On Friday, 10 February 2017 06:15:13 PM C. L. Martinez wrote:
> Hi all,
> 
>  I am trying to create an OpenBSD 6.0 virtual guest under FreeBSD 11 bhyve
> server. When I try list cd contents, segmentation faults appears:
> 
> grub-bhyve -d /data/vms/conf/obsdfwwif -m device.map -r cd0 obsdfwwif
> 
> 
>                                                                          GNU
> GRUB  version 2.00
> 
>    Minimal BASH-like line editing is supported. For the first word, TAB
> lists possible command completions. Anywhere else TAB lists possible device
> or file completions.
> 
> 
> grub>ls
> Segmentation fault
> 

Hey C.L. Martinez,

This is because grub-bhyve creates memory mappings that are both writable and 
executable, something that is disallowed by default on HardenedBSD.

You'll need to add a secadm rule to disable pageexec and mprotect restrictions 
for grub-bhyve. You can find a sample rule here:

https://github.com/HardenedBSD/secadm-rules/blob/master/grub-bhyve.rule

Thanks,

-- 
Shawn Webb
Cofounder and Security Engineer
HardenedBSD

GPG Key ID:          0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89  3D9E 6A84 658F 5245 6EEE

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply via email to