Hello grsecurity community,
I'm having a longstanding issue getting virtualbox working with hardened. These issue's started around kernel 2.6.39, I still don't know what *exactly* broke this functionality. (http://forums.gentoo.org/viewtopic-t-90 ... art-0.html). The current kernel is 3.3 vanilla.
Whenever I have a PAX enabled kernel, doing 'modprobe vboxdrv' yields the following error in dmesg (the module fails to load because of an invalid module format).
[ 38.458405] overflow in relocation type 11 val ffffc90011faf9e4
[ 38.458412] `vboxdrv' likely not compiled with -mcmodel=kernel
I tried several variations which fail all in the same way:
- Kernel + PAX (3.3.0 - test4)
- Kernel + Grsecurity (implies PAX)
- Kernel + PAX (3.3.0 - test4) but without any PAX features enabled in menuconfig(!)
- Kernel + Grsecurity (implies PAX) but without any PAX&GRSEC features enabled in menuconfig(!)
- Gentoo GCC hardened
- Gentoo GCC 'vanilla'
- Virtualbox modules with pax-const patch from this forum.
- Virtualbox modules without pax-const patch from this forum.
I tried disabling all PAX and GRSEC features to narrow things down, but that failes with the exact same error which is surprising to me. Using a vanilla kernel, without the pax-const patch for virtualbox-modules (otherwise it's build fails) and a hardened toolchain makes things function properly.
gebruiker@Alpha ~ $ uname -a
Linux Alpha 3.3.0 #1 Mon Apr 2 11:36:45 CEST 2012 x86_64 AMD Athlon(tm) 64 Processor 3200+ AuthenticAMD GNU/Linux
I have a vanilla kernel .config for inspection, since this configuration works. If further information is required to resolve this issue, please let me know.