assorted pieces of random gobbledygook

So I’ve been running Gentoo on my shiny new iMac Core Duo the last two days and I already have several issues biting me.

The ATI Radeon X1600 is completely unsupported under Linux right now, which means you need to run your X11 using fbdev and the framebuffer hack the xbox-linux.org guys have come up with. Even the  current proprietary ATI drivers (from the manufacturer itself, for chrissakes!) do not support Radeons with a R500/R600 chipset. This sucks. Hard. fbdev is working, but it’s slow. Also, I the scroll-ball of the Mighty Mouse does not trigger any events in xev at all, which means you have a regular 3-button mouse without scrolling functionality. I reckon Apple is using its own protocol here.

Another major pain is the Broadcom BCM4310. Neither can I find appropriate Windows drivers for the PCI device 14e4:4312 to be run under ndiswrapper, nor have my attempts at getting the free bcm43xx drivers to work with this chipset been successful. All I’ve been able to extract after some quick-and-dirty patching of the driver was to find out that the BCM4310 seems to be using 4 cores, all of which have Core IDs and revisions that are currently not known to the bcm43xx driver. This was after several OOPSen and reboots. Sigh. Gotta contact the mailing list, I guess.

The infrared receiver and the iSight are hanging of a USB bus. This means that the Linux Firewire iSight drivers need to be adapted as well. I haven’t toyed with the IR receiver yet, so I don’t know yet how hard it is to get that one working.

Oh, and yes. Everything else seems to be running fine. Even Windows XP in a VMware in full-screen mode (with both cores, whoot!) 

Of course, some of you might argue that I’ve been lucky to get that much of Linux running on this machine at all. To this I counter that I bought this machine for exactly the purpose of being able to dual-boot x86 Linux and OSX and that I have great faith that we will get driver support for all of the components eventually.

Because all sites mention the installation on an external USB HDD: My installation is on a partition of the internal hard drive and dual-boots just with with OSX.

Update: I do have the Broadcom working with ndiswrapper now. Try the Broadcom 802.11a/b/g drivers supplied by Hewlett-Packard for the tc4200 tablet PC. They work just fine, even with WPA-PSK.

technorati tags: imac | core duo | gentoo | mactel

All this rambling about not being able to boot WinXP on the new is beginning to really get onto my nerves.

I think it might actually be much easier to get other OS’s booting on the box not by relying on EFI but rather making use of OSX. After all, porting kexec from Linux to Darwin shouldn’t be too hard if I see things clearly enough. We can even do that without having the 10.4.4 source code for Intel (only the ppc tree is out, no new Intel specific bits have been released to this date): Device drivers have power management functions that get invoked when the system is put to sleep, shutdown or rebooted.

I am definitely planning to get a new 20″ iMac once I return from California in late February - however, I first want to see one in real life first. The plan is to visit the Apple Store in San Francisco on February 9th - before CodeCon. If nobody has made any progress on EFI till then I shall commence hacking on a kext to make my idea reality. Stay tuned.

Of course I couldn’t keep my trap shut when Jacob Appelbaum recently dissed Rubberhose in a recent talk at the 22C3. So I decided to do some research into the current state of disk encryption myself. I haven’t been really following that topic since about the 2000 or 2001. I’m currently using FileVault, LUKS and GBDE on my boxen, but to be honest - even though I’m a cryptologist, I haven’t had time to research their security yet - save some failed attempts at reverse-engineering the DiskImages framework of MacOS X to figure out what exactly Apple is up to with FileVault.

The following links are without meant to be notes to self for future research.

Research papers:

I. Damgård and K. Dupont:

Universially Composable Disk Encryption Schemes (IACR ePrint, PDF)

K. Gjøsteen:

Security notions for disk encryption (IACR ePrint, PDF)

M.J. Saarinen:

Encrypted Watermarks and Linux Laptop Security (WISA 2004 proceedings, backup can be here)

Implementation reports:

Dowdeswell and Ioannidis: The CryptoGraphic Disk Driver (NetBSD)

P.H. Kamp: GBDE - Geom Based Disk Encryption (FreeBSD)

C. Fruhwirt: LUKS On-Disk Format Specification Version 1.0 (Linux, dm-crypt based)

Deniable encryption:

Phonebook (Linux)

Rubberhose (NetBSD/Linux) mirror only

TrueCrypt (Windows XP/2000/2003, Linux)

Back when I first looked at JustePort and raop_play, the Apple Lossless encoding was missing. Having stumbled across the reverse-engineered ALAC decoder again this weekend I decided to have another look how difficult it is to make my Airport Express play nicely with Linux.

Oh joy! JustePort 0.2 and raop_play from version 0.4 on already have an ALAC encoder built in. Yay! So I cobbled together an ebuild for my desktop box (an AOpen EA65 II) and pondered my next move. Obviously I was going to need a decent audio player on my system, having been spoiled by iTunes. Being mostly desktop environment agnostic, I had two choices here: rythmbox and amaroK. Flipping a coin, amaroK it was. Fortunately amaroK can be built with gstreamer support, which enabled the following crude hack:

gstreamer provides an output sink called tcpclientsink which can be made to connect to an arbitrary host and port. By default it connects to localhost:4953 and sends all of it output data there (44100Hz, 16-bit stereo in my case). For each song played in amaroK, however, a new connection is opened. raop_play by default calls external programs to decode mp3, aac and ogg files. These output the decoded data to stdout.

So I placed the following minimalistic glue scripts in my $HOME/bin/ape-hack directory:

mpg321:
#!/bin/sh
socat -s TCP4-LISTEN:4953,fork -

ape-gstreamer:
#!/bin/sh
PATH=$HOME/bin/ape-hack:$PATH \
exec raop_play <airport express ip> dummy.mp3


Socat is a nifty little universal connector; if you think of netcat as your typical Swiss Army Knife, socat is the Victorinox CyberTool with a built-in kitchen sink. After having configured gstreamer using gconf-editor (system->gstreamer->0.8->default->audiosink) I was set to go.

All of the above of course ain’t pretty, but amaroK now plays tunes on my APE. Regrettably the transition between songs isn’t smooth yet… I guess somebody has to write a gst-apesink soon Of course, nothing of the above is really Linux specific.