Jan-Lukas Else

Thoughts of an IT expert

How I got Crostini to work in Chrome OS Flex

Published on 2022-02-19 in 👨‍💻 Dev

Updated on 2022-02-22

Short link: https://b.jlel.se/s/577

⚠️ This entry is already over one year old. It may no longer be up to date. Opinions may have changed.

I blogged that I could not run Linux support (Crostini) on CloudReady and Chrome OS Flex. Every time I tried to enable Linux support in the settings, the activation failed with an error.

Also when I then tried to open a Linux terminal the following error came up:

Launching vmshell failed: Error starting crostini for terminal: 5

According to CloudReady, this is due to “unmitigated CPU vulnerabilities”.

Now, hidden in a Reddit comment thread, I found a solution that actually works.

For this I had to copy Ubuntu to a USB stick and start it on the laptop in live mode. Using Gnome Disks, I searched for the EFI partition, which in my case was /dev/sda12, and mounted it:

sudo mount /dev/sda12 /mnt

With sudo and Gedit, nano or vi (or any other text editor) it is then possible in the file /mnt/efi/boot/grub.cfg to add the following to the list of parameters after linux in each entry (you can just append it to the end of the line):

kvm-intel.vmentry_l1d_flush=always

But when using legacy BIOS, other files need to be adjusted, as pointed out by a Reddit user!

The Ubuntu Wiki describes the option:

Configuration options are available to deviate from the default L1 data cache flushing behavior and either always perform a cache flush or never perform a cache flush when entering a guest. Always flushing the cache will negatively impact performance in a manner that’s dependent on the workload inside of the virtual machine while never flushing the cache will make your system vulnerable to CVE-2018-3646. Use the “kvm-intel.vmentry_l1d_flush=always” or “kvm-intel.vmentry_l1d_flush=never” kernel command line options to change the default persistently across reboots. Write “always”, “cond” (the default), or “never” to /sys/module/kvm_intel/parameters/vmentry_l1d_flush to temporarily change the behavior.

In summary, this means that VMs with this option may run a bit slower, but are more secure.

It worked for me and I was now able to install Visual Studio Code in Chrome OS Flex and access my home server via SSH and program from there! 😄

Tags: Chrome OS Flex

Interactions & Comments

Jan-Lukas Else Ok, so I have now installed CloudReady, switched to the beta channel as well, but I can’t use Linux because my CPU is not secured against Spectre/Meltdown and CloudReady doesn’t come with microcode updates. Until that comes, my ThinkPad will probably only be for browsing, watching videos, and blogging… Update: Fixed it.
- Bill Dietrich > I can’t use Linux because my CPU is not secured against Spectre/Meltdown and CloudReady doesn’t come with microcode updates Please explain more. How does booting one OS prevent you from later booting a different OS ? Or does "can't use Linux" mean "can't run Linux in a VM under CloudReady" or something ? Thanks.
- Jan-Lukas Else How I got Crostini to work in Chrome OS Flex I blogged that I could not run Linux support (Crostini) on CloudReady and Chrome OS Flex. Every time I tried to enable Linux support in the settings, the activation failed with an error. Also when I then tried to open a Linux terminal the following error came up: According to CloudReady, this is due to “unmitigated CPU vulnerabilities”. Now, hidden in a Reddit comment thread, I found a solution that actually works. For this I had to copy Ubuntu to a USB stick and start it on the laptop in liv…
- Daniel Unfortunately with the newest Version and with my MacBook Pro 7.1 (the white MacBook) it did not work. :-(
Colin Walker Booted into Ubuntu on USB, mounted the partition but it won't let me re-save grub cfg because it is read only and I can't change permissions or ownership 😥
Colin Walker This could be useful. Jan-Lukas has got Linux support wor… This could be useful. Jan-Lukas has got Linux support working in Chrome OS Flex on an unsupported device.
didi Suddenly, ChromeOSFlex can replace my Win10. Without the Linux Extension its sinnless for me
Anonymous Hi, many thanks for the small tutorial! I'm trying to play with Java on a Dell latitude but I can't... Can you be more specific where the line should added please? "After Linux in all entry" seems not fully clear to me as I'm not a Linux addict (yet^^) Thanks in advance!
Anonymous Hi, I got this to work with a 4th generation HP 700 G1 i5-4570 but unfortunately didn't work for me for the 3rd generation HP Elite 8300 i5-3470 <- don't know if I can make this useful again in terms of a crostini linux beta install
- Anonymous Thank you for getting crostini to work at least with my 4th generation HP 700 G1. Cheers.
Anonymous Sorry for being a newbie but where should we paste the “ kvm-intel.vmentry_l1d_flush=always” after the curly brackets or inside the curly brackets just after each linux or somewhere else?
- Jan-Lukas Else Insert it into the same line as "linux" for each GRUB entry. There are already some other parameters, just append it.
Denis Hi. I installed the last version of CloudReady on my laptop, and as expected Crostini doesn't work. I'm not a Linux user, and don't understand anything in that, i just need to download VS Code, and as i understood it is possible only with Crostini. Maybe anyone can do a short video tutorial of what's done here on this page? Because i absolutely don't understand what's going on here and possibly I'm not the only one who doesn't. Video tutorial would be very useful. Thank you in advance!
Anonymous No need for Ubuntu, you can just use crosh and edit the file with vi. Thanks for the tip, worked well on Mac mini 2012.
Anonymous Latest Chrome OS Flex dev version already has this fix, but still can't install Linux on MacBook 6,1
Anonymous How to install ChromeOs flex on SSD.. I have one hdd and one SSD on my device.. whenever i try to install chromeos flex or cloudready.. it always get installed on hdd plzzzzzzzzzzzzz helppppppppp
Jarrod sudo sed -i -E '/^\s+linux/ s/$/ kvm-intel.vmentry_l1d_flush=always/' grub.cfg Above sed command will append 'kvm-intel.vmentry_l1d_flush=always' to lines in 'grub.cfg' starting with word 'linux' (prefixed with whitespace) to file 'grub.cfg'
Jarrod I linked a tutorial where, although they are solving a different problem, the author outlines a method for altering FlexOS grub well. For reference, instead of (appending 'kvm-intel.vmentry_l1d_flush=always') fixing crostini, the tutorial author (appends 'cros_debug') enables dev mode. Enabling dev mode is NOT necessary to fix crostini, but the tutorials method may still be informative, and the audience may overlap. As a side note, I have also had luck fixing ChromeOS Flex no audio issues on …