Liran Alon

@Liran_Alon

Vrijeme pridruživanja: prosinac 2011.

Medijski sadržaj

  1. 31. sij

    I later saw this great talk: that explains how RISC may achieve CISC-like perf with clever micro-arch tricks. Main concepts is Macro-Fusion in which decoder generates a single uOp for multiple MacroOps & CISC having both 2 and 4 bytes instructions.

  2. 29. pro 2019.

    Encountered a strange x86 cache-coherency inconsistency: Intel guarantees to flush WCBs on read/write UC mem but does so only for read. If true, Linux should have new flush_wcb_writeX() util that differ between CPU vendors? (1/3)

    Prikaži ovu nit
  3. 16. pro 2019.

    Surprised by interesting numbers in Intel Optimisation Guide section 2.5.5.2 L1 DCache. Turns out there are only 4 DTLB entires for 1GB pages! Crazy! So mapping all guests memory as 1GB pages in EPT may be less efficient? Worth benchmarking! (1/2)

    Prikaži ovu nit
  4. 5. pro 2019.

    AWS Networking news: VPC traffic mirroring (+ LB integration), VPC ingress routing (Custom routes on IGW/VGW), multicast routing (Clone packet to vNICs group), VPC inter-region peering & accelerated site-to-site VPN (VPN to Edge -> Direct-Connect to AWS)

  5. 5. pro 2019.

    AWS Compute news: Nitro Enclaves, Graviton2, Inf1 instances, Compute Optimizer, Outpost + Rack-slot security-key holds PK, Local Zones (City-local EC2 servers), Wavelength (EC2 servers at 5G city aggregation center -> single-digit ms latency).

  6. 16. stu 2019.

    WDAG internals: vSMB share host OS files, Hv interface for host to manage vCPUs scheduling, Hv interface for pre-providing host memory to backup guest memory, VMSwitch filter driver to allow only Inet access, host proxies for LSASS & DNS, display via RDP.

    Prikaži ovu nit
  7. 12. stu 2019.

    Google KVM MMU TDP direct case re-implementation * Remove kvm_mmu_page & rmap (Used by shadow-paging) * RW spinlock to parallelise PF handlers but block on MMU-notifier * Safely traverse EPT by RCU & free on RCU cb * cmpxchg SPTEs * Defer TLB invalidations

  8. 8. stu 2019.

    The video of the talk is now also available:

    Prikaži ovu nit
  9. 29. ruj 2019.

    UEFI Forum talk on PRM: Suggests to allow ASL to request OS to call a UEFI runtime service to do some work. Would allow moving some SMI handlers that are platform-specific and don't require SMM to just be run in Ring0 (ASL + runtime-service).

  10. 23. ruj 2019.

    - Great presentation on how to write Linux kernel modules in Rust. Talk also provides great background on Rust and it's integration with C.

  11. 15. srp 2019.

    AMD SVM weirdness discussion (multiple tweets): Recently I have encountered a bizarre AMD LAPIC ability (IER) that allows to explicitly disable vectors from participating in LAPIC computation of highest priority pending interrupt. (1/6)

    Prikaži ovu nit
  12. 6. velj 2019.
    Odgovor korisnicima

    I spoke with some CTS Labs guys and they seem to agree this is most likely a vulnerability... Now need an AMD hardware setup to verify this :P Reference of the relevant code:

  13. 20. sij 2019.

    1/2: - Talk on GCE virtual network dataplane internals. Dedicated core in userspace, busy-loop physical NIC and vNICs queues, actions based on flows-table, integrate to OVS control, use hw offload for checksum, encryption and memcpy (Intel QuickData).

    Prikaži ovu nit
  14. 18. pro 2018.
    Odgovor korisnicima i sljedećem broju korisnika:

    Thanks for putting my presentation from KVM Forum in there :) You can also link to the video: I also recommend KVM Forum presentations in general as a very good resource.

  15. 16. stu 2018.

    - Nice talk of on lessons learned from recent CPU vulns mitigations on CPU models. Ugly things to workaround includes MSRs which expose CPU features (Can't be read from Ring3...) and negative CPU bits (e.g. RSBA) which complicates migration...

  16. 14. stu 2018.

    - My talk on KVM nested virtualization past year improvements on KVM Forum. Much to present in a very short time slot. Highly recommend viewing slides appendix for much more technical details and nVMX mechanisms! (slides: )

  17. 9. stu 2018.

    - Talk on Intel MKTME. Config enc-key on CPU and then some bits of PA specifies key to encrypt/decrypt content. Host setup PTEs/EPTs/IOMMU PTs accordingly. Allows full memory encryption of VMs memory. But note that host is trusted in contrast to AMD-SEV.

  18. 5. stu 2018.

    - Great talk on Windows retpoline internals. Replace at runtime indirect branches to util which examines bitmap to know target retpoline support and by that either retpoline or IBRS/IBPB. Also import calls of NT/HAL patched to not indirect anymore!

  19. 1. stu 2018.

    - Nice talk by on high-level overview of CPU pipelines, bubbles, branch prediction, superscalar execution, out-of-order execution and recent speculative execution vulnerabilities. Nicely presented with minimal pre-required knowledge. :)

  20. 14. lis 2018.

    - Nice presentation from previous KVM Forum on ARM nested-virtualization internals. Nice trick of emulating future HW with PV. Also interesting that GIC is the one responsible for what is called "posted-interrupts" in x86 VMX and not the CPU.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·