Windows NT 3.1 & KVM

I don’t know what I was expecting, but I thought I’d try to install Windows NT 3.1 Advanced Server in a KVM virtual machine.  No doubt the processor is just too new.  The -cpu 486 / -cpu pentium flags didn’t help things out at all.  However using Qemu has it running just fine.

I also had this crazy idea that haproxy could front HTTP 1.1 requests into serweb so I could go back to having a Windows NT 3.1 web server.  Naturally that didn’t work.

The useless update, is that I managed to get Apache 1.3.4 to compile and run on Windows NT 3.1!

Apache 1.3.4 on Windows NT 3.1

All aboard the VENOM hype train!

So here we go, another time for another major security threat, and this time it’s the “VIRTUALIZED ENVIRONMENT NEGLECTED OPERATIONS MANIPULATION” aka VENOM attack.  Yes it has a website, and even a logo! (Creative Commons Attribution-ShareAlike 4.0 International License)

So what is all the fuss about?  Well if you can compromise a Xen, or KVM (and QEMU) VM to run code that bangs against the floppy controller it can have a buffer overflow exploit.


But, I know what you are thinking, most people who KVM use guest OSs that either don’t have floppy drivers, or even explicitly disable the floppy controller.  And from the site:

an unrelated bug causes the vulnerable FDC code to remain active and exploitable by attackers.


But let’s calm down, first the attacker has to get root level on the VM before they can think about doing anything.  Of course this is a BIG problem for VM resellers.  Hopefully the patches will be available quickly, and they will be moderately disruptive, especially for those of us who still use virtual floppies.

The source patch has been released on the Qemu mailing list right here.

Installing Debian 7 in KVM via the CLI (text mode)

So with my new disk, and my server back online, I went ahead and re-installed my web server VM, and the newer install from the netcd is graphical of all things.


Debian’s graphical installer


If anyone cares, here is how I do this, the old cli way. I don’t like weird manager things, I’m capable of hitting flags myself:

kvm -m 640 -nographic -curses -hda blog.vmdk -cdrom /install/debian-7.8.0-i386-netinst.iso -boot d -vnc -net nic,vlan=0,macaddr=52:54:00:11:11:23 -net tap,vlan=0,ifname=tap0,script=/etc/qemu-ifup

very simple, right?

So the ‘solution’ to this is quite simple hit escape a few times, and the screen will repaint, and you should get the grub boot prompt


The text mode grub loader

So simply type in:

install vga=normal fb=none

And hit enter, and you should now be good to go!

Debian text mode installer

Debian text mode installer

I guess I can go over some quick guide to setting up the tun/tap bridging.  This section is to be added to /etc/network/interfaces

iface br0 inet static
bridge_fd 9
bridge_hello 2
bridge_maxage 12
bridge_stp off
pre-up brctl addbr br0
post-down brctl delbr br0

And the qemu-ifup script:

# cat /etc/qemu-ifup

echo “Executing /etc/qemu-ifup”
echo “Bringing up $1 for bridged mode…”
sudo /sbin/ifconfig $1 promisc up
echo “Adding $1 to br0…”
sudo /sbin/brctl addif br0 $1
sleep 2

thats about it.  Debian 8, was just released, and I suspect all of this will have changed.

OS/2 and KVM don’t mix.

After I was able to run OS/2 2.11 on VMware with PCI drivers, I thought I’d try KVM.

KVM internal error. Suberror: 1 emulation failure EAX=00000720 EBX=00000050 ECX=fee10050 EDX=00400780 ESI=d02f004c EDI=ff3f0000 EBP=00000d88 ESP=00000d72 EIP=00006725 EFL=00013202 [-------] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =0047 00080000 00000f9f 0010f300 DPL=3 DS16 [-WA] CS =d517 1aa20000 0000672d 0000ff00 DPL=3 CS16 [CRA] SS =0017 00020000 00000fff 0000f300 DPL=3 DS16 [-WA] DS =bfcf 17f90000 0000033d 0000f300 DPL=3 DS16 [-WA] FS =0000 00000000 ffffffff 00000000 GS =bfff 17ff0000 00000fff 0000f300 DPL=3 DS16 [-WA] LDT=0028 7be57000 0000ffff 00008200 DPL=0 LDT TR =0010 ffe1f6e7 00000067 00008b00 DPL=0 TSS32-busy GDT=     7c7e5000 00001fff IDT=     ffe201e0 000003ff CR0=8001001b CR2=00080000 CR3=001b3000 CR4=00000000 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000000 Code=ca 76 0f 8b ca eb 0b 03 7e 22 8b ca 3b cb 76 02 8b cb 2b d1 <f3> ab 0b d2 75 ed 2b c0 c3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

OS/2 2.11 crashing on KVM

No go.  Also Qemu 2.1.2 on Linux didn’t fare much better.  Must be something about HPFS and raw disk images.  The funny thing is that even once a disk became corrupted, I quit Qemu, restore the disk, and start again, and it’s still behaving like it’s corrupt.  Qemu 0.15.X has been the most stable branch I’ve found to run OS/2, but it’s so obsolete now.

Qemu vs KVM with Novell Netware 3.12

So I received an interesting tip, talking about the latest Qemu version, when it was mentioned that it isn’t the hardware that is at fault with Netware not running, but rather something in the emulated CPU.

Because, get this, Novell Netware runs in KVM.

Novell Netware 3.12

I was taken back, all this time I thought it was something in the -M isapc definition that broke, but it’s the CPU!  I even rebuilt Qemu with the TCG interpreter, and it too breaks.  I even went one more crazy step, and installed with the ancient isadisk controller, and NE2000 on the ISA bus, and it works!

So for now my old copy of Netware I bought a million years ago lives in the cloud!

Some random updates

First I just found out about the KVM Forum 2013, taking place in Edinburgh, Scotland.

You can find all kinds of information and videos of the presentation on the G+ page!

This is an incredible resource for anyone thinking of deploying KVM (Proxmox/VE!) in a serious setting.  Unlike VMWare ESX this is a free solution with no insane license restrictions.  Not to mention that KVM+Qemu is far more flexible than any traditional x86 focused hypervisor will ever be.  And poor Microsoft still doesn’t yet offer x86_64 solution.

I also got a ping back from Linux Lifestyle, about a challenge to find an ancient version of Linux.  Although the real credit goes to the excellent preservation work of .

Personal note, I got the flu (again!) and have been sick.. which is why the lag in the network stuff, but I’ll bang more on it tomorrow.  I’ll finally get to adding remote sites, routing protocols, and all that fun stuff.  Internet/NAT/Firewalls afterwards.  ASA stuff too, as much as I don’t like them.

How to fix weird mouse issues with VM’s migrated from MS Virtual PC/Virtual Server/Hyper-V

I had this issue with one VM where the mouse would either play dead, or it’d just hide in a corner.  While I did have RDP access, it was.. quite annoying.

So some googling around I found this.

1. Do it all over again, but make sure to uninstall the Virtual Machine Additions before you convert the machine.
2. Install VMWare tools without the mouse driver (choose custom installation)
3. Open regedit, and use your mad keyboarding skillz to navigate to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}
..then remove the value “msvmmouf” and any adjacent spaces from the Regvalue UpperFilters, leaving whatever else is there, then reboot.

And it actually worked!

Proxmox VE hits the 1.0!

Proxmox – VE has hit the 1.0 today! Without fail, I’d say this is the best combination of full system emulation, and logical partitioning available as of today. I have been playing with Xen on Solaris 10, and frankly it SHOULD have been better, but it’s been so much worse.

Although Solaris Zones, coupled with ZFS & Xen should be a clear winner, you’ll find out real quick that Zones do *NOT* easily allow for independant tcp/ip stacks (hope you have v3 nic drivers), the Xen networking again is a mess (v3 drivers anyone? Also those interfaces better be TCP/IP enabled on the host!) and get ready to edit the /var/lib/xend/domains directory files a LOT…. And be ready for gegrep fun. Afterall domain names like “0aa811ef-3bd0-9140-583f-d5e09f93658e” make life all the easier. I will say that Xen does use Qemu disk images so there is an easy ‘upgrade’ path to/from KVM (the linux hypervisor found in ProxmoxVE). What I don’t get is the massive disconnect between virsh & the xend process.

And if you are running Xen, the you’ll want SOME print documentation… I just wish I didn’t think it’d be that intuitive. So at least creating this:

(bridge iprb0)
(uuid c0e47a99-70e5-1ebe-44a4-54895cb24a15)
(script vif-vnic)
(mac 00:16:3e:56:df:81)
(model ne2k_pci)
(backend 0)
would have been easier.
From my notes, how to tell if your nic is new enough to drive Xen/Zones:

/usr/lib/vna NIC MAC
bash-3.2# /usr/lib/vna e1000g0 0:2:a5:4c:76:74

If you don’t get something similar, you are screwed. Additionally this guide is invaluable as it’ll be your ONLY quick guide on how to get around xen on Solaris 10.

Anyways enough Xen bashing for now, but I have to say I’m excited about going back to ProxMox VE. Just remember to leave your base OS alone…. like a mainframe.

Proxmox VE

Well frankly I’ve been majorly disappointed with Microsoft’s latest offerings in the world of virtualization. Frankly it’s been one BIG step backwards in terms of management.

I mean check this well meaning blog on how “easy” it is to setup remote management. And of course for the most part it NEVER works.

I know this must be a major news flash to Microsoft but you see virtual servers are like mainframes. The zone 0 OS must be able to stand on it’s own, and have just enough to bootstrap the hypervisor and allow itself to be managed in a stand alone fashion. After all if it were in a domain, where do you think those domain controllers are? Yep they are Virtual machines! And how do you ‘manage’ a domain resource with no DC’s? The whole 2008 Hyper-V is a BIG miscalculation on Microsoft’s part. I hope they wake up and notice how they had a good thing and have destroyed it.

All this nonsense sent me searching for an alternative which I’m pretty sure I found a great blend of system emulation, and something like SUN containers for Linux. There is even a Debian etch based quick install version called Proxmox which incorporates KVM (The new Linux hypervisor) and OpenVZ. And of course it’s FREE!

The cool thing is that the main management works on a web page, the consoles can be controlled via a VNC viewer that uses JAVA, and it’s VERY quick to setup.

The system emulation KVM uses the core devices from Qemu so a lot of Qemu virtual machines will “just work” if you copy them over. If you are installing an OS onto the virtual machine the ‘easy’ way is with the physical CD, you can use ISO images, however they are awkard to use. You have to flag the VM to pause on startup switch over to the monitor page and issue the following command:

change ide1-cd0 /directory/isoimage.iso

then tell the emulator to start up with the ‘c’ command which will continue from the pause…. Yeah I know it’s not terribly eligant.

On the OpenVZ front, it’s FAST as there is no real emulated IO it’s native. So I decided to use the wiki template and setup a wikipedia mirror at home. If anyone feels as brave you too can find instructions here:

These are some of the table times to load:

601M pages.sql Query OK, 7,473,186 rows affected, 8 warnings (5 min 10.52 sec)
837M revision.sql Query OK, 7,473,200 rows affected, 65535 warnings (2 min 11.84 sec)
18G text.sql Query OK, 7,473,202 rows affected, 1 warning (12 min 12.07 sec)
20M category.txt Query OK, 471,207 rows affected (13.14 sec)
1.8G categorylinks Query OK, 24,501,837 rows affected, 30177 warnings (28 min 28.31 sec)
5.6G externallinks Query OK, 36,492,925 rows affected (3 min 50.34 sec)
362M latestimage Query OK, 807,906 rows affected, 2 warnings (34.35 sec)
555M imagelinks Query OK, 18,615,721 rows affected (10 min 49.60 sec)
32k interwiki Query OK, 651 rows affected (0.08 sec)
186M langlinks Query OK, 5,780,509 rows affected (2 min 17.75 sec)
2G logging Query OK, 16,398,421 rows affected (2 min 51.75 sec)
45M oldimage Query OK, 118,449 rows affected (1.97 sec)
7.6G pagelinks Query OK, 270,641,297 rows affected (6 hours 12 min 4.83 sec)
104M redirect Query OK, 3,234,481 rows affected (23.71 sec)
1.2G template-link Query OK, 48,885,222 rows affected (50 min 7.08 sec)
68k user_groups Query OK, 3,947 rows affected (0.11 sec)

Even the ‘longest’ part here with the 270 million records took six hours… Not too bad! That’s still 12,122.88 TPS!

Also as a tip for anyone else crazy enough to do a sizable mediawiki (like wikipedia) or any single server wiki look to this page.

The upshot is that by loading this APC
extension into PHP and mediawiki load times for my cached site went from 2-5 minutes to 1-10 seconds.

The OpenVZ portion has various application templates that can be loaded into the zones from CentOS, Debian, Ubuntu, to pre configured applications like the media wiki and a few others.

If anything I’d say that proxmox is what I was hoping Microsoft’s Hyper-V could have been. A container version of windows with easy remote admin along with some system emulation could have made things MASSIVLY easier to deal with. It’s a shame they decided to go with this bizarre WMI based thing.