• linux
  • debian
  • bsd
  • c
  • python
  • sphinx
  • documentation
  • thinkpad
  • UEFI
  • firmware
  • update
  • git
  • Debian
  • VirtIO Memory Ballooning

    VirtIO provides Memory Ballooning: the host system can reclaim memory from virtual machines (VM) by telling them to give back part of their memory to the host system. This is achieved by inflating the memory balloon inside the VM, which reduced the memory available to other tasks inside the VM. Which memory pages are given back is the decision of the guest operating system (OS): It just tells the host OS which pages it does no longer need and will no longer access. The host OS then un-maps those pages from the guests and marks them as unavailable for the guest VM. The host system can then use them for other tasks like starting even more VMs or other processes.

    If later on the VM need more free memory itself, the host can later on return pages to the guest and shrink the holes. This allows to dynamically adjust the memory available to each VM even while the VMs keep running.

    Read More

    Reproducible Build

    Debian had started to make their build reproducible: Two builds of the same source package should produce bit identical binary packages. This allows anybody to verify that nobody tempered with the build system.

    Read More


    CPUID is an assembler instruction to identify Intel compatible CPUs. Calling that instruction with register EAX set to 1 returns information about the CPU model in register EBX.

    Read More

    Lenovo ThinkPad L470 Firmware update with Linux

    My company notebook (A Lenovo ThinkPad L470) sometimes crashed when I put it into the docking station: It turn back on, the external monitor turns on, but after that I only see a black screen with the mouse cursor. Today I had enough and performed the pending firmware update, which also includes the Intel CPU microcode updates.

    Read More

    Secure Boot with Linux


    Unwanted binaries like viruses should be prevented from loading. This is known as Secure-Boot. The (U)EFI firmware only loads binaries signed by the “Platform key” (PK) certificates. The PK is pre-installed by the manufacturer. Probably 9x% come with Microsoft Windows pre-installed. Therefor most PCs come with Microsoft key pre-installed. For Qemu/KVM there is “OVMF”: It is based on the EDK2 (EFI Development KIT). It is developed by the “TianoCore” community. It has not keys pre-installed.

    Read More

    You're up and running!

    Next you can update your site name, avatar and other options using the _config.yml file in the root of your repository (shown below).

    Read More