grsecurity forums


https://forums.grsecurity.net./

Problems with (K)QEMU and PAX

https://forums.grsecurity.net./viewtopic.php?f=3&t=1764

Page 1 of 1

Problems with (K)QEMU and PAX

PostPosted: Thu Jun 21, 2007 8:04 pm
by john_taucher
Hello. I am trying to use (K)QEMU with PAX on 2.6.19.2. I have used paxctl to disable pax on `qemu` and related binaries. However, when starting up a VM, I get the following error (in dmesg):

<0>PAX: suspicious general protection fault: 0000 [#4]
Modules linked in: kqemu nvidia(P)
CPU: 0
EIP: 0060:[<00770297>] Tainted: P VLI
EFLAGS: 00210046 (2.6.19.2 #3)
eax: 1b6de001 ebx: e2584000 ecx: 00000000 edx: ddd7b5b0
esi: 00000000 edi: 00000000 ebp: 00200286 esp: d7913ee8
ds: 0068 es: 0068 ss: 0068
Process qemu (pid: 636, ti=d7912000 task=d12f2ab0 task.ti=d7912000)
Stack: e2584000 00066c01 d12f2ab0 d948d900 d12f2ab0 00000000 00000000 00000000
e256c014 00200086 00000033 e2584120 cfffd420 00000007 e2584000 0076e1cf
e2584000 00000068 ffff037f ffff0020 ffffffff 00000000 00000000 00000000
Call Trace:
[<0076e1cf>] <0> [<0076e0d0>] <0> =======================
Code: 84 83 ac 00 00 00 8b 10 8b 48 04 89 8b 94 00 00 00 89 93 90 00 00 00 8b 8b 9c 00 00 00 8b 93 98 00 00 00 89 48 04 89 10 89 1c 24 <ff> 54 24 20 31 c0 8b
93 88 00 00 00 80 bb 50 02 00 00 03 0f 94
EIP: [<00770297>] SS:ESP 0068:d7913ee8

The guest OS then dies. The last message it prints out is "Freeing unused kernel memory". Does anyone know how to disable pax in such a way so that qemu works properly? (Note: When invoking qemu with the -no-kqemu option the guest OS boots, but this is not the desired way of running the guest os)

Re: Problems with (K)QEMU and PAX

PostPosted: Fri Jun 22, 2007 5:10 am
by PaX Team
john_taucher wrote:Does anyone know how to disable pax in such a way so that qemu works properly?
disable KERNEXEC as it prevents kqemu from executing runtime generated code (or it looks that way at least based on the addresses involved). but just in case it was due to a bug i fixed in PaX/KERNEXEC/module handling, you should give the latest test patch a try.

KERNEXEC

PostPosted: Fri Jun 22, 2007 10:02 pm
by john_taucher
Can KERNEXEC be toggled on a per-device basis (for example, only on /dev/kqemu) or must it be turned off on a system wide basis? I will give the latest test patch a try when I get back from my business trip. Thank you!

- John

Re: KERNEXEC

PostPosted: Mon Jun 25, 2007 7:32 am
by PaX Team
john_taucher wrote:Can KERNEXEC be toggled on a per-device basis (for example, only on /dev/kqemu) or must it be turned off on a system wide basis?
KERNEXEC protects the kernel itself, it has no sense of anything userland, so your only remedy is to disable it in the kernel's config.
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/