| niluje | hi guys | 00:22 |
|---|---|---|
| niluje | "quick" question about meltdown: I understand how to read anything from the kernel by getting its content byte per byte | 00:22 |
| niluje | what I don't understand is how to escape from a virtual machine | 00:23 |
| niluje | hence the question: how two virtual machines address spaces are isolated from each other in the iommu? | 00:23 |
| niluje | I realize the question might not make any sense and I could be missing something | 00:24 |
| === Elimin8r is now known as Elimin8er | ||
| dsd | i'm working on backporting the 4.14 KPTI patches to ubuntu 4.13 artful kernel, any ubuntu kernel devs interested in collaborating? or any existing efforts i can join? | 14:13 |
| apw | dsd, we're trying hard to get that done | 14:16 |
| dsd | apw: can we work together? | 14:17 |
| dsd | i have explored 2 approaches: | 14:17 |
| dsd | 1. take the stable queue 4.9 patches and apply to 4.13. result: looks pretty difficult, too many changes between 4.9 and 4.13, especially the 5 level page tables. i put this idea on pause after doing a couple of the patches | 14:18 |
| dsd | 2. take 4.14 stable patches and apply on artful kernel. there are basically 3 batches of patches to deal with. i have just completed the first batch (from 4.14.9) and it compiles | 14:19 |
| dsd | feeling more positive about that approach - hopefully just need to do that another 2 times and then pray that it boots | 14:19 |
| apw | well we have been looking at the 2. form as well | 14:20 |
| dsd | looking or doing? would it be useful for me to share what i've done so far, or is there any work in progress that can be shared from your side? | 14:22 |
| apw | we have something in testing, just not sure how complete it is right now | 14:26 |
| apw | sorry very distracted | 14:28 |
| dsd | happy to take a look if you publish it somewhere | 14:28 |
| apw | will try and get bck to you in a bit | 14:28 |
| dsd | ok, i'll also push what i've done in case it is useful, just a min | 14:29 |
| === ben_r_ is now known as ben_r | ||
| dsd | https://github.com/endlessm/linux/tree/artful-kpti and notes https://gist.github.com/dsd/f98a8f1a15f701934ece3e70c9b8fb0a | 14:44 |
| ricotz | tseliot, hi, I guess you are already aware of this nvidia-blob problem https://devtalk.nvidia.com/default/topic/1028222/linux/lts-kernel-patch-for-intel-cpu-vulnerability-breaks-nvidia-driver/post/5230546/#5230546 | 17:46 |
| mdeslaur | apw: our updated kernel may hit that nvidia issue ^ | 18:03 |
| mamarley | Interestingly, I did not hit that bug. It compiled fine (387.34, 4.14.11) for me. | 18:09 |
| ricotz | mamarley, the archive contains 384 | 18:10 |
| mamarley | The guy in the thread says 387 failed to compile though. | 18:10 |
| TJ- | maybe it depends on which of the patch-set was included? there have been some recent commits since 4.14.11 was published | 18:11 |
| tyhicks | apw: regarding the nvidia issue, the only thing I can spot is the addition of the __visible attribute to cpu_tlbstate in https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6fd166aae78c0ab738d49bda653cbd9e3b1491cf | 18:11 |
| tseliot | ricotz: sigh... no, I didn't look into that | 19:34 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!