| 1 |
On 1 Dec 2007 at 16:17, René Rhéaume wrote: |
| 2 |
|
| 3 |
> I have no problem running Windows and Linux guests inside VirtualBox |
| 4 |
> on gentoo-sources. UDEREF is not enabled in my kernel config as I read |
| 5 |
> it does not work with virtualization. I also disabled MPROTECT on the |
| 6 |
> binary, otherwise PaX simply kills VirtualBox. |
| 7 |
|
| 8 |
UDEREF in the *guest* is unlikely to work, on the host it should be |
| 9 |
fine (if it isn't then that points at some bug in other kernel code). |
| 10 |
|
| 11 |
on the other hand KERNEXEC in the *host* will not work at all unless |
| 12 |
the hypervisor code (in particular, the so-called 'world switch' |
| 13 |
routine and some smaller stuff like host GDT manipulation) is properly |
| 14 |
adapted to KERNEXEC. |
| 15 |
|
| 16 |
now with that said, your BUG here doesn't look like one caused by any |
| 17 |
particular hypervisor code, but something wrong detected in vma mirroring. |
| 18 |
could you first of all try a newer hardened sources (such as -r2) or |
| 19 |
even better, just test with the latest PaX test patch alone? i'd also |
| 20 |
need CONFIG_KALLSYMS to be enabled (or the corresponding System.map |
| 21 |
at least). |
| 22 |
|
| 23 |
-- |
| 24 |
gentoo-hardened@g.o mailing list |
Archives