Hi,
Commit 3d39f46966283b73145304c1fa69b2ee12d39077 is making it pretty tricky to enable Xen dom0 support.
There seems to be a circular issue with PARAVIRT_GUEST (or maybe PARAVIRT) being necessary to be a dom0.
I got quite lost in the dependencies. I did find two ways out to enable Xen though.
1) Add "|| GRKERNSEC_CONFIG_VIRT_XEN" to the "depends on" for menuconfig PARAVIRT_GUEST.
2) Enable CONFIG_X86_EXTENDED_PLATFORM and CONFIG_X86_VSMP.
Option 2 isn't very practical as I don't have EM64T hardware.
CONFIG_GRKERNSEC=y
CONFIG_GRKERNSEC_CONFIG_AUTO=y
# CONFIG_GRKERNSEC_CONFIG_CUSTOM is not set
CONFIG_GRKERNSEC_CONFIG_SERVER=y
# CONFIG_GRKERNSEC_CONFIG_DESKTOP is not set
# CONFIG_GRKERNSEC_CONFIG_VIRT_NONE is not set
# CONFIG_GRKERNSEC_CONFIG_VIRT_GUEST is not set
CONFIG_GRKERNSEC_CONFIG_VIRT_HOST=y
CONFIG_GRKERNSEC_CONFIG_VIRT_EPT=y
# CONFIG_GRKERNSEC_CONFIG_VIRT_SOFT is not set
CONFIG_GRKERNSEC_CONFIG_VIRT_XEN=y
# CONFIG_GRKERNSEC_CONFIG_VIRT_VMWARE is not set
# CONFIG_GRKERNSEC_CONFIG_VIRT_KVM is not set
# CONFIG_GRKERNSEC_CONFIG_VIRT_VIRTUALBOX is not set
CONFIG_GRKERNSEC_CONFIG_PRIORITY_PERF=y
# CONFIG_GRKERNSEC_CONFIG_PRIORITY_SECURITY is not set
Xen and 3.2.55
2 posts
• Page 1 of 1
Re: Xen and 3.2.55
by spender » Wed Feb 19, 2014 9:44 pm
Thanks, this will be fixed in the next patches.
-Brad
-Brad
- spender
- Posts: 2185
- Joined: Wed Feb 20, 2002 8:00 pm
2 posts
• Page 1 of 1