Date: Fri, 10 Feb 2017 13:27:21 -0500 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: freebsd-virtualization@freebsd.org Subject: Re: Unable to create OpenBSD 6.0 bhyve guest Message-ID: <1757175.5Lz3SQ4xSy@hbsd-dev-laptop> In-Reply-To: <20170210181513.vtnq3ph5vmk3sbi4@scotland.uxdom.org> References: <20170210181513.vtnq3ph5vmk3sbi4@scotland.uxdom.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart3870221.ZfbzRfxnRL Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="us-ascii" On Friday, 10 February 2017 06:15:13 PM C. L. Martinez wrote: > Hi all, >=20 > I am trying to create an OpenBSD 6.0 virtual guest under FreeBSD 11 = bhyve > server. When I try list cd contents, segmentation faults appears: >=20 > grub-bhyve -d /data/vms/conf/obsdfwwif -m device.map -r cd0 obsdfwwif= >=20 >=20 > = GNU > GRUB version 2.00 >=20 > Minimal BASH-like line editing is supported. For the first word, T= AB > lists possible command completions. Anywhere else TAB lists possible = device > or file completions. >=20 >=20 > grub>ls > Segmentation fault >=20 Hey C.L. Martinez, This is because grub-bhyve creates memory mappings that are both writab= le and=20 executable, something that is disallowed by default on HardenedBSD. You'll need to add a secadm rule to disable pageexec and mprotect restr= ictions=20 for grub-bhyve. You can find a sample rule here: https://github.com/HardenedBSD/secadm-rules/blob/master/grub-bhyve.rule= Thanks, =2D-=20 Shawn Webb Cofounder and Security Engineer HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE --nextPart3870221.ZfbzRfxnRL Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEKrq2ve9q9Ia+iT2eaoRlj1JFbu4FAlieBgoACgkQaoRlj1JF bu7UYhAAhJKlLWdK3TdkzL4MpkCGsSOX4wAwgoHgBEMovpFJ+FwylkekfOe+2Ow2 peWQw/tSc0E+eGPJM1GxTde0qa/l3P94MUv44PLDpSSCs7AZGLgLp4CLXwSgKR2P vGRhR2YQFM+s57kH65xbP4sm5svKhbeYkQL0tgcAuyqSv5E//1H1d3UrSSqUB7F+ G9Tgw8vnLCHPWQoy6FhTwozE9s+aRtCxB/RjH6bD+Tj0hkSqp8SOpwI7IXJNUil0 U80hh0nCAiU/EpuhquejhKNFSZiqvoetH/YR+Mj2yNkfpKHIUCgRnu08pwsPTHzA 6qB5FmnQlBcSfzLpK2EQC2umi2mCtQMjAwb9r1/dWDlUYhxG11Afgub8Hkrk9rZx 4lKOSgdXZS4drqwi6+KbBUuynfNmBOUZRS0bmR6uz45xoLyki/kwa6Qid37dzG21 WvvklV4lmP97E6OMPYhcX/7IgR5Xx6GcExSBiuGTUeRNqbsexwtbqNByPcfCrw8r 4CGDCAneXPBpM2rcSvdSrjXonEgJyCXj/XzXg7K0hyOLlH4HnjVr9BHO8cWOfo6E Lz7TfIpYcCHR3XiU1sJdBxlzbFEApD9kPCZHvHrlv4F861WJ1m6+0vFQw4C+KeP2 NduSGgZmS6YkHulvMvDnVZSEhnXyYjloHYAcxDfvW68z5vJnnFM= =TFWr -----END PGP SIGNATURE----- --nextPart3870221.ZfbzRfxnRL--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1757175.5Lz3SQ4xSy>