>> gordon Code # ./check-nx >> nx: enabled >> gordon Code # >> >> OK, seems to be enabled just fine. Any other ideas? I am beginning to >> get that horrible feeling that there isn't a real problem and it is just >> me being dumb! >> > I really hope so, because I am out of ideas... :) > > Can you verify check-nx returns disabled on the guest? > Does /proc/cpuinfo show nx in the guest? > OK, time for a summary: Host: /proc/cpuinfo shows 'nx' and check-nx shows 'enabled' Guest: /proc/cpuinfo doesn't show nx and check-nx shows 'disabled' Guest (with -no-kvm option): /proc/cpuinfo shows 'nx', but check-nx still shows 'disabled' Below I have included all the listings which I think might be useful, but if you would like to see anything else then please ask. HOST: /proc/cpuinfo processor : 0 vendor_id : AuthenticAMD cpu family : 15 model : 79 model name : AMD Athlon(tm) 64 Processor 3200+ stepping : 2 cpu MHz : 1000.000 cache size : 512 KB fpu : yes fpu_exception : yes cpuid level : 1 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx mmxext fxsr_opt rdtscp lm 3dnowext 3dnow rep_good nopl pni cx16 lahf_lm svm extapic cr8_legacy bogomips : 2000.06 TLB size : 1024 4K pages clflush size : 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management: ts fid vid ttp tm stc GUEST with command line - kvm -hda /dev/mapper/vols-andrew -kernel ./bzImage -append root=/dev/hda2 -cpu host -runas xx -net nic -net user -m 256 -k en-gb -vnc :1 -monitor stdio /proc/cpuinfo processor : 0 vendor_id : AuthenticAMD cpu family : 15 model : 79 model name : AMD Athlon(tm) 64 Processor 3200+ stepping : 2 cpu MHz : 10000.330 cache size : 512 KB fpu : yes fpu_exception : yes cpuid level : 1 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall mmxext fxsr_opt lm rep_good pni cx16 lahf_lm bogomips : 2000.06 TLB size : 1024 4K pages clflush size : 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management: Results of paxtest PaXtest - Copyright(c) 2003,2004 by Peter Busser <peter@xxxxxxxxxxxxx> Released under the GNU Public Licence version 2 or later Mode: kiddie Linux andrew 2.6.28-hardened-r9 #4 Mon Jan 18 22:39:31 GMT 2010 x86_64 AMD Athlon(tm) 64 Processor 3200+ AuthenticAMD GNU/Linux Executable anonymous mapping : Vulnerable Executable bss : Vulnerable Executable data : Vulnerable Executable heap : Vulnerable Executable stack : Vulnerable Executable anonymous mapping (mprotect) : Vulnerable Executable bss (mprotect) : Vulnerable Executable data (mprotect) : Vulnerable Executable heap (mprotect) : Vulnerable Executable stack (mprotect) : Vulnerable Executable shared library bss (mprotect) : Vulnerable Executable shared library data (mprotect): Vulnerable Writable text segments : Killed Anonymous mapping randomisation test : 33 bits (guessed) Heap randomisation test (ET_EXEC) : 13 bits (guessed) Heap randomisation test (ET_DYN) : 40 bits (guessed) Main executable randomisation (ET_EXEC) : No randomisation Main executable randomisation (ET_DYN) : 12 bits (guessed) Shared library randomisation test : 33 bits (guessed) Stack randomisation test (SEGMEXEC) : 40 bits (guessed) Stack randomisation test (PAGEEXEC) : 40 bits (guessed) Return to function (strcpy) : paxtest: bad luck, try different compiler options. Return to function (memcpy) : *** buffer overflow detected ***: rettofunc2 - terminated rettofunc2: buffer overflow attack in function <unknown> - terminated Report to http://bugs.gentoo.org/ Killed Return to function (strcpy, RANDEXEC) : paxtest: bad luck, try different compiler options. Return to function (memcpy, RANDEXEC) : *** buffer overflow detected ***: rettofunc2x - terminated rettofunc2x: buffer overflow attack in function <unknown> - terminated Report to http://bugs.gentoo.org/ Killed Executable shared library bss : Killed Executable shared library data : Killed GUEST with command line - kvm -hda /dev/mapper/vols-andrew -kernel ./bzImage -append root=/dev/hda2 -no-kvm -runas xx -net nic -net user -m 256 -k en-gb -vnc :1 -monitor stdio /proc/cpuinfo processor : 0 vendor_id : AuthenticAMD cpu family : 6 model : 2 model name : QEMU Virtual CPU version 0.12.3 stepping : 3 cpu MHz : 1998.067 cache size : 512 KB fpu : yes fpu_exception : yes cpuid level : 4 wp : yes flags : fpu de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 syscall nx lm pni cx16 lahf_lm svm abm sse4a bogomips : 3996.13 TLB size : 1024 4K pages clflush size : 64 cache_alignment : 64 address sizes : 40 bits physical, 48 bits virtual power management: Results of paxtest PaXtest - Copyright(c) 2003,2004 by Peter Busser <peter@xxxxxxxxxxxxx> Released under the GNU Public Licence version 2 or later Mode: kiddie Linux andrew 2.6.28-hardened-r9 #4 Mon Jan 18 22:39:31 GMT 2010 x86_64 QEMU Virtual CPU version 0.12.3 AuthenticAMD GNU/Linux Executable anonymous mapping : Killed Executable bss : Killed Executable data : Killed Executable heap : Killed Executable stack : Killed Executable anonymous mapping (mprotect) : Killed Executable bss (mprotect) : Killed Executable data (mprotect) : Killed Executable heap (mprotect) : Killed Executable stack (mprotect) : Killed Executable shared library bss (mprotect) : Killed Executable shared library data (mprotect): Killed Writable text segments : Killed Anonymous mapping randomisation test : 33 bits (guessed) Heap randomisation test (ET_EXEC) : 13 bits (guessed) Heap randomisation test (ET_DYN) : 40 bits (guessed) Main executable randomisation (ET_EXEC) : No randomisation Main executable randomisation (ET_DYN) : 12 bits (guessed) Shared library randomisation test : 33 bits (guessed) Stack randomisation test (SEGMEXEC) : 40 bits (guessed) Stack randomisation test (PAGEEXEC) : 40 bits (guessed) Return to function (strcpy) : paxtest: bad luck, try different compiler options. Return to function (memcpy) : *** buffer overflow detected ***: rettofunc2 - terminated rettofunc2: buffer overflow attack in function <unknown> - terminated Report to http://bugs.gentoo.org/ Killed Return to function (strcpy, RANDEXEC) : paxtest: bad luck, try different compiler options. Return to function (memcpy, RANDEXEC) : *** buffer overflow detected ***: rettofunc2x - terminated rettofunc2x: buffer overflow attack in function <unknown> - terminated Report to http://bugs.gentoo.org/ Killed Executable shared library bss : Killed Executable shared library data : Killed -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
