✧✦Catherine✦✧

i think if your network card has "UEFI secure boot" you have done something wrong. probably a lot of things

i counted at least 6 different pieces of firmware when looking at it component by component (if you can call a 128 GB eMMC with Ubuntu on it "firmware")

Apr 8 at 1:09amWeb
Show thread✧✦Catherine✦✧4d ago

i thought this network card runs linux

i was wrong. it runs TWO copies of linux

Show thread'Pa 4d ago
@whitequark I've said it before and I'll say it again: EU legislators that mandated firmware BOMs for every product, are in for the surprise of their lives.
Show threadKevin Karhan4d ago
@pa @whitequark if it was my decisiom, only #OpenSource #Hardware (down to the single transistor!) And #FLOSS would he legal to import, sell, buy and use for #EU authorities…
Show threadpaulhey4d ago
@whitequark Is it like cisco's UCS systems where the firmware comes in pairs? one live an the other cold where you update the cold one and reboot into it, leaving a working backup. Or did they do something monstrous like having separate instances for each 200Gb interface, with some sort of sync/interconnect API?
Show thread✧✦Catherine✦✧4d ago
@paulhey neither. it has a bmc
Show threadpaulhey4d ago
@whitequark Both the controller and the BMC are running Linux!?!? No wonder the firmware update is cursed.
Show thread✧✦Catherine✦✧4d ago
@paulhey yes
Show threadHugo Slabbert ⚠️4d ago
@whitequark
Show threadthunfisch4d ago
@whitequark @s0 okay, but does it run crysis?
Show thread✧✦Catherine✦✧4d ago
@thunfisch @s0 it has 32 GB of DDR5 and a PCIe root complex. I bet I can make it happen
Show thread✧✦Catherine✦✧4d ago
@thunfisch @s0 the soc is an aarch64 device probably fast enough to run qemu and wine
Show threadthunfisch4d ago
@whitequark @s0 I love the fact that you seem to be seriously considering it 😅
Show thread✧✦Catherine✦✧4d ago
@thunfisch @s0 you did ask!
Show threadthunfisch4d ago
@whitequark @s0 fair :) more as a shitpost than anything else but deep down I am a bit curious.
Show threadClaudius4d ago

@thunfisch @whitequark @s0 reminds me of that time where someone installed Linux on their harddrive. That is, "ran it on a relatively beefy controller chip on that HDD".

Sadly, it's been 10+ years, and I can't find that post any more :-(

Show threadthunfisch4d ago
@claudius @whitequark @s0 omg that's awesome. Imagining the conversations. The meme potential. The hysterical laughter that follows.
Show threadthunfisch4d ago

@claudius @whitequark @s0

...and of course it was spritesmods. Absolute legend.

https://spritesmods.com/?art=hddhack

Sprites mods - Hard disk hacking - Intro

Show threadClaudius4d ago

@thunfisch @whitequark @s0 This time I'm bookmarking it :-D

Thanks for finding it again!

Show threadKat S4d ago
@whitequark On a network card.
@thunfisch @s0
Show threadthunfisch4d ago

@KatS @whitequark @s0 We call these things a "DPU" and pretend that it's fine. If you wanna read how well that can go, there's https://isolveproblems.substack.com/p/how-microsoft-vaporized-a-trillion .

Be warned though, there be dragons in that article that can't be unread.

How Microsoft Vaporized a Trillion Dollars

Inside the complacency and decisions that eroded trust in Azure—from a former Azure Core engineer.

Axel’s Substack
Show threadLarge Format Projectionist4d ago

@thunfisch @KatS @whitequark @s0

Let’s also be warned that this is just one point of view. I don’t mean that it’s wrong, but it may be *limited.*

Show threadFiona4d ago
@whitequark @thunfisch Sounds like you could probably compile firmware for one of the Linux-running parts on the other! ​
Show thread✧✦Catherine✦✧4d ago
@airtower @thunfisch definitely
Show threadD24d ago

@whitequark @thunfisch @s0 I mean, do we say crysis gets easier or harder when device is intentionally headless?

Edit: goddammit, autocorrect. It’s crysis with a y. (Said in a ‘mom, you’re embarrassing me’ tone)

Show threadthunfisch4d ago
@cascheranno @whitequark @s0 Just yeet out an ST2110-20 stream of the framebuffer and call it a day? :D
Show threadSnoopJ4d ago
@whitequark going for a record on the Conway's Law score table
Show thread✧✦Catherine✦✧4d ago
@SnoopJ shipping the org chart for sure
Show threadc-x-b  4d ago
@whitequark yo dawg I heard you like Linux so I put Linux on your network card so you can run Linux while you Linux with Linux
Show threadHeals 4d ago

@whitequark and only if both of them agree your packages get through :P

/cc @aeva

Show threadTunafishTiger4d ago
@whitequark it’s the year of desktop Linux on the network interface card
Show threadFull Metal Archaeopteryx4d ago
@whitequark
Any idea why?
Show thread✧✦Catherine✦✧4d ago
@DelilahTech BMC and offload
Show threadKevin Karhan3d ago
@whitequark O.O
Show threadShawn Webb4d ago
@whitequark How fun: that's my next engagement at ${DAYJOB}. Gonna do a code review of the UEFI module for a NIC with an eye towards Secure Boot.
Show thread✧✦Catherine✦✧4d ago

@lattera no no, i'm not talking about an UEFI module that the NIC injects into the host for PXE reasons. that would be too reasonable.

the NIC itself has UEFI. and a copy of Ubuntu.

Show thread✧✦Catherine✦✧4d ago
@lattera or did you get hired by Mellanox because then i'm sorry :D
Show threadMichael Kohne4d ago
@whitequark @lattera I doubt they are the only ones. I've been using cell modems of late and got to wondering why the damn ota update was 20mb, then someone told me that these things often run Linux. Absurd.
Show thread✧✦Catherine✦✧4d ago

@mhkohne @lattera oh yeah cell modems are basically just cellphones without UI

this is... well, it's cheaper to just remove a display from a cellphone and let an existing RIL implementation handle it than to make a completely new device from scratch

Show threadMichael Kohne4d ago
@whitequark @lattera It's funny because the chipsets are so complicated to interact with that there are companies that package them up with another microcontroller, giving you a nicer serial interface. Strangeness abounds.
Show thread✧✦Catherine✦✧4d ago
@mhkohne @lattera pretty sure modern LTE (and 5G) chipsets are all PCIe
Show thread✧✦Catherine✦✧4d ago
@mhkohne @lattera or at least PCIe-capable, some still have USB and serial for lower bandwidth applications
Show threadShawn Webb4d ago
@whitequark oOoOo, I didn't catch that nuance. Thanks for the clarification. :-)
Show threadRa (Freyja) (it/its)𒀭𒈹𒍠𒊩4d ago
@whitequark that is...... UEFI secure boot? using U-Boot? or is this thing fucking X86
Show thread✧✦Catherine✦✧4d ago
@freya it's AArch64. beats me what the bootloader is
Show threadRa (Freyja) (it/its)𒀭𒈹𒍠𒊩4d ago
@whitequark can I get a full eMMC dump and also a dump of any /dev/mtdblock* devices?
Show thread✧✦Catherine✦✧4d ago
@freya i can just give you root on this thing if you want
Show thread✧✦Catherine✦✧4d ago

@freya

INFO[MISC]: Erasing eMMC drive: /dev/mmcblk0
INFO[MISC]: Erasing NVME drive: /dev/nvme0n1

apparently it has NVMe. in addition to eMMC

Show threadRa (Freyja) (it/its)𒀭𒈹𒍠𒊩4d ago
@whitequark whaaat the fuck
Show threadRa (Freyja) (it/its)𒀭𒈹𒍠𒊩4d ago
@whitequark ok yeah now I'm fucking fascinated
Show thread✧✦Catherine✦✧4d ago
@freya ths card has 32 GB of DDR5
Show threadRa (Freyja) (it/its)𒀭𒈹𒍠𒊩4d ago
@whitequark whaaaat the fuck
Show threadThe Doctor4d ago
@whitequark @freya Score!
Show threadRa (Freyja) (it/its)𒀭𒈹𒍠𒊩4d ago
@drwho @whitequark yeah you could buy a whole house with that
Show threadRa (Freyja) (it/its)𒀭𒈹𒍠𒊩4d ago
@whitequark yeah that'll work!
Show thread✧✦Catherine✦✧4d ago

@freya ok well once i get it myself i'll tell you

nvidia has some cursed tooling to manage the card

Show threadRa (Freyja) (it/its)𒀭𒈹𒍠𒊩4d ago
@whitequark oh gods it's a Connectx?
Show thread✧✦Catherine✦✧4d ago
@freya yes
Show threadRa (Freyja) (it/its)𒀭𒈹𒍠𒊩4d ago
@whitequark oh gods
Show threadKevin Karhan4d ago

@whitequark Mayve said #NIC also includes these things on purpose as it's designed to be the main device a VPS host boots from and also connects to a Storage-LAN...

  • I've not only seen such combos for like 1U servers with 1-2 PCIe slots but also worked on setups that utilize these for massive compute setups.
    • We're talking 8-digit projects aka. "Cloud Exit" migrations to self-owned physical hardware that merely got colocated.

And yes, they saturated 100G-NICs with Ceph/iSCSI traffic…

Show thread✧✦Catherine✦✧4d ago
@kkarhan people i've talked to who used it didn't seem very enthusiastic about the capabilities of the card