I'm installing Qubes 4.0.3 on a new Lenovo ThinkPad X1 Carbon Gen 8. Almost working, but still one problem described below.
The touchpad and accelerated graphics don't work on install and initial boot. Fix: "sudo qubes-dom0-update kernel-latest" (kernel 5.6.16-1) makes them work after that. Workarounds for install and initial boot: I used the trackpoint, and suffered through non-accelerated graphics. More tricky is that built-in wireless (9462) doesn't work through Xen, as noted in https://github.com/QubesOS/qubes-issues/issues/5615. Workaround: I plugged in a mini USB wireless stick (which works fine, but I presume that the built-in wireless has better range and uses less power, and I'd rather not have the USB port permanently occupied). Fix: I compiled a 5.6.16-1 kernel for sys-net with the https://lore.kernel.org/linux-wireless/[email protected]/1.1-a.txt patch. I can confirm that wireless works with this patch, and doesn't work with the same kernel without this patch. The remaining problem is that, with this kernel, the windows from sys-net (nm-applet, terminal) are unusable: expected size, expected red border from dom0, normal reaction to input, but an alternating black and green pattern of dots inside the windows rather than the expected data. Happy to take debugging suggestions; "qvm-run -a -p sys-net sh" reacts to commands normally. Below is an attempt at a HOWTO-level description of what I ended up doing to compile a patched kernel. There were some false starts, and I didn't re-test from scratch, so this might not be accurate. Some notes: * fedora-30 and fedora-32 both seem to work. fedora-32 dnf doesn't know PyYAML mentioned in https://www.qubes-os.org/doc/qubes-builder/ but this also doesn't seem to matter for the kernel (and maybe the intent is to name python3-pyyaml anyway). * I'm not sure if the extend-under-10GB-at-a-time rule is still valid for current Qubes. If not, two steps can be skipped. * qubesbuilder (now) creates rpms using zstd compression, which dom0 doesn't understand. Fix: The steps below instead select gzip -6 (w6.gzdio). I don't know if changing fc32 to fc30 or fc25 in builder.conf would work, and since both fc30 and fc25 are EOL it seems good to minimize their use. * qubes-src/linux-kernel has questionable rules for selecting linux-*.tar.gz (which fails) rather than linux-*.tar.xz. The steps below force it to always select xz, which is also conceptually wrong but at least worked for me. Someone should check the rules. ---Dan dom0: qvm-create -l black qubesbuilder qvm-prefs qubesbuilder template fedora-32 qvm-prefs qubesbuilder vcpus 8 qvm-volume extend qubesbuilder:private 10GB qvm-run -a qubesbuilder 'sleep 30; shutdown -h now' qvm-volume extend qubesbuilder:private 19GB qubesbuilder: sudo dnf install \ gnupg git createrepo rpm-build make wget rpmdevtools python3-sh dialog \ rpm-sign dpkg-dev debootstrap devscripts perl-Digest-MD5 perl-Digest-SHA gpg --import /usr/share/qubes/qubes-master-key.asc gpg --edit-key 36879494 fpr # Primary key fingerprint: 427F 11FD 0FAA 4B08 0123 F01C DDFA 1A3E 3687 9494 trust 5 y q wget https://keys.qubes-os.org/keys/qubes-developers-keys.asc gpg --import qubes-developers-keys.asc git clone https://github.com/QubesOS/qubes-builder.git cd qubes-builder git tag -v `git describe` # gpg: Good signature from "Marek ..." [full] cp example-configs/qubes-os-master.conf builder.conf sed -i 's/NO_SIGN.*/NO_SIGN=1/' builder.conf sed -i 's/BRANCH_linux_kernel.*/BRANCH_linux_kernel = v5.6.16-1-latest/' builder.conf time make get-sources # under an hour on my network connection wget https://lore.kernel.org/linux-wireless/[email protected]/1.1-a.txt openssl sha256 1.1-a.txt # SHA256(1.1-a.txt)= 2575bcad46f8c0fb0d29bd178aeaafccbebbce9a9db907e5198c1e90b5d0014b mv 1.1-a.txt qubes-src/linux-kernel/9462.patch sed -i 's/^SRC_FILE.*gz/SRC_FILE := linux-${VERSION}.tar.xz/' qubes-src/linux-kernel/Makefile sed -i 's/^Source0.*gz/Source0: linux-%{upstream_version}.tar.xz/' qubes-src/linux-kernel/kernel.spec.in sed -i '/Patch14/aPatch15: 9462.patch' qubes-src/linux-kernel/kernel.spec.in sed -i '/%define version/a%define _binary_payload w6.gzdio' qubes-src/linux-kernel/kernel.spec.in # need linux-utils first for qubes-kernel-vm-support time make linux-utils linux-kernel # over an hour dom0: dom0rpm=kernel-latest-5.6.16-1.qubes.x86_64.rpm vmrpm=kernel-latest-qubes-vm-5.6.16-1.qubes.x86_64.rpm qvm-run -p qubesbuilder "cat qubes-builder/qubes-src/linux-kernel/pkgs/dom0-fc32/x86_64/$dom0rpm" > "$dom0rpm" qvm-run -p qubesbuilder "cat qubes-builder/qubes-src/linux-kernel/pkgs/dom0-fc32/x86_64/$vmrpm" > "$vmrpm" sudo dnf install "$dom0rpm" sudo dnf install "$vmrpm" qvm-prefs sys-net kernel 5.6.16-1 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200820151606.7541.qmail%40cr.yp.to.
signature.asc
Description: PGP signature
