Opened 7 years ago
Last modified 7 years ago
#17864 new defect
VirtualBox kernel modules do not build on Fedora 28
| Reported by: | ThygWedd | Owned by: | |
|---|---|---|---|
| Component: | installer | Version: | VirtualBox 5.2.14 |
| Keywords: | Cc: | ||
| Guest type: | all | Host type: | Linux |
Description (last modified by )
VirtualBox-5.2-5.2.12_122591_fedora26-1.x86_64
Issuing /sbin/vboxconfig fails.
There's multiple files being complained about containing the line IPAddressDeny=any ("File /usr/lib/systemd/system/systemd-logind.service:36 configures an IP firewall (IPAddressDeny=any), but the local system does not support BPF/cgroup based firewalling"):
systemd-machined.service systemd-udevd.service systemd-journald.service systemd-logind.service
Finally (and after commenting out IPAddressDeny=any for debugging purposes in named files) it still fails:
(...)
gcc -Wp,-MD,/tmp/vbox.0/.SUPR0IdcClient.o.d -nostdinc -isystem /usr/lib/gcc/x86_64-redhat-linux/8/include -I./arch/x86/include -I./arch/x86/include/generated -I./include -I./arch/x86/include/uapi -I./arch/x86/include/generated/uapi -I./include/uapi -I./include/generated/uapi -include ./include/linux/kconfig.h -include ./include/linux/compiler_types.h -D__KERNEL__ -DCONFIG_CC_STACKPROTECTOR -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs -fno-strict-aliasing -fno-common -fshort-wchar -Werror-implicit-function-declaration -Wno-format-security -std=gnu89 -fno-PIE -DCC_HAVE_ASM_GOTO -mno-sse -mno-mmx -mno-sse2 -mno-3dnow -mno-avx -m64 -falign-jumps=1 -falign-loops=1 -mno-80387 -mno-fp-ret-in-387 -mpreferred-stack-boundary=3 -mskip-rax-setup -mtune=generic -mno-red-zone -mcmodel=kernel -funit-at-a-time -DCONFIG_AS_CFI=1 -DCONFIG_AS_CFI_SIGNAL_FRAME=1 -DCONFIG_AS_CFI_SECTIONS=1 -DCONFIG_AS_FXSAVEQ=1 -DCONFIG_AS_SSSE3=1 -DCONFIG_AS_CRC32=1 -DCONFIG_AS_AVX=1 -DCONFIG_AS_AVX2=1 -DCONFIG_AS_AVX512=1 -DCONFIG_AS_SHA1_NI=1 -DCONFIG_AS_SHA256_NI=1 -pipe -Wno-sign-compare -fno-asynchronous-unwind-tables -mindirect-branch=thunk-extern -mindirect-branch-register -DRETPOLINE -fno-delete-null-pointer-checks -Wno-frame-address -Wno-format-truncation -Wno-format-overflow -Wno-int-in-bool-context -O2 --param=allow-store-data-races=0 -Wframe-larger-than=2048 -fstack-protector-strong -Wno-unused-but-set-variable -Wno-unused-const-variable -fvar-tracking-assignments -g -pg -mfentry -DCC_USING_FENTRY -Wdeclaration-after-statement -Wno-pointer-sign -fno-strict-overflow -fno-merge-all-constants -fmerge-constants -fno-stack-check -fconserve-stack -Werror=implicit-int -Werror=strict-prototypes -Werror=date-time -Werror=incompatible-pointer-types -Werror=designated-init -fmacro-prefix-map=./= -Wno-packed-not-aligned -include /tmp/vbox.0/include/VBox/SUPDrvMangling.h -fno-pie -I/lib/modules/4.17.3-200.fc28.x86_64/build/include -I/tmp/vbox.0/ -I/tmp/vbox.0/include -I/tmp/vbox.0/r0drv/linux -D__KERNEL__ -DMODULE -DRT_OS_LINUX -DIN_RING0 -DIN_RT_R0 -DIN_SUP_R0 -DVBOX -DRT_WITH_VBOX -DVBOX_WITH_HARDENING -DRT_ARCH_AMD64 -DMODULE -DKBUILD_BASENAME='"SUPR0IdcClient"' -DKBUILD_MODNAME='"vboxpci"' -c -o /tmp/vbox.0/SUPR0IdcClient.o /tmp/vbox.0/SUPR0IdcClient.c
gcc -Wp,-MD,/tmp/vbox.0/.SUPR0IdcClientComponent.o.d -nostdinc -isystem /usr/lib/gcc/x86_64-redhat-linux/8/include -I./arch/x86/include -I./arch/x86/include/generated -I./include -I./arch/x86/include/uapi -I./arch/x86/include/generated/uapi -I./include/uapi -I./include/generated/uapi -include ./include/linux/kconfig.h -include ./include/linux/compiler_types.h -D__KERNEL__ -DCONFIG_CC_STACKPROTECTOR -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs -fno-strict-aliasing -fno-common -fshort-wchar -Werror-implicit-function-declaration -Wno-format-security -std=gnu89 -fno-PIE -DCC_HAVE_ASM_GOTO -mno-sse -mno-mmx -mno-sse2 -mno-3dnow -mno-avx -m64 -falign-jumps=1 -falign-loops=1 -mno-80387 -mno-fp-ret-in-387 -mpreferred-stack-boundary=3 -mskip-rax-setup -mtune=generic -mno-red-zone -mcmodel=kernel -funit-at-a-time -DCONFIG_AS_CFI=1 -DCONFIG_AS_CFI_SIGNAL_FRAME=1 -DCONFIG_AS_CFI_SECTIONS=1 -DCONFIG_AS_FXSAVEQ=1 -DCONFIG_AS_SSSE3=1 -DCONFIG_AS_CRC32=1 -DCONFIG_AS_AVX=1 -DCONFIG_AS_AVX2=1 -DCONFIG_AS_AVX512=1 -DCONFIG_AS_SHA1_NI=1 -DCONFIG_AS_SHA256_NI=1 -pipe -Wno-sign-compare -fno-asynchronous-unwind-tables -mindirect-branch=thunk-extern -mindirect-branch-register -DRETPOLINE -fno-delete-null-pointer-checks -Wno-frame-address -Wno-format-truncation -Wno-format-overflow -Wno-int-in-bool-context -O2 --param=allow-store-data-races=0 -Wframe-larger-than=2048 -fstack-protector-strong -Wno-unused-but-set-variable -Wno-unused-const-variable -fvar-tracking-assignments -g -pg -mfentry -DCC_USING_FENTRY -Wdeclaration-after-statement -Wno-pointer-sign -fno-strict-overflow -fno-merge-all-constants -fmerge-constants -fno-stack-check -fconserve-stack -Werror=implicit-int -Werror=strict-prototypes -Werror=date-time -Werror=incompatible-pointer-types -Werror=designated-init -fmacro-prefix-map=./= -Wno-packed-not-aligned -include /tmp/vbox.0/include/VBox/SUPDrvMangling.h -fno-pie -I/lib/modules/4.17.3-200.fc28.x86_64/build/include -I/tmp/vbox.0/ -I/tmp/vbox.0/include -I/tmp/vbox.0/r0drv/linux -D__KERNEL__ -DMODULE -DRT_OS_LINUX -DIN_RING0 -DIN_RT_R0 -DIN_SUP_R0 -DVBOX -DRT_WITH_VBOX -DVBOX_WITH_HARDENING -DRT_ARCH_AMD64 -DMODULE -DKBUILD_BASENAME='"SUPR0IdcClientComponent"' -DKBUILD_MODNAME='"vboxpci"' -c -o /tmp/vbox.0/SUPR0IdcClientComponent.o /tmp/vbox.0/SUPR0IdcClientComponent.c
gcc -Wp,-MD,/tmp/vbox.0/linux/.SUPR0IdcClient-linux.o.d -nostdinc -isystem /usr/lib/gcc/x86_64-redhat-linux/8/include -I./arch/x86/include -I./arch/x86/include/generated -I./include -I./arch/x86/include/uapi -I./arch/x86/include/generated/uapi -I./include/uapi -I./include/generated/uapi -include ./include/linux/kconfig.h -include ./include/linux/compiler_types.h -D__KERNEL__ -DCONFIG_CC_STACKPROTECTOR -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs -fno-strict-aliasing -fno-common -fshort-wchar -Werror-implicit-function-declaration -Wno-format-security -std=gnu89 -fno-PIE -DCC_HAVE_ASM_GOTO -mno-sse -mno-mmx -mno-sse2 -mno-3dnow -mno-avx -m64 -falign-jumps=1 -falign-loops=1 -mno-80387 -mno-fp-ret-in-387 -mpreferred-stack-boundary=3 -mskip-rax-setup -mtune=generic -mno-red-zone -mcmodel=kernel -funit-at-a-time -DCONFIG_AS_CFI=1 -DCONFIG_AS_CFI_SIGNAL_FRAME=1 -DCONFIG_AS_CFI_SECTIONS=1 -DCONFIG_AS_FXSAVEQ=1 -DCONFIG_AS_SSSE3=1 -DCONFIG_AS_CRC32=1 -DCONFIG_AS_AVX=1 -DCONFIG_AS_AVX2=1 -DCONFIG_AS_AVX512=1 -DCONFIG_AS_SHA1_NI=1 -DCONFIG_AS_SHA256_NI=1 -pipe -Wno-sign-compare -fno-asynchronous-unwind-tables -mindirect-branch=thunk-extern -mindirect-branch-register -DRETPOLINE -fno-delete-null-pointer-checks -Wno-frame-address -Wno-format-truncation -Wno-format-overflow -Wno-int-in-bool-context -O2 --param=allow-store-data-races=0 -Wframe-larger-than=2048 -fstack-protector-strong -Wno-unused-but-set-variable -Wno-unused-const-variable -fvar-tracking-assignments -g -pg -mfentry -DCC_USING_FENTRY -Wdeclaration-after-statement -Wno-pointer-sign -fno-strict-overflow -fno-merge-all-constants -fmerge-constants -fno-stack-check -fconserve-stack -Werror=implicit-int -Werror=strict-prototypes -Werror=date-time -Werror=incompatible-pointer-types -Werror=designated-init -fmacro-prefix-map=./= -Wno-packed-not-aligned -include /tmp/vbox.0/include/VBox/SUPDrvMangling.h -fno-pie -I/lib/modules/4.17.3-200.fc28.x86_64/build/include -I/tmp/vbox.0/ -I/tmp/vbox.0/include -I/tmp/vbox.0/r0drv/linux -D__KERNEL__ -DMODULE -DRT_OS_LINUX -DIN_RING0 -DIN_RT_R0 -DIN_SUP_R0 -DVBOX -DRT_WITH_VBOX -DVBOX_WITH_HARDENING -DRT_ARCH_AMD64 -DMODULE -DKBUILD_BASENAME='"SUPR0IdcClient_linux"' -DKBUILD_MODNAME='"vboxpci"' -c -o /tmp/vbox.0/linux/SUPR0IdcClient-linux.o /tmp/vbox.0/linux/SUPR0IdcClient-linux.c
./tools/objtool/objtool orc generate --module --no-fp --retpoline "/tmp/vbox.0/SUPR0IdcClientComponent.o";
if [ "-pg" = "-pg" ]; then if [ /tmp/vbox.0/SUPR0IdcClientComponent.o != "scripts/mod/empty.o" ]; then ./scripts/recordmcount "/tmp/vbox.0/SUPR0IdcClientComponent.o"; fi; fi;
./tools/objtool/objtool orc generate --module --no-fp --retpoline "/tmp/vbox.0/linux/SUPR0IdcClient-linux.o";
./tools/objtool/objtool orc generate --module --no-fp --retpoline "/tmp/vbox.0/SUPR0IdcClient.o";
if [ "-pg" = "-pg" ]; then if [ /tmp/vbox.0/linux/SUPR0IdcClient-linux.o != "scripts/mod/empty.o" ]; then ./scripts/recordmcount "/tmp/vbox.0/linux/SUPR0IdcClient-linux.o"; fi; fi;
if [ "-pg" = "-pg" ]; then if [ /tmp/vbox.0/SUPR0IdcClient.o != "scripts/mod/empty.o" ]; then ./scripts/recordmcount "/tmp/vbox.0/SUPR0IdcClient.o"; fi; fi;
./tools/objtool/objtool orc generate --module --no-fp --retpoline "/tmp/vbox.0/VBoxPci.o";
if [ "-pg" = "-pg" ]; then if [ /tmp/vbox.0/VBoxPci.o != "scripts/mod/empty.o" ]; then ./scripts/recordmcount "/tmp/vbox.0/VBoxPci.o"; fi; fi;
In file included from /tmp/vbox.0/r0drv/linux/the-linux-kernel.h:80,
from /tmp/vbox.0/linux/VBoxPci-linux.c:31:
In function ‘strncpy’,
inlined from ‘vboxPciLinuxDevDetachHostDriver’ at /tmp/vbox.0/linux/VBoxPci-linux.c:436:9,
inlined from ‘vboxPciOsDevInit’ at /tmp/vbox.0/linux/VBoxPci-linux.c:645:14:
./include/linux/string.h:246:9: warning: ‘__builtin_strncpy’ specified bound 64 equals destination size [-Wstringop-truncation]
return __builtin_strncpy(p, q, size);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
./tools/objtool/objtool orc generate --module --no-fp --retpoline "/tmp/vbox.0/linux/VBoxPci-linux.o";
if [ "-pg" = "-pg" ]; then if [ /tmp/vbox.0/linux/VBoxPci-linux.o != "scripts/mod/empty.o" ]; then ./scripts/recordmcount "/tmp/vbox.0/linux/VBoxPci-linux.o"; fi; fi;
ld -m elf_x86_64 -z max-page-size=0x200000 -r -o /tmp/vbox.0/vboxpci.o /tmp/vbox.0/linux/VBoxPci-linux.o /tmp/vbox.0/VBoxPci.o /tmp/vbox.0/SUPR0IdcClient.o /tmp/vbox.0/SUPR0IdcClientComponent.o /tmp/vbox.0/linux/SUPR0IdcClient-linux.o
make -f ./scripts/Makefile.modpost
find /tmp/vbox.0/.tmp_versions -name '*.mod' | xargs -r grep -h '\.ko$' | sort -u | sed 's/\.ko$/.o/' | scripts/mod/modpost -i ./Module.symvers -I /tmp/vbox.0/Module.symvers -o /tmp/vbox.0/Module.symvers -S -w -s -T -
gcc -Wp,-MD,/tmp/vbox.0/.vboxpci.mod.o.d -nostdinc -isystem /usr/lib/gcc/x86_64-redhat-linux/8/include -I./arch/x86/include -I./arch/x86/include/generated -I./include -I./arch/x86/include/uapi -I./arch/x86/include/generated/uapi -I./include/uapi -I./include/generated/uapi -include ./include/linux/kconfig.h -include ./include/linux/compiler_types.h -D__KERNEL__ -DCONFIG_CC_STACKPROTECTOR -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs -fno-strict-aliasing -fno-common -fshort-wchar -Werror-implicit-function-declaration -Wno-format-security -std=gnu89 -fno-PIE -DCC_HAVE_ASM_GOTO -mno-sse -mno-mmx -mno-sse2 -mno-3dnow -mno-avx -m64 -falign-jumps=1 -falign-loops=1 -mno-80387 -mno-fp-ret-in-387 -mpreferred-stack-boundary=3 -mskip-rax-setup -mtune=generic -mno-red-zone -mcmodel=kernel -funit-at-a-time -DCONFIG_AS_CFI=1 -DCONFIG_AS_CFI_SIGNAL_FRAME=1 -DCONFIG_AS_CFI_SECTIONS=1 -DCONFIG_AS_FXSAVEQ=1 -DCONFIG_AS_SSSE3=1 -DCONFIG_AS_CRC32=1 -DCONFIG_AS_AVX=1 -DCONFIG_AS_AVX2=1 -DCONFIG_AS_AVX512=1 -DCONFIG_AS_SHA1_NI=1 -DCONFIG_AS_SHA256_NI=1 -pipe -Wno-sign-compare -fno-asynchronous-unwind-tables -mindirect-branch=thunk-extern -mindirect-branch-register -DRETPOLINE -fno-delete-null-pointer-checks -Wno-frame-address -Wno-format-truncation -Wno-format-overflow -Wno-int-in-bool-context -O2 --param=allow-store-data-races=0 -Wframe-larger-than=2048 -fstack-protector-strong -Wno-unused-but-set-variable -Wno-unused-const-variable -fvar-tracking-assignments -g -pg -mfentry -DCC_USING_FENTRY -Wdeclaration-after-statement -Wno-pointer-sign -fno-strict-overflow -fno-merge-all-constants -fmerge-constants -fno-stack-check -fconserve-stack -Werror=implicit-int -Werror=strict-prototypes -Werror=date-time -Werror=incompatible-pointer-types -Werror=designated-init -fmacro-prefix-map=./= -Wno-packed-not-aligned -include /tmp/vbox.0/include/VBox/SUPDrvMangling.h -fno-pie -I/lib/modules/4.17.3-200.fc28.x86_64/build/include -I/tmp/vbox.0/ -I/tmp/vbox.0/include -I/tmp/vbox.0/r0drv/linux -D__KERNEL__ -DMODULE -DRT_OS_LINUX -DIN_RING0 -DIN_RT_R0 -DIN_SUP_R0 -DVBOX -DRT_WITH_VBOX -DVBOX_WITH_HARDENING -DRT_ARCH_AMD64 -DKBUILD_BASENAME='"vboxpci.mod"' -DKBUILD_MODNAME='"vboxpci"' -DMODULE -c -o /tmp/vbox.0/vboxpci.mod.o /tmp/vbox.0/vboxpci.mod.c
ld -r -m elf_x86_64 -z max-page-size=0x200000 -T ./scripts/module-common.lds --build-id -o /tmp/vbox.0/vboxpci.ko /tmp/vbox.0/vboxpci.o /tmp/vbox.0/vboxpci.mod.o ; true
make V=1 CONFIG_MODULE_SIG= -C /lib/modules/4.17.3-200.fc28.x86_64/build SUBDIRS=/tmp/vbox.0 SRCROOT=/tmp/vbox.0 INSTALL_MOD_PATH= INSTALL_MOD_DIR=misc modules_install
test -e include/generated/autoconf.h -a -e include/config/auto.conf || ( \
echo >&2; \
echo >&2 " ERROR: Kernel configuration is invalid."; \
echo >&2 " include/generated/autoconf.h or include/config/auto.conf are missing.";\
echo >&2 " Run 'make oldconfig && make prepare' on kernel src to fix it."; \
echo >&2 ; \
/bin/false)
mkdir -p /lib/modules/4.17.3-200.fc28.x86_64/misc
make -f ./scripts/Makefile.modinst
mkdir -p /lib/modules/4.17.3-200.fc28.x86_64/misc ; cp /tmp/vbox.0/vboxpci.ko /lib/modules/4.17.3-200.fc28.x86_64/misc ; true /lib/modules/4.17.3-200.fc28.x86_64/misc/vboxpci.ko ; scripts/sign-file "sha256" "certs/signing_key.pem" certs/signing_key.x509 /lib/modules/4.17.3-200.fc28.x86_64/misc/vboxpci.ko || true && true /lib/modules/4.17.3-200.fc28.x86_64/misc/vboxpci.ko
At main.c:160:
- SSL error:02001002:system library:fopen:No such file or directory: crypto/bio/bss_file.c:74
- SSL error:2006D080:BIO routines:BIO_new_file:no such file: crypto/bio/bss_file.c:81
sign-file: certs/signing_key.pem: No such file or directory
/bin/sh ./scripts/depmod.sh /sbin/depmod 4.17.3-200.fc28.x86_64 ""
After updating to VirtualBox-5.2-5.2.14_123301_fedora26-1.x86_64 there's an empty vbox-install.log after issuing /sbin/vboxconfig, vbox-setup.log shows:
Building the main VirtualBox module. Building the net filter module. Building the net adaptor module. Building the PCI pass-through module.
No information on why it failed to build.
Change History (2)
comment:1 by , 7 years ago
| Description: | modified (diff) |
|---|
comment:2 by , 7 years ago
Note:
See TracTickets
for help on using tickets.
It looks like your system is set up to sign modules with a key called certs/signing_key.pem, and the script is failing because it can't be found. Unfortunately at this time we do not support using signed kernel modules. This means that you either have to handle the signing yourself (which many people report having done successfully) or disable module signing. I do not think that it is possible to do fully automatic module signing in a way which is more than marginally more secure than disabling signing altogether. That said, I do not know either how much security benefit signed modules bring for a Linux desktop system at all.