On 8/18/20 7:17 AM, Manfred Hollstein wrote:
to be honest, this is a perfect example where Oracle failed to keep
track with recent kernel development! As we had seen it before, probably
just not as extreme as we see it now, I thought it might be time to
migrate all my virtual machines from VB to KVM...
Guess what, I did not have trouble with any of them, which include Win 7
32bit, Win 10 64bit and various Linux VMs. One thing which really
surprised me was, how well usage of USB devices works these days. I could
even use a webcam inside a KVM VM which only very barely worked in VB.
FWIW, I may have been lucky, but I certainly don't need VB anymore!
If you look at https://bugzilla.opensuse.org/show_bug.cgi?id=1175201
, you will
note that conversion to KVM is my second suggested work around, right after
staying with kernel 5.7.
The fundamental reason for this situation is that the kernel developers in
charge of memory management have the goal of restricting the acquisition of
memory that can can execute code. When code external to the kernel can acquire
this feature, a huge security hole exists. Through the past 4 or 5 kernel
releases such memory acquisition has been tightened and VirtualBox has undergone
several changes to adapt; however, with kernel 5.8, there is no adapting.
Please note that I proposed a 2-line patch to our kernel developers to handle
our situation until Oracle found a proper solution, but that request was denied.
Oracle was also given advance notice.
Apparently Oracle does have a solution, but it has not worked for me. Perhaps it
will in work with VB 6.1.14, but I expect such a solution to be a temporary fix
as it still requires the security hole. The real solution will be to incorporate
libvirt the way that QEMU/KVM does, but that implementation is beyond my abilities.
This issue has been a full-time sink for me for nearly 2 months. Unfortunately,
I was not able to supply a seamless solution!
To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org