bhyve: Detecting that a guest kernel has booted
Shawn Webb
shawn.webb at hardenedbsd.org
Mon Mar 11 18:13:36 UTC 2019
On Mon, Mar 11, 2019 at 11:09:07AM -0700, Rodney W. Grimes wrote:
> > On Mon, Mar 11, 2019 at 10:58:55AM -0700, Rodney W. Grimes wrote:
> > > -- Start of PGP signed section.
> > > > On 2019-03-11T13:08:53 -0400
> > > > Shawn Webb <shawn.webb at hardenedbsd.org> wrote:
> > > > >
> > > > > If your guest OS supports it, you could probably write two scripts that
> > > > > uses virtio_console(4), one for the guest to tell the host "HELLO" and
> > > > > one for the host to say "NICE TO SEE YOU!" once the guest's "HELLO" is
> > > > > received.
> > > > >
> > > >
> > > > They're a mix of FreeBSD, OpenBSD, and Debian guests. So I'm guessing
> > > > one out of three of those supports it...
> > > >
> > > > I suppose my other option would be to add (another) NFS mount in each
> > > > guest, and have them touch a file early in the init script (and
> > > > possibly touch a different file early in the shutdown script).
> > >
> > > Well ICMP is in the kernel, and should be working as soon as the
> > > interface is up, long before you could do anything with NFS,
> > > so rather than the complexity above a simple ping would suffice.
> >
> > Just a note: Windows systems disable inbound ICMP by default, but
> > inbound ICMP support can be enabled post-installation.
> >
> > > There is also the phase of vmm(8) startup that when you are
> > > running bhyveload vs bhyve and iirc grubload vs bhyve, that
> > > can be detected. vmbhyve does so and says you are in state
> > > looader when you do a vm list.
> >
> > I would suggest using bhyve with UEFI. I wish a death upon bhyveload
> > and grub2-bhyve.
>
> I have no love for them either, but until we get our UEFI updated
> it is a rather sad state of affairs. If we could a) get on a modern
> version of ed2k, and b) bet the CSM fixed so that we could actually
> boot bios mode stuff with it and c) maybe make a port of seabios
> that could be used then we would be kicking some seriuos stuff!
If I'm able to run an internship this year like I did last year, I
might have my interns update our UEFI firmware to the latest release
and/or make a BSDL seabios port.
My employer was recently acquired, so I'm likely not going to run an
internship this year.
Thanks,
--
Shawn Webb
Cofounder and Security Engineer
HardenedBSD
Tor-ified Signal: +1 443-546-8752
Tor+XMPP+OTR: lattera at is.a.hacker.sx
GPG Key ID: 0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-virtualization/attachments/20190311/ec39ee6c/attachment.sig>
More information about the freebsd-virtualization
mailing list