Displaying 20 results from an estimated 2000 matches similar to: "Virtio-net drivers immune to Nethammer?"
2018 May 21
0
Re: Virtio-net drivers immune to Nethammer?
On Sat, May 19, 2018 at 12:42:14AM +0000, procmem wrote:
> Hi I'm a privacy distro maintainer investigating the implications of the
> newly published nethammer attack [0] on KVM guests particularly the
> virtio-net drivers. The summary of the paper is that rowhammer can be
> remotely triggered by feeding susceptible* network driver crafted
> traffic. This attack can do all kinds
2018 Jun 24
2
Read-only Guests for Anti-Forensics
Hello. I'm interested in running guests as read-only to turn them into a
sort of virtualized "live=cd". The goal is to leave no forensic evidence
on the host disk or virtual one which would lead to traces on the host
still- similar to how TAILS works but with the added convenince and
flexibility of running in a VM. If I set the qcow image to read-only as
per the manual, will any
2018 Feb 28
3
Libvirt supported qemu-ga commands
Where can I find the full list of libvirt supported qemu-ga commands?
The docs [0] imply virDomainQemuAgentCommand bypasses libvirt and is not
recommended.
I am looking to pass suspend/resume events from the host to the guest
and then have the guest act on this internally. Your help is appreciated.
[0] https://wiki.libvirt.org/page/Qemu_guest_agent
2018 Aug 10
4
Efficacy of jitterentropy RNG on qemu-kvm Guests
Hello. I'm a distro maintainer and was wondering about the efficacy of
entropy daemons like haveged and jitterentropyd in qemu-kvm. One of the
authors of haveged [0] pointed out if the hardware cycles counter is
emulated and deterministic, and thus predictible. He therefore does not
recommend using HAVEGE on those systems. Is this the case with KVM's
counters?
PS. I will be setting VM CPU
2007 Mar 06
3
Time Change: Centos-immune?
hey all,
I perused my inbox looking for this subject, but not finding it,
-anything I need to keep my server farm of 60 centos servers (that all
run ntp) going smoothly during this next time change on March 11?
I noticed on the w2k side my IT staff have to do some scrambling, heh,
but that's expected.
Any action required?
-karlski
2020 Jun 23
6
Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace)
On Tue, Jun 23, 2020 at 04:59:14PM +0200, Joerg Roedel wrote:
> On Tue, Jun 23, 2020 at 04:53:44PM +0200, Peter Zijlstra wrote:
> > +noinstr void idtentry_validate_ist(struct pt_regs *regs)
> > +{
> > + if ((regs->sp & ~(EXCEPTION_STKSZ-1)) ==
> > + (_RET_IP_ & ~(EXCEPTION_STKSZ-1)))
> > + die("IST stack recursion", regs, 0);
> > +}
2000 Feb 24
1
Making password driven SSH 'immune' to MTM attacks.
[I know this is the 'port' list, but I can't find a better place to post
this, and with the garbage going on @slashdot I figured I'd get this out.
This belongs on sci.crypt or a general OpenSSH mailing list]
First, a quick rehash of stuff everyone here already knows,
OpenSSH can use two major forms of authentication:
1. Password
2. RSA keys
The RSA method is good because it
2018 Mar 01
1
Re: Libvirt supported qemu-ga commands
Daniel P. Berrangé:
> On Wed, Feb 28, 2018 at 11:13:46PM +0000, procmem wrote:
>> Where can I find the full list of libvirt supported qemu-ga commands?
>> The docs [0] imply virDomainQemuAgentCommand bypasses libvirt and is not
>> recommended.
>>
>> I am looking to pass suspend/resume events from the host to the guest
>> and then have the guest act on this
2018 Aug 16
1
Re: Efficacy of jitterentropy RNG on qemu-kvm Guests
Martin Kletzander:
> On Fri, Aug 10, 2018 at 08:33:00PM +0000, procmem wrote:
>> Hello. I'm a distro maintainer and was wondering about the efficacy of
>> entropy daemons like haveged and jitterentropyd in qemu-kvm. One of the
>> authors of haveged [0] pointed out if the hardware cycles counter is
>> emulated and deterministic, and thus predictible. He therefore does
2004 Aug 21
1
Number and name for SIP extension at the same time ?
Hi,
I'd like to have local extensions accessible through SIP uri (like
Joe@company.com), but at the same time for convenince to be also extension
with number (like 100) for more convenient dialing thought softphones that
support only numeric keys.
Can this be done ? Since I'm newbie, I'd really appreciate small example...
Thanks in advance,
regards,
Robert.
2019 Oct 05
2
Emulated TPM doesn't work on Debian Buster
Hi. I am very interested in the security properties a totally open TPM
can give our users? - its use as a universal smartcard to protect all
types of keys. When adding the virtual 1.2 or 2.0 TPM I get the vague
error below. OS is Debian stable with standard packages.
Error starting domain: Unable to find 'swtpm' binary in $PATH: No such
file or directory
Traceback (most recent call
2020 Jun 23
0
Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace)
On 23/06/2020 16:23, Peter Zijlstra wrote:
> On Tue, Jun 23, 2020 at 04:59:14PM +0200, Joerg Roedel wrote:
>> On Tue, Jun 23, 2020 at 04:53:44PM +0200, Peter Zijlstra wrote:
>>> +noinstr void idtentry_validate_ist(struct pt_regs *regs)
>>> +{
>>> + if ((regs->sp & ~(EXCEPTION_STKSZ-1)) ==
>>> + (_RET_IP_ & ~(EXCEPTION_STKSZ-1)))
2020 Jun 23
2
Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace)
On Tue, Jun 23, 2020 at 04:39:26PM +0100, Andrew Cooper wrote:
> On 23/06/2020 16:23, Peter Zijlstra wrote:
> > On Tue, Jun 23, 2020 at 04:59:14PM +0200, Joerg Roedel wrote:
> >> Yes, this is a start, it doesn't cover the case where the NMI stack is
> >> in-between, so I think you need to walk down regs->sp too.
> > That shouldn't be possible with the
2005 Nov 09
3
dataframe without repetition
Hello,
with a data.frame like this :
> toto <-
data.frame(id=c("id1","id1","id2","id3","id3","id3"),dpt=c("13","13","34","30","30","30"))
> toto
id dpt
1 id1 13
2 id1 13
3 id2 34
4 id3 30
5 id3 30
6 id3 30
what is the most efficient ways to obtain :
id
2018 Jun 26
0
Re: Read-only Guests for Anti-Forensics
On Sun, Jun 24, 2018 at 23:29:13 +0000, procmem wrote:
> Hello. I'm interested in running guests as read-only to turn them into a
> sort of virtualized "live=cd". The goal is to leave no forensic evidence
> on the host disk or virtual one which would lead to traces on the host
> still- similar to how TAILS works but with the added convenince and
> flexibility of
2020 Oct 01
3
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
hi,
On 10/1/20 12:21 AM, JEAN-PAUL CHAPALAIN wrote:
> I had the same problem when migrating from Dovecot V2.2.36 on, Centos-7 to?Dovecot v2.3.8 on Centos-8
My report is specifically/solely about the addition/use of the
Options = ServerPreference
parameter.
I don't see that in your configuration.
Are you using it? In a config using Dovecot's submission proxy?
2015 Mar 18
4
leap second and Centos
On Fri, Mar 6, 2015 at 2:04 PM, Gordon Messmer <gordon.messmer at gmail.com> wrote:
> On 03/06/2015 01:41 PM, Les Mikesell wrote:
>>
>> I just want the package revisions for at least the kernel and tzdata*
>> files and anything else where previously-found bugs related to the
>> leap second have been fixed.
>
>
> https://access.redhat.com/articles/15145
In
2005 Aug 17
3
Echo cancellation again ...
I have been reading with great interest the posts on trouble shooting
echo cancellation with *. Is it just coincidence that all of this
discussion has been with analog lines. Are PRI's susceptible to echo
problem like POTS lines.
Thanks for clearing this up.
Alan
2019 Aug 13
2
Loop optimization
Thanks a lot for your help.
Indeed if I compile with -OZ the loop gets replaced with something like this:
if ( *v3 < 0 )
v4 = 0;
Is there a reason why it does not get applied with O3 ?
I mean this a huge improvement to the loop.
-----Original Message-----
From: Doerfert, Johannes [mailto:jdoerfert at anl.gov]
Sent: Dienstag, 13. August 2019 19:13
To: llvm-dev at lists.llvm.org; Garba
2018 Feb 28
1
QEMU guest-agent safety in hostile VM?
Hi. Is it still considered risky to use the QEMU guest agent in an
untrusted guest? A warning on these lines was written in the manual a
few years back when the feature made its debut. I wanted to know if it
was hardened since.