Archive

Posts Tagged ‘debian’
Orange Pi Development Boards

Embedded Linux Conference & IoT Summit 2018 Schedule

February 13th, 2018 No comments

The Embedded Linux Conference 2018 and the OpenIoT Summit 2018 will jointly take place next month, on March 12 – 14, 2018 in Portland, Oregon, USA. The former is a “vendor-neutral technical conference for companies and developers using Linux in embedded products”, while the latter is a “technical conference for the developers and architects working on industrial IoT”. The Linux Foundation has already published the schedule, and it’s always useful to learn what will be discussed about even for people who won’t attend.

With that in mind, here’s my own virtual schedule with some of the talks I find interesting / relevant to this blog.

Monday, March 12

  • 10:50 – 11:40 – Progress in the Embedded GPU Ecosystem by Robert Foss, Collabora Ltd.

Ten years ago no one would have expected the embedded GPU ecosystem in Linux to be what it is now. Today, a large number of GPUs have Open Source support and for those that aren’t supported yet, improvements are happening at a rapid pace.

In just the last year Vivante GPUs have gained mainline support and Mali GPUs have seen good progress being made.

In this talk, Robert will cover GPUs in the embedded space and give an overview about their current status, what lies ahead and how the Open Source state of the art compares to the proprietary alternatives.

  •  11:50 – 12:40 – Zephyr LTS Release, What to Expect and Why are We Doing This by Anas Nashif, Intel

After eleven 1.x.x releases of Zephyr since the project has launched 2 years ago, the Zephyr project is planning to release Zephyr LTS in 2018 with many new features that have been in the works for the last year, stable APIs and with the goal of taking a subset of the released project code through various certification activities.

In this talk the status plans for Zephyr LTS will be presented and discussed and the next steps that the project will take after the LTS release.

  • 14:00 – 14:50 – Preempt-RT Raspberry Pi Linux by Tiejun Chen, VMware

As we know, the Raspberry Pi is a series of small single-board computers developed in the United Kingdom by the Raspberry Pi Foundation to promote the teaching of basic computer science in schools and in developing countries. Now it is very popular around our IoT world, and you can see many guys use Pi to build great things, and even it can play a role in the production environment. The official Raspberry Pi Linux maintains Linux kernel specific to Pi platform. But it does not include Preempt RT Linux support. Obviously, in some IoT cases we really need to meet hard real time requirement. In this presentation, we will review if-how we can integrate Preempt RT Linux patches to Pi Linux, an see what the problems are for this particular hardware platform.

  • 15:00 – 15:50 – OpenEmbedded/Yocto on RISC-V – New Kid on the Block by Khem Raj, Comcast

RISC-V a new open source ISA based architecture is rapidly gaining acceptance in embedded space. Several core packages e.g. gcc toolchain, linux kernel, binutils, newlib, qemu has already been ported for RISC-V. At this point, OpenEmbedded is one of first embedded linux distribution frameworks to support RISC-V architecture. This talk will cover the status of support as the core support has been upstreamed into OpenEmbedded-core, additionally SOC layer meta-riscv is also created which would serve as common layer for all RISC-V based SOCs.

  • 16:10 – 17:00 – Bluetooth Mesh with Zephyr OS and Linux by Johan Hedberg, Intel

Bluetooth Mesh is a new standard that opens a whole new wave of low-power wireless use cases. It extends the range of communication from a single peer-to-peer connection to a true mesh topology covering large areas, such as an entire building. This paves the way for both home and industrial automation applications. Typical home scenarios include things like controlling the lights in your apartment or adjusting the thermostat. Although Bluetooth 5 was released over a year ago, Bluetooth Mesh can be implemented on any device supporting Bluetooth 4.0 or later. This means that we’ll likely see very rapid market adoption of the feature.

The presentation will give an introduction to Bluetooth Mesh, covering how it works and what kind of features it provides. The talk will also give an overview of Bluetooth Mesh support in Zephyr OS and Linux and how to create new wireless solutions with them.

  • 17:10 – 18:00 – Drive your NAND within Linux by Miquèl Raynal, Bootlin (formerly Free Electrons)

NAND flash chips are almost everywhere, sometimes hidden in eMMCs, sometimes they are just parallel NAND chips under the orders of your favorite NAND controller. Each NAND vendor follows its own rules. Each SoC vendor creates his preferred abstraction for interacting with these chips.

Handling all of that requires some abstraction, and that is currently being enhanced in Linux! A new interface, called exec_op is showing up. It has been designed to match the most diverse situations. It should ease the support of advanced controllers as well as the implementation of vendor-specific NAND flash features.

This talk will start with some basics about NAND memories, especially their weaknesses and how we get rid of them. It will also show how the interaction between NAND chips and controllers has been standardized over the years and how it is planned to drive NAND controllers within Linux.

Tuesday, March 13

  •  10:50 – 11:40 – Comparing and Contrasting Embedded Linux Build Systems and Distributions by Drew Moseley, Mender.io

We will discuss the various options for creating embedded Linux operating systems. We will provide a basic description of each option, including an overview of the workflow for each choice. The talk will cover the advantages and disadvantages of each of these options and provide viewers with a matrix of design considerations to help them pick the right choice for their design. We will cover the following options:

  • Yocto/OpenEmbedded
  • Buildroot
  • OpenWRT/LEDE
  • Slimmed down desktop distributions (e.g. Debian, Raspbian, Ubuntu)

We will also touch upon other tools, such as crosstool-ng and ucLinux, which are peripherally related to building embedded Linux systems. The focus for this section will be to make the viewers aware of these tools as they frequently come up while researching embedded Linux so that you are better informed which tools are available.

  • 11:50 – 12:40 – The Things Network: An IOT Global Phenomenon by Bryan Smith, Tacit Labs

IoT has many connectivity options and systems based on Low Power Networks(LPN’s) such as LoraWAN are showing a great deal of promise. LoraWAN uses the ISM Band which doesn’t require a license for use.

The Things Networks (TTN) is a community about LoraWAN, Low Power Wide Area Network (LPWAN). It’s collaboratively built by passionate people, Open Source Software and Open Governance. The network has a manifesto and fair access policy that governs its use and management. In the session we’ll discuss:

  • The technology behind LoraWAN, TTN and similar networks.
  • TTN’s impact on public and private LPWAN’s.
  • The initiators and communities that install and build LoraWAN gateways.
  • Lastly we’ll discuss the impact of the deployments in real world use cases.

There will also be a live demo of a LoraWAN gateway and node in action on several public networks including TTN as well as others.

  • 14:00 – 14:50 – I + I2C = I3C: What’s in this Additional ‘I’? by Boris Brezillon, Bootlin (formerly Free Electrons)

The MIPI Alliance recently released version 1 of the I3C (pronounce ‘eye-three-see’) bus specification, which is supposed to be an improvement over the long-standing I2C and SPI protocols. Compared to I2C/SPI, I3C provides a higher data rate, lower power consumption and additional features such as dynamic address assignment, host join, in-band interrupts. For the last year or so, Free Electrons has been working with Cadence Design Systems on supporting this new kind of bus in Linux.

With this talk we would like to introduce this new bus and the concepts it brings to the table. We will also detail how we plan to expose the new features exposed by the I3C protocol in Linux and go through future possible improvements of the I3C framework that has already been submitted for review on the Linux kernel mailing list.

  • 15:00 – 15:50 – Android Common Kernel and Out of Mainline Patchset Status by Amit Pundir & John Stultz, Linaro

A quick overview of what the speakers ares going to cover in this session.

  • A brief background on Android common kernels – Out of tree Android patches and how they have evolved over time.
  • The current/active patchset introduction and status – Their use cases in Android and on-going upstreaming efforts if any.
  • A brief Intro to android-mainline-tracking tree.
  • Rebasing latest android-$LTS tree to latest linux release tag
  • Find/Report/Fix Android regressions or ABI breakages in mainline kernel.
  • 16:20 – 17:10 – Tock, The Operating System for a Programmable IoT by Amit Levy, Stanford University

Tock is an open-source operating system for low-power ARM Cortex-M microcontrollers that enables radically different kinds of embedded and IoT products.

In typical embedded systems, every line of code is fully trusted because embedded operating systems lack traditional isolation mechanisms like processes. Unfortunately, this makes developing secure products difficult, and running third-party applications virtually impossible.

Tock uses a language sandbox in the kernel and a process-like hardware enforced mechanism in userspace to isolate third-party and other untrusted code in the system.

In this presentation I’ll introduce Tock’s vision for IoT and how its isolation mechanisms work. Then, I’ll use examples of deployed systems and products using Tock to show how developers can use it to build more secure and extensible IoT systems today.

  • 19:00 – 20:00 – BoF: Open Source Hardware by Drew Fustini, OSH Park

Open Source Hardware BoF (Birds of a Feather) session for those interested in how Open Source Hardware design can benefit embedded Linux systems.

The session will start will start with a short presentation of a few slides to clarify terminology and highlight Open Source Hardware projects relevant to Linux. The panelists will then lead a discussion with the BoF attendees about the benefits and challenges of designing Open Source Hardware.

Jason and Drew can talk about the experience of working with community, manufacturers, and distributors to create an Open Source Hardware platform. Leon can speak about his experience of learning hardware design as a software engineer, and how he took his Raspberry Pi HATs from concept to product. John can speak about his experience leading an Open Source Hardware platform within a large corporation.

Wednesday, March 14

  • 11:05 – 11:55 – Landscape of Linux IoT Ecosystems by Christian Daudt, Cypress Semiconductor

IoT products are getting richer in their functionality daily, and as a result there is a trend for increased use of Linux in these products. As we are early in the IoT ecosystem cycle, there is a large number of projects and products vying for developer attention as frameworks and protocols to be used in new product development. This talk provides an overview of the options available and how they relate to each other. It covers OS stacks such as EdgeX Foundry, Automotive Grade Linux, Android Things, IoTivity, Tizen, etc.. as well as IoT-tailored cloud integrations from cloud vendors such as AWS, Google, Microsoft.

  • 12:05 – 12:55 – CPU Power Saving Methods for Real-time Workloads by Ramesh Thomas, Intel

Configurations created for real time applications mostly disable power management completely to avoid any impact on latency. It is however, possible to enable power management to a degree to which the impact on latency is tolerable based on application requirements. This presentation addresses how CPU idle states can be enabled and tuned to allow power savings while running real time applications.

The presentation will give a background of the issues faced by real-time applications when CPU power management is enabled. It will then explain tools, configurations and methods that can be used to tune applications and CPU power management in the kernel to be able to save power without impacting the deterministic latency tolerance requirements.

  • 14:30 – 15:20 – Debian for Embedded Systems: Best Practices by Vagrant Cascadian, Aikidev, LLC

As embedded hardware becomes more capable, Debian becomes an attractive OS for projects. Debian provides clear licensing, a solid technical foundation, and over twenty-five thousand software projects already available within Debian.

Unfortunately, embedded system projects may make changes to a customized Debian OS in ways that make it difficult to apply security updates or system upgrades. This can lead to an unmaintained fork of Debian with long-standing security vulnerabilities unfixed in the hands of end-users. Nobody likes bit-rot.

Many of these common pitfalls can be mitigated or avoided entirely by understanding Debian’s culture, infrastructure, technical norms, and contribution processes. These understandings will improve embedded systems using Debian over the long-term.

  • 15:30 – 16:20 – Civil Infrastructure Platform: Industrial Grade Open Source Base-Layer by Yoshitake Kobayashi, Toshiba Corporation, Software Development and Engineering Center

The Civil Infrastructure Platform (CIP) is creating a super long-term supported (SLTS) open source “base layer” of industrial grade software. The base-layer consists of the SLTS kernel and a basic set of open source software and standardization concepts. By establishing this “base layer,” the CIP Project will enable the use and implementation of software building blocks in civil infrastructure projects. Currently, all civil infrastructure systems are built from the ground up, with little re-use of existing software building blocks, which drains resources, money and time. In this devroom, we’ll share project strategy, use cases, roadmap, milestones and policies. We’ll also share technical details for each development activities for the base-layer that includes open source, real-time development tools, testing and answer questions.

  • 16:30 – 17:20 – 3D Printing with Linux and Xenomai by Kendall Auel, 3D Systems Corp.
Software running on embedded Linux with Xenomai is used to control a 3D printer. The lessons learned and practical advice will be shared in this presentation. There were many challenges to overcome. A complete 3D printing system requires precise motion control, thermal control, material delivery and monitoring, and coordinated data transfers. All concurrent real time processes must be coordinated and managed, while providing interactive response to user input. In parallel with the real time processing, the system must slice the 3D model into layers for printing, which is by its nature a compute-bound application. The dual-kernel architecture of Linux with Xenomai was ideal for maintaining low and predictable latencies for real time control, while allowing the complex and resource intensive slicing application to run in parallel.

Selecting the sessions was not easy as most talks are relevant, so I’d recommend checking out the whole schedule.

The Embedded Linux Conference & OpenIoT Summit require registration with the fees listed as follows:

  • Early Bird Fee: US$550 (through January 18, 2018)
  • Standard Fee: US$700 (January 19,  February 17, 2018)
  • Late Fee: US$850 (February 18, 2017 – Event)
  • Academic Fee: US$200 (Student/Faculty attendees will be required to show a valid student/faculty ID at registration.)
  • Hobbyist Fee: US$200 (only if you are paying for yourself to attend this event and are currently active in the community)

Orange Pi RK3399 Development Board Launched for $109

January 29th, 2018 25 comments

Last Friday, I wrote there was already a decent choice of Rockchip RK3399 boards, and added AAEON RICO-3399 pico-ITX board to the list. I forgot about Shenzhen Xunlong’s own Rockchip RK3399 board that was spotted as early as last spring, and was told Orange Pi RK3399 was now up for sale in for around $110 (699 CNY) in Taobao.

The board is now also for sale on Aliexpress for $109 plus shipping ($4.35 here), and the company has released the specifications, so we can have a better look at what the board has to offer.

Click to Enlarge

Orange Pi RK3399 specifications:

  • SoC – Rockchip K3399 hexa-core big.LITTLE processor with two ARM Cortex A72 cores up to 2.0 GHz, four Cortex A53 cores, and an ARM Mali-T860 MP4 GPU with support for OpenGL 1.1 to 3.1 support, OpenVG1.1, OpenCL and DX 11
  • System Memory – 2 GB DDR3
  • Storage – 16 GB eMMC flash, micro SD card, mPCIe (for mSATA/LTE), and SATA interface
  • Video Output/Input & Display Interfaces
    • 1x HDMI 2.0 up to 4K @ 60 Hz
    • 1x DisplayPort (DP) 1.2 interface up to 4K @ 60Hz (via USB type C port?)
    • 2x MIPI DSI interface up to 2560×1600 @ 60 Hz
    • 1x eDP 1.3 (4-lanes @ 10.8 Gbps)
    • 1x HDMI input port
  • Video Decode – 4K VP9 and 10-bit H.265 video codec support up to 60 fps
  • Audio
    • Digital audio output via HDMI or DisplayPort
    • 3.5mm combo jack with stereo audio output and mic input
    • 1x optical S/PDIF
    • 1x speaker header (1.5W 8Ω or 2.5W 4Ω)
    • 1x on-board microphone
    • 1x microphone array interface
    • 1x I2S output and input interface up to 8 channels
  • Connectivity – Gigabit Ethernet port (via  RTL8211E transceiver), dual band 802.11ac 2×2 MIMO WiFi and Bluetooth 4.1 LE (AP6356S module)
  • USB – 4x USB 2.0 host ports, 1x USB 3.0 type C port
  • Camera – 2x MIPI CSI interfaces up to 13MP for each interfaces
  • Sensors – Gyroscope+G-Sensor (MPU6500), Gyroscope (LSM6DS3), HALL Sensor (HAL248TWCL), Light Sensor (CM32181) and Compass (AK09911)
  • Debugging – 3-pin serial header
  • Expansion
    • 40-pin GPIO 2.54mm pitch female header with 4x I2C, 1x SPI, 2x UART, 5x GPIO, etc…
    • 1x mini PCIe for LTE (USB) or mSATA
    • SIM card slot
  • Misc
    • IR receiver
    • 2x power status LEDs (red and green)
    • 1x SATA power status LED (green)
    • Buttons: reset, power, recovery, menu, return, vol+ and vol-
  • Power Supply
    • 12V/2A via DC jack (5.5/2.1mm) or 2-pin header
    • 5V via type C port or 2-pin header
    • Dual battery support (7.4V)
    • RK808 PMU, BQ25700 Charger IC, CW2015 Fuel Gas
  • Dimensions – 129 x 99 mm
  • Weight – 99 grams

The company can provide Android 6.0 and Debian 9 images for the board, but they have not uploaded them to their resource page yet. Usually we need to wait for a few days before Shenzhen Xunlong uploads the firmware, SDK, and potentially PDF schematics. As usual, it may take a while before all advertised features work out of the box.

ODROID-HC2 Linux NAS System for 3.5″ Hard Drives Launched for $54

January 18th, 2018 37 comments

We knew it was coming, and Hardkernel has now launched an updated version of the ODROID-HC1, called ODROID-HC2 based on the same Samsung Exynos 5422 board, but instead supporting 3.5″ hard drives.

The device can now be purchased for $54 plus shipping, but you may also consider adding some accessories like a 12V/2A power supply, and the top cover for the enclosure. [Update: Also listed on Ameridroid now]ODROID-HC2 specifications:

  • SoC – Samsung Exynos 5422 octa-core processor with 4x ARM Cortex-A15 @ 2.0 GHz, 4x ARM Cortex-A7 @ 1.4GHz, and Mali-T628 MP6 GPU supporting OpenGL ES 3.0 / 2.0 / 1.1 and OpenCL 1.1 Full profile
  • System Memory – 2GB LPDDR3 RAM PoP @ 750 MHz
  • Storage
    • UHS-1 micro SD slot up to 128GB
    • SATA interface via JMicron JMS578 USB 3.0 to SATA bridge chipset
    • Case supports 2.5″ or 3.5″ drives up to 27mm thick
  • Network Connectivity – 10/100/1000Mbps Ethernet (via USB 3.0)
  • USB – 1x USB 2.0 port
  • Debugging – Serial console header
  • Misc – Power, status, and SATA LEDs;
  • Power Supply
    • 12V/2A via 5.5/2.1mm power barrel
    • Backup header for RTC battery
  • Dimensions – 197 x 115 x 42 mm (aluminum cooling frame)
  • Weight – 361 grams

The company provides Ubuntu 16.04 with Linux 4.14, and OpenCL support, but other ditributions are available too including Debian, DietPi, OMV (OpenMediaVault) and others such as Armbian which has released stable Ubuntu and Debian server images for HC1 (but it should work for HC2 too). Source code can be found on Hardkernel’s Github account.

Just like the previous model, ODROID-HC2 is stackable, which explains why it does not sell with a top cover by default, so if you want to buy a single system that works out of the box and with a fully closed enclosure, you should add the optional 12V/2A power supply ($5.90) and a clear or black plastic case ($5.00) to your purchase.

$25 Orange Pi Lite2 Board Comes with Allwinner H6 Processor, 802.11ac WiFi + BLE Module, USB 3.0, and More

January 10th, 2018 15 comments

After Shenzhen Xunlong launched of the first low cost Allwinner H6 development board with Orange Pi One Plus at the very end of last month, we know more Allwinner H6 were coming, and the company has now launched Orange Pi Lite2 development board with 1GB LPDDR3, 802.11ac WiFi and Bluetooth module, and a USB 3.0 port.

The board however does not come with an Ethernet port, so people wanting to get H6 with Gigabit Etheret and USB 3.0 will need to wait a little longer. Orange Pi Lite2 is sold for $25 plus shipping on Aliexpress.

Click to Enlarge

Orange Pi Lite2 board specifications:

  • SoC – Allwinner H6 V200 quad core Cortex A53 processor with Arm Mali-T720MP2 GPU
  • System Memory – 1 GB LPDDR3
  • Storage – micro SD card slot up to 32GB
  • Video Output – HDMI 2.0a up to 4K @ 60 Hz with HDCP 2.2 (TBC)
  • Audio – HDMI audio output, built-in microphone
  • Camera – Parallel CSI connector with support 5MP camera up to 1080p30
  • Video Decoding – 10-bit H.265 up to 4K @ 60 fps, VP9 and H.264 up to 4K @ 30 fps
  • Connectivity – 802.11b/g/n/ac WiFi and Bluetooth 4.1 via Ampak 6255 module
  • USB – 1x USB 3.0 port, 1x USB 2.0 host port, 1x micro USB OTG port (also used for power)
  • Expansion – 26-pin header
  • Debugging – 3-pin serial console header
  • Misc – Power & status LEDs, power button, IR receiver
  • Power Supply – 5V/2A via power barrel jack, or micro USB port; AXP805 PMIC
  • Dimensions – 69 x 48 mm
  • Weight – 50 grams

The company provides Android, Ubuntu, and Debian for the board, but as mentioned for Orange Pi One Plus, Allwinner H6 is pretty new, so if you plan to use Linux, expect some initial pain… The images will eventually be one Orange Pi resources pages, and I can see the company release Android 7.1 firmware & SDK, tools, and a “user’s manual” for Allwinner H6. I’d expect Allwinner H6 to be supported by Armbian in a few months.

ASUS Tinker Board S adds 16GB eMMC flash, to sell for $79.99

January 9th, 2018 13 comments

ASUS Tinker Board generated a lot of buzz on this blog when it launched last year as a large company like ASUS entered the maker market with a Raspberry Pi 3 competitor with more powerful and 4K capable Rockchip RK3288 processor.

The company has now announced an update at CES 2018 with Tinker Board S with the same features, except for the additional of 16GB eMMC flash and a few other minor changes.

Click to Enlarge

ASUS Tinker Board S specifications:

  • SoC – Rockchip 3288 quad core ARM Cortex A17 processor up to 1.8 GHz with Mali-T764 GPU supporting OpenGL ES 1.1/2.0 /3.0, and OpenCL 1.1
  • System Memory – 2GB dual channel LPDDR3
  • Storage – 16GB eMMC flash + micro SD slot
  • Video output & Display I/F
    • 1x HDMI 2.0 up to 3840×2160 @ 30 Hz with HDMI CEC
    • 1x 15-pin MIPI DSI supporting HD resolution
  • Audio – 1x 3.5mm audio jack with plug-in detection and auto switch; Realtek ALC4040 HD codec with 192KHz/24-bit audio
  • Camera I/F – 1x 15-pin MIPI CSI connector
  • Connectivity – Gigabit Ethernet, 802.11 b/g/n WiFi, Bluetooth 4.0 + EDR
  • USB – 4x USB 2.0 host ports, 1x micro USB port (for power)
  • Expansion Headers
    • 40-pin Raspberry Pi compatible header with up to 28x GPIOs, 2x SPI, 2x I2C, 4x UART, 2x PWM, 1x PCM/I2S with slave mode, 5V, 3.3V, and GND
    • 2-pin contact point with 1x PWM signal, 1x S/PDIF signal
    • 2-pin power-on-header
  • Misc – Button, unpopulated fan header
  • Power Supply – 5V/2-3A via micro USB port with support for low voltage detection
  • Dimensions – 85.6 x 54 cm
  • Weight – 55 grams

Click to Enlarge

Just like its predecessor, Tinker Board S can run Debian 9 + LXDE based Tinker OS, as well as Android Tinker OS, and Flint OS. The board also supports popular programs such as Kodi medi center or Lakka and RetroPie retro gaming platforms, as well as expansion boards like HiFiBerry sound cards or MATRIX Creator IoT / sensors board.

The Tinkerboard S will be available in Q1 2018 for $79.99 MSRP. Visit the product page for documentation (WiP) and more details.

Companies Address Concerns related to Speculative Execution Exploits: Meltdown and Spectre

January 4th, 2018 17 comments

Yesterday, news surfaced about a “bug” in Intel processors that could be fixed at the operating system level at the cost of a decrease in performance for some tasks, from a typical, and barely noticeable 5% hit, to a more consequent 30% hit for some specific tasks, and as we discussed yesterday I/O intensive tasks are the most impacted by the changes.

While Intel (and Arm) are impacted, AMD claims not to be, and the issue was reported by major news outlets and likely impacting the stock price of the companies with Intel stock losing 3.39%, and AMD stock gaining 5.19%, so obviously every company felt the need to answer, starting with Intel’s response to security research findings:

Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available.

Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers.

This looks like damage limitation, and I guess more info will be released once the fixes are all released.

But the most detailed report is by Google, since Project Zero found three variant of two vulnerabilities – Metldown and Spectre – related to speculative execution, a technique to predict (and run) likely future instruction in order to boost performance:

We have discovered that CPU data cache timing can be abused to efficiently leak information out of mis-speculated execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts.

Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM. For a few Intel and AMD CPU models, we have exploits that work against real software. We reported this issue to Intel, AMD and ARM on 2017-06-01.

The three variants:

Variants 1 & 2 are referred to as Spectre, and variant 3 as Meltdown, with the latter easier to exploit.

The Meltdown attack uses exception handling or suppression to run a series of transient instructions

Yesterday, we learned AMD was not impacted, but Google clearly mention they could exploit AMD processors too, and that’s because AMD is only subject to Spectre. So AMD responded too:

It is important to understand how the speculative execution vulnerability described in the research relates to AMD products, but please keep in mind the following:

  • The research described was performed in a controlled, dedicated lab environment by a highly knowledgeable team with detailed, non-public information about the processors targeted.
  • The described threat has not been seen in the public domain.

and provided a table showing how AMD processors are impacted:

Google Project Zero (GPZ) Research Title Details
Variant One Bounds Check Bypass Resolved by software / OS updates to be made available by system vendors and manufacturers. Negligible performance impact expected.
Variant Two Branch Target Injection Differences in AMD architecture mean there is a near zero risk of exploitation of this variant. Vulnerability to Variant 2 has not been demonstrated on AMD processors to date.
Variant Three Rogue Data Cache Load Zero AMD vulnerability due to AMD architecture differences.

So it looks like only variant 1 is a potential issue, and operating systems will have to be patched.

Arm’s turn:

Cache timing side-channels are a well-understood concept in the area of security research and therefore not a new finding. However, this side-channel mechanism could enable someone to potentially extract some information that otherwise would not be accessible to software from processors that are performing as designed and not based on a flaw or bug. This is the issue addressed here and in the Cache Speculation Side-channels whitepaper.

It is important to note that this method is dependent on malware running locally which means it’s imperative for users to practice good security hygiene by keeping their software up-to-date and avoid suspicious links or downloads.

The majority of Arm processors are not impacted by any variation of this side-channel speculation mechanism. A definitive list of the small subset of Arm-designed processors that are susceptible can be found below.

The currently popular Cortex-A7 and Cortex A53 cores are not impacted at all, but some others are:

Processor

Variant 1

Variant 2

Variant 3

Variant 3a

Cortex-R7

Yes*

Yes*

No

No

Cortex-R8

Yes*

Yes*

No

No

Cortex-A8

Yes (under review)

Yes

No

No

Cortex-A9

Yes

Yes

No

No

Cortex-A15

Yes (under review)

Yes

No

Yes

Cortex-A17

Yes

Yes

No

No

Cortex-A57

Yes

Yes

No

Yes

Cortex-A72

Yes

Yes

No

Yes

Cortex-A73

Yes

Yes

No

No

Cortex-A75

Yes

Yes

Yes

No

Variant 3a of Meltdown is detailed in the whitepaper linked above, and Arm “does not believe that software mitigations for this issue are necessary”. In the table above, “Yes” means exploitable, but has a mitigation, and “No” means “no problem” :). So only Cortex-A75 is subject to both Meltdown and Spectre exploits, and it’s not in devices yet. Like other companies, Arm will provide a fix for future revisions of their processors.

Silicon vendors are not the only companies to issue answers, as operating systems vendors will have to issues fixes, and cloud providers are also impacted. Patchsets have been merged into Linux 4.15 as we’ve seen yesterday, Microsoft issued a statement for their Cloud service, Red Hat / Debian and others are working on it, and Google listed products impacted, and even Chrome web browser users need to take action to protect themselves. Android phones with the latest security patch will be protected, bearing in mind that all those Cortex-A53 phones in the wild are not affected at all. It’s worse noting that while Meltdown and Spectre make the news, there are over thirty other critical or high severity vulnerabilities fixed in January that did not get much coverage if any…

Orange Pi One Plus Allwinner H6 Board Launched for $20

December 28th, 2017 42 comments

Allwinner H6 is a processor designed for 4K HDR set-top boxes such as Zidoo H6 Pro, but with USB 3.0, Gigabit Ethernet, and PCIe interfaces, the processor is also a good candidate for ARM development boards where you need fast I/Os.

I was expecting Orange Pi 3 Plus as the first board based on the processor, but instead Shenzhen Xunlong has just launched a cheaper Orange Pi One Plus version that sells for $19.99 plus shipping.

Orange Pi One Plus specifications:

  • SoC – Allwinner H6 V200 quad core Cortex A53 processor with Arm Mali-T720MP2 GPU
  • System Memory – 1 GB LPDDR3
  • Storage – micro SD card slot up to 32GB
  • Video & Audio Output – HDMI 2.0a up to 4K @ 60 Hz with HDR, HDCP, CEC
  • Connectivity – Gigabit Ethernet (via Realtek RTL8211 transceiver)
  • USB – 1x USB 2.0 host port, 1x micro USB OTG port
  • Expansion – 26-pin header (but no detailed info available yet)
  • Debugging – 3-pin serial console header
  • Misc – Power & status LEDs, power button, IR receiver
  • Power Supply – 5V/2A via power barrel jack, or micro USB port; AXP805 PMIC
  • Dimensions – 68 x 48 mm
  • Weight – 50 grams

The board only supports Android 7.0 for now, with Linux images (Ubuntu and Debian) under testing. Bear in mind that Allwinner H6 is relatively new, and Orange Pi One Plus is the first low cost Linux development board to be launched with the target, so I’d expect some difficulties at first. Everything will likely have to be based on legacy kernel (Linux 3.10), and some features like 3D graphics acceleration may not work in Linux, but hopefully better support will eventually come through the work of linux-sunxi (u-boot/kernel), and Armbian (integration with Ubuntu/Debian) communities.

This first board is a bit of a disappointment, as beside Gigabit Ethernet, and HDMI 2.0a, it does not really leverage the nice features found in Allwinner H6 processor. I’m especially surprised by the USB 2.0 connector since USB 3.0 would have been nearly free to add as it’s supported by H6 SoC. But I’m told that Orange Pi Lite2 will come with USB 3.0 later next month. However, since it is based on Orange Pi Lite design, then the board will use WiFi, and Gigabit Ethernet will not be present. So we may have to wait for Orange Pi 3 Plus to get a more features-packed H6 board with GbE, USB 3.0, and PCIe interfaces.

Another interesting part of Orange Pi One Plus board is the DDR3 chip: Allwinner AW52A8G32. So it looks like Allwinner has entered the RAM business, or they re-branded the chip from some other company.

What’s the Best Android TV Box (2017/2018 Edition)?

December 26th, 2017 18 comments

Since I was often asked which TV box to buy, I wrote a guide entitled “What’s the best Android TV box?” in April 2016. Time has passed, new products have launched, I tested more devices, and got further reader feedback, so it’s time for an update.

There’s still no device that rules them all, and since everybody has different requirements and price points, what could the best Android TV box ever to one person, maybe be a piece of junk to another. Before purchasing a TV box, you should consider what you plan to do with it, and find the device with matches your needs and budget. So first, I’ll provide a list of things to look for – beside the SoC/RAM selection – before selecting three TV boxes that stand out (in no particular order), as well as alternatives worth looking at.

Things to Look for

The list is basically the same as last year, except I added two sections for operating systems, and extra features:

  • Operating System – There was a time when “Android TV box” only meant “Android” “TV Box”, but Google’s own TV box operating system has become more popular, and some companies have also started offering dual OS version with Android/Linux running at the same time, mostly for server purpose. Here are the options you may consider:
    • Official Android TV OS – Pick such device if you want the original experience with leanback launcher, and access to streaming services like Hulu, Netflix an so on. This operating system should come with all/most the licenses needed for streaming, is specially designed for the large screen, and works well with the IR remote control. However, you’ll only be able to easily install apps specifically designed for the TV (e.g. no Chrome browser, unless you sideload it), and the system may not always work well with an air mouse or wireless keyboard/touchpad.
    • Unofficial Android TV OS – Same as above, except some licenses may be missing, so some streaming services may not work as well, or be limited standard resolution
    • Android OS – Most – not to say all – boxes you’ll find in China are running Android operating system made for smartphones with customizations for the big screen. Those devices have good flexibility, since you can install pretty any app from the Google Play store, and they come with a launcher made for the big screen. The downside is that only parts of the interface or some apps will be usable with the IR remote control, so you’ll need to use an air mouse, wireless keyboard, or smartphone app to have good control of the device. Most boxes also lack proper DRM and other licenses, which may restrict the streaming services you may access, or at least the playback resolution.
    • Android + Linux – Dual boot systems have been around for a while, and IMHO not very useful, so what I’m referring to here are systems with two operating systems running at the same time with Android for media playback, and Linux for NAS/server functions. I’ve seen devices with OpenWrt or Debian so far.
  • History of regular firmware updates – If a company provides regular OTA (over-the-air) firmware updates, your device is likely to get better and better overtime. The cheapest TV boxes normally follow the ship-and-forget model, so you can’t expect any improvements, unless some community members offer custom firmware.
  • Support forums – Most reputable companies selling to end users offer support forums. For cheaper boxes, you won’t get any support, except through communities like Freaktab.
  • 4K & HDR Support – If you want to purchase a device that will support 4K videos, and the latest HDR (High Dynamic Range features) you should look for devices with HDMI 2.0a for 3840×2160 or 4096×2160 output up to 60 Hz and HDR. Double check 4K video codecs support (10-bit HEVC/H.265, VP9, H.264), and make sure they can decode the framerate used for your videos. The latter is usually not a problem with H.265, but sometimes it could be for VP9 or H.264 since some systems can only handle 30 fps or 24 fps.
  • 5.1 or 7.1 HD audio pass-through support – In case you own an amplifier or A/V receiver capable of handling Dolby TrueHD, Dolby Atmos, DTS HD Master, DTS HD High Resolution, or DTS:X, you really need to check the reviews on this site or others, as many devices fall short despite claiming support.
  • Automatic frame rate switching – This is the ability of the device to match the monitor refresh rate to the video frame rate to avoid a phenomenon called micro stutter, which makes the videos not as smooth as it could be at regular intervals, and especially noticeable when the video is panning. if this is properly implemented, e.g. 24 fps videos played using 24 Hz on the monitor, then micro-stutter disappears.
  • DRM support for HD and UHD video streaming – If you’re paying for video streaming services like Netflix, you’ll have to make sure they are specifically supported, with Widewine Level 1 DRM necessary, but not sufficient condition for playing the videos at HD or UHD (4K) resolution. Most devices can only stream videos in SD resolution due to the lack of proper DRM and a hard-to-get “Netflix license”.
  • Thermal design and storage performance – Many Android TV boxes have similar specifications, but IMHO, two key design choices are especially impacting the performance between apparently similar devices. Some TV boxes will overheat over time, leading to poor performance after a few minutes, while others with proper cooling will perform the same over hours. Fast storage will ensure the device boots quickly, apps load fast, and the device does not get slowed down while apps are installing or updating in the background.
  • Extra Features – You’d normally not care about those, if all you want is to do streaming, but if you want more from your TV box, you could check for digital TV tuner(s) (DVB-T/T2/C, DVB-S2, ATSC..), the presence of a an internal SATA bay, HDMI input for recording or broadcasting video from another device, etc…

MINIX NEO U9-H Media Hub

Click to Enlarge

Criteria:

  • Operating System – Android 6.0.1 OS
  • History of regular firmware updates – MINIX normally updates their devices for about a year or so.
  • Support forumsMINIX forums are fairly active, so you should be able to get decent support from MINIX themselves or the community of users there.
  • 4K & HDR Support – HDMI 2.0a up to 4K @ 60 Hz is supported, with very good support for 4K 10-bit H.265, VP9 and H.264 videos.
  • 5.1 or 7.1 HD audio pass-through support – Dolby TrueHD and DTS HD audio pass-through both working.
  • Automatic frame rate switching – OK (Kodi 17.x)
  • DRM support for HD and UHD video streaming –  Widewine Level 1 & Microsoft PlayReady implemented. However, Netflix can only play up to SD resolution, or possibly up to HD (720p) with a trick, but not full HD, nor UHD since Netflix requires a separate agreement.
  • Thermal design and storage performance – Good cooling thanks to a large heatsink, and very fast internal storage.
  • Extra Features – Separate microphone jack, Kensington lock

Just like MINIX NEO U1 I recommended last year, as long as you don’t need Netflix Full HD or 4K UHD playback, and are happy using their custom launcher and an air mouse, MINIX NEO U9-H should definitely be in your list of devices to consider. Please read MINIX NEO U9-H review for details, taking into account that some bugs may have been fixed since my review in March 2017.

Price: $149.90 and up with NEO A3 Lite air mouse on Amazon US, GearBest, GeekBuying, and other sellers. You can also find the box only (without air mouse) for around $139.90.

U5PVR Deluxe Set-top Box and NAS

Click to Enlarge

U5PVR Deluxe made it to the top three list because of all the extras like tuners and a 3.5″ SATA drive, and the fact that it runs both Android TV OS (unofficial) and Debian.

Criteria:

  • Operating System – Unofficial Android TV 5.1 OS and Debian running at the same time. Android TV 7.1 is now also available, as well as a dual boot image with Enigma2.
  • History of regular firmware updates – The company has released several firmware updates since the review. Previous model was U4 Quad Hybrid – Launch: January 2016; last firmware update: November 2016. So a little under a year of firmware updates.
  • Support forums – Available on SmartSTB forums (Somewhat active), or Google+ (not so active). The device is not as popular as MINIX models, so you’ll have less users involved.
  • 4K & HDR Support – HDMI 2.0a up to 4K @ 60 Hz is supported, with very good support for 4K 10-bit H.265, VP9 and H.264 videos in Media Center app (but Kodi 17.x support needed some work)
  • 5.1 or 7.1 HD audio pass-through support – Dolby TrueHD and DTS HD audio pass-through worked in Media Center app.
  • Automatic frame rate switching – OK (Media Center app)
  • DRM support for HD and UHD video streaming –  Support for Widevine L1 DRM and Netflix HD/4K (Not in my June 2017 review, but see comments)
  • Thermal design and storage performance – Excellent internal storage performance, and no noticeable issue with cooling (See teardown for design)
  • Extra Features – SATA bay for a 2.5″ or 3.5″ drive, dual DVB-T/T2 tuner

If you live in a country where DVB-T/T2 is supported (or various combination or DVB-T/T2/C, ATSC, DVB-S2 if you purchase an additional tuner board), and plan to use the Linux NAS features, U5PVR Deluxe looks certainly like a good candidate. However, if you mainly want to watch video streams from Netflix, Hulu, and other premium services, and use Kodi, there should be other devices that better fit your needs.

Price: $229.99 including shipping on Aliexpress.

Nvidia Shield Android TV (2017 Edition)

NVIDIA has launched a smaller version of their popular Shield Android TV earlier this year, and while I have not reviewed the device myself, it’s one of the most popular Android TV box on the market.

Criteria:

  • Operating System – Official Android TV 7.0 (Upgrade to Oreo likely)
  • History of regular firmware updates – Nvidia has been providing upgrades since 2015 for the original model (around 6 times a year)
  • Support forums – Active SHIELD Android TV board on Nvidia Geforce forum.
  • 4K Support – HDMI 2.0a up to 4K @ 60 Hz is supported with support for 10-bit H.265, VP9 and H.264 video playback @ 60 fps.
  • 5.1 or 7.1 HD audio pass-through support – Dolby TrueHD and DTS HD audio pass-through supported
  • Automatic frame rate switching – OK for Kodi and Plex at least.
  • DRM support for HD and UHD video streaming – Netflix HD & 4K officially supported, as well as Amazon Video
  • Thermal design and storage performanceGood storage performance, and I only read reports of isolated issues with overheating (i.e. not a design issue).
  • Extra Features – N/A

NVIDIA TV box also features the most power GPU of any TV boxes, so it’s also an excellent 3D gaming console. Availability is still an issue, although the company has launched the model in some more countries this year. This also means the device can be pretty expensive once you factor shipping, custom duties, and other fees (e.g. forward shipping) if you purchase it from a country where the device has not officially launched. Just like other devices running Android TV OS, not all apps will be available from the Play Store.

Price: Around $200 on Amazon US.

Other Alternatives

The three devices are not the only ones to consider, and other alternatives could meet some people requirements.

  • Above $100
  • Below $100
    • Xiaomi Mi Box US – Good officially Android TV option if you want to stream video from services like Vudu+, Hulu, YouTube, Netflix… and don’t care about playing games, and very high performance for other tasks
    • Mecool M8S PRO+ – Sub $40 box based on Amlogic S905X SoC with 2GB RAM/16GB storage that supports unofficial Android TV 7.1 firmware, Netflix up to 1080p. [Please note warning about eMMC flash version in the linked post]
    • Various low cost Amlogic S905/S905X TV boxes compatible with LibreELEC (Kodi Linux distribution). Note that stock Android firmware on those boxes may not be very good, so better only consider them to run LibreELEC supported by the community

I hope this guide will help some to decide on which model to buy. Feel free to comment if you think another model should be part of the top 3, or the list of alternatives.