On Tue, Dec 16, 2008 at 14:19, Romain BERGE <[email protected]> wrote: > Hey all, > > I am wondering of using and AMD CPU with the AMD-V. > I wonder of using KVM to virtualise a few Hardened server. > > Someone used already KVM+ Hardened ?
Anyone else get KVM running on a hardened host? I'm seeing some issues right now: - The kvm-82 modules use symbols only in 2.6.28, making it incompatible with the current hardened-sources: [ 1584.882179] kvm: Unknown symbol intel_iommu_domain_alloc [ 1584.882259] kvm: Unknown symbol intel_iommu_detach_dev [ 1584.882340] kvm: Unknown symbol intel_iommu_page_mapping [ 1584.882768] kvm: Unknown symbol intel_iommu_context_mapping [ 1584.882862] kvm: Unknown symbol intel_iommu_iova_to_pfn [ 1584.883441] kvm: Unknown symbol intel_iommu_domain_exit - KVM segfaults upon execution against the 2.6.27-hardened-r3; I haven't debugged it yet, but it may well be tied to the symbol issues - kqemu starts to compile with gcc-4.3.2-r2 but fails with a relocation error I'm seeing from several other packages under the new hardened gcc-4.3.2-r2: relocation R_X86_64_32 against `a local symbol' can not be used when making a shared object; recompile with -fPIC (I've already patched a few packages for these) - Even after disabling kqemu and switching to gcc-3.x, compiling qemu-softmmu results in the same error as above. Rather disappointing, I was hoping to get a hardened profile host backing my VMs. Guess it's back to a standard profile for a bit. RB
