| 1 |
On 1 Dec 2007 at 16:17, René Rhéaume wrote: |
| 2 |
|
| 3 |
> When I try to start a virtual machine VirtualBox 1.5.2 OSE and the |
| 4 |
> host kernel is ~hardened-sources-2.6.23, the virtual machine window |
| 5 |
> freezes and I find the following in dmesg : |
| 6 |
|
| 7 |
so i've dug into the code a bit more and found out something. |
| 8 |
look at the following part of the register dump, in particular |
| 9 |
edi: |
| 10 |
|
| 11 |
> esi: 4bea5000 edi: 00084400 ebp: 00000000 esp: d5cf3ec4 |
| 12 |
|
| 13 |
00084400 = VM_IO | VM_RESERVED | VM_PFNMAP |
| 14 |
|
| 15 |
which in turn looks familiar to anyone who's seen the remap_pfn_range() |
| 16 |
function which sets these exact flags on the vma. |
| 17 |
|
| 18 |
now what happens is that virtualbox developers have apparently their |
| 19 |
own idea about how to do memory/vma allocation and population in the |
| 20 |
linux kernel and screw it up quite badly. i guess someone was a bit |
| 21 |
lazy and didn't want to implement a small filesystem to do it right |
| 22 |
but instead he opted for some really bad hacks and the new vma |
| 23 |
mirroring code in PaX detects it. while i could add a workaround |
| 24 |
(heck, you can remove the BUGs in pax_find_mirror_vma if you really |
| 25 |
want to), i won't do it as it's really a bug in virtualbox and |
| 26 |
they'd better fix it properly. |
| 27 |
|
| 28 |
on another note, i also tracked down why it failed here and it turns |
| 29 |
out they also have their own kernel module loader for god knows what |
| 30 |
reason, and that of course doesn't play well at all with KERNEXEC. |
| 31 |
|
| 32 |
-- |
| 33 |
gentoo-hardened@g.o mailing list |
Archives