app-emulation/virtualbox-4.3.28 fail to emerge on hardened because of QA concerns (textrels and execstacks). > textrels > * TEXTREL usr/lib64/virtualbox/VBoxRT.so > execstacks > * --X --- --- usr/lib64/virtualbox/VMMR0.r0 > * --X --- --- usr/lib64/virtualbox/VMMGC.gc Reproducible: Always Steps to Reproduce: 1. eselect profile set 15 (hardened/linux/amd64/selinux) 2. emerge =app-emulation/virtualbox-4.3.28 Actual Results: * QA Notice: The following files contain runtime text relocations * Text relocations force the dynamic linker to perform extra * work at startup, waste system resources, and may pose a security * risk. On some architectures, the code may not even function * properly, if at all. * For more information, see: * * https://wiki.gentoo.org/wiki/Hardened/HOWTO_locate_and_fix_textrels * * Please include the following list of files in your report: * TEXTREL usr/lib64/virtualbox/VBoxRT.so * QA Notice: The following files contain writable and executable sections * Files with such sections will not work properly (or at all!) on some * architectures/operating systems. A bug should be filed at * http://bugs.gentoo.org/ to make sure the issue is fixed. * For more information, see: * * https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart * * Please include the following list of files in your report: * Note: Bugs should be filed for the respective maintainers * of the package in question and not hardened@g.o. * --X --- --- usr/lib64/virtualbox/VMMR0.r0 * --X --- --- usr/lib64/virtualbox/VMMGC.gc * ERROR: app-emulation/virtualbox-4.3.28::gentoo failed: * Aborting due to QA concerns: textrels, execstacks * * Call stack: * misc-functions.sh, line 592: Called install_qa_check * misc-functions.sh, line 217: Called source 'install_symlink_html_docs' * 10executable-issues, line 143: Called elf_check * 10executable-issues, line 138: Called die * The specific snippet of code: * die "Aborting due to QA concerns: ${die_msg}" * * If you need support, post the output of `emerge --info '=app-emulation/virtualbox-4.3.28::gentoo'`, * the complete build log and the output of `emerge -pqv '=app-emulation/virtualbox-4.3.28::gentoo'`. Expected Results: Emerge without QA concerns.
Created attachment 407172 [details] emerge --info
Created attachment 407174 [details] build.log
Created attachment 407176 [details] emerge -pqv
[ebuild R ~] app-emulation/virtualbox-5.0.20::gentoo USE="alsa opengl pam pulseaudio qt4 sdk udev -debug -doc -headless -java -libressl -lvm -python -vboxwebsrv -vnc" PYTHON_TARGETS="python2_7" 0 KiB * QA Notice: The following files contain runtime text relocations * Text relocations force the dynamic linker to perform extra * work at startup, waste system resources, and may pose a security * risk. On some architectures, the code may not even function * properly, if at all. * For more information, see: * * https://wiki.gentoo.org/wiki/Hardened/HOWTO_locate_and_fix_textrels * * Please include the following list of files in your report: * TEXTREL usr/lib64/virtualbox/VBoxRT.so * QA Notice: The following files contain writable and executable sections * Files with such sections will not work properly (or at all!) on some * architectures/operating systems. A bug should be filed at * http://bugs.gentoo.org/ to make sure the issue is fixed. * For more information, see: * * https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart * * Please include the following list of files in your report: * Note: Bugs should be filed for the respective maintainers * of the package in question and not hardened@g.o. * --X --- --- usr/lib64/virtualbox/VMMR0.r0 * --X --- --- usr/lib64/virtualbox/VMMRC.rc but not hardened profile and installation finish with this
(In reply to cronolio from comment #4) > [ebuild R ~] app-emulation/virtualbox-5.0.20::gentoo app-emulation/virtualbox-5.1.0 << still
Still affecting app-emulation/virtualbox-5.2.16: * QA Notice: The following files contain runtime text relocations * Text relocations force the dynamic linker to perform extra * work at startup, waste system resources, and may pose a security * risk. On some architectures, the code may not even function * properly, if at all. * For more information, see: * * https://wiki.gentoo.org/wiki/Hardened/HOWTO_locate_and_fix_textrels * * Please include the following list of files in your report: * TEXTREL usr/lib64/virtualbox/VBoxRT.so * QA Notice: The following files contain writable and executable sections * Files with such sections will not work properly (or at all!) on some * architectures/operating systems. A bug should be filed at * https://bugs.gentoo.org/ to make sure the issue is fixed. * For more information, see: * * https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart * * Please include the following list of files in your report: * Note: Bugs should be filed for the respective maintainers * of the package in question and not hardened@g.o. * --X --- --- usr/lib64/virtualbox/VMMR0.r0 * QA Notice: Pre-stripped files found: * /usr/lib64/virtualbox/VBoxDD2R0.r0 strip: x86_64-pc-linux-gnu-strip --strip-unneeded -R .comment -R .GCC.command.line -R .note.gnu.gold-version usr/lib64/virtualbox/components/VBoxSVCM.so usr/lib64/virtualbox/components/VBoxXPCOMIPCC.so usr/lib64/virtualbox/VBoxExtPackHelperApp usr/lib64/virtualbox/components/VBoxC.so usr/lib64/virtualbox/VBoxManage usr/lib64/virtualbox/VBoxSVC usr/lib64/virtualbox/VBoxTunctl usr/lib64/virtualbox/VBoxXPCOMIPCD usr/lib64/virtualbox/DbgPlugInDiggers.so usr/lib64/virtualbox/VBoxAuth.so usr/lib64/virtualbox/VBoxAuthSimple.so usr/lib64/virtualbox/VBoxDD.so usr/lib64/virtualbox/VBoxDD2.so usr/lib64/virtualbox/VBoxDDU.so usr/lib64/virtualbox/VBoxDbg.so usr/lib64/virtualbox/VBoxDragAndDropSvc.so usr/lib64/virtualbox/VBoxGuestControlSvc.so usr/lib64/virtualbox/VBoxGuestPropSvc.so usr/lib64/virtualbox/VBoxHeadless.so usr/lib64/virtualbox/VBoxHostChannel.so usr/lib64/virtualbox/VBoxKeyboard.so usr/lib64/virtualbox/VBoxNetDHCP.so usr/lib64/virtualbox/VBoxNetNAT.so usr/lib64/virtualbox/VBoxOGLhostcrutil.so usr/lib64/virtualbox/VBoxOGLhosterrorspu.so usr/lib64/virtualbox/VBoxOGLrenderspu.so usr/lib64/virtualbox/VBoxREM.so usr/lib64/virtualbox/VBoxRT.so usr/lib64/virtualbox/VBoxSDL.so usr/lib64/virtualbox/VBoxSharedClipboard.so usr/lib64/virtualbox/VBoxSharedCrOpenGL.so usr/lib64/virtualbox/VBoxSharedFolders.so usr/lib64/virtualbox/VBoxVMMPreload.so usr/lib64/virtualbox/VBoxVMM.so usr/lib64/virtualbox/VBoxXPCOM.so usr/lib64/virtualbox/VBoxXPCOMC.so usr/lib64/virtualbox/VirtualBox.so usr/lib64/virtualbox/VBoxDDR0.r0 usr/lib64/virtualbox/VMMR0.r0 usr/lib64/virtualbox/VBoxHeadless usr/lib64/virtualbox/VBoxNetAdpCtl usr/lib64/virtualbox/VBoxNetDHCP usr/lib64/virtualbox/VBoxNetNAT usr/lib64/virtualbox/VBoxSDL usr/lib64/virtualbox/VirtualBox usr/lib64/virtualbox/VBoxTestOGL
@hardened team: can you please help with this bug?
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d899255c8ce8e38197c086e7048b9f145d3f7e96 commit d899255c8ce8e38197c086e7048b9f145d3f7e96 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-07-06 08:08:53 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-07-06 08:08:53 +0000 app-emulation/virtualbox: set QA_FLAGS_IGNORED for .r0 Closes: https://bugs.gentoo.org/728238 Closes: https://bugs.gentoo.org/555378 Signed-off-by: Sam James <sam@gentoo.org> app-emulation/virtualbox/virtualbox-6.1.34-r4.ebuild | 5 +++++ 1 file changed, 5 insertions(+)
