;ve completed one full package
build (so, 31,000+ ports) without issue. The one package building VM
we have on the system (so no other VMs) is running HardenedBSD
14-CURRENT. Meaning, we don't run anything other than HardenedBSD VMs.
[0]: https://git.hardenedbsd.o
eoretical discussions keep taking place.
A bit more than two years later, and this is still a topic of
discussion. I'm curious if anyone has a patch to punish me with. I'm
very happy to be a guinea pig.
Thanks,
--
Shawn Webb
Cofounder / Security Engineer
HardenedBSD
GPG Key ID: 0x
t;
END rc.conf
BEGIN pf.conf
table counters { \
192.168.254.0/24 \
}
scrub in all
nat on em0 from {} to any -> (em0)
nat on wlan0 from {} to any -> (wlan0)
pass in all
pass out all
END pf.conf
Thanks,
--
Sha
ting" test. :)
Thanks,
--
Shawn Webb
Cofounder / Security Engineer
HardenedBSD
Tor-ified Signal:+1 443-546-8752
Tor+XMPP+OTR:latt...@is.a.hacker.sx
GPG Key ID: 0xFF2E67A277F8E1FA
GPG Key Fingerprint: D206 BB45 15E0 9C49 0CF9 3633 C85B 0AF8 AB23 0FB2
On Mon, May 27, 2019 at 1
Awesome. If you can bring the relevent branches up-to-date with
FreeBSD HEAD, I'd be more than happy to merge it into a feature branch
on HardenedBSD's side and help test here.
Thanks,
--
Shawn Webb
Cofounder / Security Engineer
HardenedBSD
Tor-ified Signal:+1 443-546-8752
To
Hey all,
I'm trying to figure out the state of bhyve on arm64 in 13-current. I
have two SoftIron OverDrive 1000s, a bajillion RPI3s, a Pine64,
Rock64, and PineBook, and a ThunderX2. Punish me.
Thanks,
--
Shawn Webb
Cofounder / Security Engineer
HardenedBSD
Tor-ified Signal:+1 443-546
On Mon, Mar 11, 2019 at 11:09:07AM -0700, Rodney W. Grimes wrote:
> > On Mon, Mar 11, 2019 at 10:58:55AM -0700, Rodney W. Grimes wrote:
> > > -- Start of PGP signed section.
> > > > On 2019-03-11T13:08:53 -0400
> > > > Shawn Webb wrote:
> > > >
On Mon, Mar 11, 2019 at 10:58:55AM -0700, Rodney W. Grimes wrote:
> -- Start of PGP signed section.
> > On 2019-03-11T13:08:53 -0400
> > Shawn Webb wrote:
> > >
> > > If your guest OS supports it, you could probably write two scripts that
> > > uses vi
On Mon, Mar 11, 2019 at 05:21:58PM +, Mark Raynsford wrote:
> On 2019-03-11T13:08:53 -0400
> Shawn Webb wrote:
> >
> > If your guest OS supports it, you could probably write two scripts that
> > uses virtio_console(4), one for the guest to tell the host "HELLO&quo
; and "NICE TO SEE YOU!" with the right
logic you're looking for. ;)
The "HELLO" bit could be written as an init script.
Thanks,
--
Shawn Webb
Cofounder and Security Engineer
HardenedBSD
Tor-ified Signal:+1 443-546-8752
Tor+XMPP+OTR:latt...@is.a.hacker.sx
GPG Key ID: 0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
signature.asc
Description: PGP signature
> removed.
I've found that the big distros (CentOS, Debian, Ubuntu) work very
well with bhyve's UEFI support. It has been years since I used either
bhyveload or grub-bhyve.
CentOS does need a little massaging, renaming GRUBx64.efi to
BOOTx64.efi or something like that. I can never remem
On Sat, Aug 11, 2018 at 10:02:27PM +0700, Victor Sudakov wrote:
> Shawn Webb wrote:
> > > > > > Are there issues with Current CEntos and bhyve?
> > > > >
> > > > > Sure there are, please look at
> > > > > https://bugs.freebsd.or
On Sat, Aug 11, 2018 at 09:34:48PM +0700, Victor Sudakov wrote:
> Shawn Webb wrote:
> > On Sat, Aug 11, 2018 at 12:53:05PM +0700, Victor Sudakov wrote:
> > > The Doctor via freebsd-virtualization wrote:
> > > > Are there issues with Current CEntos and bhyve?
>
On Sat, Aug 11, 2018 at 12:53:05PM +0700, Victor Sudakov wrote:
> The Doctor via freebsd-virtualization wrote:
> > Are there issues with Current CEntos and bhyve?
>
> Sure there are, please look at
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230453
Booting in UEFI mode
VMWare's ESXi uses a special scheduler to do what it does. I wonder if
it would be worthwhile to investigate implementing a scheduler in
FreeBSD that provides decent performance for virtualized workloads.
Thanks,
--
Shawn Webb
Cofounder and Security Engineer
HardenedBSD
Tor-ified Signal:+
d rtty more than i have. i don't
> believe that tmux has logging.
tmux supports logging. I've used it before to help document some
setups I've done for clients.
Take a look at my .tmux.conf[1] to find out how to do it:
[1]: https://github.com/lattera/dotfiles/blob/master/.tmux.co
like it when tap devices are
renamed. Can anyone shed some light on this?
Thanks,
--
Shawn Webb
Cofounder and Security Engineer
HardenedBSD
Tor-ified Signal:+1 443-546-8752
GPG Key ID: 0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
signature.asc
Description: PGP signature
Hey C.L. Martinez,
Sorry for the top post as I'm responding from my phone.
HardenedBSD has fixed this in bhyve for quite a few months. I'm unsure if
Peter Grehan plans to pull in the commits, but he knows about them.
Thanks,
Shawn
On Jun 3, 2017 15:49, "C. L. Martinez" wrote:
> Hi all,
>
>
On Friday, 10 February 2017 01:41:26 PM Shawn Webb wrote:
> On Friday, 10 February 2017 06:35:19 PM C. L. Martinez wrote:
> > On Fri, Feb 10, 2017 at 01:27:21PM -0500, Shawn Webb wrote:
> > > On Friday, 10 February 2017 06:15:13 PM C. L. Martinez wrote:
> > > >
On Friday, 10 February 2017 06:35:19 PM C. L. Martinez wrote:
> On Fri, Feb 10, 2017 at 01:27:21PM -0500, Shawn Webb wrote:
> > On Friday, 10 February 2017 06:15:13 PM C. L. Martinez wrote:
> > > Hi all,
> > >
> > > I am trying to create an OpenBSD 6.0 virtual
ageexec and mprotect restrictions
for grub-bhyve. You can find a sample rule here:
https://github.com/HardenedBSD/secadm-rules/blob/master/grub-bhyve.rule
Thanks,
--
Shawn Webb
Cofounder and Security Engineer
HardenedBSD
GPG Key ID: 0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF
other ideas how to scrub off or clear out deleted data from a zpool
> and/or this kind of file-backed device?
Instead of dd'ing /dev/zero, try /dev/random. All zeros compress
extremely well, [pseudo-]random data does (or, ideally, should) not.
--
Shawn Webb
Cofounder and Security Enginee
get the last modified
date.
Again, your efforts are both much needed and much appreciated.
[0]: https://reviews.freebsd.org/
Thanks,
--
Shawn Webb
Cofounder and Security Engineer
HardenedBSD
GPG Key ID: 0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
signature.asc
Description: PGP signature
stinfo/freebsd-virtualization
> To unsubscribe, send any mail to
> "freebsd-virtualization-unsubscr...@freebsd.org"
> ___
> freebsd-virtualization@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-virtualiz
glad to report that it's working flawlessly, even when compiled with
PIE + RELRO + BIND_NOW.
Here's a little screenshot showing CentOS getting installed:
https://photos.google.com/share/AF1QipPKqcVSwcPYxqEmfjXFJaMojL09ltTqmMsj-KXwdVftUL1BQQIfAApJrp8js4OMuQ?key=bG9YOE5ubS0yOEFrdml
Hey All,
I'm experiencing a kernel panic at boot time on my RootBSD VPS on FreeBSD-
CURRENT.
Since I'm limited to VNC, I've uploaded a screenshot of the crash here:
http://imgur.com/yWtvJDc
Thanks,
--
Shawn Webb
HardenedBSD
GPG Key ID:0x6A84658F52456EEE
GPG
On Thursday, February 19, 2015 01:55:40 PM Ashutosh Kumar wrote:
> FreeNAS uses disk serial number as identifier. We found that
> on Bhyve all AHCI controllers return common disk serial number i.e.
> ‘123456’. See attached screenshot. Due to this FreeNAS is not able to
> uniquely identify an AHCI d
On Friday, December 26, 2014 12:07:44 PM Neel Natu wrote:
> Hi Shawn,
>
> On Fri, Dec 26, 2014 at 6:26 AM, Shawn Webb wrote:
> > Hey All,
> >
> > I'm running a FreeBSD/amd64 11-current (r276204) guest VM in bhyve. It
> > seems that running Poudriere in it c
Hey All,
I'm running a FreeBSD/amd64 11-current (r276204) guest VM in bhyve. It
seems that running Poudriere in it causes the VM to exit.
This is what bhyve outputs when the VM dies:
reason VMX
rip 0x80d68564
inst_length 5
status
I've upgraded to a recent 11-CURRENT/amd64 on my RootBSD VPS and the xn
devices don't seem to work, I've linked to vnc screenshots below. I'm on
r275701.
http://imgur.com/7HKtUcs,O273mq7
Thanks,
Shawn
___
freebsd-virtualization@freebsd.org mailing list
On Tue, Dec 9, 2014 at 12:40 PM, Peter Grehan wrote:
> Hi Shawn,
>
> I doubt this has anything to do with vtnet. My guess is that
>>> netisr_proto[NETISR_ETHER].np_handler(m) is NULL for some reason. Do
>>> you have a dump?
>>>
>>
>> core.txt is attached. I've also uploaded it to the link belo
I was running Poudriere in bhyve. I got this kernel panic. I'm on a new
11-CURRENT as of this morning. Would this be a NULL pointer deref?
`uname -a`: FreeBSD 11.0-CURRENT FreeBSD 11.0-CURRENT #1
b5310d8(hardened/current/master)-dirty: Mon Dec 8 12:58:12 UTC 2014
shawn@pkg-build-01:/usr/obj/usr/
On Sat, 22 Nov 2014 19:57:07 -0800
Peter Grehan wrote:
> Hi Shawn,
>
> > Interesting. I'll have to do more digging. Because removing map_at_zero
> > support is the same as keeping it at the default of 0. It's not possible
> > that our ASLR implementation is affecting bhyve, since our ASLR
> > im
On Nov 22, 2014 10:48 PM, "Peter Grehan" wrote:
>>
>> Nope. What if you have map_at_zero set to 0? Dies bhyve work then?
>
>
> Works with the default of 0, and also with it being set to 1.
>
> later,
>
> Peter.
>
Interesting. I'll have to do more digging. Because removing map_at_zero
support is
On Nov 22, 2014 10:44 PM, "Peter Grehan" wrote:
>
> Hi Shawn,
>
>
>> There isn't. map_at_zero was fully removed. I can revert that change,
>> though. Or is there a way to make bhyve work with out it (with a patch)?
>
>
> I just set
>
>sysctl security.bsd.map_at_zero=1
>
> .. on my test syste
On Nov 22, 2014 10:27 PM, "Peter Grehan" wrote:
>
> Hi Shawn,
>
>
>> It's hardenedBSD. I'll try a stock build tomorrow. The only change we
>> have that could affect bhyve is the removal of map_at_zero.
>
>
> This may be the issue. bhyve creates a kernel-use-only vmspace that
represents guest memo
On Nov 22, 2014 10:15 PM, "Peter Grehan" wrote:
>
> Hi Shawn,
>
>
>> Forgot to mention, I'm on r274859.
>
>
> I have a working system at r274783. A quick glance doesn't show anything
obvious that may cause a regression, but I'm rebuilding now and will give
it a try.
>
> Is your system stock FreeB
On Sat, 22 Nov 2014 21:52:45 -0500
Shawn Webb wrote:
> So I just built a new dev box with 32GB ram and an Intel Core i7-4790S
> (Haswell). I've enabled virtualization in the BIOS. I'm running 11.0-CURRENT,
> updated today.
>
> When I run `bhyveload -m 4G -d /dev/zvo
s out with: vm_setup_memory: Cannot allocate memory
But I've got 32GB ram, so I'm a little unsure as to why it can't allocate the
required space. Can anyone shed some light on this? Is this a bug?
Thanks,
Shawn Webb
___
freebsd-virtualization@free
39 matches
Mail list logo
