Thoughts on Linux for Apple Silicon Macs: part 2

After iBoot, code execution is controlled by us. What should be used as a second stage after that though? One of the constraints is that servicing such a third-stage boot loader needs to go through macOS Recovery. That means that this stage is not easily serviceable. Running regular kernels would require an abstraction layer in… Continue reading Thoughts on Linux for Apple Silicon Macs: part 2

Thoughts on Linux for Apple Silicon Macs: part 1

For this part, one question is paramount, will flattened device tree or ACPI be used? or will Linux on Apple Silicon Macs use Apple device trees? This question is not devoid of consequences. Traditionally, Linux on PowerPC Macs directly parsed Apple device trees instead of a standardised format. For the Apple Silicon Macs, everyone currently… Continue reading Thoughts on Linux for Apple Silicon Macs: part 1

Disabling boot-time security: lines to not cross

Let’s assume that we are on a platform which actually allows to boot unsigned operating systems. What are the bad things that such a platform can have? The most ubiquitous issue is reminding the user at each boot that their device has a reduced security policy. Such a tamper-evident mechanism annoys users and is ineffective… Continue reading Disabling boot-time security: lines to not cross

Ghidra for Arm 64-bit Linux systems

Disclaimer: Note that those builds are provided without any warranty. Feel free to polish the patchset and submit it upstream, I don’t have the time for that right now. Ghidra 9.2.1 Linux AArch64 (built on Fedora 33): https://threedots.ovh/bubbles/ghidra_9.2.1_DEV_20210113_linuxarm64.zip Ghidra patchset: https://threedots.ovh/bubbles/ghidra_9.2.1_dev_20210113_diff.patch

Extent of safety properties in WebAssembly

WebAssembly has been one of the trendiest intermediate representations since a while. However, its definition of safety means preventing breaching the sandbox. Its goal is to prevent escalation from the VM guest code to the VM host boundary. WASI then defines a capabilities-based syscall interface that can be used by applications. Some alternatives which can… Continue reading Extent of safety properties in WebAssembly

Linux for Tegra kernel patches

Linux for Tegra today still ships with a Linux 4.9 kernel version. At https://github.com/OE4T/linux-tegra-4.9, an L4T-derived kernel with patches to build with the most recent compilers is available. At the branch “public” of https://github.com/woachk/linux-tegra-4.9, some backports that might interest others were done (because I had to…): AArch64 KVM: cntpct_el0 access fixes AArch64 KVM: user-mode interrupt… Continue reading Linux for Tegra kernel patches

Building Arm 64-bit XNU (Darwin 20)

Assuming that instructions from https://kernelshaman.blogspot.com/2021/01/building-xnu-for-macos-big-sur-1101.html were already followed including for the iPhoneOS target… The patch: The build command line: Of course, without kexts that’s not very useful for now… and most macOS arm64 stuff isn’t included yet.

Thoughts on Tachyum

Tachyum is a CPU startup that claims that they will release a VLIW CPU for general purpose use, a claim has been made countless times. However, to my knowledge, I didn’t see a device fulfilling those dreams (Intel and Nvidia were the closest with much more resources). According to Tachyum, the Prodigy processor would also… Continue reading Thoughts on Tachyum