2021-11-09 14:53:57	--	Logging to python.follow.irc.libera.#linux.EMT64
2021-11-09 14:53:57	NOTICE	 nick add ['matthewcroughan_']
2021-11-09 13:51:10	matthewcroughan_	I have an old HP netbook which has an intel n2600. The BIOS lies about the capabilities of the chip and states that long mode is not supported. How can I work around this in Linux? Can I make a modification to arch/x86/boot/cpu.c ?
2021-11-09 13:52:01	Dagmar	matthewcroughan_: Generally you can't.
2021-11-09 13:52:19	matthewcroughan_	Dagmar: Funny enough, it boots in Long Mode if I use Netboot.xyz
2021-11-09 13:52:34	matthewcroughan_	Netboot.xyz uses syslinux, I'm not sure about other details, but it successfully manages to boot into various OS without this issue
2021-11-09 13:52:56	matthewcroughan_	Do you have any idea why it would allow that?
2021-11-09 13:59:22	matthewcroughan_	Dagmar: The intel n2600 is a 64 bit cpu.
2021-11-09 13:59:44	matthewcroughan_	Any OS booted from a USB stick results in the error on Line 81 of arch/x86/boot/cpu.c
2021-11-09 14:00:03	matthewcroughan_	However, if I use netboot.xyz, it succeeds in booting any distribution in long mode, aka 64 bit.
2021-11-09 14:00:11	TJ-	matthewcroughan_: what boot loader is on those USB sticks?
2021-11-09 14:00:23	matthewcroughan_	It doesn't seem to matter even if I use alpine linux (extlinux)
2021-11-09 14:00:38	matthewcroughan_	My only real options are extlinux or grub, since it's legacy boot
2021-11-09 14:00:55	TJ-	matthewcroughan_: I mean, is it GRUB, or syslinux, or something else. If it is booting in BIOS mode it'll usually  be syslinux on hybrid installer ISOs
2021-11-09 14:00:57	matthewcroughan_	but netboot.xyz uses its own custom bootloader I think
2021-11-09 14:02:06	matthewcroughan_	Dagmar: Netboot.xyz skips the bootloader and executes the kernel directly.
2021-11-09 14:02:22	matthewcroughan_	https://netboot.xyz/docs/faq/#how-does-this-work
2021-11-09 14:02:34	matthewcroughan_	Something about iPXE, this is stuff I am very unfamiliar with. I just thought I could find some help with the topic here.
2021-11-09 14:03:24	matthewcroughan_	Either way. Netboot.xyz gives you the ability to boot things like arch/ubuntu/nixos/alpine directly from a PXE menu. Doing this skips the bootloader those distributions would usually ship with, and just boots the kernel with the correct filesystem for that distribution.
2021-11-09 14:03:59	matthewcroughan_	However netboot.xyz works, seems to allow Linux to boot on the intel n2600 despite the BIOS lying about its capabilities.
2021-11-09 14:04:28	matthewcroughan_	Alpine, Arch, NixOS, Ubuntu
2021-11-09 14:04:37	matthewcroughan_	Though Alpine/Ubuntu/Arch boots just fine in netboot.xyz
2021-11-09 14:05:10	matthewcroughan_	I'm convinced for sure that the bootloader has something to do with it, but I have no idea what could be happening, because I'm not experienced enough to know.
2021-11-09 14:05:27	TJ-	matthewcroughan_: what's the make/model of PC here?
2021-11-09 14:05:48	matthewcroughan_	TJ-: hp mini 110-4100
2021-11-09 14:06:18	matthewcroughan_	They were all being booted in Legacy, not attempting EFI, at least I wouldn't assume that from the way Grub decided to display the graphics on NixOS.
2021-11-09 14:06:36	matthewcroughan_	NixOS has different graphics for grub depending on EFI vs Legacy, the legacy graphics were being displayed in that case.
2021-11-09 14:08:34	TJ-	matthewcroughan_: so the crux of the problem is that HP firmware locks out EMT-64 mode 
2021-11-09 14:09:07	matthewcroughan_	So how can it be that I'm able to circumvent this by using Netboot.xyz's iPXE to boot the kernel directly?
2021-11-09 14:09:08	TJ-	matthewcroughan_: but something netboot.xyz does, either in iPXE or later, somehow works around that and can boot a 64-bit kernel?
2021-11-09 14:09:17	matthewcroughan_	yes
2021-11-09 14:09:21	matthewcroughan_	that seems to be the case exactly
2021-11-09 14:09:34	TJ-	matthewcroughan_: you're sure the netboot case does start a 64-bit kernel? (I'm sure you're sure but need to ask!)
2021-11-09 14:10:04	matthewcroughan_	Yes, if I cat /proc/cpuinfo it reports that it is indeed booted in 64 bit mode
2021-11-09 14:10:11	TJ-	matthewcroughan_: so the other option is to hack the HP's firmware so it isn't writing MSR 0x122 
2021-11-09 14:11:45	TJ-	matthewcroughan_: OK, so lets take a specific case. netboot.xyz > Ubuntu - from a brief reading the docs say they modify the installer scripts in some cases, but this would need to be fixed way before that, and I cannot think netboot.xyz has a quirk for your specific HP mini, which infers there's something in its iPXE code 
2021-11-09 14:12:12	TJ-	matthewcroughan_: just to be sure - that HP mini will boot in 64-bit mode if you put netboot.xyz on a USB?
2021-11-09 14:13:27	matthewcroughan_	TJ-: I will check for you. Currently it is booted from a pihole running tftp and serving netboot.xyz.xkpe
2021-11-09 14:14:01	TJ-	matthewcroughan_: right - because I'm wondering if that HP mini's PXE boot code is the thing enabling EMT-64 mode 
2021-11-09 14:14:54	TJ-	matthewcroughan_: I'm reading the forums about needing to 'hack' that firmware to stop it locking the CPU to 32-bit mode with MSR 0x122 so maybe in the PXE boot case that code path doesn't get followed and the CPU remains in EMT64 
2021-11-09 14:16:12	TJ-	matthewcroughan_: I had to hack the nvram of Sony Vaio back around 2007 to undo a similar MSR lock-out (in that case disabling VT-x virtualisation on Vaio VGN-41 I think it was)
2021-11-09 14:18:41	matthewcroughan_	TJ-: Is there no possible fix that could be made to the kernel?
2021-11-09 14:19:43	matthewcroughan_	Could we not make `bullshido.h` which is a lookup table for these motherboards which have known incorrect behavior, that could ignore the CPU check in arch/x86/boot/cpu.c ?
2021-11-09 14:20:06	TJ-	matthewcroughan_: no, MSR instructions are CPU-level configuration and what usually happens is once they've been set the firmware also sets the MSR lock so they cannot be changed. That's why I'm guessing the PXE boot code is not setting MSR 0x122 == 3 (which locks the CPU to 32-bit mode)
2021-11-09 14:20:07	matthewcroughan_	There are a lot of laptops that are like this, and I think it'd be a nice addition, can anyone tell me why this is the wrong approach?
2021-11-09 14:23:13	TJ-	matthewcroughan_: if the CPU's MSRs have been locked by firmware they cann't be changed until a reset
2021-11-09 14:24:38	matthewcroughan_	TJ-: That seems to be exactly the case. Booting netboot.xyz from USB causes the MSR to be set.
2021-11-09 14:24:51	matthewcroughan_	In fact, netboot.xyz halts the CPU after I get some serial, in this method.
2021-11-09 14:26:24	TJ-	matthewcroughan_: there is one small chance; the MSR lock has 3 values. Off, On but can be turned Off, and On until power reset. Usually it is the latter (=3) but if you were lucky and it was 2 you could add a small bit of machine code to change it to 0 -- highly unlikely that door has been left open though, else someone would have found that by now
2021-11-09 14:27:02	matthewcroughan_	TJ-: how would I execute that machine code?
2021-11-09 14:27:09	matthewcroughan_	I'm definitely in the class of "noob".
2021-11-09 14:27:36	TJ-	matthewcroughan_: with great difficulty!
2021-11-09 14:27:46	matthewcroughan_	Would it be in the kernel?
2021-11-09 14:27:52	matthewcroughan_	Or would it be in grub, for example?
2021-11-09 14:27:56	TJ-	matthewcroughan_: I'm re-reading my notes from ~2007 on what I did on that Vaio. Just found this "Note: I have another project going that will provide a software utility to enable the VMX virtualisation extensions in Intel Core 2 Duo CPUs without needing to hack the BIOS. "
2021-11-09 14:29:14	TJ-	matthewcroughan_: so I think MSR 0x3A is the Intel CPU lock 
2021-11-09 14:31:02	matthewcroughan_	TJ-: So if I boot Linux in 64 bit, can I mess with MSR 0x122 from the OS?
2021-11-09 14:31:14	matthewcroughan_	Do you think I can cause the CPU to crash/halt by doing that, to prove it's manipulable?
2021-11-09 14:32:31	TJ-	matthewcroughan_: re booted in 64-bit mode. You could use the Linux MSR tools to dump the current values so we could get an idea... with the PXE boot it may not be locking 0x3A
2021-11-09 14:33:20	matthewcroughan_	TJ-: could I not just ignore the longmode check in arch/x86/boot/cpu.c L81, based on some other identifying information like the vendor's bios strings, or some other thing?
2021-11-09 14:34:02	TJ-	matthewcroughan_: no, of course not
2021-11-09 14:34:34	TJ-	matthewcroughan_: if the firmware locks the CPU in 32-bit mode, then a 64-bit kernel cannot operate
2021-11-09 14:35:38	TJ-	matthewcroughan_: with your PXE boot is it starting Debian or Ubuntu? if so, do "sudo apt install msr-tools" then "sudo modprobe msr" and "sudo rdmsr 0x3a" and tell us the value
2021-11-09 14:44:20	TJ-	matthewcroughan_: I've found the Intel docs. See page 20 and 21 "IA32_FEATURE_CONTROL" for MSR 0x3a  https://www.intel.com/content/www/us/en/develop/download/intel-64-and-ia-32-architectures-software-developers-manual-volume-4-model-specific-registers.html
2021-11-09 14:53:57	NOTICE	history lines added: 62
2021-11-09 14:55:45	NOTICE	 nick add ['matthewcroughan']
2021-11-09 13:51:10	matthewcroughan_	I have an old HP netbook which has an intel n2600. The BIOS lies about the capabilities of the chip and states that long mode is not supported. How can I work around this in Linux? Can I make a modification to arch/x86/boot/cpu.c ?
2021-11-09 13:52:01	Dagmar	matthewcroughan_: Generally you can't.
2021-11-09 13:52:19	matthewcroughan_	Dagmar: Funny enough, it boots in Long Mode if I use Netboot.xyz
2021-11-09 13:52:34	matthewcroughan_	Netboot.xyz uses syslinux, I'm not sure about other details, but it successfully manages to boot into various OS without this issue
2021-11-09 13:52:56	matthewcroughan_	Do you have any idea why it would allow that?
2021-11-09 13:59:22	matthewcroughan_	Dagmar: The intel n2600 is a 64 bit cpu.
2021-11-09 13:59:44	matthewcroughan_	Any OS booted from a USB stick results in the error on Line 81 of arch/x86/boot/cpu.c
2021-11-09 14:00:03	matthewcroughan_	However, if I use netboot.xyz, it succeeds in booting any distribution in long mode, aka 64 bit.
2021-11-09 14:00:11	TJ-	matthewcroughan_: what boot loader is on those USB sticks?
2021-11-09 14:00:23	matthewcroughan_	It doesn't seem to matter even if I use alpine linux (extlinux)
2021-11-09 14:00:38	matthewcroughan_	My only real options are extlinux or grub, since it's legacy boot
2021-11-09 14:00:55	TJ-	matthewcroughan_: I mean, is it GRUB, or syslinux, or something else. If it is booting in BIOS mode it'll usually  be syslinux on hybrid installer ISOs
2021-11-09 14:00:57	matthewcroughan_	but netboot.xyz uses its own custom bootloader I think
2021-11-09 14:02:06	matthewcroughan_	Dagmar: Netboot.xyz skips the bootloader and executes the kernel directly.
2021-11-09 14:02:22	matthewcroughan_	https://netboot.xyz/docs/faq/#how-does-this-work
2021-11-09 14:02:34	matthewcroughan_	Something about iPXE, this is stuff I am very unfamiliar with. I just thought I could find some help with the topic here.
2021-11-09 14:03:24	matthewcroughan_	Either way. Netboot.xyz gives you the ability to boot things like arch/ubuntu/nixos/alpine directly from a PXE menu. Doing this skips the bootloader those distributions would usually ship with, and just boots the kernel with the correct filesystem for that distribution.
2021-11-09 14:03:59	matthewcroughan_	However netboot.xyz works, seems to allow Linux to boot on the intel n2600 despite the BIOS lying about its capabilities.
2021-11-09 14:04:28	matthewcroughan_	Alpine, Arch, NixOS, Ubuntu
2021-11-09 14:04:37	matthewcroughan_	Though Alpine/Ubuntu/Arch boots just fine in netboot.xyz
2021-11-09 14:05:10	matthewcroughan_	I'm convinced for sure that the bootloader has something to do with it, but I have no idea what could be happening, because I'm not experienced enough to know.
2021-11-09 14:05:27	TJ-	matthewcroughan_: what's the make/model of PC here?
2021-11-09 14:05:48	matthewcroughan_	TJ-: hp mini 110-4100
2021-11-09 14:06:18	matthewcroughan_	They were all being booted in Legacy, not attempting EFI, at least I wouldn't assume that from the way Grub decided to display the graphics on NixOS.
2021-11-09 14:06:36	matthewcroughan_	NixOS has different graphics for grub depending on EFI vs Legacy, the legacy graphics were being displayed in that case.
2021-11-09 14:08:34	TJ-	matthewcroughan_: so the crux of the problem is that HP firmware locks out EMT-64 mode 
2021-11-09 14:09:07	matthewcroughan_	So how can it be that I'm able to circumvent this by using Netboot.xyz's iPXE to boot the kernel directly?
2021-11-09 14:09:08	TJ-	matthewcroughan_: but something netboot.xyz does, either in iPXE or later, somehow works around that and can boot a 64-bit kernel?
2021-11-09 14:09:17	matthewcroughan_	yes
2021-11-09 14:09:21	matthewcroughan_	that seems to be the case exactly
2021-11-09 14:09:34	TJ-	matthewcroughan_: you're sure the netboot case does start a 64-bit kernel? (I'm sure you're sure but need to ask!)
2021-11-09 14:10:04	matthewcroughan_	Yes, if I cat /proc/cpuinfo it reports that it is indeed booted in 64 bit mode
2021-11-09 14:10:11	TJ-	matthewcroughan_: so the other option is to hack the HP's firmware so it isn't writing MSR 0x122 
2021-11-09 14:11:45	TJ-	matthewcroughan_: OK, so lets take a specific case. netboot.xyz > Ubuntu - from a brief reading the docs say they modify the installer scripts in some cases, but this would need to be fixed way before that, and I cannot think netboot.xyz has a quirk for your specific HP mini, which infers there's something in its iPXE code 
2021-11-09 14:12:12	TJ-	matthewcroughan_: just to be sure - that HP mini will boot in 64-bit mode if you put netboot.xyz on a USB?
2021-11-09 14:13:27	matthewcroughan_	TJ-: I will check for you. Currently it is booted from a pihole running tftp and serving netboot.xyz.xkpe
2021-11-09 14:14:01	TJ-	matthewcroughan_: right - because I'm wondering if that HP mini's PXE boot code is the thing enabling EMT-64 mode 
2021-11-09 14:14:54	TJ-	matthewcroughan_: I'm reading the forums about needing to 'hack' that firmware to stop it locking the CPU to 32-bit mode with MSR 0x122 so maybe in the PXE boot case that code path doesn't get followed and the CPU remains in EMT64 
2021-11-09 14:16:12	TJ-	matthewcroughan_: I had to hack the nvram of Sony Vaio back around 2007 to undo a similar MSR lock-out (in that case disabling VT-x virtualisation on Vaio VGN-41 I think it was)
2021-11-09 14:18:41	matthewcroughan_	TJ-: Is there no possible fix that could be made to the kernel?
2021-11-09 14:19:43	matthewcroughan_	Could we not make `bullshido.h` which is a lookup table for these motherboards which have known incorrect behavior, that could ignore the CPU check in arch/x86/boot/cpu.c ?
2021-11-09 14:20:06	TJ-	matthewcroughan_: no, MSR instructions are CPU-level configuration and what usually happens is once they've been set the firmware also sets the MSR lock so they cannot be changed. That's why I'm guessing the PXE boot code is not setting MSR 0x122 == 3 (which locks the CPU to 32-bit mode)
2021-11-09 14:20:07	matthewcroughan_	There are a lot of laptops that are like this, and I think it'd be a nice addition, can anyone tell me why this is the wrong approach?
2021-11-09 14:23:13	TJ-	matthewcroughan_: if the CPU's MSRs have been locked by firmware they cann't be changed until a reset
2021-11-09 14:24:38	matthewcroughan_	TJ-: That seems to be exactly the case. Booting netboot.xyz from USB causes the MSR to be set.
2021-11-09 14:24:51	matthewcroughan_	In fact, netboot.xyz halts the CPU after I get some serial, in this method.
2021-11-09 14:26:24	TJ-	matthewcroughan_: there is one small chance; the MSR lock has 3 values. Off, On but can be turned Off, and On until power reset. Usually it is the latter (=3) but if you were lucky and it was 2 you could add a small bit of machine code to change it to 0 -- highly unlikely that door has been left open though, else someone would have found that by now
2021-11-09 14:27:02	matthewcroughan_	TJ-: how would I execute that machine code?
2021-11-09 14:27:09	matthewcroughan_	I'm definitely in the class of "noob".
2021-11-09 14:27:36	TJ-	matthewcroughan_: with great difficulty!
2021-11-09 14:27:46	matthewcroughan_	Would it be in the kernel?
2021-11-09 14:27:52	matthewcroughan_	Or would it be in grub, for example?
2021-11-09 14:27:56	TJ-	matthewcroughan_: I'm re-reading my notes from ~2007 on what I did on that Vaio. Just found this "Note: I have another project going that will provide a software utility to enable the VMX virtualisation extensions in Intel Core 2 Duo CPUs without needing to hack the BIOS. "
2021-11-09 14:29:14	TJ-	matthewcroughan_: so I think MSR 0x3A is the Intel CPU lock 
2021-11-09 14:31:02	matthewcroughan_	TJ-: So if I boot Linux in 64 bit, can I mess with MSR 0x122 from the OS?
2021-11-09 14:31:14	matthewcroughan_	Do you think I can cause the CPU to crash/halt by doing that, to prove it's manipulable?
2021-11-09 14:32:31	TJ-	matthewcroughan_: re booted in 64-bit mode. You could use the Linux MSR tools to dump the current values so we could get an idea... with the PXE boot it may not be locking 0x3A
2021-11-09 14:33:20	matthewcroughan_	TJ-: could I not just ignore the longmode check in arch/x86/boot/cpu.c L81, based on some other identifying information like the vendor's bios strings, or some other thing?
2021-11-09 14:34:02	TJ-	matthewcroughan_: no, of course not
2021-11-09 14:34:34	TJ-	matthewcroughan_: if the firmware locks the CPU in 32-bit mode, then a 64-bit kernel cannot operate
2021-11-09 14:35:38	TJ-	matthewcroughan_: with your PXE boot is it starting Debian or Ubuntu? if so, do "sudo apt install msr-tools" then "sudo modprobe msr" and "sudo rdmsr 0x3a" and tell us the value
2021-11-09 14:44:20	TJ-	matthewcroughan_: I've found the Intel docs. See page 20 and 21 "IA32_FEATURE_CONTROL" for MSR 0x3a  https://www.intel.com/content/www/us/en/develop/download/intel-64-and-ia-32-architectures-software-developers-manual-volume-4-model-specific-registers.html
2021-11-09 14:55:45	NOTICE	history lines added: 62
2021-11-09 15:19:23	TJ-	matthewcroughan_: I think I've tracked down the MSR that needs poking but as to whether you can do that I cannot tell (as I said, it may be locked). https://wiki.osdev.org/CPU_Registers_x86-64#IA32_EFER
2021-11-09 15:20:53	TJ-	matthewcroughan_: that is MSR 0xC0000080, bits 8 and 10
2021-11-09 19:58:44	matthewcroughan_	TJ-: the value of `rdmsr 0x3a` on alpine linux via netboot.xyz is 9
2021-11-09 20:33:08	TJ-	matthewcroughan: interesting, that is undocumented. that is 1001 (8+1) but bit 3 is undocumented. bit 1 is the lock bit.
2021-11-09 20:33:46	TJ-	matthewcroughan: sorry, I meant bit 0 is the lock bit
2021-11-09 21:03:39	matthewcroughan_	TJ-: How can I use rdmsr to read whether the CPU thinks it's in 32 bit or 64 bit mode?
2021-11-09 21:04:06	matthewcroughan_	rdmsr 0x3a returns 9, which means the 1 bit is set, so it's locked indeed
2021-11-09 21:04:39	matthewcroughan_	TJ-: so the bios/firmware has locked this bit, but now how can we figure out if the CPU believes it's in 32 bit mode, whilst the kernel has booted in 64?
2021-11-09 21:04:58	TJ-	matthewcroughan_: in theory yes, try reading 0xc0000080 
2021-11-09 21:05:20	matthewcroughan_	TJ-: d01
2021-11-09 21:05:30	matthewcroughan_	or in decimal, 3329
2021-11-09 21:05:46	TJ-	matthewcroughan_: now we need to decode that to what the bits mean!
2021-11-09 21:06:18	matthewcroughan_	TJ-: is there anything about that in the intel doc you linked earlier?
2021-11-09 21:08:03	TJ-	matthewcroughan_: pages 69/70 of the Intel MSR manual at https://www.intel.com/content/www/us/en/develop/download/intel-64-and-ia-32-architectures-software-developers-manual-volume-4-model-specific-registers.html
2021-11-09 21:10:38	TJ-	matthewcroughan_: 0xd01 ==  IA32_EFER.LME ,  IA32_EFER.LMA,  IA32_EFER.NXE which means Long mode enabled
2021-11-09 21:10:58	TJ-	matthewcroughan_: and I assume that is from the PXE netboot.xyz start which makes sense?
2021-11-09 21:12:45	TJ-	matthewcroughan_: unfortunately, we don't have an easy way to read those for USB boot unless you but a 32-bit kernel and userspace install on USB
2021-11-09 21:17:19	TJ-	matthewcroughan_: good news is, if you can boot into GRUB, it has both "rdmsr" and "wrmsr" modules, so if you can boot a USB with GRUB (not syslinux) you may be able to write to that MSR to set it, and then boot correctly
2021-11-09 21:18:18	matthewcroughan_	TJ-: How would I set it with grub? Via kernel command line?
2021-11-09 21:19:31	TJ-	matthewcroughan_: no, kernel command line is Linux. GRUB comes before that. If you can boot to a GRUB menu you can press "c" for a command shell, then do "insmod rdmsr" to make the rdmsr command available
2021-11-09 21:23:26	matthewcroughan_	TJ-: ctrl + c?
2021-11-09 21:23:31	matthewcroughan_	c for comand line shell seems not to work
2021-11-09 21:24:09	matthewcroughan_	I pressed escape, that seemed to work. Now I'm faced with "boot:`
2021-11-09 21:24:21	TJ-	matthewcroughan_: that is NOT grub, that is syslinux
2021-11-09 21:24:36	matthewcroughan_	Okay, great. Do you know what distros would give me grub?
2021-11-09 21:24:55	matthewcroughan_	just on their installer
2021-11-09 21:25:06	matthewcroughan_	and does it need to be grub2 rather than grub1?
2021-11-09 21:26:20	TJ-	matthewcroughan_: grub2
2021-11-09 21:26:53	TJ-	matthewcroughan_: you should be able to put a basic BIOS GRUB boot on a USB to test this
2021-11-09 21:27:56	TJ-	matthewcroughan_: instead of using a hybrid ISO installer image, actual do an install ONTO the USB so it is the same as if installed to fixed storage
2021-11-09 21:48:41	NOTICE	 nick add ['BCMM']
2021-11-09 21:48:41	BCMM	matthewcroughan_: it's basically always grub2 these days. and most installers boot with grub in EFI mode, even if they use syslinux for bios mode.
2021-11-09 21:51:24	matthewcroughan_	BCMM: Yeah, I'm having trouble finding a distro installer image that uses grub2 for bios mode
2021-11-09 21:51:57	matthewcroughan_	I want to use a distro because it will immediately tell me if my attempts were successful or not
2021-11-09 21:57:18	TJ-	matthewcroughan_: I've just built a small GRUB2  bootable image you can put on USB to test whether rdmsr/wrmsr from GRUB can change those settings. Do you want to download it from me and test?
2021-11-09 21:57:32	matthewcroughan_	TJ-: for sure!
2021-11-09 21:59:05	TJ-	matthewcroughan_: I'm just waiting for the upload to end. This is ONLY grub - just enough to test rdmsr/wrmsr for now
2021-11-09 21:59:31	TJ-	matthewcroughan_: if this works I can extend it to have a kernel and userspace
2021-11-09 22:02:43	TJ-	matthewcroughan_: "wget https://iam.tj/projects/misc/grub2.disk " - this is a 256MB bootable image you can write directly to a USB, e.g. "dd if=grub2.disk of=/dev/sdz bs=4M status=progress conv=fsync "
2021-11-09 22:03:03	matthewcroughan_	Really excellent.
2021-11-09 22:03:04	TJ-	matthewcroughan_: I've tested it in a qemu virtual machine and it works 
2021-11-09 22:07:51	TJ-	matthewcroughan_: tell me when you've got it booted to its shell
2021-11-09 22:07:58	matthewcroughan_	TJ-: interesting! This grub says 0x3a returns 0x9, same as ever
2021-11-09 22:08:13	matthewcroughan_	so it's locked at this point
2021-11-09 22:08:20	TJ-	matthewcroughan_: it's not 0x3a we need
2021-11-09 22:08:45	matthewcroughan_	oh crap! I wrote to it
2021-11-09 22:08:58	matthewcroughan_	TJ-: `wrmsr 0x3a 0` caused a hard reboot
2021-11-09 22:09:18	matthewcroughan_	TJ-: I'm in, at this point.
2021-11-09 22:09:29	TJ-	matthewcroughan_: it's 0xc0000080 which should be 0xd01
2021-11-09 22:09:56	matthewcroughan_	TJ-: At this point in Grub, it is 0x0
2021-11-09 22:10:23	TJ-	matthewcroughan_: OK, now "insmod wrmsr" then try writing that value. "help wrmsr" for the command options
2021-11-09 22:11:11	matthewcroughan_	TJ-: writing that to what?
2021-11-09 22:11:17	matthewcroughan_	Because 0x0 is correct, right?
2021-11-09 22:11:23	TJ-	matthewcroughan_: "wrmsr 0xc0000080 0xd01 
2021-11-09 22:11:36	TJ-	matthewcroughan_: then re-read it check it holds the value
2021-11-09 22:11:37	matthewcroughan_	TJ-: I see, yeah. My bad, I thought 0xd01 was the bad value in my head. Thank you.
2021-11-09 22:12:23	matthewcroughan_	TJ-: causes a hard reboot the same as trying to write to 0x3a
2021-11-09 22:12:31	matthewcroughan_	Assuming that means it is locked?
2021-11-09 22:12:32	TJ-	matthewcroughan_: I was afraid of that
2021-11-09 22:12:57	TJ-	matthewcroughan_: maybe we can try just writing individual bits though, rather than the entire bvalue
2021-11-09 22:13:55	TJ-	matthewcroughan_: start off trying "wrmsr 0xc0000080 0x01"  then "0x0800" then "0x0400"
2021-11-09 22:14:03	matthewcroughan_	TJ-: Setting it to decimal 1 caused a reboot
2021-11-09 22:14:30	TJ-	matthewcroughan_:  0x01 is SYSCALL Enable: IA32_EFER.SCE
2021-11-09 22:14:44	matthewcroughan_	TJ-: a value of 0x01 causes a hard reboot
2021-11-09 22:15:09	TJ-	matthewcroughan_: try 0x100 ( IA-32e Mode Enable: IA32_EFER.LME (R/W) )
2021-11-09 22:15:31	TJ-	matthewcroughan_: manual says this "Enables IA-32e mode operation."
2021-11-09 22:15:46	matthewcroughan_	TJ-: The value of 0x0800 is accepted, no hard reboot.
2021-11-09 22:15:54	TJ-	matthewcroughan_: ok now do a read
2021-11-09 22:15:59	matthewcroughan_	TJ-: any other value you've told me to do, results in a hard reboot
2021-11-09 22:16:44	TJ-	matthewcroughan_: because bit 10 is read-only and is "IA-32e Mode Active: IA32_EFER.LMA (R) 
2021-11-09 22:16:53	matthewcroughan_	TJ-: After writing 0x0800 the value of 0xc0000080 is now 0x800
2021-11-09 22:18:31	TJ-	matthewcroughan_: right, so the OS would then need to twiddle some bits to actually switch to long mode, according to  https://wiki.osdev.org/X86-64#Long_Mode
2021-11-09 22:18:48	TJ-	matthewcroughan_: I think it's worth us trying with a kernel now, I'll go add that to the image
2021-11-09 22:18:54	matthewcroughan_	:D
2021-11-09 22:18:59	matthewcroughan_	TJ-: Thank you so much.
2021-11-09 22:23:08	TJ-	matthewcroughan_: it works here, booted a 5.15 kernel in the VM. Uploading.
2021-11-09 22:23:34	matthewcroughan_	TJ-: bleeding edge, I love it.
2021-11-09 22:25:43	TJ-	matthewcroughan_: so when you have this, you'll do that "wrmsr 0xc0000080 0x100" then check it with "rdmsr 0xc0000080" then "insmod linux" followed by "linux ($root)/boot/vmlinuz" then, once it is in memory "boot" and you'll see the kernel booting. There is no initialramfs so it won't get to a userspace, but this will prove whether that MSR is enough to get to long mode
2021-11-09 22:26:30	TJ-	matthewcroughan_: OK, uploaded. fetch it again "wget https://iam.tj/projects/misc/grub2.disk"
2021-11-09 22:32:26	matthewcroughan_	TJ-: alright, I'm in.
2021-11-09 22:35:11	matthewcroughan_	TJ-: how do I boot the kernel in this state? Never done grub before.
2021-11-09 22:35:28	matthewcroughan_	My bad, above my scrollbar.
2021-11-09 22:36:14	matthewcroughan_	TJ-: 0x100 causes a hard reboot
2021-11-09 22:36:49	TJ-	matthewcroughan_: arghh
2021-11-09 22:41:43	matthewcroughan_	TJ-: You're trying to get me to write the thing that has this description, right? "IA-32e Mode Enable:" ?
2021-11-09 22:41:51	TJ-	matthewcroughan_: I'm looking at some code that does this, and it is doing what you are doing,  https://github.com/missimer/x86-64-kernel-boot/blob/138a048523488bf86337617e6f3111ad8b3be4c1/kernel/boot.S#L93
2021-11-09 22:42:30	TJ-	matthewcroughan_: the aim is to set bit 8 which is  IA32_EFER.LME  
2021-11-09 22:43:45	TJ-	matthewcroughan_: that code is described at http://ringzeroandlower.com/2017/08/08/x86-64-kernel-boot.html
2021-11-09 22:45:50	TJ-	matthewcroughan_: what happens if you forget about any MSR writing and just try to start the kernel?
2021-11-09 22:47:33	NOTICE	 nick add ['hodapp']
2021-11-09 22:47:33	hodapp	I was talking to matthewcroughan_ actually :P
2021-11-09 22:47:49	TJ-	I suspect matthewcroughan_ is slightly lost in this
2021-11-09 22:53:17	matthewcroughan_	TJ-: It just hangs on `boot`
2021-11-09 22:53:47	hodapp	joetest: one can segregate/prevent cookies reasonably well whether they use JS or not
2021-11-09 22:53:50	hodapp	which a lot of them don't
2021-11-09 22:54:19	TJ-	matthewcroughan_: try "linux /boot/vmlinuz earlyprintk=vga" in case you can get any messsages at all. If not, it is hanging at some point
2021-11-09 22:54:46	TJ-	matthewcroughan_: otherwise, we're back to the fact the HP mini firmware is locking this out
2021-11-09 22:55:15	TJ-	matthewcroughan_: and from my research, it seems the bits we'd need to poke are not documented by Intel. They're kept confidential.
2021-11-09 22:56:14	matthewcroughan_	TJ-: earlyprintk seems not to make a difference to the feedback.
2021-11-09 22:56:39	TJ-	matthewcroughan_: I didn't think it would, since it would need the kernel in long mode to get to the first messages
2021-11-09 22:56:58	NOTICE	 nick add ['joetest']
2021-11-09 22:56:58	joetest	hodapp how
2021-11-09 22:57:21	matthewcroughan_	TJ-: So you think there are undocumented bits that will allow us to circumvent this behavior?
2021-11-09 22:57:28	matthewcroughan_	They probably exist?
2021-11-09 22:57:33	joetest	there are apps that generate random canvas yes however they may read data too so I have to write own app
2021-11-09 22:57:42	hodapp	joetest: firefox has this ability natively in recent versions
2021-11-09 22:58:39	TJ-	matthewcroughan_: we know the value in 0xc00000080 should be 0xd01 but we also know trying to set some of those bits causes a hard reset. You could try all permutations in case you can find a set that works. 0xd01 is 00001101 00000001 
2021-11-09 22:59:49	joetest	hodapp  can we agree that as far as JS exist sites will use some ways to track?
2021-11-09 22:59:59	TJ-	matthewcroughan_: so that is these ORed together 0x0800, 0x400, 0x0100, 0x0001 
2021-11-09 23:00:12	joetest	just how much FF does to stop fingerprinting
2021-11-09 23:00:34	matthewcroughan_	TJ-: what do you mean by all permutations?
2021-11-09 23:01:02	TJ-	matthewcroughan_: try setting every combination of those values in case one works that also enables long mode
2021-11-09 23:01:49	TJ-	matthewcroughan_: 0x0400 is a read-only bit so you don't need to write that one
2021-11-09 23:02:30	TJ-	matthewcroughan_: 0x0800 is the Execute Disable Bit Enable: IA32_EFER.NXE which should be OK to write without causing a reset
2021-11-09 23:03:20	TJ-	matthewcroughan_: 0x0001 is SYSCALL Enable: IA32_EFER.SCE (R/W) which ought to be enabled, but I think the kernel would do that
2021-11-09 23:03:55	TJ-	matthewcroughan_: 0x0100 is IA-32e Mode Enable: IA32_EFER.LME (R/W) (long mode enable)
2021-11-09 23:05:10	TJ-	matthewcroughan_: from that example github kernel code on the 0x0100 should be needed to be written to enable long mode, and it ought not cause a reboot
2021-11-09 23:08:37	matthewcroughan_	TJ-: I have a friend who is savvy in hex, so we just tried all permutations with 0x0400 excluded.
2021-11-09 23:08:53	matthewcroughan_	All cause hard reboots except setting it to decimal 0
2021-11-09 23:09:21	TJ-	matthewcroughan_: it looks rather like you're out of luck for direct boot then; you'll need a sneaky PXE workaround to do it
2021-11-09 23:10:38	TJ-	matthewcroughan_: I had an idea about the PXE boot stuff earlier. Have you tried setting PXE boot first in the boot-order, before USB, but letting it fail so the boot over PXE fails then it tries the USB? You may be lucky and it leaves long mode enabled :D
2021-11-09 23:11:34	matthewcroughan_	TJ-: what an awesome idea
2021-11-09 23:11:38	TJ-	matthewcroughan_: also in GRUB can you do a "rdmsr 0x122" ?
2021-11-09 23:11:39	matthewcroughan_	TJ-: let me checke
2021-11-09 23:13:29	TJ-	matthewcroughan_: i ask about 0x122 because several forum reports mention it as a common denominator on 32-bit locked CPUs
2021-11-09 23:14:06	TJ-	matthewcroughan_: those that report it locked say the value of 0x122 is 0x03
2021-11-09 23:14:47	TJ-	matthewcroughan_: according to the Intel MSR docs, bit 0 (=0x01) means "RTM_DISABLE: When set to 1, XBEGIN will 
2021-11-09 23:16:36	TJ-	matthewcroughan_: bit 1 (=0x02) is TSX_CPUID_CLEAR which, from what I can see when set disables something in the feature set
2021-11-09 23:23:50	matthewcroughan_	TJ-: your boot priority trick did not work, but booting grub from netboot.xyz, then using that grub to load a hard disk which has Linux on it, works of course.
2021-11-09 23:24:32	BCMM	matthewcroughan_: what's the overall goal? i'm not sure i was here for that bit
2021-11-09 23:24:55	BCMM	are you basically just trying to get Linux installed?
2021-11-09 23:25:00	TJ-	BCMM: boot 64-bit natively from USB/disk
2021-11-09 23:25:32	BCMM	TJ-: is booting the live USB the overall goal, or is matthewcroughan_ trying to get an installer disk booted to install linux?
2021-11-09 23:25:41	TJ-	BCMM: the HP mini's firmware locks off EMT64 mode so it'll only do 32-bit, but if the firmware does PXE boot it doesn't lock off EMT64 :)
2021-11-09 23:25:47	NOTICE	 nick add ['jim']
2021-11-09 23:25:47	jim	matthewcroughan_, setting the boot priority like that, means it will try pxe first, and if you get pxe going properly, the booting would succeed
2021-11-09 23:26:13	BCMM	wondering if debootstrap or distro-appropriate equivalent from that drive he's tricked in to booting would do, you see...
2021-11-09 23:26:35	TJ-	BCMM: so we'd been hoping we could poke the correct MSR bits from GRUB before loading the 64-bit kernel, to make this work without PXE mode
2021-11-09 23:27:00	BCMM	oh, the network boot thing isn't work just because it's grub, it's working because netboot itself is special in this BIOS?
2021-11-09 23:27:15	BCMM	nevermind, then
2021-11-09 23:27:16	TJ-	BCMM: This is often done on Atom-based systems to prevent using 64-bit OS
2021-11-09 23:27:46	TJ-	BCMM: correct, yes, just when the firmware does PXE it doesn't follow the code path that locks off EMT64 
2021-11-09 23:30:39	matthewcroughan_	TJ-: 0x122 is set to 0x3
2021-11-09 23:31:24	TJ-	matthewcroughan_: which is what forums say is the sign this is locked off. I bet trying to write either of those bits to 0 causes a failure?
2021-11-09 23:32:05	TJ-	matthewcroughan_: as in "wrmsr 0x122 0" or "wrmsr 0x122 2" or "wrmsr 0x122 1"
2021-11-09 23:32:08	matthewcroughan_	TJ-: yes, hard reboot
2021-11-09 23:35:56	matthewcroughan_	TJ-, jim, even if I use PXE to get to netboot.xyz, then use "boot from local hard disk" in netboot.xyz, the bits are still set.
2021-11-09 23:36:04	matthewcroughan_	32 bit only
2021-11-09 23:36:08	TJ-	matthewcroughan_: what does "rdmsr 0x10a" report? this is IA32_ARCH_CAPABILITIES and bit 7 set tells us that 0x122 is valid
2021-11-09 23:36:58	TJ-	matthewcroughan_: that will be because iPXE hands back to the system firmware to do that boot
2021-11-09 23:37:17	<--	BCMM (~BCMM@user/bcmm) has quit (Ping timeout: 264 seconds)
2021-11-09 23:37:37	TJ-	matthewcroughan_: is that HP mini firmware UEFI? It should be I'd have thought
2021-11-09 23:38:20	matthewcroughan_	TJ-: wrmsr 0x122 0, 1 or 2 all cause reboots
2021-11-09 23:38:28	matthewcroughan_	TJ-: rdmsr 0x10a causes a reboot
2021-11-09 23:38:35	TJ-	matthewcroughan_: I'm wondering if so if it were to drop into a UEFI Shell, the boot device code could be avoided and we could use the shell to manually load GRUB EFI
2021-11-09 23:39:01	TJ-	matthewcroughan_: I didn't think those MSRs would help but worth a try
2021-11-09 23:40:41	matthewcroughan_	TJ-: can you get into a uefi shell on a legacy bios?
2021-11-09 23:40:55	TJ-	matthewcroughan_: btw, I'm using my 'follow' support script to keep a separate log of all our conversation separate to the channel so when we're done remind me and I'll upload it so you have a copy
2021-11-09 23:41:18	matthewcroughan_	:D
2021-11-09 23:41:18	TJ-	matthewcroughan_: no you cannot, but I thought that model would be recent enough to have UEFI firmware
2021-11-09 23:45:20	TJ-	matthewcroughan_: I've downloaded the firmware update for that 110-4100; I'll see if there's a way to patch out those wrmsr instructions, but I don't hold out much hope. I'll also check on the UEFI
2021-11-09 23:45:34	matthewcroughan_	TJ-: awesome! :D
2021-11-09 23:45:42	matthewcroughan_	I'm learning a lot
2021-11-09 23:48:06	TJ-	matthewcroughan_: the firmware is in a windows .exe so I've got to try to snatch it out via wine
2021-11-09 23:48:18	matthewcroughan_	Naasty
2021-11-09 23:48:43	matthewcroughan_	couldn't you just load freedos, execute it, and use some tools in there?
2021-11-09 23:57:44	TJ-	matthewcroughan_: It's an Insyde H2O BIOS as far as I can tell
2021-11-10 00:03:43	matthewcroughan_	TJ-: that's correct
2021-11-10 00:03:47	matthewcroughan_	It's currently on .F08
2021-11-10 00:04:59	TJ-	matthewcroughan_: yes that is what I have. Can you confirm that when you enter firmware (BIOS) setup it is UEFI?
2021-11-10 00:05:34	TJ-	matthewcroughan_: because if it is we can create a UEFI bootable image with the Tainocore EDK2 shellx64.efi in it
2021-11-10 00:17:06	TJ-	matthewcroughan_: not sure what use it would be, but there's a link to the HP UEFI diagnostic software in the Advisories for that model. That led me to find out there is a 4-in-1 USB UEFI diagnostic that, just might, have something of use https://www.hp.com/us-en/campaigns/hpsupportassistant/pc-diags.html?jumpid=va_r602_us/en/any/pps/pl_ot_ob_ds_pd/HP_PC_Hardware_Diagnostics_cc/dt
2021-11-10 00:17:41	-->	BCMM (~BCMM@user/bcmm) has joined #linux
2021-11-10 00:17:42	<--	BCMM (~BCMM@user/bcmm) has quit (Client Quit)
2021-11-10 00:24:21	TJ-	matthewcroughan_: also see for your model specifically https://support.hp.com/gb-en/product/hp-mini-110-4100-pc-series/5145736/document/c06180396
2021-11-10 00:34:29	NOTICE	 nick add ['byte4byte_mac_']
2021-11-10 00:34:29	byte4byte_mac_	jim can you write a virtual machine in python?
2021-11-10 00:35:11	NOTICE	 nick add ['Blondie101010']
2021-11-10 00:35:11	Blondie101010	byte4byte_mac_:  it would be possible, but inefficient
2021-11-10 00:35:29	byte4byte_mac_	is it inefficient because python sucks?
2021-11-10 00:35:50	Blondie101010	no
2021-11-10 00:36:13	Blondie101010	everything has its positive and negative aspects
2021-11-10 00:36:25	Blondie101010	you choose your favorite
2021-11-10 00:36:49	NOTICE	 nick add ['SlimmyJimmy']
2021-11-10 00:36:49	<--	SlimmyJimmy (Username@user/slimmyjimmy) has quit (Quit: Going offline, see ya! (www.adiirc.com))
2021-11-10 00:37:09	matthewcroughan_	TJ-: it is not UEFI, it is legacy only.
2021-11-10 00:37:19	TJ-	matthewcroughan_: drat!
2021-11-10 00:37:47	TJ-	matthewcroughan_: then unless you make some kind of sneaky breakthrough, I think you're stuck with the PXE workaround
2021-11-10 00:40:07	matthewcroughan_	TJ-: so you can't do anything with the firmware?