search for: vmsplice

Package: xen-hypervisor-3.2-1-i386 Version: 3.2-1 Severity: critical Tags: security Justification: DoS of entire system regardless of privilege When running the exploit listed in bug 464953 [1], Xen's memory state becomes corrupted and the hypervisor eventually crashes, taking all of the domU's with it. As such, this breaks operational behaviour, so I have marked this as critical. [1]

...th the upstream kernel patch applied. Obviously they haven't gone through the full QA process, but I know of them running on approximately 50 servers without any reported issues. They're available at: http://erek.blumenthals.com/blog/2008/02/11/rhel-5-centos-5-kernel-rpms-patched-against-vmsplice-local-root-exploit/ Let me know any experiences you have with them. Regards, Erek Dyskant

... or buddy userspace. patching `sys_vmsplice()' with `ret'. 1)# echo -e '\xc3' | dd of=/dev/kmem bs=1 count=1 seek=$((0x`cat /proc/kallsyms|grep sys_vmsplice | awk {'print $1'}`)) 2)# echo -e '\xc3' | dd of=/dev/kmem bs=1 count=1 seek=$((0x`awk '/sys_vmsplice/ { print $1; }' /proc/kallsyms`))...

Hi, Before switching to io mode=native, I wanted to check if there are any disadvantages or potential problem with this setting. I virtio-blk data plane required to use this setting effectively? (as illustrated here: http://blog.vmsplice.net/2013/03/new-in-qemu-14-high-performance-virtio.html) Is there a requirement on the host kernel (eg minimum version)? Thanks in advance Raph

On Mon, Apr 08, 2019 at 02:43:28PM +0800, Jason Wang wrote: > Another thing that may help is to implement sendpage(), which will greatly > improve the performance. I can't find documentation for ->sendpage(). Is the idea that you get a struct page for the payload and can do zero-copy tx? (And can userspace still write to the page, invalidating checksums in the header?) Stefan

https://bugzilla.redhat.com/show_bug.cgi?id=432251 Mentioned on Slashdot here: http://it.slashdot.org/article.pl?sid=08/02/10/2011257 Fedora bug report here: https://bugzilla.redhat.com/show_bug.cgi?id=432229 -- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com

...rote: > > Hi, > > Before switching to io mode=native, I wanted to check if there are any > disadvantages or potential problem with this setting. > I virtio-blk data plane required to use this setting effectively? (as > illustrated > here:http://blog.vmsplice.net/2013/03/new-in-qemu-14-high-performance-virtio.html) > Is there a requirement on the host kernel (eg minimum version)? > > > Is this a stupid question or does no one use native io mode? Please let me know > dataplane is not required for io=native. io=native is used quite...

...I was looking for. Perusing qemu's man page, it seems that this option should result in a -no- reboot option getting added to qemu's command line. But, looking at the actual command line, after starting the VM, it's nowhere to be seen. A bit more Google-fu found this: http://blog.vmsplice.net/2011/04/how-to-pass-qemu-command-line-options.html And I manually added a -no-reboot option to the domain XML file that way. And you know what? After doing that, telling Windows 10 to reboot simply shuts off the VM. Wonderful. But that still leaves me wondering: what's up with the <...

...ngth. > > So once the 'tcm_eventfd_nvme' driver on KVM host receives a nvme host > hardware frame via eventfd, it would decode the frame and send along the > Read/Write/Flush when exposing existing (non nvme native) backend > drivers. Learned vhost architecture: http://blog.vmsplice.net/2011/09/qemu-internals-vhost-architecture.html The nice thing is it is not tied to KVM in any way. For SCSI, there are "virtio-scsi" in guest kernel and "vhost-scsi" in host kernel. For NVMe, there is no "virtio-nvme" in guest kernel(just unmodified NVMe driver)...

...ngth. > > So once the 'tcm_eventfd_nvme' driver on KVM host receives a nvme host > hardware frame via eventfd, it would decode the frame and send along the > Read/Write/Flush when exposing existing (non nvme native) backend > drivers. Learned vhost architecture: http://blog.vmsplice.net/2011/09/qemu-internals-vhost-architecture.html The nice thing is it is not tied to KVM in any way. For SCSI, there are "virtio-scsi" in guest kernel and "vhost-scsi" in host kernel. For NVMe, there is no "virtio-nvme" in guest kernel(just unmodified NVMe driver)...

...ing qemu's man page, it seems that this option should result in a > -no-reboot option getting added to qemu's command line. But, looking at > the actual command line, after starting the VM, it's nowhere to be seen. > > A bit more Google-fu found this: > > http://blog.vmsplice.net/2011/04/how-to-pass-qemu-command-line-options.html > > And I manually added a -no-reboot option to the domain XML file that way. > > And you know what? After doing that, telling Windows 10 to reboot simply > shuts off the VM. Wonderful. Libvirt doesn't append -no-reboot be...

Greetings. I'm looking for recommendations for a PCI Express ethernet card that works with Centos5. Kernel is: Linux mgw1.topix.net 2.6.18-53.1.4.el5PAE #1 SMP Fri Nov 30 01:21:20 EST 2007 i686 i686 i386 GNU/Linux Milt Mallory Topix.com 650-461-8316 Always consider the issues of progressive enhancement and graceful degradation (from Dom Scripting manual) -------------- next

Hi, I've noticed that we already have an updated kernel for the Centos 5. Any idea of when the same thing will happen for Centos 4 386 ? Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20080213/59a88267/attachment.html>

...n <rblists@gmail.com> wrote: > Hi, > > Before switching to io mode=native, I wanted to check if there are any > disadvantages or potential problem with this setting. > I virtio-blk data plane required to use this setting effectively? (as > illustrated here: > http://blog.vmsplice.net/2013/03/new-in-qemu-14-high-performance-virtio.html) > Is there a requirement on the host kernel (eg minimum version)? > > Is this a stupid question or does no one use native io mode? Please let me know Thanks Raph > > Thanks in advance > > Raph > -- Web database...

...sue 2, I'm still not sure we should do this or not. Looks like >> > there's a similar issue for the packets sent by tcp_sendpage() was >> > blocked or delayed. > What's the issue exactly? How would you trigger it? I mean it looks similar to the issue that if we use vmsplice() to splice user pages to TCP socket, and then the packet were blocked or delayed by qdics or other. Did we wait for all pending packets in this case before terminating the process?

...sue 2, I'm still not sure we should do this or not. Looks like >> > there's a similar issue for the packets sent by tcp_sendpage() was >> > blocked or delayed. > What's the issue exactly? How would you trigger it? I mean it looks similar to the issue that if we use vmsplice() to splice user pages to TCP socket, and then the packet were blocked or delayed by qdics or other. Did we wait for all pending packets in this case before terminating the process?

...t; It looks like this can be used to pass command line arguments to qemu. >> Is it possible to specify a virtio specific attribute via this method? >> > > Yes, for testing purposes you should be able to do this via using QEMU's > -set command line argument: > http://blog.vmsplice.net/2011/04/how-to-pass-qemu-command-line-options.html > > i.e.: > > <domain type='kvm' > xmlns:qemu='http://libvirt.org/schemas/domain/qemu/1.0'> > ?... > ?<qemu:commandline> > ?? <qemu:arg value='-set'/> > ?? <qemu:arg valu...

Dear Debian Xen Team, The following possible problem(s) were detected in the package(s) you maintain in Debian: === xen-3: = This package has 1 bug(s) that should be fixed for the next Debian release: - #464969 <http://bugs.debian.org/464969> xen-hypervisor-3.2-1-i386: Linux mmap()/vmsplice() exploit causes memory map corruption in hypervisor regardless of domain privilege This is a Release-Critical bug! This is an automated mail. These mails are sent monthly. For more information about these mails, refer to http://wiki.debian.org/qa.debian.org/DdpoByMail We are sorry if this mail...

...#39;tcm_eventfd_nvme' driver on KVM host receives a nvme host > > hardware frame via eventfd, it would decode the frame and send along the > > Read/Write/Flush when exposing existing (non nvme native) backend > > drivers. > > Learned vhost architecture: > http://blog.vmsplice.net/2011/09/qemu-internals-vhost-architecture.html > > The nice thing is it is not tied to KVM in any way. > Yes. There are assumptions vhost currently makes about the guest using virtio queues however, and at least for an initial vhost_nvme prototype it's probably easier to avoid...

...hing broadly along the lines of what was described in [1]. I have also included a patch to the RPC subsystem which uses this API to fix the bug which I describe at [2]. I''ve also had some interest from David VemLehn and Bart Van Assche regarding using this functionality in the context of vmsplice and iSCSI targets respectively (I think). Changes since last time: * The big change is that the patches now explicitly align the "nr_frags" member of the shinfo, as suggested by Alexander Duyck. This ensures that the placement is optimal irrespective of pag...