From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jeremy Fitzhardinge Subject: Re: Xen dev help required Date: Wed, 18 Feb 2009 17:42:49 -0800 Message-ID: <499CB919.3020801@goop.org> References: <20090219104935.1a22464b@daedalus> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <20090219104935.1a22464b@daedalus> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Brad Plant Cc: "'xen-devel@lists.xensource.com'" List-Id: xen-devel@lists.xenproject.org Brad Plant wrote: > Hi list, > > I was hoping some people "in the know" about how the hypervisor works etc could take a look at the thread below and hopefully offer some advice. > > http://forums.grsecurity.net/viewtopic.php?f=1&t=2063&p=8759#p8745 > > The PaX developers are trying to get their patch to work on a 2.6.28 paravirt_ops kernel. They already have PaX working with a 2.6.27 paravirt_ops kernel, but a recent change to the PaX patch, specifically to map up to 4GB initially in the identity map is causing the kernel to panic when booted under xen. > > Any help on the matter would be greatly appreciated by all. > Looks like what they're trying to do is pretty redundant; Xen is pretty good at protecting the kernel's pagetables for it. From just looking at that piece of thread, I'm guessing they're creating writeable aliases of the pagetable pages, which Xen won't allow. Yeah, this one: |(XEN) mm.c:794:d35 Attempt to create linear p.t. with write perms | J