search for: procmem

Where can I find the full list of libvirt supported qemu-ga commands? The docs [0] imply virDomainQemuAgentCommand bypasses libvirt and is not recommended. I am looking to pass suspend/resume events from the host to the guest and then have the guest act on this internally. Your help is appreciated. [0] https://wiki.libvirt.org/page/Qemu_guest_agent

Daniel P. Berrangé: > On Wed, Feb 28, 2018 at 11:13:46PM +0000, procmem wrote: >> Where can I find the full list of libvirt supported qemu-ga commands? >> The docs [0] imply virDomainQemuAgentCommand bypasses libvirt and is not >> recommended. >> >> I am looking to pass suspend/resume events from the host to the guest >> and then hav...

Martin Kletzander: > On Fri, Aug 10, 2018 at 08:33:00PM +0000, procmem wrote: >> Hello. I'm a distro maintainer and was wondering about the efficacy of >> entropy daemons like haveged and jitterentropyd in qemu-kvm. One of the >> authors of haveged [0] pointed out if the hardware cycles counter is >> emulated and deterministic, and thus pre...

Hello. I'm a distro maintainer and was wondering about the efficacy of entropy daemons like haveged and jitterentropyd in qemu-kvm. One of the authors of haveged [0] pointed out if the hardware cycles counter is emulated and deterministic, and thus predictible. He therefore does not recommend using HAVEGE on those systems. Is this the case with KVM's counters? PS. I will be setting VM CPU

Hi I'm a privacy distro maintainer investigating the implications of the newly published nethammer attack [0] on KVM guests particularly the virtio-net drivers. The summary of the paper is that rowhammer can be remotely triggered by feeding susceptible* network driver crafted traffic. This attack can do all kinds of nasty things such as modifying SSL certs on the victim system. * Susceptible

Hello. I'm interested in running guests as read-only to turn them into a sort of virtualized "live=cd". The goal is to leave no forensic evidence on the host disk or virtual one which would lead to traces on the host still- similar to how TAILS works but with the added convenince and flexibility of running in a VM. If I set the qcow image to read-only as per the manual, will any

On Mon, 2019-10-07 at 13:26 +0000, procmem@riseup.net wrote: > On 10/7/19 7:31 AM, Andrea Bolognani wrote: > > On Sat, 2019-10-05 at 14:32 +0000, procmem@riseup.net wrote: > > > Hi. I am very interested in the security properties a totally open TPM > > > can give our users - its use as a universal smartcard to pr...

Hi. I am very interested in the security properties a totally open TPM can give our users? - its use as a universal smartcard to protect all types of keys. When adding the virtual 1.2 or 2.0 TPM I get the vague error below. OS is Debian stable with standard packages. Error starting domain: Unable to find 'swtpm' binary in $PATH: No such file or directory Traceback (most recent call

Hi. Is it still considered risky to use the QEMU guest agent in an untrusted guest? A warning on these lines was written in the manual a few years back when the feature made its debut. I wanted to know if it was hardened since.

On Wed, Feb 28, 2018 at 11:13:46PM +0000, procmem wrote: > Where can I find the full list of libvirt supported qemu-ga commands? > The docs [0] imply virDomainQemuAgentCommand bypasses libvirt and is not > recommended. > > I am looking to pass suspend/resume events from the host to the guest > and then have the guest act on this...

On Sat, May 19, 2018 at 12:42:14AM +0000, procmem wrote: > Hi I'm a privacy distro maintainer investigating the implications of the > newly published nethammer attack [0] on KVM guests particularly the > virtio-net drivers. The summary of the paper is that rowhammer can be > remotely triggered by feeding susceptible* network driver...

On Sun, Jun 24, 2018 at 23:29:13 +0000, procmem wrote: > Hello. I'm interested in running guests as read-only to turn them into a > sort of virtualized "live=cd". The goal is to leave no forensic evidence > on the host disk or virtual one which would lead to traces on the host > still- similar to how TAILS works but wit...

On Fri, Aug 10, 2018 at 08:33:00PM +0000, procmem wrote: >Hello. I'm a distro maintainer and was wondering about the efficacy of >entropy daemons like haveged and jitterentropyd in qemu-kvm. One of the >authors of haveged [0] pointed out if the hardware cycles counter is >emulated and deterministic, and thus predictible. He therefo...

On Fri, Aug 10, 2018 at 08:33:00PM +0000, procmem wrote: > Hello. I'm a distro maintainer and was wondering about the efficacy of > entropy daemons like haveged and jitterentropyd in qemu-kvm. One of the > authors of haveged [0] pointed out if the hardware cycles counter is > emulated and deterministic, and thus predictible. He the...

On Sat, 2019-10-05 at 14:32 +0000, procmem@riseup.net wrote: > Hi. I am very interested in the security properties a totally open TPM > can give our users - its use as a universal smartcard to protect all > types of keys. When adding the virtual 1.2 or 2.0 TPM I get the vague > error below. OS is Debian stable with standard pac...

On Sat, Oct 05, 2019 at 02:32:19PM +0000, procmem@riseup.net wrote: >Hi. I am very interested in the security properties a totally open TPM >can give our users  - its use as a universal smartcard to protect all >types of keys. When adding the virtual 1.2 or 2.0 TPM I get the vague >error below. OS is Debian stable with standard package...

On Wed, 6 Sep 2023, procmem at riseup.net wrote: > Hi, Whonix OS privacy dev here. I had a discussion concerning the new > ObscureKeystrokeTiming feature with a prominent researcher and author of the > mouse and keyboard biometrics obfuscation tool called Kloak. While it's > exciting to see keystroke obfuscat...

Hi. What are the security implications for the host when using direct kernel boot for guests that are potentially malicious? Is guest filesystem data saved to an emulated drive or directly on the host? [0] Direct boot seems like an otherwise more efficient way to do things. [0] It was discovered that tenants using cloud infrastructure that used LVM were able to recover deleted sensitive data from

Hi I was wondering if libvirt/KVM screens out a CPU's or Protected Processor Identification Number? - "PPIN" is a universal hardware serial number etched into the chip in the fab. [1] I am currently allowing full host cpu passthrough to allow guests to use spectre/meltdown mitigations. However as we are a privacy project, we are looking to prevent obvious identity linkers like