vmware-workstation-12.1.0.3272444-r2 and app-emulation/vmware-modules-308.1.0 with USE="pax_kernel", using either sys-kernel/hardened-sources or vanilla+pax, the host system reboots instantly when a guest VM is started. Currently using gcc-4.9.4, hardened profile. This isn't a new problem - I remember having this problem with several different 4.x kernels and vmware 10.x - 12.x, but here are details on the most recent combination I've tried. I've tried the following, always with the same reboot: - hardened-sources-4.5.7-r5, most GRKERNSEC+PAX features enabled except CONFIG_GRKERNSEC_IO - hardened-sources-4.5.7-r5, CONFIG_PAX=n - hardened-sources-4.5.7-r5, CONFIG_GRKERNSEC_CONFIG_AUTO + CONFIG_GRKERNSEC_CONFIG_VIRT_HOST + CONFIG_GRKERNSEC_CONFIG_VIRT_VMWARE - hardened-sources-4.5.7-r5, CONFIG_GRKERNSEC=n (and thus PAX is not even asked about) - hardened-sources-4.4.8-r1 (newest hardened-4.4.x) with CONFIG_GRKERNSEC=n - stock 4.5.7 + https://grsecurity.net/~paxguy1/pax-linux-4.5.7-test24.patch, all features =n Just as sanity checks, these work fine: - gentoo-sources-4.4.18 - stock 4.5.7 Combinations are somewhat limited because vmware support lags behind newer kernels, but hardened-sources / pax patches are not available for the latest 4.4 stable kernels, etc. In all cases using hardened-sources / pax, vmware-modules compiles fine and /etc/init.d/vmware loads them all successfully. But when powering-on a guest VM using a kernel with pax and/or grsec patches included, the box reboots instantly. With maximum printk spam to a serial console, I get: hardened-sources-4.5.7-r5: [ NNN.183657] grsec: From NN.NN.NN.NN: mount of to / by /opt/vmware/lib/vmware/bin/vmware-vmx[vmx-vmem:3183] uid/euid:NNN/NNN gid/egid:NNN/NNN, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0 [ NNN.200870] grsec: From NN.NN.NN.NN: mount of /tmp/vmware-AAAAAA/564dfb1a-ee72-9771-b6ab-6a87daa42160 to /tmp/vmware-AAAAAA/564dfb1a-ee72-9771-b6ab-6a87daa42160 by /opt/vmware/lib/vmware/bin/vmware-vmx[vmx-vmem:3183] uid/euid:NNN/NNN gid/egid:NNN/NNN, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0 ...and then BIOS POST messages. stock 4.5.7 + pax-linux-4.5.7-test24.patch I get: [ NNN.046581] /dev/vmmon[2418]: PTSC: initialized at 2099997000 Hz using TSC, TSCs are synchronized. [ NNN.302698] /dev/vmmon[2418]: Monitor IPI vector: ff [ NNN.307676] /dev/vmmon[2418]: HV IPI vector: f2 ...and then BIOS POST messages from the host. Slightly surprising to me that hardened-sources does not get to a single /dev/vmmon message before dying but pax does. Using gentoo-sources-4.4.18, it works as expected. printk's and syslogs start: [ NNN.342597] /dev/vmmon[9935]: PTSC: initialized at 2099999000 Hz using TSC, TSCs are synchronized. [ NNN.574193] /dev/vmmon[9935]: Monitor IPI vector: ff [ NNN.574197] /dev/vmmon[9935]: HV IPI vector: f2 vmnetBridge: RTM_NEWLINK: name:eth0 index:2 flags:0x00011043 [ NNN.794746] /dev/vmnet: open called by PID 9944 (vmx-vcpu-0) [ NNN.794760] device eth0 entered promiscuous mode [ NNN.794842] bridge-eth0: enabled promiscuous mode [ NNN.794844] /dev/vmnet: port on hub 0 successfully opened ...and the VM sucessfully starts. This system has two E5-2620v2's, but I think I have experienced this on various recent Core2 and newer Intel CPUs. This seems similar to what is discussed in this old but not ancient grsecurity forum thread: https://forums.grsecurity.net/viewtopic.php?f=3&t=4211 I have not tried the vmception suggestion at the end of the thread, host_no_pax(vmware(guest_with_pax(vmware(guest)))). Not sure what else that will give me (other than faster reset time!) since I do have a working serial console for the host.
can you test hardened-sources-4.7.6
Tested / duplicated with hardened-sources-4.7.8, same behavior.
(In reply to Hank Leininger from comment #0) > vmware-workstation-12.1.0.3272444-r2 and > app-emulation/vmware-modules-308.1.0 with USE="pax_kernel", using either > sys-kernel/hardened-sources or vanilla+pax, Could you kindly re-test with [I-O] [ ] app-emulation/vmware-modules-308.5.4:0 [I-O] [ ] app-emulation/vmware-tools-10.1.5.5055693:0 [I-O] [ ] app-emulation/vmware-workstation-12.5.4.5192485:0 please ? Thanks in advance!
This is dup of the bug #382793 where I reported the same issue back in 2011. It used to work fine before that.
REFERENCE: Bug 616958 : 12.5.7 version bump , comments {30..48} : [ https://bugs.gentoo.org/show_bug.cgi?id=616958#c30 ] .. [ https://bugs.gentoo.org/show_bug.cgi?id=616958#c48 ]
VMware Products have been removed from Main Portage Tree during Nov-2017. Further development has been relegated to [vmware] Overlay. Situation as of today, 30-Nov-2017: Workstation : stable in [vmware] = 12.5.8 / released = 14.0.0 : Bug 634770 Player : stable in [vmware] = 12.5.8 / released = 14.0.0 : Bug 639162 Modules : stable in [vmware] = 308.5.8 / released = 329.0.0 : Bug 634862 Tools : stable in [vmware] = 10.1.6 / released = 10.1.15 : Bug 634854