| View previous topic :: View next topic |
| Author |
Message |
d3x73r
n00b
Joined: 16 Apr 2010
Posts: 55
Location: Bahia/Brazil
|
 Posted: Wed Aug 10, 2011 3:17 pm Post subject: Conflict under Hardened kernel and VMWare Server |
 |
|
I'm trying to merge my server to Hardened sources.
The problem is that last time I tried to merge, my VMWare Server could not load Virtual Machines ans loops to restart the system indefinitely.
Does anyone know about any issue ralated to this? |
|
| Back to top |
|
 |
Yuu
Apprentice
Joined: 23 Dec 2008
Posts: 223
Location: France
|
| Posted: Wed Aug 10, 2011 3:21 pm Post subject: |
|
|
Hi,
what version of the sys-kernel/hardened-sources are you using ? Do you use the predefined grsecurity level called "virtualization" ?
_________________
Main laptop : T8300 cpu | 200 GB hard drive | 2 GB of ram | 8600M GT | Gentoo x86_64
Server : Celeron 220 cpu | 250 GB hard drive | 2 GB of ram | SiS 662 VGA | Gentoo x86_64 |
|
| Back to top |
|
|
d3x73r
n00b
Joined: 16 Apr 2010
Posts: 55
Location: Bahia/Brazil
|
| Posted: Fri Aug 12, 2011 1:15 am Post subject: |
|
|
I did my tests with linux-2.6.34-hardened-r6 once.
I didn't realize that I should this grsecurity level. This is a kernel configuration?
| Yuu wrote: | Hi,
what version of the sys-kernel/hardened-sources are you using ? Do you use the predefined grsecurity level called "virtualization" ? |
|
|
| Back to top |
|
|
Yuu
Apprentice
Joined: 23 Dec 2008
Posts: 223
Location: France
|
| Posted: Fri Aug 12, 2011 8:16 am Post subject: |
|
|
Hi,
Yes, it's in the kernel configuration. And as far as I remember, it's on the hardened-sources since >= 2.6.37 :
| Code: | Security options --->
Grsecurity --->
[*] Grsecurity
Security Level (Hardened Gentoo [virtualization]) ---> |
It basically turns off KERNEXEC and UDEREF along with a few others; also, maybe you should check your logs (/var/log/messages & others) for errors before your system reboots.
_________________
Main laptop : T8300 cpu | 200 GB hard drive | 2 GB of ram | 8600M GT | Gentoo x86_64
Server : Celeron 220 cpu | 250 GB hard drive | 2 GB of ram | SiS 662 VGA | Gentoo x86_64 |
|
| Back to top |
|
|
anton_kg
Tux's lil' helper
Joined: 10 Feb 2007
Posts: 93
|
| Posted: Wed Jan 11, 2012 6:51 am Post subject: |
|
|
This is my biggest problem with hardened kernel so far. There is an open bug report, see the link bellow:
https://bugs.gentoo.org/show_bug.cgi?id=382793
and there is no known solution for that. Have you found any workarounds? |
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23091
|
| Posted: Thu Jan 12, 2012 3:51 am Post subject: |
|
|
| You could use a hypervisor that plays well with hardened, such as KVM. Additionally, KVM has some support for nested virtualization, which may enable you to perform the debugging suggested by PaX team. |
|
| Back to top |
|
|
|
Kernel & Hardware
