In article ,
Maxime Villard wrote:
>Le 18/01/2018 à 13:43, Tom Ivar Helbekkmo a écrit :
>> Maxime Villard writes:
>>
>>> Well, looking at the code, it seems to me that _kvm_open() should be
>>> changed to
In article <20180120144510.ga61...@atom.tmux.org>,
Tobias Ulmer wrote:
>TLDR: nfs_reqq crrptin, see diff below.
>
>I've been trying to track down the source of NFS client hangs and
>crashes over the last weeks, in order to get back to the things I really
>wanted to do...
>
>No
Hello,
I was wondering what the status of the BUFQ_READPRIO & BUFQ_PRIOCSCAN
kernel options are. The comment on all but the i386/amd64 kernel configs
are that it is experimental, whereas on i386/amd64, BUFQ_PRIOCSCAN is
enabled by default.
Does the comment need updating (I'm happy to do it) or is
Le 17/01/2018 à 21:48, Thomas Klausner a écrit :
On Wed, Jan 17, 2018 at 08:01:19AM +0100, Maxime Villard wrote:
Why does GENERIC_KASLR disable KDTRACE_HOOKS? Is this necessary, or
are KDTRACE_HOOKS lowering the security somehow?
In fact, it's because KDTRACE_HOOKS wants to parse one CTF
I committed this morning the last part needed to completely mitigate Meltdown
on NetBSD-amd64. As I said in the commit message, we still need to change a
few things for KASLR - there is some address leakage, we need to hide one
instruction -, but otherwise the implementation should be perfectly
Le 18/01/2018 à 13:43, Tom Ivar Helbekkmo a écrit :
Maxime Villard writes:
Well, looking at the code, it seems to me that _kvm_open() should be
changed to keep /dev/ksyms open, the same way it keeps /dev/kmem open.
Agreed. This works fine for me, with and without
Maxime Villard writes:
>> Agreed. This works fine for me, with and without /dev/ksyms present:
>>
>> Index: lib/libkvm/kvm.c
>> [...]
>
> So, I guess I can commit it?
I've been running with that modification (and /dev/ksyms mode 440 and
group kmem) on all my systems since