linuxboot
Nitrokey board cleaning+ unification cleanup (enable htop validated autoboot + tethering)
Edit: UX changes related to this PR state in pictures.
NS50/NV41:
- Fixed nitropad-x shared linux config to not have technological debt vs other linux configs under tree (librem config/x230 config received a lot of time for those optimizations, which nitropads were not benefiting)
- no more time wasted building modules that are never included in modules.cpio
- cpu optimization enablement for randomization and kernel crypto backend
- Tethering modules inclusion (25kb cost, next steps is use it to sync time from GUI)
- enable better/disable inefficient crypto algos since kernel is used as crypto backend for cryptsetup
- ... (so much more from past merged pr)
- fixed nv41/ns50 coreboot configs to reflect currently used oldconfig (see commit for replication notes with helpers)
qemu//nitropads:
- board config uniformization between nitropad/x230/qemu boards, which should be considered reference boards, making it clear what does what until someone gets funds to switch to Kconfig or something.
@daringer : testing notes under commit. Running this on my nv41: all good. Please approve and use master's commit for your tests/next version.
Todo: firmware upg from zip+ TPMTOTP/HOTP reseal + TPM DUK reseal + TPM DUK based boot + network-init-recovery(usb network tethering+ time sync [auto])
- [x] nv41
- [x] x230-hotp-maximized
- [x] qemu-coreboot-tpm2-hotp
- [x] qemu-coreboot-tpm1-hotp
- [ ] ns50
No regression discovered, all good for tests specified in OP. @daringer : ready for your ns50 initial test, redo of nv41.
@tlaurion @daringer NS70 (which is the same board as the ns50) tests :
:heavy_check_mark: heads upgrade to this zip :heavy_check_mark: OEM factory reset :heavy_check_mark: reset TPM :heavy_check_mark: refresh TOTP/HOTP :x: network-init-recovery (no internet interface detected) (Ethernet cable connected)
@tlaurion @daringer NS70 (which is the same board as the ns50) tests :
:heavy_check_mark: heads upgrade to this zip :heavy_check_mark: OEM factory reset :heavy_check_mark: reset TPM :heavy_check_mark: refresh TOTP/HOTP :x: network-init-recovery (no internet interface detected) (Ethernet cable connected)
@alexgithublab not sure what this means. The instructions on screen have been followed? Connect phone when requested (phone in host mode needs to detect data not just power, requiring heads tethering drivers to be loaded prior of phone possibly permitting to activate USB network tethering, and then heads setups tethering against phone). If not, the behavior you see is normal?
Different behavior then nv41?
Ok, leaving traces here which gives some input to give insights on what is happening under development cycles for https://github.com/Nitrokey/libnitrokey/issues/137 specifically https://github.com/Nitrokey/libnitrokey/issues/137#issuecomment-2061838337 comment:
user@heads-tests-deb12:~/heads$ make BOARD=qemu-coreboot-whiptail-tpm2-hotp PUBKEY_ASC=~/pubkey.asc inject_gpg && make BOARD=qemu-coreboot-whiptail-tpm2-hotp USB_TOKEN=Nitrokey3NFC PUBKEY_ASC=~/pubkey.asc ROOT_DISK_IMG=~/QubesIncoming/heads-tests/root.qcow2 run
2024-04-17 16:07:38-04:00 INSTALL-MODULE drivers/net/ethernet/intel/e1000/e1000.ko
2024-04-17 16:07:38-04:00 INSTALL-MODULE drivers/usb/host/uhci-hcd.ko
2024-04-17 16:07:38-04:00 INSTALL-MODULE drivers/usb/host/ohci-hcd.ko
2024-04-17 16:07:38-04:00 INSTALL-MODULE drivers/usb/host/ohci-pci.ko
2024-04-17 16:07:38-04:00 INSTALL-MODULE drivers/usb/host/ehci-hcd.ko
2024-04-17 16:07:38-04:00 INSTALL-MODULE drivers/usb/host/ehci-pci.ko
2024-04-17 16:07:38-04:00 INSTALL-MODULE drivers/usb/host/xhci-hcd.ko
2024-04-17 16:07:38-04:00 INSTALL-MODULE drivers/usb/host/xhci-pci.ko
2024-04-17 16:07:38-04:00 INSTALL-MODULE drivers/usb/storage/usb-storage.ko
2024-04-17 16:07:38-04:00 SYMLINK bin/busybox
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/kexec-tools-2.0.26/build/sbin/kexec
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/tpmtotp-4d63d21c8b7db2e92ddb393057f168aead147f47/totp
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/tpmtotp-4d63d21c8b7db2e92ddb393057f168aead147f47/hotp
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/tpmtotp-4d63d21c8b7db2e92ddb393057f168aead147f47/qrenc
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/tpmtotp-4d63d21c8b7db2e92ddb393057f168aead147f47/util/tpm
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/pciutils-3.5.4/lspci
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/flashrom-1776bb46ba6ea3d1ab2ec3f0cd88158aabed7400/flashrom
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/cryptsetup-2.3.3/.libs/cryptsetup
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/cryptsetup-2.3.3/.libs/cryptsetup-reencrypt
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/cryptsetup-2.3.3/.libs/veritysetup
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/gnupg-2.4.0/g10/gpg
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/gnupg-2.4.0/agent/gpg-agent
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/gnupg-2.4.0/scd/scdaemon
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/pinentry-1.1.0/tty/pinentry-tty
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/lvm2.2.02.168/tools/dmsetup
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/lvm2.2.02.168/tools/lvm
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/dropbear-2016.74/ssh
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/dropbear-2016.74/scp
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/dropbear-2016.74/dropbear
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/flashtools-d1e6f12568cb23387144a4b7a6535fe1bc1e79b1/flashtool
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/flashtools-d1e6f12568cb23387144a4b7a6535fe1bc1e79b1/peek
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/flashtools-d1e6f12568cb23387144a4b7a6535fe1bc1e79b1/poke
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/flashtools-d1e6f12568cb23387144a4b7a6535fe1bc1e79b1/cbfs
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/flashtools-d1e6f12568cb23387144a4b7a6535fe1bc1e79b1/uefi
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/newt-0.52.20/whiptail
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/hotp-verification-8a1f125aaf678a5f435374d9f4541a6dff317243/hotp_verification
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/hotp-verification-8a1f125aaf678a5f435374d9f4541a6dff317243/hotp_initialize
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/msrtools-572ef8a2b873eda15a322daa48861140a078b92c/wrmsr
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/msrtools-572ef8a2b873eda15a322daa48861140a078b92c/rdmsr
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/msrtools-572ef8a2b873eda15a322daa48861140a078b92c/cpuid
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/tpm2-tools-5.2/tools/tpm2
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/bash-5.1.16/bash
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/zstd-1.5.5/programs/zstd-decompress
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/e2fsprogs-1.47.0/misc/mke2fs
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/exfatprogs-1.2.1/fsck/fsck.exfat
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/exfatprogs-1.2.1/mkfs/mkfs.exfat
2024-04-17 16:07:40-04:00 MAKE cbmem
make[1]: Entering directory '/home/user/heads/build/x86/coreboot-4.22.01/util/cbmem'
make[1]: Nothing to be done for 'all'.
make[1]: Leaving directory '/home/user/heads/build/x86/coreboot-4.22.01/util/cbmem'
2024-04-17 16:07:40-04:00 INSTALL-BIN build/x86/coreboot-4.22.01/util/cbmem/cbmem
2024-04-17 16:07:40-04:00 INSTALL-LIB crossgcc/x86/x86_64-linux-musl/lib/libc.so
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/cryptsetup-2.3.3/.libs/libcryptsetup.so.12
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/json-c-0.14/build/libjson-c.so.5
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/libassuan-2.5.5/src/.libs/libassuan.so.0
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/libgcrypt-1.10.1/src/.libs/libgcrypt.so.20
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/libgpg-error-1.46/src/.libs/libgpg-error.so.0
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/libksba-1.6.3/src/.libs/libksba.so.8
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/libusb-1.0.21/libusb/.libs/libusb-1.0.so.0
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/lvm2.2.02.168/libdm/libdevmapper.so.1.02
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/mbedtls-2.4.2/library/libmbedcrypto.so.0
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/newt-0.52.20/libnewt.so.0.52
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/npth-1.6/src/.libs/libnpth.so.0
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/openssl-3.0.8/libcrypto.so.3
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/pciutils-3.5.4/lib/libpci.so.3.5.4
2024-04-17 16:07:40-04:00 INSTALL-LIB install/x86/lib/libpci.so.3
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/popt-1.19/src/.libs/libpopt.so.0
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/qrencode-3.4.4/.libs/libqrencode.so.3
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/slang-2.3.1a/src/elfobjs/libslang.so.2
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/tpm2-tss-3.2.0/src/tss2-rc/.libs/libtss2-rc.so.0
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/tpm2-tss-3.2.0/src/tss2-mu/.libs/libtss2-mu.so.0
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/tpm2-tss-3.2.0/src/tss2-sys/.libs/libtss2-sys.so.1
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/tpm2-tss-3.2.0/src/tss2-esys/.libs/libtss2-esys.so.0
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/tpm2-tss-3.2.0/src/tss2-tcti/.libs/libtss2-tctildr.so.0
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/tpm2-tss-3.2.0/src/tss2-tcti/.libs/libtss2-tcti-device.so.0
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/tpm2-tss-3.2.0/src/tss2-tcti/.libs/libtss2-tcti-pcap.so.0
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/tpmtotp-4d63d21c8b7db2e92ddb393057f168aead147f47/libtpm/libtpm.so
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/util-linux-2.29.2/.libs/libuuid.so.1
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/util-linux-2.29.2/.libs/libblkid.so.1
2024-04-17 16:07:40-04:00 INSTALL-LIB build/x86/zlib-1.2.11/libz.so.1
2024-04-17 16:07:40-04:00 INSTALL boards/qemu-coreboot-whiptail-tpm2-hotp/qemu-coreboot-whiptail-tpm2-hotp.config
2024-04-17 16:07:40-04:00 HASH 1b35b9fabbbd02d6e34e7dce7eb30d58efdcccf3 clean qemu-coreboot-whiptail-tpm2-hotp
2024-04-17 16:07:40-04:00 CPIO build/x86/qemu-coreboot-whiptail-tpm2-hotp/tools.cpio
2024-04-17 16:07:40-04:00 UNCHANGED build/x86/qemu-coreboot-whiptail-tpm2-hotp/tools.cpio
36f4c3e541252f94f1429d5ab67bd9b7558acbd943e3cdaeba0aef37326e5022 /home/user/heads/build/x86/qemu-coreboot-whiptail-tpm2-hotp/tools.cpio
17973248:/home/user/heads/build/x86/qemu-coreboot-whiptail-tpm2-hotp/tools.cpio
2024-04-17 16:07:41-04:00 HASHES build/x86/qemu-coreboot-whiptail-tpm2-hotp/tools.cpio
2024-04-17 16:07:41-04:00 SIZES build/x86/qemu-coreboot-whiptail-tpm2-hotp/tools.cpio
2024-04-17 16:07:41-04:00 CPIO build/x86/qemu-coreboot-whiptail-tpm2-hotp/heads.cpio
2024-04-17 16:07:41-04:00 UNCHANGED build/x86/qemu-coreboot-whiptail-tpm2-hotp/heads.cpio
90127ffcf21ed4b6809025b2e239500a9fc44c31ddb05165610493fe641ce40e /home/user/heads/build/x86/qemu-coreboot-whiptail-tpm2-hotp/heads.cpio
392192:/home/user/heads/build/x86/qemu-coreboot-whiptail-tpm2-hotp/heads.cpio
2024-04-17 16:07:41-04:00 HASHES build/x86/qemu-coreboot-whiptail-tpm2-hotp/heads.cpio
2024-04-17 16:07:41-04:00 SIZES build/x86/qemu-coreboot-whiptail-tpm2-hotp/heads.cpio
swtpm socket \
--tpm2 \
--tpmstate dir="/home/user/heads/build/x86/qemu-coreboot-whiptail-tpm2-hotp/vtpm" \
--flags "startup-clear" \
--terminate \
--ctrl type=unixio,path="/home/user/heads/build/x86/qemu-coreboot-whiptail-tpm2-hotp/vtpm/sock" &
sleep 0.5
qemu-system-x86_64 -drive file="/home/user/QubesIncoming/heads-tests/root.qcow2",if=virtio \
--machine q35,accel=kvm:tcg \
-rtc base=utc \
-smp 1 \
-vga std \
-m "$(cat "/home/user/heads/build/x86/qemu-coreboot-whiptail-tpm2-hotp/memory")" \
-serial stdio \
--bios "/home/user/heads/build/x86/qemu-coreboot-whiptail-tpm2-hotp/heads-qemu-coreboot-whiptail-tpm2-hotp-v0.2.0-2065-g1b35b9f-gpg-injected.rom" \
-object rng-random,filename=/dev/urandom,id=rng0 \
-device virtio-rng-pci,rng=rng0 \
-netdev user,id=u1 -device e1000,netdev=u1 \
-chardev socket,id=chrtpm,path="/home/user/heads/build/x86/qemu-coreboot-whiptail-tpm2-hotp/vtpm/sock" \
-tpmdev emulator,id=tpm0,chardev=chrtpm \
-device tpm-tis,tpmdev=tpm0 \
-device qemu-xhci,id=usb \
-device usb-tablet \
-drive file="/home/user/heads/build/x86/qemu-coreboot-whiptail-tpm2-hotp/usb_fd.raw",if=none,id=usb-fd-drive,format=raw \
-device usb-storage,bus=usb.0,drive=usb-fd-drive \
-device usb-host,vendorid=8352,productid=17074 \
qemu-system-x86_64: Gdk: gdk_atom_intern: assertion 'atom_name != NULL' failed
qemu-system-x86_64: Gdk: gdk_atom_intern: assertion 'atom_name != NULL' failed
Could not access KVM kernel module: No such file or directory
qemu-system-x86_64: failed to initialize kvm: No such file or directory
qemu-system-x86_64: falling back to tcg
[ 0.000000] Linux version 5.10.5-Heads (linux-qemu.config@linuxboot) (x86_64-linux-musl-gcc (GCC) 8.3.0, GNU ld (GNU Binutils) 2.32) #0 SMP 1970-00-00
[ 0.000000] Command line: debug console=ttyS0,115200 console=tty
[ 0.000000] KERNEL supported cpus:
[ 0.000000] Intel GenuineIntel
[ 0.000000] AMD AuthenticAMD
[ 0.000000] x86/fpu: x87 FPU will use FXSAVE
[ 0.000000] BIOS-provided physical RAM map:
[ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x0000000000000fff] reserved
[ 0.000000] BIOS-e820: [mem 0x0000000000001000-0x000000000009ffff] usable
[ 0.000000] BIOS-e820: [mem 0x00000000000a0000-0x00000000000fffff] reserved
[ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x000000007ff41fff] usable
[ 0.000000] BIOS-e820: [mem 0x000000007ff42000-0x000000007fffffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000b0000000-0x00000000bfffffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000fed40000-0x00000000fed44fff] reserved
[ 0.000000] BIOS-e820: [mem 0x0000000100000000-0x000000017fffffff] usable
[ 0.000000] NX (Execute Disable) protection: active
[ 0.000000] SMBIOS 3.0 present.
[ 0.000000] DMI: QEMU Standard PC (Q35 + ICH9, 2009), BIOS Heads-v0.2.0-2058-g13bccb3d 01/01/1970
[ 0.000000] tsc: Fast TSC calibration using PIT
[ 0.000000] tsc: Detected 2496.008 MHz processor
[ 0.000923] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved
[ 0.001074] e820: remove [mem 0x000a0000-0x000fffff] usable
[ 0.001223] last_pfn = 0x180000 max_arch_pfn = 0x400000000
[ 0.001678] MTRR default type: uncachable
[ 0.001712] MTRR fixed ranges disabled:
[ 0.001829] 00000-FFFFF uncachable
[ 0.001849] MTRR variable ranges enabled:
[ 0.001955] 0 base 00FF000000 mask FFFF000000 write-protect
[ 0.001978] 1 disabled
[ 0.001988] 2 disabled
[ 0.001993] 3 disabled
[ 0.001997] 4 disabled
[ 0.002002] 5 disabled
[ 0.002006] 6 disabled
[ 0.002011] 7 disabled
[ 0.002269] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT
[ 0.002567] CPU MTRRs all blank - virtualized system.
[ 0.002624] last_pfn = 0x7ff42 max_arch_pfn = 0x400000000
[ 0.006926] RAMDISK: [mem 0x04000000-0x045d0fff]
[ 0.007376] ACPI: Early table checksum verification disabled
[ 0.007671] ACPI: RSDP 0x000000007FF4A000 000024 (v02 )
[ 0.007919] ACPI: XSDT 0x000000007FF7A040 00005C (v01 COREv4 COREBOOT 00000000 CORE 20230628)
[ 0.008512] ACPI: FACP 0x000000007FF5C3B2 0000F4 (v03 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.009072] ACPI: DSDT 0x000000007FF5A080 002332 (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.009134] ACPI: FACS 0x000000007FF5A040 000040
[ 0.009180] ACPI: APIC 0x000000007FF5C4A6 000078 (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.009198] ACPI: HPET 0x000000007FF5C51E 000038 (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.009213] ACPI: TPM2 0x000000007FF5C556 00004C (v04 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.009228] ACPI: MCFG 0x000000007FF5C5A2 00003C (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.009242] ACPI: WAET 0x000000007FF5C5DE 000028 (v01 BOCHS BXPC 00000001 BXPC 00000001)
[ 0.009256] ACPI: SSDT 0x000000007FF7A170 0002C1 (v02 COREv4 COREBOOT 0000002A CORE 20230628)
[ 0.009676] ACPI: Local APIC address 0xfee00000
[ 0.011618] Zone ranges:
[ 0.011683] DMA32 [mem 0x0000000000001000-0x00000000ffffffff]
[ 0.011728] Normal [mem 0x0000000100000000-0x000000017fffffff]
[ 0.011745] Movable zone start for each node
[ 0.011806] Early memory node ranges
[ 0.011847] node 0: [mem 0x0000000000001000-0x000000000009ffff]
[ 0.011874] node 0: [mem 0x0000000000100000-0x000000007ff41fff]
[ 0.011881] node 0: [mem 0x0000000100000000-0x000000017fffffff]
[ 0.012499] Zeroed struct page in unavailable ranges: 287 pages
[ 0.012637] Initmem setup node 0 [mem 0x0000000000001000-0x000000017fffffff]
[ 0.012922] On node 0 totalpages: 1048289
[ 0.013064] DMA32 zone: 8188 pages used for memmap
[ 0.013101] DMA32 zone: 22 pages reserved
[ 0.013193] DMA32 zone: 524001 pages, LIFO batch:63
[ 0.038534] Normal zone: 8192 pages used for memmap
[ 0.038566] Normal zone: 524288 pages, LIFO batch:63
[ 0.062968] ACPI: PM-Timer IO Port: 0x608
[ 0.063027] ACPI: Local APIC address 0xfee00000
[ 0.063500] ACPI: LAPIC_NMI (acpi_id[0xff] dfl dfl lint[0x1])
[ 0.063980] IOAPIC[0]: apic_id 0, version 32, address 0xfec00000, GSI 0-23
[ 0.064100] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl)
[ 0.064364] ACPI: INT_SRC_OVR (bus 0 bus_irq 5 global_irq 5 high level)
[ 0.064402] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 high level)
[ 0.064490] ACPI: INT_SRC_OVR (bus 0 bus_irq 10 global_irq 10 high level)
[ 0.064500] ACPI: INT_SRC_OVR (bus 0 bus_irq 11 global_irq 11 high level)
[ 0.064607] ACPI: IRQ0 used by override.
[ 0.064666] ACPI: IRQ5 used by override.
[ 0.064675] ACPI: IRQ9 used by override.
[ 0.064680] ACPI: IRQ10 used by override.
[ 0.064686] ACPI: IRQ11 used by override.
[ 0.064742] Using ACPI (MADT) for SMP configuration information
[ 0.064803] ACPI: HPET id: 0x8086a201 base: 0xfed00000
[ 0.065083] smpboot: Allowing 1 CPUs, 0 hotplug CPUs
[ 0.065831] [mem 0xc0000000-0xfed3ffff] available for PCI devices
[ 0.066270] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645519600211568 ns
[ 0.080550] setup_percpu: NR_CPUS:64 nr_cpumask_bits:64 nr_cpu_ids:1 nr_node_ids:1
[ 0.087878] percpu: Embedded 43 pages/cpu s137368 r8192 d30568 u2097152
[ 0.088282] pcpu-alloc: s137368 r8192 d30568 u2097152 alloc=1*2097152
[ 0.088369] pcpu-alloc: [0] 0
[ 0.090110] Built 1 zonelists, mobility grouping on. Total pages: 1031887
[ 0.090277] Kernel command line: debug console=ttyS0,115200 console=tty
[ 0.102254] Dentry cache hash table entries: 524288 (order: 10, 4194304 bytes, linear)
[ 0.107752] Inode-cache hash table entries: 262144 (order: 9, 2097152 bytes, linear)
[ 0.109200] mem auto-init: stack:off, heap alloc:off, heap free:off
[ 0.343118] Memory: 4030576K/4193156K available (8194K kernel code, 1465K rwdata, 1948K rodata, 932K init, 2084K bss, 162324K reserved, 0K cma-reserved)
[ 0.345929] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[ 0.350121] rcu: Hierarchical RCU implementation.
[ 0.350165] rcu: RCU restricting CPUs from NR_CPUS=64 to nr_cpu_ids=1.
[ 0.350460] rcu: RCU calculated value of scheduler-enlistment delay is 25 jiffies.
[ 0.350488] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=1
[ 0.351046] NR_IRQS: 4352, nr_irqs: 256, preallocated irqs: 16
[ 0.357641] random: get_random_bytes called from start_kernel+0x301/0x4e3 with crng_init=0
[ 0.360128] Console: colour dummy device 80x25
[ 0.361613] printk: console [tty0] enabled
[ 0.374035] printk: console [ttyS0] enabled
[ 0.374585] ACPI: Core revision 20200925
[ 0.376569] ACPI BIOS Warning (bug): Incorrect checksum in table [SSDT] - 0x05, should be 0x9F (20200925/tbprint-177)
[ 0.379595] clocksource: hpet: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604467 ns
[ 0.382925] APIC: Switch to symmetric I/O mode setup
[ 0.386754] ..TIMER: vector=0x30 apic1=0 pin1=2 apic2=0 pin2=0
[ 0.405358] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x23fa7ec29e6, max_idle_ns: 440795214074 ns
[ 0.406312] Calibrating delay loop (skipped), value calculated using timer frequency.. 4992.01 BogoMIPS (lpj=9984032)
[ 0.406909] pid_max: default: 4096 minimum: 301
[ 0.407811] Mount-cache hash table entries: 8192 (order: 4, 65536 bytes, linear)
[ 0.408225] Mountpoint-cache hash table entries: 8192 (order: 4, 65536 bytes, linear)
[ 0.423907] process: using AMD E400 aware idle routine
[ 0.424096] Last level iTLB entries: 4KB 512, 2MB 255, 4MB 127
[ 0.424213] Last level dTLB entries: 4KB 512, 2MB 255, 4MB 127, 1GB 0
[ 0.424528] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization
[ 0.424738] Spectre V2 : Mitigation: Full AMD retpoline
[ 0.424820] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch
[ 0.468525] Freeing SMP alternatives memory: 12K
[ 0.586152] smpboot: CPU0: AMD QEMU Virtual CPU version 2.5+ (family: 0xf, model: 0x6b, stepping: 0x1)
[ 0.588552] Performance Events: PMU not available due to virtualization, using software events only.
[ 0.591176] rcu: Hierarchical SRCU implementation.
[ 0.593521] NMI watchdog: Perf NMI watchdog permanently disabled
[ 0.596464] smp: Bringing up secondary CPUs ...
[ 0.596754] smp: Brought up 1 node, 1 CPU
[ 0.597008] smpboot: Max logical packages: 1
[ 0.597266] smpboot: Total of 1 processors activated (4992.01 BogoMIPS)
[ 0.606241] devtmpfs: initialized
[ 0.610719] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645041785100000 ns
[ 0.611303] futex hash table entries: 16 (order: -2, 1024 bytes, linear)
[ 0.615396] NET: Registered protocol family 16
[ 0.621413] thermal_sys: Registered thermal governor 'step_wise'
[ 0.621455] thermal_sys: Registered thermal governor 'user_space'
[ 0.622013] cpuidle: using governor menu
[ 0.623025] ACPI: bus type PCI registered
[ 0.624211] PCI: Using configuration type 1 for base access
[ 0.642795] cryptd: max_cpu_qlen set to 1000
[ 0.645237] ACPI: Added _OSI(Module Device)
[ 0.645500] ACPI: Added _OSI(Processor Device)
[ 0.645715] ACPI: Added _OSI(3.0 _SCP Extensions)
[ 0.645964] ACPI: Added _OSI(Processor Aggregator Device)
[ 0.646568] ACPI: Added _OSI(Linux-Dell-Video)
[ 0.646778] ACPI: Added _OSI(Linux-Lenovo-NV-HDMI-Audio)
[ 0.646999] ACPI: Added _OSI(Linux-HPI-Hybrid-Graphics)
[ 0.680870] ACPI BIOS Error (bug): Failure creating named object [\_SB.PCI0._PRT], AE_ALREADY_EXISTS (20200925/dswload2-327)
[ 0.682989] ACPI Error: AE_ALREADY_EXISTS, During name lookup/catalog (20200925/psobject-221)
[ 0.683386] ACPI: Skipping parse of AML opcode: Method (0x0014)
[ 0.684272] ACPI: 2 ACPI AML tables successfully acquired and loaded
[ 0.705276] ACPI: Interpreter enabled
[ 0.706317] ACPI: (supports S0 S5)
[ 0.706834] ACPI: Using IOAPIC for interrupt routing
[ 0.709180] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug
[ 0.712810] ACPI: Enabled 2 GPEs in block 00 to 3F
[ 0.745450] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff])
[ 0.745920] acpi PNP0A08:00: _OSC: OS supports [ASPM ClockPM Segments MSI HPX-Type3]
[ 0.747140] acpi PNP0A08:00: PCIe port services disabled; not requesting _OSC control
[ 0.749384] PCI host bridge to bus 0000:00
[ 0.749593] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window]
[ 0.749724] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window]
[ 0.749825] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window]
[ 0.749918] pci_bus 0000:00: root bus resource [mem 0x80000000-0xafffffff window]
[ 0.750194] pci_bus 0000:00: root bus resource [mem 0xc0000000-0xfebfffff window]
[ 0.750798] pci_bus 0000:00: root bus resource [mem 0x180000000-0x97fffffff window]
[ 0.751334] pci_bus 0000:00: root bus resource [mem 0xfed40000-0xfed44fff]
[ 0.751758] pci_bus 0000:00: root bus resource [bus 00-ff]
[ 0.752949] pci 0000:00:00.0: [8086:29c0] type 00 class 0x060000
[ 0.755868] pci 0000:00:01.0: [1234:1111] type 00 class 0x030000
[ 0.756979] pci 0000:00:01.0: reg 0x10: [mem 0xc0000000-0xc0ffffff pref]
[ 0.758152] pci 0000:00:01.0: reg 0x18: [mem 0xc107c000-0xc107cfff]
[ 0.761020] pci 0000:00:01.0: reg 0x30: [mem 0xc1060000-0xc106ffff pref]
[ 0.761602] pci 0000:00:01.0: BAR 0: assigned to efifb
[ 0.762994] pci 0000:00:02.0: [1af4:1005] type 00 class 0x00ff00
[ 0.764277] pci 0000:00:02.0: reg 0x10: [io 0x10c0-0x10df]
[ 0.766710] pci 0000:00:02.0: reg 0x14: [mem 0xc107d000-0xc107dfff]
[ 0.770152] pci 0000:00:02.0: reg 0x20: [mem 0xc1070000-0xc1073fff 64bit pref]
[ 0.772379] pci 0000:00:03.0: [8086:100e] type 00 class 0x020000
[ 0.773459] pci 0000:00:03.0: reg 0x10: [mem 0xc1040000-0xc105ffff]
[ 0.775890] pci 0000:00:03.0: reg 0x14: [io 0x1080-0x10bf]
[ 0.781031] pci 0000:00:03.0: reg 0x30: [mem 0xc1000000-0xc103ffff pref]
[ 0.783423] pci 0000:00:04.0: [1b36:000d] type 00 class 0x0c0330
[ 0.783964] pci 0000:00:04.0: reg 0x10: [mem 0xc1074000-0xc1077fff 64bit]
[ 0.786906] pci 0000:00:05.0: [1af4:1001] type 00 class 0x010000
[ 0.787737] pci 0000:00:05.0: reg 0x10: [io 0x1000-0x107f]
[ 0.788497] pci 0000:00:05.0: reg 0x14: [mem 0xc107e000-0xc107efff]
[ 0.791857] pci 0000:00:05.0: reg 0x20: [mem 0xc1078000-0xc107bfff 64bit pref]
[ 0.793349] pci 0000:00:1f.0: [8086:2918] type 00 class 0x060100
[ 0.794256] pci 0000:00:1f.0: quirk: [io 0x0600-0x067f] claimed by ICH6 ACPI/GPIO/TCO
[ 0.794669] pci 0000:00:1f.0: quirk: [io 0x0580-0x05bf] claimed by ICH6 GPIO
[ 0.795396] pci 0000:00:1f.2: [8086:2922] type 00 class 0x010601
[ 0.798152] pci 0000:00:1f.2: reg 0x20: [io 0x10e0-0x10ff]
[ 0.799273] pci 0000:00:1f.2: reg 0x24: [mem 0xc107f000-0xc107ffff]
[ 0.803057] pci 0000:00:1f.3: [8086:2930] type 00 class 0x0c0500
[ 0.804329] pci 0000:00:1f.3: reg 0x20: [io 0x0400-0x043f]
[ 0.806432] pci_bus 0000:00: on NUMA node 0
[ 0.811255] ACPI: PCI Interrupt Link [LNKA] (IRQs 5 10 11) *0
[ 0.812384] ACPI: PCI Interrupt Link [LNKB] (IRQs 5 10 11) *0
[ 0.813209] ACPI: PCI Interrupt Link [LNKC] (IRQs 5 10 11) *0
[ 0.814453] ACPI: PCI Interrupt Link [LNKD] (IRQs 5 10 11) *0
[ 0.816073] ACPI: PCI Interrupt Link [LNKE] (IRQs 5 10 11) *0
[ 0.818430] ACPI: PCI Interrupt Link [LNKF] (IRQs 5 10 11) *0
[ 0.819551] ACPI: PCI Interrupt Link [LNKG] (IRQs 5 10 11) *0
[ 0.820671] ACPI: PCI Interrupt Link [LNKH] (IRQs 5 10 11) *0
[ 0.822467] ACPI: PCI Interrupt Link [GSIA] (IRQs *16)
[ 0.823066] ACPI: PCI Interrupt Link [GSIB] (IRQs *17)
[ 0.823518] ACPI: PCI Interrupt Link [GSIC] (IRQs *18)
[ 0.823941] ACPI: PCI Interrupt Link [GSID] (IRQs *19)
[ 0.824340] ACPI: PCI Interrupt Link [GSIE] (IRQs *20)
[ 0.824975] ACPI: PCI Interrupt Link [GSIF] (IRQs *21)
[ 0.825437] ACPI: PCI Interrupt Link [GSIG] (IRQs *22)
[ 0.825889] ACPI: PCI Interrupt Link [GSIH] (IRQs *23)
[ 0.831658] iommu: Default domain type: Translated
[ 0.834780] SCSI subsystem initialized
[ 0.835331] libata version 3.00 loaded.
[ 0.835504] ACPI: bus type USB registered
[ 0.835903] usbcore: registered new interface driver usbfs
[ 0.836179] usbcore: registered new interface driver hub
[ 0.836369] usbcore: registered new device driver usb
[ 0.845374] PCI: Using ACPI for IRQ routing
[ 0.845654] PCI: pci_cache_line_size set to 64 bytes
[ 0.846283] e820: reserve RAM buffer [mem 0x7ff42000-0x7fffffff]
[ 0.847052] hpet: 3 channels of 0 reserved for per-cpu timers
[ 0.848449] clocksource: Switched to clocksource tsc-early
[ 0.848917] pnp: PnP ACPI init
[ 0.850762] pnp 00:00: Plug and Play ACPI device, IDs PNP0303 (active)
[ 0.851263] pnp 00:01: Plug and Play ACPI device, IDs PNP0f13 (active)
[ 0.851630] pnp 00:02: Plug and Play ACPI device, IDs PNP0400 (active)
[ 0.852022] pnp 00:03: Plug and Play ACPI device, IDs PNP0501 (active)
[ 0.852897] pnp 00:04: Plug and Play ACPI device, IDs PNP0b00 (active)
[ 0.854043] system 00:05: [mem 0xb0000000-0xbfffffff window] has been reserved
[ 0.854548] system 00:05: Plug and Play ACPI device, IDs PNP0c01 (active)
[ 0.856883] pnp: PnP ACPI: found 6 devices
[ 0.873765] clocksource: acpi_pm: mask: 0xffffff max_cycles: 0xffffff, max_idle_ns: 2085701024 ns
[ 0.876345] NET: Registered protocol family 2
[ 0.881600] tcp_listen_portaddr_hash hash table entries: 2048 (order: 3, 32768 bytes, linear)
[ 0.882384] TCP established hash table entries: 32768 (order: 6, 262144 bytes, linear)
[ 0.883082] TCP bind hash table entries: 32768 (order: 7, 524288 bytes, linear)
[ 0.883634] TCP: Hash tables configured (established 32768 bind 32768)
[ 0.885146] UDP hash table entries: 2048 (order: 4, 65536 bytes, linear)
[ 0.885509] UDP-Lite hash table entries: 2048 (order: 4, 65536 bytes, linear)
[ 0.887422] NET: Registered protocol family 1
[ 0.888779] pci_bus 0000:00: resource 4 [io 0x0000-0x0cf7 window]
[ 0.888950] pci_bus 0000:00: resource 5 [io 0x0d00-0xffff window]
[ 0.889101] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window]
[ 0.889229] pci_bus 0000:00: resource 7 [mem 0x80000000-0xafffffff window]
[ 0.889363] pci_bus 0000:00: resource 8 [mem 0xc0000000-0xfebfffff window]
[ 0.889502] pci_bus 0000:00: resource 9 [mem 0x180000000-0x97fffffff window]
[ 0.889645] pci_bus 0000:00: resource 10 [mem 0xfed40000-0xfed44fff]
[ 0.890613] pci 0000:00:01.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff]
[ 0.898883] PCI Interrupt Link [GSIE] enabled at IRQ 20
[ 0.906961] pci 0000:00:04.0: quirk_usb_early_handoff+0x0/0x628 took 15552 usecs
[ 0.907233] PCI: CLS 64 bytes, default 64
[ 0.914346] Trying to unpack rootfs image as initramfs...
[ 3.203794] Freeing initrd memory: 5956K
[ 3.204252] PCI-DMA: Using software bounce buffering for IO (SWIOTLB)
[ 3.205131] software IO TLB: mapped [mem 0x000000007bf42000-0x000000007ff42000] (64MB)
[ 3.211422] workingset: timestamp_bits=46 max_order=20 bucket_order=0
[ 3.219793] SGI XFS with security attributes, no debug enabled
[ 3.223697] NET: Registered protocol family 38
[ 3.224967] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 249)
[ 3.225544] io scheduler mq-deadline registered
[ 3.227647] efifb: probing for efifb
[ 3.228969] efifb: framebuffer at 0xc0000000, using 3072k, total 3072k
[ 3.229807] efifb: mode is 1024x768x32, linelength=4096, pages=1
[ 3.230749] efifb: scrolling: redraw
[ 3.230909] efifb: Truecolor: size=8:8:8:8, shift=24:16:8:0
[ 3.246590] Console: switching to colour frame buffer device 128x48
[ 3.257766] fb0: EFI VGA frame buffer device
[ 3.260163] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input0
[ 3.261102] ACPI: Power Button [PWRF]
[ 3.272526] PCI Interrupt Link [GSIG] enabled at IRQ 22
[ 3.279099] PCI Interrupt Link [GSIF] enabled at IRQ 21
[ 3.283104] Serial: 8250/16550 driver, 4 ports, IRQ sharing disabled
[ 3.285578] 00:03: ttyS0 at I/O 0x3f8 (irq = 4, base_baud = 115200) is a 16550A
[ 3.289510] Non-volatile memory driver v1.3
[ 3.301338] random: fast init done
[ 3.302595] random: crng init done
[ 3.304109] tpm_tis MSFT0101:00: 2.0 TPM (device-id 0x1, rev-id 1)
[ 3.366093] tpm_tis MSFT0101:01: can't request region for resource [mem 0xfed40000-0xfed44fff]
[ 3.366936] tpm_tis: probe of MSFT0101:01 failed with error -16
[ 3.368500] AMD-Vi: AMD IOMMUv2 driver by Joerg Roedel <[email protected]>
[ 3.368789] AMD-Vi: AMD IOMMUv2 functionality not available on this system
[ 3.406070] brd: module loaded
[ 3.423367] loop: module loaded
[ 3.437532] virtio_blk virtio1: [vda] 41943040 512-byte logical blocks (21.5 GB/20.0 GiB)
[ 3.439250] vda: detected capacity change from 0 to 21474836480
[ 3.470969] vda: vda1 vda2 vda3 vda4
[ 3.475378] Loading iSCSI transport class v2.0-870.
[ 3.478748] iscsi: registered transport (tcp)
[ 3.480520] ahci 0000:00:1f.2: version 3.0
[ 3.489493] PCI Interrupt Link [GSIA] enabled at IRQ 16
[ 3.500808] ahci 0000:00:1f.2: AHCI 0001.0000 32 slots 6 ports 1.5 Gbps 0x3f impl SATA mode
[ 3.506575] ahci 0000:00:1f.2: flags: 64bit ncq only
[ 3.529282] scsi host0: ahci
[ 3.536645] scsi host1: ahci
[ 3.543185] scsi host2: ahci
[ 3.549772] scsi host3: ahci
[ 3.555492] scsi host4: ahci
[ 3.560840] scsi host5: ahci
[ 3.567791] ata1: SATA max UDMA/133 abar m4096@0xc107f000 port 0xc107f100 irq 28
[ 3.572376] ata2: SATA max UDMA/133 abar m4096@0xc107f000 port 0xc107f180 irq 28
[ 3.576511] ata3: SATA max UDMA/133 abar m4096@0xc107f000 port 0xc107f200 irq 28
[ 3.590395] ata4: SATA max UDMA/133 abar m4096@0xc107f000 port 0xc107f280 irq 28
[ 3.595052] ata5: SATA max UDMA/133 abar m4096@0xc107f000 port 0xc107f300 irq 28
[ 3.599453] ata6: SATA max UDMA/133 abar m4096@0xc107f000 port 0xc107f380 irq 28
[ 3.607720] i8042: PNP: PS/2 Controller [PNP0303:KBD,PNP0f13:MOU] at 0x60,0x64 irq 1,12
[ 3.615887] serio: i8042 KBD port at 0x60,0x64 irq 1
[ 3.620159] serio: i8042 AUX port at 0x60,0x64 irq 12
[ 3.626410] rtc_cmos 00:04: RTC can wake from S4
[ 3.636611] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input1
[ 3.653673] rtc_cmos 00:04: registered as rtc0
[ 3.658172] rtc_cmos 00:04: setting system clock to 2024-04-17T20:07:47 UTC (1713384467)
[ 3.663896] rtc_cmos 00:04: alarms up to one day, y3k, 242 bytes nvram, hpet irqs
[ 3.672274] i801_smbus 0000:00:1f.3: SMBus using PCI interrupt
[ 3.677967] i2c i2c-0: 1/1 memory slots populated (from DMI)
[ 3.683197] i2c i2c-0: Memory type 0x07 not supported yet, not instantiating SPD
[ 3.690198] device-mapper: ioctl: 4.43.0-ioctl (2020-10-01) initialised: [email protected]
[ 3.700690] NET: Registered protocol family 17
[ 3.706224] IPI shorthand broadcast: enabled
[ 3.710773] sched_clock: Marking stable (3687859569, 22489959)->(3715123476, -4773948)
[ 3.963665] ata1: SATA link down (SStatus 0 SControl 300)
[ 3.969246] ata2: SATA link down (SStatus 0 SControl 300)
[ 4.002971] ata4: SATA link down (SStatus 0 SControl 300)
[ 4.007773] ata6: SATA link down (SStatus 0 SControl 300)
[ 4.013229] ata5: SATA link down (SStatus 0 SControl 300)
[ 4.018453] ata3: SATA link up 1.5 Gbps (SStatus 113 SControl 300)
[ 4.028341] ata3.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100
[ 4.033536] ata3.00: applying bridge limits
[ 4.038876] ata3.00: configured for UDMA/100
[ 4.051764] scsi 2:0:0:0: CD-ROM QEMU QEMU DVD-ROM 2.5+ PQ: 0 ANSI: 5
[ 4.084517] sr 2:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray
[ 4.089190] cdrom: Uniform CD-ROM driver Revision: 3.20
[ 4.120472] sr 2:0:0:0: Attached scsi CD-ROM sr0
[ 4.126643] sr 2:0:0:0: Attached scsi generic sg0 type 5
[ 4.411110] Freeing unused kernel image (initmem) memory: 932K
[ 4.415265] tsc: Refined TSC clocksource calibration: 2495.975 MHz
[ 4.418895] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x23fa5fca340, max_idle_ns: 440795318957 ns
[ 4.424318] clocksource: Switched to clocksource tsc
[ 4.429172] Write protecting the kernel read-only data: 12288k
[ 4.441829] Freeing unused kernel image (text/rodata gap) memory: 2044K
[ 4.455268] Freeing unused kernel image (rodata/data gap) memory: 100K
[ 4.460242] Run /init as init process
[ 4.465434] with arguments:
[ 4.469585] /init
[ 4.473469] with environment:
[ 4.478188] HOME=/
[ 4.483144] TERM=linux
[ 4.561968] [U] hello world
[ 4.816637] DEBUG: Debug output enabled from board CONFIG_DEBUG_OUTPUT=y option (/etc/config)
[ 4.837979] TRACE: Under init
[ 4.880467] DEBUG: Applying panic_on_oom setting to sysctl
[ 5.014207] TRACE: /bin/tpmr(32): main
[ 5.076634] TRACE: /bin/tpmr(336): tpm2_startsession
[ 5.700129] TRACE: /etc/functions(775): run_at_exit_handlers
[ 5.781381] TRACE: /bin/cbfs-init(5): main
[ 5.923784] DEBUG: Extending TPM PCR 7 with /.gnupg/pubring.kbx
[ 6.005594] TRACE: /bin/tpmr(32): main
[ 6.054902] TRACE: /bin/tpmr(232): tpm2_extend
[ 6.177003] DEBUG: tpm2 pcrread sha256:7
[ 6.270854] TRACE: /etc/functions(775): run_at_exit_handlers
[ 6.368560] DEBUG: Extending TPM PCR 7 with /.gnupg/trustdb.gpg
[ 6.449978] TRACE: /bin/tpmr(32): main
[ 6.491639] TRACE: /bin/tpmr(232): tpm2_extend
[ 6.626049] DEBUG: tpm2 pcrread sha256:7
[ 6.732839] TRACE: /etc/functions(775): run_at_exit_handlers
[ 6.762193] TRACE: /etc/functions(775): run_at_exit_handlers
[ 6.843805] TRACE: /bin/key-init(5): main
[ 7.907194] TRACE: /etc/functions(775): run_at_exit_handlers
[ 7.998637] TRACE: Under /etc/ash_functions:combine_configs
[ 8.071921] TRACE: Under /etc/ash_functions:pause_recovery
!!! Hit enter to proceed to recovery shell !!!
[ 8.290897] TRACE: /bin/setconsolefont.sh(6): main
[ 8.341192] DEBUG: Board does not ship setfont, not checking console font
[ 8.368720] TRACE: /etc/functions(775): run_at_exit_handlers
[ 8.571670] TRACE: /bin/gui-init(653): main
[ 8.600186] TRACE: Under /etc/ash_functions:enable_usb
[ 8.677501] TRACE: /sbin/insmod(9): main
[ 8.817790] DEBUG: Extending TPM PCR 5 with /lib/modules/ehci-hcd.ko prior of usage
[ 8.896300] TRACE: /bin/tpmr(32): main
[ 8.943919] TRACE: /bin/tpmr(232): tpm2_extend
[ 9.070785] DEBUG: tpm2 pcrread sha256:5
[ 9.164960] TRACE: /etc/functions(775): run_at_exit_handlers
[ 9.213285] DEBUG: Loading /lib/modules/ehci-hcd.ko with busybox insmod
[ 9.249194] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[ 9.272438] TRACE: /etc/functions(775): run_at_exit_handlers
[ 9.353260] TRACE: /sbin/insmod(9): main
[ 9.488475] DEBUG: Extending TPM PCR 5 with /lib/modules/uhci-hcd.ko prior of usage
[ 9.575256] TRACE: /bin/tpmr(32): main
[ 9.621452] TRACE: /bin/tpmr(232): tpm2_extend
[ 9.744114] DEBUG: tpm2 pcrread sha256:5
[ 9.847790] TRACE: /etc/functions(775): run_at_exit_handlers
[ 9.894877] DEBUG: Loading /lib/modules/uhci-hcd.ko with busybox insmod
[ 9.917886] uhci_hcd: USB Universal Host Controller Interface driver
[ 9.943761] TRACE: /etc/functions(775): run_at_exit_handlers
[ 10.028649] TRACE: /sbin/insmod(9): main
[ 10.163636] DEBUG: Extending TPM PCR 5 with /lib/modules/ohci-hcd.ko prior of usage
[ 10.243145] TRACE: /bin/tpmr(32): main
[ 10.287303] TRACE: /bin/tpmr(232): tpm2_extend
[ 10.411718] DEBUG: tpm2 pcrread sha256:5
[ 10.513580] TRACE: /etc/functions(775): run_at_exit_handlers
[ 10.563205] DEBUG: Loading /lib/modules/ohci-hcd.ko with busybox insmod
[ 10.591675] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[ 10.619596] TRACE: /etc/functions(775): run_at_exit_handlers
[ 10.699733] TRACE: /sbin/insmod(9): main
[ 10.841206] DEBUG: Extending TPM PCR 5 with /lib/modules/ohci-pci.ko prior of usage
[ 10.939520] TRACE: /bin/tpmr(32): main
[ 10.989727] TRACE: /bin/tpmr(232): tpm2_extend
[ 11.118598] DEBUG: tpm2 pcrread sha256:5
[ 11.219613] TRACE: /etc/functions(775): run_at_exit_handlers
[ 11.271896] DEBUG: Loading /lib/modules/ohci-pci.ko with busybox insmod
[ 11.301602] ohci-pci: OHCI PCI platform driver
[ 11.327753] TRACE: /etc/functions(775): run_at_exit_handlers
[ 11.411994] TRACE: /sbin/insmod(9): main
[ 11.552138] DEBUG: Extending TPM PCR 5 with /lib/modules/ehci-pci.ko prior of usage
[ 11.636516] TRACE: /bin/tpmr(32): main
[ 11.684195] TRACE: /bin/tpmr(232): tpm2_extend
[ 11.810617] DEBUG: tpm2 pcrread sha256:5
[ 11.914052] TRACE: /etc/functions(775): run_at_exit_handlers
[ 11.963382] DEBUG: Loading /lib/modules/ehci-pci.ko with busybox insmod
[ 11.991619] ehci-pci: EHCI PCI platform driver
[ 12.021319] TRACE: /etc/functions(775): run_at_exit_handlers
[ 12.102912] TRACE: /sbin/insmod(9): main
[ 12.241475] DEBUG: Extending TPM PCR 5 with /lib/modules/xhci-hcd.ko prior of usage
[ 12.321968] TRACE: /bin/tpmr(32): main
[ 12.372687] TRACE: /bin/tpmr(232): tpm2_extend
[ 12.508072] DEBUG: tpm2 pcrread sha256:5
[ 12.608429] TRACE: /etc/functions(775): run_at_exit_handlers
[ 12.662898] DEBUG: Loading /lib/modules/xhci-hcd.ko with busybox insmod
[ 12.715611] TRACE: /etc/functions(775): run_at_exit_handlers
[ 12.802887] TRACE: /sbin/insmod(9): main
[ 12.947659] DEBUG: Extending TPM PCR 5 with /lib/modules/xhci-pci.ko prior of usage
[ 13.039488] TRACE: /bin/tpmr(32): main
[ 13.087630] TRACE: /bin/tpmr(232): tpm2_extend
[ 13.210569] DEBUG: tpm2 pcrread sha256:5
[ 13.311436] TRACE: /etc/functions(775): run_at_exit_handlers
[ 13.361983] DEBUG: Loading /lib/modules/xhci-pci.ko with busybox insmod
[ 13.394108] xhci_hcd 0000:00:04.0: xHCI Host Controller
[ 13.399477] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 1
[ 13.408223] xhci_hcd 0000:00:04.0: hcc params 0x00087001 hci version 0x100 quirks 0x0000000000000010
[ 13.427634] hub 1-0:1.0: USB hub found
[ 13.433673] hub 1-0:1.0: 4 ports detected
[ 13.442895] xhci_hcd 0000:00:04.0: xHCI Host Controller
[ 13.447980] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 2
[ 13.453600] xhci_hcd 0000:00:04.0: Host supports USB 3.0 SuperSpeed
[ 13.460260] usb usb2: We don't know the algorithms for LPM for this host, disabling LPM.
[ 13.466762] hub 2-0:1.0: USB hub found
[ 13.480551] hub 2-0:1.0: 4 ports detected
[ 13.512365] TRACE: /etc/functions(775): run_at_exit_handlers
[ 13.774894] usb 1-1: new high-speed USB device number 2 using xhci_hcd
[ 14.060239] usb 2-2: new SuperSpeed Gen 1 USB device number 2 using xhci_hcd
[ 14.214776] usb 1-3: new full-speed USB device number 3 using xhci_hcd
[ 14.389154] usb 1-3: can't set config #1, error -32
[ 15.551249] TRACE: /etc/functions(634): detect_boot_device
[ 15.597548] TRACE: /etc/functions(601): mount_possible_boot_device
[ 15.640565] TRACE: /etc/functions(561): is_gpt_bios_grub
[ 15.723858] TRACE: /dev/vda1 is partition 1 of vda
[ 15.829153] TRACE: /etc/functions(538): find_lvm_vg_name
[ 15.982255] TRACE: Try mounting /dev/vda1 as /boot
[ 16.070671] exFAT-fs (vda1): invalid boot record signature
[ 16.077737] exFAT-fs (vda1): failed to read boot sector
[ 16.082983] exFAT-fs (vda1): failed to recognize exfat type
[ 16.095264] exFAT-fs (vda1): invalid boot record signature
[ 16.100884] exFAT-fs (vda1): failed to read boot sector
[ 16.105398] exFAT-fs (vda1): failed to recognize exfat type
[ 16.427545] TRACE: /etc/functions(601): mount_possible_boot_device
[ 16.472551] TRACE: /etc/functions(561): is_gpt_bios_grub
[ 16.552869] TRACE: /dev/vda2 is partition 2 of vda
[ 16.644967] TRACE: /etc/functions(538): find_lvm_vg_name
[ 16.777513] TRACE: Try mounting /dev/vda2 as /boot
[ 16.870979] TRACE: /etc/functions(601): mount_possible_boot_device
[ 16.912812] TRACE: /etc/functions(561): is_gpt_bios_grub
[ 16.989171] TRACE: /dev/vda3 is partition 3 of vda
[ 17.085406] TRACE: /etc/functions(538): find_lvm_vg_name
[ 17.221003] TRACE: Try mounting /dev/vda3 as /boot
[ 17.260221] EXT4-fs (vda3): mounted filesystem with ordered data mode. Opts: (null)
[ 17.305029] TRACE: /bin/gui-init(325): clean_boot_check
[ 17.421342] TRACE: /bin/gui-init(356): check_gpg_key
[ 17.518229] TRACE: /bin/gui-init(191): update_totp
[ 17.604906] TRACE: /bin/unseal-totp(8): main
[ 17.680173] TRACE: /bin/tpmr(32): main
[ 17.724991] TRACE: /bin/tpmr(552): tpm2_unseal
[ 17.789024] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/totp.key pass=<empty>
[ 17.929431] TRACE: /etc/functions(760): at_exit
[ 18.327994] TRACE: /etc/functions(775): run_at_exit_handlers
[ 18.375281] DEBUG: Running at_exit handlers
[ 18.403081] TRACE: /bin/tpmr(359): cleanup_session
[ 18.445417] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session
[ 18.557275] !!! ERROR: Unable to unseal TOTP secret !!!
[ 20.590577] TRACE: /etc/functions(775): run_at_exit_handlers
[ 21.175045] TRACE: /bin/unseal-totp(8): main
[ 21.265419] TRACE: /bin/tpmr(32): main
[ 21.315378] TRACE: /bin/tpmr(552): tpm2_unseal
[ 21.386079] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/totp.key pass=<empty>
[ 21.545267] TRACE: /etc/functions(760): at_exit
[ 21.955313] TRACE: /etc/functions(775): run_at_exit_handlers
[ 22.007006] DEBUG: Running at_exit handlers
[ 22.040997] TRACE: /bin/tpmr(359): cleanup_session
[ 22.089814] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session
[ 22.199974] !!! ERROR: Unable to unseal TOTP secret !!!
[ 24.236750] TRACE: /etc/functions(775): run_at_exit_handlers
[ 24.831850] TRACE: /bin/unseal-totp(8): main
[ 24.926614] TRACE: /bin/tpmr(32): main
[ 24.975677] TRACE: /bin/tpmr(552): tpm2_unseal
[ 25.051557] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/totp.key pass=<empty>
[ 25.211033] TRACE: /etc/functions(760): at_exit
[ 25.672317] TRACE: /etc/functions(775): run_at_exit_handlers
[ 25.723883] DEBUG: Running at_exit handlers
[ 25.761452] TRACE: /bin/tpmr(359): cleanup_session
[ 25.807794] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session
[ 25.901402] !!! ERROR: Unable to unseal TOTP secret !!!
[ 27.930087] TRACE: /etc/functions(775): run_at_exit_handlers
[ 27.964400] DEBUG: CONFIG_TPM: y
[ 28.006043] DEBUG: CONFIG_TPM2_TOOLS: y
[ 28.053682] DEBUG: Show PCRs
[ 28.164068] DEBUG: sha256:
[ 28.211778] 0 : 0x0000000000000000000000000000000000000000000000000000000000000000
[ 28.227140] 1 : 0x0000000000000000000000000000000000000000000000000000000000000000
[ 28.253787] 2 : 0xE337818B93F11597D84B7D65B08BF2CA4D87CFB25DB36E86E6EA52317A708E51
[ 28.281290] 3 : 0x0000000000000000000000000000000000000000000000000000000000000000
[ 28.302585] 4 : 0x0000000000000000000000000000000000000000000000000000000000000000
[ 28.326997] 5 : 0xD76470232B7C3FD7D18D4DF3B77DACAFFDB876DBF3E84C996D74F7ECFA0FF60F
[ 28.345452] 6 : 0x0000000000000000000000000000000000000000000000000000000000000000
[ 28.372867] 7 : 0xA2EEC1912023001DF5199B35BB9CFBEAC1F814E33E1D594D6C69F15292F75694
[ 28.391330] 8 : 0x0000000000000000000000000000000000000000000000000000000000000000
[ 28.410396] 9 : 0x0000000000000000000000000000000000000000000000000000000000000000
[ 28.432643] 10: 0x0000000000000000000000000000000000000000000000000000000000000000
[ 28.452140] 11: 0x0000000000000000000000000000000000000000000000000000000000000000
[ 28.470871] 12: 0x0000000000000000000000000000000000000000000000000000000000000000
[ 28.496641] 13: 0x0000000000000000000000000000000000000000000000000000000000000000
[ 28.516497] 14: 0x0000000000000000000000000000000000000000000000000000000000000000
[ 28.540059] 15: 0x0000000000000000000000000000000000000000000000000000000000000000
[ 28.572413] 16: 0x0000000000000000000000000000000000000000000000000000000000000000
[ 28.597117] 17: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[ 28.613031] 18: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[ 28.632145] 19: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[ 28.649035] 20: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[ 28.665473] 21: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[ 28.692355] 22: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[ 28.709445] 23: 0x0000000000000000000000000000000000000000000000000000000000000000
[ 34.283421] TRACE: /bin/gui-init(154): generate_totp_hotp
[ 34.363019] TRACE: /bin/seal-totp(10): main
[ 34.429012] DEBUG: Sealing TOTP with actual state of PCR0-3
[ 34.504512] TRACE: /bin/tpmr(32): main
[ 34.547877] TRACE: /bin/tpmr(53): tpm2_pcrread
[ 34.602250] DEBUG: tpm2 pcrread -Q -o /dev/fd/63 sha256:0
[ 34.689824] TRACE: /etc/functions(775): run_at_exit_handlers
[ 34.766669] TRACE: /bin/tpmr(32): main
[ 34.812722] TRACE: /bin/tpmr(53): tpm2_pcrread
[ 34.863899] DEBUG: tpm2 pcrread -Q -o /dev/fd/63 sha256:1
[ 34.947092] TRACE: /etc/functions(775): run_at_exit_handlers
[ 35.031281] TRACE: /bin/tpmr(32): main
[ 35.084368] TRACE: /bin/tpmr(53): tpm2_pcrread
[ 35.139443] DEBUG: tpm2 pcrread -Q -o /dev/fd/63 sha256:2
[ 35.225011] TRACE: /etc/functions(775): run_at_exit_handlers
[ 35.306403] TRACE: /bin/tpmr(32): main
[ 35.347550] TRACE: /bin/tpmr(53): tpm2_pcrread
[ 35.406140] DEBUG: tpm2 pcrread -Q -o /dev/fd/63 sha256:3
[ 35.491859] TRACE: /etc/functions(775): run_at_exit_handlers
[ 35.541411] DEBUG: Sealing TOTP with boot state of PCR4 (Going to recovery shell extends PCR4)
[ 35.616002] TRACE: /bin/tpmr(32): main
[ 35.656287] TRACE: /bin/tpmr(196): replay_pcr
[ 35.793902] DEBUG: Replayed cbmem -L clean boot state of PCR=4 ALG=sha256 : 0000000000000000000000000000000000000000000000000000000000000000
[ 35.823520] TRACE: /etc/functions(775): run_at_exit_handlers
[ 35.866083] DEBUG: Sealing TOTP neglecting PCR5 involvement (Dynamically loaded kernel modules are not firmware integrity attestation related)
[ 35.911232] DEBUG: Sealing TOTP without PCR6 involvement (LUKS header consistency is not firmware integrity attestation related)
[ 35.990037] TRACE: /bin/tpmr(32): main
[ 36.037312] TRACE: /bin/tpmr(53): tpm2_pcrread
[ 36.092220] DEBUG: tpm2 pcrread -Q -o /dev/fd/63 sha256:7
[ 36.177164] TRACE: /etc/functions(775): run_at_exit_handlers
[ 36.256957] TRACE: /bin/tpmr(32): main
[ 36.306982] TRACE: /bin/tpmr(411): tpm2_seal
[ 36.387382] DEBUG: tpm2_seal: file=/tmp/secret/totp.key handle=0x81004d47 pcrl=0,1,2,3,4,7 pcrf=/tmp/secret/pcrf.bin pass=<empty>
[ 36.534779] TRACE: /etc/functions(760): at_exit
[ 37.166949] TRACE: /etc/functions(232): prompt_tpm_owner_password
[ 46.731296] DEBUG: Caching TPM Owner Password to /tmp/secret/tpm_owner_password
[ 47.027316] DEBUG: tpm2 evictcontrol -Q -C o -P <hidden> -c /tmp/secret/totp.key.seal.ctx 0x81004d47
[ 47.251425] TRACE: /etc/functions(775): run_at_exit_handlers
[ 47.286880] DEBUG: Running at_exit handlers
[ 47.307372] TRACE: /bin/tpmr(359): cleanup_session
[ 47.338724] DEBUG: Clean up session: /tmp/secret/sealfile_trial.session
[ 47.538973] TRACE: /etc/functions(775): run_at_exit_handlers
[ 48.301352] TRACE: /bin/seal-hotpkey(23): main
[ 48.360373] DEBUG: Sealing HOTP secret reuses TOTP sealed secret...
[ 48.441291] TRACE: /bin/tpmr(32): main
[ 48.492745] TRACE: /bin/tpmr(552): tpm2_unseal
[ 48.563178] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/hotp.key pass=<empty>
[ 48.709539] TRACE: /etc/functions(760): at_exit
[ 49.107169] TRACE: /etc/functions(775): run_at_exit_handlers
[ 49.156581] DEBUG: Running at_exit handlers
[ 49.195131] TRACE: /bin/tpmr(359): cleanup_session
[ 49.250001] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session
[ 49.355501] TRACE: /bin/seal-hotpkey(12): mount_boot
[ 49.398092] TRACE: Under /etc/ash_functions:enable_usb
[ 49.475682] TRACE: /sbin/insmod(9): main
[ 49.608645] DEBUG: /lib/modules/ehci-hcd.ko: already loaded
[ 49.632057] TRACE: /etc/functions(775): run_at_exit_handlers
[ 49.709513] TRACE: /sbin/insmod(9): main
[ 49.837820] DEBUG: /lib/modules/uhci-hcd.ko: already loaded
[ 49.863733] TRACE: /etc/functions(775): run_at_exit_handlers
[ 49.940199] TRACE: /sbin/insmod(9): main
[ 50.077437] DEBUG: /lib/modules/ohci-hcd.ko: already loaded
[ 50.107227] TRACE: /etc/functions(775): run_at_exit_handlers
[ 50.183983] TRACE: /sbin/insmod(9): main
[ 50.317747] DEBUG: /lib/modules/ohci-pci.ko: already loaded
[ 50.342046] TRACE: /etc/functions(775): run_at_exit_handlers
[ 50.420128] TRACE: /sbin/insmod(9): main
[ 50.549257] DEBUG: /lib/modules/ehci-pci.ko: already loaded
[ 50.575838] TRACE: /etc/functions(775): run_at_exit_handlers
[ 50.651761] TRACE: /sbin/insmod(9): main
[ 50.779123] DEBUG: /lib/modules/xhci-hcd.ko: already loaded
[ 50.804072] TRACE: /etc/functions(775): run_at_exit_handlers
[ 50.883143] TRACE: /sbin/insmod(9): main
[ 51.011541] DEBUG: /lib/modules/xhci-pci.ko: already loaded
[ 51.037926] TRACE: /etc/functions(775): run_at_exit_handlers
[ 53.102741] DEBUG: Calling hotp_verification info...
[ 66.760631] DEBUG: lsusb output:
[ 66.813802] DEBUG: Bus 001 Device 001: ID 1d6b:0002
[ 66.827714] Bus 001 Device 003: ID 20a0:42b2
[ 66.844705] Bus 001 Device 002: ID 0627:0001
[ 66.861835] Bus 002 Device 002: ID 46f4:0001
[ 66.879569] Bus 002 Device 001: ID 1d6b:0003
[ 66.897905] !!! ERROR: Unable to find Nitrokey !!!
[ 68.920908] TRACE: /etc/functions(775): run_at_exit_handlers
[ 68.939016] *** WARNING: Sealing HOTP secret failed, retrying... ***
[ 70.013874] TRACE: /bin/seal-hotpkey(23): main
[ 70.064202] DEBUG: Sealing HOTP secret reuses TOTP sealed secret...
[ 70.122601] TRACE: /bin/tpmr(32): main
[ 70.159867] TRACE: /bin/tpmr(552): tpm2_unseal
[ 70.214575] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/hotp.key pass=<empty>
[ 70.341617] TRACE: /etc/functions(760): at_exit
[ 70.692012] TRACE: /etc/functions(775): run_at_exit_handlers
[ 70.727797] DEBUG: Running at_exit handlers
[ 70.747380] TRACE: /bin/tpmr(359): cleanup_session
[ 70.791927] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session
[ 70.879089] TRACE: /bin/seal-hotpkey(12): mount_boot
[ 70.909136] TRACE: Under /etc/ash_functions:enable_usb
[ 70.963389] TRACE: /sbin/insmod(9): main
[ 71.068042] DEBUG: /lib/modules/ehci-hcd.ko: already loaded
[ 71.087814] TRACE: /etc/functions(775): run_at_exit_handlers
[ 71.152797] TRACE: /sbin/insmod(9): main
[ 71.267014] DEBUG: /lib/modules/uhci-hcd.ko: already loaded
[ 71.298836] TRACE: /etc/functions(775): run_at_exit_handlers
[ 71.368778] TRACE: /sbin/insmod(9): main
[ 71.484827] DEBUG: /lib/modules/ohci-hcd.ko: already loaded
[ 71.503420] TRACE: /etc/functions(775): run_at_exit_handlers
[ 71.562868] TRACE: /sbin/insmod(9): main
[ 71.679697] DEBUG: /lib/modules/ohci-pci.ko: already loaded
[ 71.699377] TRACE: /etc/functions(775): run_at_exit_handlers
[ 71.768316] TRACE: /sbin/insmod(9): main
[ 71.879562] DEBUG: /lib/modules/ehci-pci.ko: already loaded
[ 71.901933] TRACE: /etc/functions(775): run_at_exit_handlers
[ 71.972068] TRACE: /sbin/insmod(9): main
[ 72.109290] DEBUG: /lib/modules/xhci-hcd.ko: already loaded
[ 72.133574] TRACE: /etc/functions(775): run_at_exit_handlers
[ 72.216268] TRACE: /sbin/insmod(9): main
[ 72.347377] DEBUG: /lib/modules/xhci-pci.ko: already loaded
[ 72.372708] TRACE: /etc/functions(775): run_at_exit_handlers
[ 74.426071] DEBUG: Calling hotp_verification info...
qemu: libusb_release_interface: -4 [NO_DEVICE]
qemu: libusb_release_interface: -4 [NO_DEVICE]
qemu: libusb_release_interface: -4 [NO_DEVICE]
[ 152.382622] usb 1-3: USB disconnect, device number 3
[ 158.934426] usb 1-3: new full-speed USB device number 4 using xhci_hcd
[ 159.105098] usb 1-3: can't set config #1, error -32
qemu: libusb_release_interface: -4 [NO_DEVICE]
qemu: libusb_release_interface: -4 [NO_DEVICE]
qemu: libusb_release_interface: -4 [NO_DEVICE]
[ 172.398543] usb 1-3: USB disconnect, device number 4
[ 186.946422] usb 1-3: new full-speed USB device number 5 using xhci_hcd
[ 187.116725] usb 1-3: can't set config #1, error -32
[ 208.237898] DEBUG: lsusb output:
[ 208.301994] DEBUG: Bus 001 Device 001: ID 1d6b:0002
[ 208.326056] Bus 001 Device 005: ID 20a0:42b2
[ 208.355420] Bus 001 Device 002: ID 0627:0001
[ 208.375696] Bus 002 Device 002: ID 46f4:0001
[ 208.397097] Bus 002 Device 001: ID 1d6b:0003
[ 208.427472] !!! ERROR: Unable to find Nitrokey !!!
[ 210.466202] TRACE: /etc/functions(775): run_at_exit_handlers
[ 210.545870] TRACE: /bin/seal-hotpkey(23): main
[ 210.607011] DEBUG: Sealing HOTP secret reuses TOTP sealed secret...
[ 210.693980] TRACE: /bin/tpmr(32): main
[ 210.740470] TRACE: /bin/tpmr(552): tpm2_unseal
[ 210.805292] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/hotp.key pass=<empty>
[ 210.955559] TRACE: /etc/functions(760): at_exit
[ 211.351496] TRACE: /etc/functions(775): run_at_exit_handlers
[ 211.396261] DEBUG: Running at_exit handlers
[ 211.423301] TRACE: /bin/tpmr(359): cleanup_session
[ 211.469076] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session
[ 211.579526] TRACE: /bin/seal-hotpkey(12): mount_boot
[ 211.619584] TRACE: Under /etc/ash_functions:enable_usb
[ 211.694911] TRACE: /sbin/insmod(9): main
[ 211.825285] DEBUG: /lib/modules/ehci-hcd.ko: already loaded
[ 211.853500] TRACE: /etc/functions(775): run_at_exit_handlers
[ 211.934986] TRACE: /sbin/insmod(9): main
[ 212.071114] DEBUG: /lib/modules/uhci-hcd.ko: already loaded
[ 212.095768] TRACE: /etc/functions(775): run_at_exit_handlers
[ 212.173821] TRACE: /sbin/insmod(9): main
[ 212.304818] DEBUG: /lib/modules/ohci-hcd.ko: already loaded
[ 212.325127] TRACE: /etc/functions(775): run_at_exit_handlers
[ 212.401442] TRACE: /sbin/insmod(9): main
[ 212.534837] DEBUG: /lib/modules/ohci-pci.ko: already loaded
[ 212.564302] TRACE: /etc/functions(775): run_at_exit_handlers
[ 212.642087] TRACE: /sbin/insmod(9): main
[ 212.776057] DEBUG: /lib/modules/ehci-pci.ko: already loaded
[ 212.800123] TRACE: /etc/functions(775): run_at_exit_handlers
[ 212.868104] TRACE: /sbin/insmod(9): main
[ 212.977634] DEBUG: /lib/modules/xhci-hcd.ko: already loaded
[ 212.994493] TRACE: /etc/functions(775): run_at_exit_handlers
[ 213.069992] TRACE: /sbin/insmod(9): main
[ 213.171689] DEBUG: /lib/modules/xhci-pci.ko: already loaded
[ 213.196175] TRACE: /etc/functions(775): run_at_exit_handlers
[ 215.243788] DEBUG: Calling hotp_verification info...
qemu: terminating on signal 2
Anaysis on next comment.
Past comment is on qemu-coreboot-fbwhiptail-tpm2-hotp, which as we know, loads usb related kernel modules early at boot since USB kernel modules are needed to have USB dongle do HOTP ops.
So the previous output is under Q4.2.1 latest, requiring USB dongle to be passed from sys-usb to testing qube from QubesOS USB widget.
[ 53.102741] DEBUG: Calling hotp_verification info...
[ 66.760631] DEBUG: lsusb output:
[ 66.813802] DEBUG: Bus 001 Device 001: ID 1d6b:0002
[ 66.827714] Bus 001 Device 003: ID 20a0:42b2
[ 66.844705] Bus 001 Device 002: ID 0627:0001
[ 66.861835] Bus 002 Device 002: ID 46f4:0001
[ 66.879569] Bus 002 Device 001: ID 1d6b:0003
[ 66.897905] !!! ERROR: Unable to find Nitrokey !!!
To cause this, last commit was signed from qube having the USB dongle attached. This measn gpg2+scdaemon ops having succeeded. Then we launch qemu through make call, passing NK3-NFC VID to qemu as passthrough. Which qemu gets correctly, as shown from above excerpt when hotp_verification info fails.
This PR modifies master logic so we loop trying to call seal-hotp, since we have an HOTP enabled board, and a dev cycle requires to reseal TOTP+HOTP to attest firmware state prior of using it, simulating an internal flashing which invalidates TPM sealed attestation measurements which needs to be synced with HOTP dongle again, since unseal-totp op, required to be successful for unseal-hotp (same secret) failed. Normal.
What is not normal is in the excerpt above.
lsusb sees VID [ 66.827714] Bus 001 Device 003: ID 20a0:42b2 and should be able to use it.
Ok. let's remove it from qube, passing it back to sys-usb without physcally disconnecting it. That led to
[ 72.372708] TRACE: /etc/functions(775): run_at_exit_handlers
[ 74.426071] DEBUG: Calling hotp_verification info...
qemu: libusb_release_interface: -4 [NO_DEVICE]
qemu: libusb_release_interface: -4 [NO_DEVICE]
qemu: libusb_release_interface: -4 [NO_DEVICE]
[ 152.382622] usb 1-3: USB disconnect, device number 3
[ 158.934426] usb 1-3: new full-speed USB device number 4 using xhci_hcd
[ 159.105098] usb 1-3: can't set config #1, error -32
No point retrying hotp_verification here, we know that the kernel is not able to talk with the device. Fine, let's physically remove+reinsert the USB dongle from/to physical computer, pass it from sys-usb to testing qube where qemu is supposed to take it from there. That led to
[ 158.934426] usb 1-3: new full-speed USB device number 4 using xhci_hcd
[ 159.105098] usb 1-3: can't set config #1, error -32
qemu: libusb_release_interface: -4 [NO_DEVICE]
qemu: libusb_release_interface: -4 [NO_DEVICE]
qemu: libusb_release_interface: -4 [NO_DEVICE]
[ 172.398543] usb 1-3: USB disconnect, device number 4
[ 186.946422] usb 1-3: new full-speed USB device number 5 using xhci_hcd
[ 187.116725] usb 1-3: can't set config #1, error -32
[ 208.237898] DEBUG: lsusb output:
[ 208.301994] DEBUG: Bus 001 Device 001: ID 1d6b:0002
[ 208.326056] Bus 001 Device 005: ID 20a0:42b2
[ 208.355420] Bus 001 Device 002: ID 0627:0001
[ 208.375696] Bus 002 Device 002: ID 46f4:0001
[ 208.397097] Bus 002 Device 001: ID 1d6b:0003
[ 208.427472] !!! ERROR: Unable to find Nitrokey !!!
So not really possible as of now to straightly develop with a physical USB Security dongle today without having to shutdown qube, sys-usb, then sometimes be lucky, sometimes not without restarting whole physical machine. This is why https://github.com/linuxboot/heads/issues/1207 is so important to me, not ever having been able to diagnose this nor have a fix permitting a clean development cycle without having to reboot vms and sometimes (too often) the whole physical laptop when testing things
Next comment: testing re-ownership with DEBUG+TRACE enabled in config settings with current PR state to see the output there. Debug traces conveniently left under /tmp/debug.txt to replicate when following rabbits in rabbit holes like this.
@tlaurion @daringer NS70 (which is the same board as the ns50) tests : ✔️ heads upgrade to this zip ✔️ OEM factory reset ✔️ reset TPM ✔️ refresh TOTP/HOTP ❌ network-init-recovery (no internet interface detected) (Ethernet cable connected)
@alexgithublab not sure what this means. The instructions on screen have been followed? Connect phone when requested (phone in host mode needs to detect data not just power, requiring heads tethering drivers to be loaded prior of phone possibly permitting to activate USB network tethering, and then heads setups tethering against phone). If not, the behavior you see is normal?
Different behavior then nv41?
@tlaurion
I'm using a Pixel 5 with GrapheneOS and I'm not able to get tethering network working on heads. Hotspot is turn on the phone and I tried to only connect it and then do network-init-recovery and I also tried to enable the USB network sharing but the result is the same. Otherwise the script behavior is okay.
So only relevant changes under https://github.com/linuxboot/heads/compare/521c0b039ea95c9133566944d2e4bc29a9772507..16f1d07867ddca9a5feee1f9541e2a7cc52d3b4a outside of rebasing on master and removing irrelevant changes here:
- shared linux config being exactly the same as librems now, good or bad to be determined
- coreboot config changed to match as close as possible librem_11 here which is also GOP GB driven.
OP and comments here to be hidden/review resolved since splitted under #1642 and merged in master yesterday to ease debugging forward.
@tlaurion @daringer NS70 (which is the same board as the ns50) tests : ✔️ heads upgrade to this zip ✔️ OEM factory reset ✔️ reset TPM ✔️ refresh TOTP/HOTP ❌ network-init-recovery (no internet interface detected) (Ethernet cable connected)
@alexgithublab not sure what this means. The instructions on screen have been followed? Connect phone when requested (phone in host mode needs to detect data not just power, requiring heads tethering drivers to be loaded prior of phone possibly permitting to activate USB network tethering, and then heads setups tethering against phone). If not, the behavior you see is normal?
Different behavior then nv41?
@tlaurion
I'm using a Pixel 5 with GrapheneOS and I'm not able to get tethering network working on heads. Hotspot is turn on the phone and I tried to only connect it and then do network-init-recovery and I also tried to enable the USB network sharing but the result is the same. Otherwise the script behavior is okay.
What this unfortunately means for the Pixel 5, which is EOL from Google but in extended support under GrapheneOS, is as said in the warning when enabling tethering, that RNDIS (Microsoft tethering technology) enables tethering on those phones, not CDC. If CDC was enabling tethering, then tethering would work following on screen instructions there. RNDIS is not supported.
I tested on Pixel 4a 5G and Pixel 6a, which both supports CDC tethering, and where, generally, USB-C snapdragon platform based SoC phones will support CDC for tethering. Unfortunately, there is not really good documentation on which phone supports CDC for tethering, so it's trial and error, where laptops having an Ethernet port can fallback to it to have on-demand connectivity. I also gathered a quick table under
https://github.com/linuxboot/heads/pull/1384#issuecomment-1957597727
I will open an issue on documenting tethering support to track this better. This is also one of the reason why it's not currently enabled through GUI and hidden down from launching a script, to easy time synchronisation mostly, for the moment
Tldr: the phones currently in Nitrokey shop (3a+ = Pixel 6+) should work. Librem phones work. For other LineageOS phones, experience will vary depending on what tethering technology is enforced. For Replicant, I highly doubt anything other then RNDIS is supported there, which heads won't include for discussed reasons (including security implications) on merged PR. We could add RNDIS support if there is push for it, but it would come with a big fat warning.
iPhones won't be supported since support requires additional proprietary tooling and extended kernel modules as well which older devices won't have space for.
Originally posted by @tlaurion in https://github.com/linuxboot/heads/pull/1640#issuecomment-2067730776
@tlaurion Just tested the tethering with a pixel 6a on a NS70 (NS50 board) and it worked so yes I think you're right about CDC is not supported on pixel 5.
@alexgithublab @daringer : no regression here? I can merge? @daringer can you approve?
I think https://github.com/linuxboot/heads/issues/1641#issuecomment-2074610194 should be considered independently for PR, we need stop mixing everything together preventing quick merges of PR.
Putting in draft since I'm reviewing changes against defconfigs (coreboot) and need confirmation on values there prior of things to be physically tested.
@daringer
- [x] nv41: flashed https://github.com/linuxboot/heads/pull/1640/commits/22373f76b43dddefe45aa923465224a9ac91b3d0 , resealed TOTP/HOTP, DUK renewed: booted under latest Q4.2.1
@daringer @alexgithublab @JonathonHall-Purism ready for final review (and test on ns50 which I don't have)
@JonathonHall-Purism commits touch librems but final files changes not relevant/not touching them.
@alexgithublab @daringer see commit messages. I made those steps reproducible so that you can learn how to use current helpers properly to see changes. The master coreboot configurations were outdated and relevant to an older coreboot version, which makes it really difficult to understand which coreboot options are impacting or not something.
As a reminder defconfig permits to check changes against default config options relevant to a certain coreboot version. This commit shows differences in defconfig format https://github.com/linuxboot/heads/pull/1640/commits/4de67821de239896d76d6fc0c6f8ec69e0ad8705
After that, latest commit puts those configs back to oldconfig format which permits to compare boards against each other. Please review my own review's comments and validate that everything is kosher for you, interacting upstream if needed.
@alexgithublab nothing really to report that could explain #1641 without providing logs there as requested.
I think we should merge this ASAP.
Looks good to me, will let the NK folks give the approval since they are most familiar with these boards :+1:
@daringer @alexgithublab it is to be noted that the bug related to #1641 might already have resolved itself if coreboot version and configs were bumped to latest dasaharo+heads 1.7.2 novacustom coreboot release where of course, there is no dasharo+heads release for the ns50, leading to more low level work required on your side to make it working.
Changes since https://github.com/linuxboot/heads/blob/b2629f8d4d16245c553478916b01f09dfa754dbf/modules/coreboot#L94
The dasharo+heads referred commit vs Heads used coreboot commit (more then 2 months of features + bugfixes there between Heads used coreboot commit and upstream which I have not skimmed through): https://github.com/Dasharo/coreboot/compare/1bcb338682b612cfcca8bba02846f78139b2e0c8..3a9aa3a4692f3dd49732f5b4e3ec54be385f0969
@daringer @alexgithublab : I would of course recommend staying as close as possible from Novacustom's coreboot fork's commit to not duplicate downstream work (heads and nitrokey releases based forks related issues) related to firmware related bugs that may already be fixed or not, and collaborate upstream there.
Heads uses coreboot and is not coreboot. I do not have the resources to debug things there, that is why 3mdeb are coreboot developers and provide dasharo subscription, and why I am not pretending to be a coreboot developer myself.
Alternate testing branch at https://github.com/tlaurion/heads/tree/nitrokey_board_unification_clean-enable_htop_validated_autoboot-novacustom_coreboot_version_bump
Note that both branches add board's config "KERNEL_ADD='debug'" so that more output can be provided from OS boot to help troubleshoot #1641. Great, required GPU blobs are now present under initramfs, but why they are not loaded is still not explainable.
@daringer @alexgithublab both this PR and attempted novacustom's dasharo+head 1.7.2 pointed commit in their release is testable now.
If Ubuntu was installed with firmware blobs, please test and report here results.
Note that the initramfs content not lib directory content from installer should be reported, just like @nestire report above.
@daringer cc
@daringer @alex-nitrokey tested on nv41 with b65e8bf
- [x] HOTP autoboot
- [x] tethering
We should try to reduce delays between PR and merge since upstream is used in forks...
@daringer please approve.
Bumping to newer version of coreboot will happen in other PR. As said https://github.com/linuxboot/heads/pull/1640#issuecomment-2079794121 another branch was made to ease your porting. Seal commits, adapt, and do PR in draft mode so we can iterate. This pr is about making board configuration as clean as possible, making current coreboot oldconfig files coherent to present version used and add tetheting and hotp autoboot in board configs and tethering requirements under shared linux config, based on librems, where librem 11 FB is GOP enabled.
Only thing here to evaluated if goal of this PR is now mixed with #1641 being fixed would be to check librem11 config against ns50/nv41. I would appreciate collaboration here or under Matrix to make things fixed upstream as fast as possible, more for nv41 since otherwise double work for me with novacustom bug reports and support. Let's improve collaboration.
This takes way too long without justifcations. Using my maintainer veto and merging. Hope I will never have to do this again.