| 1 |
Hi! |
| 2 |
|
| 3 |
On Fri, Feb 24, 2012 at 03:41:27PM +0200, PaX Team wrote: |
| 4 |
> well, as i suggested it in bugzilla, i'd need to capture information about |
| 5 |
> the crash (probably triple fault), and the best approach would be some nested |
| 6 |
> virtualization setup. i have no idea how to do it easily (one way would be to |
| 7 |
> use bochs to run vmware if its vmx emulation is good enough but i guess the |
| 8 |
> resulting speed would be unbearable). |
| 9 |
|
| 10 |
That sounds too complex and slow. |
| 11 |
|
| 12 |
> another (but still time consuming) approach would be to do a binary search on |
| 13 |
> vmmon by stopping it at various points as it is about to launch a virtual machine, |
| 14 |
> that would eventually narrow down the failing code too. |
| 15 |
|
| 16 |
I probably can do this if you give me an example of how this should be |
| 17 |
done - i.e. example of code snippet to insert into vmmon source to stop at |
| 18 |
various point and start/end lines in code or involved function names where |
| 19 |
to place that snippet. |
| 20 |
|
| 21 |
BTW, I think it probably makes more sense to do a binary search from other |
| 22 |
side - remove parts of hardened changes in kernel. We already know it's |
| 23 |
not related to code disabled when PAX and GRSEC completely disabled in |
| 24 |
kernel config, so probably there is not so many hardened changes left |
| 25 |
which still active and may affect virtualization. |
| 26 |
|
| 27 |
-- |
| 28 |
WBR, Alex. |
Archives