User:Pietinger/Overview of System Information

From Gentoo Wiki
Jump to:navigation Jump to:search
Note
Even though this page is in the user namespace, corrections and additions are much appreciated! This is simply wiki policy, this page can be moved to the main wiki as soon as it achieves critical mass more.

I wrote this article so that I can link to it in the Gentoo forums if users have questions about it.

Overview of System Information

In case of problems with a Gentoo Linux, further information is often requested. Below I will list the most frequently needed ones and what you can learn from them.

Note: Large files - such as the output of dmesg or the kernel .config - cannot be copied into a forum post. Please use Wgetpaste for this.

emerge --info

This query gives us a very quick overview of the most important Gentoo data.

Portage 3.0.61 (python 3.11.7-final-0, default/linux/amd64/17.1/desktop/plasma, gcc-13, glibc-2.38-r10, 6.7.4-gentoo x86_64)

The first line shows us the selected profile and the kernel version in use.

System uname: Linux-6.7.4-gentoo-x86_64-13th_Gen_Intel-R-_Core-TM-_i9-13900K-with-glibc2.38

This shows us your CPU as well as the kernel version (we will also find both informations in the system log later).

KiB Mem:    65552504 total,  55990016 free

This information is useful if the problem is an OOM (out of memory) ;-)

Timestamp of repository gentoo: Fri, 16 Feb 2024 12:00:01 +0000

This tells us when you did your last emerge --sync and all subsequent versions of important files shows how up-to-date your Gentoo really is.

ACCEPT_KEYWORDS="amd64"

It is a stable system.

CFLAGS="-march=native -O2 -pipe"

No crazy compiler flags are used.

MAKEOPTS="-j24"

Does this value match the CPU and the main memory or is it too large? (The answer in this case is: The CPU has 32 logical cores and 24 x 2 GB = 48 GB is also okay with 64 GB RAM: Passed.)

USE="X a52 aac acl acpi ... kde ... 

We see all globally activated use-flags. However, this can sometimes be misleading because use-flags can also be set individually for a package. If there is a problem with a specific package, emerge --info PACKAGENAME is therefore often requested from you. This also provides information about the actual use flags of a package. In this example we can see there must be a line in /etc/portage/package.use which disables the use-flag "kde" although it is activated globally:

$ emerge --info p7zip
...
app-arch/p7zip-16.02-r8::gentoo was built with the following:
USE="-kde (-pch) -rar (-static) -wxwidgets"

dmesg

The system log is not only important because system - and also application - error messages are logged there, but we also see important information that the kernel logs at system startup. When we check the configuration of a kernel, we often want to see the system log, because it is easier than checking 8,000 lines (or more) and there we can see the kernel command line parameters and then see how the kernel was actually started. You can overwrite many kernel settings via the kernel command line parameters. An example is IOMMU. It is of no use if it is enabled in the kernel but then disabled via IOMMU=off.

I will now present some information from two system logs as examples. The first is my own, the second is from an AMD system.

1: [    0.000000] Linux version 6.7.4-gentoo (root@sun) (gcc (Gentoo 13.2.1_p20240113-r1 p12) 13.2.1 20240113, GNU ld (Gentoo 2.41 p4) 2.41.0) #1 SMP PREEMPT_DYNAMIC Tue Feb  6 11:53:10 CET 2024
2: [    0.000000] Linux version 6.6.13-gentoo-x86_64 (root@laptop) (gcc (Gentoo 13.2.1_p20240113-r1 p12) 13.2.1 20240113, GNU ld (Gentoo 2.41 p4) 2.41.0) #11 SMP PREEMPT_DYNAMIC Fri Feb 16 12:15:05 CST 2024

We see the kernel version in the first line and can already see that no Gentoo dist kernel was used and that I have installed the unstable gentoo sources, while the AMD system is stable.

1: [    0.000000] Kernel is locked down from Kernel configuration; see man kernel_lockdown.7

I have the LSM "Lockdown" activated, this line is missing in the AMD system because CONFIG_SECURITY_LOCKDOWN_LSM_EARLY is not enabled there.

1: [    0.000000] Command line:
2: [    0.000000] Command line: BOOT_IMAGE=/@/boot/vmlinuz-6.6.13-gentoo-x86_64 root=UUID=b9fc82e1-4a25-41d5-b151-f485705e3058 ro rootflags=subvol=@

The AMD system boots the kernel via a boot manager and therefore outputs the command line parameters transferred from there. Because I boot my kernel directly with UEFI, the line is empty.

1:
[    0.000000] KERNEL supported cpus:
[    0.000000]   Intel GenuineIntel
2:
[    0.000000] KERNEL supported cpus:
[    0.000000]   AMD AuthenticAMD

When using a Dist kernel or a default configuration, ALL supported CPUs would be displayed here. If only a single CPU is displayed, this automatically means that the kernel was configured manually AND CONFIG_EXPERT was enabled (because only then can this be configured).

1: [    0.000000] x86/split lock detection: #AC: crashing the kernel on kernel split_locks and warning on user-space split_locks

Seems to be a hardened kernel ;-)

1:
[    0.000000] efi: EFI v2.8 by American Megatrends
[    0.000000] efi: ACPI=0x31249000 ACPI 2.0=0x31249014 SMBIOS=0x31a4f000 SMBIOS 3.0=0x31a4e000 MEMATTR=0x2b558198 ESRT=0x2bbb8198 RNG=0x30fb0018
[    0.000000] SMBIOS 3.5.0 present.
[    0.000000] DMI: Gigabyte Technology Co., Ltd. Z790 AORUS ELITE AX/Z790 AORUS ELITE AX, BIOS FDa 03/31/2023
2:
[    0.000000] efi: EFI v2.8 by INSYDE Corp.
[    0.000000] efi: ACPI=0x5affe000 ACPI 2.0=0x5affe014 TPMFinalLog=0x5af3f000 SMBIOS=0x51677000 SMBIOS 3.0=0x51674000 MEMATTR=0x4b7e7018 ESRT=0x4d16b898
[    0.000000] SMBIOS 3.5.0 present.
[    0.000000] DMI: Framework Laptop 13 (AMD Ryzen 7040Series)/FRANMDCP05, BIOS 03.03 10/17/2023

Tells us something about the BIOS and mainboard used.

1: [    0.001429] Incomplete global flushes, disabling PCID

It must be an Intel CPU of the AlderLake (12th) or RaptorLake (13th) generation. See here: [[1]] With kernel version 6.9.7 this message no longer appears. Back again in 6.10 ... (I dont know why).

1: [    0.001705] Secure boot enabled
2: [    0.003181] Secure boot disabled

Yes, I boot my kernel with SecureBoot.

1: [    0.076728] Kernel command line: root=PARTUUID=6979eed7-ffaf-425e-8ac7-2832f6d15e0a ro loglevel=8 lsm.debug i915.enable_guc=2 i915.enable_psr=0 quiet
2: [    0.044125] Kernel command line: BOOT_IMAGE=/@/boot/vmlinuz-6.6.13-gentoo-x86_64 root=UUID=b9fc82e1-4a25-41d5-b151-f485705e3058 ro rootflags=subvol=@

I have configured my parameters into the kernel (CONFIG_CMDLINE= ). The AMD system shows the same parameters as above (where we can see the parameters presented by the boot manager). This means no additional parameters have been configured into the kernel. You can also get this information with cat /proc/cmdline

1:
[    0.083519] mem auto-init: clearing system memory may take some time...
[    0.083523] software IO TLB: area num 32.
[    4.311920] Memory: 65463796K/66803532K available (16384K kernel code, 1598K rwdata, 3828K rodata, 2200K init, 2240K bss, 1339476K reserved, 0K cma-reserved)

Because CONFIG_INIT_ON_FREE_DEFAULT_ON is activated. See more: User:Pietinger/Tutorials/Kernel_Hardening_with_KSPP#Slow_System_start_.3F

1: [    4.314029] kfence: initialized - using 2097152 bytes for 255 objects at 0x(____ptrval____)-0x(____ptrval____)

Because CONFIG_KFENCE is activated.

1:
[    4.354539] LSM: legacy security= *unspecified*
[    4.354541] LSM:   CONFIG_LSM=landlock,lockdown,yama,loadpin,safesetid,integrity,apparmor,bpf
[    4.354541] LSM: boot arg lsm= *unspecified*
[    4.354542] LSM:   early started: lockdown (enabled)
[    4.354543] LSM:   first ordered: capability (enabled)
[    4.354545] LSM: builtin ordered: landlock (enabled)
[    4.354545] LSM: builtin ignored: lockdown (not built into kernel)
[    4.354546] LSM: builtin ordered: yama (enabled)
[    4.354547] LSM: builtin ignored: loadpin (not built into kernel)
[    4.354547] LSM: builtin ignored: safesetid (not built into kernel)
[    4.354548] LSM: builtin ordered: apparmor (enabled)
[    4.354549] LSM: builtin ignored: bpf (not built into kernel)
[    4.354549] LSM:    last ordered: integrity (enabled)
[    4.354550] LSM: exclusive chosen:   apparmor
[    4.354551] LSM: initializing lsm=lockdown,capability,landlock,yama,apparmor,integrity
[    4.354555] LSM: cred blob size       = 16
[    4.354555] LSM: file blob size       = 32
[    4.354556] LSM: inode blob size      = 24
[    4.354556] LSM: ipc blob size        = 0
[    4.354557] LSM: msg_msg blob size    = 0
[    4.354557] LSM: superblock blob size = 8
[    4.354557] LSM: task blob size       = 32
[    4.354558] LSM: xattr slots          = 0
[    4.354572] LSM: initializing capability
[    4.354573] LSM: initializing landlock
[    4.354574] landlock: Up and running.
[    4.354575] LSM: initializing yama
[    4.354575] Yama: becoming mindful.
[    4.354578] LSM: initializing apparmor
[    4.354598] AppArmor: AppArmor initialized
[    4.354598] LSM: initializing integrity
2:
[    0.112645] LSM: initializing lsm=capability

Shows us the installed Linux Security Modules (LSM). It is displayed in more detail because I use the parameter "lsm.debug" (and of course because all of these are also activated for me).

1: [    4.355151] smpboot: CPU0: 13th Gen Intel(R) Core(TM) i9-13900K (family: 0x6, model: 0xb7, stepping: 0x1)
2: [    0.215688] smpboot: CPU0: AMD Ryzen 5 7640U w/ Radeon 760M Graphics (family: 0x19, model: 0x74, stepping: 0x1)

This information shows us details of the CPU and is needed for a manual kernel configuration (to configure the correct CPU microcode).

1: [    6.384631] iommu: DMA domain TLB invalidation policy: strict mode
2: [    0.412627] iommu: DMA domain TLB invalidation policy: lazy mode

This is one of the differences to a hardened kernel.

1: [    6.423310] fuse: init (API version 7.39)

Some applications require FUSE and should therefore be activated.

2:
[    0.429771] Unpacking initramfs...
...
[    0.630739] dracut: Gentoo-2.14

The AMD system consists of the kernel with associated initramfs (built by dracut). If this line is missing (as in my case), only a (manually configured) kernel is started that has no initramfs.

1:
[    9.144053] microcode: Current revision: 0x0000011e
[    9.144059] microcode: Updated early from: 0x00000113
2:
[    0.573545] microcode: CPU0: patch_level=0x0a704103
[    0.573545] microcode: CPU2: patch_level=0x0a704103
...

A microcode update for an Intel and AMD CPU is logged differently.

1: [    8.853927] i915 0000:00:02.0: [drm] VT-d active for gfx access
and many more lines
2: [    2.469151] [drm] amdgpu kernel modesetting enabled
and many more lines

Here we can see that everything is OK with our graphics card driver.

This was just a brief foray into the log of a system start. Of course, we can detect a lot more, such as whether WLAN, Bluetooth and others have been initialized correctly.

lspci -nnk

Here we can see at a glance various system components and, above all, whether the required kernel module has been loaded. The parameter "k" gives us the line Kernel driver in use: XXX and the parm "nn" shows the number in brackets which is the manufacturer identification number. This ID is ideal for checking with cateee.net. In this example we can see which driver has been loaded for the Ethernet adapter.

...
0000:00:16.0 Communication controller [0780]: Intel Corporation Device [8086:7a68] (rev 11)
        DeviceName: Onboard - Other
        Subsystem: Gigabyte Technology Co., Ltd Device [1458:1c3a]
...
0000:02:00.0 Ethernet controller [0200]: Realtek Semiconductor Co., Ltd. RTL8125 2.5GbE Controller [10ec:8125] (rev 05)
        Subsystem: Gigabyte Technology Co., Ltd RTL8125 2.5GbE Controller [1458:e000]
        Kernel driver in use: r8169
...

We can also see that device [8086:7a68] has no module loaded. So we google for: "cateee 8086:7a68" and get the answer:

CONFIG_INTEL_MEI: Intel Management Engine Interface
vendor: 8086 ("Intel Corporation"), device: 7a68 ("Raptor Lake CSME HECI #1"); vendor: 8086

It seems this bad guy has not configured CONFIG_INTEL_MEI_ME in his kernel .config. This was done on purpose because it is neither wanted nor needed. But watch out: Some modern notebooks (unfortunately) need it. Read more about it: https://en.wikipedia.org/wiki/Intel_Management_Engine


[ This Wiki article will be updated if necessary ]