Displaying 7 results from an estimated 7 matches for "craftily".
2020 Apr 28
3
Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace)
On Mon, Apr 27, 2020 at 10:37:41AM -0700, Andy Lutomirski wrote:
> I have a somewhat serious question: should we use IST for #VC at all?
> As I understand it, Rome and Naples make it mandatory for hypervisors
> to intercept #DB, which means that, due to the MOV SS mess, it's sort
> of mandatory to use IST for #VC. But Milan fixes the #DB issue, so,
> if we're running under
2020 Jun 23
5
Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace)
On Tue, Jun 23, 2020 at 01:07:06PM +0200, Peter Zijlstra wrote:
> On Tue, Apr 28, 2020 at 09:55:12AM +0200, Joerg Roedel wrote:
> So what happens if this #VC triggers on the first access to the #VC
> stack, because the malicious host has craftily mucked with only the #VC
> IST stack page?
>
> Or on the NMI IST stack, then we get #VC in NMI before the NMI can fix
> you up.
>
> AFAICT all of that is non-recoverable.
I am not 100% sure, but I think if the #VC stack page is not validated,
the #VC should be promoted to a #DF...
2020 Jun 23
0
Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace)
...fy the guest. And as this
> can happen anywhere, for example on a carefully crafted stack page set
> by userspace before doing SYSCALL, the only robust choice for #VC is to
> use IST.
So what happens if this #VC triggers on the first access to the #VC
stack, because the malicious host has craftily mucked with only the #VC
IST stack page?
Or on the NMI IST stack, then we get #VC in NMI before the NMI can fix
you up.
AFAICT all of that is non-recoverable.
2011 May 04
1
winbind as a name service "proxy"?
Hi,
We hava a bunch of machines that needs to have the ability to look up users and groups (like with libnss_winbind) but we need to have the Kerberos and PAM stuff. We really don't want to join them to the AD. Are there any way to use one server as a proxy for name and group lookups?
[dumb-node] --> [master-node-with-winbind] --> [AD]
Best regards
Emil Assarsson
Sony Ericsson
2020 Jun 23
0
Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace)
.../06/2020 12:30, Joerg Roedel wrote:
> On Tue, Jun 23, 2020 at 01:07:06PM +0200, Peter Zijlstra wrote:
>> On Tue, Apr 28, 2020 at 09:55:12AM +0200, Joerg Roedel wrote:
>> So what happens if this #VC triggers on the first access to the #VC
>> stack, because the malicious host has craftily mucked with only the #VC
>> IST stack page?
>>
>> Or on the NMI IST stack, then we get #VC in NMI before the NMI can fix
>> you up.
>>
>> AFAICT all of that is non-recoverable.
> I am not 100% sure, but I think if the #VC stack page is not validated,
> the...
2007 Apr 30
17
Managing packages which require a reboot
Hi,
I''m working on a method to manage packages which require a reboot after
being installed. I''m curious how other people are handling this problem.
Consider the resource:
pkg_deploy { "MacOSXUpdCombo10.4.9Intel.dmg": alias => macosx1049 }
I''d like to only install the package under if the following conditions
are met:
- No user is logged into the
2018 May 20
0
You say #nothing... I say "Hello. Hello! Hello?" Moving forward with this will stop this violence, it will also stop murder, and then death. (... in that order)
...gn-a message from the
Matrix itself answering the question that drives it's name? ?are I
x??
The end of the Matrix, of this message delivered through a hidden influence
coincides with it's story of Exodus, of being led from slavery to a place
where we see that the Holy Coda of the Matrix is craftily encoded in each
and every word-unsealed the letter emag reveals the ?are I Bianca?
<http://isiti.gq/lists/lt.php?id=YUgDCQFUGAFSXB1QWlQKVF0F>
? of Eden's apple and rib, and the ?are I the hidden n? of Newton,
NORAD and my last name's key to the beginning and the end of The Name ?
the...