Re: Security issue with vmxnet3 and e100 for AMD SEV(-SNP) / Intel TDX

it's only VirtIO, but I believe it also requires hardening. We need to validate any VMM input. It might be beneficial to have coordination between Intel and AMD on what devices (and device drivers) considered to be safe for trusted computing. I think we can share burden of code audit and fuzzing. -- Kirill A. Shutemov

Re: general protection fault in khugepaged

On Fri, Jul 17, 2020 at 03:40:04PM -0700, syzbot wrote: > syzbot has bisected this issue to: > > commit ffe945e633b527d5a4577b42cbadec3c7cbcf096 > Author: Kirill A. Shutemov > Date: Wed Jun 3 23:00:09 2020 + > > khugepaged: do not stop collapse if less than hal

Re: [net-next PATCH V3 1/3] mm: add dma_addr_t to struct page

o avoid aliasing to compound_head. See commit 1d798ca3f164 ("mm: make compound_head() robust") for context. > struct {/* slab, slob and slub */ > union { > struct list_head slab_list; /* uses lru */ > -- Kirill A. Shutemov

Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)

On Tue, Jan 30, 2018 at 09:11:27AM +0100, Florian Westphal wrote: > Michal Hocko wrote: > > On Mon 29-01-18 23:35:22, Florian Westphal wrote: > > > Kirill A. Shutemov wrote: > > [...] > > > > I hate what I'm saying, but I guess we need some tu

Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)

On Mon, Jan 29, 2018 at 05:57:22PM +0100, Florian Westphal wrote: > Kirill A. Shutemov wrote: > > On Mon, Jan 29, 2018 at 08:23:57AM +0100, Florian Westphal wrote: > > > > vmalloc() once became killable by commit 5d17a73a2ebeb8d1 ("vmalloc: > > > > bac

Re: [netfilter-core] kernel panic: Out of memory and no killable processes... (2)

ay to supress OOM Killer in first place so we can just -ENOMEM user. Just supressing OOM kill is a bad idea. We still leave a way to allocate arbitrary large buffer in kernel. -- Kirill A. Shutemov

Re: [PATCH v4] scripts: add leaking_addresses.pl

On Mon, Nov 13, 2017 at 10:06:46AM +1100, Tobin C. Harding wrote: > On Sun, Nov 12, 2017 at 02:10:07AM +0300, Kirill A. Shutemov wrote: > > On Tue, Nov 07, 2017 at 09:32:11PM +1100, Tobin C. Harding wrote: > > > Currently we are leaking addresses from the kernel to user space. Th

Re: [PATCH v4] scripts: add leaking_addresses.pl

rues that have more than 256TB of virtual address space. Just wanted to point to the limitation. -- Kirill A. Shutemov

kernel BUG at /home/kas/linux/mm/net/ipv6/raw.c:592!

87 ff 85 c0 74 19 49 8b 46 58 e9 b1 fd ff ff <0f> 0b f7 d0 41 01 c0 41 83 d0 00 e9 5e fe ff ff e8 7a 43 87 ff [ 602.638114] RIP [] rawv6_sendmsg+0xb31/0xb80 [ 602.638114] RSP -- Kirill A. Shutemov -- To unsubscribe from this list: send the line "unsubscribe netdev" in the b

mmap()ed AF_NETLINK: lockdep and sleep-in-atomic warnings

empt_count_sub+0xab/0xf0 [2.544503] [] ? syscall_return+0x11/0x54 [2.544503] [] ? __this_cpu_preempt_check+0x13/0x20 [2.544503] [] ? trace_hardirqs_on_caller+0xf3/0x240 [2.544503] [] ? trace_hardirqs_on_thunk+0x17/0x19 [2.544503] [] system_call_fastpath+0x12/0x6f -- Kirill A. Shu