  Muy buenas Linuxero. Bienvenido a una nueva entrega de Podcast Linux. Mi nombre es Juan Febles y 2 veces al mes me pongo frente al micrófono para compartir el sistema operativo de escritorio que más nos gusta: GNU/Linux. Empezamos este episodio como siempre, con el resumen del programa. En el Núcleo Kernel hablaremos de Leer más#23 La Terminal[…]

La entrada #23 La Terminal aparece primero en AVpodcast.


          

#21 GNU/Linux en la Universidad

 Cache   

Muy buenas Linuxero. Bienvenido a una nueva entrega de Podcast Linux. Mi nombre es Juan Febles y quincenalmente me cuelo en tu reproductor favorito para hablar del sistema operativo de escritorio que nos une: GNU/Linux. En el Núcleo Kernel seguiremos la serie de episodios relacionados con la educación hablando de GNU/Linux en la Universidad. http://www.portalprogramas.com/software-libre/ranking-universidades/ Leer más#21 GNU/Linux en la Universidad[…]

La entrada #21 GNU/Linux en la Universidad aparece primero en AVpodcast.


          

#19 GNU/Linux en la escuela

 Cache   

Muy buenas Linuxer@. Bienvenido a una nueva entrega de Podcast Linux. Mi nombre es Juan Febles y cada 2 semanas tengo una cita contigo para hablar de sistema operativo de escritorio que más nos apasiona: GNU/Linux. Iniciamos este episodio con el resumen del programa. En el Núcleo Kernel tomaremos el pulso a GNU/Linux dentro de Leer más#19 GNU/Linux en la escuela[…]

La entrada #19 GNU/Linux en la escuela aparece primero en AVpodcast.


          

#16 Antergos

 Cache   

  Muy buenas Linuxero. Bienvenido a un nuevo episodio de Podcast Linux. Mi nombre es Juan Febles y quincenalmente compartimos este espacio sonoro para hablar de nuestro sistema de escritorio favorito: GNU/Linux. En el Núcleo Kernel hablaremos de una distro que está sorprendiendo a expertos y recién llegados a Linux. Antergos. https://antergos.com/ En el Gestor Leer más#16 Antergos[…]

La entrada #16 Antergos aparece primero en AVpodcast.


          

#13 Ciberseguridad Básica en GNU/Linux

 Cache   

Muy buenas Linuxeros. Bienvenidos a una nueva entrega de Podcast Linux. Mi nombre es Juan Febles y cada 2 semanas enciendo el micrófono para hablar de lo que más nos gusta: GNU/Linux. En el Núcleo Kernel abordaré unos sencillos pasos a seguir para tener una seguridad básica en nuestros ordenadores domésticos. Proteger físicamente el ordenador Leer más#13 Ciberseguridad Básica en GNU/Linux[…]

La entrada #13 Ciberseguridad Básica en GNU/Linux aparece primero en AVpodcast.


          

#10 Raspberry Pi y GNU/Linux. Podcast Linux

 Cache   

Muy buenas Linuxero. Bienvenido a otro episodio más de Podcast Linux. Mi nombre es Juan Febles y cada quincena tengo una cita contigo para hablar de lo que más nos gusta: GNU/Linux. En el Núcleo Kernel hablaré de la Raspberry Pi y su íntima relación con GNU/Linux. En el Gestor de Paquetes le damos un Leer más#10 Raspberry Pi y GNU/Linux. Podcast Linux[…]

La entrada #10 Raspberry Pi y GNU/Linux. Podcast Linux aparece primero en AVpodcast.


          

#08 Sabores a montones. Podcast Linux

 Cache   

NOTICIÓN: Podcast Linux pasa a formar parte de la red AV Podcast. http://avpodcast.net/ En el Núcleo Kernel hablaré de los principales entornos de escritorio. En el Gestor de Paquetes te presento a OpenShot, un sencillo editor de vídeo multiplataforma. http://www.openshot.org/ El invitado de Comunidad Linux es Jenofonte, un gran divulgador del software libre de producción multimedia. Twitter: Leer más#08 Sabores a montones. Podcast Linux[…]

La entrada #08 Sabores a montones. Podcast Linux aparece primero en AVpodcast.


          

#06 #ConLinuxSíSePuede. Podcast Linux

 Cache   

Muy buenas Linuxeros. Bienvenidos a otro episodio de Podcast Linux. Mi nombre es Juan Febles y te invito a disfrutar de este proyecto que comparte el sistema operativo libre del pingüino a los usuarios domésticos de ordenadores. En el Núcleo Kernel reflexionaré sobre las posibilidades que ofrece GNU/Linux. Con Linux sí se puede. Pasaremos al Leer más#06 #ConLinuxSíSePuede. Podcast Linux[…]

La entrada #06 #ConLinuxSíSePuede. Podcast Linux aparece primero en AVpodcast.


          

#04 Amor de Distro Madre. Podcast Linux

 Cache   

Muy buenas Linuxeros. Bienvenido a un episodio más de Podcast Linux. Mi nombre es Juan Febles y este es mi proyecto más personal con el que quiero acercar el mundo GNU/Linux a los usuarios domésticos de sistemas operativos de escritorio. Gestor de Arranque: Resumen del episodio En el Núcleo Kernel te hablaré de las distros Leer más#04 Amor de Distro Madre. Podcast Linux[…]

La entrada #04 Amor de Distro Madre. Podcast Linux aparece primero en AVpodcast.


          

#03 Y no estaba muerto, no, no. Podcast Linux

 Cache   

Bienvenidos de nuevo a un episodio de Podcast Linux, tu podcast de GNU/Linux. Un podcast quincenal producido por Juan Febles para acercar GNU/Linux al usuario de ordenadores de a pie. Gestor de Arranque: Resumen del episodio Núcleo Kernel: Revive tu viejo pc Resucita tu viejo PC con GNU/Linux Dale una segunda vida a tu viejo Leer más#03 Y no estaba muerto, no, no. Podcast Linux[…]

La entrada #03 Y no estaba muerto, no, no. Podcast Linux aparece primero en AVpodcast.


          

#02 Un pingüino en mi USB Podcast Linux

 Cache   

Bienvenidos de nuevo a un episodio de Podcast Linux, tu podcast de GNU Linux. Un podcast para acercar al usuario de a pie el mundo del sistema operativo del pingüino. Gestor de Arranque: Resumen del programa Núcleo Kernel: Distribuciones live http://www.linux-es.org/livecd Gestor de Paquetes: Unetbootin (Linux, Mac y Windows) y el comando para la terminal Leer más#02 Un pingüino en mi USB Podcast Linux[…]

La entrada #02 Un pingüino en mi USB Podcast Linux aparece primero en AVpodcast.


          

#01 Antecedentes. Podcast Linux

 Cache   

Bienvenido al primer episodio de Podcast Linux, tu podcast de GNU Linux. Un podcast para acercar al usuario de a pie el mundo del sistema operativo del pingüino. En todos los episodios tendremos estas secciones: Gestor de Arranque: Resumen del programa Núcleo Kernel: Parte central. Te comentaré el objetivo de este podcast y mi relación Leer más#01 Antecedentes. Podcast Linux[…]

La entrada #01 Antecedentes. Podcast Linux aparece primero en AVpodcast.


          

Exton|OS Distro Is Now Based on Ubuntu 19.10 and Ships with Linux Kernel 5.4

 Cache   
GNU/Linux developer Arne Exton released a new version of his Ubuntu-based Exton|OS distribution that's now based on the latest Ubuntu 19.10 (Eoan Ermine) operating system and Linux 5.4 kernel series.
          

Linux Kernel 5.4 Gets First Point Release, It's Now Ready for Mass Deployments

 Cache   
Renowned Linux kernel developer Greg Kroah-Hartman released today the first point release to the latest Linux 5.4 kernel series, which is now stable and ready for mass deployments.
          

TCP SACK panic attack- Linux Kernel Vulnerabilities- CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479

 Cache   

          

Релиз ядра Linux 5.4

 Cache   

Наиболее заметные изменения:

  • Модуль lockdown, ограничивающий доступ пользователя root к файлам и интерфейсам ядра. Подробности.
  • Файловая система virtiofs для проброса определённых каталогов хоста в гостевые системы. Взаимодействие идёт по схеме «клиент-сервер» через FUSE. Подробности.
  • Механизм контроля целостности файлов fs-verity. Аналогичен dm-verity, но работает на уровне файловых систем Ext4 и F2FS, а не блочных устройств. Подробности.
  • Модуль dm-clone для копирования доступных только на чтение блочных устройств, при этом на копию можно записывать данные прямо в процессе клонирования. Подробности.
  • Поддержка графических процессоров AMD Navi 12/14 и APU семейств Arcturus и Renoir. Также начата работа над поддержкой будущей графики Intel Tiger Lake.
  • Флаги MADV_COLD и MADV_PAGEOUT для системного вызова madvise(). Они позволяют определить, какие данные в памяти некритичны для работы процесса или долго не понадобятся ему, чтобы эти данные можно было вытеснить в подкачку и высвободить память.
  • Из раздела Staging перенесена файловая система EROFS — очень лёгкая и быстрая ФС только для чтения, выгодная для хранения прошивок и livecd. Подробности.
  • В раздел Staging добавлен драйвер файловой системы exFAT, разработанный компанией Samsung.
  • Механизм haltpoll для повышения производительности гостевых систем. Он позволяет гостям получать дополнительное процессорное время до возврата CPU гипервизору. Подробности.
  • Контроллер blk-iocost для распределения ввода-вывода между cgroup. Новый контроллер ориентируется на затратность будущей операции IO. Подробности.
  • Пространства имён для символов модулей ядра. Подробности.
  • Продолжается работа по интеграции патчей реального времени в ядро.
  • Доработан механизм io_uring.
  • Ускорена работа с большими каталогами на XFS.
  • Десятки других изменений.

 ,


          

ADB to partner Posco to establish oil palm refinery

 Cache   

The Managing Director of the Agricultural Development Bank (ADB) Limited, Dr John Kofi Mensah, has expressed the readiness of the bank to partner Posco International, a multinational company from South Korea, to establish an oil palm refinery in the country.

Speaking during a courtesy call on him by the Chief Executive Officer of Posco International, North and West Africa, Mr Wonchae Yi, in Accra yesterday, Dr Mensah said the establishment of the refinery would make Ghana a major exporter of not only the raw material but also finished palm oil and kernel products which would yield more benefits to the country.

Posco International is a multinational company with expertise in the establishment of value chains in various areas of business, including steel, energy, agro-commodities, chemical products, machinery parts and infrastructural development.

The company has discovered and developed sustainable business models in more than 80 countries worldwide.

Follow up visit

The courtesy call was a follow-up to preliminary discussions with a Ghanaian delegation during private-sector facility sessions of the Global Climate Fund’s 24th Board Meeting in Incheon, South Korea.

The Ghanaian delegation was led by the Deputy Minister of Transport, Mr Daniel Nii Kwartei Titus-Glover, and included Dr Mensah.

Mr Wonchae led his company’s delegation which held discussions with the leadership of the ADB in Accra.

Feasibility studies

Dr Mensah, who welcomed the partnership, said the bank was prepared to assist with the necessary feasibility studies for the project to take off.

“We are happy to partner Posco International to help establish the refinery, which falls in line with the government’s Planting for Export and Rural Development (PERD) programme,” he said.

He added that with assistance from a National Designated Authority (NDA) under the Ministry of Finance, “we are going to fast-track the process of partnering Posco International for other projects in the country”.

According to him, the bank had the necessary expertise to make the establishment of the refinery possible, since it had been at the forefront of partnering companies such as the Ghana Oil Palm Development Company (GOPDC), the Benso Oil Palm Plantation (BOPP) and the Twifo Oil Palm Plantation (TOPP) in similar ventures.

Fresh palm fruits and palm kernel can be processed into vegetable cooking oil, glycerin, bio-diesel and can be used for soap-making, including washing and medicinal products.

The sap (palm wine) from the oil palm tree is also a resource for processing into various alcohols for industrial and domestic use.

Delivery partner

The ADB managing director further indicated that aside from the establishment of the refinery, the bank was going to be the delivery partner under the Ministry of Transport’s Accra City Electric Bus project.

He said the government chose the ADB because of its good financial performance over the last two years and its general experience, especially in financing the purchase of 150 buses for the Intercity STC Coaches Limited and the Metro Mass Transit Limited.

Dr Mensah also said due to the eco-friendly policy of Posco International, the ADB was going to establish a Green Climate Desk to ensure that all projects and activities to be undertaken as partners met the Green Climate agenda.

Readiness

Mr Wonchae expressed the readiness of his company to establish the oil refinery in Ghana to create more jobs and also deepen Ghana-South Korea economic relations.

He said the partnership was in line with the company’s strategic expansion drive in Africa, adding that Posco International would also collaborate with the ADB in other areas of interest to ensure that the agricultural sector in Ghana received the necessary boost.


          

The Little Red Hen Redux

 Cache   
The Little Red Hen Redux

BRUCE F. KRUEGER·THURSDAY, NOVEMBER 7, 2019

One bright, sun-shiny day at the collective farm, the Little Red Hen came across some seeds of wheat on the road.


“I have found some wheat grains!”exclaimed the Little Red Hen. “Who will help me plant them?”
“Not I!” said the Fat Cat.
“Not I!” said the Running Dog.
“Not I!” said the Bourgeois Pig.
“Not I!” said the Dirty Rat.

“Then I shall,” said the Little Red Hen.


So she scratched the ground and buried the kernels. In time, they grew into tall stalks... all golden and fine.
“Who will help me cut and thresh the wheat?” asked the Little Red Hen.
“Not I!” said the Fat Cat.
“Not I!” said the Running Dog.
“Not I!” said the Bourgeois Pig.
“Not I!” said the Dirty Rat.
“Then I shall,” said the Little Red Hen.
So she cut the stems with her beak and threshed and winnowed the grain with her wings.
“Who will help me get this wheat milled?” asked the Little Red Hen.
“Not I!” said the Fat Cat.
“Not I!” said the Running Dog.
“Not I!” said the Bourgeois Pig.
“Not I!” said the Dirty Rat.
“Then I shall,” said the Little Red Hen.
So she took the wheat down the road to the Sovkhoz mill where comrade workers ground it into a fine powder. The Little Red Hen then carried the bag of flour all the way home.



“Now who will help me make the bread?” asked the Little Red Hen.
“Not I!” said the Fat Cat.
“Not I!” said the Running Dog.
“Not I!” said the Bourgeois Pig.
“Not I!” said the Dirty Rat.
“Then I shall,” said the Little Red Hen.
So she added water to the flour, and kneaded it with her feet. And the dry powder became a soft, pliable dough.



“I think you need to add yeast,” said the Silly Goose.
“Where the hell am I going to get yeast?!” asked the Little Red Hen as she placed the dough into in a preheated (350°) oven and baked the bread for forty minutes.
When the avocado green timer went off, the Little Red Hen asked, “Now who will help me eat this delicious, unleavened bread?”


“We will!” exclaimed the Fat Cat, the Running Dog, the Bourgeois Pig, and the Dirty Rat.
“Nuh-uhhh!” said the Little Red Hen. “No, you shan’t!” She then put on and adjusted her colorful cloth napkin, which she had purchased just a year ago when NEP was in place.
Shortly thereafter, a couple of Checkists arrived and sat to table along with the Little Red Hen. Together, they all enjoyed her tasty baked bread. Upon leaving, they took along the useless parasites for political reëducation.~


THE [LITTLE RED] END, SHEEPLE. 
Παραλλαγή του αγγλικού παιδικού παραμυθιού : "The little red hen."
Αποχή απο δουλειά, αλλά όλοι θυμούνται την ίσια μοιρασιά..
Μια φορά κι έναν καιρό, ήταν μια μικρή κόκκινη κλώσσα, που σκάλιζε το χώμα στη φάρμα που ζούσε, μέχρι που ανακάλυψε μερικούς σπόρους σιταριού. Φώναξε τότε τους γείτονές της και τους είπε 'Αν φυτέψουμε αυτούς τους σπόρους, θα μπορέσουμε να έχουμε ψωμί να φάμε. Ποιος θα με βοηθήσει στο όργωμα και στο φύτεμα;' Ρώτησε η μικρή κόκκινη κλώσσα.

'Όχι εγώ', είπε η αγελάδα, 'τέλειωσε το ωράριο μου'.
'Όχι εγώ', είπε η πάπια, 'σήμερα έχω ημιαργία'.
'Όχι εγώ', είπε το γουρούνι, 'έχω πάρει άδεια αιμοδοσίας'.
'Όχι εγώ', είπε η χήνα, 'ψάχνω για δουλειά'. ....
'Θα το κάνω τότε μόνη μου', είπε η μικρή κόκκινη κλώσσα. Κι έτσι κι έκανε. Όργωσε το χωράφι, φύτεψε τους σπόρους, πότισε το χωράφι, το σιτάρι ψήλωσε κι ωρίμασε, που έγινε ψηλό και ολόχρυσο. 'Ποιος θα με βοηθήσει να θερίσω το
σιτάρι;' Ρώτησε τότε η μικρή κόκκινη κλώσσα.
'Όχι εγώ', είπε η πάπια, 'σήμερα κάνω στάση εργασίας.'
'Όχι εγώ, είναι εκτός της ειδικότητας μου', είπε το γουρούνι.
'Όχι εγώ, θα χάσω την αρχαιότητά μου', είπε η αγελάδα.
'Όχι εγώ, θα χάσω το επίδομα ανεργίας', είπε η χήνα.
'Θα το κάνω τότε μόνη μου', είπε η μικρή κόκκινη κλώσσα. Κι έτσι κι έκανε.
Θέρισε το σιτάρι, έφτιαξε το αλεύρι και έφτασε επιτέλους η ώρα να φτιαχτεί το ψωμί. 'Ποιος θα με βοηθήσει να ζυμώσω το ψωμί;' ρώτησε η μικρή κόκκινη κλώσσα.
'Όχι εγώ, θα ήταν υπερωρία αν σε βοηθούσα', είπε η αγελάδα.
'Όχι εγώ, θα έχανα το επίδομα της έγκαιρης προσέλευσης', είπε η πάπια.
'Όχι εγώ, θα έχανα το επίδομα ωρίμανσης, είπε το γουρούνι.
'Όχι εγώ, θα ήτανε ρατσιστικό να ήμουν εγώ η μόνος βοηθός', είπε η χήνα.
'Θα το κάνω τότε μόνη μου', είπε η μικρή κόκκινη κλώσσα. Ζύμωσε κι έψησε πέντε φρατζόλες. Μύρισε όμορφα το φρεσκοψημένο ψωμί, σε όλη η φάρμα και τότε
μαζεύτηκαν όλα τα ζώα. Όλα θέλανε - για την ακρίβεια απαιτούσανε -, μερίδιο απ' το ψωμί. Αλλά η μικρή κόκκινη κλώσσα είπε, 'Όχι, μπορώ να φάω και τις πέντε φρατζόλες μοναχή μου'.
'Αίσχος - Κερδοσκοπία!', φώναξε η αγελάδα.
'Καπιταλιστική βδέλλα!', ούρλιαξε η πάπια.
'Απαιτώ ίσα δικαιώματα!', διαμαρτυρήθηκε η χήνα.
Και το γουρούνι, απλώς γρύλισε, καθώς βαρέθηκε να κάνει κάτι παραπάνω.
Και γράψανε σε πλακάτ 'Αδικία', 'Η μικρή κόκκινη κλώσσα να φορολογηθεί', 'Να κρατικοποιηθεί το ψωμί', 'Τα πεινασμένα ζώα έχουν δίκιο', 'Νόμος είναι το δίκιο του γουρουνιού' και κάνανε πορεία γύρω - γύρω από τη μικρή κόκκινη
κλώσσα φωνάζοντας διάφορα συνθήματα.

Τότε ήρθε ο αντιπρόσωπος της κυβέρνησης και είπε στη μικρή κόκκινη κλώσσα.'Δε πρέπει να είσαι τόσο άπληστη, δεν μπορείς να το φας μόνη σου'.
'Μα εγώ δούλεψα μόνη μου, για να φτιαχτεί αυτό το ψωμί, κανένας άλλος δεν μe βοήθησε', είπε η μικρή κόκκινη κλώσσα. 'Ολομόναχη μου, τα έκανα όλα.'

'Ακριβώς', είπε ο αντιπρόσωπος της κυβέρνησης. 'Αυτή είναι η ομορφιά της ελεύθερης αγοράς. Καθένας μπορεί να δουλεύει όσο θέλει. Αλλά, με τους σύγχρονους κρατικούς κανονισμούς, το ψωμί θα πρέπει να μοιραστεί σε όλα τα ζώα και η εσύ μικρή κόκκινη κλώσα, θα πρέπει να δώσεις φόρο την μισή φρατζόλα ψωμιού στο κράτος, να πληρώσεις ακόμα φόρο ακίνητης περιουσίας για το χωράφι που όργωσες, να πληρώσεις για να δημοσιεύσεις στις εφημερίδες φωτογραφίες του ψωμιού που έψησες και να πληρώσεις εισφορές στα ταμεία των αγροτών, των μυλωνάδων και αρτοποιών, οπότε θα σου μείνει το ένα τέταρτο της φρατζόλας. 

Τι νομίζεις δηλαδή, ότι εσύ θα τρως και οι άλλοι θα πεινάνε;' Και έζησε η μικρή κόκκινη κλώσσα καλά -με το ένα τέταρτο της φρατζόλας-, και τα υπόλοιπα ζώα -με τις ολόκληρες φρατζόλες- ακόμα καλύτερα. Κι από τότε, η μικρή κόκκινη κλώσσα σταμάτησε να φτιάχνει το ψωμί της σε αυτήν τη φάρμα και πήγαινε σε άλλη φάρμα. Οι γείτονές της όμως, η πάπια, η αγελάδα, το γουρούνι και η χήνα αναρωτιόνται ακόμα μέχρι σήμερα γιατί η μικρή κόκκινη κλώσσα δεν έφτιαξε ποτέ ξανά άλλο ψωμί.
Παραλλαγή του αγγλικού παιδικού παραμυθιού : "The little red hen."



          

Disponible Sislander 19.09-11 con Kernel actualizado

 Cache   
Es un desarrollo muy importante que permite detectar y trabajar mejor con mayor variedad de hardware. El mayor beneficio es para quienes realizan una instalación nueva o re-instalación de  Sislander. Sin embargo, quienes ya lo tengan funcionando también obtendrán ventajas de la actualización del kernel porque gestiona mejor numerosos módulos (drivers que controlan el equipo). Solo aprovecharán el nuevo kernel […]
          

Kernel (Linux) Hardware Support: Logitech, Driver Subsystem and More

 Cache   
  • Linux 5.5 Brings Logitech G15 Driver, Better Windows Precision Touchpad Support

    The HID area of the kernel is always eventful when it comes to improving the input device support for newer hardware. With Linux 5.5 the HID story means a new Logitech driver and other enhancements.

  • The "Catch-All" Driver Subsystem Changes Sent In For Linux 5.5

    Greg Kroah-Hartman sent in the char/misc changes earlier this week and were already merged for Linux 5.5.

    In the pull request Greg commented, "Here is the big set of char/misc and other driver patches for 5.5-rc1 Loads of different things in here, this feels like the catch-all of driver subsystems these days." Indeed, char/misc these days is a random smothering of work. There had been talk previously of spinning out portions like a proposed hardware accelerator subsystem but as it stands now no major splits to char/misc but it just continues increasing in scope.

  • System76 ACPI Coreboot Laptop Driver, Huawei Laptop Improvements Sent In For Linux 5.5

    Sent in on Thursday were the platform-drivers-x86 updates targeting the Linux 5.5 kernel.

    [...]

    - The Huawei laptop driver for hotkeys and related functionality now supports newer models. The Huawei driver also now supports Fn-lock, battery charging thresholds, exposing additional information via DebugFS, and other improvements.


          

Real hardware breakthroughs, and focusing on rustc

 Cache   

After the addition of the NVMe driver a couple months ago, I have been running Redox OS permanently (from an install to disk) on a System76 Galago Pro (galp3-c), with System76 Open Firmware as well as the un-announced, in-development, GPLv3 System76 EC firmware . This particular hardware has full support for the keyboard, touchpad, storage, and ethernet, making it easy to use with Redox.

This particular machine has had a debugging port soldered on, using the unused CEC pin of the HDMI port as RX, and then a custom HDMI to USB serial cable for closed-chassis debug. Now I can get serial output from the board, using the Intel LPSS UART on the PCH, which is supported in this commit to the kernel, and an earlier commit fixing memory-mapped serial ports. This has allowed for easier debugging of the kernel and drivers.

I am fairly satisfied with how things are going, and will continue to focus on running a permanently installed Redox system. My work on real hardware has improved drivers and services, added HiDPI support to a number of applications, and spawned the creation of new projects such as pkgar to make it easier to install Redox from a live disk.

It has also become easier than ever to cross-compile for Redox, with the redoxer tool which can build, run, and test using commands similar to cargo. It automatically manages a Redox toolchain and can run executables and tests for Redox inside of a container on demand.

However, a long-standing issue (the longstanding issue?) of Redox OS has been this: To allow the compilation of Rust binaries on Redox OS.

Read more


          

IT / Software / Systems: Computer Vision, Software Dev/Test Engineer for 3D Augmented Applications in Plantation, FL - Miami, Florida

 Cache   
Senior Software Developer in Test for system test development and validation of our Spatial Computing -system that provides a realistic 3D augmented environment on top of the real world. Position will focus on the test development, execution and requirements validation of our Computer Vision algorithms and components, and their functionality with in our product - Responsibilities Work with the development, program management, and test teams to define, develop, and execute white box tests at the API level and back box tests and system level that will allow us to perform functional and nonfunctional validation of the sensors, algorithms, services, and components that make up our computer vision deliverables Execute subjective testing in different environments and scenarios to verify computer vision improvements with jitter, judder, swim, mapping and tracking Define or develop test utilities to accomplish the assigned testing Includes being able exercise and further expand the capabilities of in house tools based on Unity Analyze various components, collaborate with various development teams, and use your technical expertise to investigate, troubleshoot and verify software defects and other technical issues Experience with being able to analyze logs to help root cause the issue or -determine the component(s) causing it Review integrated code change to isolate which one might be causing a failure within a release Provide technical recommendations towards solution that supports Continuous Integration, Continuous Delivery, and Agile practices - Must have Skillsets: 8+ years of software development experience working on embedded products or mobile applications with a minimum of 5 of those years having an emphasis on computer vision testing C/C++ programming and Unix Shell Scripting Knowledge on jitter, judder, swim, and how to recognize them is desired Experience with Mapping and tracking algorithms; Camera optics, Image sensor technology; Image filtering techniques; Image analysis and segmentation; IMUs is preferred Knowledgeable on Linux OS, middleware, kernel, and device drivers - Location: Plantation, FL Duration: 6-12+ months. ()
          

Professions: Cloud Security Architect - Richardson, Texas

 Cache   
Job Title: -Information Secuirty Engineer Location: -Richardson, Texas Job-Type: -Direct Hire - Position Overview: Gravity is looking for Cloud Security Architect to spearhead our client's software development and security departments supporting Cloud infrastructure and DevSecOps strategies. As a member of the Security team, the individual will have responsibilities in developing and implementing a robust security strategy to secure our cloud infrastructure and cloud-native applications. Our client is an on-line brokerage firm seeking to level the playing field for self-directed investors and traders, empowering them to claim their individual financial edge. Duties & Responsibilities: Assist in developing and maintaining a robust security strategy designed to address risks associated with cloud infrastructures and cloud-native applications Work closely with development teams in the design of cloud native services and infrastructure Review and assess current cloud infrastructures to identify gaps and mitigations Prepare and document policies and standards around cloud security Develop secure cloud practices and educate employees in multiple roles and levels on them Perform research and evaluate security technologies designed to protect cloud infrastructure and cloud-native applications and systems Design and implement guardrails and other controls Build out pragmatic and reusable solutions for security problems Assist with other security related initiatives as they arise Required knowledge & Skills: In this leadership position, abilities such as formulating short and long-term strategies and communicating at all levels (technical, management, executive, etc.) will be required Exceptional understanding of security principles, strategies, and goals Ability to successfully balance and prioritize security needs with other deliverable timelines, budgets, etc. Strong understanding of Linux Kernel-level security threats and mitigations Strong experience with securing Kubernetes at the Pod/Node/Cluster levels including network policy, node to node encryption, mutual TLS, etc. Strong experience in Container Management and DevOps pipeline Strong experience in software development with various programming languages Knowledge of AWS networking (security groups, ACL, etc.), IAM, STS, WAF, Shield and ALB protections Ability to actively assess existing cloud infrastructures to identify gaps and mitigations Thorough understanding of the latest security principles, techniques, and tooling Able to multitask and prioritize in a dynamic environment with continuously shifting priorities Ability to communicate security concepts and issues to peers and management Possess and maintain up-to-date understanding of emerging trends in cloud native security including research of the latest products to combat these threats Strong analytical and problem-solving skills Excellent verbal and written communication skills Demonstrated personal initiative in maintaining a continuous high level of professional knowledge in areas of cloud security Education & Experience: Bachelor's degree in Information Security, Information Systems, or a related field with at least 3 years of experience OR 7 years of demonstrable progressive work in the information security field Experience with cloud security and/or emerging security technologies such as AI-based systems strongly preferred One or more of the following certifications strongly preferred:CISSP (and/or other ISC2 certifications) SANS GIAC certifications CEH, OSCP, or other penetration testing certifications Other industry recognized certifications or accreditations ()
          

The Effects of Demographic Change and the Present Challenges for Human Resource Management in German Local Authorities in Relation to Workforce Planning to Facilitate the Management of Knowledge

 Cache   
Original languageEnglish
Awarding Institution
Supervisors/Advisors
  • David Pickernell (Supervisor)
Award dateJul 2017

          

Security Now 742: Pushing "DoH"

 Cache   

Security Now (Audio)

  • The future of the Linux kernel underneath the Android OS
  • Inherent challenges presented by the nature of the Android ecosystem
  • VNC users: Time to update!
  • A welcome change to Twitter & SMS-based 2FA
  • A "foregone conclusion" to law enforcement's strategy to force password divulgence
  • Pre-announcement from Microsoft about DNS
  • Details of the emerging DoH protocol

We invite you to read our show notes at https://www.grc.com/sn/SN-742-Notes.pdf

Hosts: Steve Gibson and Leo Laporte

Download or subscribe to this show at https://twit.tv/shows/security-now.

You can submit a question to Security Now! at the GRC Feedback Page.

For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6.

Sponsors:


          

Noop now named none

 Cache   

Lately more and more people approached me with saptune warnings regarding ‘noop’ being an invalid scheduler. With new Servie Packs we see a transition from non-multiqueue schedulers (noop, cfq, deadline) to multiqueue schedulers (none, mq-deadline, bfq, kyber). This transition will be finished with kernel 5.x (SLES 15 SP2). Only multiqueue schedulers will remain. Even if […]

The post Noop now named none appeared first on SUSE Communities.


          

The Open-Source NVIDIA Driver Will End Out 2019 In Poor Shape Still For Newer GPUs

 Cache   
Phoronix: The Open-Source NVIDIA Driver Will End Out 2019 In Poor Shape Still For Newer GPUs For the imminent Linux 5.5 kernel cycle we have...
          

Kernel-Power 41 (63) Lorsque PC inactif ou au bout d'un certain temps.

 Cache   
Forum: Windows, Mac, Linux et systèmes d'exploitation Ecrit par: OverKyL Heure du Message : 24/11/2019 à 14h01
          

tcpip.sys Blue Screen of Death on Windows 10

 Cache   

Dear Colleagues,

When I using a laptop, the following error occurred. Any solutions available?

- ;
-
12
0
4
1
0
0x8000000000000080
3862
System
L123
-
10
0
18362
476
0
0
2019-11-18T00:26:49.500000000Z

Thank you.


          

Senior SW Engineer - Microsoft - Redmond, WA

 Cache   
This involves troubleshooting and getting logs from failing machines and working on repro the issue later for investigation. Experience with Windows OS Kernel.
From Microsoft - Sat, 15 Jun 2019 00:36:56 GMT - View all Redmond, WA jobs
          

Удаление старых ядер (kernel) в Oracle Linux UEK

 Cache   
Раздел /boot как правило создается на отдельной ФС и её размер обычно делают 256MB, 512MB или 1GB и рано или поздно место на нем заканчивается. Как правило причиной всему служит обилие старых ядер (kernel). Конечно система сама будет подчищать старые ядра, но есть нюансы. Обо всех тонкостях мы и поговорим ниже. Исходные данные: Oracle Linux […]
          

Star Wars R2D2 Popcorn Maker Only At Williams Sonoma

 Cache   

Star Wars R2D2 Popcorn Maker Only At Williams Sonoma Give snack time the intergalactic edge with this popcorn maker shaped like everyone’s favorite Star Wars™ droid. Simply plug him in, add corn kernels and watch as R2-D2 makes quick work of air-popping a healthy snack for movie night. Hand-assembled. BPA-free plastic housing. Head doubles as a […]

The post Star Wars R2D2 Popcorn Maker Only At Williams Sonoma appeared first on MyLitter - One Deal At A Time.


          

Qubes-Whonix Security Disadvantages - Help Wanted!

 Cache   

@Patrick wrote:

kloak (Anti Keystroke Deanonymization)


Linux Kernel Runtime Guard (LKRG)


tirdad (TCP ISN CPU Information Leak Protection.)


Kernel Hardening through Kernel Boot Parameters


Strong Linux User Account Separation / Protection against Bruteforcing Linux User Account Passwords


Please help fixing these issues!

Posts: 1

Participants: 1

Read full topic


          

Architecture Specific, Compiled, Third Party, "special" Packages / Porting Whonix

 Cache   

@Patrick wrote:

A list of these was created just now.

Posts: 1

Participants: 1

Read full topic


          

Qubes sudo / su / root Hardening - Development Discussion

 Cache   

@Patrick wrote:

Too bad, that Qubes-Whonix users do not fully benefit much from the recent user/root/misc hardening by Whonix by default such as for example:

Preventing malware from gaining root is vital to prevent malware from breaking out of a VM, spreading to dom0 or other VMs. Many attacks aren’t possible with root and/or kernel level compromise.
(More meaningful separation of root and kernel is being worked on.)

This is currently really bad in Qubes Debian templates. Any compromised user (not only user user) can use su without a password and gain root. (bug reported here)

Just learned that qubes-template-debian-10-minimal comes without passwordless root by default. This is documented here:
https://www.qubes-os.org/doc/templates/minimal/#passwordless-root
Quote:

It is an intentional design choice for Passwordless Root Access in VMs to be optional in Minimal TemplateVMs. Since the Minimal TemplateVMs are minimal , they are not configured for passwordless root by default. To update or install packages, execute the following command in dom0 (where X is your distro and version number):

[user@dom0 ~]$ qvm-run -u root X-minimal xterm

This opens a root terminal in the Minimal TemplateVM, from which you can use execute root commands without sudo . You will have to do this every time if you choose not to enable passwordless root.

If you want to be able to use sudo inside a Minimal TemplateVM (or TemplateBasedVMs based on a Minimal TemplateVM), open a root terminal as just instructed, then install the qubes-core-agent-passwordless-root package.

Optionally, verify that passwordless root now works by opening a normal (non-root) xterm window in the Minimal TemplateVM, then issue the command sudo -l . This should give you output that includes the NOPASSWD keyword.

In Qubes Debian minimal templates user user is also by default not a member of group sudo.

This is an excellent basis for Qubes-Whonix.
(Which is already based on Qubes Debian minimal templates.)

Qubes-Whonix package qubes-whonix-shared-packages-recommended currently Depends: on qubes-core-agent-passwordless-root. This dependency could be dropped.

The question is, how users could easily gain root then. In dom0 command line:

qvm-run -u root X-minimal xterm

Or

qvm-run -u root X-minimal xfce4-terminal

Usability issue. Which may be fixable. More on that below.

Security issue? Better than the default we have now. However, I am not sure if that is non-ideal security wise. Running a GUI application as root? Maybe a better default would be if a user admin would be a member of group sudo by default? Then open a terminal as user admin and allow admin to use sudo without a password?

Usability. Somehow add a Qubes start menu entry. Not sure that is yet supported by Qubes to run something as a different user from Qubes start menu.

Example:

dom0

cat .local/share/qubes-appmenus/debian-10/apps.templates/xfce4-terminal.desktop

[Desktop Entry]

Exec=qvm-run -q -a --service – %VMNAME% qubes.StartApp+xfce4-terminal

We’d have to use qvm-run -u admin. That may require Qubes dom0 enhancements.

If these aren’t coming / too late, maybe we could work around that limitation somehow. Perhaps an /etc/sudoers.d exception. Maybe a dom0 yes/no prompt using qrexec.

Posts: 3

Participants: 2

Read full topic


          

TCP ISN CPU Information Leak Protection - tirdad

 Cache   

@Patrick wrote:

Posts: 4

Participants: 1

Read full topic


          

Software ISCSI adapter on ESXi

 Cache   

Hi everyone,

Trying to learn ISCSI on ESXI.

 

My lab set up:

ESxi-2  vmk0--172.20.10.52-vSW-VMNIC0----------- 172.20.10.10  STORAGE ISCSI TARGET-LUNS

             vmk1--172.20.11.52-VSW-VMNIC1----------- 172.20.11.10

 

Above single window box is configured for ISCSI storage. This window box has two IPS which are tied to ISCSI targets.

I observed following:

Below we can see two VM kernels ports:

ESXI-2-VMKERNEL-PORTS.PNG

Below we can see no VMkernel ports were bound to ISCSI adapter:

STORAGE-ADAPTERS-NO NIC_BINDING.PNG

Below we  instruct Exsi-2 to dynamically discover target 172.20.10.10:

DYANMIC-DISCOVERY.PNG

 

Below ESXi-2 discovers the targets :

MANY-TARGETS-DISCOVERED.PNG

 

Questions:

1) Above we have not bound any VM kernel ports to ISCSI software adapter but ESXi-2 has discovered targets from all all available VM kernels ports. It looks to me if we do not bind any VM kernel ports, ESXi sends ISCSI discovery messages from all VM kernel ports trying to discover specified target. is this correct?

 

2) Above we ask ESXi to discover 172.20.10.10  only, but  it is able to discover some additional targets 172.20.11.10,  How does ESXi come to know about 172.20.11.10?  Storage in our case has two IPS , 172.20.10.10, 172.20.11.10 . We never told ESXI about 172.20.11.10 when doing dynamic discovery.  it looks like to me Storage communicates to ESXIi all the IPS  which are configured to receive ISCSI traffic.  is this correct?

 

Thanks and have a good weekend !!


          

Converting an existing installation to LUKS using luksipc

 Cache   
This is a burst of notes that I wrote in an e-mail in June when asked about it, and I'm not going to have any better steps since I don't remember even that amount as back then. I figured it's better to have it out than not.

So... if you want to use LUKS In-Place Conversion Tool, the notes below on converting a shipped-with-Ubuntu Dell XPS 13 Developer Edition (2015 Intel Broadwell model) may help you. There were a couple of small learnings to be had...
 
The page http://www.johannes-bauer.com/linux/luksipc/ itself is good and without errors, although funnily uses reiserfs as an example. It was only a bit unclear why I did save the initial_keyfile.bin since it was then removed in the next step (I guess it's for the case you want to have a recovery file hidden somewhere in case you forget the passphrase).

For using the tool I booted from a 14.04.2 LTS USB live image and operated there, including downloading and compiling luksipc in the live session. The exact reason of resizing before luksipc was a bit unclear to me at first so I simply indeed resized the main rootfs partition and left unallocated space in the partition table.


Then finally I ran ./luksipc -d /dev/sda4 etc.


I realized I want /boot to be on an unencrypted partition to be able to load the kernel + initrd from grub before entering into LUKS unlocking. I couldn't resize the luks partition anymore since it was encrypted... So I resized what I think was the empty small DIAGS partition (maybe used for some system diagnostic or something, I don't know), or possibly the next one that is the actual recovery partition one can reinstall the pre-installed Ubuntu from. And naturally I had some problems because it seems vfatresize tool didn't do what I wanted it to do and gparted simply crashed when I tried to use it first to do the same. Anyway, when done with getting some extra free space somewhere, I used the remaining 350MB for /boot where I copied the rootfs's /boot contents to.

After adding the passphrase in luks I had everything encrypted etc and decryptable, but obviously I could only access it from a live session by manual cryptsetup luksOpen + mount /dev/mapper/myroot commands. I needed to configure GRUB, and I needed to do it with the grub-efi-amd64 which was a bit unfamiliar to me. There's also grub-efi-amd64-signed I have installed now but I'm not sure if it was required for the configuration. Secure boot is not enabled by default in BIOS so maybe it isn't needed.


I did GRUB installation – I think inside rootfs chroot where I also mounted /dev/sda6 as /boot (inside the rootfs chroot), ie mounted dev, sys with -o bind to under the chroot (from outside chroot) and mount -t proc proc proc too. I did a lot of trial and effort so I surely also tried from outside the chroot, in the live session, using some parameters to point to the mounted rootfs's directories...


I needed to definitely install cryptsetup etc inside the encrypted rootfs with apt, and I remember debugging for some time if they went to the initrd correctly after I executed mkinitramfs/update-initramfs inside the chroot.


At the end I had grub asking for the password correctly at bootup. Obviously I had edited the rootfs's /etc/fstab to include the new /boot partition, I changed / to be "UUID=/dev/mapper/myroot /     ext4    errors=remount-ro 0       ", kept /boot/efi as coming from the /dev/sda1 and so on. I had also added "myroot /dev/sda4 none luks" to /etc/crypttab. I seem to also have GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda4:myroot root=/dev/mapper/myroot" in /etc/default/grub.

The only thing I did save from the live session was the original partition table if I want to revert.


So the original was:

Found valid GPT with protective MBR; using GPT.
Disk /dev/sda: 500118192 sectors, 238.5 GiB
Logical sector size: 512 bytes
...
First usable sector is 34, last usable sector is 500118158
Partitions will be aligned on 2048-sector boundaries
Total free space is 6765 sectors (3.3 MiB)
 
Number  Start (sector)    End (sector)  Size       Code  Name
1            2048         1026047   500.0 MiB   EF00  EFI system partition
2         1026048         1107967   40.0 MiB    FFFF  Basic data partition
3         1107968         7399423   3.0 GiB     0700  Basic data partition
4         7399424       467013631   219.2 GiB   8300
5       467017728       500117503   15.8 GiB    8200

And I now have:


Number  Start (sector)    End (sector)  Size       Code  Name

1            2048         1026047   500.0 MiB   EF00  EFI system partition
2         1026048         1107967   40.0 MiB    FFFF  Basic data partition
3         1832960         7399423   2.7 GiB     0700  Basic data partition
4         7399424       467013631   219.2 GiB   8300
5       467017728       500117503   15.8 GiB    8200
6         1107968         1832959   354.0 MiB   8300

So it seems I did not edit DIAGS (and it was also originally just 40MB) but did something with the recovery partition while preserving its contents. It's a FAT partition so maybe I was able to somehow resize it after all.


The 16GB partition is the default swap partition. I did not encrypt it at least yet, I tend to not run into swap anyway ever in my normal use with the 8GB RAM.


If you go this route, good luck! :D

          

Quick Look: Dell XPS 13 Developer Edition (2015) with Ubuntu 14.04 LTS

 Cache   
I recently obtained the newest Dell's Ubuntu developer offering, XPS 13 (2015, model 9343). I opted in for FullHD non-touch display, mostly because of better battery life, the actual no need for higher resolution, and matte screen which is great outside. Touch would have been "nice-to-have", but in my work I don't really need it.

The other specifications include i7-5600U CPU, 8GB RAM, 256GB SSD [edit: lshw], and of course Ubuntu 14.04 LTS pre-installed as OEM specific installation. It was not possible to directly order it from Dell site, as Finland is reportedly not online market for Dell... The wholesale company however managed to get two models on their lists and so it's now possible to order via retailers. [edit: here are some country specific direct web order links however US, DE, FR, SE, NL]

In this blog post I give a quick look on how I started up using it, and do a few observations on the pre-installed Ubuntu included. I personally was interested in using the pre-installed Ubuntu like a non-Debian/Ubuntu developer would use it, but Dell has also provided instructions for Ubuntu 15.04, Debian 7.0 and Debian 8.0 advanced users among else. Even if not using the pre-installed Ubuntu, the benefit from buying an Ubuntu laptop is obviously smaller cost and on the other hand contributing to free software (by paying for the hardware enablement engineering done by or purchased by Dell).

Unboxing

The Black Box. (and white cat)

Opened box.






First time lid opened, no dust here yet!
First time boot up, transitioning from the boot logo to a first time Ubuntu video.
A small clip from the end of the welcoming video.
First time setup. Language, Dell EULA, connecting to WiFi, location, keyboard, user+password.
Creating recovery media. I opted not to do this as I had happened to read that it's highly recommended to install upgrades first, including to this tool.
Finalizing setup.
Ready to log in!
It's alive!
Not so recent 14.04 LTS image... lots of updates.

Problems in the First Batch

Unfortunately the first batch of XPS 13:s with Ubuntu are going to ship with some problems. They're easy to fix if you know how to, but it's sad that they're there to begin with in the factory image. There is no knowledge when a fixed batch will start shipping - July maybe?

First of all, installing software upgrades stops. You need to run the following command via Dash → Terminal once: sudo apt-get install -f (it suggests upgrading libc-dev-bin, libc6-dbg, libc6-dev and udev). After that you can continue running Software Updater as usual, maybe rebooting in between.

Secondly, the fixed touchpad driver is included but not enabled by default. You need to enable the only non-enabled ”Additional Driver” as seen in the picture below or instructed in Youtube.

Dialog enabling the touchpad driver.

Clarification: you can safely ignore the two paragraphs below, they're just for advanced users like me who want to play with upgraded driver stacks.

Optionally, since I'm interested in the latest graphics drivers especially in case of a brand new hardware like Intel Broadwell, I upgraded my Ubuntu to use the 14.04.2 Hardware Enablement stack (matches 14.10 hardware support): sudo apt install --install-recommends libgles2-mesa-lts-utopic libglapi-mesa-lts-utopic linux-generic-lts-utopic xserver-xorg-lts-utopic libgl1-mesa-dri-lts-utopic libegl1-mesa-drivers-lts-utopic libgl1-mesa-glx-lts-utopic:i386
 
Even though it's much better than a normal Ubuntu 14.10 would be since many of the Dell fixes continue to be in use, some functionality might become worse compared to the pre-installed stack. The only thing I have noticed though is the internal microphone not working anymore out-of-the-box, requiring a kernel patch as mentioned in Dell's notes. This is not a surprise since the real eventual upstream support involves switching from HDA to I2S and during 14.10 kernel work that was not nearly done. If you're excited about new drivers, I'd recommend waiting until August when the 15.04 based 14.04.3 stack is available (same package names, but 'vivid' instead of 'utopic'). [edit: I couldn't resist myself when I saw linux-generic-lts-vivid (3.19 kernel) is already in the archives. 14.04.2 + that gives me working microphone again!] [edit 08/2015: full 14.04.3 HWE stack now available, improves graphics performance and features among else, everything seems good: sudo apt install --install-recommends linux-generic-lts-vivid libgles2-mesa-lts-vivid libglapi-mesa-lts-vivid xserver-xorg-lts-vivid libgl1-mesa-dri-lts-vivid libegl1-mesa-lts-vivid libgl1-mesa-glx-lts-vivid:i386 libegl1-mesa-lts-vivid libwayland-egl1-mesa-lts-vivid mesa-vdpau-drivers-lts-vivid libgl1-mesa-dri-lts-vivid:i386 ]

Conclusion

Dell XPS 13 Developer Edition with Ubuntu 14.04 LTS is an extremely capable laptop + OS combination nearing perfection, but not quite there because of the software problems in the launch pre-install image. The laptop looks great, feels like a quality product should and is very compact for the screen size.

I've moved over all my work onto it and everything so far is working smoothly in my day-to-day tasks. I'm staying at Ubuntu 14.04 LTS and using my previous LXC configuration to run the latest Ubuntu and Debian development versions. I've also done some interesting changes already like LUKS In-Place Conversion, converting the pre-installed Ubuntu into whole disk encrypted one (not recommended for the faint hearted, GRUB reconfiguration is a bit of a pain).

I look happily forward to working a few productive years with this one!


          

Workaround for setting Full RGB when Intel driver's Automatic setting does not work

 Cache   

Background

I upgraded from Linux 3.8 to 3.11 among with newer Mesa, X.Org and Intel driver recently and I found a small workaround was needed because of upstream changes.

The upstream change was the Add "Automatic" mode for "Broadcast RGB" property, and defaulting to the Automatic. This is a sensible default, since many (most?) TVs default to the more limited 16-235, and continuing to default to Full from the driver side would mean wrong colors on the TV. I've set my screen to support the full 0-255 range available to not cut the amount of available shades of colors down.

Unfortunately it seems the Automatic setting does not work for my HDMI input, ie blacks become grey since the driver still outputs the more limited range. Maybe there could be something to improve on the driver side, but I'd guess it's more about my 2008 Sony TV actually having a mode that the standard suggests limited range for. I remember the TV did default to limited range, so maybe the EDID data from TV does not change when setting the RGB range to Full.

I hope the Automatic setting works to offer full range on newer screens and the modes they have, but that's probably up to the manufacturers and standards.

Below is an illustration of the correct setting on my Haswell CPU. When the Broadcast RGB is left to its default Automatic setting, the above image is displayed. When set to Full, the image below with deeper blacks is seen instead. I used manual settings on my camera so it's the same exposure.


Workaround

For me the workaround has evolved to the following so far. Create a /etc/X11/Xsession.d/95fullrgb file:
 
if [ "$(/usr/bin/xrandr -q --prop | grep 'Broadcast RGB: Full' | wc -l)" = "0" ] ; then
/usr/bin/xrandr --output HDMI3 --set "Broadcast RGB" "Full"
fi
And since I'm using lightdm, adding the following to /etc/lightdm/lightdm.conf means the flicker only happens once during bootup:

display-setup-script=/etc/X11/Xsession.d/95fullrgb

Important: when using the LightDM setting, enable executable bits (chmod +x) to /etc/X11/Xsession.d/95fullrgb for it to work. Obviously also check your output, for me it was HDMI3.

If there is no situation where it'd set back to "Limited 16:235" setting on its own, the display manager script should be enough and having it in /etc/X11/Xsession.d is redundant and slows login time down. I think for me it maybe went from 2 seconds to 3 seconds since executing xrandr query is not cheap.

Misc

Note that unrelated to Full range usage, the Limited range at the moment behaves incorrectly on Haswell until the patch in bug #71769 is accepted. That means, the blacks are grey in Limited mode even if the screen is also set to Limited.

I'd prefer there would be a kernel parameter for the Broadcast RGB setting, although my Haswell machine does boot so fast I don't get to see too many seconds of wrong colors...
          

Latest Compiz gaming update to the Ubuntu 12.04 LTS

 Cache   
A new Compiz window manager performance update reached Ubuntu 12.04 LTS users last week. This completes the earlier [1] [2] enabling of 'unredirected' (compositing disabled) fullscreen gaming and other applications for performance benefits.

The update has two fixes. The first one fixes a compiz CPU usage regression. The second one enables unredirection also for Intel and Nouveau users using the Mesa 9.0.x stack. That means up-to-date installs from 12.04.2 LTS installation media and anyone with original 12.04 LTS installation who has opted in to the 'quantal' package updates of the kernel, X.Org and mesa *)

The new default setting for the unredirection blacklist is shown in the image below (CompizConfig Settings Manager -> General -> OpenGL). It now only blacklists the original Mesa 8.0.x series for nouveau and intel, plus the '9.0' (not a point release).


I did new runs of OpenArena at openbenchmarking.org from a 12.04.2 LTS live USB. For comparison I first had a run with the non-updated Mesa 9.0 from February. I then allowed Ubuntu to upgrade the Mesa to the current 9.0.3, and ran the test with both the previous version of Compiz and the new one released.

12.04.2 LTS    Mesa 9.0   | Mesa 9.0.3 | Mesa 9.0.3
               old Compiz | old Compiz | new Compiz
OpenArena fps    29.63    |   31.90    | 35.03     

Reading into the results, Mesa 9.0.3 seems to have improved the slowdown in the redirected case. That would include normal desktop usage as well. Meanwhile the unredirected performance remains about 10% higher.

*) Packages linux-generic-lts-quantal xserver-xorg-lts-quantal libgl1-mesa-dri-lts-quantal libegl1-mesa-drivers-lts-quantal. 'raring' stack with Mesa 9.1 and kernel 3.8 will be available around the time of 12.04.3 LTS installation media late August.

          

Network from laptop to Android device over USB

 Cache   
If you're running an Android device with GNU userland Linux in a chroot and need a full network access over USB cable (so that you can use your laptop/desktop machine's network connection from the device), here's a quick primer on how it can be set up.

When doing Openmoko hacking, one always first plugged in the USB cable and forwarded network, or like I did later forwarded network over Bluetooth. It was mostly because the WiFi was quite unstable with many of the kernels.

I recently found out myself using a chroot on a Nexus 4 without working WiFi, so instead of my usual WiFi usage I needed network over USB... trivial, of course, except that there's Android on the way and I'm a Android newbie. Thanks to ZDmitry on Freenode, I got the bits for the Android part so I got it working.

On device, have eg. data/usb.sh with the following contents.
#!/system/xbin/sh
CHROOT="/data/chroot"

ip addr add 192.168.137.2/30 dev usb0
ip link set usb0 up
ip route delete default
ip route add default via 192.168.137.1;
setprop net.dns1 8.8.8.8
echo 'nameserver 8.8.8.8' >> $CHROOT/run/resolvconf/resolv.conf
On the host, execute the following:
adb shell setprop sys.usb.config rndis,adb
adb shell data/usb.sh
sudo ifconfig usb0 192.168.137.1
sudo iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.137.0/24
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
sudo iptables -P FORWARD ACCEPT
This works at least with Ubuntu saucy chroot. The main difference in some other distro might be whether the resolv.conf has moved to /run or not. You should be now all set up to browse / apt-get stuff from the device again.

Update: Clarified that this is to forward the desktop/laptop's network connection to the device so that network is accessible from the device over USB.
Update2, 09/2013: It's also possible to get working on the newer flipped images. Remove the "$CHROOT" from nameserver echoing and it should be fine. With small testing it got somehow reset after a while at which point another run of data/usb.sh on the device restored connection.
          

I want products

 Cache   
I'd like to modify my discussion comment and earlier thoughts into a short blog post touching only some of the technical concerns voiced, and my opinion to those.

Claim (my version): Ubuntu/Canonical is going the "Google route" to become another Android, while Android has not benefited the Linux ecosystem in any way, forking everything

Firstly, Ubuntu is open to development and community for also mobile and tablet - Android has none of that, just code drops that get modded. (yes, some people have a problem with CLA like Canonical's or Qt's, I have no problem with those - let's keep that discussion elsewhere). Ubuntu contributes back to Debian and upstream projects like Qt - those upstream projects it's not upstream of itself. There are not too many free software mobile UIs for example. SHR has some E17 apps, Nemo Mobile a handful of Qt apps and so on.

Secondly, I disagree about Android - even in its current shape and after creating everything from scratch with mobile on mind, Android has done tremendous things for the free software community, kernel development, mobile device driver and making things like Replicant possible. If those aren't directly seen on the desktop side, that's because it's not the desktop and most free software desktop users don't use free software mobile products (usually at most a vendor provided Android).

I feel people get too attached to software projects or even the desktop in general. The money to pay desktop has traditionally largely come from the server. As a discussion-heating example Wayland has been a great promise for 5 years and continues to be, yet no products use it (software products like distributions or hardware+software products). That's not a problem per se for a great and ambitious project, but it means no interested party has taken it to create products. I was very excited about Gallium3D and Wayland in 2008, but somewhat optimistic in believing they would conquer the world in one or two years. In perspective, I've always seen the "version staring" a common habit in enthusiasts me included. I think it extents to "shiny development projects that should be taken into production use immediately".

The Nokia N9 triumphs all other 2011 mobile phones in general and even the current user interfaces like iOS, Android and Windows Phone in general usability ideas (if only it'd run Cortex-A15 instead of OMAP3..). It uses X.org and Qt 4.7. Jolla's plans for their first phone at the end of this year? Qt 4.8, no Wayland. Like N9 which otherwise had unfortunate fate, I hope Jolla will sell millions of free software wielding products to the masses. The biggest problem with X.org is, though, the drivers, generally zero support from vendors so hard to make products. Hooking into Android EGL drivers and building on top of that seems a good compromise at the moment. Note that from product creation point of view it's not the non-shininess of X.org that IMHO is the blocker. Wayland and Mir may help on the driver side.

I want products!

I'd love to see more push to have actual products on the market, since otherwise we don't get free software to the masses. If Mir helps Ubuntu to do that in one year, fine (I don't know how it's going to be). Yes Mir is a new shiny project, but it's a very product/target oriented project one. If Android would be open as a project, it wouldn't hurt - other than feelings attached to the other projects especially by the core developers and fans of those - if it was the superior alternative from product creation perspective making all of X.org, upstart, systemd, Wayland, Pulseaudio, D-Bus, glibc less interesting to product creators while even more interest would go to Android. It's not so now, Android is not an open project in any sense, even though still beneficial for free software. Ubuntu will keep using a lot more of the traditional stack anyway than Android (which also just got rid of BlueZ), but I have zero problem of changing any of the components if it's visioned to be required to get finished, ready to use products out. IMHO the key is to get products out, and I hope all the parties manage to do that.

Of the traditional GNU/Linux desktop distributions only Ubuntu seems to be adapting for the mobile in large steps at the moment. The other distributions in the mobile playing field are: (Android/)Replicant, Mer/Sailfish, Firefox OS, Tizen, added with OpenEmbedded based distributions like SHR. Have you used those on a daily basis on your devices? I believe you should. I think KDE will bring with its Plasma Active - currently focusing on building on top of Mer - mobile power to the traditional GNU/Linux distributions, but otherwise it's all up to the new players - and Ubuntu.

Like many know, I used Debian exclusively on my primary phone for ca. two years before switching mostly to N9. During all that time, I already pondered why people and distributions are so focused on x86 and desktop. And the reason is that that's what their history is, and I stared at the wrong place - desktop distributions. I dismissed Android and some of the small newcomers in the mobile distro playing field, but it seems that big changes are needed to not need completely new players. I think Ubuntu is on the completely right track to both benefit from the history and adapt for the future. I still hope more developers to Debian Mobile, though!! Debian should be the universal operating system after all.

Disclaimer: I'm an Ubuntu community person from 2004, Debian Developer since 2008 and a contractor for Canonical for ca. 1 year. My opinions haven't changed during the 1 year, but I've learned a lot more of how free software is loved at Canonical despite critics.

          

Compiz fullscreen unredirection - update

 Cache   
Update January 2013: Both Ubuntu 12.04 LTS and Ubuntu 12.10 now have this new feature enabled by default!

Here's an update to my previous entry. In summary, the Compiz update for Ubuntu 12.10 is now in the quantal-proposed updates, and enables unredirection by default for fullscreen applications like games. Happy gaming holidays! A new Compiz update 0.9.7.12 enabling unredirection by default for Ubuntu 12.04 LTS users is in the SRU PPA.

Several changes have happened since the last update, addressing some potential issues uncovered by the people testing the updates (thanks to all!). Daniel has again done all the hard work with regards to actual development.

Changes affecting both 12.10 & 12.04 LTS:
  • Some drivers do not offer tear-free Xv output without a compositor (or glXSwapBuffers in general). Therefore there is a new option available, for which the default setting enables redirection exception in case of some common video players (eg. Adobe Flash plugin and Totem). The option is Composite -> Undirect Match (unredirect_match) available in the CompizConfig Settings Manager (ccsm). The most notable driver is intel on Intel SB/IVB. Those newer chips don't support the XvPreferOverlay xorg.conf option that would bring tear-free non-composited Xv video on earlier Intels.
  • The default setting for unredirect_match should be fine for existing users. But if you want to enable unredirection also for the common/default video players and risk tearing on some drivers and some applications, change the unredirect_match option to be just '(any)'. This might help with video playback on older/slower integrated graphics which are only barely powerful enough to play HD videos.
12.04 LTS only:
  • 0.9.7.10 will not be uploaded to precise, it was just used for early testing. 0.9.7.12 currently tested in the SRU PPA enables unredirection by default also on the 12.04 LTS release.
  • Intel and nouveau mesa drivers are now blacklisted from unredirection on Mesa 8.0 because of so far unresolved driver problems. The blacklist is however configurable in OpenGL -> unredirect_driver_blacklist. The default blacklist regexp is '(nouveau|Intel).*Mesa 8.0'. This does not affect other drivers or Mesa 9.0, so those intel and nouveau users that install 12.04.2 LTS after the end of January or opt-in into the 'LTS-Q' hardware enablement stack for existing installations around the same time will not be blacklisted anymore. Update January 2013: on 12.04 LTS (only), as a last minute change, also Mesa 9.0 in combination with Intel or Nouveau is blacklisted by default at least until LTS-Q stack is properly testable. You can modify the unredirect_driver_blacklist in CCSM -> OpenGL. It was found out that at least mesa 9.0 _only_ from x-updates is not enough - Intel has graphics display problems. It is probable that the problems go away with the full 12.04.2 stack (kernel, X.org, libdrm, mesa) at which point the Intel/nouveau blacklisting can be removed.
  • The original unredirect_fullscreen_windows option is actually forced on now, because of potential gconf setting migration problems. Disabling unredirection can be done via the unredirect_match option above, by simply blanking the string in there, including removing the '(any)' part - everything will be redirected in that case.

          

UDS GTA04 Hacking

 Cache   
I'm sitting at the Bella Sky lobby bar while UDS people keep pouring in. I guess I have to start this UDS with some hacking (and a little beer)! I bootstrapped an Ubuntu armhf rootfs and coupled it with QtMoko's kernel already earlier after I received my GTA04 but it didn't boot right away so I had nothing to report. I wanted armhf so I chose QtMoko's 'experimental' Debian armhf rootfs + boot files as the reference to look at while working on the Ubuntu rootfs. I now went through again some of the configuration files, and voilà:


Now running apt-get install unity over SSH :) It will require OpenGL ES 2.0 hw acceleration to run, now that the support was integrated in Ubuntu 12.10. I will therefore need to tinker what kind of OMAP3 armhf binary blobs there are available, and what's again the situation with X.org DDX driver as well. I always feel that the fun starts at this point for me, when I've the device booting and I can SSH in. That's why I'm happy the work from Golden Delicious GmbH and QtMoko helped me to get here...
          

Light-weight security, Grub2 password setup problems 1.99 vs 2.00

 Cache   
I believe I'm not the only one who thinks that use case oriented Grub2 documentation is hard to find, and a lot of the documentation is obsolete or wrong. My main cause for writing this blog post is a currently unanswered question regarding 2.00, but meanwhile it seems months have passed and still most 1.99 documentation is wrong as well, which might be interesting to some.

The aim is to prevent grub entries from being edited, while not restricting actual booting. This protection is meant for computers not having any confidential stuff, but just wanting to do some light weight security with the assumption that the computer isn't physically opened.

Common setup

You will obviously want to disable any automatically generated root access giving entries, by for example uncommenting GRUB_DISABLE_RECOVERY="true" in /etc/default/grub on Debian or Ubuntu. Also you would disable allowing any external boot devices to be used in BIOS/EFI/coreboot, which you would also have protected with a password. And that often means you need to also disable USB legacy support, since some BIOSes tend to offer all USB devices as bootable without password otherwise (note that I guess that could also cause problems accessing setup on desktop computers if your only keyboard is USB).

1.99

So to first fix the false instructions in various places - no, setting the superuser in 00_header as instructed is not enough. It might be, but does not apply if eg. old kernels are put into submenu (Ubuntu bug 718670, Fedora bug 836259). The protection from editing does not apply there. And if you remove all but one kernel so that there is no submenu, a submenu will be automatically created when there is a new kernel installed via security updates. I didn't need the submenu feature anyway, so I used to comment out the following lines in /etc/grub.d/10_linux:

  #if [ "$list" ] && ! $in_submenu; then
    #echo "submenu \"Previous Linux versions\" {"
    #in_submenu=:
  #fi
...
#if $in_submenu; then
#  echo "}"
#fi

I hope that was useful. I can imagine it causing a couple of family battles if the commonly instructed setup was the only protection used and there's for example a case of two computer savvy siblings that are eager to get to each others' computers...

2.00 & The Question

The problem with 2.00 is that the superusers setup yields a non-bootable system, ie. password is required for booting. But Google wasn't smiling at me today! Terrible. Can you help me (and others) with 2.00? The aim would be to have a 1.99-like setup where superuser password protects all entries from editing, but booting is fine without any passwords.

Update: Thanks, problem solved, see comments! Find the following line in /etc/grub.d/10_linux:

      echo "menuentry '$(echo "$os" | grub_quote)' ${CLASS} \$menuentry_id_option 'gnulinux-simple-$boot_device_id' {" | sed "s/^/$submenu_indentation/"

And add --unrestricted there. Don't mix the line with the another menuentry line two lines earlier. The submenu problem doesn't exist anymore in 2.00.


          

Where computing takes you...

 Cache   
Do you ever have those afternoons you get a ”great” idea and you've all the evening time for that task. The task is a relaxing one and won't need much attention, and you can watch a movie or something.  But then, it happens that the evening turns into night as you realize a couple of little details adding complexity to the idea, and the task turns out to be much more invasive to your evening than you thought?

In this example, I got the great idea to upgrade my Debian running NAS device (thanks Martin for everything!) to use ext4 instead of ext3. The kind of idea that takes a long time for relatively little practical benefit, but it just feels like a nice thing do when you've the extra amounts of nerd time available. It's basically just opening the NAS device up, mounting its hard disk to a laptop via external case, running the tune2fs and fsck then putting the disk back. It just takes a long time for the initial fsck (to make sure everything's intact) and then the required fsck run to get ext4 mountable.

Only in this situation, it would have been beneficial to have the ext4 support in the flashed initramfs before the migration. So... before the photo below, I've already:
  1. done the ext4 migration and fsck:s
  2. screwed the disk back to the NAS case, attached cables and found that it doesn't boot
  3. (on the laptop with the hard disk attached again tried manually unpacking initramfs and adding ext4 module... also had time to bind mount everything and chroot into the ARM system to run update-initramfs manually... also tried booting with those... until remembered the simple fact that the /boot partition is only for show and also the initramfs is loaded directly from flash)
  4. copied the main root filesystem content from the original disk to another external disk with ext3 partition
  5. attached the another disk (with same UUID:s) to the QNAP NAS device, booted, double-checked that I have now ext4 specified under /etc/initramfs-tools/modules, reconfigured the linux image that also regenerates initramfs and flashes it
And in the photo, what's happening is that:
  1. I've again the original disk reattached and system booted with the initramfs generated and flashed from the ext3 disk
  2. the NAS device is hanging in the air, cover open, from the closet where I've things stuffed in (normally secured with cable ties), and I need to support it with a knee or one hand since the 2TB disk is much heavier than the small SSD I used as the ext3 disk so the power cable and RJ-45 cable would have pretty heavy load
  3. Since I've only one hand in use and can't use a laptop, I'm logging in via my Nokia N9 and then reflashing the kernel + initramfs from this original disk, just to make sure everything is now alright and also after that flashing it still boots (it does!). Note that I feel like the setup is secure enough for non-interrupted flashing so that I can indeed support the NAS with a knee, use one hand to keep N9 and another hand to take a photo with a camera.

And so we have had a productive and educating afternoon/evening/night once again. Does this ever happen to you?
          

On brands, marketing and technical details

 Cache   
I have a few thoughts based on the yet another round of debate where marketing clashes with free software advocation and technical details. Nothing new in the debate itself, but I'm adding a couple of insights.

Marketing is not highly respected by many technical people, and neither by the people wanting more advocating than the messing up with facts and feelings that the marketing does. I'm all for advocating free software, but it's currently not something you can use for marketing to win big markets. If we advance to a world where free software is as wanted as the green values today are, it can be used in marketing as well similar to all the ecological (according to the market department at least) products today, but alas the benefits of free software are not yet as universally known. Since it doesn't say much that touches the masses, advocating has a negative marketing effect since it takes space away from the potentially "hitting" marketing moves, in those cases where you target the big masses in the first place. "Open" this and that has some marketing power in it nowadays, but it's a mess of different meanings that probably doesn't advance libre software freedoms as such. Wikipedia has probably been the biggest contributor to advancing general knowledge of software and culture libre. Disclaimer: I'm not a proper marketing person, some more professional might have better insights in this area. If I'd be a proper marketing person, I'd decorate this blog post with fancy pictures so that more people would actually read it.

Some of the marketing can be done without sacrificing any of the advocation. The fabulous Fedora campaigns, graphics, slogans and materials are a great example of those and do an important job, even though Fedora isn't reaching the big masses with it (and Fedora isn't targeted for OEMs to ship to millions either). But they do hopefully reach a lot of level people on the grassroots level. I hope as a Debian Developer that more people valuing the freedoms of free software would help also Debian as a project to reach more of its advocation potential and developers from the more proprietary world. But I'm happy that at least some free software projects have nowadays true graphical and marketing talent. Even though not as widely known, freedoms of the software users including for example privacy aspects are a potential good marketing tool toward a portion of the developer pool.

Let's not forget that Android conquered the mobile market without using the brand power of Linux. The 30+ million people who know Linux a bit deeper than just "I've heard it" already run a Linux distribution like Ubuntu, but we need hotter brands than a project name of a kernel to reach the bigger masses. Call it Ubuntu, Fedora, or something, but no matter do what it needs to ship it to millions. AFAIK mostly Ubuntu and SUSE are shipping currently via desktop/notebook OEMs, and more Ubuntu than SUSE. Others aren't concentrating on the market, which is a very difficult one. Ubuntu is doing a lot more mass population advocating for free software than Android has ever done. Note for example the time any user tries to play a video for the first time in a non-free format - Ubuntu will tell the user about the problems related to those formats and asking a permission to install a free software player for those (or buy licensed codecs), and the Ubuntu Help texts describe a lot of details about restricted formats, DRM et cetera. Not to mention what happens if the person actually wanders into the community, discovering Debian, other free software projects, free software licenses and so on. Meanwhile Android users never notice anything being wrong while watching H.264 videos or watching DRM Flash videos. Granted, like Boot2Gecko debate shows, it may be a partially similar situation on shipping desktop Linux variants as well, in order to actually ship them via partners.

Anyway, the best example of brands is MeeGo. Even the LWN editor does not get into dissecting the meaning of MeeGo on Nokia N9, because "there has been no real agreement on that in the past", but just uses the brand name as is. That is  the power of brands. Technical people debate that it's not really MeeGo, it's maemo GNU/Linux with a special permission from Linux Foundation to use the MeeGo brand name, and then counter-argument with that the MeeGo is an API and maemo matches the MeeGo 1.2 API which is actually just Qt 4.7 API. And actually, as proven by the LWN example, it's not even "technical people". For most of technical people Nokia N9 is MeeGo as well. Only the people who have actually worked on it plus the couple of other people migrated from maemo and MeeGo.com communities to Mer project understand the legacy, history and the complete difference between the Maemo Harmattan platform and what MeeGo.com was. Yet at the same time like all GNU/FreeDesktop.org/Linux distributions, they are 95% same code, just all the infrastructure and packaging and polishing and history is different.

For 99.9% of people who know what MeeGo is, MeeGo is the cool Nokia smartphone, one of its kind and not sold in some of the major western markets, and/or the colorful sweet characters of meego.com shown at one time on a couple of netbooks. That is the brand, and the technical details do not matter even to the technical people unless they actually get into working on the projects directly.

To most people, the Linux brand is a mess of a lot of things, while other brands have the possibility at least to have a more differentiating and unique appearance.


          

read access violation in xdevapi 8.0.17 (2 replies)

 Cache   
I keep seeing an access violation in the MySQL dll. It appears to be random, not 100% of the time, but happens frequently. Originally I thought that I was allowing the session to be destroyed before the results, but I created a small wrapper to ensure that results are always destroyed before the session.

Here's the snippet of my most relevant code. I'm not sure that this is the function that's failing (unfortunately putting breakpoints in changes the timing enough that it significantly reduces the chances of this happening.) You can see that I create move-construct the session into a shared_ptr, construct the Statement for later execution, pass the shared_ptr to query which executes the statement on a thread in my thread pool, and pack the results into a shared pointer (since results don't seem to be copyable but are movable) and a copy of the shared_ptr to the session into a simple result wrapper. The wrapper exists to be copyable and to ensure that the last shared_ptr to the results is released before the last shared_ptr to the session, ensuring that the session's lifespan is longer than the results. I'm not sure all this should strictly speaking be necessary, but I've been chasing this null pointer exception for a while and since the null pointer being dereferenced is the session, I sort of assumed that I was allowing the session to be destroyed before the results. Maybe there's a bug in this code, but it ought to guarantee that the session is not destroyed before the results, and indeed when I look at it in my debugger my session shared pointer is valid.

template< typename Result >
class result_ptr
{
public:
using result_t = Result;

private:
std::shared_ptr< result_t > Result_;
std::shared_ptr< msx::Session > Session_;

public:
result_ptr( ) { }

result_ptr( result_t && result, decltype( Session_ ) session ) :
Result_( std::make_shared< result_t >( std::move( result ) ) ),
Session_( session )
{ }

~result_ptr( )
{
Result_.reset( );
Session_.reset( );
}

result_ptr( result_ptr && ) = default;
result_ptr( result_ptr const & ) = default;

result_ptr & operator=( result_ptr && ) = default;
result_ptr & operator=( result_ptr const & ) = default;

auto & operator*( ) const noexcept
{
return *Result_;
}

auto operator->( ) const noexcept
{
return Result_.get( );
}
};

template< typename Exec >
inline auto query( ContextId const &, std::shared_ptr< msx::Session > session, Exec statement ) -> ppl::task< result_ptr< decltype( statement.execute( ) ) > >
{
return ppl::create_task(
[session, s = std::make_shared< Exec >( std::move( statement ) )]( )
{
try
{
return result_ptr< decltype( s->execute( ) ) >( s->execute( ), session );
}
catch( std::exception const & ex )
{
so::cout << ex.what( ) << "\n";
throw;
}
} );
};

ppl::task< std::vector< TaskId > > MySQLQueue::getReadyTasks(
ContextId const & contextId,
unsigned int const limit )
{
using result_type = decltype( u::query( contextId, std::shared_ptr< msx::Session >( ), Client_.getSession( ).getSchema( "" ).getTable( "" ).select( ) ) )::result_type;

auto session = std::make_shared< msx::Session >( Client_.getSession( ) );

return u::query(
contextId,
session,
session->getSchema( SchemaName_ ).getTable( TableName_
).select(
info::column::select[info::column::_id]
).where(
"state = :state AND processAfter < :processAfter"
).limit(
limit
).bind( std::map< std::string, std::string >{
{ "state", Info::State::String[Info::State::Created] },
{ "processAfter", utility::time_point_to_string( clock::now( ) ) } }
)
).then(
[]( result_type const & res )
{
std::vector< TaskId > rv;
rv.reserve( res->count( ) );

std::transform(
res->begin( ),
res->end( ),
std::back_inserter( rv ),
[]( msx::Row && row ) -> TaskId
{
return std::to_string( row[0].get< uint64_t >( ) );
} );

return rv;
} );
}

I cannot figure out why this is resulting in an access violation. The AV error message when the exception is trapped is:

Exception thrown: read access violation.
this->m_session was nullptr.

You can see from the call stack that the AV is actually buried pretty deep in the MySQL dll:

mysqlcppconn8-2-vs14.dll!cdk::mysqlx::Reply::has_results() Line 132 C++
mysqlcppconn8-2-vs14.dll!cdk::mysqlx::Reply::discard() Line 102 C++
mysqlcppconn8-2-vs14.dll!cdk::mysqlx::Reply::~Reply() Line 59 C++
mysqlcppconn8-2-vs14.dll!cdk::Reply::~Reply() C++
mysqlcppconn8-2-vs14.dll!cdk::Reply::`scalar deleting destructor'(unsigned int) C++
mysqlcppconn8-2-vs14.dll!mysqlx::abi2::r0::common::Result_impl::~Result_impl() Line 181 C++
mysqlcppconn8-2-vs14.dll!mysqlx::abi2::r0::common::Result_impl::`scalar deleting destructor'(unsigned int) C++
mysqlcppconn8-2-vs14.dll!mysqlx::abi2::r0::internal::Result_detail::~Result_detail() Line 493 C++
cgrmerge.exe!mysqlx::abi2::r0::internal::Result_common<mysqlx::abi2::r0::internal::Result_detail>::~Result_common<mysqlx::abi2::r0::internal::Result_detail>() C++
cgrmerge.exe!mysqlx::abi2::r0::Result::~Result() C++
cgrmerge.exe!mysqlx::abi2::r0::Result::`scalar deleting destructor'(unsigned int) C++
cgrmerge.exe!std::_Destroy_in_place<mysqlx::abi2::r0::Result>(mysqlx::abi2::r0::Result & _Obj) Line 322 C++
cgrmerge.exe!std::_Ref_count_obj2<mysqlx::abi2::r0::Result>::_Destroy() Line 1506 C++
cgrmerge.exe!std::_Ref_count_base::_Decref() Line 652 C++
cgrmerge.exe!std::_Ptr_base<mysqlx::abi2::r0::Result>::_Decref() Line 883 C++
> cgrmerge.exe!std::shared_ptr<mysqlx::abi2::r0::Result>::~shared_ptr<mysqlx::abi2::r0::Result>() Line 1133 C++
cgrmerge.exe!std::shared_ptr<mysqlx::abi2::r0::Result>::reset() Line 1178 C++
cgrmerge.exe!utility::result_ptr<mysqlx::abi2::r0::Result>::~result_ptr<mysqlx::abi2::r0::Result>() Line 60 C++
cgrmerge.exe!pplx::details::_ResultHolder<utility::result_ptr<mysqlx::abi2::r0::Result>>::~_ResultHolder<utility::result_ptr<mysqlx::abi2::r0::Result>>() C++
cgrmerge.exe!pplx::details::_Task_impl<utility::result_ptr<mysqlx::abi2::r0::Result>>::~_Task_impl<utility::result_ptr<mysqlx::abi2::r0::Result>>() Line 2432 C++
cgrmerge.exe!pplx::details::_Task_impl<utility::result_ptr<mysqlx::abi2::r0::Result>>::`scalar deleting destructor'(unsigned int) C++
cgrmerge.exe!std::_Destroy_in_place<pplx::details::_Task_impl<utility::result_ptr<mysqlx::abi2::r0::Result>>>(pplx::details::_Task_impl<utility::result_ptr<mysqlx::abi2::r0::Result>> & _Obj) Line 322 C++
cgrmerge.exe!std::_Ref_count_obj2<pplx::details::_Task_impl<utility::result_ptr<mysqlx::abi2::r0::Result>>>::_Destroy() Line 1506 C++
cgrmerge.exe!std::_Ref_count_base::_Decref() Line 652 C++
cgrmerge.exe!std::_Ptr_base<pplx::details::_Task_impl<utility::result_ptr<mysqlx::abi2::r0::Result>>>::_Decref() Line 883 C++
cgrmerge.exe!std::shared_ptr<pplx::details::_Task_impl<utility::result_ptr<mysqlx::abi2::r0::Result>>>::~shared_ptr<pplx::details::_Task_impl<utility::result_ptr<mysqlx::abi2::r0::Result>>>() Line 1133 C++
cgrmerge.exe!pplx::task<utility::result_ptr<mysqlx::abi2::r0::Result>>::_ContinuationTaskHandle<utility::result_ptr<mysqlx::abi2::r0::Result>,utility::result_ptr<mysqlx::abi2::r0::Result>,`ScheduledTask::MySQLQueue::recover'::`2'::<lambda_1>,std::integral_constant<bool,0>,pplx::details::_TypeSelectorAsyncTask>::~_ContinuationTaskHandle<utility::result_ptr<mysqlx::abi2::r0::Result>,utility::result_ptr<mysqlx::abi2::r0::Result>,`ScheduledTask::MySQLQueue::recover'::`2'::<lambda_1>,std::integral_constant<bool,0>,pplx::details::_TypeSelectorAsyncTask>() Line 3871 C++
cgrmerge.exe!pplx::task<utility::result_ptr<mysqlx::abi2::r0::Result>>::_ContinuationTaskHandle<utility::result_ptr<mysqlx::abi2::r0::Result>,utility::result_ptr<mysqlx::abi2::r0::Result>,`ScheduledTask::MySQLQueue::recover'::`2'::<lambda_1>,std::integral_constant<bool,0>,pplx::details::_TypeSelectorAsyncTask>::`scalar deleting destructor'(unsigned int) C++
cgrmerge.exe!pplx::details::_AutoDeleter<pplx::details::_TaskProcHandle>::~_AutoDeleter<pplx::details::_TaskProcHandle>() Line 99 C++
cgrmerge.exe!pplx::details::_TaskProcHandle::_RunChoreBridge(void * _Parameter) Line 117 C++
cpprest141d_2_10.dll!pplx::details::_Scheduler_Param::DefaultWorkCallback(struct _TP_CALLBACK_INSTANCE *,void *,struct _TP_WORK *) Unknown
ntdll.dll!TppWorkpExecuteCallback() Unknown
ntdll.dll!TppWorkerThread() Unknown
kernel32.dll!BaseThreadInitThunk?() Unknown
ntdll.dll!RtlUserThreadStart?() Unknown

Any help would be greatly appreciated.
          

Professions: Cloud Security Architect - Richardson, Texas

 Cache   
Job Title: -Information Secuirty Engineer Location: -Richardson, Texas Job-Type: -Direct Hire - Position Overview: Gravity is looking for Cloud Security Architect to spearhead our client's software development and security departments supporting Cloud infrastructure and DevSecOps strategies. As a member of the Security team, the individual will have responsibilities in developing and implementing a robust security strategy to secure our cloud infrastructure and cloud-native applications. Our client is an on-line brokerage firm seeking to level the playing field for self-directed investors and traders, empowering them to claim their individual financial edge. Duties & Responsibilities: Assist in developing and maintaining a robust security strategy designed to address risks associated with cloud infrastructures and cloud-native applications Work closely with development teams in the design of cloud native services and infrastructure Review and assess current cloud infrastructures to identify gaps and mitigations Prepare and document policies and standards around cloud security Develop secure cloud practices and educate employees in multiple roles and levels on them Perform research and evaluate security technologies designed to protect cloud infrastructure and cloud-native applications and systems Design and implement guardrails and other controls Build out pragmatic and reusable solutions for security problems Assist with other security related initiatives as they arise Required knowledge & Skills: In this leadership position, abilities such as formulating short and long-term strategies and communicating at all levels (technical, management, executive, etc.) will be required Exceptional understanding of security principles, strategies, and goals Ability to successfully balance and prioritize security needs with other deliverable timelines, budgets, etc. Strong understanding of Linux Kernel-level security threats and mitigations Strong experience with securing Kubernetes at the Pod/Node/Cluster levels including network policy, node to node encryption, mutual TLS, etc. Strong experience in Container Management and DevOps pipeline Strong experience in software development with various programming languages Knowledge of AWS networking (security groups, ACL, etc.), IAM, STS, WAF, Shield and ALB protections Ability to actively assess existing cloud infrastructures to identify gaps and mitigations Thorough understanding of the latest security principles, techniques, and tooling Able to multitask and prioritize in a dynamic environment with continuously shifting priorities Ability to communicate security concepts and issues to peers and management Possess and maintain up-to-date understanding of emerging trends in cloud native security including research of the latest products to combat these threats Strong analytical and problem-solving skills Excellent verbal and written communication skills Demonstrated personal initiative in maintaining a continuous high level of professional knowledge in areas of cloud security Education & Experience: Bachelor's degree in Information Security, Information Systems, or a related field with at least 3 years of experience OR 7 years of demonstrable progressive work in the information security field Experience with cloud security and/or emerging security technologies such as AI-based systems strongly preferred One or more of the following certifications strongly preferred:CISSP (and/or other ISC2 certifications) SANS GIAC certifications CEH, OSCP, or other penetration testing certifications Other industry recognized certifications or accreditations ()
          

BREAKING: Custom kernel & kext loading to come soon via checkra1n jailbreak

 Cache   

In a user’s perspective, what is the one significant aspect that puts Android way ahead of iOS? Setting price of devices aside, it’s the customisation. You can tinker with the settings to change almost all the built-in options on Android. However, on the other side, iOS doesn’t let you do the same. You can’t simply […]

The post BREAKING: Custom kernel & kext loading to come soon via checkra1n jailbreak appeared first on PiunikaWeb.


          

VMs Can Finally Hibernate Under Microsoft Hyper-V With Linux 5.5

 Cache   
It seems like the feature would have been wired up long ago, but with the Linux 5.5 kernel guest virtual machines running on Microsoft Hyper-V should be able to successfully hibernate...
          

KVM Virtualization Updates For Linux 5.5 Are Particularly Busy On The AMD/Intel Side

 Cache   
The Kernel-based Virtual Machine (KVM) improvements were sent in earlier this week for the Linux 5.5 kernel and they appear to be busier than usual on the x86 (Intel / AMD) side for the open-source virtualization stack...
          

Linux 5.5 Brings Logitech G15 Driver, Better Windows Precision Touchpad Support

 Cache   
The HID area of the kernel is always eventful when it comes to improving the input device support for newer hardware. With Linux 5.5 the HID story means a new Logitech driver and other enhancements...
          

System76 ACPI Coreboot Laptop Driver, Huawei Laptop Improvements Sent In For Linux 5.5

 Cache   
Sent in on Thursday were the platform-drivers-x86 updates targeting the Linux 5.5 kernel...
          

USB Updates In Linux 5.5 Help Intel Ice Lake, NVIDIA Xavier + More - But No USB 4.0 Yet

 Cache   
Earlier this week as part of his series of pull requests, Greg Kroah-Hartman has submitted the USB subsystem updates for the in-development Linux 5.5 kernel...
          

The Linux Kernel Disabling HPET For More Platforms - Including Ice Lake

 Cache   
Reported on earlier this month is the decision by Linux kernel developers to disable HPET for Intel Coffee Lake systems. The High Precision Event Timer was being disabled since on some Coffee Lake systems at least this timer skews when entering the PC10 power state and that makes the time-stamp counter unstable...
          

EXT4 For Linux 5.5 Sees New Improvements For This Mature File-System

 Cache   
While EXT4 is the most common Linux file-system among distributions and is quite mature at this stage, it does continue seeing noteworthy improvements every so often with new kernel releases. With Linux 5.5 there are more notable improvements on deck...
          

Whoops: The Linux Kernel's Spectre RSB Mitigation For PowerPC Missed Covering Some CPUs

 Cache   
Even with all the light shed on Spectre over the past nearly two years, with the Spectre RSB (Return Stack Buffer) disclosure that did affect IBM POWER processors it turns out the mitigations applied didn't cover all of the CPUs that should have been in place until this week...
          

Kernel panics now manifest only as unexpected restarts.

 Cache   
Link. You have a grave Mac problem – but you might not know. What to do.
          

Fonterra report concedes palm kernel imports reverse emissions progress

 Cache   
New Zealand's largest company Fonterra says it is making environmental progress on several fronts, but concedes a setback in the area of emissions intensity.
          

RE: doska s fpga & sram problem

 Cache   

Manual mam, je alibisticky, akykolvek problem ? 1.kontaktuj vyrobcu alebo dealera. Dealer na mna yebe, vyrobcu z usa kupil a zrusil korporat ktory uz najmenej 4x menil nazov. V manuale pisu ze prvy priznak (can not load data) je pruser a bod 1. Aky je podla tvojho nazoru dovod mat tam baterku a menit ju pod napajanim ? Masina vedela pamatat nejakych 100 programov ktore si mohol uzivatel pomocou par tlacidiel a rotacneho ovladaca naprogramovat. Myslis ze baterka istila iba user programy a ten "kernel" je flashnuty v niektorom z tych malych svabov ? Zajtra skuknem lepsie co su zac bo fotka je rozostrena a neviem niektore precitat. K tym signalom, doska vedela citat z cidiel teplotu, silu vakua, polohu ohrievacieho telesa nad komorou, polohu podavacieho piestu. Riadit vedela teplotu/cas, zopnutie externej vakuovej pumpy, zopnutie tlakoveho vzduchu pre podavaci piest, motor pohybu ohrievacieho telesa, a mozno som na daco este zabudol. V bedni RJ su okrem zdroja este dve ss relatka, jedno dostava signal pre zhaviacu spiralu ohrevu, druhe spina tu externu vakupumpu.


          

CardBus slot

 Cache   

added entries for missing models

← Older revision Revision as of 12:19, 27 November 2019
Line 3: Line 3:
 
The [[CardBus]] slot is a ([[PCMCIA]] v5.0+ Type II; 32-bit) card slot, that is backwards compatible with the older, [https://web.archive.org/web/20090331193020/http://www.pcmcia.org/pccard.htm PC Card] ([[PCMCIA]] v2.0 Type II; 16-bit)  card slots ([https://web.archive.org/web/20090331193020/http://www.pcmcia.org/faq.htm#cardbusslot How can I tell if I have a CardBus Slot?]). However, be aware that [[CardBus]] ''cards'' will not be backward compatible with older, [https://web.archive.org/web/20090331193020/http://www.pcmcia.org/pccard.htm PC Card] ([[PCMCIA]] Type II; 16-bit) ''slots'' ([https://web.archive.org/web/20090331193020/http://www.pcmcia.org/faq.htm#cardbuscard How can I tell if I have a CardBus card?]).
 
The [[CardBus]] slot is a ([[PCMCIA]] v5.0+ Type II; 32-bit) card slot, that is backwards compatible with the older, [https://web.archive.org/web/20090331193020/http://www.pcmcia.org/pccard.htm PC Card] ([[PCMCIA]] v2.0 Type II; 16-bit)  card slots ([https://web.archive.org/web/20090331193020/http://www.pcmcia.org/faq.htm#cardbusslot How can I tell if I have a CardBus Slot?]). However, be aware that [[CardBus]] ''cards'' will not be backward compatible with older, [https://web.archive.org/web/20090331193020/http://www.pcmcia.org/pccard.htm PC Card] ([[PCMCIA]] Type II; 16-bit) ''slots'' ([https://web.archive.org/web/20090331193020/http://www.pcmcia.org/faq.htm#cardbuscard How can I tell if I have a CardBus card?]).
  
[[CardBus]] slots will exist in newer ThinkPads, both as Type II and Type III implementations. Type III is double the thickness of Type II, and most Type III implementations can accept two Type II cards.
+
[[CardBus]] slots will exist in newer ThinkPads, both as Type II and Type III implementations. Type III is double the thickness of Type II, and most Type III implementations can accept two Type II cards.
  
 
* A Type III slot can accept a Type III, Type II or Type I card
 
* A Type III slot can accept a Type III, Type II or Type I card
Line 15: Line 15:
  
 
=== Linux support ===
 
=== Linux support ===
Cardbus adapters are handled by the Linux PCI subsystem as hotplug PCI adapters.
+
CardBus adapters are handled by the Linux PCI subsystem as hotplug PCI adapters.
  
 
PCMCIA adapters have been handled by the older Linux PCMCIA package until the 2.6 kernel, where PCMCIA hotplug is now directly supported.
 
PCMCIA adapters have been handled by the older Linux PCMCIA package until the 2.6 kernel, where PCMCIA hotplug is now directly supported.
  
=== Models which may feature this Technology ===
+
=== Models which may feature this technology ===
 
'''(1) Type II slot'''
 
'''(1) Type II slot'''
* ThinkPad {{240}}, {{240X}}
+
* {{240}}, {{240X}}, {{240Z}}
* ThinkPad {{R51e}}, {{R52}}, {{R60}}, {{R60e}}, {{R61}}, {{R61e}}, {{R61i}}, {{R400}} (some), {{R500}} (some)
+
* {{W500}}, {{W700}}, {{W700ds}}
* ThinkPad {{T43}}, {{T43p}}, {{T60}}, {{T60p}}, {{T61}}, {{T61p}}, {{T400}} (some), {{T500}} (some)
+
* {{T43}}, {{T43p}}, {{T60}}, {{T60p}}, {{T61}}, {{T61p}}, {{T400}}, {{T500}}
* ThinkPad {{W500}}
+
* {{X20}}, {{X21}}, {{X22}}, {{X23}}, {{X24}}, {{X30}}, {{X31}}, {{X32}}, {{X40}}, {{X41}}, {{X41_Tablet}}, {{X60}}, {{X60s}}, {{X60 Tablet}}, {{X61}}, {{X61s}}, {{X61 Tablet}}
* ThinkPad {{X20}}, {{X21}}, {{X22}}, {{X23}}, {{X24}}, {{X30}}, {{X31}}, {{X32}}, {{X40}}, {{X41}}, {{X41_Tablet}}, {{X60}}, {{X60s}}, {{X60 Tablet}}, {{X61}}, {{X61s}}, {{X61 Tablet}}
+
* {{R51e}}, {{R52}}, {{R60}}, {{R60e}}, {{R60i}}, {{R61}}, {{R61e}}, {{R61i}}, {{R400}}, {{R500}}
* ThinkPad {{Z Series}}
+
* {{S30}}, {{S31}}
* ThinkPad {{TransNote}}
+
* {{Z Series}}
 +
* {{TransNote}}
  
 
'''(1) Type III slot'''
 
'''(1) Type III slot'''
* ThinkPad {{G40}}
+
* {{i1200}}, {{i1210}}, {{i1230}}, {{i1250}}, {{i1260}}
* ThinkPad {{i1200}}, {{i1210}}, {{i1230}}, {{i1250}}, {{i1260}}
+
* {{i1300}}, {{i1330}}, {{i1370}}
* ThinkPad {{i1300}}, {{i1330}}, {{i1370}}
+
* {{i1400}}, {{i1420}}, {{i1421}}, {{i1422}}, {{i1441}}, {{i1442}}, {{i1460}}, {{i1480}}, {{i1482}}, {{i1483}}, {{i1492}}
* ThinkPad {{i1400}}, {{i1420}}, {{i1421}}, {{i1422}}, {{i1441}}, {{i1442}}, {{i1460}}, {{i1480}}, {{i1482}}, {{i1483}}, {{i1492}}
+
* {{i1540}}, {{i1541}}, {{i1542}}, {{i1560}}, {{i1562}}, {{i1592}}
* ThinkPad {{i1540}}, {{i1541}}, {{i1542}}, {{i1560}}, {{i1562}}, {{i1592}}
+
* {{130}}
* ThinkPad {{R30}}, {{R31}}, {{R32}}
+
* {{A21e}}, {{A22e}}
* ThinkPad {{R40}}, {{R40e}}
+
* {{R30}}, {{R31}}, {{R32}}, {{R40}}, {{R40e}}, {{R50}}, {{R50e}}, {{R51}}
* ThinkPad {{R50}}, {{R50e}}, {{R51}}
+
* {{G40}}, {{G41}}
  
 
'''(2) Type III slots'''
 
'''(2) Type III slots'''
Line 45: Line 46:
  
 
'''(2) Type II, or (1) Type III slot'''
 
'''(2) Type II, or (1) Type III slot'''
* ThinkPad {{310}}, {{310E}}, {{310ED}}
+
* {{i1410}}, {{i1411}}, {{i1412}}, {{i1450}}, {{i1451}}, {{i1452}}, {{i1472}}
* ThinkPad {{380XD}}, {{380Z}}
+
* {{i1512}}, {{i1552}}
* ThinkPad {{385XD}}
+
* {{i1720}}, {{i1721}}
* ThinkPad {{390}}, {{390E}}, {{390X}}
+
* {{i1800}}
* ThinkPad {{560X}}, {{560Z}}
+
* {{235}}
* ThinkPad {{570}}, {{570E}}
+
* {{310}}, {{310E}}, {{310ED}}
* ThinkPad {{600}}, {{600E}}, {{600X}}
+
* {{380XD}}, {{380Z}}
* ThinkPad {{760E}}, {{760ED}}, {{760EL}}, {{760ELD}}, {{760XL}}, {{760XD}}
+
* {{385XD}}
* ThinkPad {{765L}}, {{765D}}
+
* {{390}}, {{390E}}, {{390X}}
* ThinkPad {{770}}, {{770E}}, {{770ED}}, {{770X}}, {{770Z}}
+
* {{560X}}, {{560Z}}
* ThinkPad {{G41}}
+
* {{570}}, {{570E}}
* ThinkPad {{i1410}}, {{i1411}}, {{i1412}}, {{i1450}}, {{i1451}}, {{i1452}}, {{i1472}}
+
* {{6 Series}}
* ThinkPad {{i1512}}, {{i1552}}
+
* {{760E}}, {{760ED}}, {{760EL}}, {{760ELD}}, {{760XL}}, {{760XD}}
* ThinkPad {{i1720}}, {{i1721}}
+
* {{765L}}, {{765D}}
* ThinkPad {{R50p}}
+
* {{770}}, {{770E}}, {{770ED}}, {{770X}}, {{770Z}}
* ThinkPad {{T20}}, {{T21}}, {{T22}}, {{T23}}, {{T30}}, {{T40}}, {{T40p}}, {{T41}}, {{T41p}}, {{T42}}, {{T42p}}
+
* {{A Series}}
 +
* {{T20}}, {{T21}}, {{T22}}, {{T23}}, {{T30}}, {{T40}}, {{T40p}}, {{T41}}, {{T41p}}, {{T42}}, {{T42p}}
 +
* {{R50p}}
 +
* {{G41}}, {{G50}}
 
* [[SelectaBase PC Card Enabler with Advanced EtherJet]]
 
* [[SelectaBase PC Card Enabler with Advanced EtherJet]]
 
* [[SelectaBase PC Card Enabler]]
 
* [[SelectaBase PC Card Enabler]]
Line 69: Line 73:
 
==See also==
 
==See also==
 
* [[Chipsets#CardBus_Controller_chipsets_found_in_ThinkPads|CardBus chipsets]]
 
* [[Chipsets#CardBus_Controller_chipsets_found_in_ThinkPads|CardBus chipsets]]
 
  
 
[[Category:Components]]
 
[[Category:Components]]

          

PCMCIA slot

 Cache   

added an entry for the 220

← Older revision Revision as of 11:29, 27 November 2019
Line 1: Line 1:
 
{| width="100%"
 
{| width="100%"
 
<div style="margin: 0; margin-right:10px; border: 1px solid #dfdfdf; padding: 0em 1em 1em 1em; background-color:#F8F8FF; align:right;">
 
<div style="margin: 0; margin-right:10px; border: 1px solid #dfdfdf; padding: 0em 1em 1em 1em; background-color:#F8F8FF; align:right;">
The [[PCMCIA]] slot is a 8 or 16bit [[PC Card]] slot. It is not compatible with the newer [[CardBus]] adapters.
+
The [[PCMCIA]] slot is an 8 or 16-bit [[PC Card]] slot. It is not compatible with the newer [[CardBus]] slot.
  
It exists in ThinkPads both as a Type II and Type III implementation. Type III is double the tickness of Type II, and most Type III implementations can accept two Type II cards.
+
It exists in ThinkPads both as a Type II and Type III implementation. Type III is 2.1 times thicker than a Type II, and most Type III implementations can accept two Type II cards. Type I on the other hand, is 1.515 times less thick than a Type II. This can be summarized as:
 
+
* A Type III slot can accept a Type III, Type II or a Type I card
* A Type III slot can accept a Type III, Type II or Type I card
+
* A Type II slot can accept a Type II or a Type I card
* A Type II slot can accept a Type II or Type I card
+
 
</div>
 
</div>
 
|}
 
|}
Line 13: Line 12:
  
 
=== Linux support ===
 
=== Linux support ===
PCMCIA hotplug and adapters where handled by the older Linux PCMCIA package until the 2.6 kernel where PCMCIA hotplug is now directly supported.
+
PCMCIA hotplug and adapters were handled by the older Linux PCMCIA package, until kernel 2.6 where PCMCIA hotplug is now directly supported.
  
 
=== Models featuring this Technology ===
 
=== Models featuring this Technology ===
 
'''(1) Type II slot'''
 
'''(1) Type II slot'''
* ThinkPad {{350}}, {{350C}}
+
* {{220}}
* ThinkPad {{500}}, {{510Cs}}
+
* {{350}}, {{350C}}
* ThinkPad {{710T}} (302, 303)
+
* {{500}}, {{510Cs}}
 +
* {{710T}} (302, 303)
  
 
'''(1) Type III slot'''
 
'''(1) Type III slot'''
* ThinkPad {{340}}, {{340CSE}}
+
* {{340}}, {{340CSE}}
* ThinkPad {{345C}}, {{345CS}}
+
* {{345C}}, {{345CS}}
* ThinkPad {{355}}, {{355C}}, {{355Cs}}
+
* {{355}}, {{355C}}, {{355Cs}}
  
 
'''(1) Type IV, or (1) Type III + (1) Type II, or (2) Type II'''
 
'''(1) Type IV, or (1) Type III + (1) Type II, or (2) Type II'''
Line 30: Line 30:
  
 
'''(2) Type III, or (3) Type II slots'''
 
'''(2) Type III, or (3) Type II slots'''
* ThinkPad {{730T}}, {{730TE}}
+
* {{730T}}, {{730TE}}
  
 
'''(2) Type II, or (1) Type III slot'''
 
'''(2) Type II, or (1) Type III slot'''
* ThinkPad {{230Cs}}
+
* {{230Cs}}
* ThinkPad {{360}}, {{360C}}, {{360Cs}}, {{360P}}, {{360CSE}}, {{360CE}}, {{360PE}}
+
* {{360}}, {{360C}}, {{360Cs}}, {{360P}}, {{360CSE}}, {{360CE}}, {{360PE}}
* ThinkPad {{365C}}, {{365CS}}, {{365CSD}}, {{365CD}}, {{365E}}, {{365ED}}, {{365X}}, {{365XD}}
+
* {{365C}}, {{365CS}}, {{365CSD}}, {{365CD}}, {{365E}}, {{365ED}}, {{365X}}, {{365XD}}
* ThinkPad {{370C}}
+
* {{370C}}
* ThinkPad {{380}}, {{380D}}, {{380E}}, {{380ED}}
+
* {{380}}, {{380D}}, {{380E}}, {{380ED}}
* ThinkPad {{385D}}, {{385ED}}
+
* {{385D}}, {{385ED}}
* ThinkPad {{550BJ}}, {{555BJ}}
+
* {{550BJ}}, {{555BJ}}
* ThinkPad {{560}}, {{560E}}
+
* {{560}}, {{560E}}
* ThinkPad {{701C}}, {{701CS}}
+
* {{701C}}, {{701CS}}
* ThinkPad {{710T}} (09Y)
+
* {{710T}} (09Y)
* ThinkPad {{720}}, {{720C}}
+
* {{720}}, {{720C}}
* ThinkPad {{750}}, {{750C}}, {{750Cs}}, {{750P}}
+
* {{750}}, {{750C}}, {{750Cs}}, {{750P}}
* ThinkPad {{755C}}, {{755Cs}}, {{755CE}}, {{755CSE}}, {{755CX}}, {{755CV}}, {{755CD}}, {{755CDV}}
+
* {{755C}}, {{755Cs}}, {{755CE}}, {{755CSE}}, {{755CX}}, {{755CV}}, {{755CD}}, {{755CDV}}
* ThinkPad {{760C}}, {{760CD}}, {{760L}}, {{760LD}}
+
* {{760C}}, {{760CD}}, {{760L}}, {{760LD}}
* ThinkPad {{820}}, {{850}}, {{860}}
+
* {{820}}, {{850}}, {{860}}
 
* {{PC110}}
 
* {{PC110}}
 
* [[ThinkPad Port Replicator Model 1]]
 
* [[ThinkPad Port Replicator Model 1]]

          

ALi M1632

 Cache   

added important RAM speed info

← Older revision Revision as of 11:02, 27 November 2019
Line 3: Line 3:
 
|style="vertical-align:top" |
 
|style="vertical-align:top" |
 
<div style="margin: 0; margin-right:10px; border: 1px solid #dfdfdf; padding: 0em 1em 1em 1em; background-color:#F8F8FF; align:right;">
 
<div style="margin: 0; margin-right:10px; border: 1px solid #dfdfdf; padding: 0em 1em 1em 1em; background-color:#F8F8FF; align:right;">
=== ALi M1632 ===
+
=== ALi M1632M ===
This is a ALi Northbridge
+
This is an ALi northbridge.
  
 
=== Features ===
 
=== Features ===
 
* Supports the following processors:
 
* Supports the following processors:
**[[Intel Mobile Pentium III]]
+
** [[Intel Mobile Pentium III]]
**[[Intel Mobile Celeron (2)|Intel Mobile Celeron]]
+
** [[Intel Mobile Celeron (2)|Intel Mobile Celeron]]
 +
* Supports the following memory modules:
 +
** [[PC-133]]{{footnote|1}}
 +
** [[PC-100]]
 
* Front Side Bus (FSB): 100MHz
 
* Front Side Bus (FSB): 100MHz
 
+
{{footnotes|
 +
#This is not truly supported, as this northbridge will automatically underclock it back to PC100 specifications.
 +
}}
 
</div>
 
</div>
 
|style="vertical-align:top" |
 
|style="vertical-align:top" |
Line 17: Line 22:
  
 
=== Linux support ===
 
=== Linux support ===
This chipset is supported by recent 2.4 and 2.6 kernels
+
This northbridge is supported by recent 2.4 and 2.6 kernels.
  
=== ThinkPads this chip may be found in ===
+
=== This chip may be found in ===
 
* {{R30}}
 
* {{R30}}
 
* {{i1200}}
 
* {{i1200}}
 
* {{i1300}}
 
* {{i1300}}
 
[[Category:Components]]
 
[[Category:Components]]

          

Графические планшеты Wacom в ALT

 Cache   

Новая страница: «{{stub}} В данной статье будет рассмотрено использование графических планшетов Wacom в ALT Linux.…»

Новая страница

{{stub}}
В данной статье будет рассмотрено использование графических планшетов Wacom в ALT Linux.

Официальной поддержки для Linux нет, однако поддержка Wacom-устройств в Linux реализуется в рамках проекта [https://linuxwacom.github.io/ Linux Wacom].

Драйвер Wacom состоит из трех компонентов:
*модуля ядра input-wacom (kernel/drivers/hid/wacom.ko, идет в ядре по-умолчанию)
*X-драйвера (отвечающего за перевод событий ядра в события XInput, которые могут быть использованы в таких приложениях, как GIMP. Пакет '''xorg-drv-wacom''')
*библиотеки libwacom (Сообщающей программам о подключенных в данный момент устройствах. Пакет '''libwacom'''.)

Данные устройства работают на ALT Linux.
[[Категория:Hardware]]

          

Ports/aarch64/RaspberryPi4andU-Boot

 Cache   

Варианты обхода проблемы

← Предыдущая Версия 16:39, 29 ноября 2019
(не показаны 3 промежуточные версии этого же участника)
Строка 45: Строка 45:
 
так, как принято в Альт.
 
так, как принято в Альт.
  
Однако, при исследовании этого способа загрудки было установлено, что использование немодифицированного
+
Однако, при исследовании этого способа загрузки было установлено, что использование немодифицированного
 
файла bcm2711-rpi-4-b.dtb при загрузке с использованием u-boot даёт неработающую систему -
 
файла bcm2711-rpi-4-b.dtb при загрузке с использованием u-boot даёт неработающую систему -
 
выглядит как зависание после передачи управления ядру.
 
выглядит как зависание после передачи управления ядру.
Строка 55: Строка 55:
 
и убрать fdtdir в extlinux.conf. После этого система загружается и работает.
 
и убрать fdtdir в extlinux.conf. После этого система загружается и работает.
  
Если взять dts файл на работающей Rpi4,
+
Если взять dts файл на работающей Rpi4:
 
  dtc -I fs -O dts -o bcm2711-rpi-4-b.dts /sys/firmware/devicetree/base
 
  dtc -I fs -O dts -o bcm2711-rpi-4-b.dts /sys/firmware/devicetree/base
 
компилировать его в dtb  
 
компилировать его в dtb  
Строка 63: Строка 63:
 
Для обхода проблемы и сохранения принятого в Альт способа загрузки и был использован последний вариант:
 
Для обхода проблемы и сохранения принятого в Альт способа загрузки и был использован последний вариант:
 
в исходниках ядер файлы <ref>http://git.altlinux.org/people/jqt4/packages/?p=kernel-image.git;a=blob;f=arch/arm64/boot/dts/broadcom/bcm2711-rpi-4-b.dts;h=1fd86f81f5426f1825b9427e2c7e70a02d477940;hb=3941f2697fa6e0a8493261ddeee1ef7046fd6ad4</ref> и <ref>http://git.altlinux.org/people/jqt4/packages/?p=kernel-image-rpi.git;a=blob;f=arch/arm64/boot/dts/broadcom/bcm2711-rpi-4-b.dts;h=1fd86f81f5426f1825b9427e2c7e70a02d477940;hb=635d58b87e4391837cab749ec5e285a831584316</ref> были заменены на файлы, считанные с работающей Raspberry Pi 4 -
 
в исходниках ядер файлы <ref>http://git.altlinux.org/people/jqt4/packages/?p=kernel-image.git;a=blob;f=arch/arm64/boot/dts/broadcom/bcm2711-rpi-4-b.dts;h=1fd86f81f5426f1825b9427e2c7e70a02d477940;hb=3941f2697fa6e0a8493261ddeee1ef7046fd6ad4</ref> и <ref>http://git.altlinux.org/people/jqt4/packages/?p=kernel-image-rpi.git;a=blob;f=arch/arm64/boot/dts/broadcom/bcm2711-rpi-4-b.dts;h=1fd86f81f5426f1825b9427e2c7e70a02d477940;hb=635d58b87e4391837cab749ec5e285a831584316</ref> были заменены на файлы, считанные с работающей Raspberry Pi 4 -
<ref>http://git.altlinux.org/people/jqt4/packages/?p=kernel-image.git;a=blob;f=arch/arm64/boot/dts/broadcom/bcm2711-rpi-4-b.dts;h=b6d49c8b1742f09cc9de7574157a5cef2cbf29a2;hb=7d2550925606273676aa51b2deaf9731a75c65fb</ref> и <ref>http://git.altlinux.org/people/jqt4/packages/?p=kernel-image-rpi.git;a=blob;f=arch/arm64/boot/dts/broadcom/bcm2711-rpi-4-b.dts;h=122c283ca1dfaeb5cc3fdc8534ffbd241f8bbc06;hb=667ef859fc327fdb308ac84b9c66418f0af76459</ref> соответсвенно.
+
<ref>http://git.altlinux.org/people/jqt4/packages/?p=kernel-image.git;a=blob;f=arch/arm64/boot/dts/broadcom/bcm2711-rpi-4-b.dts;h=b6d49c8b1742f09cc9de7574157a5cef2cbf29a2;hb=7d2550925606273676aa51b2deaf9731a75c65fb</ref> и <ref>http://git.altlinux.org/people/jqt4/packages/?p=kernel-image-rpi.git;a=blob;f=arch/arm64/boot/dts/broadcom/bcm2711-rpi-4-b.dts;h=122c283ca1dfaeb5cc3fdc8534ffbd241f8bbc06;hb=667ef859fc327fdb308ac84b9c66418f0af76459</ref> соответственно.
  
Понятно, что это только обход но не решение проблемы. При обновлении firmware или выходе
+
Понятно, что это только обход, но не решение проблемы. При обновлении firmware или выходе
 
новой версии платы Raspberry Pi 4 способ модификации dtb файла может измениться, что
 
новой версии платы Raspberry Pi 4 способ модификации dtb файла может измениться, что
 
может создать проблемы с работой системы.
 
может создать проблемы с работой системы.
Строка 78: Строка 78:
 
после обновления:
 
после обновления:
  
* rpi4-boot-nouboot: firmware загружает ядро, dtb и initrd, u-boot не используется.
+
* '''rpi4-boot-nouboot''': firmware загружает ядро, dtb и initrd, u-boot не используется.
* rpi4-boot-uboot-fw: firmware загружает dtb. U-boot загружает ядро и initrd.
+
* '''rpi4-boot-uboot-fw''': firmware загружает dtb. U-boot загружает ядро и initrd.
* rpi4-boot-uboot: u-boot загружает ядро, dtb и initrd.
+
* '''rpi4-boot-uboot''': u-boot загружает ядро, dtb и initrd.
  
 
Эти скрипты могут принимать flavour ядра в качестве аргумента.
 
Эти скрипты могут принимать flavour ядра в качестве аргумента.
Строка 94: Строка 94:
 
требуемому варианту загрузки то будет настроена загрузка с новым ядром.
 
требуемому варианту загрузки то будет настроена загрузка с новым ядром.
  
Скрипты находятся в пакете rpi4-boot-switch
+
Скрипты находятся в пакете [https://packages.altlinux.org/ru/sisyphus/specfiles/rpi4-boot-switch rpi4-boot-switch ]
  
 
=== Скрипт для переключения аудио ===
 
=== Скрипт для переключения аудио ===
  
 
По умолчению звук выводится на HDMI. Можно переключить вывод на 3.5 мм аналоговый разъём.
 
По умолчению звук выводится на HDMI. Можно переключить вывод на 3.5 мм аналоговый разъём.
Для переключения вывода звука предназначен скрипт RPi-audioswitch
+
Для переключения вывода звука предназначен скрипт [https://packages.altlinux.org/ru/sisyphus/specfiles/RPi-audioswitch RPi-audioswitch], который можно вызвать
 +
из меню программ.
  
Эти скрипты уже установлены в образ <ref>http://ftp.altlinux.org/pub/people/jqt4/images/rpi4/alt-workstation-rpi4-9.0-alpha2-aarch64.img.xz или http://get.srt.basealt.ru/images/rpi4/alt-workstation-rpi4-9.0-alpha2-aarch64.img.xz.md5</ref>
+
Эти скрипты уже установлены в образ [http://ftp.altlinux.org/pub/people/jqt4/images/rpi4/alt-workstation-rpi4-9.0-alpha2-aarch64.img.xz ALT Workstation] ([http://get.srt.basealt.ru/images/rpi4/alt-workstation-rpi4-9.0-alpha2-aarch64.img.xz.md5 md5sum]).

          

Ports/aarch64/RaspberryPi4andU-Boot

 Cache   

Новая страница: «Category:ARM Category:AArch64 == Загрузка Альт на Raspberry Pi 4 с помощью u-boot == === Резюме: === В Альт, при и…»

Новая страница

[[Category:ARM]] [[Category:AArch64]]

== Загрузка Альт на Raspberry Pi 4 с помощью u-boot ==

=== Резюме: ===
В Альт, при использовании u-boot в качестве загрузчика, происходит загрузка в память
файлов ядра Linux, dtb, initrd, прописанных в /boot/extlinux/extlinux.conf и передача управления ядру.

Загрузчик Raspberry Pi 4 (находится в файле start4.elf <ref>https://www.raspberrypi.org/documentation/configuration/boot_folder.md</ref>) при загрузке модифицирует файл dtb,
в зависимости от параметров в config.txt и установленных плат расширения <ref>https://www.raspberrypi.org/documentation/configuration/device-tree.md</ref>.

Использование немодифицированного dtb при загрузке с u-boot приводит к неработоспособности системы.

В статье описан обход данной проблемы, примененный в образах Альт для Raspberry Pi 4, начиная с <ref>http://ftp.altlinux.org/pub/people/jqt4/images/rpi4/alt-workstation-rpi4-9.0-alpha2-aarch64.img.xz или http://get.srt.basealt.ru/images/rpi4/alt-workstation-rpi4-9.0-alpha2-aarch64.img.xz.md5</ref>.

=== Загрузка Альт с помощью u-boot ===

В Альт, при использовании u-boot в качестве загрузчика, принят следующий порядок загрузки:

* U-boot ищет на rootfs файл /boot/extlinux/extlinux.conf и загружает его.

* Выдается меню вариантов загрузки, из которого пользователь может выбрать один.

* При отстутствии выбора пользователя используется вариант по умолчанию.

* U-boot загружает в память файлы ядра, dtb, initrd, указанные для выбранного варианта загрузки. После этого управление передается ядру.

ПО Альт, выполняющее обновление ядер и изменение flavour ядра в системе (update-kernel) ориентировано
именно на такой способ загрузки.

=== Загрузка Raspberry Pi 4 ===

На SD карте, установленной в Raspberry Pi 4 должен быть FAT раздел, на котором находятся файлы,
необходимые для загрузки.

Начальный загрузчик Raspberry Pi 4 находится не на SD карте, а на подключенной по SPI интерфейсу
микросхеме EEPROM <ref>https://www.raspberrypi.org/documentation/hardware/raspberrypi/booteeprom.md</ref> Он загружает файл start4.elf в GPU VideoCore <ref>https://www.raspberrypi.org/documentation/configuration/boot_folder.md</ref> после чего производится загрузка
ядра, загрузка и модификация dtb <ref>https://www.raspberrypi.org/documentation/configuration/device-tree.md</ref>, а при необходимости и загрузка inintrd с FAT раздела SD карты.

При такой схеме загрузки update-kernel бесполезен, поскольку с FAT разделом не работает.

=== Проблема загрузки Альт на Raspberry Pi 4 ===

Вместо ядра Linux на FAT раздел может быть установлен u-boot, что позволяет загрузить Raspberry Pi 4
так, как принято в Альт.

Однако, при исследовании этого способа загрудки было установлено, что использование немодифицированного
файла bcm2711-rpi-4-b.dtb при загрузке с использованием u-boot даёт неработающую систему -
выглядит как зависание после передачи управления ядру.

=== Варианты обхода проблемы ===

Было выяснено, что можно не загружать dtb файл с помощью u-boot, а передать ядру файл,
созданный firmware в памяти. Для этого нужно прописать device_tree_address в config.txt
и убрать fdtdir в extlinux.conf. После этого система загружается и работает.

Если взять dts файл на работающей Rpi4,
dtc -I fs -O dts -o bcm2711-rpi-4-b.dts /sys/firmware/devicetree/base
компилировать его в dtb
dtc -I dts -O dtb -o bcm2711-rpi-4-b.dtb bcm2711-rpi-4-b.dts
и использовать при загрузке с u-boot, то система загружается и работает.

Для обхода проблемы и сохранения принятого в Альт способа загрузки и был использован последний вариант:
в исходниках ядер файлы <ref>http://git.altlinux.org/people/jqt4/packages/?p=kernel-image.git;a=blob;f=arch/arm64/boot/dts/broadcom/bcm2711-rpi-4-b.dts;h=1fd86f81f5426f1825b9427e2c7e70a02d477940;hb=3941f2697fa6e0a8493261ddeee1ef7046fd6ad4</ref> и <ref>http://git.altlinux.org/people/jqt4/packages/?p=kernel-image-rpi.git;a=blob;f=arch/arm64/boot/dts/broadcom/bcm2711-rpi-4-b.dts;h=1fd86f81f5426f1825b9427e2c7e70a02d477940;hb=635d58b87e4391837cab749ec5e285a831584316</ref> были заменены на файлы, считанные с работающей Raspberry Pi 4 -
<ref>http://git.altlinux.org/people/jqt4/packages/?p=kernel-image.git;a=blob;f=arch/arm64/boot/dts/broadcom/bcm2711-rpi-4-b.dts;h=b6d49c8b1742f09cc9de7574157a5cef2cbf29a2;hb=7d2550925606273676aa51b2deaf9731a75c65fb</ref> и <ref>http://git.altlinux.org/people/jqt4/packages/?p=kernel-image-rpi.git;a=blob;f=arch/arm64/boot/dts/broadcom/bcm2711-rpi-4-b.dts;h=122c283ca1dfaeb5cc3fdc8534ffbd241f8bbc06;hb=667ef859fc327fdb308ac84b9c66418f0af76459</ref> соответсвенно.

Понятно, что это только обход но не решение проблемы. При обновлении firmware или выходе
новой версии платы Raspberry Pi 4 способ модификации dtb файла может измениться, что
может создать проблемы с работой системы.

=== Скрипты для переключения вариантов загрузки ===

Нужно сохранить возможность использовать другие способы загрузки, при этом не потеряв
возможности обновления ядер.

Был создан набор скриптов, модифицирующих конфигурационные файлы для настройки
режима загрузки, изменения flavour загружаемого ядра, изменения версии загружаемого ядра
после обновления:

* rpi4-boot-nouboot: firmware загружает ядро, dtb и initrd, u-boot не используется.
* rpi4-boot-uboot-fw: firmware загружает dtb. U-boot загружает ядро и initrd.
* rpi4-boot-uboot: u-boot загружает ядро, dtb и initrd.

Эти скрипты могут принимать flavour ядра в качестве аргумента.

В результате кроме изменения (или не изменения) варианта загрузки будет изменен и flavour
загружаемого ядра.

Если flavour не указан, то используется flavour ядра, работающего в данный момент.

Скрипты ищут самое свежее ядро с требуемым flavour, установленное в системе.

Таким образом, если после обновления ядра update-kernel запустить скрипт, соответствующий
требуемому варианту загрузки то будет настроена загрузка с новым ядром.

Скрипты находятся в пакете rpi4-boot-switch

=== Скрипт для переключения аудио ===

По умолчению звук выводится на HDMI. Можно переключить вывод на 3.5 мм аналоговый разъём.
Для переключения вывода звука предназначен скрипт RPi-audioswitch

Эти скрипты уже установлены в образ <ref>http://ftp.altlinux.org/pub/people/jqt4/images/rpi4/alt-workstation-rpi4-9.0-alpha2-aarch64.img.xz или http://get.srt.basealt.ru/images/rpi4/alt-workstation-rpi4-9.0-alpha2-aarch64.img.xz.md5</ref>

          

SlackBuilds.org changes for Sun, 01 Dec 2019 01:51:28 GMT

 Cache   
accessibility/sct: Added (set the color temperature of the screen).
audio/DPF-Plugins: Added (Collection of DPF-based plugins).
audio/a2jmidid: Update DEP.
audio/azr3: Update DEP.
audio/seq24: Update script.
business/ledger: Updated for version 3.1.3.
development/apache-maven: Updated for version 3.6.3.
development/git-lfs: Updated for version 2.9.1.
development/jupyter-nbconvert: Updated for version 5.6.1.
development/pycharm: Updated for version 2019.2.5.
development/uncrustify: Updated for version 0.70.1.
development/universal-ctags: Updated for version f58752a
development/vscode-bin: Updated for version 1.40.2.
games/atari800: Updated for version 4.1.0.
games/pioneer: Updated for version 20191117.
games/tbftss: Updated for version 1.5.1.
gis/OWSLib: Updated for version 0.19.0.
gis/gpxsee: Updated for version 7.18.
graphics/Blender: Updated for version 2.81
graphics/XnViewMP: Updated for version 0.94.1.
graphics/white_dune: Updated for version 1.654.
graphics/xfishtank: Added (X11 aquarium).
ham/tlf: Updated for version 1.4.0
libraries/botocore: Updated for version 1.13.28.
libraries/imlib2: Updated for version 1.6.0.
libraries/libagentcrypt: Added (symmetric encryption ssh agent).
libraries/live555: Updated for version 2019.11.22
libraries/lua-luv: Updated for version 1.32.0-0.
libraries/qwt-qt5: Fix versions.
misc/mosquitto: Updated for version 1.6.8
misc/sigrok-firmware-fx2lafw: Updated for version 0.1.7.
network/Pafy: Updated for version 0.5.5.
network/RSSOwl: Removed.
network/awscli: Updated for version 1.16.292.
network/bitcoin: Updated for version 0.19.0.1.
network/isync: Update script.
network/pirate-get: Updated for version 0.3.4.
network/unbound: Updated for version 1.9.5.
network/youtube-dl: Updated for version 2019.11.22.
office/LibreOffice: Fix md5sum
office/calibre-bin: Updated for version 4.5.0.
office/onlyoffice-desktopeditors: Updated for version 5.4.2.
perl/MoarVM: Updated for version 2019.11.
perl/nqp: Updated for version 2019.11.
perl/perl-CPANPLUS: Updated for version 0.9902.
perl/perl-PPI: Fix VERSION.
perl/perl-Test-Object: Fix DOWNLOAD url.
perl/perl6-Readline: Removed (use raku-Readlines.com).
perl/raku-Readline: Added (Raku interface to GNU Readline library).
perl/rakudo: Updated for version 2019.11.
perl/zef: Add missing doinst.sh.
perl/zef: Updated for version 0.8.2.
python/colored: Updated for version 1.4.1.
python/mypy: Updated for version 0.750.
python/pycryptodome: Updated for version 3.9.4.
python/python-libtmux: Updated for version 0.8.2.
python/python-parsedatetime: Updated for version 2.5.
python/python3-ipython: Updated for version 7.10.0.
python/python3-jsonschema: Updated for version 3.2.0.
python/python3-pyrsistent: Updated for version 0.15.6.
python/python3-pyzmq: Updated for version 18.1.1
python/pyzmq: Updated for version 18.1.1.
system/ansible: Updated for version 2.8.7.
system/logwatch: Added (a customizable log analysis system).
system/mlterm: Updated for version 3.8.9.
system/netdata: Updated for version 1.19.0.
system/newLd: Added (new ld linker).
system/nsca-ng: Fix download location and homepage.
system/nvidia-driver: Updated for version 440.36.
system/nvidia-kernel: Updated for version 440.36.
system/powerline-status: Added python3 support.
system/pspg: Updated for version 2.5.5.
system/pspg: Updated for version 2.6.0.
system/sargon: Added (User privilege system for docker).
system/symbola-font-ttf: Updated for version 12.00.

          

Route "system.db_update" does not exist

 Cache   

Hello everyone,

I'm running a Drupal site and trying to update my site on v8.7.10, I have no access to the site after loading the files on my server.

Here is the display on the index.php

The website encountered an unexpected error. Please try again later.
Drupal\Core\Database\DatabaseExceptionWrapper: SQLSTATE[42000]: Syntax error or access violation: 1142 INSERT command denied to user 'cgtcaenfydjean27'@'10.4.107.7' for table 'watchdog': INSERT INTO {watchdog} (uid, type, message, variables, severity, link, location, referer, hostname, timestamp) VALUES (:db_insert_placeholder_0, :db_insert_placeholder_1, :db_insert_placeholder_2, :db_insert_placeholder_3, :db_insert_placeholder_4, :db_insert_placeholder_5, :db_insert_placeholder_6, :db_insert_placeholder_7, :db_insert_placeholder_8, :db_insert_placeholder_9); Array ( [:db_insert_placeholder_0] => 0 [:db_insert_placeholder_1] => DrupalKernel [:db_insert_placeholder_2] => Container cannot be saved to cache. [:db_insert_placeholder_3] => a:0:{} [:db_insert_placeholder_4] => 3 [:db_insert_placeholder_5] => [:db_insert_placeholder_6] => [:db_insert_placeholder_7] => [:db_insert_placeholder_8] => [:db_insert_placeholder_9] => 1575201981 ) in Drupal\dblog\Logger\DbLog->log() (line 78 of core/modules/dblog/src/Logger/DbLog.php).

and on my update.php that I could not launch:

The website encountered an unexpected error. Please try again later.
Symfony\Component\Routing\Exception\RouteNotFoundException: Route "system.db_update" does not exist. in Drupal\Core\Routing\RouteProvider->getRouteByName() (line 201 of core/lib/Drupal/Core/Routing/RouteProvider.php).
Drupal version: 

          

tedu honked https://honk.tedunangst.com/u/tedu/h/g11VmT4H2B237hcjSl

 Cache   
On the topic of shell metachars and globs and command arguments and such.

1. There's probably more than you think. rsyncing a file named google.com:backdoors will likely send your secret plans to the big G.

2. In many cases, programs and protocols do not require a file to exist, as in the classic git/hg name a subrepo ; cat /etc/passwd oops.

Which is to say, various fixes like the kernel won't let you create bad names are likely to be about as effective as web sites that don't let you create a user named select.
          

Donors Challenge Conservancy Supporters with Largest Match Yet

 Cache   

A news item from Software Freedom Conservancy.

We’ve been challenged by a group of amazing individuals and Private Internet Access to raise a total of $113,093 during this fundraising season. These are folks who believe in software freedom and believe in Conservancy. This illustrious group includes; Leslie Hawthorn, Daniel Kahn Gillmor, Martin Krafft, Mark Wielaard, David Turner & Danielle Sucher, and Bdale Garbee — you'll be hearing more about them in the coming weeks on our blog.

Sign up as a Supporter now and have your donation count twice!

This year we have a special bonus match for new Conservancy Supporters, whose donations will be matched twice and therefore have three times the impact.

Growth & Impact

At a scrappy org like Conservancy, the biggest limitation on our capacity is staff. There are only so many hours in the day. This year we went from four to five full-timers and increased the hours of our part time employee and it has been transformational. Bringing stability to our ramped up operations and even exploring adding another much needed employee would catalyze our ability to serve the free software movement. That's why matches that challenge our donors to dig a little deeper and bring in their friends are so critical.

Compliance & Funding

There are a few companies that want to see a level playing field when it comes to copyleft licenses but many are playing a long game. One where they hope the entire software freedom community will just give in and stop asking them to provide source for their products. Longtime free software players, our donors, people like you who contribute to community-driven free software projects know how critical it is to have an organization standing up for software freedom. But we need your help, because shorter-sighted companies aren't going to fund this work.

Diverse & Vibrant

We're focusing on making the free software movement one that welcomes everyone. To continue growing our development capacity, to bring in more users to increase mindshare, we must be great at bringing in new people. We have to build communities that they want to be part of. That's why we are proud to support Outreachy, North Bay Python, MicroBlocks and others that are doing the critical work of being someone's first experience with free software. Diversity can't be an afterthought. This crucial work needs funding and resources to get right.

Communities & Development

Community-driven projects need support and a vendor-neutral home where they can do their work in the public interest. They need help running international conferences, someone to help them get their contractors paid and someone to take care of their trademarks and other project assets. These back-end bits all need time and expertise. Conservancy provides that expertise in a way that helps the project serve and amplify software freedom.

Sign up as a Supporter now and have your donation count twice!

This year we have a special bonus match for new Conservancy Supporters, whose donations will be matched twice and therefore have three times the impact. If you've been waiting for great time to invite a friend or colleague to join you in supporting software freedom with Conservancy -- this is it!


          

Cumulus Networks Enhances Linux Based Network Operating System

 Cache   

EnterpriseNetworkingPlanet: New release provides support for more platforms and integrates new Linux kernel features.


          

Site Unexpeced Error: Unable to determine class for field type

 Cache   

On drupal 8 site, I installed a contributed module and then added a field to a content type to test the module. After finding the module wasn't working as expected I decided to uninstall the module. To do that I tried to delete the field I had created, on clicking delete the site has remained inaccessible and displaying only this error:

The website encountered an unexpected error. Please try again later.</br></br><em class="placeholder">RuntimeException</em>: Unable to determine class for field type &#039;plugin:currency_amount_formatter&#039; found in the &#039;field.field.node.hotel_information.field_room_cost_formatted&#039; configuration in <em class="placeholder">Drupal\Core\Field\FieldConfigStorageBase-&gt;mapFromStorageRecords()</em> (line <em class="placeholder">28</em> of <em class="placeholder">core\lib\Drupal\Core\Field\FieldConfigStorageBase.php</em>). <pre class="backtrace">Drupal\Core\Config\Entity\ConfigEntityStorage-&gt;doLoadMultiple(Array) (Line: 292)
Drupal\Core\Entity\EntityStorageBase-&gt;loadMultiple(Array) (Line: 541)
Drupal\Core\Entity\EntityBase::loadMultiple(Array) (Line: 202)
field_entity_bundle_field_info(Object, &#039;hotel_information&#039;, Array)
call_user_func_array(&#039;field_entity_bundle_field_info&#039;, Array) (Line: 392)
Drupal\Core\Extension\ModuleHandler-&gt;invoke(&#039;field&#039;, &#039;entity_bundle_field_info&#039;, Array) (Line: 396)
Drupal\Core\Entity\EntityFieldManager-&gt;buildBundleFieldDefinitions(&#039;node&#039;, &#039;hotel_information&#039;, Array) (Line: 338)
Drupal\Core\Entity\EntityFieldManager-&gt;getFieldDefinitions(&#039;node&#039;, &#039;hotel_information&#039;) (Line: 196)
Drupal\Core\Entity\EntityManager-&gt;getFieldDefinitions(&#039;node&#039;, &#039;hotel_information&#039;) (Line: 260)
views_entity_field_label(&#039;node&#039;, &#039;body&#039;) (Line: 507)
views_field_default_views_data(Object) (Line: 193)
views_views_data()
call_user_func_array(&#039;views_views_data&#039;, Array) (Line: 392)
Drupal\Core\Extension\ModuleHandler-&gt;invoke(&#039;views&#039;, &#039;views_data&#039;) (Line: 243)
Drupal\views\ViewsData-&gt;getData() (Line: 160)
Drupal\views\ViewsData-&gt;get(&#039;node_field_data&#039;) (Line: 85)
Drupal\views\Plugin\ViewsHandlerManager-&gt;getHandler(Array, NULL) (Line: 889)
Drupal\views\Plugin\views\display\DisplayPluginBase-&gt;getHandlers(&#039;argument&#039;) (Line: 115)
Drupal\views\Plugin\Derivative\ViewsBlock-&gt;getDerivativeDefinitions(Array) (Line: 101)
Drupal\Component\Plugin\Discovery\DerivativeDiscoveryDecorator-&gt;getDerivatives(Array) (Line: 87)
Drupal\Component\Plugin\Discovery\DerivativeDiscoveryDecorator-&gt;getDefinitions() (Line: 284)
Drupal\Core\Plugin\DefaultPluginManager-&gt;findDefinitions() (Line: 175)
Drupal\Core\Plugin\DefaultPluginManager-&gt;getDefinitions() (Line: 22)
Drupal\Core\Plugin\DefaultPluginManager-&gt;getDefinition(&#039;system_branding_block&#039;) (Line: 16)
Drupal\Core\Plugin\Factory\ContainerFactory-&gt;createInstance(&#039;system_branding_block&#039;, Array) (Line: 76)
Drupal\Component\Plugin\PluginManagerBase-&gt;createInstance(&#039;system_branding_block&#039;, Array) (Line: 62)
Drupal\Core\Plugin\DefaultSingleLazyPluginCollection-&gt;initializePlugin(&#039;system_branding_block&#039;) (Line: 57)
Drupal\block\BlockPluginCollection-&gt;initializePlugin(&#039;system_branding_block&#039;) (Line: 80)
Drupal\Component\Plugin\LazyPluginCollection-&gt;get(&#039;system_branding_block&#039;) (Line: 45)
Drupal\block\BlockPluginCollection-&gt;get(&#039;system_branding_block&#039;) (Line: 83)
Drupal\Core\Plugin\DefaultSingleLazyPluginCollection-&gt;setConfiguration(Array) (Line: 99)
Drupal\Core\Plugin\DefaultSingleLazyPluginCollection-&gt;addInstanceId(&#039;system_branding_block&#039;, Array) (Line: 55)
Drupal\Core\Plugin\DefaultSingleLazyPluginCollection-&gt;__construct(Object, &#039;system_branding_block&#039;, Array) (Line: 34)
Drupal\block\BlockPluginCollection-&gt;__construct(Object, &#039;system_branding_block&#039;, Array, &#039;aptegy_branding&#039;) (Line: 156)
Drupal\block\Entity\Block-&gt;getPluginCollection() (Line: 145)
Drupal\block\Entity\Block-&gt;getPlugin() (Line: 118)
Drupal\block\BlockAccessControlHandler-&gt;checkAccess(Object, &#039;view&#039;, Object) (Line: 105)
Drupal\Core\Entity\EntityAccessControlHandler-&gt;access(Object, &#039;view&#039;, Object, 1) (Line: 369)
Drupal\Core\Entity\EntityBase-&gt;access(&#039;view&#039;, NULL, 1) (Line: 56)
Drupal\block\BlockRepository-&gt;getVisibleBlocksPerRegion(Array) (Line: 137)
Drupal\block\Plugin\DisplayVariant\BlockPageVariant-&gt;build() (Line: 259)
Drupal\Core\Render\MainContent\HtmlRenderer-&gt;prepare(Array, Object, Object) (Line: 117)
Drupal\Core\Render\MainContent\HtmlRenderer-&gt;renderResponse(Array, Object, Object) (Line: 90)
Drupal\Core\EventSubscriber\MainContentViewSubscriber-&gt;onViewRenderArray(Object, &#039;kernel.view&#039;, Object)
call_user_func(Array, Object, &#039;kernel.view&#039;, Object) (Line: 111)
Drupal\Component\EventDispatcher\ContainerAwareEventDispatcher-&gt;dispatch(&#039;kernel.view&#039;, Object) (Line: 156)
Symfony\Component\HttpKernel\HttpKernel-&gt;handleRaw(Object, 2) (Line: 68)
Symfony\Component\HttpKernel\HttpKernel-&gt;handle(Object, 2, 1) (Line: 57)
Drupal\Core\StackMiddleware\Session-&gt;handle(Object, 2, 1) (Line: 47)
Drupal\Core\StackMiddleware\KernelPreHandle-&gt;handle(Object, 2, 1) (Line: 106)
Drupal\page_cache\StackMiddleware\PageCache-&gt;pass(Object, 2, 1) (Line: 85)
Drupal\page_cache\StackMiddleware\PageCache-&gt;handle(Object, 2, 1) (Line: 47)
Drupal\Core\StackMiddleware\ReverseProxyMiddleware-&gt;handle(Object, 2, 1) (Line: 52)
Drupal\Core\StackMiddleware\NegotiationMiddleware-&gt;handle(Object, 2, 1) (Line: 23)
Stack\StackedHttpKernel-&gt;handle(Object, 2) (Line: 166)
Drupal\Core\EventSubscriber\DefaultExceptionHtmlSubscriber-&gt;makeSubrequest(Object, &#039;/system/403&#039;, 403) (Line: 112)
Drupal\Core\EventSubscriber\DefaultExceptionHtmlSubscriber-&gt;on403(Object) (Line: 109)
Drupal\Core\EventSubscriber\HttpExceptionSubscriberBase-&gt;onException(Object, &#039;kernel.exception&#039;, Object)
call_user_func(Array, Object, &#039;kernel.exception&#039;, Object) (Line: 111)
Drupal\Component\EventDispatcher\ContainerAwareEventDispatcher-&gt;dispatch(&#039;kernel.exception&#039;, Object) (Line: 227)
Symfony\Component\HttpKernel\HttpKernel-&gt;handleException(Object, Object, 1) (Line: 79)
Symfony\Component\HttpKernel\HttpKernel-&gt;handle(Object, 1, 1) (Line: 57)
Drupal\Core\StackMiddleware\Session-&gt;handle(Object, 1, 1) (Line: 47)
Drupal\Core\StackMiddleware\KernelPreHandle-&gt;handle(Object, 1, 1) (Line: 106)
Drupal\page_cache\StackMiddleware\PageCache-&gt;pass(Object, 1, 1) (Line: 85)
Drupal\page_cache\StackMiddleware\PageCache-&gt;handle(Object, 1, 1) (Line: 47)
Drupal\Core\StackMiddleware\ReverseProxyMiddleware-&gt;handle(Object, 1, 1) (Line: 52)
Drupal\Core\StackMiddleware\NegotiationMiddleware-&gt;handle(Object, 1, 1) (Line: 23)
Stack\StackedHttpKernel-&gt;handle(Object, 1, 1) (Line: 693)
Drupal\Core\DrupalKernel-&gt;handle(Object) (Line: 19)
</pre>

Any direction on how to resolve this is appreciated.

Drupal version: 

          

Routine Maintenance

 Cache   

THIS IS A SCHEDULED EVENT Dec 10, 22:00 - 23:00 UTC

Nov 22, 23:30 UTC
Scheduled - In order to facilitate regular kernel, firmware, and OS updates, we will be performing routine maintenance on December 10th from 2pm-3pm PST / 10pm-11pm UTC.

Customers may experience a brief drop in product API availability at the beginning of the maintenance window.


          

Pro100 Agro: як правильно розвинути свій бізнес

 Cache   
3 грудня компанія Kernel проведе конференцію PRO100 AGRO у межах партнерської програми Open Agribusiness. Учасники матимуть змогу обговорити сучасні тренди на ефективні інструменти для розвитку власного агробізнесу.
          

Checkra1n jailbreak si aggiorna con il supporto per iOS 13.2.3

 Cache   
Checkra1n jailbreak si aggiorna con il supporto per iOS 13.2.3 Il jailbreak checkra1n per iOS è stato aggiornato con il supporto per iOS 13.2.3; così come il supporto per iPad 5, iPad Air 2 e iPad Pro 1a generazione. A quanto pare, il team di checkra1n ha lavorato sodo per risolvere i bug e migliorare la stabilità del jailbreak e questo ci porta all’ultimo aggiornamento. Il membro del team di Checkra1n, Luca Todesco, ha comunicato su Twitter la disponibilità di checkra1n v.0.9.6. Ecco il log completo delle modifiche: Novità di Checkra1n 0.9.6 Beta Correzioni di bug ● Supporto per l’iPad di sesta generazione ● Risolve un problema per cui i dispositivi A7 segnalavano un codice di errore in caso di successo ● Risolve un problema per cui le icone delle app di jailbreak venivano visualizzate all’avvio dopo aver utilizzato la funzionalità “Restore System” ● Rende l’app Loader più resistente agli errori che si verificano dopo un lungo periodo di attività ● Risolve un problema a causa del quale Loader e Cydia fallivano senza un messaggio di connessione Internet su iPhone cinesi ● Risolve un problema a causa del quale la tastiera Smart per iPad Pro si disconnetteva ● Risolve un problema con la ricarica rapida Altre modifiche ● Aggiunto il supporto per il jailbreak di Apple TV dalla stessa app ● Aggiunto il supporto per iPad 5a generazione, iPad Air 2a generazione e iPad Pro 1a generazione ● Aggiunto il supporto per iOS 13.2.3 ● Velocità del caricatore notevolmente migliorata ● Esporta la base del kernel e altre cose utili per gli sviluppatori (vedi jbctl per i dettagli) Se si verifica il -20, eseguire nuovamente il jailbreak con l’opzione della modalità senza substrato selezionata nell’app e vedere se la rimozione di modifiche risolve il problema. Dispositivi non supportati Il supporto per i seguenti dispositivi è sperimentale e potrebbe richiedere più tentativi del solito: ● iPhone 5s ● iPad Mini 2 ● iPad Mini 3 ● iPad Air L’affidabilità su questi dispositivi sarà migliorata nelle versioni future. checkra1n v0.9.6 offre supporto nuovo e migliorato per dispositivi iOS più compatibili e, in particolare, aggiunge il supporto ufficiale per iOS 13.2.3, rilasciato da Apple solo un paio di settimane fa. Altre modifiche includono miglioramenti dell’app checkra1n Loader, correzioni per la tastiera e gli accessori di ricarica e miglioramenti della velocità, tra le altre cose. Nonostante tutte le correzioni e i miglioramenti, checkra1n v0.9.6 è ancora considerato una beta pubblica e dovrebbe essere trattato come tale. Le versioni beta sono soggetti a bug, quindi solo i jailbreaker avanzati o gli sviluppatori di tweak jailbreak dovrebbero tentare di utilizzare la beta pubblica di checkra1n. Si consiglia invece a tutti gli altri di attendere la release finale. Se si utilizza una versione precedente di checkra1n, è possibile scaricare l’ultima versione, riavviare il dispositivo con jailbreak ed eseguire l’ultima versione dello strumento per aggiornare il jailbreak. Il jailbreak di checkra1n può essere scaricato dal sito Web ufficiale del team di checkra1n e non deve essere scaricato da nessun’altra parte per motivi di sicurezza.
          

Member of Technical Staff - VMware - Bellevue, WA

 Cache   
Excellent knowledge of OS kernel internals, including memory management, resource management, and interrupt architecture. Exposure to VMs (Java or x86).
From VMware - Wed, 20 Nov 2019 13:21:18 GMT - View all Bellevue, WA jobs
          

Member of Technical Staff - Monitor Group - VMware Engineering - Bellevue, WA

 Cache   
The machine monitor group is responsible for the CPU virtualization technology in VMware products. Excellent knowledge of OS kernel internals, including memory…
From VMware - Thu, 14 Nov 2019 10:59:32 GMT - View all Bellevue, WA jobs
          

Exton|OS pasa a usar Linux 5.4 y se basa en Ubuntu 19.10

 Cache   
Hoy se ha lanzado Linux 5.4.1. El equipo de desarrolladores del kernel de Linux se espera a lanzar una primera...
          

ESXi 6.7U1 - Cannot create Datastore

 Cache   

Hello all,

 

On fresh installation I'm trying to create datastore on bellow drive and after selection of free space on left first thing I do not understand, why there is any VMFS partition (on right) when on before (on left) there is none and it even has almost same size as "Free Space" on left

 

ESXi1.PNG

 

When I try to create partition like this with any size like for examle 40GB pm mext screen it looks like this and instead of VMFS it will mark it as basic data:

 

ESXi2.PNG

 

After click of finish it will write following error:

 

 

ESXi3.PNG

 

 

Here is dump of vmkernel.log:

 

 

2019-12-02T14:25:13.512Z cpu4:2097662)NMP: nmp_ThrottleLogForDevice:3781: Cmd 0x85 (0x459a40d7cf00, 2099236) to dev "t10.NVMe____INTEL_SSDPE2MX012T7_CVPF636600QS1P2NGN__00000001" on path "vmhba2:C0:T0:L0" Failed: H:0x0 D:0x2 P:0x0 Valid sense data: 0x5 $

2019-12-02T14:25:13.512Z cpu4:2097662)ScsiDeviceIO: 3082: Cmd(0x459a40d7cf00) 0x85, CmdSN 0x20 from world 2099236 to dev "t10.NVMe____INTEL_SSDPE2MX012T7_CVPF636600QS1P2NGN__00000001" failed H:0x0 D:0x2 P:0x0 Valid sense data: 0x5 0x0 0x0.

2019-12-02T14:25:13.515Z cpu2:2097667)NMP: nmp_ThrottleLogForDevice:3781: Cmd 0x85 (0x459a40d7cf00, 2099236) to dev "t10.NVMe____INTEL_SSDPE2MX012T7_CVPF637100SY1P2NGN__00000001" on path "vmhba3:C0:T0:L0" Failed: H:0x0 D:0x2 P:0x0 Valid sense data: 0x5 $

2019-12-02T14:25:13.515Z cpu2:2097667)ScsiDeviceIO: 3082: Cmd(0x459a40d7cf00) 0x85, CmdSN 0x28 from world 2099236 to dev "t10.NVMe____INTEL_SSDPE2MX012T7_CVPF637100SY1P2NGN__00000001" failed H:0x0 D:0x2 P:0x0 Valid sense data: 0x5 0x0 0x0.

 

 

Here is also my setup as it is showed on main screen of WebGUI:

 

ESXi0.PNG


Can you please help me with it? I tried to google it but common guides like change of MTU and simillar didn't helped me. Also tried to reinstall it several times but issue is still there.


          

Daniel Vetter: ELCE Lyon: Everything Great About Upstream Graphics

 Cache   

At ELC Europe in Lyon I held a nice little presentation about the state of upstream graphics drivers, and how absolutely awesome it all is. Of course with a big focus on SoC and embedded drivers. Slides and the video recording

Key takeaways for the busy:

  • The upstream DRM graphics subsystem really scales down to tiny drivers now, with the smallest driver coming in at just around 250 lines (including comments and whitespace), 10’000x less than the biggest!

  • Batteries all included - there’s modular helpers for everything. As a rule of thumb even minimal legacy fbdev drivers ported to DRM shrink by a factor of 2-4 thanks to these helpers taking care of anything that’s remotely standardized in displays and GPUs.

  • For shipping userspace drivers go with a dual-stack: Open source GL and Vulkan drivers for those who want that, and for getting the kernel driver merged into upstream. Closed source for everyone else, running on the same userspace API and kernel driver.

  • And for customer support backport the entire subsystem, try to avoid backporting an individual driver.

In other words, world domination is assured and progressing according to plan.


          

Michael Kerrisk (manpages): man-pages-5.04 is released

 Cache   
I've released man-pages-5.04. The release tarball is available on kernel.org. The browsable online pages can be found on man7.org. The Git repository for man-pages is available on kernel.org.

This release resulted from patches, bug reports, reviews, and comments from 15 contributors. The release includes approximately 80 commits that change just under 30 pages.

The most notable of the changes in man-pages-5.04 are the following:
  • With some help from Christian Brauner, I've added documentation of the clone3() system call (new in Linux 5.3) to the clone(2) manual page. In addition, several other parts of the clone(2) manual page were cleaned up and reworked.
  • I've refreshed the the bpf-helpers(7) page against the latest kernel sources; as a result, the page has grown size by about 25%.
Another small but important changes is the addition of documentation of the P_PIDFD idtype in the waitid(2) manual page. This feature, added in Linux 5.4, allows a parent process to wait on a child process that is referred to by a PID file descriptor, and constitutes the final cornerstone in the pidfd API.

          

Linux Plumbers Conference: Linux Plumbers Conference 2019 videos are now available

 Cache   

Following up on our previous post, and as many of you have already noticed, the LPC 2019 videos have now been uploaded to our YouTube channel.

Over the coming days the LPC committee will be updating the 2019 site to incorporate links to the videos. At the same time, we will be getting ready to launch the 2020 site as well.

For now, you can access the videos in the following playlists:

You can access and promote the Linux Plumbers Conference YouTube channel here.

The videos have been uploaded to YouTube under the Creative Commons Attribution license (CC-BY).


          

Linux phones need to succeed and it isn’t just about privacy

 Cache   
Android and iOS may be the mobile platforms today but there have always been attempts to push other horses into the race. Most of them used the Linux kernel just like Android but a few were more direct efforts to bring some of the Linux desktop stack to mobile in one form or another. Thanks to changes in the industry, … Continue reading
          

CVE-2019-19318

 Cache   

Severity Not Scored

Description

In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,

Read more at https://www.tenable.com/cve/CVE-2019-19318


          

CVE-2019-19319

 Cache   

Severity Not Scored

Description

In the Linux kernel 5.0.21, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call.

Read more at https://www.tenable.com/cve/CVE-2019-19319


          

CVE-2019-18660

 Cache   

Severity Not Scored

Description

The Linux kernel through 5.3.13 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.

Read more at https://www.tenable.com/cve/CVE-2019-18660


          

CVE-2019-6673

 Cache   

Severity Not Scored

Description

On versions 15.0.0-15.0.1 and 14.0.0-14.1.2, when the BIG-IP is configured in HTTP/2 Full Proxy mode, specifically crafted requests may cause a disruption of service provided by the Traffic Management Microkernel (TMM).

Read more at https://www.tenable.com/cve/CVE-2019-6673


          

CVE-2011-2480

 Cache   

Severity Not Scored

Description

Information Disclosure vulnerability in the 802.11 stack, as used in FreeBSD before 8.2 and NetBSD when using certain non-x86 architectures. A signedness error in the IEEE80211_IOC_CHANINFO ioctl allows a local unprivileged user to cause the kernel to copy large amounts of kernel memory back to the user, disclosing potentially sensitive information.

Read more at https://www.tenable.com/cve/CVE-2011-2480


          

CVE-2019-10220

 Cache   

Severity Not Scored

Description

Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.

Read more at https://www.tenable.com/cve/CVE-2019-10220


          

CVE-2019-14896

 Cache   

Severity Not Scored

Description

A vulnerability was found in marvell wifi chip driver in Linux kernel. There is a heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c allows remote attackers to cause a denial of service(system crash) or possibly execute arbitrary code. When STA connects to AP, lbs_ibss_join_existing function will be called for STA.

Read more at https://www.tenable.com/cve/CVE-2019-14896


          

CVE-2019-19252

 Cache   

Severity Not Scored

Description

vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a.

Read more at https://www.tenable.com/cve/CVE-2019-19252


          

CVE-2019-18675

 Cache   

Severity Not Scored

Description

The Linux kernel through 5.3.13 has a start_offset+size Integer Overflow in cpia2_remap_buffer in drivers/media/usb/cpia2/cpia2_core.c because cpia2 has its own mmap implementation. This allows local users (with /dev/video0 access) to obtain read and write permissions on kernel physical pages, which can possibly result in a privilege escalation.

Read more at https://www.tenable.com/cve/CVE-2019-18675


          

CVE-2019-10207

 Cache   

Severity Not Scored

Description

A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.

Read more at https://www.tenable.com/cve/CVE-2019-10207


          

CVE-2019-14815

 Cache   

Severity Not Scored

Description

kernel is vulnerable to a None

Read more at https://www.tenable.com/cve/CVE-2019-14815


          

CVE-2019-19227

 Cache   

Severity Not Scored

Description

In the AppleTalk subsystem in the Linux kernel before 5.1, there is a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka CID-9804501fa122.

Read more at https://www.tenable.com/cve/CVE-2019-19227


          

CVE-2019-18887

 Cache   

Severity Not Scored

Description

An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel.

Read more at https://www.tenable.com/cve/CVE-2019-18887


          

CVE-2019-2318

 Cache   

Severity Not Scored

Description

Non Secure Kernel can cause Trustzone to do an arbitrary memory read which will result into DOS in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ8074, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, QCA8081, QM215, SDM429, SDM439, SDM450, SDM632, Snapdragon_High_Med_2016

Read more at https://www.tenable.com/cve/CVE-2019-2318


          

CVE-2019-2266

 Cache   

Severity Not Scored

Description

Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, Nicobar, QCA9980, QCS405, QCS605, SDM845, SDX24, SM7150, SM8150

Read more at https://www.tenable.com/cve/CVE-2019-2266


          

CVE-2018-13916

 Cache   

Severity Not Scored

Description

Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

Read more at https://www.tenable.com/cve/CVE-2018-13916


          

AMD IOMMU Driver Reworked For Linux 5.5

 Cache   
Phoronix: AMD IOMMU Driver Reworked For Linux 5.5 With the IOMMU updates for the Linux 5.5 kernel there is a major rework to the AMD IOMMU driver...
          

RESA California State President Shares a Thanksgiving Favorite

 Cache   

So you’ve been tasked with brining a side dish to Thanksgiving dinner and not sure what to bring? Cathy L. Cibelli, the RESA California State President shares one of her favorite Thanksgiving side dishes with us. Ingredients 2 (10 ounce) packages frozen corn kernels, thawed 1 cup heavy cream 1 teaspoon salt 2 tablespoons granulated […]

The post RESA California State President Shares a Thanksgiving Favorite appeared first on homestagingnewswire.com.


          

刘雅硕对《PRML读书会第六章 Kernel Methods》的评论

 Cache   
请问高斯核函数和样条核函数相比哪一个性能更好呢?为什么通常用的是高斯核函数而不用样条核函数呢?
          

[ubuntu] Systemctl suspend freeze the pc

 Cache   
Hi all, I'm using ubuntu 18.04.3 LTS with I3 on an MSI GS658SF laptop (kernel version 5.0.0-36-generic). If I run the command Code: --------- $ systemctl suspend ---------
          

Packages being updated to the Community tonight (26/11/2019)

 Cache   
<strong>Tonight</strong> (26/11/19-27/11/19) the following updated packages are being released:<br />
<ul><br />
<li>app-file-scan - 4 line update to enable an exclude line and exclude-dir line in file_scan.conf. Docs need updating<br />
</li><li>clamav - primarily a security update, but gives a massive start up improvement as well (4m30s down to 1m15s on one system)<br />
</li><li>yum-marketplace-plugin - repos were breaking when a Business trial downgraded to Community after 30 days<br />
</li><li>plexmediaserver to 1.18.2.2058-e67a4e892<br />
</li></ul><br />
<br />
* = the package is also being released to Business at the same time.<br />
<br />
<strong>Packages available for testing</strong><br />
<ul><br />
<li>app-kopano - update underlying Kopano package to 8.7.7. The update is complete and available for testing <strong>for anyone with a valid kopano licence only</strong>. Details are in <a href="https://www.clearos.com/clearfoundation/social/community/update-kopano,-webapp-and-z-push#reply-273551"; target="_blank">this post</a> and the preceding one. This is waiting for 8.5.8 to be pushed to general release before 8.7.5 can go into proper testing.<br />
</li><li>app-network - code merge complete. Seems to work for everything except external VLANs.<br />
</li><br />
<li>Now allows you to set up Wireless and Cellular interfaces. You will also need app-wireless to configure a NIC as an access point. Otherwise manual configuration is then needed for WiFi and Cellular devices.<br />
</li><li>I've tweaked it for kernel mode PPPoE (much faster and lower resoures). For the moment we are not forcibly converting PPPoE interfaces over, but if you edit an interface it will switch to kernel mode.<br />
</li><li>Hides irrelevant interfaces from app-network-report such as docker0, veth* and ifb*.<br />
</li><li>Numerous other changes since last 2.6.0<br />
</li><li><strong>Do not use the the update if you use VLAN's on external interfaces.</strong><br />
</li></ul><br />
<br />
Unless detailed otherwise, packages available for testing can be installed with:<br />
<pre class="line-numbers"><code class="language-markup">yum update --enablerepo=clearos-updates-testing {package-name}</code></pre><br />
<strong>Packages being worked on</strong>:<br />
<ul><br />
<li>app-storage<br />
</li><li>app-sia - In theory it worked but does not. Fixes needed. I have an idea to get it working in Gateway mode.<br />
</li></ul><br />
<br />
<strong>Big updates scheduled - fingers crossed</strong><br />
3rd Dec - Home/Business to 7.7<br />
10th Dec - Kopano 8.5.8<br />
17th Dec - Kopano 8.7.7
          

Network interface cycles Link Yes/No when DHCP client

 Cache   
Greetings,<br />
<br />
I have a handful of ClearOS 7 Community systems that occasionally will lose network connectivity on any interface. Typically it is the External one, and seems to happen more often when the interface is set to receive an IP via DHCP.<br />
<br />
Right now I have a system that is "broken", so I'm collecting data and posting here in hopes of getting to the bottom of this frustratingly random problem.<br />
<br />
This particular machine has two network adapters: one is a built-in on the Dell motherboard (enp0s25), and the other is an Intel PCIe add-on Card (p1p1):<br />
<br />
<pre class="line-numbers"><code class="language-markup"><br />
[root@system ~]# lspci -k | grep Eth -A 3<br />
00:19.0 Ethernet controller: Intel Corporation 82579LM Gigabit Network Connection (Lewisville) (rev 04)<br />
Subsystem: Dell Device 047e<br />
Kernel driver in use: e1000e<br />
Kernel modules: e1000e<br />
--<br />
01:00.0 Ethernet controller: Intel Corporation 82574L Gigabit Network Connection<br />
Subsystem: Intel Corporation Gigabit CT Desktop Adapter<br />
Kernel driver in use: e1000e<br />
Kernel modules: e1000e<br />
</code></pre><br />
<br />
<pre class="line-numbers"><code class="language-markup"><br />
root@system ~]# ifconfig<br />
enp0s25: flags=4163&lt;UP,BROADCAST,RUNNING,MULTICAST&gt; mtu 1500<br />
inet 10.5.5.1 netmask 255.255.255.0 broadcast 10.5.5.255<br />
inet6 fe80::1a03:73ff:fe3b:e05f prefixlen 64 scopeid 0x20&lt;link&gt;<br />
ether 18:03:73:3b:e0:5f txqueuelen 1000 (Ethernet)<br />
RX packets 38362474 bytes 28872594295 (26.8 GiB)<br />
RX errors 0 dropped 226 overruns 0 frame 0<br />
TX packets 47796355 bytes 56127797835 (52.2 GiB)<br />
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br />
device interrupt 20 memory 0xe1b00000-e1b20000<br />
<br />
lo: flags=73&lt;UP,LOOPBACK,RUNNING&gt; mtu 65536<br />
inet 127.0.0.1 netmask 255.0.0.0<br />
inet6 ::1 prefixlen 128 scopeid 0x10&lt;host&gt;<br />
loop txqueuelen 1000 (Local Loopback)<br />
RX packets 206246471 bytes 65738824235 (61.2 GiB)<br />
RX errors 0 dropped 0 overruns 0 frame 0<br />
TX packets 206246471 bytes 65738824235 (61.2 GiB)<br />
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br />
<br />
p1p1: flags=4163&lt;UP,BROADCAST,RUNNING,MULTICAST&gt; mtu 1500<br />
inet 192.168.0.5 netmask 255.255.255.0 broadcast 192.168.0.255<br />
inet6 fe80::6a05:caff:fe80:1082 prefixlen 64 scopeid 0x20&lt;link&gt;<br />
ether 68:05:ca:80:10:82 txqueuelen 1000 (Ethernet)<br />
RX packets 56879014 bytes 67190367287 (62.5 GiB)<br />
RX errors 0 dropped 0 overruns 0 frame 0<br />
TX packets 46920170 bytes 31030020923 (28.8 GiB)<br />
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0<br />
device interrupt 16 memory 0xe1ac0000-e1ae0000<br />
</code></pre><br />
<br />
<pre class="line-numbers"><code class="language-markup"><br />
[root@system ~]# grep IF /etc/clearos/network.conf<br />
EXTIF="p1p1"<br />
LANIF="enp0s25"<br />
DMZIF=""<br />
HOTIF=""<br />
</code></pre><br />
<br />
When I have p1p1 (external interface) set to DHCP, it will pull an address from the modem (192.168.0.1) it's connected to pretty much instantly: 192.168.0.5. However, despite receiving an address, I am unable to ping my modem/gateway (192.168.0.1) from the ClearOS box.<br />
<br />
Running `arp` results in an INCOMPLETE message for the gateway. However, tcpdump indicates that it is properly requesting and receiving a reply from the gateway indicating its address. But it doesn't seem to be entering it into the ARP table: the INCOMPLETE message never disappears, and it continues to re-request the IP for the gateway MAC, every second:<br />
<br />
<pre class="line-numbers"><code class="language-markup"><br />
23:54:14.590636 ARP, Request who-has 192.168.0.1 tell 192.168.0.5, length 28<br />
23:54:14.593611 ARP, Reply 192.168.0.1 is-at b0:b9:8a:05:e3:da, length 46<br />
23:54:15.592637 ARP, Request who-has 192.168.0.1 tell 192.168.0.5, length 28<br />
23:54:15.593598 ARP, Reply 192.168.0.1 is-at b0:b9:8a:05:e3:da, length 46<br />
</code></pre><br />
<br />
If I wait 40-100 seconds or so, it will change the Link status in the Webconfig from "Yes" to "No" for about 2 seconds, and the IP address shown in Webconfig will disappear.<br />
<br />
Running `ip monitor` during this time indicates that something is blowing the interface away in the system and re-creating it:<br />
<br />
<pre class="line-numbers"><code class="language-markup"><br />
192.168.0.1 dev p1p1 FAILED<br />
192.168.0.1 dev p1p1 FAILED<br />
192.168.0.1 dev p1p1 FAILED<br />
192.168.0.1 dev p1p1 FAILED<br />
192.168.0.1 dev p1p1 FAILED<br />
3: p1p1: &lt;BROADCAST,MULTICAST,UP,LOWER_UP&gt; mtu 1500 qdisc pfifo_fast state UP group default<br />
link/ether 68:05:ca:80:10:82 brd ff:ff:ff:ff:ff:ff<br />
Deleted fe80::/64 dev p1p1 proto kernel metric 256 pref medium<br />
Deleted 3: p1p1 inet 192.168.0.5/24 brd 192.168.0.255 scope global dynamic p1p1<br />
valid_lft 86365sec preferred_lft 86365sec<br />
Deleted 192.168.0.0/24 dev p1p1 proto kernel scope link src 192.168.0.5<br />
Deleted broadcast 192.168.0.255 dev p1p1 table local proto kernel scope link src 192.168.0.5<br />
Deleted broadcast 192.168.0.0 dev p1p1 table local proto kernel scope link src 192.168.0.5<br />
Deleted local 192.168.0.5 dev p1p1 table local proto kernel scope host src 192.168.0.5<br />
Deleted 224.0.0.22 dev p1p1 lladdr 01:00:5e:00:00:16 NOARP<br />
Deleted 1.1.1.1 dev p1p1 lladdr 00:00:00:00:00:00 PERMANENT<br />
Deleted 8.8.8.8 dev p1p1 lladdr 00:00:00:00:00:00 PERMANENT<br />
Deleted 224.0.0.251 dev p1p1 lladdr 01:00:5e:00:00:fb NOARP<br />
Deleted 192.168.0.20 dev p1p1 FAILED<br />
Deleted 192.168.0.1 dev p1p1 FAILED<br />
3: p1p1: &lt;BROADCAST,MULTICAST&gt; mtu 1500 qdisc pfifo_fast state DOWN group default<br />
link/ether 68:05:ca:80:10:82 brd ff:ff:ff:ff:ff:ff<br />
Deleted ff02::1:ff80:1082 dev p1p1 lladdr 33:33:ff:80:10:82 NOARP<br />
Deleted ff02::16 dev p1p1 lladdr 33:33:00:00:00:16 NOARP<br />
Deleted ff00::/8 dev p1p1 table local metric 256 pref medium<br />
Deleted 3: p1p1 inet6 fe80::6a05:caff:fe80:1082/64 scope link<br />
valid_lft forever preferred_lft forever<br />
Deleted local fe80::6a05:caff:fe80:1082 dev lo table local proto unspec metric 0 pref medium<br />
3: p1p1: &lt;NO-CARRIER,BROADCAST,MULTICAST,UP&gt; mtu 1500 qdisc pfifo_fast state DOWN group default<br />
link/ether 68:05:ca:80:10:82 brd ff:ff:ff:ff:ff:ff<br />
10.5.5.181 dev enp0s25 lladdr 9c:4e:36:3b:52:d0 REACHABLE<br />
ff00::/8 dev p1p1 table local metric 256 pref medium<br />
fe80::/64 dev p1p1 proto kernel metric 256 pref medium<br />
3: p1p1: &lt;BROADCAST,MULTICAST,UP,LOWER_UP&gt; mtu 1500 qdisc pfifo_fast state UP group default<br />
link/ether 68:05:ca:80:10:82 brd ff:ff:ff:ff:ff:ff<br />
3: p1p1 inet6 fe80::6a05:caff:fe80:1082/64 scope link<br />
valid_lft forever preferred_lft forever<br />
local fe80::6a05:caff:fe80:1082 dev lo table local proto unspec metric 0 pref medium<br />
3: p1p1 inet 192.168.0.5/24 brd 192.168.0.255 scope global dynamic p1p1<br />
valid_lft 86400sec preferred_lft 86400sec<br />
local 192.168.0.5 dev p1p1 table local proto kernel scope host src 192.168.0.5<br />
broadcast 192.168.0.255 dev p1p1 table local proto kernel scope link src 192.168.0.5<br />
192.168.0.0/24 dev p1p1 proto kernel scope link src 192.168.0.5<br />
broadcast 192.168.0.0 dev p1p1 table local proto kernel scope link src 192.168.0.5<br />
default via 192.168.0.1 dev p1p1<br />
192.168.0.1 dev p1p1 FAILED<br />
192.168.0.1 dev p1p1 FAILED<br />
</code></pre><br />
<br />
`/var/log/messages` tells a similar story:<br />
<br />
<pre class="line-numbers"><code class="language-markup"><br />
Nov 6 23:43:44 system kernel: e1000e: p1p1 NIC Link is Down<br />
Nov 6 23:43:45 system kernel: IPv6: ADDRCONF(NETDEV_UP): p1p1: link is not ready<br />
Nov 6 23:43:48 system kernel: e1000e: p1p1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx<br />
Nov 6 23:43:48 system kernel: IPv6: ADDRCONF(NETDEV_CHANGE): p1p1: link becomes ready<br />
Nov 6 23:43:48 system dhclient[25693]: DHCPREQUEST on p1p1 to 255.255.255.255 port 67 (xid=0x7d3b331a)<br />
Nov 6 23:43:48 system dhclient[25693]: DHCPACK from 192.168.0.1 (xid=0x7d3b331a)<br />
Nov 6 23:43:50 system dhclient[25693]: bound to 192.168.0.5 -- renewal in 42130 seconds.<br />
Nov 6 23:44:06 system dnsmasq-dhcp[1535]: DHCPINFORM(enp0s25) 10.5.5.181 9c:4e:36:3b:52:d0<br />
Nov 6 23:44:06 system dnsmasq-dhcp[1535]: DHCPACK(enp0s25) 10.5.5.181 9c:4e:36:3b:52:d0 MarkMartin<br />
Nov 6 23:44:19 system kernel: e1000e: p1p1 NIC Link is Down<br />
Nov 6 23:44:19 system kernel: IPv6: ADDRCONF(NETDEV_UP): p1p1: link is not ready<br />
Nov 6 23:44:22 system kernel: e1000e: p1p1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: Rx/Tx<br />
Nov 6 23:44:22 system kernel: IPv6: ADDRCONF(NETDEV_CHANGE): p1p1: link becomes ready<br />
</code></pre><br />
<br />
I've tried increasing my kernel logging to Debug level to try getting a handle on this problem, but haven't been able to uncover anything yet.<br />
<br />
Setting a Static IP seems to prevent it from destroying the interface constantly, but doesn't fix what seems to be an ARP issue.<br />
<br />
Can someone please point me to the next step in diagnosing this? Many thanks!
          

Mitsubishi joins consortium of 50-MW biomass power plant in Ibaraki in Japan

 Cache   
 
50-MW biomass project – planned in Ibaraki prefecture of Japan by Mitsubishi UFJ Lease & Finance and three other partners - is expected to break ground in December 2020 and commissioning scheduled for July 2023.
 
Kamisu Biomass Power Generation will be implementing the plant  - which is a joint venture between Mitsubishi UFJ, electric utility Chubu Electric Power, Solariant Capital and Bio Fuel Co.
 
Use palm kernel shells as feedstock, the biomass plant is expected to generate about 350 million kWh of clean electricity annually.
 
Sumitomo Mitsui Trust Bank has granted a loan for the upcoming biomass power plant.
 
For the latest updates on Japan’s biomass energy markets, attend CMT’s 11th Biomass Pellets Trade & Power on 11-14 May, 2020 in Tokyo.
 
Email Huiyan at huiyan@cmtsp.com.sg or call +65 6346 9113 for more details on the program.
 



Next Page: 10000

© Googlier LLC, 2019