miscellaneous development log

Patrick · January 10, 2024, 1:35pm

mkosi git signing key unusable · Issue #2219 · systemd/mkosi · GitHub

Patrick · March 17, 2024, 5:05pm

github.com/systemd/systemd

Feature Request: Conditional Application of systemd Drop-In Files

opened 05:04PM - 17 Mar 24 UTC

adrelanos

RFE 🎁 pid1

### Component systemd ### Is your feature request related to a problem? Please… describe Currently, systemd supports the use of drop-in files to extend or override configuration settings for unit files. While systemd provides the `ConditionPathExists` directive to conditionally start a service based on the existence of a file or directory, there is no built-in mechanism to conditionally apply drop-in files based on custom conditions within those files. It would be highly beneficial to have a feature in systemd that allows for the conditional application of drop-in files based on custom conditions. This would provide users with greater flexibility and control over the configuration of systemd units. A specific example would be the following one: * https://github.com/Kicksecure/security-misc/issues/213 Complex hardening would be enabled by default. But to easily opt-in/out the additional hardening, to simplify testing, a status file would be helpful. ### Describe the solution you'd like Introduce a new directive, such as `ConditionDropIn`, that allows users to specify custom conditions within drop-in files themselves. This directive could accept a condition expression similar to other systemd directives, enabling users to define conditions based on various factors such as the existence of specific files, system properties, environment variables, or other runtime conditions. Example: `/lib/systemd/system/myservice.service.d/50_drop-in.conf` ``` [Service] ConditionDropIn=Exists:/path/to/status/file # Additional configuration specific to the condition, which is disregarded if the status file does not exist. ``` In this example, the drop-in file `50_user.conf` would only be applied if the file `/path/to/status/file` exists. ### Describe alternatives you've considered Packaging, scripting. ### The systemd version you checked that didn't have the feature you are asking for _No response_

Patrick · July 7, 2024, 4:53pm

systemcheck multi-user issue when using a user different from user user:

https://www.reddit.com/r/Kicksecure/comments/1dcr2kv/cant_run_systemcheck/

Patrick · July 8, 2024, 3:17pm

Patrick · July 13, 2024, 8:52pm

Comment on Stop handling dkms.conf as a bash/shell script · Issue #414 · dell/dkms · GitHub.

Patrick · July 20, 2024, 4:45pm

github.com/systemd/systemd

journalctl option to show journal log since last activation attempt / failure / run only

opened 04:44PM - 20 Jul 24 UTC

adrelanos

RFE 🎁 journal

### Component journalctl ### Is your feature request related to a problem? Ple…ase describe I wanted to have a global on-failure handler that sends me an e-mail for every failed systemd unit. That is possible. The handler script should send the journal log for the failed invocation. Only for the failed invocation. Not any earlier log. ### Describe the solution you'd like A command to show the journal log since the last activation attempt only. Something like: journalctl --activation 1 -u unit-name.service (Similar to the already existing, helpful `--boot`.) ### Describe alternatives you've considered A scripted solution. (Pseudo code. Not functional.) journalctl -u <unit-name> --since "$(systemctl show -p ActiveEnterTimestamp <unit-name> | cut -d= -f2)" But I guess that is more fragile. ### The systemd version you checked that didn't have the feature you are asking for 256

Patrick · July 26, 2024, 3:45pm

github.com/koalaman/shellcheck

False positive on SC2185 (find without path argument)

opened 12:29AM - 09 Nov 19 UTC

vog

#### For bugs - Rule Id (if any, e.g. SC1000): SC2185 - My shellcheck version …(`shellcheck --version` or 'online'): online and 0.5.0 - [x] I tried on shellcheck.net and verified that this is still a problem on the latest commit - [ ] It's not reproducible on shellcheck.net, but I think that's because it's an OS, configuration or encoding issue #### Here's a snippet or screenshot that shows the problem: ```sh #!/bin/sh find --version ``` #### Here's what shellcheck currently says: ``` SC2185: Some finds don't have a default path. Specify '.' explicitly. ``` #### Here's what I wanted or expected to see: No warning at all. Rationale: Calling "find --version", or "SOMETOOL --version" is the standard way of checking whether the tool is properly installed or not. Portable shell scripts usually have a bunch of those commands at the very beginning, to avoid spurious failure on minimalistic (and/or embeeded) system. As such, an execution with "--version", "--help" and similar options should not trigger the warning of a missing path argument.

Patrick · August 6, 2024, 10:58am

github.com/Kicksecure/security-misc

Mitigate tar storing usernames and groups

Kicksecure:master ← groovy-boiler:tar_privacy

opened 01:33AM - 31 Jul 24 UTC

groovy-boiler

+5 -0

tar stores your user and its group in the archive. Make an archive with tar (or… find one) then extract it like this: `tar -zvtf archive-name.tar.gz | head -n 10` The output will look like something like this: ``` -rw-r--r-- kevin/volunteer 290 2023-09-11 03:10 file1 -rw-r--r-- kevin/volunteer 23558 2024-07-30 11:45 file2 -rw-r--r-- bob/admin 10958 2024-07-30 12:54 file3 -rw-r--r-- frank/staff 110 2023-07-04 11:45 file4 ``` `--owner="user" --group="user"` will mitigate this regardless of what the user logged in as is when creating a archive with tar. ## Mandatory Checklist - [X] Legal agreements accepted. By contributing to this organisation, you acknowledge you have read, understood, and agree to be bound by these these agreements: [Terms of Service](https://www.kicksecure.com/wiki/Terms_of_Service), [Privacy Policy](https://www.kicksecure.com/wiki/Privacy_Policy), [Cookie Policy](https://www.kicksecure.com/wiki/Cookie_Policy), [E-Sign Consent](https://www.kicksecure.com/wiki/E-Sign_Consent), [DMCA](https://www.kicksecure.com/wiki/DMCA), [Imprint](https://www.kicksecure.com/wiki/Imprint) ## Optional Checklist The following items are optional but might be requested in certain cases. - [X] I have tested it locally - [ ] I have reviewed and updated any documentation if relevant - [ ] I am providing new code and test(s) for it Fixes # **Privacy by default when executing tar to make an archive**

Patrick · August 16, 2024, 3:16pm

github.com/grml/grml-debootstrap

drop legacy support: stop supporting oldstable and older

opened 03:15PM - 16 Aug 24 UTC

adrelanos

https://github.com/grml/grml-debootstrap/pull/266 is one example of something di…fficult to implement due to old version support. That is versions older than Debian stable. Speak stable -1 (oldstable) or stable -2 (oldoldstable) or even older. Legacy support is expensive. Unless there is a specific reason to support anything older than stable, I would suggest to deprecate support for it. I would not know why I would want to use a recent version of grml-debootstrap to build an oldstable or older version of Debian. If legacy support was dropped, then the source code could be simplified. If this is a popular feature request that you wish to adhere or if you need it for some of your own purposes, that would be of course fine. Sometimes behavior slips into a project, is then carried forward without anyone still knowing why this is the case while it might no longer be necessary. At the chance that this might be happening here, suggesting this.

Patrick · September 4, 2024, 3:00pm

github.com/dell/dkms

/usr/sbin/dkms: line 1027: ((: < 2: syntax error: operand expected (error token is "< 2")

opened 03:00PM - 04 Sep 24 UTC

adrelanos

Error: ``` /usr/sbin/dkms: line 1027: ((: < 2: syntax error: operand expecte…d (error token is "< 2") ``` Log: ``` /etc/kernel/postinst.d/dkms: dkms: running auto installation service for kernel 6.1.0-25-amd64. Sign command: /usr/lib/linux-kbuild-6.1/scripts/sign-file Signing key: /var/lib/dkms/mok.key Public certificate (MOK): /var/lib/dkms/mok.pub /usr/sbin/dkms: line 1027: ((: < 2: syntax error: operand expected (error token is "< 2") Building module: Cleaning build area... make -j4 KERNELRELEASE=6.1.0-25-amd64 all... Signing module /var/lib/dkms/tirdad/0.1/build/module/tirdad.ko Cleaning build area... tirdad.ko: Running module version sanity check. - Original module - No original module exists within this kernel - Installation - Installing to /lib/modules/6.1.0-25-amd64/updates/dkms/ depmod... dkms: autoinstall for kernel: 6.1.0-25-amd64. /etc/kernel/postinst.d/dracut: ``` Debian bookworm. The line `1027` in `/usr/sbin/dkms` is: ``` (($(ls $source_dir | wc -l | awk {'print $1'}) < 2)) && die 8 \ ``` The context is. ``` # Error out if source_tree is basically empty (binary-only dkms tarball w/ --force check) (($(ls $source_dir | wc -l | awk {'print $1'}) < 2)) && die 8 \ $"The directory $source_dir does not appear to have module source located within it."\ $"Build halted." ``` The cause is likely a bug in `wc` or other system malfunction. wc -l > Illegal instruction (core dumped) It is not guaranteed that `wc` provides `stdout`. Therefore this line could use more defensive programming.

Patrick · September 12, 2024, 11:36am

Patrick · September 12, 2024, 11:36am

github.com/rspamd/rspamd

[BUG] `rspamd --version` `illegal hardware instruction` in function `rspamd_cryptobox_test_instr`

opened 11:34AM - 12 Sep 24 UTC

adrelanos

bug

### Prerequisites > * [ ] Put an X between the brackets on this line if you h…ave done all of the following: > * Read about bug reporting in general: https://rspamd.com/doc/faq.html#how-to-report-bugs-found-in-rspamd Done. > * Enabled relevant debugging logs: https://rspamd.com/doc/faq.html#how-to-debug-some-module-in-rspamd Not module related, not applicable, not done. > * Checked the FAQs about Core files in case of fatal crash: https://rspamd.com/doc/faq.html#how-to-figure-out-why-rspamd-process-crashed Done. > * Tried ASAN package and obtained the ASAN report (if possible): https://rspamd.com/doc/faq.html#asan-builds Done. (Described below in this report.) > * Checked that your issue isn't already filed: https://github.com/issues?utf8=%E2%9C%93&q=is%3Aissue+user%3Arspamd * https://github.com/rspamd/rspamd/issues/399 looks similar, that's why I am already providing all debug output you might ask for but that issue is old and says was resolved. > * Checked that there is not already an experimental package or master branch Not experimental / master branch. ### Steps to Reproduce rspamd --version (But `--version` is just to show that there is a grave issue here. `rspamd` is totally broken, unsuable for me on that system.) ### Expected behavior Show version, no error. ### Actual behavior ``` zsh: illegal hardware instruction rspamd --version ``` ### Versions `3.9.1-1` from rspamd repository. > Setting up rspamd (3.9.1-1~82f43560f~bookworm) ... > Setting up rspamd-dbg (3.9.1-1~82f43560f~bookworm) ... ``` lsb_release -a ``` ``` No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 12 (bookworm) Release: 12 Codename: bookworm ``` Actually, Kicksecure which comes with [security-misc](https://github.com/Kicksecure/security-misc), which enables a lot of kernel security related kernel parameters and sysctl. ### Additional Information ``` rspamd --version ``` ``` zsh: illegal hardware instruction rspamd --version ``` ``` ls -la /coreland ``` ``` total 19M drwxrwxrwt 2 root root 4.0K Sep 12 10:47 . drwxr-xr-x 20 root root 4.0K Sep 12 10:45 .. -rw------- 1 root root 47M Sep 12 10:47 rspamd.core.428204 ``` ``` gdb `which rspamd` -c /coreland/rspamd.core.428204 ``` ``` GNU gdb (Debian 13.1-3) 13.1 Copyright (C) 2023 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". Type "show configuration" for configuration details. For bug reporting instructions, please see: <https://www.gnu.org/software/gdb/bugs/>. Find the GDB manual and other documentation resources online at: <http://www.gnu.org/software/gdb/documentation/>. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from /usr/bin/rspamd... Reading symbols from /usr/lib/debug/.build-id/9c/731c10279db516d8e69a70bd3f3979dcca64dc.debug... warning: Can't open file /dev/zero (deleted) during file-backed mapping note processing [New LWP 445607] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Core was generated by `rspamd --version'. Program terminated with signal SIGILL, Illegal instruction. #0 rspamd_cryptobox_test_instr (instr=instr@entry=1) at ./src/libcryptobox/cryptobox.c:169 169 ./src/libcryptobox/cryptobox.c: No such file or directory. (gdb) bt full #0 rspamd_cryptobox_test_instr (instr=instr@entry=1) at ./src/libcryptobox/cryptobox.c:169 old_handler = 0x718722f97870 <backward::SignalHandling::sig_handler(int, siginfo_t*, void*)> rd = <optimized out> #1 0x0000718722cf0983 in rspamd_cryptobox_init () at ./src/libcryptobox/cryptobox.c:254 nid = 22 osxsave_mask = <optimized out> bit = <optimized out> buf = <optimized out> cpu = <optimized out> fma_movbe_osxsave_mask = <optimized out> avx2_bmi12_mask = <optimized out> cpu = <optimized out> nid = <optimized out> osxsave_mask = <optimized out> fma_movbe_osxsave_mask = <optimized out> avx2_bmi12_mask = <optimized out> bit = <optimized out> ctx = <optimized out> buf = <optimized out> __func__ = <optimized out> _g_boolean_var_ = <optimized out> #2 rspamd_cryptobox_init () at ./src/libcryptobox/cryptobox.c:187 cpu = <optimized out> nid = <optimized out> osxsave_mask = 134217728 fma_movbe_osxsave_mask = 138416128 avx2_bmi12_mask = 296 bit = <optimized out> --Type <RET> for more, q to quit, c to continue without paging--c buf = <optimized out> ctx = 0x71871e4298a0 __func__ = "rspamd_cryptobox_init" _g_boolean_var_ = <optimized out> #3 0x0000718722d361c8 in rspamd_init_libs () at ./src/libserver/cfg_utils.cxx:2638 rlim = {rlim_cur = 100556660522024, rlim_max = 140726958039664} ottery_cfg = <optimized out> ctx = 0x71871e45b180 utf8_flags = <optimized out> __PRETTY_FUNCTION__ = <optimized out> #4 0x00005b74ac059f7b in main (argc=<optimized out>, argv=<optimized out>, env=<optimized out>) at ./src/rspamd.c:1451 i = <optimized out> res = 0 signals = {__sigaction_handler = {sa_handler = 0x0, sa_sigaction = 0x0}, sa_mask = {__val = {124825221286101, 124825218977424, 124825223997456, 124825110577792, 5613767107662577664, 8388608, 124825197790928, 124825221298288, 18446744067250323455, 0, 8, 140726958040096, 2, 9, 124825142260816, 124825222643616}}, sa_flags = 0, sa_restorer = 0x6572} sigpipe_act = {__sigaction_handler = {sa_handler = 0xa, sa_sigaction = 0xa}, sa_mask = {__val = {26, 124825142190272, 0, 1, 124825197795096, 124825197794280, 124825197794288, 124825197795104, 124825216522761, 2, 9223372036854775818, 0, 0, 0, 0, 0}}, sa_flags = 0, sa_restorer = 0x7ffd8c5824b0} pworker = <optimized out> type = <optimized out> control_addr = 0x0 event_loop = <optimized out> rspamd_main = 0x71871e49c180 skip_pid = 0 control_signals = {__val = {2561, 0, 4292796126, 0, 4292598747, 0, 4280887593, 0, 4280690214, 0, 4280558628, 0, 4280361249, 0, 0, 124825142260768}} __func__ = "main" stat_update_time = <optimized out> (gdb) disassemble Dump of assembler code for function rspamd_cryptobox_test_instr: 0x0000718722ceb0e0 <+0>: sub $0x18,%rsp 0x0000718722ceb0e4 <+4>: lea -0x2b(%rip),%rsi # 0x718722ceb0c0 <rspamd_cryptobox_ill_handler> 0x0000718722ceb0eb <+11>: movl $0x1,0x528fb3(%rip) # 0x7187232140a8 <ok> 0x0000718722ceb0f5 <+21>: mov %edi,0x4(%rsp) 0x0000718722ceb0f9 <+25>: mov $0x4,%edi 0x0000718722ceb0fe <+30>: call 0x718722cb6460 <signal@plt> 0x0000718722ceb103 <+35>: lea 0x528ed6(%rip),%rdi # 0x718723213fe0 <j> 0x0000718722ceb10a <+42>: mov %rax,0x8(%rsp) 0x0000718722ceb10f <+47>: call 0x718722cb6470 <_setjmp@plt> 0x0000718722ceb114 <+52>: test %eax,%eax 0x0000718722ceb116 <+54>: jne 0x718722ceb180 <rspamd_cryptobox_test_instr+160> 0x0000718722ceb118 <+56>: mov 0x4(%rsp),%eax 0x0000718722ceb11c <+60>: cmp $0x20,%eax 0x0000718722ceb11f <+63>: jg 0x718722ceb138 <rspamd_cryptobox_test_instr+88> 0x0000718722ceb121 <+65>: ja 0x718722ceb18f <rspamd_cryptobox_test_instr+175> 0x0000718722ceb123 <+67>: lea 0x3a9e16(%rip),%rdx # 0x718723094f40 0x0000718722ceb12a <+74>: movslq (%rdx,%rax,4),%rax 0x0000718722ceb12e <+78>: add %rdx,%rax 0x0000718722ceb131 <+81>: jmp *%rax 0x0000718722ceb133 <+83>: nopl 0x0(%rax,%rax,1) 0x0000718722ceb138 <+88>: mov 0x4(%rsp),%eax 0x0000718722ceb13c <+92>: cmp $0x40,%eax 0x0000718722ceb13f <+95>: je 0x718722ceb198 <rspamd_cryptobox_test_instr+184> 0x0000718722ceb141 <+97>: cmp $0x80,%eax 0x0000718722ceb146 <+102>: jne 0x718722ceb18f <rspamd_cryptobox_test_instr+175> 0x0000718722ceb148 <+104>: rdrand %eax 0x0000718722ceb14b <+107>: setb 0x528f56(%rip) # 0x7187232140a8 <ok> --Type <RET> for more, q to quit, c to continue without paging--c 0x0000718722ceb152 <+114>: nopw 0x0(%rax,%rax,1) 0x0000718722ceb158 <+120>: mov 0x8(%rsp),%rsi 0x0000718722ceb15d <+125>: mov $0x4,%edi 0x0000718722ceb162 <+130>: call 0x718722cb6460 <signal@plt> 0x0000718722ceb167 <+135>: xor %eax,%eax 0x0000718722ceb169 <+137>: cmpl $0x1,0x528f38(%rip) # 0x7187232140a8 <ok> 0x0000718722ceb170 <+144>: sete %al 0x0000718722ceb173 <+147>: add $0x18,%rsp 0x0000718722ceb177 <+151>: ret 0x0000718722ceb178 <+152>: nopl 0x0(%rax,%rax,1) 0x0000718722ceb180 <+160>: mov 0x8(%rsp),%rsi 0x0000718722ceb185 <+165>: mov $0x4,%edi 0x0000718722ceb18a <+170>: call 0x718722cb6460 <signal@plt> 0x0000718722ceb18f <+175>: xor %eax,%eax 0x0000718722ceb191 <+177>: jmp 0x718722ceb173 <rspamd_cryptobox_test_instr+147> 0x0000718722ceb193 <+179>: nopl 0x0(%rax,%rax,1) 0x0000718722ceb198 <+184>: push %rax 0x0000718722ceb199 <+185>: xor %rax,%rax 0x0000718722ceb19c <+188>: crc32 %rax,%rax 0x0000718722ceb1a2 <+194>: pop %rax 0x0000718722ceb1a3 <+195>: jmp 0x718722ceb158 <rspamd_cryptobox_test_instr+120> 0x0000718722ceb1a5 <+197>: nopl (%rax) 0x0000718722ceb1a8 <+200>: pshufb %xmm0,%xmm0 0x0000718722ceb1ad <+205>: jmp 0x718722ceb158 <rspamd_cryptobox_test_instr+120> 0x0000718722ceb1af <+207>: nop 0x0000718722ceb1b0 <+208>: movshdup %xmm0,%xmm0 0x0000718722ceb1b4 <+212>: jmp 0x718722ceb158 <rspamd_cryptobox_test_instr+120> 0x0000718722ceb1b6 <+214>: cs nopw 0x0(%rax,%rax,1) 0x0000718722ceb1c0 <+224>: pcmpeqq %xmm0,%xmm0 0x0000718722ceb1c5 <+229>: jmp 0x718722ceb158 <rspamd_cryptobox_test_instr+120> 0x0000718722ceb1c7 <+231>: nopw 0x0(%rax,%rax,1) => 0x0000718722ceb1d0 <+240>: vpaddq %ymm0,%ymm0,%ymm0 0x0000718722ceb1d4 <+244>: jmp 0x718722ceb158 <rspamd_cryptobox_test_instr+120> 0x0000718722ceb1d6 <+246>: cs nopw 0x0(%rax,%rax,1) 0x0000718722ceb1e0 <+256>: psubb %xmm0,%xmm0 0x0000718722ceb1e4 <+260>: jmp 0x718722ceb158 <rspamd_cryptobox_test_instr+120> 0x0000718722ceb1e9 <+265>: nopl 0x0(%rax) 0x0000718722ceb1f0 <+272>: vpaddq %xmm0,%xmm0,%xmm0 0x0000718722ceb1f4 <+276>: jmp 0x718722ceb158 <rspamd_cryptobox_test_instr+120> End of assembler dump. (gdb) ``` ---- cpuinfo of **broken** system: ``` cat /proc/cpuinfo ``` ``` processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 94 model name : Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz stepping : 3 microcode : 0xf0 cpu MHz : 3699.997 cache size : 8192 KB physical id : 0 siblings : 4 core id : 0 cpu cores : 4 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 22 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs taa itlb_multihit srbds mmio_stale_data retbleed gds bogomips : 6799.81 clflush size : 64 cache_alignment : 64 address sizes : 39 bits physical, 48 bits virtual power management: processor : 1 vendor_id : GenuineIntel cpu family : 6 model : 94 model name : Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz stepping : 3 microcode : 0xf0 cpu MHz : 3700.004 cache size : 8192 KB physical id : 0 siblings : 4 core id : 1 cpu cores : 4 apicid : 2 initial apicid : 2 fpu : yes fpu_exception : yes cpuid level : 22 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs taa itlb_multihit srbds mmio_stale_data retbleed gds bogomips : 6799.81 clflush size : 64 cache_alignment : 64 address sizes : 39 bits physical, 48 bits virtual power management: processor : 2 vendor_id : GenuineIntel cpu family : 6 model : 94 model name : Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz stepping : 3 microcode : 0xf0 cpu MHz : 3699.997 cache size : 8192 KB physical id : 0 siblings : 4 core id : 2 cpu cores : 4 apicid : 4 initial apicid : 4 fpu : yes fpu_exception : yes cpuid level : 22 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs taa itlb_multihit srbds mmio_stale_data retbleed gds bogomips : 6799.81 clflush size : 64 cache_alignment : 64 address sizes : 39 bits physical, 48 bits virtual power management: processor : 3 vendor_id : GenuineIntel cpu family : 6 model : 94 model name : Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz stepping : 3 microcode : 0xf0 cpu MHz : 3700.003 cache size : 8192 KB physical id : 0 siblings : 4 core id : 3 cpu cores : 4 apicid : 6 initial apicid : 6 fpu : yes fpu_exception : yes cpuid level : 22 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs taa itlb_multihit srbds mmio_stale_data retbleed gds bogomips : 6799.81 clflush size : 64 cache_alignment : 64 address sizes : 39 bits physical, 48 bits virtual power management: ``` ---- Here is another cpuinfo of a **functional** system with an idential system configuration. ``` cat /proc/cpuinfo ``` ``` processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 158 model name : Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz stepping : 9 microcode : 0xf8 cpu MHz : 900.011 cache size : 8192 KB physical id : 0 siblings : 4 core id : 0 cpu cores : 4 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 22 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml ept_mode_based_exec bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs taa itlb_multihit srbds mmio_stale_data retbleed gds bogomips : 7200.00 clflush size : 64 cache_alignment : 64 address sizes : 39 bits physical, 48 bits virtual power management: processor : 1 vendor_id : GenuineIntel cpu family : 6 model : 158 model name : Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz stepping : 9 microcode : 0xf8 cpu MHz : 900.184 cache size : 8192 KB physical id : 0 siblings : 4 core id : 1 cpu cores : 4 apicid : 2 initial apicid : 2 fpu : yes fpu_exception : yes cpuid level : 22 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml ept_mode_based_exec bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs taa itlb_multihit srbds mmio_stale_data retbleed gds bogomips : 7200.00 clflush size : 64 cache_alignment : 64 address sizes : 39 bits physical, 48 bits virtual power management: processor : 2 vendor_id : GenuineIntel cpu family : 6 model : 158 model name : Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz stepping : 9 microcode : 0xf8 cpu MHz : 900.009 cache size : 8192 KB physical id : 0 siblings : 4 core id : 2 cpu cores : 4 apicid : 4 initial apicid : 4 fpu : yes fpu_exception : yes cpuid level : 22 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml ept_mode_based_exec bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs taa itlb_multihit srbds mmio_stale_data retbleed gds bogomips : 7200.00 clflush size : 64 cache_alignment : 64 address sizes : 39 bits physical, 48 bits virtual power management: processor : 3 vendor_id : GenuineIntel cpu family : 6 model : 158 model name : Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz stepping : 9 microcode : 0xf8 cpu MHz : 900.006 cache size : 8192 KB physical id : 0 siblings : 4 core id : 3 cpu cores : 4 apicid : 6 initial apicid : 6 fpu : yes fpu_exception : yes cpuid level : 22 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml ept_mode_based_exec bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs taa itlb_multihit srbds mmio_stale_data retbleed gds bogomips : 7200.00 clflush size : 64 cache_alignment : 64 address sizes : 39 bits physical, 48 bits virtual power management: ``` ---- Here is the `diff broken ok` (broken /proc/cpuinfo CPU versus functional /proc/cpuinfo CPU): ``` diff broken ok ``` ``` 4,8c4,8 < model : 94 < model name : Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz < stepping : 3 < microcode : 0xf0 < cpu MHz : 3700.001 --- > model : 158 > model name : Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz > stepping : 9 > microcode : 0xf8 > cpu MHz : 900.011 20,21c20,21 < flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities < vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml --- > flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities > vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml ept_mode_based_exec 23c23 < bogomips : 6799.81 --- > bogomips : 7200.00 32,36c32,36 < model : 94 < model name : Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz < stepping : 3 < microcode : 0xf0 < cpu MHz : 3700.003 --- > model : 158 > model name : Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz > stepping : 9 > microcode : 0xf8 > cpu MHz : 900.184 48,49c48,49 < flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities < vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml --- > flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities > vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml ept_mode_based_exec 51c51 < bogomips : 6799.81 --- > bogomips : 7200.00 60,64c60,64 < model : 94 < model name : Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz < stepping : 3 < microcode : 0xf0 < cpu MHz : 3699.998 --- > model : 158 > model name : Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz > stepping : 9 > microcode : 0xf8 > cpu MHz : 900.009 76,77c76,77 < flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities < vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml --- > flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities > vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml ept_mode_based_exec 79c79 < bogomips : 6799.81 --- > bogomips : 7200.00 88,92c88,92 < model : 94 < model name : Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz < stepping : 3 < microcode : 0xf0 < cpu MHz : 3700.001 --- > model : 158 > model name : Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz > stepping : 9 > microcode : 0xf8 > cpu MHz : 900.006 104,105c104,105 < flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities < vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml --- > flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc art arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm 3dnowprefetch cpuid_fault epb invpcid_single pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid mpx rdseed adx smap clflushopt intel_pt xsaveopt xsavec xgetbv1 xsaves dtherm ida arat pln pts hwp hwp_notify hwp_act_window hwp_epp md_clear flush_l1d arch_capabilities > vmx flags : vnmi preemption_timer invvpid ept_x_only ept_ad ept_1gb flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest ple shadow_vmcs pml ept_mode_based_exec 107c107 < bogomips : 6799.81 --- > bogomips : 7200.00 ``` ---- Why did I attach the CPU info of both, a broken machine and a functional machine? Because I am suspecting this could be CPU related. The broken CPU for example lacks a few CPU flags such as `avx`. In summary: * `model name : Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz` - issue * `model name : Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz` - no issue ---- ## ASAN build How about ASAN builds? It does not create a core file. I have no idea why. Only rspamd / rspamd-dbg version creates core files. Why rspamd-asan does not create core files I don't know. Should be the same, right? Once I figured out how to create core files it should always be functional? ``` rspamd --version ``` ``` zsh: illegal hardware instruction rspamd --version ``` ``` ls -la /coreland ``` ``` total 8.0K drwxrwxrwt 2 root root 4.0K Sep 12 11:04 . drwxr-xr-x 20 root root 4.0K Sep 12 10:45 .. ```

Patrick · September 14, 2024, 8:29pm

[BUG] `rspamd --version` `illegal hardware instruction` in function `rspamd_cryptobox_test_instr` · Issue #5137 · rspamd/rspamd · GitHub

Patrick · September 24, 2024, 4:06am

Implement clean_chroot to avoid host env variables like TMP to leak into the chroot by mika · Pull Request #280 · grml/grml-debootstrap · GitHub

Patrick · October 3, 2024, 7:26am

Patrick · January 15, 2025, 4:25pm

Patrick · January 23, 2025, 5:13pm

Remove legacy PC boot support? · Issue #304 · grml/grml-debootstrap · GitHub

Patrick · January 29, 2025, 11:35am

github.com/grml/grml-debootstrap

use `LC_ALL=C` instead of `LANG=C`

opened 11:34AM - 29 Jan 25 UTC

adrelanos

Based on https://unix.stackexchange.com/questions/576701/what-is-the-difference-…between-lang-c-and-lc-all-c. Specifically reply https://unix.stackexchange.com/a/576711/49297. Quote: > `LANG` does not override: > > ``` > $ export LC_NUMERIC="de_DE.UTF-8" > $ export LANG=C > $ printf "%.2f\n" 3.14 > -bash: printf: 3.14: invalid number > 3,00 > ``` > > But `LC_ALL` does: > > ``` > $ export LC_NUMERIC="de_DE.UTF-8" > $ export LC_ALL=C > $ printf "%.2f\n" 3.14 > 3.14 > ``` Confirmed. Therefore mentions of `LANG=C` should be replaced with `LC_ALL=C`, where applicable. If you agree with this, I am happy to send a pull request.

Patrick · January 30, 2025, 1:24pm

Patrick · January 30, 2025, 1:33pm

Use mmdebstrap as our only debootstrap implementation by zeha · Pull Request #309 · grml/grml-debootstrap · GitHub
Clarify design goals · Issue #311 · grml/grml-debootstrap · GitHub
Make bootloader updates on UEFI-based systems work by ArrayBolt3 · Pull Request #299 · grml/grml-debootstrap · GitHub