Sign boot images

[marmarek]

How to file a helpful issue

The problem you're addressing (if any)

"UEFI Secure Boot" support will require several changes in the system. This ticket is a subtask about changes to the packaging.

The solution you'd like

1. Sign grubx64.efi with a dedicated key.
2. Build unified xen.efi using latest "xen-hypervisor" and "kernel" packages (make it a new package with a version being combination of both). Configure it the way to allow dom0 command line via xen.efi parameters (if this isn't supported mode, it will require a xen patch).
3. Sign resulting xen.efi too.
4. Make grub to load xen.efi and give it dom0 command line like it would do via separate module2 command.

Ship all of the above as separate package(s), alternative to default boot packages. They may conflict with standard ones (forcing replacing them), or co-exist under different file names. The latter is probably friendlier to the user.

The value to a user, and who that user might be

This ticket is NOT about full UEFI Secure Boot support (for that we have #4371). It is only about preparing initial build and configuration infrastructure for it.

[andrewdavidwong]

The problem you're addressing (if any)

R4.2

I think this might be a typo. :sweat_smile:

To help me (and others) better understand this issue, could we make the problem being addressed more explicit?

The value to a user, and who that user might be

This ticket is NOT about full UEFI Secure Boot support (for that we have #4371). It is only about preparing initial build and configuration infrastructure for it.

This is useful to differentiate this issue from other issues, but it's still not entirely clear to me what the value prop is. My general guess is improved security, but I'm not entirely clear on exactly which forms of attack this is designed to mitigate (and which it is not), for example.

[marmarek]

This is useful to differentiate this issue from other issues, but it's still not entirely clear to me what the value prop is. My general guess is improved security, but I'm not entirely clear on exactly which forms of attack this is designed to mitigate (and which it is not), for example.

This on its own, prevents modifications of grub, xen and linux kernel in /boot, as long as the attacker cannot modify UEFI (either the binary itself, or its settings to disable SecureBoot or add their own key). The parts not covered by this tickets are:

• protection of xen/kernel parameters
• possibly some better initramfs approach (more generic one, that takes parameters like rootfs location from somewhere else than kernel cmdline)
• keeping the guarantee of "only signed code in kernel mode" at runtime (closing all the runtime interfaces that would allow [dom0] to load unsigned xen/kernel code)
• getting our key (or rather: a shim with our key) signed by MS, and meeting all their requirements

[marmarek]

Specific steps in this ticket:

1. Write a script that builds functional unified xen.efi as in the issue description.
2. Use that script in a (new?) package build scripts to have unified xen.efi shipped as a package
3. Add signing the content of the package above into build process (including appropriate builderv2 integration to actually allow it to use the key). It should be a dedicated "secure boot" key, not the primary release key.

[DemiMarie]

Why use GRUB instead of systemd-boot? GRUB has a history of security holes that it takes a long time to fix.

protection of xen/kernel parameters

Is this necessary for secure boot to be meaningful?

[marmarek]

Why use GRUB instead of systemd-boot? GRUB has a history of security holes that it takes a long time to fix.

I don't think it's relevant in this ticket at all, especially since for systemd-boot you'd need unified binary too.

protection of xen/kernel parameters

Is this necessary for secure boot to be meaningful?

Depending on what you want to achieve. If just compliance with MS requirements, probably not. But if using UEFI SecureBoot to protect system boot against malicious modifications of boot process, then yes, otherwise one could sneak for example spec-ctrl=no to xen cmdline or add similarly harmful Linux parameter. I anticipate you'd answer something along the lines of DRTM or TPM - yes, it is an alternative approach for similar issue, not part of this ticket.

[DemiMarie]

(if this isn't supported mode, it will require a xen patch).

No Xen patch should be necessary: the command line to xen.efi is treated as part of Xen’s own command line, and on x86 anything following -- is passed to dom0.

[aronowski]

An attempt from today's laboratory session.

1. Sign grubx64.efi with a dedicated key.

I left this out as of today, since to make our desired chain work as intended with UEFI Secure Boot, the shim_lock protocol has to be present. Otherwise the error message error: shim_lock protocol not found will show up.

2. Build unified xen.efi using latest "xen-hypervisor" and "kernel" packages (make it a new package with a version being combination of both). Configure it the way to allow dom0 command line via xen.efi parameters (if this isn't supported mode, it will require a xen patch).

I initially tried to handcraft a unified image with @DemiMarie's uki-generate script to make sure it works fine before diving deeper into creating the whole infrastructure for a build process.

Here's a brief description of what I did:

• created and signed my own EFI signature lists and enrolled them
• wrote the following Xen configuration

[global]
default=qubes-aronowski

[qubes-aronowski]
options=placeholder console=none dom0_mem=min:1024M dom0_mem=max:4096M ucode=scan smt=off gnttab_max_frames=2048 gnttab_max_maptrack_frames=4096 no-real-mode edd=off efi=attr=uc pv-l1tf=false
noexitboot=1
mapbs=1
kernel=vmlinuz-6.1.43-1.qubes.fc37.x86_64 placeholder root=/dev/mapper/qubes_dom0-root ro rd.luks.uuid=luks-a262c494-924c-4a44-a28e-fdf253f4cc51 rd.lvm.lv=qubes_dom0/root rd.lvm.lv=qubes_dom0/swap plymouth.ignore-serial-consoles rd.driver.pre=btrfs rhgb qubes.enable_insecure_pv_passthrough
ramdisk=initramfs-6.1.43-1.qubes.fc37.x86_64.img

(The pv-l1tf=false and qubes.enable_insecure_pv_passthrough arguments are here, so the system works in my VirtualBox 7.0 laboratory environment, where nested virtualization is not possible - not to be used on production.)

• built a unified image with @DemiMarie's script, outputting it to the file /boot/efi/EFI/qubes/xen-uki.efi
• signed that binary with sbsign, using my db.key and db.crt files
• rebooted my machine
• went into EDK2 settings and added a boot entry, so I could boot the signed binary directly, skipping intermediary bootloaders
• enabled Secure Boot
• booted the signed binary directly, inputted my LUKS password, logged into the desktop
• checked if there's any mention of UEFI Secure Boot working properly.

Unfortunately, the last point is where I got kind of lost. It seems like during this boot process, efivarfs does not get mounted and I can't mount it manually - running the mount -t efivarfs efivarfs /sys/firmware/efi/efivars/ command as root results in an error message:

mount: /sys/firmware/efi/efivars/: mount(2) system call failed: Operation not supported.
dmesg(1) may have more information after failed mount system call.

So I ran dmesg and xl dmesg and got the following logs:

dmesg

``` [ 0.000000] Could not determine UEFI Secure Boot status. [ 0.000000] Linux version 6.1.43-1.qubes.fc37.x86_64 (mockbuild@66f565dfbcca46eba50ad708c7471746) (gcc (GCC) 12.3.1 20230508 (Red Hat 12.3.1-1), GNU ld version 2.38-25.fc37) #1 SMP PREEMPT_DYNAMIC Tue Aug 8 18:58:48 GMT 2023 [ 0.000000] Command line: placeholder root=/dev/mapper/qubes_dom0-root ro rd.luks.uuid=luks-a262c494-924c-4a44-a28e-fdf253f4cc51 rd.lvm.lv=qubes_dom0/root rd.lvm.lv=qubes_dom0/swap plymouth.ignore-serial-consoles rd.driver.pre=btrfs rhgb qubes.enable_insecure_pv_passthrough [ 0.000000] ------------[ cut here ]------------ [ 0.000000] XSAVE consistency problem: size 576 != kernel_size 832 [ 0.000000] WARNING: CPU: 0 PID: 0 at arch/x86/kernel/fpu/xstate.c:605 paranoid_xstate_size_valid+0x207/0x254 [ 0.000000] Modules linked in: [ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 6.1.43-1.qubes.fc37.x86_64 #1 [ 0.000000] RIP: e030:paranoid_xstate_size_valid+0x207/0x254 [ 0.000000] Code: cb 0b eb 28 48 b8 11 8c 87 0e 61 26 59 6e 44 89 e2 44 89 ee 48 c7 c7 f8 f0 96 82 48 31 c3 c6 05 2b 9e 9b ff 01 e8 dc 18 be fd <0f> 0b 48 b8 1e 00 a7 6f 50 e5 93 75 48 01 c3 e8 a7 f1 ff ff 48 c1 [ 0.000000] RSP: e02b:ffffffff82c03d10 EFLAGS: 00010086 ORIG_RAX: 0000000000000000 [ 0.000000] RAX: 0000000000000000 RBX: cb8f1aade5640e72 RCX: 0000000000000000 [ 0.000000] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 00000000ffffffff [ 0.000000] RBP: ffffffff82c03d48 R08: ffffffff82c67180 R09: 0000000000000002 [ 0.000000] R10: 6e72656b203d2120 R11: ffffffff844bd6fe R12: 0000000000000340 [ 0.000000] R13: 0000000000000240 R14: 0000000000000000 R15: b7ba78c31d8a466d [ 0.000000] FS: 0000000000000000(0000) GS:ffffffff834c2000(0000) knlGS:0000000000000000 [ 0.000000] CS: 10000e030 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 0.000000] CR2: 0000000000000000 CR3: 0000000002c10000 CR4: 0000000000040620 [ 0.000000] Call Trace: [ 0.000000] [ 0.000000] ? show_trace_log_lvl+0x1d3/0x2ef [ 0.000000] ? show_trace_log_lvl+0x1d3/0x2ef [ 0.000000] ? show_trace_log_lvl+0x1d3/0x2ef [ 0.000000] ? paranoid_xstate_size_valid+0x207/0x254 [ 0.000000] ? __warn+0x7d/0xc0 [ 0.000000] ? paranoid_xstate_size_valid+0x207/0x254 [ 0.000000] ? report_bug+0xe6/0x170 [ 0.000000] ? early_fixup_exception+0xe1/0x174 [ 0.000000] ? early_idt_handler_common+0x2f/0x3a [ 0.000000] ? paranoid_xstate_size_valid+0x207/0x254 [ 0.000000] ? fpu__init_system_xstate+0x588/0x801 [ 0.000000] ? fpu__init_system+0x203/0x251 [ 0.000000] ? early_identify_cpu.constprop.0+0x153/0x1b3 [ 0.000000] ? setup_arch+0x7d/0xdd7 [ 0.000000] ? initialize_lsm+0x93/0xe5 [ 0.000000] ? start_kernel+0x8b/0x710 [ 0.000000] ? xen_start_kernel+0x5cd/0x5f2 [ 0.000000] ? startup_xen+0x1f/0x1f [ 0.000000] [ 0.000000] ---[ end trace 0000000000000000 ]--- [ 0.000000] CPUID[0d, 00]: eax=00000003 ebx=00000340 ecx=00000240 edx=00000000 [ 0.000000] CPUID[0d, 01]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 02]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 03]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 04]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 05]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 06]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 07]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 08]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 09]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 0a]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 0b]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 0c]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 0d]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 0e]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 0f]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 10]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 11]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 12]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 13]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 14]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 15]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 16]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 17]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 18]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 19]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 1a]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 1b]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] CPUID[0d, 1c]: eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 [ 0.000000] signal: max sigframe size: 1440 [ 0.000000] Released 0 page(s) [ 0.000000] BIOS-provided physical RAM map: [ 0.000000] Xen: [mem 0x0000000000000000-0x0000000000086fff] usable [ 0.000000] Xen: [mem 0x0000000000087000-0x0000000000087fff] reserved [ 0.000000] Xen: [mem 0x0000000000088000-0x000000000009ffff] usable [ 0.000000] Xen: [mem 0x00000000000a0000-0x00000000000fffff] reserved [ 0.000000] Xen: [mem 0x0000000000100000-0x00000000dbfbdfff] usable [ 0.000000] Xen: [mem 0x00000000dbfbe000-0x00000000dbfddfff] reserved [ 0.000000] Xen: [mem 0x00000000dbfde000-0x00000000dd6a9fff] usable [ 0.000000] Xen: [mem 0x00000000dd6aa000-0x00000000dd6dcfff] reserved [ 0.000000] Xen: [mem 0x00000000dd6dd000-0x00000000dd6ddfff] usable [ 0.000000] Xen: [mem 0x00000000dd6de000-0x00000000dd816fff] reserved [ 0.000000] Xen: [mem 0x00000000dd817000-0x00000000dd834fff] usable [ 0.000000] Xen: [mem 0x00000000dd835000-0x00000000dd930fff] reserved [ 0.000000] Xen: [mem 0x00000000dd931000-0x00000000dd93bfff] usable [ 0.000000] Xen: [mem 0x00000000dd93c000-0x00000000dd93efff] reserved [ 0.000000] Xen: [mem 0x00000000dd93f000-0x00000000dd944fff] usable [ 0.000000] Xen: [mem 0x00000000dd945000-0x00000000def6efff] reserved [ 0.000000] Xen: [mem 0x00000000def6f000-0x00000000def7efff] ACPI data [ 0.000000] Xen: [mem 0x00000000def7f000-0x00000000deffefff] ACPI NVS [ 0.000000] Xen: [mem 0x00000000defff000-0x00000000df1fffff] reserved [ 0.000000] Xen: [mem 0x00000000df200000-0x00000000df2e7fff] usable [ 0.000000] Xen: [mem 0x00000000df2e8000-0x00000000dffeffff] reserved [ 0.000000] Xen: [mem 0x00000000fec00000-0x00000000fec00fff] reserved [ 0.000000] Xen: [mem 0x00000000fee00000-0x00000000feefffff] reserved [ 0.000000] Xen: [mem 0x00000000ffc00000-0x00000000ffffffff] reserved [ 0.000000] Xen: [mem 0x0000000100000000-0x00000001228befff] usable [ 0.000000] NX (Execute Disable) protection: active [ 0.000000] efi: EFI v2.70 by UNKNOWN [ 0.000000] efi: ACPI=0xdef7e000 ACPI 2.0=0xdef7e014 SMBIOS=0xdeffd000 [ 0.000000] SMBIOS 2.5 present. [ 0.000000] DMI: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006 [ 0.000000] Hypervisor detected: Xen PV [ 0.000531] tsc: Detected 2195.012 MHz processor [ 0.001195] e820: update [mem 0x00000000-0x00000fff] usable ==> reserved [ 0.001218] e820: remove [mem 0x000a0000-0x000fffff] usable [ 0.001261] last_pfn = 0x1228bf max_arch_pfn = 0x400000000 [ 0.001267] Disabled [ 0.001271] x86/PAT: MTRRs disabled, skipping PAT initialization too. [ 0.001282] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WP UC- WT [ 0.001289] last_pfn = 0xdf2e8 max_arch_pfn = 0x400000000 [ 0.001348] Kernel/User page tables isolation: disabled on XEN PV. [ 0.494719] Secure boot could not be determined [ 0.494728] RAMDISK: [mem 0x08000000-0x09fd8fff] [ 0.494753] ACPI: Early table checksum verification disabled [ 0.494769] ACPI: RSDP 0x00000000DEF7E014 000024 (v02 VBOX ) [ 0.494797] ACPI: XSDT 0x00000000DEF7D0E8 000044 (v01 VBOX VBOXFACP 00000001 01000013) [ 0.494840] ACPI: FACP 0x00000000DEF79000 0000F4 (v04 VBOX VBOXFACP 00000001 ASL 00000061) [ 0.494887] ACPI: DSDT 0x00000000DEF7A000 002353 (v02 VBOX VBOXBIOS 00000002 INTL 20100528) [ 0.494924] ACPI: FACS 0x00000000DEFFE000 000040 [ 0.494958] ACPI: APIC 0x00000000DEF78000 00006C (v02 VBOX VBOXAPIC 00000001 ASL 00000061) [ 0.494995] ACPI: SSDT 0x00000000DEF77000 00036C (v01 VBOX VBOXCPUT 00000002 INTL 20100528) [ 0.495031] ACPI: BGRT 0x00000000DEF76000 000038 (v01 INTEL EDK2 00000002 01000013) [ 0.495058] ACPI: Reserving FACP table memory at [mem 0xdef79000-0xdef790f3] [ 0.495066] ACPI: Reserving DSDT table memory at [mem 0xdef7a000-0xdef7c352] [ 0.495073] ACPI: Reserving FACS table memory at [mem 0xdeffe000-0xdeffe03f] [ 0.495080] ACPI: Reserving APIC table memory at [mem 0xdef78000-0xdef7806b] [ 0.495087] ACPI: Reserving SSDT table memory at [mem 0xdef77000-0xdef7736b] [ 0.495094] ACPI: Reserving BGRT table memory at [mem 0xdef76000-0xdef76037] [ 0.495172] Setting APIC routing to Xen PV. [ 0.495207] NUMA turned off [ 0.495213] Faking a node at [mem 0x0000000000000000-0x00000001228befff] [ 0.495261] NODE_DATA(0) allocated [mem 0xdd67f000-0xdd6a9fff] [ 0.550539] Zone ranges: [ 0.550561] DMA [mem 0x0000000000001000-0x0000000000ffffff] [ 0.550597] DMA32 [mem 0x0000000001000000-0x00000000ffffffff] [ 0.550630] Normal [mem 0x0000000100000000-0x00000001228befff] [ 0.550661] Device empty [ 0.550687] Movable zone start for each node [ 0.550709] Early memory node ranges [ 0.550722] node 0: [mem 0x0000000000001000-0x0000000000086fff] [ 0.550736] node 0: [mem 0x0000000000088000-0x000000000009ffff] [ 0.550750] node 0: [mem 0x0000000000100000-0x00000000dbfbdfff] [ 0.550765] node 0: [mem 0x00000000dbfde000-0x00000000dd6a9fff] [ 0.550778] node 0: [mem 0x00000000dd6dd000-0x00000000dd6ddfff] [ 0.550790] node 0: [mem 0x00000000dd817000-0x00000000dd834fff] [ 0.550802] node 0: [mem 0x00000000dd931000-0x00000000dd93bfff] [ 0.550814] node 0: [mem 0x00000000dd93f000-0x00000000dd944fff] [ 0.550826] node 0: [mem 0x00000000df200000-0x00000000df2e7fff] [ 0.550837] node 0: [mem 0x0000000100000000-0x00000001228befff] [ 0.550850] Initmem setup node 0 [mem 0x0000000000001000-0x00000001228befff] [ 0.550873] On node 0, zone DMA: 1 pages in unavailable ranges [ 0.550885] On node 0, zone DMA: 1 pages in unavailable ranges [ 0.551030] On node 0, zone DMA: 96 pages in unavailable ranges [ 0.581025] On node 0, zone DMA32: 32 pages in unavailable ranges [ 0.581062] On node 0, zone DMA32: 51 pages in unavailable ranges [ 0.581110] On node 0, zone DMA32: 313 pages in unavailable ranges [ 0.581152] On node 0, zone DMA32: 252 pages in unavailable ranges [ 0.581177] On node 0, zone DMA32: 3 pages in unavailable ranges [ 0.581687] On node 0, zone DMA32: 6331 pages in unavailable ranges [ 0.586806] On node 0, zone Normal: 3352 pages in unavailable ranges [ 0.588043] On node 0, zone Normal: 22337 pages in unavailable ranges [ 0.588082] p2m virtual area at (____ptrval____), size is 40000000 [ 2.357160] Remapped 141503 page(s) [ 2.359109] ACPI: PM-Timer IO Port: 0x4008 [ 2.359256] IOAPIC[0]: apic_id 4, version 32, address 0xfec00000, GSI 0-23 [ 2.359275] ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 dfl dfl) [ 2.359284] ACPI: INT_SRC_OVR (bus 0 bus_irq 9 global_irq 9 low level) [ 2.359318] ACPI: Using ACPI (MADT) for SMP configuration information [ 2.366677] smpboot: Allowing 4 CPUs, 0 hotplug CPUs [ 2.366790] [mem 0xdfff0000-0xfebfffff] available for PCI devices [ 2.366800] Booting kernel on Xen [ 2.366805] Xen version: 4.17.2 (preserve-AD) [ 2.366813] clocksource: refined-jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1910969940391419 ns [ 2.379858] setup_percpu: NR_CPUS:8192 nr_cpumask_bits:4 nr_cpu_ids:4 nr_node_ids:1 [ 2.380083] percpu: Embedded 62 pages/cpu s217088 r8192 d28672 u524288 [ 2.380142] pcpu-alloc: s217088 r8192 d28672 u524288 alloc=1*2097152 [ 2.380199] pcpu-alloc: [0] 0 1 2 3 [ 2.380504] xen: PV spinlocks enabled [ 2.380532] PV qspinlock hash table entries: 256 (order: 0, 4096 bytes, linear) [ 2.380557] Fallback order for Node 0: 0 [ 2.380606] Built 1 zonelists, mobility grouping on. Total pages: 1032174 [ 2.380622] Policy zone: Normal [ 2.380638] Kernel command line: placeholder root=/dev/mapper/qubes_dom0-root ro rd.luks.uuid=luks-a262c494-924c-4a44-a28e-fdf253f4cc51 rd.lvm.lv=qubes_dom0/root rd.lvm.lv=qubes_dom0/swap plymouth.ignore-serial-consoles rd.driver.pre=btrfs rhgb qubes.enable_insecure_pv_passthrough [ 2.381551] Unknown kernel command line parameters "placeholder rhgb", will be passed to user space. [ 2.381762] Dentry cache hash table entries: 524288 (order: 10, 4194304 bytes, linear) [ 2.381898] Inode-cache hash table entries: 262144 (order: 9, 2097152 bytes, linear) [ 2.382988] mem auto-init: stack:all(zero), heap alloc:on, heap free:on [ 2.382998] mem auto-init: clearing system memory may take some time... [ 2.383007] software IO TLB: area num 4. [ 2.963326] Memory: 3942012K/4194300K available (18441K kernel code, 3242K rwdata, 7680K rodata, 3536K init, 18168K bss, 252036K reserved, 0K cma-reserved) [ 2.965620] SLUB: HWalign=64, Order=0-3, MinObjects=0, CPUs=4, Nodes=1 [ 2.966959] ftrace: allocating 53523 entries in 210 pages [ 2.987005] ftrace: allocated 210 pages with 4 groups [ 2.988979] Dynamic Preempt: voluntary [ 2.989418] rcu: Preemptible hierarchical RCU implementation. [ 2.989424] rcu: RCU restricting CPUs from NR_CPUS=8192 to nr_cpu_ids=4. [ 2.989430] Trampoline variant of Tasks RCU enabled. [ 2.989434] Rude variant of Tasks RCU enabled. [ 2.989439] Tracing variant of Tasks RCU enabled. [ 2.989443] rcu: RCU calculated value of scheduler-enlistment delay is 100 jiffies. [ 2.989449] rcu: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=4 [ 3.039964] Using NULL legacy PIC [ 3.039969] NR_IRQS: 524544, nr_irqs: 456, preallocated irqs: 0 [ 3.040096] xen:events: Using FIFO-based ABI [ 3.040160] xen: --> pirq=1 -> irq=1 (gsi=1) [ 3.040195] xen: --> pirq=2 -> irq=2 (gsi=2) [ 3.040230] xen: --> pirq=3 -> irq=3 (gsi=3) [ 3.040242] xen: --> pirq=4 -> irq=4 (gsi=4) [ 3.040301] xen: --> pirq=5 -> irq=5 (gsi=5) [ 3.040336] xen: --> pirq=6 -> irq=6 (gsi=6) [ 3.040371] xen: --> pirq=7 -> irq=7 (gsi=7) [ 3.040418] xen: --> pirq=8 -> irq=8 (gsi=8) [ 3.040452] xen: --> pirq=9 -> irq=9 (gsi=9) [ 3.040487] xen: --> pirq=10 -> irq=10 (gsi=10) [ 3.040522] xen: --> pirq=11 -> irq=11 (gsi=11) [ 3.040556] xen: --> pirq=12 -> irq=12 (gsi=12) [ 3.040591] xen: --> pirq=13 -> irq=13 (gsi=13) [ 3.040626] xen: --> pirq=14 -> irq=14 (gsi=14) [ 3.040661] xen: --> pirq=15 -> irq=15 (gsi=15) [ 3.040698] rcu: srcu_init: Setting srcu_struct sizes based on contention. [ 3.041830] kfence: initialized - using 2097152 bytes for 255 objects at 0x(____ptrval____)-0x(____ptrval____) [ 3.042040] Console: colour dummy device 80x25 [ 3.043643] printk: console [tty0] enabled [ 3.045523] printk: console [hvc0] enabled [ 3.045693] ACPI: Core revision 20220331 [ 3.046326] clocksource: xen: mask: 0xffffffffffffffff max_cycles: 0x1cd42e4dffb, max_idle_ns: 881590591483 ns [ 3.046360] Xen: using vcpuop timer interface [ 3.046375] installing Xen timer for CPU 0 [ 3.046468] clocksource: tsc-early: mask: 0xffffffffffffffff max_cycles: 0x1fa3cab9042, max_idle_ns: 440795210298 ns [ 3.046506] Calibrating delay loop (skipped), value calculated using timer frequency.. 4390.02 BogoMIPS (lpj=2195012) [ 3.046540] pid_max: default: 32768 minimum: 301 [ 3.047117] LSM: Security Framework initializing [ 3.047166] Yama: becoming mindful. [ 3.047652] Mount-cache hash table entries: 8192 (order: 4, 65536 bytes, linear) [ 3.047681] Mountpoint-cache hash table entries: 8192 (order: 4, 65536 bytes, linear) [ 3.049925] Last level iTLB entries: 4KB 512, 2MB 8, 4MB 8 [ 3.049946] Last level dTLB entries: 4KB 512, 2MB 32, 4MB 32, 1GB 0 [ 3.049977] Spectre V1 : Mitigation: usercopy/swapgs barriers and __user pointer sanitization [ 3.050006] Spectre V2 : Mitigation: Retpolines [ 3.050024] Spectre V2 : Spectre v2 / SpectreRSB mitigation: Filling RSB on context switch [ 3.050048] Spectre V2 : Spectre v2 / SpectreRSB : Filling RSB on VMEXIT [ 3.050069] Speculative Store Bypass: Vulnerable [ 3.050092] MDS: Mitigation: Clear CPU buffers [ 3.050110] MMIO Stale Data: Unknown: No mitigations [ 3.085560] Freeing SMP alternatives memory: 48K [ 3.085904] cpu 0 spinlock event irq 25 [ 3.085929] VPMU disabled by hypervisor. [ 3.087395] cblist_init_generic: Setting adjustable number of callback queues. [ 3.087418] cblist_init_generic: Setting shift to 2 and lim to 1. [ 3.087597] cblist_init_generic: Setting adjustable number of callback queues. [ 3.087619] cblist_init_generic: Setting shift to 2 and lim to 1. [ 3.087804] cblist_init_generic: Setting adjustable number of callback queues. [ 3.087826] cblist_init_generic: Setting shift to 2 and lim to 1. [ 3.087978] Performance Events: unsupported p6 CPU model 42 no PMU driver, software events only. [ 3.088206] rcu: Hierarchical SRCU implementation. [ 3.088248] rcu: Max phase no-delay instances is 400. [ 3.089345] NMI watchdog: Perf NMI watchdog permanently disabled [ 3.089954] smp: Bringing up secondary CPUs ... [ 3.090782] installing Xen timer for CPU 1 [ 3.091505] cpu 1 spinlock event irq 35 [ 3.092275] installing Xen timer for CPU 2 [ 3.093169] cpu 2 spinlock event irq 41 [ 3.094438] installing Xen timer for CPU 3 [ 3.094875] cpu 3 spinlock event irq 47 [ 3.095679] smp: Brought up 1 node, 4 CPUs [ 3.095699] smpboot: Max logical packages: 1 [ 3.096732] devtmpfs: initialized [ 3.096732] x86/mm: Memory block size: 128MB [ 3.099903] ACPI: PM: Registering ACPI NVS region [mem 0xdef7f000-0xdeffefff] (524288 bytes) [ 3.099903] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 1911260446275000 ns [ 3.099903] futex hash table entries: 1024 (order: 4, 65536 bytes, linear) [ 3.099906] pinctrl core: initialized pinctrl subsystem [ 3.101090] PM: RTC time: 12:35:01, date: 2023-10-21 [ 3.106142] NET: Registered PF_NETLINK/PF_ROUTE protocol family [ 3.106210] xen:grant_table: Grant tables using version 1 layout [ 3.106991] Grant table initialized [ 3.107998] DMA: preallocated 512 KiB GFP_KERNEL pool for atomic allocations [ 3.108032] DMA: preallocated 512 KiB GFP_KERNEL|GFP_DMA pool for atomic allocations [ 3.108067] DMA: preallocated 512 KiB GFP_KERNEL|GFP_DMA32 pool for atomic allocations [ 3.108141] audit: initializing netlink subsys (disabled) [ 3.108588] audit: type=2000 audit(1697891701.242:1): state=initialized audit_enabled=0 res=1 [ 3.109625] thermal_sys: Registered thermal governor 'fair_share' [ 3.109629] thermal_sys: Registered thermal governor 'bang_bang' [ 3.109641] thermal_sys: Registered thermal governor 'step_wise' [ 3.109652] thermal_sys: Registered thermal governor 'user_space' [ 3.110253] PCI: Using configuration type 1 for base access [ 3.117028] kprobes: kprobe jump-optimization is enabled. All kprobes are optimized if possible. [ 3.189597] cryptd: max_cpu_qlen set to 1000 [ 3.190723] raid6: skipped pq benchmark and selected sse2x4 [ 3.190723] raid6: using ssse3x2 recovery algorithm [ 3.191577] fbcon: Taking over console [ 3.191618] ACPI: Added _OSI(Module Device) [ 3.191627] ACPI: Added _OSI(Processor Device) [ 3.191637] ACPI: Added _OSI(3.0 _SCP Extensions) [ 3.191647] ACPI: Added _OSI(Processor Aggregator Device) [ 3.195760] ACPI: 2 ACPI AML tables successfully acquired and loaded [ 3.196849] xen: registering gsi 9 triggering 0 polarity 1 [ 3.200680] ACPI: Interpreter enabled [ 3.200702] ACPI: PM: (supports S0 S5) [ 3.200712] ACPI: Using IOAPIC for interrupt routing [ 3.201206] PCI: Using host bridge windows from ACPI; if necessary, use "pci=nocrs" and report a bug [ 3.201234] PCI: Using E820 reservations for host bridge windows [ 3.201500] ACPI: Enabled 2 GPEs in block 00 to 07 [ 3.214097] ACPI: PCI Root Bridge [PCI0] (domain 0000 [bus 00-ff]) [ 3.214130] acpi PNP0A03:00: _OSC: OS supports [ASPM ClockPM Segments MSI EDR HPX-Type3] [ 3.214158] acpi PNP0A03:00: _OSC: not requesting OS control; OS requires [ExtendedConfig ASPM ClockPM MSI] [ 3.215416] acpi PNP0A03:00: fail to add MMCONFIG information, can't access extended PCI configuration space under this bridge. [ 3.215919] PCI host bridge to bus 0000:00 [ 3.215939] pci_bus 0000:00: root bus resource [io 0x0000-0x0cf7 window] [ 3.215964] pci_bus 0000:00: root bus resource [io 0x0d00-0xffff window] [ 3.215989] pci_bus 0000:00: root bus resource [mem 0x000a0000-0x000bffff window] [ 3.216016] pci_bus 0000:00: root bus resource [mem 0xe0000000-0xfdffffff window] [ 3.216051] pci_bus 0000:00: root bus resource [bus 00-ff] [ 3.216542] pci 0000:00:00.0: [8086:1237] type 00 class 0x060000 [ 3.218304] pci 0000:00:01.0: [8086:7000] type 00 class 0x060100 [ 3.220625] pci 0000:00:01.1: [8086:7111] type 00 class 0x01018a [ 3.221694] pci 0000:00:01.1: reg 0x20: [io 0xc180-0xc18f] [ 3.222136] pci 0000:00:01.1: legacy IDE quirk: reg 0x10: [io 0x01f0-0x01f7] [ 3.222207] pci 0000:00:01.1: legacy IDE quirk: reg 0x14: [io 0x03f6] [ 3.222231] pci 0000:00:01.1: legacy IDE quirk: reg 0x18: [io 0x0170-0x0177] [ 3.222256] pci 0000:00:01.1: legacy IDE quirk: reg 0x1c: [io 0x0376] [ 3.222963] pci 0000:00:02.0: [15ad:0405] type 00 class 0x030000 [ 3.224549] pci 0000:00:02.0: reg 0x10: [io 0xc170-0xc17f] [ 3.226536] pci 0000:00:02.0: reg 0x14: [mem 0xe0000000-0xe7ffffff pref] [ 3.228533] pci 0000:00:02.0: reg 0x18: [mem 0xe8400000-0xe85fffff] [ 3.235916] pci 0000:00:02.0: BAR 1: assigned to efifb [ 3.236072] pci 0000:00:02.0: Video device with shadowed ROM at [mem 0x000c0000-0x000dffff] [ 3.236882] pci 0000:00:03.0: [8086:100e] type 00 class 0x020000 [ 3.237766] pci 0000:00:03.0: reg 0x10: [mem 0xe8600000-0xe861ffff] [ 3.239821] pci 0000:00:03.0: reg 0x18: [io 0xc1a0-0xc1a7] [ 3.245369] pci 0000:00:04.0: [80ee:cafe] type 00 class 0x088000 [ 3.246778] pci 0000:00:04.0: reg 0x10: [io 0xc140-0xc15f] [ 3.247765] pci 0000:00:04.0: reg 0x14: [mem 0xe8000000-0xe83fffff] [ 3.248772] pci 0000:00:04.0: reg 0x18: [mem 0xe8620000-0xe8623fff pref] [ 3.253423] pci 0000:00:05.0: [8086:2415] type 00 class 0x040100 [ 3.253772] pci 0000:00:05.0: reg 0x10: [io 0xc000-0xc0ff] [ 3.253978] pci 0000:00:05.0: reg 0x14: [io 0xc100-0xc13f] [ 3.255568] pci 0000:00:06.0: [106b:003f] type 00 class 0x0c0310 [ 3.256803] pci 0000:00:06.0: reg 0x10: [mem 0xe8627000-0xe8627fff] [ 3.264335] pci 0000:00:07.0: [8086:7113] type 00 class 0x068000 [ 3.265912] pci 0000:00:07.0: quirk: [io 0x4000-0x403f] claimed by PIIX4 ACPI [ 3.265969] pci 0000:00:07.0: quirk: [io 0x4100-0x410f] claimed by PIIX4 SMB [ 3.266894] pci 0000:00:0b.0: [8086:265c] type 00 class 0x0c0320 [ 3.267761] pci 0000:00:0b.0: reg 0x10: [mem 0xe8626000-0xe8626fff] [ 3.274900] pci 0000:00:0d.0: [8086:2829] type 00 class 0x010601 [ 3.275811] pci 0000:00:0d.0: reg 0x10: [io 0xc198-0xc19f] [ 3.276799] pci 0000:00:0d.0: reg 0x14: [io 0xc1ac-0xc1af] [ 3.277758] pci 0000:00:0d.0: reg 0x18: [io 0xc190-0xc197] [ 3.278787] pci 0000:00:0d.0: reg 0x1c: [io 0xc1a8-0xc1ab] [ 3.279784] pci 0000:00:0d.0: reg 0x20: [io 0xc160-0xc16f] [ 3.280768] pci 0000:00:0d.0: reg 0x24: [mem 0xe8624000-0xe8625fff] [ 3.286785] ACPI: PCI: Interrupt link LNKA configured for IRQ 10 [ 3.287546] ACPI: PCI: Interrupt link LNKB configured for IRQ 10 [ 3.287845] ACPI: PCI: Interrupt link LNKC configured for IRQ 11 [ 3.288091] ACPI: PCI: Interrupt link LNKD configured for IRQ 11 [ 3.288500] xen:balloon: Initialising balloon driver [ 3.288674] iommu: Default domain type: Translated [ 3.288674] iommu: DMA domain TLB invalidation policy: lazy mode [ 3.289620] SCSI subsystem initialized [ 3.289681] libata version 3.00 loaded. [ 3.289681] ACPI: bus type USB registered [ 3.289681] usbcore: registered new interface driver usbfs [ 3.289683] usbcore: registered new interface driver hub [ 3.289701] usbcore: registered new device driver usb [ 3.289767] pps_core: LinuxPPS API ver. 1 registered [ 3.289777] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti [ 3.289796] PTP clock support registered [ 3.290568] EDAC MC: Ver: 3.0.0 [ 3.291681] Registered efivars operations [ 3.292307] NetLabel: Initializing [ 3.292324] NetLabel: domain hash size = 128 [ 3.292342] NetLabel: protocols = UNLABELED CIPSOv4 CALIPSO [ 3.292397] NetLabel: unlabeled traffic allowed by default [ 3.292431] mctp: management component transport protocol core [ 3.292452] NET: Registered PF_MCTP protocol family [ 3.292481] PCI: Using ACPI for IRQ routing [ 3.292498] PCI: pci_cache_line_size set to 64 bytes [ 3.293081] e820: reserve RAM buffer [mem 0x00087000-0x0008ffff] [ 3.293090] e820: reserve RAM buffer [mem 0xdbfbe000-0xdbffffff] [ 3.293098] e820: reserve RAM buffer [mem 0xdd6aa000-0xdfffffff] [ 3.293107] e820: reserve RAM buffer [mem 0xdd6de000-0xdfffffff] [ 3.293117] e820: reserve RAM buffer [mem 0xdd835000-0xdfffffff] [ 3.293126] e820: reserve RAM buffer [mem 0xdd93c000-0xdfffffff] [ 3.293135] e820: reserve RAM buffer [mem 0xdd945000-0xdfffffff] [ 3.293143] e820: reserve RAM buffer [mem 0xdf2e8000-0xdfffffff] [ 3.293151] e820: reserve RAM buffer [mem 0x1228bf000-0x123ffffff] [ 3.293256] pci 0000:00:02.0: vgaarb: setting as boot VGA device [ 3.293256] pci 0000:00:02.0: vgaarb: bridge control possible [ 3.293256] pci 0000:00:02.0: vgaarb: VGA device added: decodes=io+mem,owns=io+mem,locks=none [ 3.293623] vgaarb: loaded [ 3.293869] clocksource: Switched to clocksource tsc-early [ 3.347887] VFS: Disk quotas dquot_6.6.0 [ 3.347975] VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes) [ 3.348103] hugetlbfs: disabling because there are no supported hugepage sizes [ 3.348184] pnp: PnP ACPI init [ 3.348371] xen: registering gsi 1 triggering 1 polarity 0 [ 3.348641] xen: registering gsi 12 triggering 1 polarity 0 [ 3.350820] pnp: PnP ACPI: found 2 devices [ 3.414191] PM-Timer failed consistency check (0xffffff) - aborting. [ 3.414711] NET: Registered PF_INET protocol family [ 3.414888] IP idents hash table entries: 65536 (order: 7, 524288 bytes, linear) [ 3.418181] tcp_listen_portaddr_hash hash table entries: 2048 (order: 3, 32768 bytes, linear) [ 3.418224] Table-perturb hash table entries: 65536 (order: 6, 262144 bytes, linear) [ 3.418308] TCP established hash table entries: 32768 (order: 6, 262144 bytes, linear) [ 3.418741] TCP bind hash table entries: 32768 (order: 8, 1048576 bytes, linear) [ 3.418959] TCP: Hash tables configured (established 32768 bind 32768) [ 3.419180] MPTCP token hash table entries: 4096 (order: 4, 98304 bytes, linear) [ 3.419269] UDP hash table entries: 2048 (order: 4, 65536 bytes, linear) [ 3.419318] UDP-Lite hash table entries: 2048 (order: 4, 65536 bytes, linear) [ 3.419672] NET: Registered PF_UNIX/PF_LOCAL protocol family [ 3.419715] NET: Registered PF_XDP protocol family [ 3.419749] pci_bus 0000:00: resource 4 [io 0x0000-0x0cf7 window] [ 3.419774] pci_bus 0000:00: resource 5 [io 0x0d00-0xffff window] [ 3.419798] pci_bus 0000:00: resource 6 [mem 0x000a0000-0x000bffff window] [ 3.419822] pci_bus 0000:00: resource 7 [mem 0xe0000000-0xfdffffff window] [ 3.419955] pci 0000:00:00.0: Limiting direct PCI/PCI transfers [ 3.422034] xen: registering gsi 22 triggering 0 polarity 1 [ 3.422075] xen: --> pirq=22 -> irq=22 (gsi=22) [ 3.426128] xen: registering gsi 19 triggering 0 polarity 1 [ 3.426160] xen: --> pirq=19 -> irq=19 (gsi=19) [ 3.428314] PCI: CLS 0 bytes, default 64 [ 3.428368] PCI-DMA: Using software bounce buffering for IO (SWIOTLB) [ 3.428390] software IO TLB: mapped [mem 0x000000011de00000-0x0000000121e00000] (64MB) [ 3.428679] Trying to unpack rootfs image as initramfs... [ 3.428992] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x1fa3cab9042, max_idle_ns: 440795210298 ns [ 3.429302] clocksource: Switched to clocksource tsc [ 3.429412] platform rtc_cmos: registered platform RTC device (no PNP device found) [ 3.442174] Initialise system trusted keyrings [ 3.442308] Key type blacklist registered [ 3.443057] workingset: timestamp_bits=36 max_order=20 bucket_order=0 [ 3.452395] zbud: loaded [ 3.456020] integrity: Platform Keyring initialized [ 3.456057] integrity: Machine keyring initialized [ 3.475518] NET: Registered PF_ALG protocol family [ 3.475557] xor: measuring software checksum speed [ 3.476347] prefetch64-sse : 14877 MB/sec [ 3.477185] generic_sse : 13730 MB/sec [ 3.477205] xor: using function: prefetch64-sse (14877 MB/sec) [ 3.477233] Key type asymmetric registered [ 3.477253] Asymmetric key parser 'x509' registered [ 4.660655] Freeing initrd memory: 32612K [ 4.690048] alg: self-tests for CTR-KDF (hmac(sha256)) passed [ 4.690108] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 245) [ 4.690447] io scheduler mq-deadline registered [ 4.690460] io scheduler kyber registered [ 4.690550] io scheduler bfq registered [ 4.698001] atomic64_test: passed for x86-64 platform with CX8 and with SSE [ 4.699227] ACPI: AC: AC Adapter [AC] (on-line) [ 4.699377] input: Power Button as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input0 [ 4.699521] ACPI: button: Power Button [PWRF] [ 4.699731] input: Sleep Button as /devices/LNXSYSTM:00/LNXSLPBN:00/input/input1 [ 4.699940] ACPI: button: Sleep Button [SLPF] [ 4.703001] ACPI: battery: Slot [BAT0] (battery present) [ 4.705426] Serial: 8250/16550 driver, 32 ports, IRQ sharing enabled [ 4.716189] Non-volatile memory driver v1.3 [ 4.716212] Linux agpgart interface v0.103 [ 4.716519] ACPI: bus type drm_connector registered [ 4.718642] ahci 0000:00:0d.0: version 3.0 [ 4.720267] xen: registering gsi 21 triggering 0 polarity 1 [ 4.720312] xen: --> pirq=21 -> irq=21 (gsi=21) [ 4.720535] ahci 0000:00:0d.0: SSS flag set, parallel bus scan disabled [ 4.720951] ahci 0000:00:0d.0: AHCI 0001.0100 32 slots 1 ports 3 Gbps 0x1 impl SATA mode [ 4.720982] ahci 0000:00:0d.0: flags: 64bit ncq stag only ccc [ 4.722303] scsi host0: ahci [ 4.722442] ata1: SATA max UDMA/133 abar m8192@0xe8624000 port 0xe8624100 irq 21 [ 4.722502] ata_piix 0000:00:01.1: version 2.13 [ 4.724366] scsi host1: ata_piix [ 4.725323] scsi host2: ata_piix [ 4.725379] ata2: PATA max UDMA/33 cmd 0x1f0 ctl 0x3f6 bmdma 0xc180 irq 14 [ 4.725392] ata3: PATA max UDMA/33 cmd 0x170 ctl 0x376 bmdma 0xc188 irq 15 [ 4.725905] usbcore: registered new interface driver usbserial_generic [ 4.725926] usbserial: USB Serial support registered for generic [ 4.725982] i8042: PNP: PS/2 Controller [PNP0303:PS2K,PNP0f03:PS2M] at 0x60,0x64 irq 1,12 [ 4.727023] serio: i8042 KBD port at 0x60,0x64 irq 1 [ 4.727060] serio: i8042 AUX port at 0x60,0x64 irq 12 [ 4.727290] mousedev: PS/2 mouse device common for all mice [ 4.728617] rtc_cmos rtc_cmos: registered as rtc0 [ 4.728954] rtc_cmos rtc_cmos: setting system clock to 2023-10-21T12:35:03 UTC (1697891703) [ 4.729204] rtc_cmos rtc_cmos: alarms up to one day, 114 bytes nvram [ 4.729275] device-mapper: core: CONFIG_IMA_DISABLE_HTABLE is disabled. Duplicate IMA measurements will not be recorded in the IMA log. [ 4.729387] device-mapper: uevent: version 1.0.3 [ 4.729754] device-mapper: ioctl: 4.47.0-ioctl (2022-07-28) initialised: dm-devel@redhat.com [ 4.730366] intel_pstate: CPU model not supported [ 4.730596] sysfb: VRAM smaller than advertised [ 4.730690] efifb: probing for efifb [ 4.732402] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input2 [ 4.732585] efifb: No BGRT, not showing boot graphics [ 4.732606] efifb: framebuffer at 0xe0000000, using 3072k, total 3072k [ 4.732629] efifb: mode is 1024x768x32, linelength=4096, pages=1 [ 4.732652] efifb: scrolling: redraw [ 4.732668] efifb: Truecolor: size=8:8:8:8, shift=24:16:8:0 [ 4.735268] Console: switching to colour frame buffer device 128x48 [ 4.740985] fb0: EFI VGA frame buffer device [ 4.741057] pstore: Registered efi as persistent store backend [ 4.741151] hid: raw HID events driver (C) Jiri Kosina [ 4.741295] usbcore: registered new interface driver usbhid [ 4.741331] usbhid: USB HID core driver [ 4.741554] drop_monitor: Initializing network drop monitor service [ 4.741788] Initializing XFRM netlink socket [ 4.742496] NET: Registered PF_INET6 protocol family [ 4.774052] Segment Routing with IPv6 [ 4.774163] RPL Segment Routing with IPv6 [ 4.774333] In-situ OAM (IOAM) with IPv6 [ 4.774553] mip6: Mobile IPv6 [ 4.774656] NET: Registered PF_PACKET protocol family [ 4.776748] IPI shorthand broadcast: enabled [ 4.776938] SSE version of gcm_enc/dec engaged. [ 4.780732] sched_clock: Marking stable (4774852677, 5793915)->(5170796856, -390150264) [ 4.782057] registered taskstats version 1 [ 4.783375] Loading compiled-in X.509 certificates [ 4.807448] Loaded X.509 cert 'Build time autogenerated kernel key: 08b34c0acec9739c807d01b9a003b906d909315d' [ 4.810173] zswap: loaded using pool lzo/zbud [ 4.811232] page_owner is disabled [ 4.811667] Key type .fscrypt registered [ 4.811728] Key type fscrypt-provisioning registered [ 4.817432] Btrfs loaded, crc32c=crc32c-generic, zoned=yes, fsverity=yes [ 4.818796] pstore: Using crash dump compression: deflate [ 4.820045] Key type big_key registered [ 4.851663] Key type encrypted registered [ 4.854841] integrity: Couldn't get size: 0x8000000000000003 [ 4.855798] integrity: MODSIGN: Couldn't get UEFI db list [ 4.856771] integrity: Couldn't get size: 0x8000000000000003 [ 4.856798] integrity: Couldn't get UEFI dbx list [ 4.858811] ima: No TPM chip found, activating TPM-bypass! [ 4.859792] Loading compiled-in module X.509 certificates [ 4.861992] Loaded X.509 cert 'Build time autogenerated kernel key: 08b34c0acec9739c807d01b9a003b906d909315d' [ 4.862796] ima: Allocated hash algorithm: sha256 [ 4.863730] ima: No architecture policies found [ 4.865014] evm: Initialising EVM extended attributes: [ 4.865796] evm: security.selinux [ 4.866774] evm: security.SMACK64 (disabled) [ 4.868707] evm: security.SMACK64EXEC (disabled) [ 4.868806] evm: security.SMACK64TRANSMUTE (disabled) [ 4.872798] evm: security.SMACK64MMAP (disabled) [ 4.873696] evm: security.apparmor [ 4.874398] evm: security.ima [ 4.874796] evm: security.capability [ 4.876333] evm: HMAC attrs: 0x1 [ 4.903229] ata3.00: ATAPI: VBOX CD-ROM, 1.0, max UDMA/133 [ 4.949666] input: ImExPS/2 Generic Explorer Mouse as /devices/platform/i8042/serio1/input/input4 [ 5.030563] ata1: SATA link up 3.0 Gbps (SStatus 123 SControl 300) [ 5.035403] ata1.00: ATA-6: VBOX HARDDISK, 1.0, max UDMA/133 [ 5.036314] ata1.00: 167772160 sectors, multi 128: LBA48 NCQ (depth 32) [ 5.038006] ata1.00: configured for UDMA/133 [ 5.039334] scsi 0:0:0:0: Direct-Access ATA VBOX HARDDISK 1.0 PQ: 0 ANSI: 5 [ 5.042125] sd 0:0:0:0: Attached scsi generic sg0 type 0 [ 5.042486] sd 0:0:0:0: [sda] 167772160 512-byte logical blocks: (85.9 GB/80.0 GiB) [ 5.044219] scsi 2:0:0:0: CD-ROM VBOX CD-ROM 1.0 PQ: 0 ANSI: 5 [ 5.044227] sd 0:0:0:0: [sda] Write Protect is off [ 5.045658] sd 0:0:0:0: [sda] Mode Sense: 00 3a 00 00 [ 5.045778] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA [ 5.047268] sd 0:0:0:0: [sda] Preferred minimum I/O size 512 bytes [ 5.055976] sda: sda1 sda2 sda3 [ 5.062518] sd 0:0:0:0: [sda] Attached SCSI disk [ 5.075542] sr 2:0:0:0: [sr0] scsi3-mmc drive: 32x/32x xa/form2 tray [ 5.085799] cdrom: Uniform CD-ROM driver Revision: 3.20 [ 5.116484] sr 2:0:0:0: Attached scsi CD-ROM sr0 [ 5.116998] sr 2:0:0:0: Attached scsi generic sg1 type 5 [ 5.206330] alg: No test for 842 (842-scomp) [ 5.211046] alg: No test for 842 (842-generic) [ 5.528028] PM: Magic number: 11:903:582 [ 5.532265] pci 0000:00:06.0: hash matches [ 5.533196] RAS: Correctable Errors collector initialized. [ 5.544798] Freeing unused decrypted memory: 2036K [ 5.552805] Freeing unused kernel image (initmem) memory: 3536K [ 5.554926] Write protecting the kernel read-only data: 28672k [ 5.610486] Freeing unused kernel image (text/rodata gap) memory: 2036K [ 5.615162] Freeing unused kernel image (rodata/data gap) memory: 512K [ 5.615797] rodata_test: all tests were successful [ 5.616704] Run /init as init process [ 5.616797] with arguments: [ 5.617795] /init [ 5.617821] placeholder [ 5.617845] rhgb [ 5.617853] with environment: [ 5.617965] HOME=/ [ 5.617972] TERM=linux [ 5.673116] systemd[1]: systemd 251.14-2.fc37 running in system mode (+PAM +AUDIT +SELINUX -APPARMOR +IMA +SMACK +SECCOMP -GCRYPT +GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN -IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 +PWQUALITY +P11KIT +QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK +XKBCOMMON +UTMP +SYSVINIT default-hierarchy=unified) [ 5.679641] systemd[1]: Detected virtualization oracle. [ 5.680025] systemd[1]: Detected architecture x86-64. [ 5.681732] systemd[1]: Running in initial RAM disk. [ 5.686276] systemd[1]: No hostname configured, using default hostname. [ 5.688462] systemd[1]: Hostname set to . [ 5.715759] systemd[1]: Failed to open libbpf, cgroup BPF features disabled: Operation not supported [ 6.212001] systemd[1]: Queued start job for default target initrd.target. [ 6.637393] systemd[1]: Created slice system-systemd\x2dcryptsetup.slice - Slice /system/systemd-cryptsetup. [ 6.643392] systemd[1]: Reached target initrd-usr-fs.target - Initrd /usr File System. [ 6.645242] systemd[1]: Reached target local-fs.target - Local File Systems. [ 6.647436] systemd[1]: Reached target slices.target - Slice Units. [ 6.655541] systemd[1]: Reached target swap.target - Swaps. [ 6.658427] systemd[1]: Reached target timers.target - Timer Units. [ 6.664062] systemd[1]: Listening on systemd-journald-audit.socket - Journal Audit Socket. [ 6.667632] systemd[1]: Listening on systemd-journald-dev-log.socket - Journal Socket (/dev/log). [ 6.674915] systemd[1]: Listening on systemd-journald.socket - Journal Socket. [ 6.677704] systemd[1]: Listening on systemd-udevd-control.socket - udev Control Socket. [ 6.683353] systemd[1]: Listening on systemd-udevd-kernel.socket - udev Kernel Socket. [ 6.685964] systemd[1]: Reached target sockets.target - Socket Units. [ 6.843512] systemd[1]: Starting kmod-static-nodes.service - Create List of Static Device Nodes... [ 6.850667] systemd[1]: memstrack.service - Memstrack Anylazing Service was skipped because all trigger condition checks failed. [ 6.868391] systemd[1]: Starting systemd-journald.service - Journal Service... [ 6.879343] systemd[1]: Starting systemd-modules-load.service - Load Kernel Modules... [ 6.893797] systemd[1]: Starting systemd-vconsole-setup.service - Setup Virtual Console... [ 6.906784] systemd[1]: Finished kmod-static-nodes.service - Create List of Static Device Nodes. [ 6.918473] systemd[1]: Starting systemd-tmpfiles-setup-dev.service - Create Static Device Nodes in /dev... [ 6.966251] systemd[1]: Finished systemd-tmpfiles-setup-dev.service - Create Static Device Nodes in /dev. [ 6.981958] audit: type=1130 audit(1697891705.752:2): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-tmpfiles-setup-dev comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 6.982539] alua: device handler registered [ 6.990655] emc: device handler registered [ 6.996774] rdac: device handler registered [ 7.005347] xen:xen_evtchn: Event-channel device installed [ 7.033215] xen_pciback: backend is vpci [ 7.099129] systemd[1]: Started systemd-journald.service - Journal Service. [ 7.106446] audit: type=1130 audit(1697891705.877:3): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-journald comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 7.386536] audit: type=1130 audit(1697891706.157:4): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-modules-load comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 7.391430] audit: type=1130 audit(1697891706.162:5): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-vconsole-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 7.447742] audit: type=1130 audit(1697891706.218:6): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-tmpfiles-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 7.475602] audit: type=1130 audit(1697891706.246:7): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-sysctl comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 7.944639] pciback 0000:00:03.0: xen_pciback: seizing device [ 7.951593] xen: registering gsi 19 triggering 0 polarity 1 [ 7.951609] Already setup the GSI :19 [ 8.684002] audit: type=1130 audit(1697891707.455:8): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=dracut-cmdline comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 8.938461] audit: type=1130 audit(1697891707.709:9): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=dracut-pre-udev comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 8.940794] audit: type=1334 audit(1697891707.711:10): prog-id=6 op=LOAD [ 8.942203] audit: type=1334 audit(1697891707.711:11): prog-id=7 op=LOAD [ 9.059932] audit: type=1130 audit(1697891707.830:12): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-udevd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 9.113922] random: crng init done [ 9.702147] audit: type=1130 audit(1697891708.473:13): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-udev-trigger comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 9.742366] audit: type=1130 audit(1697891708.513:14): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=modprobe@configfs comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 9.745643] audit: type=1131 audit(1697891708.516:15): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=modprobe@configfs comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 9.813391] audit: type=1130 audit(1697891708.584:16): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=plymouth-start comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 10.077144] audit: type=1130 audit(1697891708.848:17): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-ask-password-plymouth comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 10.159629] Warning! ehci_hcd should always be loaded before uhci_hcd and ohci_hcd, not after [ 10.173673] xen: registering gsi 19 triggering 0 polarity 1 [ 10.173713] Already setup the GSI :19 [ 10.176403] ehci-pci 0000:00:0b.0: EHCI Host Controller [ 10.180305] ehci-pci 0000:00:0b.0: new USB bus registered, assigned bus number 1 [ 10.187071] ehci-pci 0000:00:0b.0: irq 19, io mem 0xe8626000 [ 10.195191] ehci-pci 0000:00:0b.0: USB 2.0 started, EHCI 1.00 [ 10.197192] usb usb1: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 6.01 [ 10.198720] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1 [ 10.205223] usb usb1: Product: EHCI Host Controller [ 10.206749] usb usb1: Manufacturer: Linux 6.1.43-1.qubes.fc37.x86_64 ehci_hcd [ 10.208355] usb usb1: SerialNumber: 0000:00:0b.0 [ 10.233413] hub 1-0:1.0: USB hub found [ 10.244044] Console: switching to colour dummy device 80x25 [ 10.246153] vmwgfx 0000:00:02.0: vgaarb: deactivate vga console [ 10.248163] xen: registering gsi 18 triggering 0 polarity 1 [ 10.248208] xen: --> pirq=18 -> irq=18 (gsi=18) [ 10.248440] vmwgfx 0000:00:02.0: [drm] FIFO at 0x00000000e8400000 size is 2048 kiB [ 10.249749] vmwgfx 0000:00:02.0: [drm] VRAM at 0x00000000e0000000 size is 131072 kiB [ 10.249794] vmwgfx 0000:00:02.0: [drm] Running on SVGA version 2. [ 10.249934] vmwgfx 0000:00:02.0: [drm] Capabilities: rect copy, cursor, cursor bypass, cursor bypass 2, alpha cursor, extended fifo, pitchlock, irq mask, gmr, traces, gmr2, screen object 2, command buffers, [ 10.249983] vmwgfx 0000:00:02.0: [drm] DMA map mode: Caching DMA mappings. [ 10.250178] vmwgfx 0000:00:02.0: [drm] Legacy memory limits: VRAM = 131072 kB, FIFO = 2048 kB, surface = 393216 kB [ 10.250211] vmwgfx 0000:00:02.0: [drm] MOB limits: max mob size = 0 kB, max mob pages = 0 [ 10.250240] vmwgfx 0000:00:02.0: [drm] Max GMR ids is 8192 [ 10.250262] vmwgfx 0000:00:02.0: [drm] Max number of GMR pages is 1048576 [ 10.250285] vmwgfx 0000:00:02.0: [drm] Maximum display memory size is 131072 kiB [ 10.267149] vmwgfx 0000:00:02.0: [drm] Screen Object display unit initialized [ 10.268231] vmwgfx 0000:00:02.0: [drm] Fifo max 0x00200000 min 0x00001000 cap 0x00000355 [ 10.270346] vmwgfx 0000:00:02.0: [drm] Using command buffers with DMA pool. [ 10.270385] vmwgfx 0000:00:02.0: [drm] Available shader model: Legacy. [ 10.270422] [drm:vmw_host_printf [vmwgfx]] *ERROR* Failed to send host log message. [ 10.277203] hub 1-0:1.0: 12 ports detected [ 10.285485] xen: registering gsi 22 triggering 0 polarity 1 [ 10.285501] Already setup the GSI :22 [ 10.285722] ohci-pci 0000:00:06.0: OHCI PCI host controller [ 10.285992] ohci-pci 0000:00:06.0: new USB bus registered, assigned bus number 2 [ 10.286237] ohci-pci 0000:00:06.0: irq 22, io mem 0xe8627000 [ 10.318588] fbcon: svgadrmfb (fb0) is primary device [ 10.343381] usb usb2: New USB device found, idVendor=1d6b, idProduct=0001, bcdDevice= 6.01 [ 10.343394] usb usb2: New USB device strings: Mfr=3, Product=2, SerialNumber=1 [ 10.343402] usb usb2: Product: OHCI PCI host controller [ 10.343408] usb usb2: Manufacturer: Linux 6.1.43-1.qubes.fc37.x86_64 ohci_hcd [ 10.343415] usb usb2: SerialNumber: 0000:00:06.0 [ 10.355585] hub 2-0:1.0: USB hub found [ 10.355668] hub 2-0:1.0: 12 ports detected [ 10.385010] Console: switching to colour frame buffer device 128x48 [ 10.400211] [drm] Initialized vmwgfx 2.20.0 20211206 for 0000:00:02.0 on minor 0 [ 10.661925] usb 2-1: new full-speed USB device number 2 using ohci-pci [ 10.906023] usb 2-1: New USB device found, idVendor=80ee, idProduct=0021, bcdDevice= 1.00 [ 10.906052] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0 [ 10.906074] usb 2-1: Product: USB Tablet [ 10.906090] usb 2-1: Manufacturer: VirtualBox [ 10.927136] input: VirtualBox USB Tablet as /devices/pci0000:00/0000:00:06.0/usb2/2-1/2-1:1.0/0003:80EE:0021.0001/input/input5 [ 10.927489] hid-generic 0003:80EE:0021.0001: input,hidraw0: USB HID v1.10 Mouse [VirtualBox USB Tablet] on usb-0000:00:06.0-1/input0 [ 15.284396] kauditd_printk_skb: 10 callbacks suppressed [ 15.284404] audit: type=1338 audit(1697891714.054:28): module=crypt op=ctr ppid=1 pid=461 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-cryptse" exe="/usr/lib/systemd/systemd-cryptsetup" dev=253:0 error_msg='success' res=1 [ 15.285270] audit: type=1300 audit(1697891714.054:28): arch=c000003e syscall=16 success=yes exit=0 a0=4 a1=c138fd09 a2=63524f282b30 a3=0 items=6 ppid=1 pid=461 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="systemd-cryptse" exe="/usr/lib/systemd/systemd-cryptsetup" key=(null) [ 15.285323] audit: type=1307 audit(1697891714.054:28): cwd="/" [ 15.285344] audit: type=1302 audit(1697891714.054:28): item=0 name=(null) inode=37 dev=00:07 mode=040755 ouid=0 ogid=0 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 15.285378] audit: type=1302 audit(1697891714.054:28): item=1 name=(null) inode=17231 dev=00:07 mode=040755 ouid=0 ogid=0 rdev=00:00 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 15.285413] audit: type=1302 audit(1697891714.054:28): item=2 name=(null) inode=26 dev=00:07 mode=040755 ouid=0 ogid=0 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 15.285447] audit: type=1302 audit(1697891714.054:28): item=3 name=(null) inode=17232 dev=00:07 mode=040755 ouid=0 ogid=0 rdev=00:00 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 15.285481] audit: type=1302 audit(1697891714.054:28): item=4 name=(null) inode=17232 dev=00:07 mode=040755 ouid=0 ogid=0 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 15.285544] audit: type=1302 audit(1697891714.054:28): item=5 name=(null) inode=17233 dev=00:07 mode=0100444 ouid=0 ogid=0 rdev=00:00 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0 [ 15.285579] audit: type=1327 audit(1697891714.054:28): proctitle=2F7573722F6C69622F73797374656D642F73797374656D642D6372797074736574757000617474616368006C756B732D61323632633439342D393234632D346134342D613238652D666466323533663463633531002F6465762F6469736B2F62792D757569642F61323632633439342D393234632D346134342D613238652D66 [ 16.689015] device-mapper: thin: Data device (dm-2) discard unsupported: Disabling discard passdown. [ 18.458260] EXT4-fs (dm-4): mounted filesystem with ordered data mode. Quota mode: none. [ 19.931609] systemd-journald[252]: Received SIGTERM from PID 1 (systemd). [ 20.228946] systemd[1]: systemd 251.14-2.fc37 running in system mode (+PAM +AUDIT +SELINUX -APPARMOR +IMA +SMACK +SECCOMP -GCRYPT +GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN -IPTC +KMOD +LIBCRYPTSETUP +LIBFDISK +PCRE2 +PWQUALITY +P11KIT +QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK +XKBCOMMON +UTMP +SYSVINIT default-hierarchy=unified) [ 20.229017] systemd[1]: Detected virtualization oracle. [ 20.229053] systemd[1]: Detected architecture x86-64. [ 20.233594] systemd[1]: Hostname set to . [ 20.290650] kauditd_printk_skb: 32 callbacks suppressed [ 20.290657] audit: type=1334 audit(1697891719.060:61): prog-id=18 op=LOAD [ 20.290683] audit: type=1334 audit(1697891719.061:62): prog-id=18 op=UNLOAD [ 20.290937] audit: type=1334 audit(1697891719.061:63): prog-id=19 op=LOAD [ 20.290953] audit: type=1334 audit(1697891719.062:64): prog-id=19 op=UNLOAD [ 20.299347] audit: type=1334 audit(1697891719.070:65): prog-id=20 op=LOAD [ 20.299366] audit: type=1334 audit(1697891719.070:66): prog-id=20 op=UNLOAD [ 20.300562] audit: type=1334 audit(1697891719.071:67): prog-id=21 op=LOAD [ 20.300580] audit: type=1334 audit(1697891719.071:68): prog-id=21 op=UNLOAD [ 20.300869] audit: type=1334 audit(1697891719.071:69): prog-id=22 op=LOAD [ 20.300894] audit: type=1334 audit(1697891719.071:70): prog-id=22 op=UNLOAD [ 20.422247] systemd[1]: bpf-lsm: BPF LSM hook not enabled in the kernel, BPF LSM not supported [ 20.973553] systemd[1]: /usr/lib/systemd/system/qubesd.service:8: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether. [ 20.981242] systemd[1]: /usr/lib/systemd/system/qubes-qmemman.service:7: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether. [ 20.984141] systemd[1]: /usr/lib/systemd/system/qubes-db-dom0.service:9: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether. [ 20.986960] systemd[1]: /usr/lib/systemd/system/qubes-core.service:8: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether. [ 21.510747] systemd[1]: systemd-ask-password-plymouth.service: Deactivated successfully. [ 21.513255] systemd[1]: initrd-switch-root.service: Deactivated successfully. [ 21.515746] systemd[1]: Stopped initrd-switch-root.service - Switch Root. [ 21.517715] systemd[1]: systemd-journald.service: Scheduled restart job, restart counter is at 1. [ 21.519547] systemd[1]: Created slice system-getty.slice - Slice /system/getty. [ 21.521374] systemd[1]: Created slice system-qubes\x2dvm.slice - Slice /system/qubes-vm. [ 21.523023] systemd[1]: Created slice system-serial\x2dgetty.slice - Slice /system/serial-getty. [ 21.524562] systemd[1]: Created slice system-systemd\x2dfsck.slice - Slice /system/systemd-fsck. [ 21.526060] systemd[1]: Created slice user.slice - User and Session Slice. [ 21.526239] systemd[1]: systemd-ask-password-console.path - Dispatch Password Requests to Console Directory Watch was skipped because of a failed condition check (ConditionPathExists=!/run/plymouth/pid). [ 21.527006] systemd[1]: Set up automount proc-sys-fs-binfmt_misc.automount - Arbitrary Executable File Formats File System Automount Point. [ 21.527281] systemd[1]: Reached target blockdev@dev-mapper-luks\x2da262c494\x2d924c\x2d4a44\x2da28e\x2dfdf253f4cc51.target - Block Device Preparation for /dev/mapper/luks-a262c494-924c-4a44-a28e-fdf253f4cc51. [ 21.527520] systemd[1]: Stopped target initrd-switch-root.target - Switch Root. [ 21.527696] systemd[1]: Stopped target initrd-fs.target - Initrd File Systems. [ 21.527959] systemd[1]: Stopped target initrd-root-fs.target - Initrd Root File System. [ 21.528123] systemd[1]: Reached target integritysetup.target - Local Integrity Protected Volumes. [ 21.528355] systemd[1]: Reached target remote-cryptsetup.target - Remote Encrypted Volumes. [ 21.528534] systemd[1]: Reached target remote-fs.target - Remote File Systems. [ 21.528710] systemd[1]: Reached target slices.target - Slice Units. [ 21.529087] systemd[1]: Reached target veritysetup.target - Local Verity Protected Volumes. [ 21.529585] systemd[1]: Listening on dm-event.socket - Device-mapper event daemon FIFOs. [ 21.534268] systemd[1]: Listening on systemd-coredump.socket - Process Core Dump Socket. [ 21.534648] systemd[1]: Listening on systemd-initctl.socket - initctl Compatibility Named Pipe. [ 21.536090] systemd[1]: Listening on systemd-udevd-control.socket - udev Control Socket. [ 21.537172] systemd[1]: Listening on systemd-udevd-kernel.socket - udev Kernel Socket. [ 21.537765] systemd[1]: Listening on systemd-userdbd.socket - User Database Manager Socket. [ 21.550369] systemd[1]: Activating swap dev-mapper-qubes_dom0\x2dswap.swap - /dev/mapper/qubes_dom0-swap... [ 21.551763] systemd[1]: dev-hugepages.mount - Huge Pages File System was skipped because of a failed condition check (ConditionPathExists=/sys/kernel/mm/hugepages). [ 21.559574] systemd[1]: Mounting dev-mqueue.mount - POSIX Message Queue File System... [ 21.568400] systemd[1]: Mounting proc-xen.mount - Mount /proc/xen files... [ 21.572918] Adding 4116476k swap on /dev/mapper/qubes_dom0-swap. Priority:-2 extents:1 across:4116476k FS [ 21.577367] systemd[1]: Mounting sys-kernel-debug.mount - Kernel Debug File System... [ 21.586477] systemd[1]: Mounting sys-kernel-tracing.mount - Kernel Trace File System... [ 21.606250] systemd[1]: Starting kmod-static-nodes.service - Create List of Static Device Nodes... [ 21.616431] systemd[1]: Starting lvm2-monitor.service - Monitoring of LVM2 mirrors, snapshots etc. using dmeventd or progress polling... [ 21.626906] systemd[1]: Starting modprobe@configfs.service - Load Kernel Module configfs... [ 21.636754] systemd[1]: Starting modprobe@dm_mod.service - Load Kernel Module dm_mod... [ 21.645554] systemd[1]: Starting modprobe@drm.service - Load Kernel Module drm... [ 21.653669] systemd[1]: Starting modprobe@fuse.service - Load Kernel Module fuse... [ 21.663060] systemd[1]: Starting modprobe@loop.service - Load Kernel Module loop... [ 21.663624] systemd[1]: plymouth-switch-root.service: Deactivated successfully. [ 21.664054] systemd[1]: Stopped plymouth-switch-root.service - Plymouth switch root service. [ 21.665605] systemd[1]: Stopped systemd-journald.service - Journal Service. [ 21.678762] systemd[1]: Starting systemd-journald.service - Journal Service... [ 21.697221] systemd[1]: Starting systemd-modules-load.service - Load Kernel Modules... [ 21.702550] loop: module loaded [ 21.710371] systemd[1]: Starting systemd-network-generator.service - Generate network units from Kernel command line... [ 21.726768] fuse: init (API version 7.37) [ 21.730505] systemd[1]: Starting systemd-remount-fs.service - Remount Root and Kernel File Systems... [ 21.738421] systemd[1]: Starting systemd-udev-trigger.service - Coldplug All udev Devices... [ 21.768710] systemd[1]: Activated swap dev-mapper-qubes_dom0\x2dswap.swap - /dev/mapper/qubes_dom0-swap. [ 21.781383] systemd[1]: Mounted dev-mqueue.mount - POSIX Message Queue File System. [ 21.783382] systemd[1]: Mounted proc-xen.mount - Mount /proc/xen files. [ 21.784355] EXT4-fs (dm-4): re-mounted. Quota mode: none. [ 21.788342] systemd[1]: Mounted sys-kernel-debug.mount - Kernel Debug File System. [ 21.789654] systemd[1]: Mounted sys-kernel-tracing.mount - Kernel Trace File System. [ 21.791706] systemd[1]: Finished kmod-static-nodes.service - Create List of Static Device Nodes. [ 21.794040] systemd[1]: modprobe@configfs.service: Deactivated successfully. [ 21.794769] systemd[1]: Finished modprobe@configfs.service - Load Kernel Module configfs. [ 21.796515] systemd[1]: modprobe@dm_mod.service: Deactivated successfully. [ 21.797310] systemd[1]: Finished modprobe@dm_mod.service - Load Kernel Module dm_mod. [ 21.799097] systemd[1]: modprobe@drm.service: Deactivated successfully. [ 21.799886] systemd[1]: Finished modprobe@drm.service - Load Kernel Module drm. [ 21.801631] systemd[1]: modprobe@fuse.service: Deactivated successfully. [ 21.802551] systemd[1]: Finished modprobe@fuse.service - Load Kernel Module fuse. [ 21.804520] systemd[1]: modprobe@loop.service: Deactivated successfully. [ 21.805712] systemd[1]: Finished modprobe@loop.service - Load Kernel Module loop. [ 21.807760] systemd[1]: Finished systemd-network-generator.service - Generate network units from Kernel command line. [ 21.810576] systemd[1]: Finished systemd-remount-fs.service - Remount Root and Kernel File Systems. [ 21.814522] systemd[1]: Reached target network-pre.target - Preparation for Network. [ 21.814916] systemd[1]: Reached target swap.target - Swaps. [ 22.011912] systemd[1]: Mounting sys-fs-fuse-connections.mount - FUSE Control File System... [ 22.025650] systemd[1]: Mounting tmp.mount - Temporary Directory /tmp... [ 22.026486] systemd[1]: systemd-firstboot.service - First Boot Wizard was skipped because of a failed condition check (ConditionFirstBoot=yes). [ 22.033340] systemd[1]: systemd-hwdb-update.service - Rebuild Hardware Database was skipped because of a failed condition check (ConditionNeedsUpdate=/etc). [ 22.033654] systemd[1]: systemd-pstore.service - Platform Persistent Storage Archival was skipped because of a failed condition check (ConditionDirectoryNotEmpty=/sys/fs/pstore). [ 22.041184] systemd[1]: Starting systemd-random-seed.service - Load/Save Random Seed... [ 22.042050] systemd[1]: systemd-repart.service - Repartition Root Disk was skipped because all trigger condition checks failed. [ 22.042512] systemd[1]: systemd-sysusers.service - Create System Users was skipped because of a failed condition check (ConditionNeedsUpdate=/etc). [ 22.051112] systemd[1]: Starting systemd-tmpfiles-setup-dev.service - Create Static Device Nodes in /dev... [ 22.059124] systemd[1]: Started systemd-journald.service - Journal Service. [ 22.133654] systemd-journald[846]: Received client request to flush runtime journal. [ 23.925714] ACPI: video: Video Device [GFX0] (multi-head: yes rom: no post: no) [ 23.931662] input: Video Bus as /devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/LNXVIDEO:00/input/input6 [ 24.086280] e1000: Intel(R) PRO/1000 Network Driver [ 24.086301] e1000: Copyright (c) 1999-2006 Intel Corporation. [ 24.086673] piix4_smbus 0000:00:07.0: SMBus Host Controller at 0x4100, revision 0 [ 24.200172] xen: registering gsi 20 triggering 0 polarity 1 [ 24.200249] xen: --> pirq=20 -> irq=20 (gsi=20) [ 24.205645] vbg_status_code_to_errno: Unhandled err -1 [ 24.206431] vbg_query_host_version error: -1 [ 24.210724] vboxguest: probe of 0000:00:04.0 failed with error -71 [ 24.369272] input: PC Speaker as /devices/platform/pcspkr/input/input7 [ 24.575555] xen: registering gsi 21 triggering 0 polarity 1 [ 24.575572] Already setup the GSI :21 [ 24.860098] snd_intel8x0 0000:00:05.0: allow list rate for 1028:0177 is 48000 [ 26.176187] kauditd_printk_skb: 73 callbacks suppressed [ 26.176195] audit: type=1130 audit(1697891724.947:142): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=modprobe@dm_mod comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 26.176949] audit: type=1131 audit(1697891724.947:143): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=modprobe@dm_mod comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 26.191653] audit: type=1130 audit(1697891724.962:144): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=modprobe@loop comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 26.192505] audit: type=1131 audit(1697891724.963:145): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=modprobe@loop comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 26.932940] audit: type=1130 audit(1697891725.703:146): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-fsck@dev-disk-by\x2duuid-2726958c\x2df8ba\x2d4bea\x2daf4a\x2ddfda6e8fa063 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 27.054286] audit: type=1130 audit(1697891725.825:147): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-fsck@dev-disk-by\x2duuid-C863\x2d5E54 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 27.061119] EXT4-fs (sda2): mounting with "discard" option, but the device does not support discard [ 27.061156] EXT4-fs (sda2): mounted filesystem with ordered data mode. Quota mode: none. [ 27.171302] FAT-fs (sda1): mounting with "discard" option, but the device does not support discard [ 27.350774] audit: type=1130 audit(1697891726.121:148): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=plymouth-read-write comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 27.501241] audit: type=1130 audit(1697891726.272:149): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-tmpfiles-setup comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 27.521617] device-mapper: thin: Data device (dm-8) discard unsupported: Disabling discard passdown. [ 27.572096] audit: type=1127 audit(1697891726.343:150): pid=1661 uid=0 auid=4294967295 ses=4294967295 msg=' comm="systemd-update-utmp" exe="/usr/lib/systemd/systemd-update-utmp" hostname=? addr=? terminal=? res=success' [ 27.589234] audit: type=1130 audit(1697891726.360:151): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-update-utmp comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 31.416435] kauditd_printk_skb: 30 callbacks suppressed [ 31.416443] audit: type=1130 audit(1697891730.187:182): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=qubes-core comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 31.438992] audit: type=1130 audit(1697891730.210:183): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=qubes-meminfo-writer-dom0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 31.524581] audit: type=1130 audit(1697891730.295:184): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-user-sessions comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 31.565043] audit: type=1130 audit(1697891730.336:185): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=crond comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 31.795494] audit: type=1130 audit(1697891730.564:186): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=lightdm comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 31.905930] audit: type=1334 audit(1697891730.676:187): prog-id=49 op=LOAD [ 32.255955] audit: type=1130 audit(1697891731.027:188): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=accounts-daemon comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 34.060680] audit: type=1130 audit(1697891732.829:189): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=plymouth-quit-wait comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 34.086484] audit: type=1130 audit(1697891732.857:190): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=serial-getty@hvc0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 34.197496] audit: type=1103 audit(1697891732.966:191): pid=2352 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_env,pam_permit acct="lightdm" exe="/usr/sbin/lightdm" hostname=? addr=? terminal=:0 res=success' [ 39.577898] memmap_init_zone_device initialised 32768 pages in 2ms [ 39.768221] loop0: detected capacity change from 0 to 1045792 [ 39.871768] pciback 0000:00:03.0: xen_pciback: vpci: assign to virtual slot 0 [ 39.872538] pciback 0000:00:03.0: registering for 1 [ 39.946254] kauditd_printk_skb: 9 callbacks suppressed [ 39.946262] audit: type=1103 audit(1697891738.717:199): pid=2626 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_rootok acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 39.949464] audit: type=1105 audit(1697891738.720:200): pid=2626 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_unix acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 39.985553] audit: type=1106 audit(1697891738.756:201): pid=2626 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_unix acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 39.985696] audit: type=1104 audit(1697891738.756:202): pid=2626 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_rootok acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 40.035746] audit: type=1103 audit(1697891738.806:203): pid=2634 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_rootok acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 40.039021] audit: type=1105 audit(1697891738.810:204): pid=2634 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_unix acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 42.840509] audit: type=1100 audit(1697891741.611:205): pid=2604 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication grantors=pam_usertype,pam_localuser,pam_unix acct="user" exe="/usr/sbin/lightdm" hostname=? addr=? terminal=:0 res=success' [ 42.841458] audit: type=1101 audit(1697891741.612:206): pid=2604 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="user" exe="/usr/sbin/lightdm" hostname=? addr=? terminal=:0 res=success' [ 42.986425] audit: type=1106 audit(1697891741.757:207): pid=2352 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:session_close grantors=pam_unix,pam_systemd acct="lightdm" exe="/usr/sbin/lightdm" hostname=? addr=? terminal=:0 res=success' [ 42.987242] audit: type=1104 audit(1697891741.757:208): pid=2352 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_env,pam_permit acct="lightdm" exe="/usr/sbin/lightdm" hostname=? addr=? terminal=:0 res=success' [ 43.521018] xen-blkback: backend/vbd/1/51712: using 2 queues, protocol 1 (x86_64-abi) persistent grants [ 43.536162] xen-blkback: backend/vbd/1/51728: using 2 queues, protocol 1 (x86_64-abi) persistent grants [ 43.558395] xen-blkback: backend/vbd/1/51744: using 2 queues, protocol 1 (x86_64-abi) persistent grants [ 43.580434] xen-blkback: backend/vbd/1/51760: using 2 queues, protocol 1 (x86_64-abi) persistent grants [ 45.428371] kauditd_printk_skb: 14 callbacks suppressed [ 45.428377] audit: type=1334 audit(1697891744.199:219): prog-id=50 op=LOAD [ 45.428935] audit: type=1334 audit(1697891744.199:220): prog-id=51 op=LOAD [ 45.429172] audit: type=1334 audit(1697891744.200:221): prog-id=52 op=LOAD [ 45.640508] audit: type=1130 audit(1697891744.409:222): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 50.382343] audit: type=1130 audit(1697891749.151:223): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=rtkit-daemon comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 53.702046] audit: type=1131 audit(1697891752.472:224): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=user@993 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 53.921614] audit: type=1131 audit(1697891752.692:225): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=user-runtime-dir@993 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 54.417040] audit: type=1101 audit(1697891753.188:226): pid=2880 uid=1000 auid=1000 ses=2 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="user" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 54.418678] audit: type=1123 audit(1697891753.189:227): pid=2880 uid=1000 auid=1000 ses=2 msg='cwd="/home/user" cmd=2F62696E2F73797374656D63746C202D2D6E6F2D626C6F636B2073746172742071756265732D696E7075742D73656E6465722D6B6579626F617264406576656E74352E73657276696365 exe="/usr/bin/sudo" terminal=? res=success' [ 54.464931] audit: type=1110 audit(1697891753.236:228): pid=2880 uid=1000 auid=1000 ses=2 msg='op=PAM:setcred grantors=pam_env,pam_localuser,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 54.615259] audit: type=1105 audit(1697891753.385:229): pid=2880 uid=1000 auid=1000 ses=2 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 55.602603] audit: type=1130 audit(1697891754.373:230): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=qubes-input-sender-keyboard@event5 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 55.640115] audit: type=1131 audit(1697891754.406:231): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=qubes-input-sender-keyboard@event5 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 55.673183] audit: type=1106 audit(1697891754.443:232): pid=2880 uid=1000 auid=1000 ses=2 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 55.676981] audit: type=1104 audit(1697891754.448:233): pid=2880 uid=1000 auid=1000 ses=2 msg='op=PAM:setcred grantors=pam_env,pam_localuser,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 58.844922] kauditd_printk_skb: 32 callbacks suppressed [ 58.844930] audit: type=1101 audit(1697891757.615:266): pid=2967 uid=1000 auid=1000 ses=2 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="user" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 58.844980] audit: type=1123 audit(1697891757.615:267): pid=2967 uid=1000 auid=1000 ses=2 msg='cwd="/home/user" cmd=2F62696E2F73797374656D63746C202D2D6E6F2D626C6F636B2073746172742071756265732D696E7075742D73656E6465722D6B6579626F617264406576656E74302E73657276696365 exe="/usr/bin/sudo" terminal=? res=success' [ 58.848556] audit: type=1110 audit(1697891757.618:268): pid=2967 uid=1000 auid=1000 ses=2 msg='op=PAM:setcred grantors=pam_env,pam_localuser,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 58.866355] audit: type=1105 audit(1697891757.637:269): pid=2967 uid=1000 auid=1000 ses=2 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 58.948725] audit: type=1106 audit(1697891757.718:270): pid=2967 uid=1000 auid=1000 ses=2 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 58.952273] audit: type=1104 audit(1697891757.723:271): pid=2967 uid=1000 auid=1000 ses=2 msg='op=PAM:setcred grantors=pam_env,pam_localuser,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=? res=success' [ 58.977472] audit: type=1130 audit(1697891757.740:272): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=qubes-input-sender-keyboard@event0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 59.006872] audit: type=1131 audit(1697891757.772:273): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=qubes-input-sender-keyboard@event0 comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 59.108204] xen: registering gsi 19 triggering 0 polarity 1 [ 59.108222] Already setup the GSI :19 [ 59.120315] xen: registering gsi 19 triggering 0 polarity 1 [ 59.120332] Already setup the GSI :19 [ 59.126388] xen: registering gsi 19 triggering 0 polarity 1 [ 59.126405] Already setup the GSI :19 [ 59.133021] xen: registering gsi 19 triggering 0 polarity 1 [ 59.133039] Already setup the GSI :19 [ 59.139453] xen: registering gsi 19 triggering 0 polarity 1 [ 59.139469] Already setup the GSI :19 [ 59.145259] xen: registering gsi 19 triggering 0 polarity 1 [ 59.145276] Already setup the GSI :19 [ 59.152863] xen: registering gsi 19 triggering 0 polarity 1 [ 59.152958] Already setup the GSI :19 [ 59.158664] xen: registering gsi 19 triggering 0 polarity 1 [ 59.158693] Already setup the GSI :19 [ 66.105016] audit: type=1106 audit(1697891764.872:274): pid=2634 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_unix acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 66.105062] audit: type=1104 audit(1697891764.872:275): pid=2634 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_rootok acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 66.201096] audit: type=1130 audit(1697891764.972:276): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=qubes-vm@sys-net comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 71.719411] audit: type=1101 audit(1697891770.489:277): pid=3171 uid=1000 auid=1000 ses=2 msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="user" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success' [ 71.719748] audit: type=1123 audit(1697891770.490:278): pid=3171 uid=1000 auid=1000 ses=2 msg='cwd="/home/user" cmd="-bash" exe="/usr/bin/sudo" terminal=pts/1 res=success' [ 71.723388] audit: type=1110 audit(1697891770.494:279): pid=3171 uid=1000 auid=1000 ses=2 msg='op=PAM:setcred grantors=pam_env,pam_localuser,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success' [ 71.745451] audit: type=1105 audit(1697891770.516:280): pid=3171 uid=1000 auid=1000 ses=2 msg='op=PAM:session_open grantors=pam_keyinit,pam_keyinit,pam_limits,pam_keyinit,pam_limits,pam_systemd,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success' [ 74.086560] loop1: detected capacity change from 0 to 1045792 [ 74.475944] audit: type=1103 audit(1697891773.246:281): pid=3216 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_rootok acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 74.481534] audit: type=1105 audit(1697891773.252:282): pid=3216 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_unix acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 74.529388] audit: type=1106 audit(1697891773.300:283): pid=3216 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_unix acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 74.529537] audit: type=1104 audit(1697891773.300:284): pid=3216 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_rootok acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 74.675204] audit: type=1103 audit(1697891773.445:285): pid=3222 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_rootok acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 74.689085] audit: type=1105 audit(1697891773.460:286): pid=3222 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:session_open grantors=pam_keyinit,pam_limits,pam_unix acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 79.949504] xen-blkback: backend/vbd/2/51712: using 2 queues, protocol 1 (x86_64-abi) persistent grants [ 79.991349] xen-blkback: backend/vbd/2/51728: using 2 queues, protocol 1 (x86_64-abi) persistent grants [ 80.041475] xen-blkback: backend/vbd/2/51744: using 2 queues, protocol 1 (x86_64-abi) persistent grants [ 80.076463] xen-blkback: backend/vbd/2/51760: using 2 queues, protocol 1 (x86_64-abi) persistent grants [ 97.754993] audit: type=1106 audit(1697891796.521:287): pid=3222 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:session_close grantors=pam_keyinit,pam_limits,pam_unix acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 97.755041] audit: type=1104 audit(1697891796.521:288): pid=3222 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_rootok acct="user" exe="/usr/sbin/runuser" hostname=? addr=? terminal=? res=success' [ 97.865649] audit: type=1130 audit(1697891796.636:289): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=qubes-vm@sys-firewall comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 97.975237] audit: type=1129 audit(1697891796.745:290): pid=3243 uid=0 auid=4294967295 ses=4294967295 msg='old-level=N new-level=5 comm="systemd-update-utmp" exe="/usr/lib/systemd/systemd-update-utmp" hostname=? addr=? terminal=? res=success' [ 97.995556] audit: type=1130 audit(1697891796.766:291): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-update-utmp-runlevel comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 97.995897] audit: type=1131 audit(1697891796.766:292): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-update-utmp-runlevel comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 128.200626] audit: type=1131 audit(1697891826.971:293): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-hostnamed comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' [ 128.230016] audit: type=1334 audit(1697891827.001:294): prog-id=52 op=UNLOAD [ 128.230053] audit: type=1334 audit(1697891827.001:295): prog-id=51 op=UNLOAD [ 128.230068] audit: type=1334 audit(1697891827.001:296): prog-id=50 op=UNLOAD ```

xl dmesg

``` IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=d5[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 4e (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=d5[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector 66 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=d5[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector 6e (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=d5[ffffffff] t=IO-APIC-level s=00000010 (XEN) CPU1: No irq handler for vector 76 (IRQ -20, LAPIC) (XEN) IRQ19 a=0004[0004,0000] v=7e[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector 86 (IRQ -2, LAPIC) (XEN) IRQ1 a=0002[0002,0000] v=8e[ffffffff] t=IO-APIC-edge s=00000030 (XEN) CPU2: No irq handler for vector 8e (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=d5[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector 9e (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=d5[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector a6 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=d5[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector b6 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=d5[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 96 (IRQ -20, LAPIC) (XEN) IRQ19 a=0001[0001,0000] v=ae[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector be (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=d5[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector ce (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=d5[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector de (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=d5[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector c6 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=ee[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector e6 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=ee[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 37 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=ee[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector 3f (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=ee[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector 4f (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=ee[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 57 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=ee[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector 27 (IRQ -8, LAPIC) (XEN) IRQ7 a=0001[0001,0000] v=58[ffffffff] t=IO-APIC-edge s=00000002 (XEN) CPU3: No irq handler for vector 5f (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0004] v=77[ee] t=IO-APIC-level s=00000010 (XEN) CPU1: No irq handler for vector 7f (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=77[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector 87 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=77[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 8f (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=77[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector 97 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=77[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector 67 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=77[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector 9f (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=77[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector af (IRQ -2, LAPIC) (XEN) IRQ1 a=0004[0004,0000] v=b7[ffffffff] t=IO-APIC-edge s=00000010 (XEN) CPU1: No irq handler for vector b7 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=77[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector c7 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=77[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector cf (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=77[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector d7 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=77[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector df (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=77[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector a7 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=77[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector e7 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=77[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 28 (IRQ -16, LAPIC) (XEN) IRQ15 a=0008[0008,0000] v=ef[ffffffff] t=IO-APIC-edge s=00000030 (XEN) CPU3: No irq handler for vector a0 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=a8[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector b0 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=b8[ffffffff] t=IO-APIC-level s=00000010 (XEN) CPU2: No irq handler for vector c0 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=b8[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector c8 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=d0[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector e0 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=d0[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector 31 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=d0[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector 39 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=d0[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector ef (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=d0[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector 41 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=d0[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector 51 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=d0[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 59 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=61[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector 69 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=61[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 71 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=61[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector 49 (IRQ -2, LAPIC) (XEN) IRQ1 a=0004[0004,0000] v=79[ffffffff] t=IO-APIC-edge s=00000030 (XEN) CPU0: No irq handler for vector 79 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=61[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector 89 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0008] v=91[61] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector a1 (IRQ -22, LAPIC) (XEN) IRQ21 a=0002[0002,0000] v=a9[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 81 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=52[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector 62 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=92[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector 9a (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=92[ffffffff] t=IO-APIC-level s=00000010 (XEN) CPU1: No irq handler for vector b2 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=da[ffffffff] t=IO-APIC-level s=00000010 (XEN) CPU2: No irq handler for vector e2 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=da[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector 23 (IRQ -2, LAPIC) (XEN) IRQ1 a=0004[0004,0000] v=b1[ffffffff] t=IO-APIC-edge s=00000030 (XEN) CPU0: No irq handler for vector 7b (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=8b[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector a3 (IRQ -22, LAPIC) (XEN) IRQ21 a=0002[0002,0008] v=ab[8b] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector c3 (IRQ -2, LAPIC) (XEN) IRQ1 a=0004[0004,0000] v=b1[ffffffff] t=IO-APIC-edge s=00000030 (XEN) CPU2: No irq handler for vector eb (IRQ -23, LAPIC) (XEN) IRQ22 a=0001[0001,0000] v=cb[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector 2c (IRQ -23, LAPIC) (XEN) IRQ22 a=0001[0001,0000] v=cb[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector b1 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=e3[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 44 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0000] v=e3[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector 54 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=5c[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 3c (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=5c[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector 64 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=5c[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector 7c (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=5c[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector 84 (IRQ -23, LAPIC) (XEN) IRQ22 a=0001[0001,0000] v=cb[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 8c (IRQ -23, LAPIC) (XEN) IRQ22 a=0001[0001,0000] v=cb[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector 94 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=5c[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector 6c (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=5c[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 9c (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=5c[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector ac (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=5c[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector b4 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=5c[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector bc (IRQ -16, LAPIC) (XEN) IRQ15 a=0001[0001,0000] v=a4[ffffffff] t=IO-APIC-edge s=00000030 (XEN) CPU1: No irq handler for vector c4 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0004] v=cc[5c] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector d4 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0004] v=cc[5c] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector dc (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0004] v=cc[5c] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector e4 (IRQ -22, LAPIC) (XEN) IRQ21 a=0008[0008,0004] v=cc[5c] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector ec (IRQ -22, LAPIC) (XEN) IRQ21 a=0002[0002,0000] v=25[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector 35 (IRQ -22, LAPIC) (XEN) IRQ21 a=0002[0002,0000] v=25[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector 3d (IRQ -22, LAPIC) (XEN) IRQ21 a=0002[0002,0000] v=25[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 45 (IRQ -22, LAPIC) (XEN) IRQ21 a=0002[0002,0000] v=25[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector a4 (IRQ -22, LAPIC) (XEN) IRQ21 a=0002[0002,0000] v=25[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector 4d (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=76[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector 7e (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=86[ffffffff] t=IO-APIC-level s=00000010 (XEN) CPU1: No irq handler for vector 55 (IRQ -2, LAPIC) (XEN) IRQ1 a=0001[0001,0000] v=8e[ffffffff] t=IO-APIC-edge s=00000030 (XEN) CPU2: No irq handler for vector 8e (IRQ -22, LAPIC) (XEN) IRQ21 a=0002[0002,0000] v=be[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector c6 (IRQ -22, LAPIC) (XEN) IRQ21 a=0002[0002,0000] v=be[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector ce (IRQ -22, LAPIC) (XEN) IRQ21 a=0002[0002,0000] v=be[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector d6 (IRQ -20, LAPIC) (XEN) IRQ19 a=0004[0004,0008] v=de[5d] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector e6 (IRQ -22, LAPIC) (XEN) IRQ21 a=0002[0002,0000] v=be[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector ee (IRQ -22, LAPIC) (XEN) IRQ21 a=0002[0002,0000] v=be[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector 27 (IRQ -2, LAPIC) (XEN) IRQ1 a=0008[0008,0000] v=2f[ffffffff] t=IO-APIC-edge s=00000010 (XEN) CPU2: No irq handler for vector 96 (IRQ -20, LAPIC) (XEN) IRQ19 a=0004[0004,0008] v=de[5d] t=IO-APIC-level s=00000030 (XEN) spurious 8259A interrupt: IRQ15. (XEN) CPU0: No irq handler for vector 2f (IRQ -16, LAPIC) (XEN) IRQ15 a=0004[0004,0000] v=37[ffffffff] t=IO-APIC-edge s=00000010 (XEN) CPU1: No irq handler for vector 47 (IRQ -2, LAPIC) (XEN) IRQ1 a=0002[0002,0001] v=4f[47] t=IO-APIC-edge s=00000010 (XEN) CPU2: No irq handler for vector 4f (IRQ -22, LAPIC) (XEN) IRQ21 a=0002[0002,0000] v=be[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector 57 (IRQ -22, LAPIC) (XEN) IRQ21 a=0002[0002,0000] v=be[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector 5f (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=6f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector 77 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=6f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector 37 (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=6f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 7f (IRQ -22, LAPIC) (XEN) IRQ21 a=0004[0004,0000] v=6f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector 8f (IRQ -2, LAPIC) (XEN) IRQ1 a=0001[0001,0004] v=97[8f] t=IO-APIC-edge s=00000010 (XEN) CPU3: No irq handler for vector 87 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=9f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector a7 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=9f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector 97 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=9f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector cf (IRQ -2, LAPIC) (XEN) IRQ1 a=0004[0004,0000] v=d7[ffffffff] t=IO-APIC-edge s=00000010 (XEN) CPU3: No irq handler for vector d7 (IRQ -2, LAPIC) (XEN) IRQ1 a=0008[0008,0000] v=df[ffffffff] t=IO-APIC-edge s=00000010 (XEN) CPU1: No irq handler for vector df (IRQ -2, LAPIC) (XEN) IRQ1 a=0002[0002,0008] v=e7[df] t=IO-APIC-edge s=00000010 (XEN) CPU0: No irq handler for vector bf (IRQ -20, LAPIC) (XEN) IRQ19 a=0002[0002,0008] v=c7[af] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector e7 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=9f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector 28 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=9f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector a0 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=9f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector a8 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=9f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU3: No irq handler for vector b0 (IRQ -2, LAPIC) (XEN) IRQ1 a=0008[0008,0000] v=b8[ffffffff] t=IO-APIC-edge s=00000010 (XEN) CPU0: No irq handler for vector b8 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=9f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector ef (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=9f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector c0 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=9f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector d0 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=9f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU1: No irq handler for vector e0 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=9f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU0: No irq handler for vector c8 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=9f[ffffffff] t=IO-APIC-level s=00000030 (XEN) CPU2: No irq handler for vector 31 (IRQ -22, LAPIC) (XEN) IRQ21 a=0001[0001,0000] v=9f[ffffffff] t=IO-APIC-level s=00000030 ```

Did I do something wrong? Maybe this approach is incorrect and I should have prepared the chain in the form of a shim binary with an embedded CA, then signed the GRUB2 and the Xen UKI binaries with the keys related to that CA?

[aronowski]

Last week I did some work regarding shim-unsigned for Qubes OS, so GRUB2 works fine with the shim_lock protocol. Please fork my qubes-shim-unsigned repository, add the Qubes CA certificate there (I named it qubes-ca.cer in the specfile), commit it, tag it and push these.

I've checked with a laboratory certificate and the building process should work - I've checked with my fork of qubes-builderv2.

I'm not creating a PR yet, as I suppose the qubes-shim-unsigned repo as a source of truth will be coming from QubesOS/qubes-shim-unsigned, rather than from my GitHub account. Once it's there, then I'll change the reference in the .yml file and request a PR.