virtualbox.org

Is it possible to compile/patch the virtualbox driver into the kernel (>= 2.6.26), so that there is no need to enable module support?

I am working with hardened kernels that do not like module support, but I have the possibiliy to patch things into the kernel (I did so with OpenVZ).

Are there any instructions on doing so? Or is this simply not supported at all.

The VB source is available. If you have the skills, and it looks like you have, you can add the module directly in your kernel. Keep in mind that when you want to update VB, you also need to update the kernel module in your kernel, meaning a new kernel compilation is required.

I am working with hardened kernels that do not like module support

Can you define "do not like"? I know that hardened kernels have options related to modules, you can completely disable module support, or restrict it. But if you configure the kernel properly, you won't have any problems with VirtualBox.

If you do not want to enable loadable module support when the system is already up and running, there is an option in grsecurity that allows you to disable loadable module support via sysctl once the required modules are loaded that makes the system more secure and you can still use the required modules


Regards,


Chris