| Summary: | vmware-modules-279.0: ebuild can not apply hardened.patch | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Manuel Ullmann <labre> |
| Component: | Hardened | Assignee: | The Gentoo Linux Hardened Team <hardened> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | vmware+disabled |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | AMD64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Attachments: |
build.log of vmware-modules-279.0
Output of applying hardened.patch Output of emerge --info My kernel configuration Output of emerge --info '...vmware-modules...' Output of emerge -pqv '...vmware-modules...' environment of portage on build time New hardened patch for wmware moduls for 279 |
||
|
Description
Manuel Ullmann
2013-11-15 15:51:02 UTC
Created attachment 363334 [details]
build.log of vmware-modules-279.0
Created attachment 363336 [details]
Output of applying hardened.patch
Created attachment 363338 [details]
Output of emerge --info
Created attachment 363340 [details] My kernel configuration I actually don´t think, that this is needed. However I couldn´t get vmware-player to work so far. Starting a virtual machine does a hard reset on the host. I used the automatic configuration in grsecurity (host, vmware, performance). This is documented here: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1022578 PAX_KERNEXEC was disabled, otherwise X would have been acting strange. I´ve read somewhere that I should also disable CONFIG_PAX_MEMORY_UDEREF, so this is also disabled. Maybe the automatic configuration was failing, but I can´t test it due to this bug. It would be nice, if it gets fixed fast. ;-) Created attachment 363428 [details]
Output of emerge --info '...vmware-modules...'
Created attachment 363430 [details] Output of emerge -pqv '...vmware-modules...' Extend '...vmware-modules...' to '=app-emulation/vmware-modules-279.0::gentoo' in this attachment and attachment 363428 [details]. Created attachment 363432 [details]
environment of portage on build time
I noted, that the bug described in comment 4 is bug 382793. Well it's quite pointless to get this fixed on hardened amd64 with hardened-sources, as vmware-player will reset. However people could use gentoo-sources with hardened profile. I will switch to qemu/kvm with 32 bit guests (due to bug 363713). I'll see, if it works, but I think it should. At least there are a few comments in bug 363713 and the hardened mailing list, which indicate that. https://bugs.gentoo.org/382793?id=382793#c20 however indicates, that 64 bit guests are working. Maybe I test both. Created attachment 363824 [details, diff]
New hardened patch for wmware moduls for 279
Test this patch.
Patch work like a charm. Thank you. Note, that the ebuild has to apply the new name scheme. Otherwise the old patch is loaded. Vmware okay to update patch? (In reply to Magnus Granberg from comment #11) > Vmware okay to update patch? Yes please do. Just use the same naming scheme as for the other patches now. Zorry, feel free to update the hardened patch in other places as well, I can't test it... fixed in cvs for 279.0 and 279.1 |
