| 1 |
On Tue, Dec 16, 2008 at 14:19, Romain BERGE <romain.berge@×××××.com> wrote: |
| 2 |
> Hey all, |
| 3 |
> |
| 4 |
> I am wondering of using and AMD CPU with the AMD-V. |
| 5 |
> I wonder of using KVM to virtualise a few Hardened server. |
| 6 |
> |
| 7 |
> Someone used already KVM+ Hardened ? |
| 8 |
|
| 9 |
Anyone else get KVM running on a hardened host? I'm seeing some |
| 10 |
issues right now: |
| 11 |
- The kvm-82 modules use symbols only in 2.6.28, making it |
| 12 |
incompatible with the current hardened-sources: |
| 13 |
[ 1584.882179] kvm: Unknown symbol intel_iommu_domain_alloc |
| 14 |
[ 1584.882259] kvm: Unknown symbol intel_iommu_detach_dev |
| 15 |
[ 1584.882340] kvm: Unknown symbol intel_iommu_page_mapping |
| 16 |
[ 1584.882768] kvm: Unknown symbol intel_iommu_context_mapping |
| 17 |
[ 1584.882862] kvm: Unknown symbol intel_iommu_iova_to_pfn |
| 18 |
[ 1584.883441] kvm: Unknown symbol intel_iommu_domain_exit |
| 19 |
- KVM segfaults upon execution against the 2.6.27-hardened-r3; I |
| 20 |
haven't debugged it yet, but it may well be tied to the symbol issues |
| 21 |
- kqemu starts to compile with gcc-4.3.2-r2 but fails with a |
| 22 |
relocation error I'm seeing from several other packages under the new |
| 23 |
hardened gcc-4.3.2-r2: |
| 24 |
relocation R_X86_64_32 against `a local symbol' can not be used when |
| 25 |
making a shared object; recompile with -fPIC |
| 26 |
(I've already patched a few packages for these) |
| 27 |
- Even after disabling kqemu and switching to gcc-3.x, compiling |
| 28 |
qemu-softmmu results in the same error as above. |
| 29 |
|
| 30 |
Rather disappointing, I was hoping to get a hardened profile host |
| 31 |
backing my VMs. Guess it's back to a standard profile for a bit. |
| 32 |
|
| 33 |
|
| 34 |
RB |
Archives