You are not logged in.
- Topics: Active | Unanswered
#1 2020-05-12 14:13:41
- fileserverpls
- Member
- Registered: 2018-10-21
- Posts: 15
Unable to load VirtualBox modules with linux hardened
I want to play around with OpenBSD but I am unable to even boot the ISO file because my kernel will not load the necessary VirtualBox modules! I am using Linux hardened and I do not have any other linux version installed (on my previous install I had both linux and linux-hardened, which worked fine with VirtualBox.) I have tried installing VirtualBox + virtualbox-host-modules-arch as well as VirtualBox + virtualbox-host-dkms (aka uninstalled virtualbox-host-modules-arch.) I have linux-hardened-headers installed as well as the wiki says.
Offline
#2 2020-05-13 04:08:49
- Awebb
- Member
- Registered: 2010-05-06
- Posts: 6,291
Re: Unable to load VirtualBox modules with linux hardened
What is "does not load [...] modules" in exact error messages? What wiki article are you talking about exactly? How did you install the virtualbox modules? Do you understand, what linux-hardened does?
EDIT: Carefully read https://wiki.archlinux.org/index.php/VirtualBox, especially the Installation steps for Arch Linux hosts.
Last edited by Awebb (2020-05-13 04:11:17)
Offline
#3 2020-05-13 12:54:37
- fileserverpls
- Member
- Registered: 2018-10-21
- Posts: 15
Re: Unable to load VirtualBox modules with linux hardened
What is "does not load [...] modules" in exact error messages? What wiki article are you talking about exactly? How did you install the virtualbox modules? Do you understand, what linux-hardened does?
EDIT: Carefully read https://wiki.archlinux.org/index.php/VirtualBox, especially the Installation steps for Arch Linux hosts.
The day the Arch Linux Forum does not require my whole life story... Sure. I installed everything by doing the following (warning: VERY surprising)
pacman -S linux-hardened linux-hardened-headers virtualbox virtualbox-host-dkms --needed
y
resolving dependencies...
looking for conflicting packages...
Packages (2) virtualbox-6.1.6-1 virtualbox-host-dkms-6.1.6-1
Total Installed Size: 172.15 MiB
:: Proceed with installation? [Y/n] y
(2/2) checking keys in keyring [########################################################################################] 100%
(2/2) checking package integrity [########################################################################################] 100%
(2/2) loading package files [########################################################################################] 100%
(2/2) checking for file conflicts [########################################################################################] 100%
(2/2) checking available disk space [########################################################################################] 100%
:: Processing package changes...
(1/2) installing virtualbox-host-dkms [########################################################################################] 100%
Optional dependencies for virtualbox-host-dkms
linux-headers: build modules against Arch kernel
linux-lts-headers: build modules against LTS kernel
linux-zen-headers: build modules against ZEN kernel
(2/2) installing virtualbox [########################################################################################] 100%
Optional dependencies for virtualbox
vde2: Virtual Distributed Ethernet support
virtualbox-guest-iso: Guest Additions CD image
virtualbox-ext-vnc: VNC server support
virtualbox-sdk: Developer kit
:: Running post-transaction hooks...
(1/9) Creating system user accounts...
(2/9) Reloading system manager configuration...
(3/9) Reloading device manager configuration...
(4/9) Arming ConditionNeedsUpdate...
(5/9) Install DKMS modules
==> dkms install vboxhost/6.1.6_OSE -k 5.6.11.a-1-hardened
(6/9) Updating icon theme caches...
(7/9) Updating the desktop file MIME type cache...
(8/9) Updating the MIME type database...
(9/9) SELinux: relabel installed filesAnd when that did not work I rebooted and tried to start my OpenBSD virtualbox again. It did not work after a reboot either so I uninstalled "linux-hardened-headers virtualbox virtualbox-host-dkms" via "pacman -R linux-hardened-headers virtualbox virtualbox-host-dkms" and then executed the first commando again and tried. Still not working. I uninstalled "virtualbox-host-dkms", rebooted, installed "virtualbox-host-modules-arch" and tried. Still not working. I rebooted and tried again. Still not working.
I tried the following as well
modprobe vboxdrv
modprobe: ERROR: could not insert 'vboxdrv': Operation not permitted
sudo modprobe vboxdrv
modprobe: ERROR: could not insert 'vboxdrv': Operation not permitted
su
(logged in as root)
modprobe vboxdrv
modprobe: ERROR: could not insert 'vboxdrv': Operation not permittedThe output of "lsmod | grep vbox" is blank
find /lib/modules/`uname -r` -print | grep vboxdrv
/lib/modules/5.6.11.a-1-hardened/kernel/misc/vboxdrv.ko.xzThe Arch Wiki Security page (https://wiki.archlinux.org/index.php/Se … le_loading) states the following
Restricting module loading
The default Arch kernel has CONFIG_MODULE_SIG_ALL enabled which signs all kernel modules build as part of the linux package.
This allows the kernel to restrict modules to be only loaded when they are signed with a valid key, in practical terms this means that all out of tree
modules compiled locally or provides by packages such as virtualbox-host-modules-arch cannot be loaded.
Kernel module loading can be restricted by setting the kernel parameter module.sig_enforce=1. More information can be found at the kernel documentation. But I have loaded virtualbox modules on a linux-hardened kernel before, as I said in the initial post.
Offline
#4 2020-05-13 13:36:25
- loqs
- Member
- Registered: 2014-03-06
- Posts: 17,378
Re: Unable to load VirtualBox modules with linux hardened
in practical terms this means that all out of tree modules compiled locally or provides by packages such as virtualbox-host-modules-arch cannot be loaded.
This is incorrect / confusing. CONFIG_MODULE_SIG_FORCE is not set so the module being signed may only taint the kernel depending on other settings.
Is module.sig_enforce set to 1 on your system? Is secure boot enabled?
Offline
#5 2020-08-26 08:44:06
- cqknard
- Member
- Registered: 2019-09-17
- Posts: 4
Re: Unable to load VirtualBox modules with linux hardened
All,
Is there any news about that ?
I have the same issue.
$ uname -r
5.7.17.a-1-hardened$ sudo pacman -S --noconfirm --noprogress virtualbox virtualbox-host-dkms
warning: virtualbox-6.1.12-4 is up to date -- reinstalling
warning: virtualbox-host-dkms-6.1.12-4 is up to date -- reinstalling
resolving dependencies...
looking for conflicting packages...
Packages (2) virtualbox-6.1.12-4 virtualbox-host-dkms-6.1.12-4
Total Installed Size: 170.86 MiB
Net Upgrade Size: 0.00 MiB
:: Proceed with installation? [Y/n]
checking keyring...
checking package integrity...
loading package files...
checking for file conflicts...
checking available disk space...
:: Running pre-transaction hooks...
(1/1) Remove upgraded DKMS modules
==> dkms remove --no-depmod -m vboxhost -v 6.1.12_OSE -k 5.7.17.a-1-hardened
:: Processing package changes...
reinstalling virtualbox-host-dkms...
reinstalling virtualbox...
:: Running post-transaction hooks...
(1/8) Creating system user accounts...
(2/8) Reloading system manager configuration...
(3/8) Reloading device manager configuration...
(4/8) Arming ConditionNeedsUpdate...
(5/8) Install DKMS modules
==> dkms install --no-depmod -m vboxhost -v 6.1.12_OSE -k 5.7.17.a-1-hardened
==> depmod 5.7.17.a-1-hardened
(6/8) Updating icon theme caches...
(7/8) Updating the desktop file MIME type cache...
(8/8) Updating the MIME type database...$ sudo modprobe vboxdrv
modprobe: ERROR: could not insert 'vboxdrv': Operation not permitted$ mokutil --sb-state
SecureBoot disabledI tried with other kernel: linux-lts, but I have the same issue.
$ uname -r ; sudo modprobe vboxdrv
5.4.60-1-lts
modprobe: ERROR: could not insert 'vboxdrv': Operation not permittedRegards,
Last edited by cqknard (2020-08-26 09:04:28)
Offline