On 2020-08-01 18:02, Marek Marczykowski-Górecki wrote:
>> In most KVM setups that I know of, the kernel network stack is
>> considered trusted. That’s a reasonable assumption for production
>> servers, which have server-grade NICs and are behind enterprise
>> routers, but not for Qubes.
>
> TBH I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sat, Aug 01, 2020 at 11:35:40AM -0400, Demi M. Obenour wrote:
> Earlier this year, Linux changed its startup procedure on UEFI systems,
> so that all PCI devices behind bridges are not able to DMA until Linux
> has setup its IOMMU mappings. This
On 2020-08-01 11:32, Demi M. Obenour wrote:
> We could also reimplement the Xen netfront/netback protocols on top
> of KVM shared memory. Future versions of KVM might even have direct
> support for Xen paravirtualized drivers.
To avoid any confusion, I am not talking about running Xen on top of
K
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sat, Aug 01, 2020 at 11:32:36AM -0400, Demi M. Obenour wrote:
> On 2020-08-01 07:59, Marek Marczykowski-Górecki wrote:
> > On Fri, Jul 31, 2020 at 02:17:05PM -0700, Jason M wrote:
> >> I then looked into alternatives to prevent my complete departu
On Saturday, 1 August 2020 12:23:21 UTC-4, Chris Laprise wrote:
>
> On 7/31/20 5:17 PM, Jason M wrote:
> >
> > I have begun work on porting Qubes to work within a KVM host. I need a
> > development environment that can utilize the cuda cores on a secondary
> > Nvidia RTX GPU and also prefer t
On 7/31/20 5:17 PM, Jason M wrote:
I have begun work on porting Qubes to work within a KVM host. I need a
development environment that can utilize the cuda cores on a secondary
Nvidia RTX GPU and also prefer to be able to utilize the graphics card.
Hi Jason,
Slightly OT question: Is there a
WoW,
It is really nice to have someone working on this!
On 2020-08-01 17:39, Jason M wrote:
>
>
> One thing to consider is also enabling memory deduplication in KVM
> (KSM). This should nicely save memory when running multiple similar
> VMs,
> but at the same time is risky in li
On Saturday, August 1, 2020 at 7:59:28 a.m. UTC-4
marm...@invisiblethingslab.com wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> On Fri, Jul 31, 2020 at 02:17:05PM -0700, Jason M wrote:
> > I then looked into alternatives to prevent my complete departure from
> > Qubes. Marek
Earlier this year, Linux changed its startup procedure on UEFI systems,
so that all PCI devices behind bridges are not able to DMA until Linux
has setup its IOMMU mappings. This works because the UEFI drivers
also use the IOMMU, and Linux can disable bus mastering on PCI bridges
before telling the
On 2020-08-01 07:59, Marek Marczykowski-Górecki wrote:
> On Fri, Jul 31, 2020 at 02:17:05PM -0700, Jason M wrote:
>> I then looked into alternatives to prevent my complete departure from
>> Qubes. Marek told me about DomB, which is now in its design stages. It
>> would allow me to statically pa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Fri, Jul 31, 2020 at 02:17:05PM -0700, Jason M wrote:
> I then looked into alternatives to prevent my complete departure from
> Qubes. Marek told me about DomB, which is now in its design stages. It
> would allow me to statically partition my
11 matches
Mail list logo
