1. 17

  2. 6

    hello, thx C-Keen, i’m the creator of this project, thx for inviting me here. any questions from anyone feel free to ask.

    1. 3

      Neat project. I posted the same idea years ago on Schneier’s blog for subversion concerns. Idea was that physical possession of one’s hardware usually leads to compromise. Most stuff on a computer doesn’t have to be trusted either. High-assurance security also teaches to make trusted part as tiny & reusable as possible. I think I was screwing around with ARTIGO’s, smartcards or old-school game cartridges when I got the idea of a PC Card or ARTIGO-like module featuring secure processor, RAM, and I/O mediation. This would plug into desktops, servers, monitors, laptops if low-power, and so on. Ecosystem could show up like with iPod accessories probably starting in China where it’s cheaper. Later, I noted a private company came up with something similar and probably had patents on it so I backed off temporarily. Can’t recall its name but brochure had one or two in there that looked just like my marketing.

      Projects like yours are a nice testing ground for this concept that I keep shelved but not forgotten. Interesting to see which decisions will work in market and which won’t. Important before an expensive, security-oriented product is attempted. The project is nice except for one, little problem it shares with others: the ARM processor. ARM Inc is about as opposite of protecting freedom as they can be. MIPS isn’t much better. Both have sued open-source and startup competition for patent infringement. “Open” POWER is an unknown. RISC-V isn’t on market yet. The only FOSS ISA that’s production grade right now is Cobham Gaisler’s Leon3 SPARC CPU’s. They’re GPL’d, have fabbed parts at who knows what price, SPARC ISA is open, Open Firmware exists, & products only need sub-$100 fee for trademark.


      Note: OpenSparc T1 and T2 processors were GPL’d, too. FOSS workstations, servers and embedded should be all over these in terms of getting them fabbed and in real systems. They stay ignored for x86 and ARM mainly even if not performance-critical.

      1. 3

        totally cool man. i’m familiar with gaisler research stuff, i looked at it years ago. ooooOoooo nice, nice, nice: LEON4 goes up to 1.7ghz in 32nm, is 64-bit and is SMP ready right now. niiiiice. oo, that’s really exciting. and there’s a simplified developer board that runs at 150mhz (good enough for testing, i bet it’s like 180nm or something)

        having found the GPLGPU and the MIAOU project i think we have enough to put something together that would kick ass.

        awww darnit, LEON4 is still only 32-bit. aw poop :)

        1. 2

          OpenSPARC T2 is 64-bit. Some smaller projects just knock some cores and stuff out of it to simplify it.


          Gaisler is still best for embedded and customizable. Wonder how hard it would be to make it 64-bit.

          1. 2

            the crucial bit is the SMP support, to be able to combine those…. opensparc… oracle… we’re not a huuge fan of oracle.. hmm interesting: just underneath the popup that i refuse to click which prevents and prohibits access to their web site, i can just about make out that the opensparc engine is GPLv2…. mostly. haha i bet they were expecting that to be a roadblock to prevent commercial SoCs being made around it…. :)

            1. 1

              Probably haha. Yeah, I avoid Oracle wherever possible too. Just that these are supposedly GPL v2. Either a last resort for OSS CPU or a top contender if you need one with performance. A T2 on 28nm probably be no joke.

      2. 3

        Are there any plans to make EOMA68 cards with a lot more than 2GB of RAM? I like the EOMA68 idea but 2GB of RAM is painfully, painfully small for the sorts of things I do (like “have lots of tabs open in chromium” or “compile stuff with ghc”) – it’s mostly tolerable on a recentish i5 laptop with 8GB of memory but I cannot find the masochism within me to buy a computer with 2GB of memory and use it like I use my laptop.

        I would utterly love a non-horribly-expensive AArch64 machine with a comfy amount of memory (like, say, 8 or 16GB) and some SATA/SAS ports – if you can make that happen or if I can help make that happen I am willing to contribute my time and money.

        I really do want some decent aarch64 hardware that isn’t violently expensive and that i wouldn’t mind using as my primary machine, but the situation is…frankly bleak.

        1. 1

          hiya zkms, yes there are… but the SoC fabless semi companies have to actually come up with the goods… or we simply have to raise between $5m and $10m and get one made. i replied on that post for you, to explain a bit about what’s involved. 2GB RAM is the max you’ll ever likely see on memory-mapped 32-bit processors because they can only address up to 4GB RAM as it is!

          we’ll get there. the project’s got another 10 years ahead of it at least.

          1. 1

            nods – it’s weird that there aren’t any available SoCs that use aarch64 (or 32 bit SoCs that support LPAE) and expose enough address lines to connect a reasonable amount of RAM, tbh

        2. 2

          Very cool project!

          I hope these questions aren’t too basic, but I’m not familiar with small ARM computers like this and I couldn’t find the info on the Crowdsupply page or updates:

          1) When you say Linux 3.4 is supported, does that mean just 3.4 or 3.4 and all later versions? I saw in one update you mentioned 4.7 (I think) working but crashing frequently… What does future support likely look like: i.e. is everything getting into the mainline kernels and do you expect future versions to work even better, or should we expect to stay on 3.4 forever?

          2) How close is the environment to “stock” distributions? I.e. when you say it has “Debian” on it, does that really mean it’s using totally standard Debian packages, tracking the official repositories, getting all the security updates from the Debian Security team, etc? Or is it more of a custom Debian-based environment tweaked for this hardware specifically? If the latter, how much does it differ from base Debian and is there anyone actively maintaining/updating it for the foreseeable future?

          3) What does the installation/update procedure look like; is it as simple as on an x86 desktop where I’d just grab a bootable USB installer?

          Thank you!

          1. 1

            thx felix.

            (1) no it’s precisely and specifically 3.4.104+ version which you can find is maintained by the sunxi community. this kernel has support for dual-screens, stable NAND flash (albeit odd and quirky), accelerated 2D GPU provision, hardware-accelerated 1080p60 video playback/encode provision and much more. it’s a stable continuation of what allwinner released. i’m currently bisecting git tags on linux mainline, so far i have: v3.4 works v3.15 works v4.0 works v4.2 lots of segfaults v4.4 failed v4.7 failed. so it’s a work-in-progress to find at least one mainline stable kernel.

            (2) yes completely “normal” - exception being the kernel - there’s a huge active community behind the A20 but i will not be “holding anybody’s hand” - you’ll have to take responsibilty amongst yourselves as i am working on delivering hardware to people and, as i’m only one person, i simply don’t have time. i’m anticipating that people will help each other out on the mailing list.

            (3) sigh the standard process should be to have an initrd installer (debian-installer netboot) but that’s actually too complex for developers to cope with, so instead what they do is create “pre-built” images. i REALLY don’t like this practice but for convenience i’m “going with the flow” for now.

            feel free to ask more :)

        3. 4

          The idea is a lot better than the usual “yet another arm dev board plus some crappy housing” IMHO.

          Disclaimer: I have backed this already.

          1. 1

            Another follow up to that is here: https://blogs.fsfe.org/pboddie/?p=1314