> 2008/12/21 Sadako <[email protected]>: >>> I have one virtualbox using VT extensions, and runs fine. I have used >>> PaX in the guest with rsbac 1.3.7 and the noexec based on segmentation >>> and all others on (peMRXS flags) and goes fine (with pageexec does not >>> work, hangs at boot, so I switch segmexec). I think that you shouldn't >>> have any troubles with kvm, if you have some try using virtualbox. >>> I added -D_FORTIFY_SOURCE=2 to the cflags in make.conf compilation, it >>> runs fine too and I think is safe. Not hangs at the moment. >>> >>> 2008/12/16 Romain BERGE <[email protected]>: >>>> Hey all, >>>> >>>> I am wondering of using and AMD CPU with the AMD-V. >>>> I wonder of using KVM to virtualise a few Hardened server. >>>> >>>> Someone used already KVM+ Hardened ? >>>> >>>> Working fine ? >>>> >>>> Thanks >>>> >>>> Regards >>>> >>>> >>> >>> >> Do you actually have the virtualbox _host_ running under >> hardened-sources? >> If so, could you please upload your kernel config somewhere? >> >> I've been trying to do the same, but upon trying to boot a guest (any >> guest) via virtualbox the host box locks up, and I've tried everything I >> can think of, including disabling _all_ grsec and pax options within the >> kernel... >> >> >> > > Are you sure is related to the host?. Why?. > > It's the host box which is locking up, and the host which is running hardened-sources. Booting the host with gentoo-sources, and it works fine.
I believe others have had the same issue as me, however there is at least one person who has had it working without any issues, see this fgo thread; https://forums.gentoo.org/viewtopic-t-713850.html Unfortunately, that user informed me via PM that he no longer has the kernel configs he used...
