Re: [gentoo-user] Can't fetch distfiles in chroot
On Tuesday, 24 April 2018 09:43:35 BST Peter Humphrey wrote: > On Sunday, 22 April 2018 06:13:30 BST Peter Humphrey wrote: > > I've been NFS-exporting the portage treee from a 32-bit atom box to a > > chroot on my workstation, and it's worked well for years, if slowly. > > > > Now when I try to do the same with a 64-bit celeron machine I'm having a > > problem getting portage to work. If the required distfile is already > > present, no problem, but otherwise, trying to fetch it just hangs. No > > errors, no status, no fetch log, no progress. > > > > Www-client/links works in the chroot as expected, so the network is set up > > all right; portage just can't use it. > > > > I've compared /etc/exports on the two clients; also the chroot setup > > scripts, /usr/portage permissions, the USE flags of nfs-utils and > > everything else I can think of. All identical apart from obvious things > > like 32/64 bits and network names and IPs. Google hasn't helped either. > > > > Any ideas, anyone? > > Never mind. I've rebuilt the chroot from stage 3 and it seems to be working > fine. The appearance was deceptive; all the distfiles needed must have been present already. Today, one wasn't and the fetching process hung and had to be killed. So, again, what could possibly prevent portage from seeing the network inside a chroot, while other programs use it just the same as always? -- Regards, Peter.
Re: [gentoo-user] Can't fetch distfiles in chroot
On Thu, 26 Apr 2018 08:59:22 +0100, Peter Humphrey wrote: > So, again, what could possibly prevent portage from seeing the network > inside a chroot, while other programs use it just the same as always? Are you using a proxy? -- Neil Bothwick Top Oxymorons Number 48: freewill offering pgpR0ZjlrCtVZ.pgp Description: OpenPGP digital signature
Re: [gentoo-user] Can't fetch distfiles in chroot
On Thursday, 26 April 2018 08:59:22 BST Peter Humphrey wrote: > On Tuesday, 24 April 2018 09:43:35 BST Peter Humphrey wrote: > > On Sunday, 22 April 2018 06:13:30 BST Peter Humphrey wrote: > > > I've been NFS-exporting the portage treee from a 32-bit atom box to a > > > chroot on my workstation, and it's worked well for years, if slowly. > > > > > > Now when I try to do the same with a 64-bit celeron machine I'm having a > > > problem getting portage to work. If the required distfile is already > > > present, no problem, but otherwise, trying to fetch it just hangs. No > > > errors, no status, no fetch log, no progress. > > > > > > Www-client/links works in the chroot as expected, so the network is set > > > up > > > all right; portage just can't use it. > > > > > > I've compared /etc/exports on the two clients; also the chroot setup > > > scripts, /usr/portage permissions, the USE flags of nfs-utils and > > > everything else I can think of. All identical apart from obvious things > > > like 32/64 bits and network names and IPs. Google hasn't helped either. > > > > > > Any ideas, anyone? > > > > Never mind. I've rebuilt the chroot from stage 3 and it seems to be > > working > > fine. > > The appearance was deceptive; all the distfiles needed must have been > present already. Today, one wasn't and the fetching process hung and had to > be killed. > > So, again, what could possibly prevent portage from seeing the network > inside a chroot, while other programs use it just the same as always? So, again, I went off half-cocked (sorry about the noise). The problem is that the NFS mount in the chroot picks different ports each time, so the client's firewall drops all NFS packets. Now I just have to find out why that happens. -- Regards, Peter.
Re: [gentoo-user] Kernel 4.9.95
On 04/25/2018 06:06:32 PM, Peter Humphrey wrote: As this version of gentoo-sources has now hit the stable mirrors, would anyone like to summarise the position wrt Spectre, Meltdown and anything else that's relevant? Just to help us numbskulls sleep at night. I can't say anything about that kernel since I always use the most recent kernel available, currently 4.16.4. I haven't had any problems with bleeding edge gentoo-sources. AFAIR, only work around for this hardware problems have appeared in 4.14 or 4.15. I don't know if these have been backported to 4.9.95. The other fix should be a contained in a recent version sys-kernel/linux-firmware (I have 20180416). You might have a look at http://kroah.com/log/blog/2018/01/06/meltdown-status/ https://vinfrastructure.it/2018/02/using-linux-kernel-4-15-minimize-meltdown-spectre/ https://www.zdnet.com/article/linux-4-15-good-news-and-bad-news-about-meltdown-and-spectre/ https://www.zdnet.com/article/linux-4-16-arrives-bringing-more-spectre-and-meltdown-fixes/ Helmut
Re: [gentoo-user] Kernel 4.9.95
On Thu, 26 Apr 2018 05:52:30 -0400, Helmut Jarausch wrote: > > On 04/25/2018 06:06:32 PM, Peter Humphrey wrote: > > As this version of gentoo-sources has now hit the stable > > mirrors, would anyone > > like to summarise the position wrt Spectre, Meltdown and > > anything else that's > > relevant? Just to help us numbskulls sleep at night. > > > > I can't say anything about that kernel since I always use the > most recent kernel available, currently > 4.16.4. I haven't had any problems with bleeding edge gentoo-sources. > AFAIR, only work around for this hardware problems have appeared > in 4.14 or 4.15. > I don't know if these have been backported to 4.9.95. > > The other fix should be a contained in a recent version > sys-kernel/linux-firmware (I have 20180416). > > You might have a look at > > > http://kroah.com/log/blog/2018/01/06/meltdown-status/ > https://vinfrastructure.it/2018/02/using-linux-kernel-4-15-minimize-meltdown-spectre/ > https://www.zdnet.com/article/linux-4-15-good-news-and-bad-news-about-meltdown-and-spectre/ > https://www.zdnet.com/article/linux-4-16-arrives-bringing-more-spectre-and-meltdown-fixes/ > As far as I know anything after 4.9.82 has all the fixes for meltdown/spectra which have been back ported since this is a long term release -- I am sure 4.9.95 will be even better and I will go to it myself in the next days. -- Your life is like a penny. You're going to lose it. The question is: How do you spend it? John Covici wb2una cov...@ccs.covici.com
Re: [gentoo-user] Can't fetch distfiles in chroot
On Thursday, 26 April 2018 09:07:51 BST Neil Bothwick wrote: > On Thu, 26 Apr 2018 08:59:22 +0100, Peter Humphrey wrote: > > So, again, what could possibly prevent portage from seeing the network > > inside a chroot, while other programs use it just the same as always? > > Are you using a proxy? Nope, not since I had an unlimited data allowance. -- Regards, Peter.
Re: [gentoo-user] Kernel 4.9.95
On Thu, Apr 26, 2018 at 7:57 PM, John Covici wrote: > On Thu, 26 Apr 2018 05:52:30 -0400, > Helmut Jarausch wrote: > > > > On 04/25/2018 06:06:32 PM, Peter Humphrey wrote: > > > As this version of gentoo-sources has now hit the stable > > > mirrors, would anyone > > > like to summarise the position wrt Spectre, Meltdown and > > > anything else that's > > > relevant? Just to help us numbskulls sleep at night. > > As far as I know anything after 4.9.82 has all the fixes for > meltdown/spectra which have been back ported since this is a long term > release -- I am sure 4.9.95 will be even better and I will go to it > myself in the next days. > > Does grep . /sys/devices/system/cpu/vulnerabilities/* find anything? For 4.16.3; $ grep . /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/meltdown:Not affected /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD retpoline
Re: [gentoo-user] Kernel 4.9.95
On Thursday, 26 April 2018 10:52:30 BST Helmut Jarausch wrote: > On 04/25/2018 06:06:32 PM, Peter Humphrey wrote: > > As this version of gentoo-sources has now hit the stable mirrors, > > would anyone > > like to summarise the position wrt Spectre, Meltdown and anything > > else that's > > relevant? Just to help us numbskulls sleep at night. > > I can't say anything about that kernel since I always use the most > recent kernel available, currently 4.16.4. I haven't had any problems with > bleeding edge gentoo-sources. AFAIR, only work around for this hardware > problems have appeared in 4.14 or 4.15. I don't know if these have been > backported to 4.9.95. > > The other fix should be a contained in a recent version > sys-kernel/linux-firmware (I have 20180416). The latest stable version is 20180103-r1, which is what I have here. I don't think I'll experiment with CPU microcode until it's fully tested and stable. > You might have a look at > > http://kroah.com/log/blog/2018/01/06/meltdown-status/ > https://vinfrastructure.it/2018/02/using-linux-kernel-4-15-minimize-meltdown > -spectre/ > https://www.zdnet.com/article/linux-4-15-good-news-and-bad-news-about-meltd > own-and-spectre/ > https://www.zdnet.com/article/linux-4-16-arrives-bringing-more-spectre-and-> > meltdown-fixes/ Thanks for the pointers. -- Regards, Peter.
Re: [gentoo-user] Kernel 4.9.95
On Thursday, 26 April 2018 11:13:12 BST Adam Carter wrote: > Does grep . /sys/devices/system/cpu/vulnerabilities/* find anything? # grep . /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization /sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable: Minimal generic ASM retpoline, IBPB, IBRS_FW -- Regards, Peter.
Re: [gentoo-user] Kernel 4.9.95
On Thu, Apr 26, 2018 at 8:28 PM, Peter Humphrey wrote: > On Thursday, 26 April 2018 11:13:12 BST Adam Carter wrote: > > Does grep . /sys/devices/system/cpu/vulnerabilities/* find anything? > > # grep . /sys/devices/system/cpu/vulnerabilities/* > /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI > /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user > pointer sanitization > /sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable: Minimal > generic ASM retpoline, IBPB, IBRS_FW > > FWIW on my Intel box @4.16.3 /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline, IBPB, IBRS_FW
Re: [gentoo-user] Kernel 4.9.95
On Thursday, 26 April 2018 11:43:23 BST Adam Carter wrote: > On Thu, Apr 26, 2018 at 8:28 PM, Peter Humphrey > > wrote: > > On Thursday, 26 April 2018 11:13:12 BST Adam Carter wrote: > > > Does grep . /sys/devices/system/cpu/vulnerabilities/* find anything? > > > > # grep . /sys/devices/system/cpu/vulnerabilities/* > > /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI > > /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user > > pointer sanitization > > /sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable: Minimal > > generic ASM retpoline, IBPB, IBRS_FW > > FWIW on my Intel box @4.16.3 > > /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI > /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user > pointer sanitization > /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic > retpoline, IBPB, IBRS_FW Hmm ... why is my Intel system missing 'IBPB' & 'IBRS_FW' ? $ grep . /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline Are there some kernel options I should have selected manually? -- Regards, Mick signature.asc Description: This is a digitally signed message part.
[gentoo-user] Re: APIC
On 2018-04-25 18:15, tu...@posteo.de wrote: > how can I determine, whether I have a 8-bit APIC ... or what else? Why? There was some discussion of this on the list. Some posters said there was a kernel option that made kernels deal better with 16-bit (or wider?) APICs. But, by my reading of the kernel documentation, the cited option really did and does something else. -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet and on broken lists which rewrite From, fetch the TXT record for no-use.mooo.com.
Re: [gentoo-user] Kernel 4.9.95
On Thu, Apr 26, 2018 at 11:15:23AM +0100, Peter Humphrey wrote I installed it today, having run into a few mysterious *TOTAL* lockups under 4.12.something (could not ssh in and magic-SysRQ didn't work). Anyhow, "make oldconfig" asked a couple of questions about "retpoline" and switching off user access to kernel memory under some context switches. I played safe and enabled the protections. -- Walter Dnes I don't run "desktop environments"; I run useful applications
[gentoo-user] Re: Kernel 4.9.95
On 26/04/18 14:42, Mick wrote: Hmm ... why is my Intel system missing 'IBPB' & 'IBRS_FW' ? $ grep . /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline Are there some kernel options I should have selected manually? Do you have the latest sys-firmware/intel-microcode installed and configured correctly? You need to enable the "early microcode" kernel option, and you also need to add /boot/intel-uc.img to your list of initrds to load in grub2. Alternatively, a BIOS update for your mainboard (if one exists; most older mainboards won't get updates from the likes of Asus, MSI, Gigabyte, etc, etc, etc, so for older boards, you need the microcode package.)
[gentoo-user] Re: Kernel 4.9.95
On 26/04/18 13:28, Peter Humphrey wrote: On Thursday, 26 April 2018 11:13:12 BST Adam Carter wrote: Does grep . /sys/devices/system/cpu/vulnerabilities/* find anything? # grep . /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization /sys/devices/system/cpu/vulnerabilities/spectre_v2:Vulnerable: Minimal generic ASM retpoline, IBPB, IBRS_FW That means the kernel implements the needed mitigations, except for full GCC retpoline, which requires a recent GCC (7.3.0 here.) I don't know if 6.4.0 supports it.