El 21/02/10 14:05, Knut St. Osmundsen escribió:
On Feb 21, 2010, at 2:52 AM, Dariem Pérez Herrera wrote:
Hi,
This is a patch I made trying to solve an issue presented in Gentoo Hardened
project. VirtualBox doesn't compile with gcc if PIC/PIE related options are
activated. The problem is related to inline asm code trying to use ebx register
for passing arguments, but PIC/PIE systems reserve this register for specific
functions, so special treatment is required when PIC/PIE is defined (gcc
refuses to compile such a code if you don't do it). This may need extensive
testing, but it seems to work fine. Please, let me know any problem you
encounter. The patch is under MIT license.
Since etherboot ROM code that belongs to the guest side of the operation, I
don't think it should be necessary to make it build in PIC or PIE mode. A
better fix would be to disable the PIC/PIE options in the makefile.
But... what if someone consider important to have VirtualBox compiled
with PIE/PIC? What if someone doesn't want his/her network capable
virtual machine (with its vboxnetflt.ko inserted into the kernel) be
without this mitigation technique activated? Would you take away from
him/her this possibility? I'm just asking...
best regards,
Dariem
_______________________________________________
vbox-dev mailing list
[email protected]
http://vbox.innotek.de/mailman/listinfo/vbox-dev
