This will be reverted once the VirtualBox devs stop disabling
SMAP unnecessarily, which seems like it will happen never.
Anyone who cares about security of their host system shouldn’t
use VirtualBox, as it already precludes the use of KERNEXEC, UDEREF, and RANDKSTACK.
I may be wrong, but I thought SMAP is now enabled ( I believe Virtualbox addressed this in their 4.x releases and by 5.x.x it was fixed?)
I looked through many tickets and found #13961 which seemed to verify SMAP is default enabled and working now. (unless I have it all wrong)
I found both SMEP and SMAP in the Vbox logs enabled with a (1)
EDIT by Patrick:
Seems like you’re right.