WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] PaX Security w/ Kernel.org DomU 2.6.31.7

To: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] PaX Security w/ Kernel.org DomU 2.6.31.7
From: John Anderson <johna@xxxxxxxxxx>
Date: Thu, 31 Dec 2009 14:39:41 -0700
Accept-language: en-US
Acceptlanguage: en-US
Delivery-date: Mon, 04 Jan 2010 05:07:52 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcqKYcJtRMFtuIPjRqO4C5fbYeG2pA==
Thread-topic: PaX Security w/ Kernel.org DomU 2.6.31.7

Greetings Xen Team,

 

I am trying to help the PaX Team (http://pax.grsecurity.net/)  integrate their PaX product into the Kernel.org’s domU kernel for 2.6.31.7.   It seems however, that we’ve run into a wall in the process.      The GRSecurity/PaX patch applies and compiles cleanly, but at early boot we get the page fault below.  The PaX Team has narrowed down the cause of the error to xen_setup_kernel_pagetable while establishing the new pgd.   It seems as if during the initial page table setup the pgd had become completely empty and on return from the hypervisor everything triggers various page faults and kills the guest kernel.    Can anyone describe what happens to the pgd during this phase?  Also, does anyone know how to get printk or print any information from the guest kernel at this early stage? 

 

Thanks in advance for any help you can offer.

 

John A.

 

Page Fault Follows:

 

 

(XEN) Unhandled page fault in domain 26 on VCPU 0 (ec=0000)
(XEN) Pagetable walk from 0000000000000028:
(XEN)  L4[0x000] = 0000000000000000 ffffffffffffffff
(XEN) domain_crash_sync called from entry.S
(XEN) Domain 26 (vcpu#0) crashed on cpu#4:
(XEN) ----[ Xen-3.1.3  x86_64  debug=y  Not tainted ]----
(XEN) CPU:    4
(XEN) RIP:    e033:[<ffffffff81018496>]
(XEN) RFLAGS: 0000000000000282   CONTEXT: guest
(XEN) rax: 0000000000521109   rbx: 0000000000000000   rcx: 0000000000000020
(XEN) rdx: ffffffff82ba6000   rsi: 00000000deadbeef   rdi: 0000000000000000
(XEN) rbp: 0000000000000000   rsp: ffffffff81601f50   r8:  0000000000000000
(XEN) r9:  ffffffff81817283   r10: ffffffff8102f528   r11: ffffffff81004280
(XEN) r12: 0000000000000000   r13: 0000000000000000   r14: 0000000000000000
(XEN) r15: 0000000000000000   cr0: 000000008005003b   cr4: 00000000000006b0
(XEN) cr3: 0000000503189000   cr2: 0000000000000028
(XEN) ds: 0000   es: 0000   fs: 0000   gs: 0000   ss: e02b   cs: e033
(XEN) Guest stack trace from rsp=ffffffff81601f50:
(XEN)    0000000000000020 ffffffff81004280 0000000000000000 ffffffff81018496
(XEN)    000000010000e030 0000000000010082 ffffffff81601f98 000000000000e02b
(XEN)    0000000000000007 ffffffff81004890 ffffffff8181719e 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000
(XEN)    ffffffff81816c47 0000000000000000 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000
(XEN)    0000000000000000 0000000000000000 0000000000000000 0000000000000000

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel