There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

@ABasilPlant@lemmy.world cover

ABasilPlant

@[email protected]

InfoSec Person | Alt-Account#2

This profile is from a federated server and may be incomplete. Browse more on the original instance.

How System Requests Work and How to Add Your Own SysReq (snee.la)

I needed to add a custom System Request (Sys Req or SysRq) to a linux kernel some time ago. While doing so, I dug deep into how it works and I thought I’d make a quick post about it. Here is a good SuperUser answer about what a SysRq is. You may also know about SysRq via REISUB. This post has three parts: how to raise a SysRq,...

ABasilPlant OP ,

I’m glad you appreciate it! It’s always fun digging into kernel internals and learning new things :D

I’m also open to criticism about the writing if you have any.

ABasilPlant , (edited )

No. Fuck this shit. Don’t do this.

It’s already bad when everyone in this community shoves their distro down potential linux-converts’ throats, thereby confusing them even more. Don’t tell (or imply to) freshly converted users that they potentially made a wrong choice.

TF do you think they’re going to do now? Move to fedora? The commenter above already stated that it was a hassle to install Ubuntu and now you’re telling them to change distros already???

Ubuntu is still great… compared to Windows. Sure. It may not hold to your ideals. Compared to other distros, canonical may make some questionable choices. BUT THEY DON’T IMPLEMENT A FUCKING RECALL. So it’s fine (for now).

Ubuntu is fine for newcomers. It has a shit ton of support online and you can easily search questions whose answers are likely to be found within the first few results.

So stop shoving distros down people’s throats, especially fresh users.

I know you said:

Sorry if I sound too hard… take it with a laugh 😁

It doesn’t come across that way. You come off as a gatekeeper.

ABasilPlant ,

I knew about the “Thour” meme, but still didn’t get why the directory turned compressed. My guess is that by licking the lemon, the directory folds in on itself, thus becoming compressed.

ABasilPlant ,

That checks out - thanks!

ABasilPlant , (edited )

You haven’t given us much information about the CPU. That is very important when dealing with Machine Check Errors (MCEs).

I’ve done a bit of work with MCEs and AMD CPUs, so I’ll help with understanding what may be going wrong and what you probably can do.

I’ve done a bit of searching from the microcode & the Dell Wyse thin client that you mentioned. From what I can garner, are you using a Dell Wyse 5060 Thin Client with an AMD steppe Eagle GX-424 [1]? This is my assumption for the rest of this comment.

Machine Check Errors (MCEs) are hard to decipher find out without the right documentation. As far as I can tell from AMD’s Data Sheet for the G-Series [2], this CPU belongs to family 16H.

You have two MCEs in your image:

  • CPU Core 0, Bank 4: f600000000070f0f
  • CPU Core 1, Bank 1: b400000001020103

Now, you can attempt to decipher these with a tool I used some time ago, MCE-Ryzen-Decoder [4]; you may note that the name says Ryzen - this tool only decodes MCEs of Ryzen architectures. However, MCE designs may not change much between families, but I wouldn’t bank (pun not intended) on it because it seems that the G-Series are an embedded SOC compared to the Ryzen CPUs which are not. I gave it a shot and the tool spit out that you may have an issue in:


<span style="color:#183691;">$ python3 run.py 04 f600000000070f0f
</span><span style="color:#63a35c;">Bank</span><span style="color:#323232;">: </span><span style="color:#183691;">Read-As-Zero (RAZ)
</span><span style="color:#63a35c;">Error</span><span style="color:#323232;">:  </span><span style="color:#183691;">( 0x7)
</span><span style="color:#323232;">
</span><span style="color:#183691;">$ python3 run.py 01 b400000001020103
</span><span style="color:#63a35c;">Bank</span><span style="color:#323232;">: </span><span style="color:#183691;">Instruction Fetch Unit (IF)
</span><span style="color:#63a35c;">Error</span><span style="color:#323232;">: </span><span style="color:#183691;">IC Full Tag Parity Error (TagParity 0x2)
</span>

Wouldn’t bank (pun intended this time) on it though.

What you can do is to go through the AMD Family 16H’s BIOS and Kernel Developer Guide [3] (Section 2.16.1.5 Error Code). From Section 2.16.1.1 Machine Check Registers, it looks like Bank 01 corresponds to the IC (Instruction Cache) and Bank 04 corresponds to the NB (Northbridge). This means that the CPU found issues in the NB in core 0 and the IC in core 1. You can go even further and check what those exact codes decipher to, but I wouldn’t put in that much effort - there’s not much you can do with that info (maybe the NB, but… too much effort). There are some MSRs that you can read out that correspond to errors of these banks (from Table 86: Registers Commonly Used for Diagnosis), but like I said, there’s not much you can do with this info anyway.

Okay, now that the boring part is over (it was fun for me), what can you do? It looks like the CPU is a quad core CPU. I take it to mean that it’s 4 cores * 2 SMT threads. If you have access to the linux command line parameters [5], say via GRUB for example, I would try to isolate the two faulty cores we see here: core 0 and core 1. Add isolcpus=0,1 to see the kernel boots. There’s a good chance that we see only two CPU cores failing, but others may also be faulty but the errors weren’t spit out. It’s worth a shot, but it may not work.

Alternatively, you can tell the kernel to disable MCE checks entirely and continue executing; this can be done with the mce=off command line parameter [6] . Beware that this means that you’re now willingly running code on a CPU with two cores that have been shown to be faulty (so far). isolcpus will make sure that the kernel doesn’t execute any “user” code on those cores unless asked to (via taskset for example)

Apart from this, like others have pointed out, the red dots on the screen aren’t a great sign. Maybe you can individually replace defective parts, or maybe you have to buy a new machine entirely. What I told you with this comment is to check whether your CPU still works with 2 SMT threads faulty.

Good luck and I hope you fix your server 🤞.

Edited to add: I have seen MCEs appear due to extremely low/high/fluctuating voltages. As others pointed out, your PSU or other components related to power could be busted.

[1] www.dell.com/support/…/system-specifications?guid…

[2] amd.com/…/52259_KB_G-Series_Product_Data_Sheet.pd…

[3] www.amd.com/…/52740_16h_Models_30h-3Fh_BKDG.pdf

[4] github.com/DimitriFourny/MCE-Ryzen-Decoder

[5] www.kernel.org/doc/html/…/kernel-parameters.html

[6] elixir.bootlin.com/linux/…/boot-options.rst

ABasilPlant ,

Are you planning to scrap the CPU? I may be interested in it as I find faulty hardware fun to experiment on.

ABasilPlant ,

Would you consider sending it to Austria? I’d pay shipping charges (if it’s within reason lol). If you are, you can send me an email at: sneela-hwelemmy92fd [at] port87.com

ABasilPlant ,

Thank you, I’ll send you an email within a day.

ABasilPlant , (edited )

en.wikipedia.org/wiki/INT_(x86_instruction) (scroll down to INT3)

stackoverflow.com/a/61946177

The TL;DR is that it’s used by debuggers to set a breakpoint in code.

For example, if you’re familiar with gdb, one of the simplest ways to make code stop executing at a particular point in the code is to add a breakpoint there.

Gdb replaces the instruction at the breakpoint with 0xCC, which happens to be the opcode for INT 3 — generate interrupt 3. When the CPU encounters the instruction, it generates interrupt 3, following which the kernel’s interrupt handler sends a signal (SIGTRAP) to the debugger. Thus, the debugger will know it’s meant to start a debugging loop there.

ABasilPlant , (edited )

Excellent question!

Before replacing the instruction with INT 3, the debugger keeps a note of what instruction was at that point in the code. When the CPU encounters INT 3, it hands control to the debugger.

When the debugging operations are done, the debugger replaces the INT 3 with the original instruction and makes the instruction pointer go back one step, thereby ensuring that the original instruction is executed.

ABasilPlant ,

The debug version you compile doesn’t affect the code; it just stores more information about symbols. The whole shtick about the debugger replacing instructions with INT3 still happens.

You can validate that the code isn’t affected yourself by running objdump on two binaries, one compiled with debug symbols and one without. Otherwise if you’re lazy (like me 😄):

stackoverflow.com/a/8676610

And for completeness: gcc.gnu.org/onlinedocs/…/Debugging-Options.html

ABasilPlant OP ,

… I am 100% certain that if they switched to being individually wrapped tomorrow, a complaint about excessive packaging would be one of the top posts here.

You’re undeniably right. The best situation would be to not have any wrapping at all… but with the crumb situation, that’d be another top post here :/

ABasilPlant ,

www.gimp.org/news/2024/…/gimp-2-10-38-released/

This (possibly last) GIMP 2 stable release brings much-requested backports from GTK3, including improved support for tablets on Windows. A number of bug fixes and minor improvements are also included in this release.

If the release says that this is possibly the last GIMP2 stable release, it feels like GIMP3 is actually on its way. I understand your cynicism, but I’d be more optimistic this time around.

ABasilPlant ,

In dark mode, the anchor tags are difficult to read. They’re dark blue on a dark background. Perhaps consider something with a much higher contrast?

A picture of a website with a dark purple background and dark blue links.

Apart from that, nice idea - I’m going to deploy the zipbomb today!

ABasilPlant ,

Surprised no one’s mentioned HTTP Cats yet:

http.cat

Personally, HTTP 405 (Method not allowed) is my favorite:

An image of former US president George Bush eating a cat. The text below the image reads, “405. Method Not Allowed”

ABasilPlant ,

Hurd-ng is on its way: www.gnu.org/software/hurd/hurd/ng.html

ABasilPlant ,

That’s not a very valid argument.

First and foremost, most devs probably see it as a job and they do what they’re told. They don’t have the power to refute decisions coming from above.

Second, in this economy where jobs are scarer than a needle in multiple haystacks, people are desperate to get a job.

Third, yes, there may be some Microsoft (M$) fan-people who end up being devs at M$. Sure, they may willingly implement the things upper management may request. However, I’m not sure whether that’s true for most of the people who work at M$.

Your comment suggests to shift the blame to the devs who implement the features that upper management request for. Don’t shoot the (MSN) messenger.

ABasilPlant ,

For anyone else who doesn’t want to spend 10 seconds trying to imagine it.

https://lemmy.world/pictrs/image/213dd60e-b611-45c0-9462-704c41bd054a.png

ABasilPlant , (edited )

Probably most speeches by Conan O’Brien.

“Work hard, be kind, and amazing things will happen” at 23:09 in Conan O’Brien’s 2011 Dartmouth College Commencement Address: youtu.be/KmDYXaaT9sA

Conan Addresses The Harvard Class Of 2020: youtu.be/VI2B3sZ1GaY

Very riveting stuff.

ABasilPlant ,

Looks cool and I’m glad something new has arrived after nitter.

A few things, however:

  1. It doesn’t look like I can view comments on tweets; I can only view the tweet. (Firefox mobile if that matters)
  2. It’s pretty slow. It’s not a big problem, but it is very noticeable.
  3. Somewhat irrelevant, but why is it called TWStalker? It’s a… bit of a weird name. ‘Stalker’ makes me feel like I’m doing something illegal even though I definitely am not.
ABasilPlant ,

See Wendover Productions’ most recent video, “The Increasing Reality of War in Space” (from around 7:54); they talk about SpaceX launching unknown satellites and not reporting it either.

youtu.be/V0DmliiUFHk?t=7m54s

ABasilPlant ,

Edit: nvm I’m an idiot, I just got the joke.

en.wikipedia.org/wiki/Kerning

In typography, kerning is the process of adjusting the spacing between characters in a proportional font, usually to achieve a visually pleasing result. Kerning adjusts the space between individual letterforms while tracking (letter-spacing) adjusts spacing uniformly over a range of characters.

ABasilPlant ,

Will you (the community) be setting your username to your public username (a username you use everywhere) or something that’s different from your public username?

Idk why, but signal feels more… personal(?) and I’d hate for general people to stumble across my signal account just by guessing whether my signal username is my public username.

I’d be fine if they got my Discord account, mastodon account, Lemmy account (they’re all different usernames anyway) because they’re public-ish accounts. Signal feels less public and I’d want to go with a username that only I can send to people I know.

It looks like there will be a message requests area and it looks like usernames can also be changed (should a username ever be doxxed).

I’m still on the fence.

ABasilPlant , (edited )

I used to have the same exact one. For some reason, I can only find similar ones here (Amazon de, in):

www.amazon.de/…/B08HLN4B3B

www.amazon.in/…/B0C14RHW4H

However, searching for “world map large desk mat” yields you similar results.

I’m not sure where I bought that one now hmmm

ABasilPlant ,

You’re right, that’s exactly what happened. If you look at the top of the trace, it says __handle_sysrq. Moreover, it’s in the sysrq_handle_crash. That gets called when a sysrq combo is pressed.

How exactly "secure" is a container with all capabilities dropped, distroless, with a custom rootfs directory, a static, single binary with chmod set at 100 and file ownership pointed to non-root u...

ser*, and said non-root user being “nonexistant” (i.e set via ENV)? Can such container -STILL- be exploited/breached through malicious means? Forgot to mention that its a DOCKER container @ title, but there you have it. Just curious....

ABasilPlant ,

Absolutely. Check out side channel attacks. The problem here isn’t about software exploits, but hardware issues. en.wikipedia.org/wiki/Side-channel_attack

Some things to get you started: Meltdown and Spectre: en.wikipedia.org/…/Meltdown_(security_vulnerabili…, en.wikipedia.org/…/Spectre_(security_vulnerabilit…

Rowhammer: en.wikipedia.org/wiki/Row_hammer

These are exploited by malicious processes doing something to the hardware which may result in information about your process(es) being leaked. Now, if this is on your computer, then the chances of encountering a malicious process that exploits this hardware bug would be low.

However, when you move this scenario to the cloud, things become more possible. Your vm/container is being scheduled on CPUs that may/may not be shared by other containers. All it would take is for a malicious guest VM to be scheduled on the same core/CPU as you and try exploiting the same hardware you’re sharing.

ABasilPlant ,

github.com/microsoft/vscode/issues/10121#issuecom…

How about this?

ABasilPlant ,

That title is… something

ABasilPlant ,

You need to have end cards enabled.

ABasilPlant ,

This is such a cool photo - I’m going to use it as my laptop wallpaper (if that’s okay 🤞)!

ABasilPlant ,

Hands down, one of the best tools I’ve used in a very long time:

github.com/PJ-Singh-001/Cubic

Download a Debian 12 standard live ISO (or with GNOME or any other iso) and you’re good to go. I’ve compiled custom kernels with it too. If you want persistence, then you use mkusb.

ABasilPlant ,

Use the live version (thd try without installing option). You can also remove the installer code if you really want to - I think Ubuntu uses ubiquity/subiquity.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • lifeLocal
  • goranko
  • All magazines
    •