Remarks
Best Qubes laptop I’ve ever had.
10th generation Intel CPU with IOMMU, SLAT, VT-X,VT-D and all the other Qubes stuff that most modern laptops usually lack one off.
Purism laptops come with an optional Pureboot bundle which uses Heads to verify a root of trust though an external Librem Key.
Works in a very similar way to a normal Qubes Anti Evil Maid setup.
Should be equal to or very close to the trust you can derive from a normal AEM setup.
(please shout at me in the comments below if I’m wrong)
What’s tested and confirmed working
-
Pureboot bundle (Anti Evil Maid replacement)
-
Wi-Fi (no strict PCI reset option needs to be enabled)
-
Ethernet (no strict PCI reset option needs to be enabled)
-
3.5mm sound jack works.
Sound doesn’t automatically switch over though when plugging
earphones in etc. Probably just a tweak somewhere to be added. -
System Suspend and recovery works.
No Wi-Fi issues. -
USB-C connectivity works
-
USB-C => Ethernet
-
USB-C => HDMI
-
USB-C => USB splitting
-
Webcam
-
Mic
-
Kill switches for Wi-Fi/Ethernet
The VM needs to reboot to recognise the Wi-Fi/Ethernet device again after the kill switch is reversed.
The solution to this should be a similar to the fix for Wi-Fi disappearing after suspending the system which was common on other qubes systems I’ve had. -
Kill switches for Webcam/Mic
Works as intended the device disappears and reapers when the kill switch is disengaged again.
What’s not tested:
-
Bluetooth (should work, just don’t like non free drivers)
-
Hibernation
Have 40Gb of ram in this laptop but a smaller SSD so opted out of having a swap partition.
Don’t think hibernation can work without it.
Attachments
---
layout:
'hcl'
type:
'laptop'
hvm:
'yes'
iommu:
'yes'
slat:
'yes'
tpm:
''
remap:
'yes'
brand: |
Purism
model: |
librem_14
bios: |
PureBoot-Release-17.1
cpu: |
Intel(R) Core(TM) i7-10710U CPU @ 1.10GHz
cpu-short: |
FIXME
chipset: |
Intel Corporation Device [8086:9b51]
chipset-short: |
FIXME
gpu: |
Intel Corporation Device [8086:9bca] (rev 04) (prog-if 00 [VGA controller])
gpu-short: |
FIXME
network: |
Qualcomm Atheros AR9462 Wireless Network Adapter (rev 01)
Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 15)
memory: |
40834
scsi: |
usb: |
1
versions:
- works:
yes
qubes: |
R4.0
xen: |
4.8.5-32.fc25
kernel: |
5.4.107-1
remark: |
FIXME
credit: |
FIXAUTHOR
link: |
FIXLINK
---