On Fri, Nov 27, 2020 at 8:04 PM Catangiu, Adrian Costin
wrote:
> On 27/11/2020 20:22, Jann Horn wrote:
> > On Fri, Nov 20, 2020 at 11:29 PM Jann Horn wrote:
> >> On Mon, Nov 16, 2020 at 4:35 PM Catangiu, Adrian Costin
> >> wrote:
> >>> This patch is a driv
[resend in the hope that amazon will accept my mail this time instead
of replying "550 Too many invalid recipients" again]
On Fri, Nov 20, 2020 at 11:29 PM Jann Horn wrote:
> On Mon, Nov 16, 2020 at 4:35 PM Catangiu, Adrian Costin
> wrote:
> > This patch is a driver th
On Mon, Nov 16, 2020 at 4:35 PM Catangiu, Adrian Costin
wrote:
> This patch is a driver that exposes a monotonic incremental Virtual
> Machine Generation u32 counter via a char-dev FS interface that
> provides sync and async VmGen counter updates notifications. It also
> provides VmGen counter
On Sat, Oct 17, 2020 at 8:09 PM Alexander Graf wrote:
> There are applications way beyond that though. What do you do with
> applications that already consumed randomness? For example a cached pool
> of SSL keys. Or a higher level language primitive that consumes
> randomness and caches its seed
On Sat, Oct 17, 2020 at 8:44 AM Willy Tarreau wrote:
> On Sat, Oct 17, 2020 at 07:52:48AM +0200, Jann Horn wrote:
> > On Sat, Oct 17, 2020 at 7:37 AM Willy Tarreau wrote:
> > > On Sat, Oct 17, 2020 at 07:01:31AM +0200, Jann Horn wrote:
> > > > Microsoft
On Sat, Oct 17, 2020 at 7:37 AM Willy Tarreau wrote:
> On Sat, Oct 17, 2020 at 07:01:31AM +0200, Jann Horn wrote:
> > Microsoft's documentation
> > (http://go.microsoft.com/fwlink/?LinkId=260709) says that the VM
> > Generation ID that we get after a fork "is a 128-
On Sat, Oct 17, 2020 at 6:34 AM Colm MacCarthaigh wrote:
> On 16 Oct 2020, at 21:02, Jann Horn wrote:
> > On Sat, Oct 17, 2020 at 5:36 AM Willy Tarreau wrote:
> > But in userspace, we just need a simple counter. There's no need for
> > us to worry about anything else, like t
On Sat, Oct 17, 2020 at 5:36 AM Willy Tarreau wrote:
> On Sat, Oct 17, 2020 at 03:40:08AM +0200, Jann Horn wrote:
> > [adding some more people who are interested in RNG stuff: Andy, Jason,
> > Theodore, Willy Tarreau, Eric Biggers. also linux-api@, because this
> >
[adding some more people who are interested in RNG stuff: Andy, Jason,
Theodore, Willy Tarreau, Eric Biggers. also linux-api@, because this
concerns some pretty fundamental API stuff related to RNG usage]
On Fri, Oct 16, 2020 at 4:33 PM Catangiu, Adrian Costin
wrote:
> - Background
>
> The VM
Hi!
I have noticed that when a QEMU build from git master is started with
"-seccomp on", the seccomp policy is only applied to the main thread,
the vcpu worker thread and the VNC thread (I'm using VNC in my
config); the seccomp policy is not applied to e.g. the RCU thread
because it is created
On Sun, Jul 15, 2018 at 11:18 PM Peter Maydell wrote:
>
> On 15 July 2018 at 20:50, Jann Horn via Qemu-devel
> wrote:
> > I noticed that when I build QEMU from git for the first time, it pulls
> > in submodules over the insecure git:// protocol - in other words, as
> >
Hi!
I noticed that when I build QEMU from git for the first time, it pulls
in submodules over the insecure git:// protocol - in other words, as
far as I can tell, if I'm e.g. on an open wifi network while building
QEMU for the first time, even if I cloned the main repository over
https, anyone
This is an issue in QEMU's system emulation for X86 in TCG mode.
The issue permits an attacker who can execute code in guest ring 3
with normal user privileges to inject code into other processes that
are running in guest ring 3, in particular root-owned processes.
== reproduction steps ==
-
On Fri, Mar 3, 2017 at 4:56 PM, Peter Maydell wrote:
> On 3 March 2017 at 14:54, Eric Blake wrote:
>>> +ret = -TARGET_EFAULT;
>>> +break;
>>> +}
>>> argp = alloca((argc + 1) * sizeof(void *));
from
>> a user program, as large number of them could lead to a bad
>> guest address error.
>>
>> Reported-by: Jann Horn <ja...@google.com>
>> Signed-off-by: Prasad J Pandit <p...@fedoraproject.org>
>> ---
>> linux-user/syscall.c | 7 +++
>&
On Fri, Feb 24, 2017 at 4:23 PM, Eric Blake wrote:
> On 02/24/2017 04:34 AM, Greg Kurz wrote:
>> On Thu, 23 Feb 2017 15:10:42 +
>> Stefan Hajnoczi wrote:
>>
>>> On Mon, Feb 20, 2017 at 03:42:19PM +0100, Greg Kurz wrote:
The local_chmod() callback
On Thu, Feb 23, 2017 at 4:02 PM, Eric Blake wrote:
> On 02/20/2017 08:40 AM, Greg Kurz wrote:
>> All operations dealing with extended attributes are vulnerable to symlink
>> attacks because they use path-based syscalls which can traverse symbolic
>> links while walking through
17 matches
Mail list logo