On Sun, Jun 19, 2016 at 3:05 PM, Andrew David Wong <a...@qubes-os.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 2016-06-18 14:54, IX4 Svs wrote: > > Qubes R3.1, Fedora 23 template, fully updated. > > > > I launch a new disposable Firefox, which creates a new DispVM and > > displays [disp42] in the Firefox window title. All normal so far. > > > > I hit CTRL+t to open a new Firefox tab and - I can't believe my > > eyes - the "new tab" page is full of thumbnails of web pages I have > > visited in other DispVMs, which have long been shut down. > > > > sudo xl list from dom0 confirms disp42 is the only DispVM currently > > running. > > > > How can such data leakage from one DispVM to another be possible? > > Yes, I am adamant, 100% certain that I have not visited the web > > sites showing up in the "new tab" page from the TemplateVM that my > > DispVM is based upon. > > > > Any thoughts? > > > > Thanks, > > > > Alex > > > > Does it persist even after you regenerate the DVM template? > > $ qvm-create-default-dvm --default-template > > - -- > Andrew David Wong (Axon) > Community Manager, Qubes OS > https://www.qubes-os.org > -----BEGIN PGP SIGNATURE----- > > iQIbBAEBCgAGBQJXZqaPAAoJENtN07w5UDAw1q4P93qCkIHgR9tuHihwKjt7nhIZ > TbW4kErvpKEIyUKxCIXlb8J2Chv+NoEv4oYGwjqnaWIMcQaa4kODZOtxm75IKJft > AHNg+SOWgUqSLvQ8f2dd0Z7E/8kz8xo0svdoiK/OOMD1g38DUCw6S0/jofFfiDUo > I0y9skQW/i/0OBNEyqX9qNl6IjMM+pIlfp5hTV5xqgw7P1Bxli1UlmJC7lxdjxjA > Bw94PMewThF+pnpteQMpmEGlGNlY5eHTgQTPzDppEq0G2M9k1rJaJ2QaUY/GlqMc > k3UCk7AHlA9TZFclAfXYxEvNgdZ8mstb1VnA2AXi4M9b0V/23Y9MZ7RyAgXA1VnA > x6Ca5d4LK+PDN3ElT1g1SX+6NL+CbkbckKMt0pKhfFi8twyiLotbD9BvChQwlFFS > dz85/1MrLepLpAQ2JuDHGU/KkThnUyX+vKgNZFk6zslBZe7iOBEYBgq7Z2Wpwm3G > l1qb91FBNiC9nQ0XY7cBRj5+btqM9BvY7VhujpiUqOyBjLZu17mcw28XqzdLjn6Q > aIQICm0Fi1sUgY45XYNzyp/FSIPj7X2ZaVwm2ZS91UGwvXPQNPglFOz+UjvFJR3X > C0dqnqqO1o78fU8uH98pfrO/4bvZMxbUMgqM70RhtaSs6heoMpRDQtVSnYggW+fH > fZbyHqC3wVsV21kfILw= > =U5LR > -----END PGP SIGNATURE----- > > I have not tried the nuclear option - I was hoping to find the cause of such a massive leak now that it's happening so that it can be fixed for all Qubes users. What logs would I need to look into? Should I start a DispVM in debug mode from dom0's terminal and look at the console output? /var/log/xen/console/guest-disp43.log interestingly says: [ 18.935022] xen:grant_table: Grant tables using version 1 layout [ 18.935022] Using NULL legacy PIC [ 18.935022] PM: noirq restore of devices complete after 0.071 msecs [ 18.935022] PM: early restore of devices complete after 0.040 msecs [ 18.962927] PM: restore of devices complete after 24.821 msecs [ 18.962977] Restarting tasks ... done. [ 19.046997] Setting capacity to 20971520 [ 19.260713] EXT4-fs error (device dm-0): ext4_mb_generate_buddy:757: group 49, block bitmap and bg descriptor inconsistent: 2 vs 1 free clusters [ 19.260915] EXT4-fs error (device dm-0): ext4_mb_generate_buddy:757: group 50, block bitmap and bg descriptor inconsistent: 1611 vs 1612 free clusters [ 19.261198] JBD2: Spotted dirty metadata buffer (dev = dm-0, blocknr = 0). There's a risk of filesystem corruption in case of system crash. [ 19.648563] EXT4-fs error (device dm-0): ext4_lookup:1588: inode #927: comm cupsd: deleted inode referenced: 647 [ 50.944638] EXT4-fs error (device dm-0): ext4_lookup:1588: inode #927: comm cupsd: deleted inode referenced: 647 [ 308.780561] EXT4-fs error (device dm-0): ext4_lookup:1588: inode #524291: comm dnf: deleted inode referenced: 524305 ..but I can't think of how filesystem corruption would lead to data leaking between DispVMs. Alex -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to firstname.lastname@example.org. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAEe-%3DTdrWCrY3ax0UiU6nnhvxGoD096hN3zfx72ORLBkbkJd9g%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.