[vbox-dev] [PATCH] Fix for PaX/grsecurity kernels on CET-enabled systems
Mathias Krause
minipli at grsecurity.net
Thu Jun 20 16:34:11 GMT 2024
Hi,
attached patch makes the read-only GDT handling CET compatible
Quoting the patch description:
"""
CET enabled systems need to disable CR4.CET prior to attempting to
toggle CR0.WP to avoid triggering a #GP(0). This is needed in VMMR0.r0
for PaX's r/o GDT handling.
Enhance the r/o GDT handling to toggle CR4.CET as well in case it's enabled.
This patch is provided under the MIT license.
"""
It would be nice to get it integrated not only in trunk, but all still
maintained release branches as well.
Thanks,
Mathias
-------------- next part --------------
A non-text attachment was scrubbed...
Name: vbox_cr0_wp_cet.diff
Type: text/x-patch
Size: 4497 bytes
Desc: not available
URL: <http://www.virtualbox.org/pipermail/vbox-dev/attachments/20240620/1892413f/attachment.bin>
More information about the vbox-dev
mailing list