Re: VIMAGE + pf security fix?
On Thu, Nov 20, 2014 at 10:07 AM, Craig Rodrigues rodr...@freebsd.org wrote: On Wed, Nov 19, 2014 at 6:05 AM, Bjoern A. Zeeb b...@freebsd.org wrote: For people to use pf with VIMAGE we first MUST have the security fix imported that I pointed out a couple of times in the past. At this link: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3830 I see the security issue mentioned, but I can't find the patch that fixes the problem. Where is the patch? I read this link: http://esec-lab.sogeti.com/post/2010/12/09/CVE-2010-3830-iOS-4.2.1-packet-filter-local-kernel-vulnerability and I think this is the fix: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_ioctl.c?rev=1.236content-type=text/x-cvsweb-markup but I can't even apply that patch to our pf_ioctl.c. -- Craig ___ freebsd-virtualization@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to freebsd-virtualization-unsubscr...@freebsd.org
Re: 'repz' instruction not supported.
Hi Ashutosh, On Wed, Nov 19, 2014 at 10:30 PM, Ashutosh Kumar mrashut...@hotmail.com wrote: Hi We have found that emulation of 'repz' instruction is not supported in bhyve. This is causing VM_EXIT for Guest OS. Do we have plans to add support for instructions like 'repz'. 'repz' is actually an instruction prefix. The two instructions with which 'repz' is allowed are 'cmps' and 'scas'. Both these instructions typically don't need to be emulated since they operate on strings in regular guest memory. Is your guest emitting these instructions to access MMIO? Can you share an objdump with the offending instructions? best Neel RegardsAshutosh ___ freebsd-virtualization@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to freebsd-virtualization-unsubscr...@freebsd.org ___ freebsd-virtualization@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to freebsd-virtualization-unsubscr...@freebsd.org
RE: 'repz' instruction not supported.
Yes you are right 'repz' prefixes is added to the ‘cmps’ and 'scas' instructions. The actual opcode is “F3 A5” which is ‘rep movs’ (disassembly is showing ‘repz’). Yes the guest is emitting these instructions to access MMIO (local apic) RegardsAshutosh Date: Fri, 21 Nov 2014 00:08:15 -0800 Subject: Re: 'repz' instruction not supported. From: neeln...@gmail.com To: mrashut...@hotmail.com CC: freebsd-virtualization@freebsd.org Hi Ashutosh, On Wed, Nov 19, 2014 at 10:30 PM, Ashutosh Kumar mrashut...@hotmail.com wrote: Hi We have found that emulation of 'repz' instruction is not supported in bhyve. This is causing VM_EXIT for Guest OS. Do we have plans to add support for instructions like 'repz'. 'repz' is actually an instruction prefix. The two instructions with which 'repz' is allowed are 'cmps' and 'scas'. Both these instructions typically don't need to be emulated since they operate on strings in regular guest memory. Is your guest emitting these instructions to access MMIO? Can you share an objdump with the offending instructions? best Neel RegardsAshutosh ___ freebsd-virtualization@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to freebsd-virtualization-unsubscr...@freebsd.org ___ freebsd-virtualization@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to freebsd-virtualization-unsubscr...@freebsd.org
Re: VIMAGE + pf security fix?
On 21 Nov 2014, at 08:06 , Craig Rodrigues rodr...@freebsd.org wrote: On Thu, Nov 20, 2014 at 10:07 AM, Craig Rodrigues rodr...@freebsd.org wrote: On Wed, Nov 19, 2014 at 6:05 AM, Bjoern A. Zeeb b...@freebsd.org wrote: For people to use pf with VIMAGE we first MUST have the security fix imported that I pointed out a couple of times in the past. At this link: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3830 I see the security issue mentioned, but I can't find the patch that fixes the problem. Where is the patch? I read this link: http://esec-lab.sogeti.com/post/2010/12/09/CVE-2010-3830-iOS-4.2.1-packet-filter-local-kernel-vulnerability and I think this is the fix: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_ioctl.c?rev=1.236content-type=text/x-cvsweb-markup but I can’t even apply that patch to our pf_ioctl.c. to my best knowledge we have never pulled a fix for this in. The last “sync” of pf was way before that vulnerability (unless I completely missed something). — Bjoern A. Zeeb Come on. Learn, goddamn it., WarGames, 1983 ___ freebsd-virtualization@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to freebsd-virtualization-unsubscr...@freebsd.org
Re: VIMAGE + pf security fix?
On Fri, Nov 21, 2014 at 10:52:05AM +, Bjoern A. Zeeb wrote: On 21 Nov 2014, at 08:06 , Craig Rodrigues rodr...@freebsd.org wrote: On Thu, Nov 20, 2014 at 10:07 AM, Craig Rodrigues rodr...@freebsd.org wrote: On Wed, Nov 19, 2014 at 6:05 AM, Bjoern A. Zeeb b...@freebsd.org wrote: For people to use pf with VIMAGE we first MUST have the security fix imported that I pointed out a couple of times in the past. At this link: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3830 I see the security issue mentioned, but I can't find the patch that fixes the problem. Where is the patch? I read this link: http://esec-lab.sogeti.com/post/2010/12/09/CVE-2010-3830-iOS-4.2.1-packet-filter-local-kernel-vulnerability and I think this is the fix: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_ioctl.c?rev=1.236content-type=text/x-cvsweb-markup but I can?t even apply that patch to our pf_ioctl.c. to my best knowledge we have never pulled a fix for this in. The last ?sync? of pf was way before that vulnerability (unless I completely missed something). I'd be interested in helping to fix this, as I depend on this. ? Bjoern A. Zeeb Come on. Learn, goddamn it., WarGames, 1983 ___ freebsd-...@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org ___ freebsd-virtualization@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to freebsd-virtualization-unsubscr...@freebsd.org
Re: 'repz' instruction not supported.
Hi Ashutosh, On Fri, Nov 21, 2014 at 2:07 AM, Ashutosh Kumar mrashut...@hotmail.com wrote: Yes you are right 'repz' prefixes is added to the ‘cmps’ and 'scas' instructions. The actual opcode is “F3 A5” which is ‘rep movs’ (disassembly is showing ‘repz’). Yes the guest is emitting these instructions to access MMIO (local apic) Bummer. I was hoping that it was a prefix stuck by the compiler for optimization (that could be ignored): http://repzret.org/p/repzret/ In any case, the primitives you will need to emulate MOVS exist in vmm_instruction_emul.c. I don't have any plans to work on this but would be happy to review/submit the patch that does the emulation. best Neel Regards Ashutosh Date: Fri, 21 Nov 2014 00:08:15 -0800 Subject: Re: 'repz' instruction not supported. From: neeln...@gmail.com To: mrashut...@hotmail.com CC: freebsd-virtualization@freebsd.org Hi Ashutosh, On Wed, Nov 19, 2014 at 10:30 PM, Ashutosh Kumar mrashut...@hotmail.com wrote: Hi We have found that emulation of 'repz' instruction is not supported in bhyve. This is causing VM_EXIT for Guest OS. Do we have plans to add support for instructions like 'repz'. 'repz' is actually an instruction prefix. The two instructions with which 'repz' is allowed are 'cmps' and 'scas'. Both these instructions typically don't need to be emulated since they operate on strings in regular guest memory. Is your guest emitting these instructions to access MMIO? Can you share an objdump with the offending instructions? best Neel RegardsAshutosh ___ freebsd-virtualization@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to freebsd-virtualization-unsubscr...@freebsd.org ___ freebsd-virtualization@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to freebsd-virtualization-unsubscr...@freebsd.org
Re: Patch to virt-manager port for bhyve
On Fri, Aug 15, 2014 at 4:26 PM, Craig Rodrigues rodr...@freebsd.org wrote: Jason, Can you apply this patch to the virt-manager port: https://people.freebsd.org/~rodrigc/libvirt/patch-virtmanager-bhyve.txt This allows using virt-manager to start a bhyve VM. I gave a presentation on this at Bay Area FreeBSD Users Group (BAFUG) recently: http://www.slideshare.net/CraigRodrigues1/libvirt-bhyve Roman Bogorodskiy has pushed a similar patch upstream, but the upstream virt-manager code now depends on gtk3, and we don't fully have that supported in ports yet. Getting the newer virt-manager in ports with gtk3 supported is a big job, that I don't have the bandwidth for right now, but this patch helps a lot. Thanks! -- Craig Can you please send a new patch to me. I've updated the port to 1.1.0 and would be willing to add this in. Additionally, feel free to submit this patch upstream. Thanks! -jgh -- Jason Helfman | FreeBSD Committer j...@freebsd.org | http://people.freebsd.org/~jgh | The Power to Serve ___ freebsd-virtualization@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to freebsd-virtualization-unsubscr...@freebsd.org
Re: centos 4 bhyve guest
Does anyone have an experience on booting CentOS 4 as a bhyve guest? This should now be partly fixed with grub2-bhyve 0.30 (the latest version in ports). I've tried the 4.8 x86_64 install DVD and booted with a single vCPU guest. SMP isn't yet working. 4.8/i386 has issues with the atpic and detecting PCI devices that I'm still looking into. With 4.8, I used ahci-hd for disks since there seemed to be sporadic issues with virtio-blk. In addition, 5.11 now seems to work fine, UP/SMP and with virtio-blk. later, Peter. ___ freebsd-virtualization@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to freebsd-virtualization-unsubscr...@freebsd.org