Chris Oo
Chris Oo
hmm... if we tried an experiment where we zero memory for the whole guest, does it work? Or just zero out the whole range we load the linux kernel in?...
I suspect the issue is that the dma gpa range is being stomped on by the servicing load & nvme device. I'll see if i can take a look later...
This actually looks like some kind of race between an interrupt arriving and us onlining a sidecar VP. See #2070, but we fail on every test with this assertion: openhcl/underhill_core/src/vp.rs:300:13:
doesn't seem to work: ``` [kmsg]: [164.823916] diag_server::diag_service: INFO exec request command=/bin/sh stdin=0x5 stdout=0x6 stderr=0x7 tty=true [kmsg]: [164.973735] diag_server::diag_service: INFO spawned child pid=69 [kmsg]: [164.977054] sh[69]: segfault at 55ffce9b40e0 ip...
that segfault seems similar to something i saw long ago - i wonder if we're doing something wrong in our kvm backend.
I'm going to hold of updating this until John's refactor PR is in - I don't know if we still need it?
What's missing here?
I think what we'd want to do here is have the bootshim report via dt the unmeasured portion of the command line (if any), since the bootshim is the only...
I don't know - I think that's something we'll need to discuss with the attestation folks. In my PR I intend to report the string contents of the dynamic part.
Actually, the right thing to do is have the unsafe-reviewers.py script to validate that someone from the unsafe reviewers signed off, and mark red otherwise.