Category: Uncategorized

A new XNU release appeared at: https://opensource.apple.com/tarballs/xnu/xnu-7195.60.75.tar.gz. What’s not there: Tunables for Apple Firestorm/Icestorm. Hypervisor support for Apple Silicon-based Macs doesn’t seem to be there and Rosetta support …and some parts of the source code. AMX support is not present either The shiny new things: Apart from tunables, support for A14/M1. Look at the SETUP… Continue reading New XNU source release

The first RFC got submitted to upstream to solicit comments about it. It’s quite minimal, only including the interrupt controller and secondary CPU startup drivers, with the core kernel changes needed to accommodate the hardware. Notably, it doesn’t include a UART driver. It isn’t ready for mainline inclusion yet. For technical reasons evaluated on iPhones… Continue reading Linux on Apple Silicon Macs: first RFC submission

From a quick look at Windows 10X build 20279 (fe_release_10x) on 64-bit Arm: No x86(_64) backwards compatibility for UWP apps Which brings us to the next point… Arm 32-bit compatibility is not only there but required, base applications such as the Microsoft Store rely on it. This also applies to 64-bit Arm Windows desktop SKUs.… Continue reading A look at Windows 10X on Arm

After iBoot, code execution is controlled by us. What should be used as a second stage after that though? One of the constraints is that servicing such a third-stage boot loader needs to go through macOS Recovery. That means that this stage is not easily serviceable. Running regular kernels would require an abstraction layer in… Continue reading Thoughts on Linux for Apple Silicon Macs: part 2

For this part, one question is paramount, will flattened device tree or ACPI be used? or will Linux on Apple Silicon Macs use Apple device trees? This question is not devoid of consequences. Traditionally, Linux on PowerPC Macs directly parsed Apple device trees instead of a standardised format. For the Apple Silicon Macs, everyone currently… Continue reading Thoughts on Linux for Apple Silicon Macs: part 1

Let’s assume that we are on a platform which actually allows to boot unsigned operating systems. What are the bad things that such a platform can have? The most ubiquitous issue is reminding the user at each boot that their device has a reduced security policy. Such a tamper-evident mechanism annoys users and is ineffective… Continue reading Disabling boot-time security: lines to not cross

Disclaimer: Note that those builds are provided without any warranty. Feel free to polish the patchset and submit it upstream, I don’t have the time for that right now. Ghidra 9.2.1 Linux AArch64 (built on Fedora 33): https://threedots.ovh/bubbles/ghidra_9.2.1_DEV_20210113_linuxarm64.zip Ghidra patchset: https://threedots.ovh/bubbles/ghidra_9.2.1_dev_20210113_diff.patch

Interestingly, public materials about the Drawbridge variant used on SQL Server are few and far between. So here is a slide deck about me working with Drawbridge from several years back. I’ve updated parts of it later on, keeping up partially with more recent SQLPAL versions. Since I made that slide deck, lots of things… Continue reading Drawbridge: what SQL Server on Linux is built on

WebAssembly has been one of the trendiest intermediate representations since a while. However, its definition of safety means preventing breaching the sandbox. Its goal is to prevent escalation from the VM guest code to the VM host boundary. WASI then defines a capabilities-based syscall interface that can be used by applications. Some alternatives which can… Continue reading Extent of safety properties in WebAssembly

Linux for Tegra today still ships with a Linux 4.9 kernel version. At https://github.com/OE4T/linux-tegra-4.9, an L4T-derived kernel with patches to build with the most recent compilers is available. At the branch “public” of https://github.com/woachk/linux-tegra-4.9, some backports that might interest others were done (because I had to…): AArch64 KVM: cntpct_el0 access fixes AArch64 KVM: user-mode interrupt… Continue reading Linux for Tegra kernel patches