Is it possible to get a Qubes point release either 3.2.1 or 4.0.1 with xen-4.9.2 ?
116 views
Skip to first unread message
Aaron Gray
Oct 6, 2018, 12:13:08 AM10/6/18
to qubes-devel
I am trying to get Qubes to support any of my Z77 or Z270 Intel chipset machines.
They need IOMMU support for ports 0x80 and above.
https://githubcom/QubesOS/qubes-issues/issues/4309
xen-4.9.2 supports this.
Regards,
Aaron Gray
Marek Marczykowski-Górecki
Oct 6, 2018, 12:22:04 AM10/6/18
to Aaron Gray, qubes-devel
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
No, we don't do major Xen upgrades as part of point release.
The patch look quite complex, but maybe it would be possible to backport
it to Xen 4.8 anyway. I need to look at it again.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlu4OGgACgkQ24/THMrX
1ywKPgf9HNXxhnocmq72M6TBXWJcD0IeYp7VqWFzLr/vpo9T9m/Jr/tABEUPIdOv
uz3fT7q3rmjLBvYz3CmyIwJIoFmS7dseQu8mN/+r8MfkZx20DAL9m6cjQr9naC+5
y5nQSAYSHOwinKCvEvf1+5QambGJmqB9tUJSiAmUluSzWDXFjmaCZUo6kRIhI77z
C86/YDKbLGM4TArkhXKzBRJAr2Yl/vfxMa+7F7MHtEeww03dvJxMCWE7xxvUHs0Q
4kzSToebYN//DgNPktrlHSizrCrqbcfAEaxJ0DmKNV0aCApPUv1UUMatjIZuQSvK
4vY+MNNRQh5qVHOifkVU5nWiKKozxA==
=9st5
-----END PGP SIGNATURE-----
Hash: SHA256
The patch look quite complex, but maybe it would be possible to backport
it to Xen 4.8 anyway. I need to look at it again.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlu4OGgACgkQ24/THMrX
1ywKPgf9HNXxhnocmq72M6TBXWJcD0IeYp7VqWFzLr/vpo9T9m/Jr/tABEUPIdOv
uz3fT7q3rmjLBvYz3CmyIwJIoFmS7dseQu8mN/+r8MfkZx20DAL9m6cjQr9naC+5
y5nQSAYSHOwinKCvEvf1+5QambGJmqB9tUJSiAmUluSzWDXFjmaCZUo6kRIhI77z
C86/YDKbLGM4TArkhXKzBRJAr2Yl/vfxMa+7F7MHtEeww03dvJxMCWE7xxvUHs0Q
4kzSToebYN//DgNPktrlHSizrCrqbcfAEaxJ0DmKNV0aCApPUv1UUMatjIZuQSvK
4vY+MNNRQh5qVHOifkVU5nWiKKozxA==
=9st5
-----END PGP SIGNATURE-----
qubenix
Oct 6, 2018, 1:04:10 AM10/6/18
to Marek Marczykowski-Górecki, Aaron Gray, qubes-devel
Marek Marczykowski-Górecki:
for a friend that has a Threadripper 2950x and Taichi X399 board. The
steps I used are documented here:
https://groups.google.com/d/topic/qubes-users/gv6q1ZSGOm4/discussion.
Maybe I did something wrong, but my iso built without error.
Installation worked without issue, but IOMMU and remapping were still
not available.
--
qubenix
PGP: 96096E4CA0870F1C5BAF7DD909D159E1241F9C54
OTR: qub...@chat.freenode.net
OTR: DFD1DA35 D74E775B 3E3DADB1 226282EE FB711765
> On Fri, Oct 05, 2018 at 09:13:07PM -0700, Aaron Gray wrote:
>> I am trying to get Qubes to support any of my Z77 or Z270 Intel
>> chipset machines.
>
>> They need IOMMU support for ports 0x80 and above.
>
>> https://github.com/QubesOS/qubes-issues/issues/4309
>> I am trying to get Qubes to support any of my Z77 or Z270 Intel
>> chipset machines.
>
>> They need IOMMU support for ports 0x80 and above.
>
>
>> xen-4.9.2 supports this.
>
> No, we don't do major Xen upgrades as part of point release.
>
> The patch look quite complex, but maybe it would be possible to
> backport it to Xen 4.8 anyway. I need to look at it again.
>
>
>
FWIW, I built a Qubes iso including the patch mentioned in issue #4309
>> xen-4.9.2 supports this.
>
> No, we don't do major Xen upgrades as part of point release.
>
> The patch look quite complex, but maybe it would be possible to
> backport it to Xen 4.8 anyway. I need to look at it again.
>
>
>
for a friend that has a Threadripper 2950x and Taichi X399 board. The
steps I used are documented here:
https://groups.google.com/d/topic/qubes-users/gv6q1ZSGOm4/discussion.
Maybe I did something wrong, but my iso built without error.
Installation worked without issue, but IOMMU and remapping were still
not available.
--
qubenix
PGP: 96096E4CA0870F1C5BAF7DD909D159E1241F9C54
OTR: qub...@chat.freenode.net
OTR: DFD1DA35 D74E775B 3E3DADB1 226282EE FB711765
Aaron Gray
Oct 6, 2018, 10:41:15 AM10/6/18
to qub...@riseup.net, Marek Marczykowski-Górecki, qubes...@googlegroups.com
On Sat, 6 Oct 2018 at 06:04, qubenix <qub...@riseup.net> wrote:
Marek Marczykowski-Górecki:
> On Fri, Oct 05, 2018 at 09:13:07PM -0700, Aaron Gray wrote:
>> I am trying to get Qubes to support any of my Z77 or Z270 Intel
>> chipset machines.
>
>> They need IOMMU support for ports 0x80 and above.
>
>> https://github.com/QubesOS/qubes-issues/issues/4309
>
>> xen-4.9.2 supports this.
>
> No, we don't do major Xen upgrades as part of point release.
>
> The patch look quite complex, but maybe it would be possible to
> backport it to Xen 4.8 anyway. I need to look at it again.
>
>
>
FWIW, I built a Qubes iso including the patch mentioned in issue #4309
for a friend that has a Threadripper 2950x and Taichi X399 board. The
steps I used are documented here:
https://groups.google.com/d/topic/qubes-users/gv6q1ZSGOm4/discussion.
Maybe I did something wrong, but my iso built without error.
Installation worked without issue, but IOMMU and remapping were still
not available.
@qubenix - I think patch is for the Xen package proper not qubes-vmm-xen.
Marek - I am trying to work out how to add in the later xen-4.9.2 RPM from another repo and am nearing GNU Makefile insanity with your build system. I don't really like Gnu Make.
Can I just use :-
/tmp/qubes-packages-minor-repo
And put the repo in there as would be suggested by :-
Aaron
Marek Marczykowski-Górecki
Oct 6, 2018, 11:02:22 AM10/6/18
to Aaron Gray, qub...@riseup.net, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hash: SHA256
On Sat, Oct 06, 2018 at 03:41:01PM +0100, Aaron Gray wrote:
> On Sat, 6 Oct 2018 at 06:04, qubenix <qub...@riseup.net> wrote:
>
> > Marek Marczykowski-Górecki:
> > > On Fri, Oct 05, 2018 at 09:13:07PM -0700, Aaron Gray wrote:
> > >> I am trying to get Qubes to support any of my Z77 or Z270 Intel
> > >> chipset machines.
> > >
> > >> They need IOMMU support for ports 0x80 and above.
> > >
> > >> https://github.com/QubesOS/qubes-issues/issues/4309
> > >
> > >> xen-4.9.2 supports this.
> > >
> > > No, we don't do major Xen upgrades as part of point release.
> > >
> > > The patch look quite complex, but maybe it would be possible to
> > > backport it to Xen 4.8 anyway. I need to look at it again.
> > >
> > >
> > >
> > FWIW, I built a Qubes iso including the patch mentioned in issue #4309
> > for a friend that has a Threadripper 2950x and Taichi X399 board. The
> > steps I used are documented here:
> > https://groups.google.com/d/topic/qubes-users/gv6q1ZSGOm4/discussion.
> >
> > Maybe I did something wrong, but my iso built without error.
> > Installation worked without issue, but IOMMU and remapping were still
> > not available.
> >
>
> @qubenix - I think patch is for the Xen package proper not qubes-vmm-xen.
Xen packages are build in qubes-vmm-xen.
> On Sat, 6 Oct 2018 at 06:04, qubenix <qub...@riseup.net> wrote:
>
> > Marek Marczykowski-Górecki:
> > > On Fri, Oct 05, 2018 at 09:13:07PM -0700, Aaron Gray wrote:
> > >> I am trying to get Qubes to support any of my Z77 or Z270 Intel
> > >> chipset machines.
> > >
> > >> They need IOMMU support for ports 0x80 and above.
> > >
> > >> https://github.com/QubesOS/qubes-issues/issues/4309
> > >
> > >> xen-4.9.2 supports this.
> > >
> > > No, we don't do major Xen upgrades as part of point release.
> > >
> > > The patch look quite complex, but maybe it would be possible to
> > > backport it to Xen 4.8 anyway. I need to look at it again.
> > >
> > >
> > >
> > FWIW, I built a Qubes iso including the patch mentioned in issue #4309
> > for a friend that has a Threadripper 2950x and Taichi X399 board. The
> > steps I used are documented here:
> > https://groups.google.com/d/topic/qubes-users/gv6q1ZSGOm4/discussion.
> >
> > Maybe I did something wrong, but my iso built without error.
> > Installation worked without issue, but IOMMU and remapping were still
> > not available.
> >
>
> @qubenix - I think patch is for the Xen package proper not qubes-vmm-xen.
> Marek - I am trying to work out how to add in the later xen-4.9.2 RPM from
> another repo and am nearing GNU Makefile insanity with your build system. I
> don't really like Gnu Make.
>
> Can I just use :-
>
> /tmp/qubes-packages-minor-repo
>
> And put the repo in there as would be suggested by :-
>
>
> https://github.com/QubesOS/qubes-builder-rpm/blob/master/repos/builder-local.repo
extra patches over upstream Xen, without them you probably won't be able
to boot any VM. But then, if you update Xen from 4.8.x to 4.9.x, you
need to rebuild other packages to link with new version.
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
1yxsIgf/aZVbxY7rEROs6U0h2cDLPlopHRCkKxtYp2IeVliIh6Venp6j2zpHJ22L
dIbLvB2SNKLv1ZeZ0wIdagg8587KJcs7xfvl9R6G5tPAHSJVvbB9I7fNUkz0l8DK
IUxpkAfQH7hGS3riuRlWDkkFdTa7N4nSJDFdrArN95NvK12khFaMsepnvu5o6bzR
Syg1kCEYfK671EtyOT077VYQLPNsnzJE0UL9Dhh7NtoWAGLgsjmXSE6bfWZ0WKhU
lYgi/JKXsHoJj7GqNiGwJMv+KDtGjV5d+8dMJmdV8+ihIfHnl39XF7/i995shusv
YbZ1XtUTp6HDCdHT4QW3ScnyJx2Jjg==
=AKqG
-----END PGP SIGNATURE-----
Aaron Gray
Oct 6, 2018, 11:41:38 AM10/6/18
to Marek Marczykowski-Górecki, qub...@riseup.net, qubes...@googlegroups.com
Marek,
Timewise how long am I looking at to wait for 4.1 alpha to be released with the xen patche(s) or xen updated to 4.9 ?
In parallel can I rely on you for some level of support if I try and do the 4.9 update to 4.0 myself ?
Regards,
Aaron
Marek Marczykowski-Górecki
Oct 6, 2018, 12:15:36 PM10/6/18
to Aaron Gray, qub...@riseup.net, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hash: SHA256
expect installable alpha builds before December, or even January.
> In parallel can I rely on you for some level of support if I try and do the
> 4.9 update to 4.0 myself ?
patch and see if that works. It's here, totally untested (not even build tested):
https://github.com/marmarek/qubes-vmm-xen/tree/xen-4.8-amd-iommu
You can try building this, by adding to your builder.conf:
GIT_URL_vmm_xen = https://github.com/marmarek/qubes-vmm-xen
BRANCH_vmm_xen = xen-4.8-amd-iommu
Then:
make get-sources
make vmm-xen # or `make qubes` if you didn't build other components before
make iso
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
1yzqTwf+LJQeq9KLLuGeAs7jF6lDF6BH8+UBVDYCyC5cqyKII7KEFDy8Hu8xKwYE
uVgQFi+nMnkGV4xEhrKp+aE1B+ezYE729V29P9+fjv6xMJczfTzcq9V57EraRoXf
M5Ul0M/Ey/oJjyRL4REmcKUiXc6I0cdAHhTKSdDlMnBZD0N40xs++1nfvJB/kK84
FTRWifsZLJhNrUUBV9dvVPUIHsLi7n10hdBC7cQHqqK56Im2HQgreg6XizOp8EoY
cBWJ5ZL1dZOGBMblxz1EuXjWzaoTb+Q+TcbxqkubSCzQmBLC9zDZfEFfuP2eKxDS
DmKfKQbK4lfO/tvxOje1aJY51YQ8pA==
=kQei
-----END PGP SIGNATURE-----
Aaron Gray
Oct 6, 2018, 12:29:56 PM10/6/18
to Marek Marczykowski-Górecki, qub...@riseup.net, qubes...@googlegroups.com
Great thanks I will try that. Qubenix did say he had tried it but I will double check on my hardware which is Z270 chipset based.
I am not familiar with xen but I used to be an embeeded systems programmer and learned C back in 1981. Also learned 8086 machine code around that time. Last thing systems wise I did in the year 2000 which was getting in and out of 80386 protected mode :)
Regards,
Aaron
Marek Marczykowski-Górecki
Oct 6, 2018, 12:46:36 PM10/6/18
to Aaron Gray, qub...@riseup.net, qubes...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hash: SHA256
something more is needed:
https://github.com/marmarek/qubes-vmm-xen/commit/3f284833914c76bb59306b5f19f44d237d20d275
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----
1yyl/QgAiRtCEdLlsyhfS6DihfWbmybX2XyG6mhFxWuyhpbKCA57FvttZeXEVoVK
lRv9gLJ65Sp9O++CRVMzicBGrPP19wKBUs04jbhwi7tkQu7ZesZFeqxm0i026hfh
yP1cVLW4affDapovoEr/Tn6JYT+hYIklwkm2L6aY3xKdE8/d3Pna9gP7DXha6zbv
LYAOU3Btwt0b0WWpOKvRWF6WVp0TZYOi88qOY/qEUts0mpIvhm9ZpL9i04RRM0re
uSvDqqPDFhnEnPmUUEpfHOt0ri90+JQUmhzxeqd75HXY1jHY9mgHaeRozb3p4SeZ
hSuOPd4o2XmzOPo0XuseP62kJjtMVQ==
=CQ26
-----END PGP SIGNATURE-----
Aaron Gray
Oct 6, 2018, 5:11:50 PM10/6/18
to Marek Marczykowski-Górecki, qub...@riseup.net, qubes...@googlegroups.com
No go on the xen-4.8-amd-iommu
or the xen-4.9-devel which was to be expected.
I am going to try and get Xen running on Fedora on these machines.
Aaron Gray
Independent Open Source Software Engineer, Computer Language Researcher, Information Theorist, and amateur computer scientist.
Aaron Gray
Oct 6, 2018, 7:16:38 PM10/6/18
to Marek Marczykowski-Górecki, qub...@riseup.net, qubes...@googlegroups.com
On Sat, 6 Oct 2018 at 22:11, Aaron Gray <aaron...@gmail.com> wrote:
Hi Marek,No go on the xen-4.8-amd-iommuor the xen-4.9-devel which was to be expected.I am going to try and get Xen running on Fedora on these machines.
Marek,
A quick test of Xen with little preparation in the way of reading documentation for my motherboard fails with Fedora 28 server.
Aaron
Reply all
Reply to author
Forward
0 new messages