On 02 May 2023 00:19, NetValue Operations Centre wrote:
Good thinking, trying that.
I worked through some of the cpu features, and when removing the line:
<feature policy='require' name='pku'/>
the test VM on 5.10.0-22-amd64 booted successfully.
https://www.kernel.org/doc/Documentation/x86/protection-keys.txt
"Memory Protection Keys provides a mechanism for enforcing page-based
protections"
"The kernel will send a SIGSEGV in both cases, but si_code will be set
to SEGV_PKERR when violating protection keys versus SEGV_ACCERR when
the plain mprotect() permissions are violated."
So, sounds like a memory protection system which can result in seg faults.
AFAICT the host system is running just fine with PKU feature on hosts
running either 5.10.0-21-amd64 or 5.10.0-22-amd64, and the host kernel
doesn't seem to affect the guest's behaviour either, only if the guest
is running 5.10.0-22-amd64 with PKU passed through.
I don't know the best bug tracker to create a ticket in would be...
https://packages.debian.org/bullseye/linux-image-5.10.0-22-amd64 ?
Regards,
I have a "similar" problem on a Xen dom0, using a Ryzen 1700x.
Xen dom0 won't boot with the new "5.10.0-22-amd64" kernel, but using
"5.10.0-21-amd64" works.
I don't have a serial console to read the full output, the last visible
line is "dom0 has 2 vCPUs". So it happens during the creation of dom0.
With a working kernel (so "5.10.0-21-amd64"), the next lines read:
(XEN) Initial low memory virq threshold set at 0x4000 pages.
(XEN) Scrubbing Free RAM in background
So, as you said, it seems related to some "memory handling/protection
system".
But I didn't have any problem updating the Debian domUs to the new
kernel, while using the old one in dom0.
PS: if I'm not mistaken, the equivalent of Xen CPU attribution for VMs
in KVM is "host-passthrough", maybe try that in your VM configs ?