Is it OK to see ”cat: broken pipe“ during update of the microcode package?
It still boots. Note that the machine has an AMD CPU.
Regards,
Vít Šesták 'v6ak'
On Wednesday, June 9, 2021 at 3:06:35 AM UTC+2 a...@qubes-os.org wrote:
> Dear Qubes Community,
>
> We have just published Qubes
to
eDP-1. As a result, it broke my screen configuration scripts, so that my
external screen was just scaled-up fullHD mirror of my laptop screen. But
the solution was pretty easy: just adjust the screen names in the scripts.
I have observed no other drawbacks so far.
Regards,
Vít Šesták 'v6ak
> security (exposing Dom0 to untrusted hardware).
IIUC:
1. Missing IOMMU also means a malicious DomU with a PCI device can attack dom0
through DMA.
2. Actually, IOMMU does not fully protect dom0 from a malicious hardware,
because a malicious hardware could alter the boot process.
--
You
at the time of writing… (Note the typo
in my previous post – I wrote “rc1” instead of “rc4”.)
Regards,
Vít Šesták 'v6ak'
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving
rowhammer test. Moreover,
rowhammer test might take some time...
Regards,
Vít Šesták 'v6ak'
Maybe top-posting is bad. However, quoting whole message (including quotes of
quotes and quotes of quotes of quotes etc.) before your message is even worse.
Please don't let others scroll extensively.
.
I see this approach is too late for Qubes4-rc1, but it could be useful for some
future release.
Regards,
Vít Šesták 'v6ak'
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails fro
is no other way.
Regards,
Vít Šesták 'v6ak'
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-devel+unsubscr...@googlegroups.com.
To post to th
On Thursday, January 18, 2018 at 11:25:11 AM UTC+1, Chris Laprise wrote:
> If this Xen 4.6 patch were more robust in protecting memory, I'd opt for
> it instead of upgrading Xen.
I believe that PVHs are more robust. But I'd prefer to stay conservative in
Qubes 3.2 and progressive in Qubes 4.0.
ity.
Also, the people who don't want the performance hit and cannot upgrade to Q4
can:
a. Disable the patch. (Reasonable on CPUs that aren't affected.)
b. Maybe migrate to HVMs?
If Spectre cannot be addressed via the third option, then the conclusion is not
so clear for me.
Regards,
Vít Šesták
, but it might be good to use this in, say, Qubes 4.1.
Regards,
Vít Šesták
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-devel+unsubscr...@google
Cool, this can allow us to test PVH without switching to Q4.1.
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-devel+unsubscr...@googlegroups.com.
To post
not sure how hard/easy it is, though.
Regards,
Vít Šesták 'v6ak'
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-devel+unsubscr...@google
Running in DispVM can prevent some class of attack that extracts data using
techniques like path traversal, XXE (hmm, …) or other attacks below RCE.
Regards,
Vít Šesták 'v6ak'
On Wednesday, November 15, 2017 at 12:07:21 AM UTC+1, Marek
Marczykowski-Górecki wrote:
>
> -BEGIN PGP
Do you mean Wayland in AppVMs, dom0, or in both?
For AppVMs, I don't care much while X11 is supported.
For dom0, it might be important for hardware support.
Regards,
Vít Šesták 'v6ak'
On Friday, November 17, 2017 at 8:20:33 PM UTC+1, Henry de Valence wrote:
>
> On Fri, Nov 17, 2017 at
is encrypted by a key that is held in memory only, so the whole
partition is protected in a similar way as dom0 swap.
Regards,
Vít Šesták 'v6ak'
On Tuesday, September 26, 2017 at 9:43:32 AM UTC+2, tai...@gmx.com wrote:
>
> It increases SSD wear and decreases privacy by writing temporar
) that disables all USB
devices in dom0, you are currently out of luck. While there are input proxies,
they will not currently work with touchscreen.
Regards,
Vít Šesták 'v6ak'
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubs
I agree with the change.
> If you do not reply with one month, we will assume that you consent to this
> change.
I am afraid this is not legally bulletproof.
Anyway, I wish you smooth transition to the new license.
Regards,
Vít Šesták 'v6ak'
--
You received this message becau
Hmm, copy action could be probably implemented by copying from selection, that
sounds rather OK for me.
But I still don't see how to implement paste.
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop
a different meaning there. The
copy/paste/cut keycodes would be a much more elegant solution if they were
supported.
2. How to prevent race conditions, e.g., copy from VM to dom0 happens before
text is copied from selection in the VM. Maybe there is some solution.
Regards,
Vít Šesták 'v6ak
be a challenge due to potential race conditions.
Regards,
Vít Šesták 'v6ak'
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-deve
Well, blockchain could be probably also used as a proof of freshness: Just add
some Blockchain-related data to the signed message.
Regards,
Vít Šesták 'v6ak'
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from
I don't see any extra exposure for dom0 there. Yes, there is some qrexec call
managed by dom0 (but handles by another AppVM) and this adds some (very very
marginal, thanks to qrexec simplicity) risk compared to not allowing any qrexec
call. However, there already are some other qrexec calls
applications, it does not seem to matter if I am using a 1GiB template or,
say, 100GiB template. The extra apps are unused, so I don't care about them.
* Package clash – I don't share this experience.
* Uninstalling – well, if you read the questions, you can get it.
Regards,
Vít Šesták 'v6ak'
--
You
Cool. Are you planning to make them available also for those that don't attend
CCC?
Regards,
Vít Šesták 'v6ak'
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, sen
interacts with
dom0.
Regards,
Vít Šesták 'v6ak'
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-devel+unsubscr...@googlegroups.com.
To post to this g
forgot it.
Regards,
Vít Šesták 'v6ak'
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-devel+unsubscr...@googlegroups.com.
To post to this g
, at least some
focus-stealing notification would also help. Focus-stealing is poartially
discussed in seemingly unrelated issue
https://github.com/QubesOS/qubes-issues/issues/1455 .
Regards,
Vít Šesták 'v6ak'
--
You received this message because you are subscribed to the Google Groups
"
nt: Assume that there is no use case for large vm.swappiness
in Qubes: f(usage_mem)/(1-swappiness/100)
b) Complex variant: Assume one might want higher swappiness, so add some
upper limit: min(f(usage_mem+usage_swap), f(usage_mem)/(1-swappiness/100))
Does this sound reasonable?
Regards,
t may force something else to be swapped out). So I think this
> problem still applies to some degree.
>
Why it would do so? If there is some extra memory and vm.swappiness==0, I
can't see a scenario for that (except those unrelated to swap).
Regards,
Vít Šesták 'v6ak'
--
Yo
.
b. My favourite hack sudo swapoff -a && sudo swapon -a would not work well.
Maybe some alternative could be found, though.
Regards,
Vít Šesták 'v6ak'
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this gro
state of this countermeasure?
Regards,
Vít Šesták 'v6ak'
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-devel+unsubscr...@googlegroups.co
My experience with swapiness (on non-Qubes): When having high swapiness, it
uses swap more than actually needed, sligtly slowing the system down. OTOH,
when having swapiness=0, it runs smoothly until RAM limit is reached. Then, it
suddenly freezes for few minutes.
Qubes doesn't look like
. If it is a critical issue, there will be a QSB for it.
Moreover, we still don't know the severity.
Regards,
Vít Šesták 'v6ak'
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubscribe from this group and stop receiving emails from it, sen
On Qubes 3.2, I have qubes-gui-dom0 and no update is available through
qubes-dom0-update.
BTW, after the update, is itt enough to kill (and restart by some command) all
guid processes?
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To
Thanks for the info.
On Sunday, September 11, 2016 at 9:00:46 PM UTC+2, Marek
Marczykowski-Górecki wrote:
>
> Take a look at discussion here:
> https://github.com/QubesOS/qubes-issues/issues/1784
>
I went through the discussion. Is there anything specific I should note?
In short: no,
not break anything. If Plastik works OK for others, I'll have to find out
what is broken on my machine. If Plastik is not supposed to work well ATM,
I'll probably send a pull request.)
Regards,
Vít Šesták 'v6ak'
On Wednesday, September 7, 2016 at 11:42:44 PM UTC+2, Vít Šesták wrote:
>
> It
ancient KDE and without much details, but it still seems somewhat relevant.
I hope I'll do more about this later.
Regards,
Vít Šesták 'v6ak'
On Wednesday, September 7, 2016 at 3:46:29 PM UTC+2, Marek
Marczykowski-Górecki wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
>
, as it is
rather designed to work with a specific narrow range of KWin versions.
BTW, advantage of non-checking the KDE version might come with KDE 6, which
would also break the condition :)
So, should I make a pull request for this?
Regards,
Vít Šesták 'v6ak'
--
You received this message because you
When I use KWin with Breeze theme, the yellow window titles have white
text, which is poorly readable. Could this be changed to, say, black text?
Regards,
Vít Šesták 'v6ak'
--
You received this message because you are subscribed to the Google Groups
"qubes-devel" group.
To unsubs
Hello,
In 3.0 and 3.1, I used KWin with XFCE and it worked well. In 3.2-rc3, it
does not show VM name in the title and does not color borders. Why?
This happens for both Plastik and Breeze.
In pure KDE, it works OK.
Regards,
Vít Šesták 'v6ak'
--
You received this message because you
.)
It does not work for Windows, though.
Regards,
Vít Šesták 'v6ak'
On Tuesday, May 24, 2016 at 1:45:47 AM UTC+2, Iestyn Best wrote:
>
> Hi,
>
> I like trying to revitalize old discussion topics. ;) I hope there is not
> a problem with me doing so.
>
> I am curious to see if
41 matches
Mail list logo
