lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <201110092212.20170.frank.mehnert@oracle.com>
Date:	Sun, 9 Oct 2011 22:12:19 +0200
From:	Frank Mehnert <frank.mehnert@...cle.com>
To:	Dave Jones <davej@...hat.com>
Cc:	Linux Kernel <linux-kernel@...r.kernel.org>,
	Andy Hall <andy.hall@...cle.com>
Subject: Re: RFC: virtualbox tainting.

On Friday 07 October 2011 17:10:04 Dave Jones wrote:
> On Fri, Oct 07, 2011 at 04:40:53PM +0200, Frank Mehnert wrote:
>  > I can understand that you would rather ignore bug reports from external
>  > kernel modules. On the other hand I don't like the TAINT_CRAP flag as
>  > you can probably imagine.
>  > 
>  > Why not just mark external modules like Bastian Blank suggested? I can
>  > assure that we will not try circumvent a TAINT_OOT_MODULE flag.
> 
> Sure. The exact mechanism used doesn't matter to me.
> 
>  > Please also note that we always have good relations to the open source
>  > community so feel free to point me an archive where all these kernel
>  > panic reports arrive which you've got.
> 
> Search through the fedora kernel bugs at bugzilla.redhat.com for 'vboxdrv'
> or 'virtual box' (note to search for closed bugs as well as open ones).

I will have a closer look on this list but at a first glance I saw a
lot of bugs containing a kernel log where the vboxdrv module was loaded
but the problem was clearly not related to VirtualBox. With a normal
installation, the vboxdrv module is loaded during startup of the host
but stays inactive as long as no VM is started.

It would make our life easier if we could have a list with bugs where you
guys have a comprehensible assumption that a bug is clearly related to
VirtualBox.

>  > We fixed some bugs in our kernel
>  > modules in the past and it is even possible that some of the current
>  > bug reports are from older versions of VirtualBox which might have been
>  > fixed in the meantime.
>  > 
>  > And of course, helpful and constructive critism is always appreciated.
> 
> If you'd like to be cc'd on those reports, I can add you to the bugs
> when we go through them if you create a bugzilla account.

Thanks, I would indeed appreciate that. I have already a Redhat bugtracker
account, same E-mail address as this one.

Kind regards,

Frank
-- 
Dr.-Ing. Frank Mehnert
Senior Manager Software Development Desktop Virtualization, VirtualBox
ORACLE Deutschland B.V. & Co. KG | Werkstr. 24 | 71384 Weinstadt, Germany

Hauptverwaltung: Riesstr. 25, D-80992 München
Registergericht: Amtsgericht München, HRA 95603

Komplementärin: ORACLE Deutschland Verwaltung B.V.
Hertogswetering 163/167, 3543 AS Utrecht, Niederlande
Handelsregister der Handelskammer Midden-Niederlande, Nr. 30143697
Geschäftsführer: Jürgen Kunz, Marcel van de Molen, Alexander van der Ven

Download attachment "signature.asc " of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ