do you have CONFIG_CC_STACKPROTECTOR enabled in your .config? i get a very early boot failure with it, but paravirt/VMI works otherwise (minus the usual features like KERNEXEC/UDEREF). can you also test a vanilla kernel and report this upstream if it is indeed a problem with SSP and paravirt/VMI?elazar wrote:I noticed that the kernel won't boot if paravirtualization is enabled on the VM(and in the kernel).
ok, so i'll need more information about the boot failure, possibly vmlinux and bzImage and any boot logs/screenshots you can get.elazar wrote:root@box:/usr/src/linux-2.6.31-grsec# cat .config | grep CONFIG_CC
# CONFIG_CC_STACKPROTECTOR is not set
can you upload it in a format i can decode? looks like this is a concatenation of all files, i don't exactly feel like figuring out the file boundaries by handelazar wrote:System.map, bzImage etc. are at http://drop.io/qi0g5ga/asset/2-6-31-1-grsec-gz.
it's pax_nouderef and it's an 'off-only' switch, it doesn't take arguments.elazar wrote:Disabling uderef via no_paxuderef=1
i've been working on getting KERNEXEC to work with VMI for the past few days and it can boot into userland here albeit still dies randomly on certain page table operations. without KERNEXEC it should have always been fine though.though 22.214.171.124 still triggers a kernel mode stack fault no matter how the VM is configured, it will only boot if I compile without paravirt enabled in the kernel.
it's pax_nouderef and it's an 'off-only' switch, it doesn't take arguments.
i've been working on getting KERNEXEC to work with VMI for the past few days and it can boot into userland here albeit still dies randomly on certain page table operations. without KERNEXEC it should have always been fine though.
hmm, that must be a bug, the code doesn't need or check for any extra arguments and i've been using it under vmware workstation as such.elazar wrote:Woops, forgot the no part. Actually, pax_nouderef on its own did not work, pax_nouderef=1 worked.
was this with KERNEXEC on or off? if it was on, can you try without?I can boot 126.96.36.199 with pax_nouderef, paravirt compiled in and enabled on the VM but various processes(udev, bash, syslogd etc) die with general protection faults at boot time. It does not work any other way. 2.6.31 works, but with paravirt disabled on the VM itself.
i don't think i'll need it as i get the GPFs here as well, although their random nature makes me think that it may no longer be my fault but something else, but it's very hard to debug as it's the hypervisor that simulates a GPF on certain page table operations.I really appreciate the time that you have been putting in to this. If you need an ESXi box to test on, please PM me.