NVIDIA 378.13 release (a new stable branch)

  • Added support for the following GPU(s):
    • Quadro P3000
    • Quadro GP100
    • Quadro P4000
    • Quadro P2000
    • Quadro P1000
    • Quadro P600
    • Quadro P400
    • Quadro M1200
    • Quadro M2200
  • Disabled OpenGL threaded optimizations by default under Xinerama.
  • Added support for the ARB_parallel_shader_compile extension to allow multi-threaded compilation of GLSL shaders.
  • Updated the X driver to ignore any Virtual Reality Head Mounted Displays (HMDs). See the "AllowHMD" X configuration option in the README for details.
  • The driver will now advertise GLX FBConfigs with no depth bits on depth 30 X screens.
  • Added support in nvidia-settings to view configured PRIME displays. To enable PRIME displays, see "Offloading Graphics Display with RandR 1.4" in the README.
  • Added infrastructure which enables the NVIDIA EGL driver to load EGL external platform libraries that add client-side support for new window systems, beyond the existing libnvidia-egl-wayland.so.1. For more details, see: - https://github.com/NVIDIA/eglexternalplatform - https://github.com/NVIDIA/egl-wayland
  • Added support for the following Vulkan extensions:
    • VK_KHR_display
    • VK_KHR_display_swapchain
  • Enabled OpenGL threaded optimizations by default in the driver. Refer to the "Threaded Optimizations" section in the "Specifying OpenGL Environment Variable Settings" chapter of the README for details. These optimizations will self-disable when they are degrading performance. As a result, performance should be unchanged for many applications, and increased for those that benefit from threaded optimizations and were not already forcing them enabled.
  • Fixed a bug that prevented PRIME Sync from working on notebooks with GeForce GTX 4xx and 5xx series GPUs.
  • Fixed a bug that caused system hangs when resuming from suspend with some GPUs.
  • Fixed a regression that could cause corruption when hot-plugging displays.
  • Fixed a regression that prevented systems with multiple DisplayPort monitors from resuming correctly from suspend.
  • Added support for the screen_info.ext_lfb_base field, on kernels that have it, in order to properly handle UEFI framebuffer consoles with physical addresses above 4GB.
  • Added support for X.Org xserver ABI 23 (xorg-server 1.19)
  • Fixed a bug that allowed nvidia-installer to attempt loading kernel modules that were built against non-running kernels.

x86-64
x86

Aaron,

When will you start offering Linux driver downloads via HTTPS? I’m not exactly a fan of downloading via HTTP of something which doesn’t even have a cryptographic signature.

https doesn’t provide extra security to publicly available files. It doesn’t ensure you are connecting to the correct server.
You are probably thinking of DNSSEC :)

It does. CAs exist for exactly this reason. Now a lot of them have been implicated in issuing fraudulent certificates but they are discovered sooner or later and such CAs are universally banned.

I feel a lot safer downloading something from what appears to be an NVIDIA download server than downloading something from God knows where while my traffic is intercepted and replaced by dozens of parties between me and the destination server.

My ISP does intercept and replace my traffic at will. I’m quite sure yours does the same but for some reasons you don’t care. My condolences. Perhaps your entire PC is p0wned several times over.

You seemed to have forgotten the new long lived branch 375.39 release

http://www.nvidia.com/download/driverResults.aspx/114708/en-us

378.13 is the short lived branch

“Fixed a bug that caused system hangs when resuming from suspend with some GPUs.”

“Fixed a regression that prevented systems with multiple DisplayPort monitors from resuming correctly from suspend.”

Hopefully the above proves to be so for beleaguered GTX 970+ Maxwell users.

This also working correctly with the Pascal family would restore the GTX 1070 FE to my upgrade list.

"It turns out that non-ECC RAM is actually a security risk, as bit flips can be exploited. “Bit-squatting” from Black Hat 2011:

Mar 15, 2013
*Blackhat 2011 - Bit-squatting: DNS Hijacking without exploitation - YouTube

*Bitsquatting: DNS Hijacking without exploitation
http://dinaburg.org/bitsquatting.html

**I believe the following article dates back to 2012 or so.
New Intel based PC’s PERMANENTLY hackable
http://www.jimstonefreelance.com/corevpro.html

Note. The following video link at the end of Jim Stone’s article now redirects to different info:
http://www.intel.com/content/www/us/en/enterprise-security/what-is-vpro-technology-video.html

Here’s the original:
What is Intel® Core™ vPro™ Technology Animation
http://web.archive.org/web/20121202094729/http://www.intel.com/content/www/us/en/enterprise-security/what-is-vpro-technology-video.html

A shorter backup video from Intel which touches upon the key technology points raised in Jim Stone’s article and the above video:

1:34
Feb 3, 2010
What is Intel vPro Technology - YouTube

RECON 2014 Montreal
Intel ME Secrets
Hidden code in your chipset and how to discover what exactly it does
http://recon.cx/2014/slides/Recon%202014%20Skochinsky.pdf

Jun 19, 2014
“Active Management Technology”: The obscure remote control in some Intel hardware — Free Software Foundation — working together for free software
https://fsf.org/blogs/community/active-management-technology

“…While some of this technology is marketed to provide you with convenience and protection, what it requires from you, the user, is to give up control over your computer. This control benefits Intel, their business partners, and large media companies. Intel is effectively leasing-out to the third-parties the rights to control how, if, and when you can access certain data and software on your machine…”

Jun 10, 2016
Intel & ME, and why we should get rid of ME — Free Software Foundation — working together for free software
https://www.fsf.org/blogs/licensing/intel-me-and-why-we-should-get-rid-of-me

And sadly…

10 January 2016
It Will Be Interesting To See If AMD Supports Coreboot For Zen - Phoronix
https://www.phoronix.com/scan.php?page=news_item&px=AMD-Zen-Will-It-Coreboot

“A developer long involved in Coreboot/Libreboot development is trying to call attention to “uncorrectable freedom and security issues” on x86 platforms with nearly all post-2009 Intel systems and post-2013 AMD systems…”

5 April 2016
Developer Warns Of “Uncorrectable Freedom & Security Issues” For x86 - Phoronix
https://www.phoronix.com/scan.php?page=news_item&px=x86-Uncorrectable-Freedom

[i]"…Prior to these changes projects such as coreboot could be used to replace the boot firmware with a FOSS alternative.

The technologies in question are the Intel Management Engine (ME) and the AMD Platform Security Processor (PSP). Both serve effectively the same purpose; to ensure that the physical owner of the machine never has full control of said machine. These technologies, in turn, are used to implement various forms of remote control and Digital Rights Management (DRM) technologies…"[/i]

Apr 4 17:06:23 CEST 2016
Uncorrectable freedom and security issues on x86 platforms
http://mail.fsfeurope.org/pipermail/discussion/2016-April/010912.html

(Page 8) “…PLATFORM SECURITY PROCESSOR…”

UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf
http://www.uefi.org/sites/default/files/resources/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf

The fix is in…

“…The anti-circumvention Section 1201 of the DMCA makes it unlawful for anyone to tinker with a purchased and owned electronic device and its software if it contains DRM code meant to restrict various uses of the device. This has created some problems for various groups, from farmers who could be banned from repairing their tractors, to security researchers who can’t (legally) analyze whether DRM software has security vulnerabilities and whether it puts computer systems or networks at risk…”

July 21, 2016
EFF Sues U.S. Government So People Can Tinker With Their Electronic Devices
http://www.tomshardware.com/news/eff-sues-government-section-1201,32300.html

TRUSTED COMPUTING / “TREACHEROUS COMPUTING”

“TCG has faced resistance to the deployment of this technology in some areas, where some authors see possible uses not specifically related to Trusted Computing, which may raise privacy concerns. The concerns include the abuse of remote validation of software (where the manufacturer — ​and not the user who owns the computer system — ​decides what software is allowed to run) and possible ways to follow actions taken by the user being recorded in a database, in a manner that is completely undetectable to the user.”

Trusted Platform Module - Wikipedia, the free encyclopedia
https://en.wikipedia.org/wiki/Trusted_Platform_Module#Criticism

“…The technical idea underlying treacherous computing is that the computer includes a digital encryption and signature device, and the keys are kept secret from you. Proprietary programs will use this device to control which other programs you can run, which documents or data you can access, and what programs you can pass them to. These programs will continually download new authorization rules through the Internet, and impose those rules automatically on your work. If you don’t allow your computer to obtain the new rules periodically from the Internet, some capabilities will automatically cease to function…”

Can You Trust Your Computer? - GNU Project - Free Software Foundation
https://www.gnu.org/philosophy/can-you-trust.html

Personally I wouldn’t have a problem with these ^ security innovations (which are proprietary and cannot be independently audited for flaws) if their use were confined to the corporate world where industrial espionage is a proven concern or to law enforcement, the military and government environments where security is a must. I just don’t want this out-of-band, haunted hardware in my home. The potential for its abuse by state actors and other echelons of the de facto international organized crime syndicate which provably dominates the economic and legislative processes of our world is enormous.

UPDATE

22-11-2017
Just another reason to Disable the Intel ME: - GeForce Forums
https://forums.geforce.com/default/topic/1029603/pc-components/just-another-reason-to-disable-the-intel-me-/

TWO AFFORDABLE, GNU/LINUX-FRIENDLY COMMERCIAL MOTHERBOARDS WORTH CONSIDERING

Backed by a five year warranty and server grade testing, the SABERTOOTH 990FX R2.0 (first UEFI ver. dated 2012/06/25, the most recent dated 2016/08/05) and the recently released and largely similar chipset-wise TUF SABERTOOTH 990FX R3.0 (first UEFI ver. dated 2016/07/21, the most recent dated 2016/07/28) motherboards both offer a 24/7 duty cycle and affordable ECC RAM support (via the KVR16E11K4/32 kit which is qualified for use with both 'boards) and sport chipsets & CPUs which pre-date the era of out-of-band, haunted hardware. Their only questionable security concern would be their UEFI and what may lurk within.

But provided they are not connected to the Internet via Ethernet and instead employ an older WiFi card (a Ralink RT5392 chipset-based 802.11 b/g/n 300 PCIe unit works well and is natively supported by Linux 2.6.32 or later) at least these two motherboards lack any built-in hardware that could enable a third party to remotely ‘manage’ / hijack them from a powered-off (and physically disconnected from the Internet) state for a range of nefarious abuses unbeknownst to their naive owners–but not to their ISP’s server logs and thus local law enforcement.

If you do decide to get a GNU/Linux-capable motherboard then it’s best to choose one that can run at least four different GNU/Linux operating systems to ensure the most broad compatibility:

Linux Status Report For Desktop Motherboards (Feb., June and Oct. 2016)
https://www.asus.com/websites/global/aboutASUS/OS/Linux1602.pdf
https://www.asus.com/websites/global/aboutASUS/OS/Linux1606.pdf
https://www.asus.com/websites/global/aboutASUS/OS/Linux1610.pdf

2 March 2016
If You Use An ASUS Motherboard & Hit A Linux Issue, Hopefully It’s On This List - Phoronix
http://www.phoronix.com/scan.php?page=news_item&px=ASUS-Linux-Mobo-List

I doubt anything like that ever happened to me and I’ve been using the internet for over 20 years.
But I understand what you are talking about. CAs won’t give certificates to fake websites masquerading as existing ones.

What a load of complete and utter BS.

Show me one effective attack against my computer - please go intercept my connection to google.com or devtalk.nvidia.com I can tell you my globally routable IP address right away.

You really need to start wearing a tinfoil hat immediately.

And stop using any computers/smartphones/IoTs/etc - clearly everyone is spying on you.

You are paranoid about your ISP modifying your traffic yet you suggest others are paranoid about other things and should start wearing tin foils.

Memory corruption due to bit flips is a possible way to cause denial of service attacks and crash your computer. That’s why we have software EEC for old x86 platforms which didn’t have hardware EEC capabilities. It can mean the difference between 6.2234566 and 652234566.
You guys have it very easy now with modern hardware and so much kernel based protection :)

Wait for this upcomming nex generation of CSMA called predictive p-persistent CSMA , that will revolutionize the TCP …hope that this will be implemented in the futur …

The multiple and credibly sourced info I posted earlier is germane to your stated concern re unwanted Internet traffic interception & modification–along with your speculation that someone else’s “entire PC is p0wned several times over”. That you’ve chosen to dismiss the potential for abuse demonstrated by the advertised capabilities of permanently embedded technology which can be remotely operated at the firmware level and which cannot be independently audited is your prerogative.

FYI. The term ‘tinfoil hat’ forms part of a family of pejorative thought-stoppers employed by coincidence theorists, incompetence theorists, Establishment trolls and wilfully under-informed half-wits who - in addition to not knowing how money is created and by whom and how long such a state of affairs has endured - often reflexively spout the simplistic clean shave of Occam’s Razor as validation for their unversed assumption that our world is not the complex place which autodidacts who pursue a scruffy follow-the-money scrutiny of history know it to be.

If you have any further suggestions as to my attire or course of action, feel free to convey them via this forum’s PM feature. That’s what it’s there for.

Your credible sources aren’t worth shit, because if anything like that had been true, we’d have seen multiple attacks against banking institutions and hundreds of billions of dollars lost due to traffic interception.

Nothing like that is happening in the world.

You’re clearly an idiot paranoid.

I’m not paranoid about my ISP modifying my traffic, because it’s happening all the fucking time - whenever I open a forbidden website, they replace my DNS requests or if it fails, inject the code into an HTML page to redirect me to their own website.

The same way they often show me ads of their services while I’m accessing unrelated websites.

Why are you so full of shit, if HTML tinkering (interception, modification) is a fact of life, while HTTPs allow billions of people to use their bank accounts safely.

WTF, are you serious?

I never claimed https was not useful. It is. As already mentioned, CAs prove authenticity and ssl encrypts sending messages such as passwords.

If your ISP keeps modifying your traffic, report them to the EFF and move a different ISP. Don’t give them more business. This should not be happening in our days.

Anyway, this derailed very badly. Have a nice day.

I cannot report my ISP because I happen to live in Russia and this state of affairs is 100% legalized. All ISPs in Russia do that - the only way to avoid that is to use VPN/TOR or something like that. Moreover the K department (a branch of the Russian government) has its traffic sniffing equipment installed in all ISPs.

Also, I remember quite a lot of stories about ISPs in the USA which have been caught altering non encrypted traffic.

Yes, it has derailed but when people seriously tell me that HTTPs is insecure without providing any proofs I get crazy. HTTPS is the sole reason why millions of companies can do their business. Without HTTPS we wouldn’t have online banking, online shopping, online games, etc. etc. etc. It would all fall apart immediately.

not fixed or… ignored :
https://devtalk.nvidia.com/default/topic/992477/linux/bug-378-xx-nvml-nvidia-smi-core-clock-is-wrong-on-pascal-devices/

I’m using Arch Linux and just received the update to the nvidia 378.13 driver. After the upgrade xorg won’t start.

I’m getting the following in my logs:

Feb 17 03:07:28 host kernel: NVRM: loading NVIDIA UNIX x86_64 Kernel Module  378.13  Tue Feb  7 20:10:06 PST 2017
Feb 17 03:07:43 host kernel: NVRM: GPU at PCI:0000:01:00: GPU-1b13177f-8b34-bdf5-8eda-d884306b073c
Feb 17 03:07:43 host kernel: NVRM: Xid (PCI:0000:01:00): 61, 1899(157c) 00000000 00000000
Feb 17 03:07:43 host kernel: NVRM: Xid (PCI:0000:01:00): 62, 12958(282c) 00000000 00000000
Feb 17 03:08:15 host kernel: NVRM: RmInitAdapter failed! (0x53:0xffff:1857)
Feb 17 03:08:15 host kernel: NVRM: rm_init_adapter failed for device bearing minor number 0

Reverting back to version 375.26 makes everything work again. Graphics card in question is a GeForce GTX 770.

Great work !

Works fine so far on 4.9.11-rt9 based kernel with GTX760,

kwin_x11 compositing works as well,

looks like the previous issue of not working kwin_x11 might have been a distribution-/packager-specific issue where egl-related libs were missing or stripped from installation …