VirtualBox

Ticket #15873 (closed defect: obsolete)

Opened 4 years ago

Last modified 3 years ago

Problems with hardening / VM crashing on 5.1.14 - RHEL5

Reported by: ThunderFox Owned by:
Component: other Version: VirtualBox 5.1.4
Keywords: hardening kernel panic Cc:
Guest type: Linux Host type: Windows

Description

Hello,

I have a virtual machine which has previously been ported from VMWare running RHEL5. This uses the Legacy paravirtualization mode for kernel compatibility, as for unknown reasons, this is the only way it used to run.

Porting was done a few months ago, by creating a new VM with the old VHD running on VBX 4.x up to 4.3.12, on Windows 7. The VM has always ran without problems.

After a system upgrade we moved onto Windows 10 and VBX 5.0.26. Since this upgrade, we keep running into errors related to the hardening feature. The error/behaviour is not always the same, and after 20-something tries in a row, the VM eventually starts and all is good.

In order to solve the hardening issue we decided to upgrade VBX to 5.1.0 and then 5.1.4. With these, the hardening errors remain. But even worse (the motivation for opening this ticket) is that when we manage to successfully boot the VM, there is a Kernel Panic and the vm halts with error "Kernel Panic - Not syncing: NMI watchdog".

We've gone back to 5.0.26 for the time being and all is working smoothly.

  • How do we solve the errors related to hardening?
  • How do we solve the error related to the kernel crashing on the most recent versions of VirtualBox? This seems to be completely unrelated to the hardening issues.

To add some extra data, I've looked up previous tickets opened on the hardening feature, and the issue for all of them seems to be reproducible. Ours does not occur in a consistent form, and sometimes the VM is allowed to start, which points to a bug rather than a safety issue.

You'll fine attached all the needed files and screenshots including the hardening.log.

We've tested this in both a HP machine with an AMD A8 PRO processor, as well as a Dell machine with a Core i7 processor. Both are running Windows 10 and the same versions of Virtualbox.

Going back to VBX4 is not a possibility since NDIS6 support is not available.

Attachments

VBoxHardening.log Download (168.6 KB) - added by ThunderFox 4 years ago.
Hardening log
Capture.PNG Download (14.3 KB) - added by ThunderFox 4 years ago.
First error that occurs
Capture2.PNG Download (18.0 KB) - added by ThunderFox 4 years ago.
Second error that occurs immediately after

Change History

Changed 4 years ago by ThunderFox

Hardening log

Changed 4 years ago by ThunderFox

First error that occurs

Changed 4 years ago by ThunderFox

Second error that occurs immediately after

comment:1 Changed 4 years ago by ThunderFox

Additionally there is this line on the provided log that seems to be related with the error we get:

28d0.1a84: supR3HardenedMonitor_LdrLoadDll: Refusing to load 'C:\Program Files\Avecto\Privilege Guard Client\PGHook.dll' as it is expected to create undesirable threads that will upset our respawn checks (returning STATUS_TOO_MANY_THREADS)

Also, this does not yet include any of the Kernel Panic issues since we've gone back to 5.0 for now.

comment:2 Changed 4 years ago by frank

So with 5.0.26 you can start your VM sometimes, sometimes not but with 5.1.4 you get a guest kernel panic, correct? I would like to see a VBox.log file with VBox 5.1.4.

comment:3 Changed 3 years ago by IrishGold

I also have this problem: a CentOS 5.9 VM working correctly on VirtualBox 5.0.32 r112930 (VirtualBox-5.0-5.0.32_112930_el7-1.x86_64), while it doesn't work on 5.1.22 r115126 and display the "Kernel Panic - Not syncing: NMI watchdog" message.

This ticket hasn't been updated for 10 months. Is there any development?

Thanks for providing updates.

comment:4 Changed 3 years ago by frank

IrishGold, this ticket mentions Windows hardening while you are obviously are using an EL7 host (not Windows). Please open a new ticket and attach the VBox.log file of such a VM session. I've asked questions in comment:2 which were not answered. Therefore I will close this ticket.

comment:5 Changed 3 years ago by frank

  • Status changed from new to closed
  • Resolution set to obsolete
Note: See TracTickets for help on using tickets.

www.oracle.com
ContactPrivacy policyTerms of Use