Xen dev help required

Xen dev help required

[Brad Plant]

[-- Attachment #1.1: Type: text/plain, Size: 622 bytes --]

Hi list,

I was hoping some people "in the know" about how the hypervisor works etc could take a look at the thread below and hopefully offer some advice.

http://forums.grsecurity.net/viewtopic.php?f=1&t=2063&p=8759#p8745

The PaX developers are trying to get their patch to work on a 2.6.28 paravirt_ops kernel. They already have PaX working with a 2.6.27 paravirt_ops kernel, but a recent change to the PaX patch, specifically to map up to 4GB initially in the identity map is causing the kernel to panic when booted under xen.

Any help on the matter would be greatly appreciated by all.

Cheers,

Brad


[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

[-- Attachment #2: Type: text/plain, Size: 138 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Xen dev help required

[Brad Plant]

[-- Attachment #1.1: Type: text/plain, Size: 622 bytes --]

Hi list,

I was hoping some people "in the know" about how the hypervisor works etc could take a look at the thread below and hopefully offer some advice.

http://forums.grsecurity.net/viewtopic.php?f=1&t=2063&p=8759#p8745

The PaX developers are trying to get their patch to work on a 2.6.28 paravirt_ops kernel. They already have PaX working with a 2.6.27 paravirt_ops kernel, but a recent change to the PaX patch, specifically to map up to 4GB initially in the identity map is causing the kernel to panic when booted under xen.

Any help on the matter would be greatly appreciated by all.

Cheers,

Brad


[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

[-- Attachment #2: Type: text/plain, Size: 138 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Re: Xen dev help required

[Jeremy Fitzhardinge]

Brad Plant wrote:
> Hi list,
>
> I was hoping some people "in the know" about how the hypervisor works etc could take a look at the thread below and hopefully offer some advice.
>
> http://forums.grsecurity.net/viewtopic.php?f=1&t=2063&p=8759#p8745
>
> The PaX developers are trying to get their patch to work on a 2.6.28 paravirt_ops kernel. They already have PaX working with a 2.6.27 paravirt_ops kernel, but a recent change to the PaX patch, specifically to map up to 4GB initially in the identity map is causing the kernel to panic when booted under xen.
>
> Any help on the matter would be greatly appreciated by all.
>   

Looks like what they're trying to do is pretty redundant; Xen is pretty 
good at protecting the kernel's pagetables for it.  From just looking at 
that piece of thread, I'm guessing they're creating writeable aliases of 
the pagetable pages, which Xen won't allow.

Yeah, this one:
|(XEN) mm.c:794:d35 Attempt to create linear p.t. with write perms

|    J