From: Avi Kivity <avi@redhat.com>
To: anton.kochkov@gmail.com
Cc: qemu-devel <qemu-devel@nongnu.org>, KVM list <kvm@vger.kernel.org>
Subject: Re: [Qemu-devel] QEMU-KVM and hardened (GRSEC/PaX) kernel
Date: Wed, 20 Apr 2011 17:29:20 +0300 [thread overview]
Message-ID: <4DAEEDC0.50804@redhat.com> (raw)
In-Reply-To: <BANLkTi==x5GF+BC4q=fSVvYLE_XY=SvxTw@mail.gmail.com>
On 04/17/2011 01:45 AM, Антон Кочков wrote:
> Good day!
> I'm trying to make working qemu-kvm with hardened gentoo on hardened kernel.
> When i'm using CONFIG_PAX_KERNPAGEXEC and CONFIG_PAX_MEM_UNDEREF qemu just start
> and go to infinite loop and take 100% of one of my CPU core. adn it
> even can't be killed.
> Also it is dont give answer for qemu monitor/remote gdb.
> When I'm changed these two values as disabled, qemu-kvm now start, and
> stop (i mean qemu monitor show that virtual machine is running, but no
> any activity/output). Also it's load about 0%.
> See details in bug http://bugs.gentoo.org/show_bug.cgi?id=363713
>
> Hope this info help improve qemu-kvm.
>
As Blue says, the problem is likely in kvm, not qemu.
Please try:
- hardened guest on soft host (I expect this to work)
- soft guest on hardened host (I expect this to fail).
Are you using an Intel or AMD host?
Note virtualization hardware will play with segmentation and defeat all
those games the hardened kernel plays.
--
error compiling committee.c: too many arguments to function
next prev parent reply other threads:[~2011-04-20 14:29 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-04-16 22:45 [Qemu-devel] QEMU-KVM and hardened (GRSEC/PaX) kernel Антон Кочков
2011-04-19 19:24 ` Blue Swirl
2011-04-20 1:16 ` Антон Кочков
2011-04-20 14:29 ` Avi Kivity [this message]
2011-04-20 16:47 ` Антон Кочков
2011-04-21 8:03 ` Avi Kivity
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4DAEEDC0.50804@redhat.com \
--to=avi@redhat.com \
--cc=anton.kochkov@gmail.com \
--cc=kvm@vger.kernel.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).