Andrea Barisani
hacker | tamagopher | https://andrea.bio
- Reposted by Andrea BarisaniMy command line data analysis tool is at a point where I'm ready to share it! `freq` is a tool I wrote in Rust, intended to replace pipelines of `grep`, `sed`, `awk`, `sort`, `uniq -c`, and `sort -rn` to look at distributions of values in datasets. I use it daily. rya.nc/gh/freq
- Let us try this again: github.com/golang/go/is...
- Vodafone partially fixed this. Now the CC is blanked and just the expiry is shown. The email has only post 1st letter user part blanked, the domain remains. Suboptimal, but better.
- @nanovms.bsky.social ops is pretty great, I wish however I could use it to bypass their stack to directly deploy TamaGo ELF on the cloud. I cannot find any cloud provider that would simply take an ELF for PVH booting without going through complex wrapping. Is there any?
- Shall I add Xen support to TamaGo and integrate Go unikernel compartmentalization under @qubes-os.org.web.brid.gy ?
- I implemented MSI-X interrupts (in Go of course) and lived to tell the tale. TamaGo support for Cloud Hypervisor is now complete!
- Cloud Hypervisor doesn't want to do things the easy (a.k.a. legacy) way, therefore I had to learn PCI and implement a VirtIO over PCI driver 😅. But it works like a charm and I can SSH to TamaGo under Cloud Hypervisor! Next up MSI-X interrupts. github.com/usbarmory/ta...
- After QEMU microvm, Firecracker and UEFI, TamaGo will soon be available for Cloud Hypervisor!
- go-boot v0.3 adds pretty colors and is now capable of chain loading arbitrary EFI images, including the Windows UEFI bootloader. github.com/usbarmory/go...
- go-boot is currently 2k LOCs, and sized 3MB, it’s as fast, if not faster than grub or systemd for equivalent operations. We used pure Go for boot loaders, TEEs, and complex firmware on AMD64 KVM, ARM boards and RISC-V targets. Is it time for a third upstraming attempt?
- I just released go-boot v0.1! A TamaGo unikernel implementing a UEFI Shell and OS loader allowing secure, powerful, yet easy UEFI API interaction. 100% unencumbered Go in your pre-boot environment. github.com/usbarmory/go...
- Fun fact: if you enter the BIOS menu before booting your OS you will end up with slightly less available memory. (Also the resulting memory map will awfully fragmented and a clever boot loader will need to defrag it to find the right memory pages for allocating kernel space).
- I am wrapping UEFI Simple File System around Go pkg.go.dev/io/fs and it works great. I can now load a Linux kernel directly from the EFI partition and boot it! Incidentally having the full Go runtime at this layer could result in the best UEFI malware framework ever 😅
- Writing these words from the first Linux kernel ever booted on x86_64 by a pure Go UEFI bootloader! Pro debugging technique: listening to CPU noises to attest boot flow progress while Frame Buffer issues made everything dark 😅.
- There are still some missing boot structures to fill, bot overall now go-boot can find and allocate memory for relocating a complex Linux kernel, RAM disk and switch to it. Here shown the latest Arch Linux kernel and ram disk booted by a pure Go UEFI boot manager.
- Reposted by Andrea Barisaniintroducing tangled: a git collaboration platform built on #atproto blog.tangled.sh/intro
- A little fix on CPU clock detection and now go-boot runs on a Dell as well. Second entry in the Hardware Compatibility List: github.com/usbarmory/go...
- Reposted by Andrea Barisani[Not loaded yet]
- GoBoot TamaGo unikernel booting on real x86-64 hardware! I never experienced such control over what is running (and more importantly, on what is not) on my own laptop. To me this is a game changer for pre-boot environment development.
- UEFI Console I/O is now implemented. Being able to seamlessly bring in Go “unicode/utf16” in a bootloader saved me so much time (and LOCs). Real hardware testing next week! github.com/usbarmory/go...
- Reposted by Andrea Barisani
- I can now invoke EFI Boot Services and jump to Linux. The shell interface is 520 LOC, the EFI driver is 160 LOC. I cannot emphasize enough how productive, lean and efficient is bare metal Go to develop this. Next up Console I/O so that I can boot this on real hardware.
- UEFI Shell > Bare metal Go shell
- First successful boot of a TamaGo unikernel acting as UEFI application!
- Reposted by Andrea Barisani[Not loaded yet]
- What is your interpretation of a secure bootloader under UEFI? 1. Embrace it, be an EFI app. 2. Avoid it, exit EFI ASAP!
- Go 1.24 adds a convenient API to retrieve build information. It’s now trivial to access the entire dependency graph from within a compiled application, this is extremely convenient for transparency of our compiled TamaGo unikernels. pkg.go.dev/runtime/debu...
- Reposted by Andrea Barisani[Not loaded yet]
- It was trivial to boot Linux from tamago/amd64 under qemu/firecracker. Next up full u-root integration and real hardware execution to create a secure, yet powerful bootloader!
- Now that we have bare metal Go on x86_64 and KVMs, what shall we focus on first? 1. Run in Intel TDX or AMD SEV 2. Build an x86 UEFI bootloader
- TamaGo now has even better KVM support! I am pleased to say that we fully support Firecracker microVMs! github.com/usbarmory/ta...
- I am marking myself safe from implementing interrupts in AMD/Intel 64-bit architecture (in bare metal Go!): github.com/usbarmory/ta... github.com/usbarmory/ta... github.com/usbarmory/ta...
- One might think that not knowing how something works makes it magical. I think it’s the opposite. I know in great detail every single step involved in presenting you these words…and I think it’s absolutely magical.
