From owner-freebsd-virtualization@freebsd.org  Mon Mar 11 18:13:35 2019
Return-Path: <owner-freebsd-virtualization@freebsd.org>
Delivered-To: freebsd-virtualization@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id BE2891528962
 for <freebsd-virtualization@mailman.ysv.freebsd.org>;
 Mon, 11 Mar 2019 18:13:35 +0000 (UTC)
 (envelope-from shawn.webb@hardenedbsd.org)
Received: from mail-qk1-x744.google.com (mail-qk1-x744.google.com
 [IPv6:2607:f8b0:4864:20::744])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 97F8773D18
 for <freebsd-virtualization@freebsd.org>; Mon, 11 Mar 2019 18:13:34 +0000 (UTC)
 (envelope-from shawn.webb@hardenedbsd.org)
Received: by mail-qk1-x744.google.com with SMTP id z76so2444655qkb.12
 for <freebsd-virtualization@freebsd.org>; Mon, 11 Mar 2019 11:13:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hardenedbsd.org; s=google;
 h=date:from:to:cc:subject:message-id:references:mime-version
 :content-disposition:in-reply-to:user-agent;
 bh=l5RAA+jSpXlIj7dLOMKqtu3qL4KGQU2seJCecRYjba4=;
 b=JhFHQG0hU0KJSi0XkdA387mro0Ep20RNd++mkJy/w1hwBwRZDpe2FccNiYvwVNgKS+
 liAu/JX6OAM8SF+Gfbv2HNiiu80IHmLL51pdeXylbaXYkciF5C7RMYO/EitLREoIOMPm
 xqn4NIxMxSLDqFVuEKvmZ5AJYiBFtsPW9KRaSqJ4ruaXEpO9Y32vv6G+hyVQCLfPJBoY
 6VXsZsiMkYEKmVwjmz9gR3jfjhoq5uVnOPr/QlvLx9Ux6B5Bh6Hh8sw37ZVHpkIDxde5
 P95Y6I9HnFJi1ZirK99FSZx4Y9lvNaCUxFN46i+pC03fSNj3V4+/5mGs53xKe1QTBCf7
 yBgg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:date:from:to:cc:subject:message-id:references
 :mime-version:content-disposition:in-reply-to:user-agent;
 bh=l5RAA+jSpXlIj7dLOMKqtu3qL4KGQU2seJCecRYjba4=;
 b=d5zsXv4YNnDnrz1P5uS39kYciYbbtj8snlUQTE5qUVp/t8ozFNvTi3SnMuTBzz+K6t
 Hs8jAYHyKuWcY3SzHj/ie67xqpneIqK0X9IE+n/wisULBrk5+oYBP9N70Zcirpupmqxm
 f2gtZgr9x5qNSAAhLUyCimG6IwcWCDG4rxHHM8EcR0htiopCrcYSfMvFCjVGSoO6WU4c
 hBTwDmFbHZ4VMfhVrhf414yRTQ+LKBtrl0/wAVSylUwRrrvSj+eoHwaAX7aMgApfqUSG
 pyLH7C+jk0xyVZoFXKoAmsFbF0y/OhApRbT708Ej37VyU0QeLYrqQrKmRRCPVSvGNieY
 Fqdg==
X-Gm-Message-State: APjAAAU3bnVa03L1/1Yt9NtOidHZJ8YfOWVXgiwIzeo0p11sqZIkNd/d
 etjmM57d23UmBPVHPOkwUT6brw==
X-Google-Smtp-Source: APXvYqwjzsE0PiCHn46yS0cupgOZHxhugLWCsKgPc91eSQzyDvz62s/JRdywyXYeavmp9OxhLrLqzA==
X-Received: by 2002:a37:c384:: with SMTP id r4mr6332096qkl.306.1552328013488; 
 Mon, 11 Mar 2019 11:13:33 -0700 (PDT)
Received: from mutt-hbsd ([63.88.83.108])
 by smtp.gmail.com with ESMTPSA id c19sm3605581qkg.88.2019.03.11.11.13.32
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Mon, 11 Mar 2019 11:13:32 -0700 (PDT)
Date: Mon, 11 Mar 2019 14:12:52 -0400
From: Shawn Webb <shawn.webb@hardenedbsd.org>
To: "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net>
Cc: Mark Raynsford <list+org.freebsd.virtualization@io7m.com>,
 freebsd-virtualization@freebsd.org
Subject: Re: bhyve: Detecting that a guest kernel has booted
Message-ID: <20190311181252.4xrwzfidzfhsad46@mutt-hbsd>
References: <20190311180359.knal2sjbmxlgzduh@mutt-hbsd>
 <5c86a44e.1c69fb81.cd645.9e28SMTPIN_ADDED_BROKEN@mx.google.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="ulmgg6hb4u5r6frw"
Content-Disposition: inline
In-Reply-To: <5c86a44e.1c69fb81.cd645.9e28SMTPIN_ADDED_BROKEN@mx.google.com>
X-Operating-System: FreeBSD mutt-hbsd 13.0-CURRENT-HBSD FreeBSD
 13.0-CURRENT-HBSD  HARDENEDBSD-13-CURRENT  amd64
X-PGP-Key: http://pgp.mit.edu/pks/lookup?op=vindex&search=0x6A84658F52456EEE
User-Agent: NeoMutt/20180716
X-Rspamd-Queue-Id: 97F8773D18
X-Spamd-Bar: -----
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=hardenedbsd.org header.s=google header.b=JhFHQG0h;
 spf=pass (mx1.freebsd.org: domain of shawn.webb@hardenedbsd.org designates
 2607:f8b0:4864:20::744 as permitted sender)
 smtp.mailfrom=shawn.webb@hardenedbsd.org
X-Spamd-Result: default: False [-5.48 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[];
 TO_DN_SOME(0.00)[];
 R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36];
 RCVD_COUNT_THREE(0.00)[3];
 MX_GOOD(-0.01)[cached: alt1.aspmx.l.google.com];
 DKIM_TRACE(0.00)[hardenedbsd.org:+];
 NEURAL_HAM_SHORT(-0.80)[-0.799,0]; SIGNED_PGP(-2.00)[];
 FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+];
 RCVD_TLS_LAST(0.00)[];
 ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US];
 IP_SCORE(-0.58)[ip: (1.99), ipnet: 2607:f8b0::/32(-2.74), asn: 15169(-2.07),
 country: US(-0.07)]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-0.997,0];
 R_DKIM_ALLOW(-0.20)[hardenedbsd.org:s=google];
 FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3];
 NEURAL_HAM_LONG(-1.00)[-1.000,0];
 TAGGED_RCPT(0.00)[org.freebsd.virtualization];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-virtualization@freebsd.org];
 DMARC_NA(0.00)[hardenedbsd.org];
 MIME_GOOD(-0.20)[multipart/signed,text/plain];
 TO_MATCH_ENVRCPT_SOME(0.00)[];
 RCVD_IN_DNSWL_NONE(0.00)[4.4.7.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org
 : 127.0.5.0]; MID_RHS_NOT_FQDN(0.50)[]
X-BeenThere: freebsd-virtualization@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of various virtualization techniques FreeBSD supports."
 <freebsd-virtualization.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-virtualization>, 
 <mailto:freebsd-virtualization-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-virtualization/>
List-Post: <mailto:freebsd-virtualization@freebsd.org>
List-Help: <mailto:freebsd-virtualization-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization>, 
 <mailto:freebsd-virtualization-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Mar 2019 18:13:36 -0000


--ulmgg6hb4u5r6frw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Mar 11, 2019 at 11:09:07AM -0700, Rodney W. Grimes wrote:
> > On Mon, Mar 11, 2019 at 10:58:55AM -0700, Rodney W. Grimes wrote:
> > > -- Start of PGP signed section.
> > > > On 2019-03-11T13:08:53 -0400
> > > > Shawn Webb <shawn.webb@hardenedbsd.org> wrote:
> > > > >
> > > > > If your guest OS supports it, you could probably write two script=
s that
> > > > > uses virtio_console(4), one for the guest to tell the host "HELLO=
" and
> > > > > one for the host to say "NICE TO SEE YOU!" once the guest's "HELL=
O" is
> > > > > received.
> > > > >=20
> > > >=20
> > > > They're a mix of FreeBSD, OpenBSD, and Debian guests. So I'm guessi=
ng
> > > > one out of three of those supports it...
> > > >=20
> > > > I suppose my other option would be to add (another) NFS mount in ea=
ch
> > > > guest, and have them touch a file early in the init script (and
> > > > possibly touch a different file early in the shutdown script).
> > >=20
> > > Well ICMP is in the kernel, and should be working as soon as the
> > > interface is up, long before you could do anything with NFS,
> > > so rather than the complexity above a simple ping would suffice.
> >=20
> > Just a note: Windows systems disable inbound ICMP by default, but
> > inbound ICMP support can be enabled post-installation.
> >=20
> > > There is also the phase of vmm(8) startup that when you are
> > > running bhyveload vs bhyve and iirc grubload vs bhyve, that
> > > can be detected.  vmbhyve does so and says you are in state
> > > looader when you do a vm list.
> >=20
> > I would suggest using bhyve with UEFI. I wish a death upon bhyveload
> > and grub2-bhyve.
>=20
> I have no love for them either, but until we get our UEFI updated
> it is a rather sad state of affairs.  If we could a) get on a modern
> version of ed2k, and b) bet the CSM fixed so that we could actually
> boot bios mode stuff with it and c) maybe make a port of seabios
> that could be used then we would be kicking some seriuos stuff!

If I'm able to run an internship this year like I did last year, I
might have my interns update our UEFI firmware to the latest release
and/or make a BSDL seabios port.

My employer was recently acquired, so I'm likely not going to run an
internship this year.

Thanks,

--=20
Shawn Webb
Cofounder and Security Engineer
HardenedBSD

Tor-ified Signal:    +1 443-546-8752
Tor+XMPP+OTR:        lattera@is.a.hacker.sx
GPG Key ID:          0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89  3D9E 6A84 658F 5245 6EEE

--ulmgg6hb4u5r6frw
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEKrq2ve9q9Ia+iT2eaoRlj1JFbu4FAlyGpSQACgkQaoRlj1JF
bu6A/Q/+M0VcP/eKL9RYHZZwkMDqOookRMXoiDnyBulxDZoAPa61KPdeMOcMZ+Yk
MtL+l48+xj0JDZparXQZCYsQXPwrIJWbKvu/MZqk303ZeuKMD82SJDLs3709NKx7
bg461K155d6ElT2JZaRZxQ03JoIe+P6d5+hp23QHnjw18j9NK7zJhfX6b2HnxTEP
P96n88jhGwAf3cuWykN7JqksrKF8cqm9ntJSPlAiEyma5wFQdeu9IrR05KXVjoc2
yXSJPd5lGdR/Qmdzkioaw4kObN9SFO4QlNKw5A6FsQnU2iBqu39SBx9ULw4fcqqQ
ba6loxnU0b+ySVRX1kJyxhLZRiohA3TK5LAncj6M5TNiKObuxU0nGyKaWrZWxwHG
aQxTkU3cD/FZnNIcvNta6uskgAVVJTBBcnkQLwJFd6DkvxYU549Esmtvnvx9tk2s
UkossC3jzhda9LjMXGkmPwnC9RuzzVOrsw66Q1N+L2Y+Z7xPXz280FHZxjogBcEq
8BCaaQNoHbF4raqoEUw5v619lcNlx0KnoVY6GRf+d5WsVA6zDavpyHLJ7oc5BKmH
/e5zxyvJdsNwjTljdPdLtSFC9b1agoFtsahK/HGO7tShoYIsuFHw4uO4fYSpyv1y
VlZz3YONIhDgZPooFBBgaNq+Ix34CLL3DfojQvEZYy9+c38yXcA=
=TpxC
-----END PGP SIGNATURE-----

--ulmgg6hb4u5r6frw--