Hi,

the attached (MIT licensed) patch re-enables support for Linux host
kernels with enabled PaX KERNEXEC that broke in revision 67136.

It would be nice to get it integrated not only in trunk, but all still
maintained release branches as well.

Please apply!

Thanks,
Mathias
The change of revision 67136 added support for Linux's read-only GDT in
addition to the already existing support for PaX's KERNEXEC based
variant. However, in contrast to upstream Linux's implementation,
there's no writable alias mapping of the GDT available under PaX
KERNEXEC. The CR0.WP toggling method must therefore be used in this
case.

Change the test ordering and preference accordingly.

This patch is provided under the MIT license.

Index: src/VBox/VMM/VMMR0/HMR0A.asm
===================================================================
--- src/VBox/VMM/VMMR0/HMR0A.asm	(revision 100800)
+++ src/VBox/VMM/VMMR0/HMR0A.asm	(working copy)
@@ -438,8 +438,8 @@
 
 ALIGNCODE(8)
 .gdt_readonly_or_need_writable:
-        test    edi, VMX_RESTORE_HOST_GDT_NEED_WRITABLE
-        jnz     .gdt_readonly_need_writable
+        test    edi, VMX_RESTORE_HOST_GDT_READ_ONLY
+        jz      .gdt_readonly_need_writable
 .gdt_readonly:
         mov     rcx, cr0
         mov     r9, rcx
_______________________________________________
vbox-dev mailing list
vbox-dev@virtualbox.org
https://www.virtualbox.org/mailman/listinfo/vbox-dev

Reply via email to