Re: [gentoo-user] OT scripting - strip zero if between period and digit

> > > François-Xavier > > > > > > My bad, it should be: > > sed 's/0*\([0-9][0-9]*\)/\1/g' > > (tests are indeed needed!) > Many thanks François. This is almost right, but it is also stripping zeros that follow a letter, and I only want it to strip zeros that are proceeded by a period. There are

[gentoo-user] OT scripting - strip zero if between period and digit

I need to clean up a file which has IP addresses with leading zeros in some of the octets so I need to make, say, .09 into .9 How do i do that in sed/awk/whatever?

[gentoo-user] select + middle button paste in notepadqq

I find that pasting with the middle mouse button in notepadqq pastes the contents of the clipboard, not the last selected text like in other apps. Its been reported; https://github.com/notepadqq/notepadqq/issues/456 And there is a suggestion that it may be tweakable from outside notepadqq, but

[gentoo-user] -fstack-clash-protection vs -fstack-check

The systemd priv-esc (CVE-2018-16864) got me reading gcc's man page on -fstack-clash-protection, since https://www.theregister.co.uk/2019/01/10/systemd_bugs_qualys/ claims that systems with it enabled are not vulnerable. I already have -fstack-check, however, if I try to run both, gcc 8.2

[gentoo-user] Firefox 64 binaries - LLVM6+PGO+LTO now used, faster than GCC6.4+PGO

https://www.phoronix.com/scan.php?page=news_item=Firefox-Clang-LTO-All-Platforms "Firefox nightly builds are now built with the LLVM Clang compiler on all major platforms and the Linux build in particular is also now utilizing PGO optimizations too. Faster Firefox is coming thanks to this

Re: [gentoo-user] Re: CPU upgrade and LVM questions.

On Wed, Dec 12, 2018 at 10:56 AM Dale wrote: > I agree. If you are committing international crimes, terrorism for > example, they will snoop on you and it doesn't matter much what you do or > use. If nothing else, they will put you on a super computer setup that > will crack whatever you are

Re: [gentoo-user] Re: CPU upgrade and LVM questions.

On Tue, Dec 11, 2018 at 7:49 PM Neil Bothwick wrote: > > So tell us what is your perfect country for hardware manufacturing? > > There isn't one as you can never be sure. You are presenting hope, and > maybe likelihood, as certainty when this does not exist. > Datapoint - looks like Bloomberg

Re: [gentoo-user] OT expect script question

> > Could it be that it just matches empty without waiting for anything? > Perhaps, but that would only matter if it is processing per character, not per line. I had assumed that it would not evaluate the blocks until it received an End of Line character, but I will test that assumption. Thanks

Re: [gentoo-user] RAM checks for chromium

On Wed, Dec 5, 2018 at 7:41 AM Mick wrote: > On Tuesday, 4 December 2018 19:23:27 GMT Jack wrote: > Phew! The chromium emerge completed with -j1, although it took 4 hours > longer > than last time on one PC and 6.5 hours longer on another. > For those systems it might be worth trying the

[gentoo-user] OT expect script question

In my response matching I would like to have a catch all so if nothing specific is matched I can take an action, but when I include the "*" option, it is selected even if string1 matches. From the expect man page "In the event that multiple patterns match, the one appearing first is used to select

Re: [gentoo-user] Help with dev-util/cargo blocking dev-lang/rust.

On Sun, Nov 18, 2018 at 1:55 PM Adam Carter wrote: > On Sun, Nov 18, 2018 at 1:52 PM Grant Taylor < > gtay...@gentoo.tnetconsulting.net> wrote: > >> On 11/17/2018 06:11 PM, Andrew Udvare wrote: >> > Uninstall dev-util/cargo and emerge -1 dev-lang/rust. dev-l

Re: [gentoo-user] Help with dev-util/cargo blocking dev-lang/rust.

On Sun, Nov 18, 2018 at 1:52 PM Grant Taylor < gtay...@gentoo.tnetconsulting.net> wrote: > On 11/17/2018 06:11 PM, Andrew Udvare wrote: > > Uninstall dev-util/cargo and emerge -1 dev-lang/rust. dev-lang/rust > > comes with Cargo. > > Hum. That didn't solve the problem. > Do you have

Re: [gentoo-user] Help with dev-util/cargo blocking dev-lang/rust.

> > > I also had to > > > > ln -s /usr/bin/cargo-1.30.1 /usr/bin/cargo > > > > To get things working, YMMV. > > The correct way is to run `eselect rust set 1`. There are other symlinks > besides cargo. > > That was already set for me, but i re-ran it, and atime on the symlink was reset. Thanks.

Re: [gentoo-user] Help with dev-util/cargo blocking dev-lang/rust.

> > > On 2018-11-17, at 19:24, Grant Taylor > wrote: > > > > So, will someone help me fix this cargo / rust blockage so that I can > finish my @world emerge? > > Uninstall dev-util/cargo and emerge -1 dev-lang/rust. dev-lang/rust comes > with Cargo. > > I also had to ln -s /usr/bin/cargo-1.30.1

Re: [gentoo-user] Weird compilation error (nasm)

On Thu, Nov 15, 2018 at 6:20 AM wrote: > Hi, > > its gone this evening while updateing... Yeah the nasm update was backed out Fri May 11 15:25:38 2018 >>> dev-lang/nasm-2.13.03-r1 Mon Nov 12 12:27:25 2018 >>> dev-lang/nasm-2.14 Wed Nov 14 16:31:50 2018 >>> dev-lang/nasm-2.13.03-r1

Re: [gentoo-user] Shorewall config problem

> > That is odd. I tried inserting the IPV[4,6] .config entries by hand, but > oldconfig removed them again. > I'd say those entries are deprecated and that shorewall will just need an update to make it compatible with 4.19.

[gentoo-user] Re: AMD Tonga + kernel 4.19 broken

On Thu, Nov 1, 2018 at 12:57 PM Adam Carter wrote: > For me; > > Oct 25 15:34:51 phat kernel: fbcon: amdgpudrmfb (fb0) is primary device > Oct 25 15:34:51 phat kernel: amdgpu: [powerplay] > failed to send message 148 ret is 0 > Oct 25 15:34:51 p

Re: [gentoo-user] Shorewall config problem

> > > Yep, grepped my .config archive and its gone in 4.19 so the shorewall > > ebuild (at least) will need an update. Checked bugzilla? > > > Grepping .config will only work sometimes - If its enabled it will be > there, if not it "may or may not be" > My .config hasnt changed, other than from

Re: [gentoo-user] Shorewall config problem

On Mon, Nov 12, 2018 at 9:11 PM Peter Humphrey wrote: > Morning all, > > When emerging shorewall-5.2.1.1 I get an error from the kernel settings > check: > > CONFIG_NF_CONNTRACK_IPV4: is not set when it should be. > > This is with gentoo-sources-4.19.1. And indeed there is no such kernel >

Re: [gentoo-user] libQt5Core.so.5 => not found

On Sat, Nov 10, 2018 at 3:51 PM Adam Carter wrote: > On Fri, Nov 9, 2018 at 10:33 PM wrote: > >> I'm trying to build/emerge dev-qt/qtgui-5.11.1, but I get this: >> >> # ldd >> /Net/portage_tmpdir/portage/dev-qt/qtgui-5.11.1/work/qtbase-everywhere-src-5.11.1/bin/qvk

Re: [gentoo-user] libQt5Core.so.5 => not found

On Fri, Nov 9, 2018 at 10:33 PM wrote: > I'm trying to build/emerge dev-qt/qtgui-5.11.1, but I get this: > > # ldd > /Net/portage_tmpdir/portage/dev-qt/qtgui-5.11.1/work/qtbase-everywhere-src-5.11.1/bin/qvkgen > linux-vdso.so.1 (0x7fff3ddff000) > libQt5Core.so.5 => not found

[gentoo-user] AMD Tonga + kernel 4.19 broken

For me; Oct 25 15:34:51 phat kernel: fbcon: amdgpudrmfb (fb0) is primary device Oct 25 15:34:51 phat kernel: amdgpu: [powerplay] failed to send message 148 ret is 0 Oct 25 15:34:51 phat kernel: amdgpu: [powerplay] last message was failed

Re: [gentoo-user] Inkscape failed to compile...(update from this morning)

On Sun, Oct 28, 2018 at 4:08 PM Adam Carter wrote: > On Sun, Oct 28, 2018 at 3:41 PM wrote: > >> >> Hi, >> >> while syncing/updateing my system, inkscape failed to compile: >> > > Nikos posted about cairo issue recently that revdep-rebuild didnt f

Re: [gentoo-user] Inkscape failed to compile...(update from this morning)

On Sun, Oct 28, 2018 at 3:41 PM wrote: > > Hi, > > while syncing/updateing my system, inkscape failed to compile: > Nikos posted about cairo issue recently that revdep-rebuild didnt fix. I had a similar issue with different software. In my case; emerge -1 x11-libs/cairo dev-cpp/cairomm

[gentoo-user] Re: X fails with old permissions errors

On Thu, Oct 4, 2018 at 6:28 PM Adam Carter wrote: > Since around 4 days ago X wont run, and my web searches show i'm hitting > the same sorts of issues that arose when X moved away from running as root. > FYI, this was fixed by rebuilding pam. I needed to reboot after th

[gentoo-user] X fails with old permissions errors

Since around 4 days ago X wont run, and my web searches show i'm hitting the same sorts of issues that arose when X moved away from running as root. In strace, i see; $ grep Permi startx11.out 319 setpriority(PRIO_PROCESS, 320, -1) = -1 EACCES (Permission denied) 320 openat(AT_FDCWD,

Re: [gentoo-user] Trouble on the horizon!

> Whatever SJWs touch, DIES. What do you think will be the outcome in this case? What will die and what be the indicator of death? > > > https://www.youtube.com/watch?v=v5VvJiNUCIA > > https://itsfoss.com/linux-code-of-conduct/ > >

[gentoo-user] OT: Noteworthy change in the way Chrome logs in

From: https://blog.cryptographyengineering.com/2018/09/23/why-im-leaving-chrome/ "A few weeks ago Google shipped an update to Chrome that fundamentally changes the sign-in experience. From now on, every time you log into a Google property (for example, Gmail), Chrome will automatically *sign the

Re: [gentoo-user] Rebuilding a kernel on a hardened gentoo

On Wed, Sep 12, 2018 at 5:59 PM Stefan G. Weichinger wrote: > Am 11.09.18 um 12:54 schrieb Mick: > > > Probably because you need a later version of gcc to compile the newer > kernel > > with. > > I already installed gcc-6.4.0 and 7.3.0 some times ago. These should be > modern enough? > Yep

Re: [gentoo-user] /boot filesystem, SSDs, TRIM

> > The other question is why use GRUB on a modern system? UEFI boot managers > are far simpler to work with than GRUBs monster configuration file and in > that case it makes sense to combine /boot with the ESP and use VFAT for > it. > I couldn't grok the Gentoo UEFI setup instructions before

Re: [gentoo-user] /boot filesystem, SSDs, TRIM

> > How often are you writing to /boot anyways? Journalling is of little > benefit in that case, and imposes more wear+tear on SSD drives. Or is > it possible to turn off journaling for one partition under ext4? > I review the Changlog on every point release and update the kernel if there's

Re: [gentoo-user] Re: Update circle

> > The machine is actually a server, which just sat in a corner doing its > job perfectly. That's one of the reasons it wasn't updated: if it ain't > broken, don't fix it. > Any system that is not getting software updates is broken to some degree, just in a subtle way. Trimming your

[gentoo-user] /boot filesystem, SSDs, TRIM

For a long time people recommended ext2 for /boot. The Gentoo wiki still does. Is there any compelling reason to use ext2 for /boot (on a system whose other filesystems are ext4) these days? AFAIK for systems that have /boot on an SSD, ext4 makes more sense due to discard support, and for non-SSD

Re: [gentoo-user] python-3.6.5 rebuild fails on new install

> > I just tried with MAKEOPTS="-j1" and got the same failure output at > the same place. I normally run with the number equal to the number of > cores. On this notebook MAKEOPTS="-j2". Are there any other > memory-conserving tweaks available? > I guess you've stopped all the non-essential

Re: [gentoo-user] x86.c:(.text+0xb2): undefined reference to `l1tf_vmx_mitigation' with linux kernel 4.18.1

On Fri, Aug 17, 2018 at 1:15 PM, wrote: > Hi, > > CPU bugs seem to be more and more common: > https://www.heise.de/security/meldung/Linux-Kernel-und- > Distributionen-schuetzen-vor-Prozessorluecke-Foreshadow-L1TF-4137264.html > https://www.heise.de/security/meldung/Spectre-NG-Foreshadow- >

Re: [gentoo-user] Thunderbird 60

> > Is this the access you refer to? > > > https://gitweb.gentoo.org/proj/mozilla.git > > Yep, that's it. If you want to try it you'll want to emerge layman https://wiki.gentoo.org/wiki/Ebuild_repository#Layman More bleeding edge than ~arch, so keep that in mind.

Re: [gentoo-user] Thunderbird 60

> > Anyone early tested Thunderbird-60? > Yes, the mozilla overlay has it. Works.

Re: [gentoo-user] Firefox crashes on some www-pages on a newer Gentoo system

> > > I would do something like 'emerge -1 xorg-server xorg-drivers > > @x11-module-rebuild mesa llvm clang' then restart X and try again. > > Thank you for your reply. > > Initially, I understood the above recomendation as the suggestion to > rebuild the packages mentioned above with different

Re: [gentoo-user] Firefox crashes on some www-pages on a newer Gentoo system

> > > It even more strengthens my impression than I should first > > play with reconfiguring the kernel. > > I have loaded the new Gentoo system using the kernel from the old one > with no change in Firefox behaviour on https://www.privat24.ua/#login > page: it crashed as was described before. > >

Re: [gentoo-user] Firefox & ALSA

> > Does anyone know of a reason why this would happen? > Is firefox built with pulseaudio? If so, check the pavucontrol settings too (media-sound/pavucontrol) Perhaps VLC is talking directly to ALSA, but firefox is talking to pulseaudio to get to ALSA, and there's an issue with pulse

Re: [gentoo-user] syncing via via git and signature failure

On Wed, Jul 4, 2018 at 1:16 PM, Bill Kenworthy wrote: > I am using git to sync portage and have added the enabling line to > repos.conf: > > "sync-git-verify-commit-signature = true" > > but only ever get (been enabled for a week now): > > * Using keys from

Re: [gentoo-user] Change keyserver used by portage?

> > Since you know the server IPs, and there's only a small number so you > could try connection to each of them and see which one(s) fail. > > Or tcpdump, or netstat etc. > FWIW i can route to all the v4 addresses; # for i in 18.9.60.141 18.191.65.131 37.191.226.104 92.43.111.21 193.164.133.100

Re: [gentoo-user] Change keyserver used by portage?

Yes. That is how the pool URL works. It does some sort of load-balancing via > DNS resolution. That's why it has so many addresses. I am well aware of the /etc/hosts hack, but it's an ugly work-around. I'd > rather be able to configure portage itself to use a different pool or a > specific >

Re: [gentoo-user] Change keyserver used by portage?

> > > Anyone one know how I can change the keyserver address used by > portage? I > > > keep getting "no route to host" for hkps.pool.sks-keyservers.net when > I > > > sync. > > What are you trying to do? Find the command being run and run it > > manually while specifying --keyserver. Also file a

[gentoo-user] Using kconfig-hardened-check.py - no sound

I have used the kernel config checking script from https://github.com/a13xp0p0v/kconfig-hardened-check/blob/master/kconfig-hardened-check.py on three systems. Two are fine, but one has lost audio. The driver is loaded, but aplay -L and /dev/snd are missing devices. Here's the changes in the new,

Re: [gentoo-user] AMD microcode problem - Fam15h ( FYI )

> > I should have clarified ... the '-mno-lwp' was added as a result of the > comparison of the two /proc/cpuinfo files. I was very curious about WHAT > exactly the microcode update did. > > The CPU I am using is a FX-9590. > > Question : Is there a PSP in your CPU? > According to libreboot, only

Re: [gentoo-user] AMD microcode problem - Fam15h ( FYI )

> > > For me dmesg says; > > [1.538275] microcode: CPU0: patch_level=0x06000852 > > > > but i still have lwp in /proc/cpuinfo. Are you at 0x06000852 ? > . > This is my dmesg output : > . > [1.111448] microcode: microcode updated early to new > patch_level=0x06000852 > Ok then it looks

Re: [gentoo-user] [Maybe OT]: Instability of system

> > > Could be. I bought CPU only a month or so after release. > > Initially thought it was an enlightenment desktop issue but have > > reproduced on KDE and xfce. It happens usually when doing something > > quite simple like clicking on a Window to minimise or just in a > > terminal. Nothing

Re: [gentoo-user] AMD microcode problem - Fam15h ( FYI )

On Thu, May 24, 2018 at 12:31 PM, Corbin Bird wrote: > FYI : > > Did the microcode update, compiled and installed the 4.9.101 kernel with > it. > After rebooting, I started having kernel hard lock problems. > > Before compiling / installing kernel 4.9.102, I made an

[gentoo-user] new spectre v4 info in /sys/devices/system/cpu/vulnerabilities/ in 4.16.11

AMD fam10/barcelona; /sys/devices/system/cpu/vulnerabilities/meltdown:Not affected /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Not affected /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization

Re: [gentoo-user] Where are the AMD microcode updates for spectre?

On Tue, May 22, 2018 at 2:47 PM, taii...@gmx.com wrote: > The fam15h microcode update adds IBPB > > * Indirect Branch Prediction Barrier (IBPB) > * PRED_CMD MSR is available: YES > * CPU indicates IBPB capability: YES (IBPB_SUPPORT feature bit) > My fam15 with

Re: [gentoo-user] Where are the AMD microcode updates for spectre?

How often does the linux-firmware package update? On a schedule or as > needed? > There's a version bump request bug in for these and new AMDGPU firmware. Hopefully it will get processed quickly. https://bugs.gentoo.org/656136

Re: [gentoo-user] [Maybe OT]: Instability of system

On Mon, May 21, 2018 at 8:35 AM, Dale wrote: > Alan Mackenzie wrote: > > Hello, Gentoo. > > > > I'm having problems with my machine hanging or rebooting spontaneously. > > It's doing this, perhaps, every three or four weeks. I think that when > > I'm in X, the system

Re: [gentoo-user] Where are the AMD microcode updates for spectre?

> > > This has indeed been pretty frustrating. > > As far as I can tell there is no official AMD microcode update page, or any > kind of official release notes. I'm not sure where linux-firmware actually > gets the microcode files from (I'm sure they wouldn't load if they weren't > genuine

Re: [gentoo-user] which microcode gets loaded?

> > Now two question came up for me: >> 1.) WIth this particular micorcode loaded: Do I need to activate >> the Spectre/Meldtown fix in the kernel itsself? >> > > AFAIK there are no fixes that rely on microcode in the kernel yet. The > non-microcode dependent fixes need to be enabled. > > To

Re: [gentoo-user] which microcode gets loaded?

On Mon, May 14, 2018 at 1:39 PM, wrote: > Hi, > > from a previous thread I learned which micorcode file needs > to be loaded for the "fight against Spectre and Melddown"... > > Now two question came up for me: > 1.) WIth this particular micorcode loaded: Do I need to activate >

Re: [gentoo-user] Where are the AMD microcode updates for spectre?

Gentoo does have the newer microcode blobs stashed on a server ( > somewhere ). > > That does pull in the blobs for : > > Fam10h ( microcode_amd.bin ) > > Fam15h ( microcode_amd_fam15h.bin ) > > Fam16h ( microcode_amd_fam16h.bin ) > > Fam17h ( microcode_amd_fam17h.bin ) These files haven't

Re: [gentoo-user] Conflicts

On Sun, Apr 29, 2018 at 6:37 PM, Klaus Ethgen wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > Hi, > > on all machines, I have installed now with gentoo, I get the following > conflict: >dev-libs/libsodium:0 > >

Re: [gentoo-user] Kernel 4.9.95

On Thu, Apr 26, 2018 at 8:28 PM, Peter Humphrey <pe...@prh.myzen.co.uk> wrote: > On Thursday, 26 April 2018 11:13:12 BST Adam Carter wrote: > > Does grep . /sys/devices/system/cpu/vulnerabilities/* find anything? > > # grep . /sys/devices/system/cpu/vulnerabilities/* >

Re: [gentoo-user] Kernel 4.9.95

On Thu, Apr 26, 2018 at 7:57 PM, John Covici wrote: > On Thu, 26 Apr 2018 05:52:30 -0400, > Helmut Jarausch wrote: > > > > On 04/25/2018 06:06:32 PM, Peter Humphrey wrote: > > > As this version of gentoo-sources has now hit the stable > > > mirrors, would anyone > > > like

Re: [gentoo-user] Dell Precision Workstation Overheating

On Fri, Apr 20, 2018 at 11:22 AM, R0b0t1 wrote: > I was compiling Gentoo, as is custom, but found my old new server to > be thermal cycling wildly. The fans will turn on full blast and > machine check errors will be generated if I use approximately more > than one third to half

Re: [gentoo-user] Re: x11-drivers/nvidia-drivers-391+ does not support latest GPU?

> I think of security incidents like meltdown/spectre for example... > LTS kernels are maintained, so they get all the required patches.

[gentoo-user] List of Intel CPUs that wont get Meltdown/Spectre fixes

https://newsroom.intel.com/wp-content/uploads/sites/11/2018/04/microcode-update-guidance.pdf From https://www.theregister.co.uk/2018/04/04/intel_spectre_microcode_updates/ "The new guidance , issued

Re: [gentoo-user] Gentoo Hardened vs Kali Linux

> > I want to learn from scratch securing Linux and ethical hacking. Should I >> do as the most people so install Kali Linux on virtual machine or install >> Gentoo Hardened with Pentoo overlay on my PC? I heard a lot of negative >> opinions about Kali Linux. >> > If you haven't installed and

Re: [gentoo-user] Gentoo Hardened vs Kali Linux

Do people actually dual boot with pentesting distros? I was always > under the impression you were supposed to load it from removable > storage Blackhats would load from removable storage, but I imagine whitehats would prefer a stable setup with easy retention of info.

Re: [gentoo-user] Firefox and addons no longer supported question

On Sat, Mar 31, 2018 at 9:28 AM, Dale wrote: > Howdy, > > I been holding off on upgrading Firefox. Basically, it breaks addons > that I just can't go without. Tab groups and some other tab utilities > are among them. I recently updated temporarily to see just what was >

Re: [gentoo-user] Re: A new AMD CPU weakness?

https://community.amd.com/community/amd-corporate/blog/2018/03/20/initial-amd-technical-assessment-of-cts-labs-research tl:dr bios updates to come

Re: [gentoo-user] A new AMD CPU weakness?

On Wed, Mar 14, 2018 at 3:16 PM, Adam Carter <adamcart...@gmail.com> wrote: > On Wed, Mar 14, 2018 at 12:32 PM, Philip Webb <purs...@ca.inter.net> > wrote: > >> 180313 Ian Zimmerman wrote: >> > https://v.gd/PZkiuR >> > Does anyone know more details? &g

Re: [gentoo-user] A new AMD CPU weakness?

On Wed, Mar 14, 2018 at 12:32 PM, Philip Webb wrote: > 180313 Ian Zimmerman wrote: > > https://v.gd/PZkiuR > > Does anyone know more details? > > See LWN. It is being described as a scam by people shorting AMD stock. Dan Guido / Trail of Bits was paid to review the

Re: [gentoo-user] Re: repair FAT-fs

> > > [10930894.488038] sd 8:0:0:0: [sdb] tag#0 FAILED Result: > hostbyte=DID_ERROR driverbyte=DRIVER_SENSE > > [10930894.488041] sd 8:0:0:0: [sdb] tag#0 Sense Key : Hardware Error > [current] > > [10930894.488043] sd 8:0:0:0: [sdb] tag#0 Add. Sense: No additional > sense information > >

Re: [gentoo-user] [OT] ca-certificate to domain-name mapping question

On Monday, March 5, 2018, Walter Dnes wrote: > app-misc/ca-certificates splatters a bunch of files all over the > place. Question... is there a utility to figure out which domains any > particular certificate covers > A ca certificate may sign any domain cert, and new

Re: [gentoo-user] Re: Printer

Happy with my OfficeJet Pro 8620.

[gentoo-user] some spectre v1 code in 4.15.2

$ grep . /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline

Re: [gentoo-user] rust 1.23.0 fails to install

> > > Maybe a resync for dev-lang/rust-1.23.0-r1::gentoo helps. But > > before you emerge, be aware of bug #646092 [1] (where I also ran > > into). For me [2] solves the described issue. > > > > > > References: > > - [1] > > - [2]

[gentoo-user] gcc 7.3 + kernel 4.15 = spectre_v2 fixed

Comparing the contents of /sys/devices/system/cpu/vulnerabilities/spectre_v2 With gcc 7.2 + kernel 4.14.15; Intel system shows; Vulnerable: Minimal generic ASM retpoline AMD system shows: Vulnerable: Minimal AMD ASM retpoline With gcc 7.3 + kernel 4.15.0; Intel system shows; Mitigation: Full

Re: [gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

> > > $ cat /sys/devices/system/cpu/vulnerabilities/meltdown > > Not affected > > Aha. > > matica!1 ~$ cat /sys/devices/system/cpu/vulnerabilities/meltdown > Not affected > matica!2 ~$ uname -r > 4.9.78 > > I guess these patches will be trickling down for a long time yet. > Good to see. Seems

Re: [gentoo-user] kernel 4.9.77 error segfault in compile.

On Tue, Jan 23, 2018 at 2:51 AM, Corbin Bird wrote: > Anyone else getting this error? ( kernel 4.9.77 ) > > > CC fs/ext4/mballoc.o > > CC fs/ext4/block_validity.o > > CC fs/ext4/move_extent.o > > CC fs/ext4/mmp.o > > CC

Re: [gentoo-user] udisks doesn't find libblockdev

On Sun, Jan 21, 2018 at 2:40 PM, wrote: > I read the oracle as follows: > > udisks wants libblockdev version egual or greater 2.14 with "crypt" > USE flag set. > > libblockdev itsself is installed with version 2.15, which is "equal or > greater 2.14" and with cryptsetup

Re: [gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

On Fri, Jan 19, 2018 at 9:17 AM, Ian Zimmerman wrote: > > matica!13 linux$ dmesg | fgrep -i phenom > [0.603608] smpboot: CPU0: AMD Phenom(tm) II X4 955 Processor > (family: 0x10, model: 0x4, stepping: 0x3) > > Looking at the kernel source (for 4.9.77), the flag is

Re: [gentoo-user] OT awk question

On Wed, Jan 17, 2018 at 6:16 PM, Alexander Kapshuk < alexander.kaps...@gmail.com> wrote: > On Wed, Jan 17, 2018 at 3:49 AM, Adam Carter <adamcart...@gmail.com> > wrote: > > I'm using this to grab a section of text across multiple lines, how do i > get > >

Re: [gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

> > On my fam10/barcelona; > cat /sys/devices/system/cpu/vulnerabilities/meltdown > Not affected > > Ian. which CPU do you have?

Re: [gentoo-user] Re: Kernel 4.14.14 has meltdown / spectre info in /sys

> So has 4.9.77, but it's dumb: > > > > matica!3 ~$ cat /sys/devices/system/cpu/vulnerabilities/meltdown > > Vulnerable > > matica!4 ~$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v1 > > Vulnerable > > matica!5 ~$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2 > > Vulnerable:

[gentoo-user] Kernel 4.14.14 has meltdown / spectre info in /sys

Nice; $ ls /sys/devices/system/cpu/vulnerabilities/ meltdown spectre_v1 spectre_v2 $ cat /sys/devices/system/cpu/vulnerabilities/meltdown Mitigation: PTI $ cat /sys/devices/system/cpu/vulnerabilities/spectre_v1 Vulnerable $ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2 Vulnerable:

[gentoo-user] OT awk question

I'm using this to grab a section of text across multiple lines, how do i get it to exit after the first match? awk '/foo/,/bar/'

Re: [gentoo-user] Microcode updates for "old" Intel CPU's

> They're new in general - they first appeared last week and they're > being treated as if they're related to Spectre. I've yet to see any > kind of official release of them, but that seems to be par for the > course for AMD the more I hunt around for documentation. It seems > like Suse first

Re: [gentoo-user] Microcode updates for "old" Intel CPU's

> > If somebody actually sees anything official from AMD clearly giving a > checklist for Spectre remediation I'm all ears. To its credit, Intel > at least published one of those (even if it amounts to "pound sand" > for older CPUs). > AMD have revised their guidance on Variant 2 from "near zero

Re: [gentoo-user] OT: cleanup after USB backup drive unplugged?

> > I replaced it with a USB3 drive, so I needed to update the udev rules > that automatically mount it and then "umount" it when it's removed. > Pretty sure you'd risk filesystem corruption by not umounting before you remove the device. Did it used for force an fsck on each mount because the

Re: [gentoo-user] Is sys-firmware/intel-microcode-20180108 complete?

> It looks as though my CPU hasn't been fixed yet. Is that right? >> > > That's odd - i wonder why the checksum of the file changed; > > # grep 06-3f-02 intel-firmware-md5s-9jan2018.txt > intel-firmware-md5s-10jan2018.txt > intel-firmware-md5s-9jan2018.txt:194c362f2c45d8a45e2ab58d5f2c9749 >

Re: [gentoo-user] Is sys-firmware/intel-microcode-20180108 complete?

On Wed, Jan 10, 2018 at 10:01 PM, Peter Humphrey wrote: > I've just gone through the procedure to update the microcode on this > haswell > i7 box, but the version is the same now as before today's portage update. > On > looking again at the output of 'emerge

[gentoo-user] FYI new sys-firmware/intel-microcode

On ~amd64 sys-firmware/intel-microcode-20180108 just came through. The checksum on every file in /lib/firmware/intel-ucode/ has changed with this update. My skylake system went from; microcode: sig=0x406e3, pf=0x80, revision=0xba to microcode: sig=0x406e3, pf=0x80, revision=0xc2

Re: [gentoo-user] microcode applied?

> > Hopefully there's an equivalent for AMD. > Here's what I came up with. This is very hacky and unreliable, but get the CPUID with; cpuid -r | grep "0x0001 0x00" | awk '{ print $3}' | uniq | cut -d x -f 3 then grab MCE (thanks Max for the suggestion) from

Re: [gentoo-user] microcode applied?

> > > The Device Drivers section is exactly where the microcode is included. > > CONFIG_EXTRA_FIRMWARE is the relevant symbol. > > Right. So which of the 95 files under /lib/firmware/intel-ucode do I > specify? That's in addition to the 14 files I have for my amdgpu. > > For intel; iucode_tool -L

Re: [gentoo-user] microcode applied?

On Mon, Jan 8, 2018 at 9:14 PM, Peter Humphrey wrote: > On Monday, 8 January 2018 04:55:58 GMT Max Zettlmeißl wrote: > > > You can either use an initrd or build the microcode into your kernel > > image. I prefer the latter. > > I'm confused now. How do you build the

Re: [gentoo-user] microcode applied?

On Mon, Jan 8, 2018 at 3:55 PM, Max Zettlmeißl wrote: > > The contents of cpuinfo is the same as the messages in dmesg. What does > that > > imply? > > Your BIOS or EFI might already install the same version or a later > version than what the microcode package provides.

Re: [gentoo-user] Microcode updates for "old" Intel CPU's

On Mon, Jan 8, 2018 at 7:46 AM, taii...@gmx.com wrote: > I have several sandy/ivybridge CPU's and I was wondering if anyone knows > as to if intel is releasing microcode updates for them. > Its been reported they said they will "provide firmware updates by the end of next week

Re: [gentoo-user] microcode applied?

> > The easiest way to check whether the microcode update was applied > correctly would be to check the microcode version in /proc/cpuinfo > The contents of cpuinfo is the same as the messages in dmesg. What does that imply?

[gentoo-user] microcode applied?

Does the absence of a "microcode updated" message in dmesg imply that the microcode was not updated? I believe my fam10/barcelona AMD CPU will use amd-ucode/microcode_amd.bin but there's no update message. I've checked the config against another system that works and cant see any errors. Is

Re: [gentoo-user] Re: Spectre and Meltdown summary

Here's a nice non-expert explanation of Meltdown https://medium.com/@pwnallthethings/time-travelling-exploits-with-meltdown-1189548f1e1d

Re: [gentoo-user] Re: Expect a ~15% average slowdown if you use an Intel processor

> > > So, HAVE_EBPF_JIT=y just means that BPF JIT _can_ be done on x86. There > > is a separate BPF_JIT setting to actually enable it. > > Well, that doesn't seem to be present here. Just the HAVE_ symbol. Careful, there's BPF and EBPF. $ zgrep BPF /proc/config.gz CONFIG_CGROUP_BPF=y

Re: [gentoo-user] Re: Expect a ~15% average slowdown if you use an Intel processor

> > The settings relevant to Spectre are: > CONFIG_BPF_JIT - this being set to y is enough to make Intel > processors vulnerable to variant 1/2. This being set to y is > necessary, but not sufficient, for making AMD vulnerable to variant 1. > net.core.bpf_jit_enable - this being set to 1 along

<    1   2   3   4   5   6   7   8   9   10   >