Re: [qubes-users] Re: QSB #37: Information leaks due to processor speculative execution bugs (XSA-254, Meltdown & Sepctre)

2018-01-13 Thread cooloutac
On Friday, January 12, 2018 at 5:24:25 AM UTC-5, haaber wrote: > >> > >> so people saying the intel meltdown bios patch slows performance. I got > >> an increase in performance lmao. probably depends on os though. > > > > but also in my particular case they also addressed other bugs, but

[qubes-users] GPU?

2018-01-13 Thread Rory
Is qubes able to use the computing power of the gpu or is the type of gpu installed a waste in this issue? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to

[qubes-users] Re: No more boot after update

2018-01-13 Thread Bertrand Lec
Le samedi 13 janvier 2018 19:44:54 UTC+1, cooloutac a écrit : > On Saturday, January 13, 2018 at 1:37:57 PM UTC-5, Bertrand Lec wrote: > > Hello, > > > > I'm fresh installing Qubes R3.2 on my desktop PC, aside from Ubuntu. > > The PC is configured with UEFI. > > > > The installation goes well.

[qubes-users] Re: Basic setup verification tests for correct setup? VT-d? Other?

2018-01-13 Thread velcro
Thank you, a lot quicker results...the results were: XEN Intel VT-d iommu 0 supported page sizes: 4kB XEN Intel VT-d iommu 1 supported page sizes: 4kB XEN Intel VT-d Snoop Control not enabled XEN Intel VT-d Dom0 DMA Passthrough not enabled XEN Intel VT-d Queued Invalidation enabled XEN Intel VT-d

Re: [qubes-users] Re: Basic setup verification tests for correct setup? VT-d? Other?

2018-01-13 Thread 'awokd' via qubes-users
On Sat, January 13, 2018 8:32 pm, vel...@tutamail.com wrote: > Thank you, a lot quicker results...the results were: > > > XEN Intel VT-d iommu 0 supported page sizes: 4kB > XEN Intel VT-d iommu 1 supported page sizes: 4kB > XEN Intel VT-d Snoop Control not enabled > XEN Intel VT-d Dom0 DMA

[qubes-users] Re: No more boot after update

2018-01-13 Thread Bertrand Lec
Le samedi 13 janvier 2018 20:10:39 UTC+1, Bertrand Lec a écrit : > Le samedi 13 janvier 2018 19:44:54 UTC+1, cooloutac a écrit : > > On Saturday, January 13, 2018 at 1:37:57 PM UTC-5, Bertrand Lec wrote: > > > Hello, > > > > > > I'm fresh installing Qubes R3.2 on my desktop PC, aside from Ubuntu.

[qubes-users] No more boot after update

2018-01-13 Thread Bertrand Lec
Hello, I'm fresh installing Qubes R3.2 on my desktop PC, aside from Ubuntu. The PC is configured with UEFI. The installation goes well. At that time, I can reboot directly to Qubes. However, after I update dom0, Qubes refuse to reboot. The boot is done to Ubuntu. Even when I choose to boot

Re: [qubes-users] Re: QSB #37: Information leaks due to processor speculative execution bugs (XSA-254, Meltdown & Sepctre)

2018-01-13 Thread Vít Šesták
On Saturday, January 13, 2018 at 1:19:18 PM UTC+1, Vincent Adultman wrote: > IIUC this still seems fairly awful from a usability perspective if we think > of the added cognitive load of watching what is running when and remembering > or making choices on what to close / restart when (I'm reading

[qubes-users] Re: No more boot after update

2018-01-13 Thread cooloutac
On Saturday, January 13, 2018 at 1:37:57 PM UTC-5, Bertrand Lec wrote: > Hello, > > I'm fresh installing Qubes R3.2 on my desktop PC, aside from Ubuntu. > The PC is configured with UEFI. > > The installation goes well. At that time, I can reboot directly to Qubes. > > However, after I update

Re: [qubes-users] Re: QSB #37: Information leaks due to processor speculative execution bugs (XSA-254, Meltdown & Sepctre)

2018-01-13 Thread Vít Šesták
I have one more idea: The Vixen patch could be useful for VMs with PCI devices. Memory balooning is not supported there anyway. QEMU in dom0 looks ugly, but this case is a bit different: AFAIU, the attacker can directly talk to QEMU if and only if she has escaped from PV. Maybe it is not nice,

[qubes-users] Re: Basic setup verification tests for correct setup? VT-d? Other?

2018-01-13 Thread Yethal
W dniu sobota, 13 stycznia 2018 20:52:44 UTC+1 użytkownik vel...@tutamail.com napisał: > I am hoping some folks can help me with some basic tests and commands to > verify my Qubes 3.2 is set up correctly: > > I ran a qubes command in Dom0 to verify if VT-d is >

[qubes-users] Basic setup verification tests for correct setup? VT-d? Other?

2018-01-13 Thread velcro
I am hoping some folks can help me with some basic tests and commands to verify my Qubes 3.2 is set up correctly: I ran a qubes command in Dom0 to verify if VT-d is working(https://www.qubes-os.org/doc/security-guidelines/): qubes-hcl-report AppVM (Name of "AppVM" I was running) The results

AW: [qubes-users] Re: Qubes Manager is coming back in Qubes 4.0-rc4!

2018-01-13 Thread '[799]' via qubes-users
Andrew David Wong wrote: > Specifically, it will not duplicate functionality > that is already provided by the new 4.0 > widgets. Specific examples include attaching > and detaching block devices, attaching and > detaching the microphone, and VM CPU > usage. Great news that the Qubes Manager

Re: [qubes-users] Qubes 3.2 UEFI install media

2018-01-13 Thread tani . langfingaz
On Tuesday, 11 July 2017 10:49:20 UTC+2, Stephan Marwedel wrote: > I was able to determine the cause of the problem. After having changed > the label by editing xen.cfg as described the following needs to be done > in addition before the media can be used on an UEFI system to install Qubes: >

Re: [qubes-users] Running Windows from Qubes VM ?

2018-01-13 Thread msgheap
On Saturday, January 13, 2018 at 2:49:45 PM UTC+7, ThierryIT wrote: > Hi, > Seems to work better even if I am still not able to boot my windows. > With "fdisk" I can see that my bootable HDD is "sdc1". > From Dom0, when doing a : qvm-start vm-test --hddisk /dev/sdc1, I do have a > popup from my

Re: [qubes-users] Running Windows from Qubes VM ?

2018-01-13 Thread 'awokd' via qubes-users
On Sat, January 13, 2018 7:49 am, ThierryIT wrote: > Hi, > Seems to work better even if I am still not able to boot my windows. > With "fdisk" I can see that my bootable HDD is "sdc1". > From Dom0, when doing a : qvm-start vm-test --hddisk /dev/sdc1, I do have > a popup from my Windows drive. > >

Re: [qubes-users] Re: QSB #37: Information leaks due to processor speculative execution bugs (XSA-254, Meltdown & Sepctre)

2018-01-13 Thread 'Vincent Adultman' via qubes-users
>> Only running VMs are vulnerable >> >> Since Qubes OS is a memory-hungry system, it seems that an attacker >> would only be able to steal secrets from VMs running concurrently with >> the attacking VM. This is because any pages from shutdown VMs will >> typically very quickly get allocated to

Re: [qubes-users] Re: memory management in dom0 ?

2018-01-13 Thread Vít Šesták
> My dom0 has no swap, I didn't disable it, it just never had any. > I guess thats because in the installer I didn't assign any swap partition. Not optimal IMHO, but it simplifies this case. > > * How much of memory does the AppVM use? > > I looked at it at the time I got repeated crashes, it

Re: [qubes-users] Re: QSB #37: Information leaks due to processor speculative execution bugs (XSA-254, Meltdown & Sepctre)

2018-01-13 Thread Vít Šesták
> There are two shims: PV-in-HVM aka Vixen and PV-in-PVH aka Comet. Both have limitations making them incompatible (or at least suboptimal) in Qubes Marek, thanks for the clarification. So, IIUC, Vixien's shim is no-go and Comet's shim would do the same (but at higher cost) as migration to PVH

[qubes-users] Re: how to reinstall template? (i think it's not enabled by repo)

2018-01-13 Thread velcro
No expert, but try: sudo yum remove qubes-template-whonix-ws then sudo qubes-dom0-update --enablerepo=qubes-templates-community \ qubes-template-whonix-ws You might have tried this but I had to do the whonix reinstall myself Source: https://www.qubes-os.org/doc/templates/

[qubes-users] HCL - HP ProBook 6565b

2018-01-13 Thread tsdelude
Type - Notebook HVM - Yes IOMMU - No SLAT - Yes TPM - Yes, present but untested Brand - HP Model - ProBook 6565b BIOS - Tried 68LTU Ver F.22 and F.64 CPU - AMD A4-3310MX GPU - AMD Radeon HD 6480G Network - Qualcomm Atheros AR9000 Series Memory - 8GB Qubes 3.2 - No Qubes 4.0-rc3 - No Qubes 3.2

Re: [qubes-users] how to reinstall template? (i think it's not enabled by repo)

2018-01-13 Thread Chris Laprise
On 01/13/2018 10:07 PM, jerr...@disroot.org wrote: the template is whonix-ws when running command sudo qubes-dom0-update --action=reinstall qubes-template-package-name it says no support for --downloadonly only 'install' and 'upgrade' i tried replacing reinstall with upgrade, says usage:

Re: [qubes-users] Re: Basic setup verification tests for correct setup? VT-d? Other?

2018-01-13 Thread velcro
Thank you awokd and Yethal...learned a lot! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send

[qubes-users] Just installed AEM(Anti-Evil-Made)...see an error:(

2018-01-13 Thread velcro
I have been running Qubes for a few months now, numerous 3.2 installs, most recent install was a month or so ago on the the same PC. I just installed AEM for the first time. Everything still works, however in my BIOS I had "enabled" the ability to see notes/alerts during boot. Before I

Re: [qubes-users] Re: QSB #37: Information leaks due to processor speculative execution bugs (XSA-254, Meltdown & Sepctre)

2018-01-13 Thread Doug M
On Saturday, January 13, 2018 at 10:50:11 AM UTC-8, Vít Šesták wrote: > I have one more idea: The Vixen patch could be useful for VMs with PCI > devices. Memory balooning is not supported there anyway. QEMU in dom0 looks > ugly, but this case is a bit different: AFAIU, the attacker can directly

[qubes-users] how to reinstall template? (i think it's not enabled by repo)

2018-01-13 Thread jerry57
the template is whonix-ws when running command sudo qubes-dom0-update --action=reinstall qubes-template-package-name it says no support for --downloadonly only 'install' and 'upgrade' i tried replacing reinstall with upgrade, says usage: yumdownloader, etc.. what do i write in command sudo

[qubes-users] Re: how to reinstall template? (i think it's not enabled by repo)

2018-01-13 Thread Kevin Martinsen
Do you just want a fresh copy of whonix? If so I would recommend deleting the old copy (qvm-remove) and then installing it again. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it,