Question on 8845HS Xen Kernel Patch

How would I go about applying this patch to a Qubes OS 4.2.3 Install? There is this patch I found from this post but I’m just not sure how I would apply such thing. Please explain best you can

PATCH

1 Like

you use the GitHub - QubesOS/qubes-builderv2-github: Integration of qubes-builderv2 with github either in an excisting installation or on a machine that has docker (i used fedora on proxmox with docker…) first you build vmm-xen with patches applied, then you pack the installer with your built package.

if you want your manual changes to persist for the version you’re using maybe set the rel to an unrealisticly high value (+100 to the current)

but with this you are responsible to update the xen package manually until either xen them selfs merged the patch upstream, or the dev team at qubes merged the patch into the main qubes patch branch. neither of both i have any knowlege if it is going to happen

1 Like

@uip @james could you name what systems you are having, to further see if its an AMD issue changing their architecture or bios vendor not fully implementing standards?

1 Like

I’m using a Beelink Ser8. Its odd because the vendor tells me that virtualization is enabled by default but I cant find it anywhere in the bios. There was a post on this same question on the Beelink Forums.
https://bbs.bee-link.com/d/695-ser8-amd-ryzen-7-8845hs-how-to-enable-svm-mode-in-bios

To be able to verify SVM was enabled you’d use an application called LoonMoon CPU-V, where I was able to verify that this feature is enabled.

Ignore the different username I lost the password to the original account

1 Like

Could you detail a step by step guide to make this possible? I’m really not familiar with the qubes-builder please explain best as you can.

1 Like

do you have a running qubes system or do you want to go fedora with docker?

1 Like

I don’t know how to do docker and no I don’t have a running Qubes system. I do have a fedora system with docker install just don’t know how to use docker.

1 Like

What image I’m supposed to pull from docker for Qubes Os? I went to docker hub and I saw this as the most downloaded.
But I’m not sure.

https://hub.docker.com/r/fepitre/qubes-builder-fedora

1 Like

sorry i linked the wrong repo:

the readme here explains in more detail how to build a mock build, and go from there

use a template qubes-builderv2/example-configs at main · QubesOS/qubes-builderv2 · GitHub (qubes-os-r4.2.yml )

  • vmm-xen fetch
  • apply changes (patches) manually into the downloaded code (artifacts folder) (see gitlab links for branches in mareks repos)
  • vmm-xen prep
  • vmm-xen build

now you have the xen package that is patched.

next you package the iso with your binary.

i can later take a look at my .bash_history but now i got earn my rent first :slight_smile:

1 Like
git clone https://gitlab.com/QubesOS/qubes-builderv2.git
cd qubes-builderv2/
sudo dnf install $(cat dependencies-fedora.txt)
git submodule update --init
cp example-configs/qubes-os-r4.2.yml builder.yml
nano builder.yml
## edit the part that you use docker instead of qubes as executor: 
## (delete qubes, un-comment docker)
tools/generate-container-image.sh docker fedora-40-x86_64
./qb -c vmm-xen package fetch
nano artifacts/sources/vmm-xen/9998-amd-ioapic-test.patch 
nano artifacts/sources/vmm-xen/9999-amd-iommu-test.patch
nano artifacts/sources/vmm-xen/xen.spec.in
# also you might want to change the rel number here
# and everytime you change somehting in the source you need to prep first
# then build, dont skip prep.
./qb -c vmm-xen package prep
./qb -c vmm-xen package build
# you now have the xen binary
cp artifacts/sources/qubes-release/conf/iso-online-testing.ks builder.yml
nano builder.yml #probably again from qubes to docker
./qb installer fetch
./qb installer init-cache
./qb installer fetch
./qb installer prep
./qb installer build
# you should now have an ISO file in the artifacts
1 Like

When I do

./qb -c vmm-xen package fetch

I get this output below

16:05:51 [qb] Running stage 'fetch'
16:05:51 [qb] An error occurred: Cannot find 'docker' on the system.
16:05:51 [qb] 
Traceback (most recent call last):
  File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_base.py", line 76, in __call__
    rv = self.main(*args, standalone_mode=False, **kwargs)
  File "/usr/lib/python3.13/site-packages/click/core.py", line 1078, in main
    rv = self.invoke(ctx)
  File "/usr/lib/python3.13/site-packages/click/core.py", line 1688, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
                           ~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^
  File "/usr/lib/python3.13/site-packages/click/core.py", line 1719, in invoke
    rv.append(sub_ctx.command.invoke(sub_ctx))
              ~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^
  File "/usr/lib/python3.13/site-packages/click/core.py", line 1434, in invoke
    return ctx.invoke(self.callback, **ctx.params)
           ~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.13/site-packages/click/core.py", line 783, in invoke
    return __callback(*args, **kwargs)
  File "/usr/lib/python3.13/site-packages/click/decorators.py", line 45, in new_func
    return f(get_current_context().obj, *args, **kwargs)
  File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_package.py", line 63, in fetch
    _component_stage(
    ~~~~~~~~~~~~~~~~^
        config=obj.config,
        ^^^^^^^^^^^^^^^^^^
    ...<3 lines>...
        stage_name="fetch",
        ^^^^^^^^^^^^^^^^^^^
    )
    ^
  File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_package.py", line 41, in _component_stage
    p.run(stage=stage_name)
    ~~~~~^^^^^^^^^^^^^^^^^^
  File "/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/__init__.py", line 99, in run
    executor = self.get_executor_from_config(stage)
  File "/home/q/qubes-builderv2/qubesbuilder/plugins/__init__.py", line 152, in get_executor_from_config
    self._executors[stage] = self.config.get_executor_from_config(
                             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
        stage, self
        ^^^^^^^^^^^
    )
    ^
  File "/home/q/qubes-builderv2/qubesbuilder/config.py", line 500, in get_executor_from_config
    executor = self.get_executor(executor_options)
  File "/home/q/qubes-builderv2/qubesbuilder/config.py", line 573, in get_executor
    executor = ContainerExecutor(executor_type, **executor_options)
  File "/home/q/qubes-builderv2/qubesbuilder/executors/container.py", line 66, in __init__
    raise ExecutorError(f"Cannot find 'docker' on the system.")
qubesbuilder.executors.ExecutorError: Cannot find 'docker' on the system.
1 Like
16:05:51 [qb] An error occurred: Cannot find 'docker' on the system.

is docker installed?

sudo dnf install docker

1 Like

Yes

1 Like

is the user you’re running the qb with allowed to run docker?

docker ps

?

1 Like

When I ran docker PS

permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.47/containers/json": dial unix /var/run/docker.sock: connect: permission denied

I ran as root and instead I got this

17:12:39 [qb] An error occurred: Failed to verify file '{'url': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz', 'signature': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz.sig', 'pubkeys': ['xen.org-key.asc']}': Failed to run '['bash', '-c', '/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/scripts/verify-file --output-dir /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m --untrusted-file /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m/untrusted_xen-4.17.5.tar.gz --untrusted-signature-file /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m/untrusted_xen-4.17.5.tar.gz.sig --pubkey-file /home/q/qubes-builderv2/artifacts/sources/vmm-xen/xen.org-key.asc']' (status=2)..
17:12:39 [qb] 
Traceback (most recent call last):
  File "/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/__init__.py", line 600, in download_file
    local_executor.run(
    ~~~~~~~~~~~~~~~~~~^
        cmd, copy_in, copy_out, environment=self.environment
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    )
    ^
  File "/home/q/qubes-builderv2/qubesbuilder/executors/local.py", line 193, in run
    raise e
  File "/home/q/qubes-builderv2/qubesbuilder/executors/local.py", line 169, in run
    raise ExecutorError(msg)
qubesbuilder.executors.ExecutorError: Failed to run '['bash', '-c', '/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/scripts/verify-file --output-dir /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m --untrusted-file /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m/untrusted_xen-4.17.5.tar.gz --untrusted-signature-file /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m/untrusted_xen-4.17.5.tar.gz.sig --pubkey-file /home/q/qubes-builderv2/artifacts/sources/vmm-xen/xen.org-key.asc']' (status=2).

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_base.py", line 76, in __call__
    rv = self.main(*args, standalone_mode=False, **kwargs)
  File "/usr/lib/python3.13/site-packages/click/core.py", line 1078, in main
    rv = self.invoke(ctx)
  File "/usr/lib/python3.13/site-packages/click/core.py", line 1688, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
                           ~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^
  File "/usr/lib/python3.13/site-packages/click/core.py", line 1719, in invoke
    rv.append(sub_ctx.command.invoke(sub_ctx))
              ~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^
  File "/usr/lib/python3.13/site-packages/click/core.py", line 1434, in invoke
    return ctx.invoke(self.callback, **ctx.params)
           ~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.13/site-packages/click/core.py", line 783, in invoke
    return __callback(*args, **kwargs)
  File "/usr/lib/python3.13/site-packages/click/decorators.py", line 45, in new_func
    return f(get_current_context().obj, *args, **kwargs)
  File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_package.py", line 63, in fetch
    _component_stage(
    ~~~~~~~~~~~~~~~~^
        config=obj.config,
        ^^^^^^^^^^^^^^^^^^
    ...<3 lines>...
        stage_name="fetch",
        ^^^^^^^^^^^^^^^^^^^
    )
    ^
  File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_package.py", line 41, in _component_stage
    p.run(stage=stage_name)
    ~~~~~^^^^^^^^^^^^^^^^^^
  File "/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/__init__.py", line 199, in run
    self.download_file(file, executor, distfiles_dir)
    ~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/__init__.py", line 604, in download_file
    raise FetchError(f"Failed to verify file '{file}': {str(e)}.")
qubesbuilder.plugins.fetch.FetchError: Failed to verify file '{'url': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz', 'signature': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz.sig', 'pubkeys': ['xen.org-key.asc']}': Failed to run '['bash', '-c', '/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/scripts/verify-file --output-dir /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m --untrusted-file /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m/untrusted_xen-4.17.5.tar.gz --untrusted-signature-file /home/q/qubes-builderv2/artifacts/tmp/tmpl35j035m/untrusted_xen-4.17.5.tar.gz.sig --pubkey-file /home/q/qubes-builderv2/artifacts/sources/vmm-xen/xen.org-key.asc']' (status=2)..
1 Like

See the /home/q/qubes-builderv2/qubesbuilder/plugins/fetch/scripts/verify-file script file which uses the sq command. So is this issue ?

1 Like

not sure, is gpg installed?

i guess its best to follow the mock build instructions first:

1 Like

I have gpg installed but when to say follow mock build instructions what do you mean?

I ran
sudo mock --init --no-bootstrap-chroot --config-opts chroot_setup_cmd='install dnf @buildsys-build' -r fedora-40-x86_64
and
docker build -f dockerfiles/fedora.Dockerfile -t qubes-builder-fedora /var/cache/mock/fedora-40-x86_64/root_cache/

And executed

./qb -c vmm-xen package fetch

Same 17:12:39 [qb] An error occurred: Failed to verify file...
from the previous error

1 Like

my link actually links to a chapter/anker in the readme:

$ tools/generate-container-image.sh docker fedora-36-x86_64

this will generate the docker build environment

1 Like

tools/generate-container-image.sh docker fedora-36-x86_64

gives me

+ '[' 2 -lt 1 ']'
+ CONTAINER_ENGINE=podman
+ MOCK_CONF=fedora-36-x86_64
+ '[' -n podman ']'
+ '[' podman '!=' docker ']'
+ '[' podman '!=' podman ']'
+ '[' podman == docker ']'
+ CONTAINER_CMD=podman
++ dirname tools/generate-container-image.sh
+ TOOLS_DIR=tools
++ readlink -f tools
+ TOOLS_DIR=/home/q/qubes-builderv2/tools
+ '[' -n fedora-36-x86_64 ']'
++ basename fedora-36-x86_64
+ MOCK_CONF_BN=fedora-36-x86_64
+ sudo mock -r fedora-36-x86_64 --scrub=all
ERROR: Could not find required config file: /etc/mock/fedora-36-x86_64.cfg
ERROR:   If you're trying to specify a path, include the .cfg extension, e.g. -r ./target.cfg
ERROR: Non-existing Mock config 'fedora-36-x86_64'

So instead I did
tools/generate-container-image.sh docker fedora-39-x86_64

Then I did both
sudo mock --init --no-bootstrap-chroot --config-opts chroot_setup_cmd='install dnf @buildsys-build' -r fedora-39-x86_64
and
docker build -f dockerfiles/fedora.Dockerfile -t qubes-builder-fedora /var/cache/mock/fedora-39-x86_64/root_cache/

Finally when those are both done I execute this

./qb -c vmm-xen package fetch

Im still getting

18:10:07 [qb] An error occurred: Failed to verify file '{'url': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz', 'signature': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz.sig', 'pubkeys': ['xen.org-key.asc']}': Failed to run '['bash', '-c', '/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/scripts/verify-file --output-dir /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7 --untrusted-file /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7/untrusted_xen-4.17.5.tar.gz --untrusted-signature-file /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7/untrusted_xen-4.17.5.tar.gz.sig --pubkey-file /home/q/qubes-builderv2/artifacts/sources/vmm-xen/xen.org-key.asc']' (status=2)..
18:10:07 [qb] 
Traceback (most recent call last):
  File "/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/__init__.py", line 600, in download_file
    local_executor.run(
    ~~~~~~~~~~~~~~~~~~^
        cmd, copy_in, copy_out, environment=self.environment
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    )
    ^
  File "/home/q/qubes-builderv2/qubesbuilder/executors/local.py", line 193, in run
    raise e
  File "/home/q/qubes-builderv2/qubesbuilder/executors/local.py", line 169, in run
    raise ExecutorError(msg)
qubesbuilder.executors.ExecutorError: Failed to run '['bash', '-c', '/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/scripts/verify-file --output-dir /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7 --untrusted-file /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7/untrusted_xen-4.17.5.tar.gz --untrusted-signature-file /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7/untrusted_xen-4.17.5.tar.gz.sig --pubkey-file /home/q/qubes-builderv2/artifacts/sources/vmm-xen/xen.org-key.asc']' (status=2).

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_base.py", line 76, in __call__
    rv = self.main(*args, standalone_mode=False, **kwargs)
  File "/usr/lib/python3.13/site-packages/click/core.py", line 1078, in main
    rv = self.invoke(ctx)
  File "/usr/lib/python3.13/site-packages/click/core.py", line 1688, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
                           ~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^
  File "/usr/lib/python3.13/site-packages/click/core.py", line 1719, in invoke
    rv.append(sub_ctx.command.invoke(sub_ctx))
              ~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^
  File "/usr/lib/python3.13/site-packages/click/core.py", line 1434, in invoke
    return ctx.invoke(self.callback, **ctx.params)
           ~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.13/site-packages/click/core.py", line 783, in invoke
    return __callback(*args, **kwargs)
  File "/usr/lib/python3.13/site-packages/click/decorators.py", line 45, in new_func
    return f(get_current_context().obj, *args, **kwargs)
  File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_package.py", line 63, in fetch
    _component_stage(
    ~~~~~~~~~~~~~~~~^
        config=obj.config,
        ^^^^^^^^^^^^^^^^^^
    ...<3 lines>...
        stage_name="fetch",
        ^^^^^^^^^^^^^^^^^^^
    )
    ^
  File "/home/q/qubes-builderv2/qubesbuilder/cli/cli_package.py", line 41, in _component_stage
    p.run(stage=stage_name)
    ~~~~~^^^^^^^^^^^^^^^^^^
  File "/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/__init__.py", line 199, in run
    self.download_file(file, executor, distfiles_dir)
    ~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/__init__.py", line 604, in download_file
    raise FetchError(f"Failed to verify file '{file}': {str(e)}.")
qubesbuilder.plugins.fetch.FetchError: Failed to verify file '{'url': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz', 'signature': 'https://downloads.xenproject.org/release/xen/4.17.5/xen-4.17.5.tar.gz.sig', 'pubkeys': ['xen.org-key.asc']}': Failed to run '['bash', '-c', '/home/q/qubes-builderv2/qubesbuilder/plugins/fetch/scripts/verify-file --output-dir /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7 --untrusted-file /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7/untrusted_xen-4.17.5.tar.gz --untrusted-signature-file /home/q/qubes-builderv2/artifacts/tmp/tmpexskibi7/untrusted_xen-4.17.5.tar.gz.sig --pubkey-file /home/q/qubes-builderv2/artifacts/sources/vmm-xen/xen.org-key.asc']' (status=2)..

1 Like