儲存庫 vbox 的更動 12423

時間撮記:

2008-9-12 下午02:42:49 (16 年 以前)

作者:

vboxsync

訊息:

IPRT/SUP: Renamed RTLdrOpenAppSharedLib to RTLdrOpenAppPriv. Hardend versions of RTLdrOpen and RTLdrOpenAppPriv. Use the hardend versions where appropriate.

位置:

trunk

檔案:

• include/VBox/sup.h (修改) (2 筆差異)
• include/iprt/ldr.h (修改) (1 筆差異)
• src/VBox/Devices/Serial/DevSerial.cpp (修改) (2 筆差異)
• src/VBox/Devices/Storage/VBoxHDD-new.cpp (修改) (4 筆差異)
• src/VBox/Frontends/VBoxHeadless/VBoxHeadless.cpp (修改) (2 筆差異)
• src/VBox/HostDrivers/Support/SUPLib.cpp (修改) (11 筆差異)
• src/VBox/Main/ConsoleVRDPServer.cpp (修改) (1 筆差異)
• src/VBox/Main/hgcm/HGCM.cpp (修改) (3 筆差異)
• src/VBox/Runtime/common/ldr/ldrNative.cpp (修改) (1 筆差異)

trunk/include/VBox/sup.h

@@ -566 +566 @@
 
 /**
- * Verifies the integrity of a file, and optionally opens it. 
- *  
- * The integrity check is for whether the file is suitable for loading into 
- * the hypervisor or VM process. The integrity check may include verifying 
- * the authenticode/elfsign/whatever signature of the file, which can take 
- * a little while. 
- * 
- * @returns VBox status code. On failure it will have printed a LogRel message.
- * 
- * @param   pszFilename     The file.
- * @param   pszWhat         For the LogRel on failure. 
- * @param   phFile          Where to store the handle to the opened file. This is optional, pass NULL 
- *                          if the file should not be opened. 
- */
-SUPR3DECL(int) SUPR3HardenedVerifyFile(const char *pszFilename, const char *pszWhat, PRTFILE phFile);
-
-/**
- * Load a module into R0 HC. 
- *  
- * This will verify the file integrity in a similar manner as 
+ * Load a module into R0 HC.
+ *
+ * This will verify the file integrity in a similar manner as
  * SUPR3HardenedVerifyFile before loading it.
  *
@@ -637 +620 @@
  */
 SUPR3DECL(int) SUPGipGetPhys(PRTHCPHYS pHCPhys);
+
+/**
+ * Verifies the integrity of a file, and optionally opens it.
+ *
+ * The integrity check is for whether the file is suitable for loading into
+ * the hypervisor or VM process. The integrity check may include verifying
+ * the authenticode/elfsign/whatever signature of the file, which can take
+ * a little while.
+ *
+ * @returns VBox status code. On failure it will have printed a LogRel message.
+ *
+ * @param   pszFilename     The file.
+ * @param   pszWhat         For the LogRel on failure.
+ * @param   phFile          Where to store the handle to the opened file. This is optional, pass NULL
+ *                          if the file should not be opened.
+ */
+SUPR3DECL(int) SUPR3HardenedVerifyFile(const char *pszFilename, const char *pszWhat, PRTFILE phFile);
+
+/**
+ * Same as RTLdrLoad() but will verify the files it loads (hardened builds).
+ *
+ * Will add dll suffix if missing and try load the file.
+ *
+ * @returns iprt status code.
+ * @param   pszFilename Image filename. This must have a path.
+ * @param   phLdrMod    Where to store the handle to the loaded module.
+ */
+SUPR3DECL(int) SUPR3HardenedLdrLoad(const char *pszFilename, PRTLDRMOD phLdrMod);
+
+/**
+ * Same as RTLdrLoadAppPriv() but it will verify the files it loads (hardened
+ * builds).
+ *
+ * Will add dll suffix to the file if missing, then look for it in the
+ * architecture dependent application directory.
+ *
+ * @returns iprt status code.
+ * @param   pszFilename Image filename.
+ * @param   phLdrMod    Where to store the handle to the loaded module.
+ */
+SUPR3DECL(int) SUPR3HardenedLdrLoadAppPriv(const char *pszFilename, PRTLDRMOD phLdrMod);
 
 /** @} */

trunk/include/iprt/ldr.h

@@ -69 +69 @@
 
 /**
- * Loads a dynamic load library (/shared object) image file using native
- * OS facilities.
- *
- * If the path is specified in the filename, only this path is used.
- * If only the image file name is specified, then try to load it from:
- *   - RTPathAppPrivateArch
- *   - RTPathSharedLibs (legacy)
- *
- * @returns iprt status code.
- * @param   pszFilename Image filename.
+ * Loads a dynamic load library (/shared object) image file residing in the
+ * RTPathAppPrivateArch() directory.
+ *
+ * Suffix is not required.
+ *
+ * @returns iprt status code.
+ * @param   pszFilename Image filename. No path.
  * @param   phLdrMod    Where to store the handle to the loaded module.
  */
-RTDECL(int) RTLdrLoadAppSharedLib(const char *pszFilename, PRTLDRMOD phLdrMod);
+RTDECL(int) RTLdrLoadAppPriv(const char *pszFilename, PRTLDRMOD phLdrMod);
 
 /**

trunk/src/VBox/Devices/Serial/DevSerial.cpp

@@ -242 +242 @@
     if (RT_LIKELY(s->pDrvChar))
         s->pDrvChar->pfnSetParameters(s->pDrvChar, speed, parity, data_bits, stop_bits);
+#ifdef RT_OS_DARWIN
+    if (RT_LIKELY(s->pDrvChar))
+        s->cNsDelay = (69444 - 2000) / s->divider; /* 69444 == 1000,000,000 / (115,000 / 8); 2000 = fudge factor */
+#endif
 }
 
@@ -386 +390 @@
     case 5:
         ret = s->lsr;
+#ifdef RT_OS_DARWIN
+        if (    !(ret & UART_LSR_THRE)
+            &&   pThis->HeldXmitNanoTS
+            &&  RTTimeNanoTS() - s->HeldXmitNanoTS >= s->cNsDelay) {
+            ret = s->lsr |= UART_LSR_THRE;
+        }
+#endif
         break;
     case 6:

trunk/src/VBox/Devices/Storage/VBoxHDD-new.cpp

@@ -26 +26 @@
 #include <VBox/VBoxHDD-new.h>
 #include <VBox/err.h>
-
+#include <VBox/sup.h>
 #include <VBox/log.h>
+
 #include <iprt/alloc.h>
 #include <iprt/assert.h>
@@ -195 +196 @@
 
         /* Try to load the plugin (RTLdrLoad takes care of the suffix). */
-        rc = RTLdrLoad(pszPluginName, &hPlugin);
+        rc = SUPR3HardenedLdrLoad(pszPluginName, &hPlugin);
         if (RT_SUCCESS(rc))
         {
@@ -730 +731 @@
             }
 
-            rc = RTLdrLoad(pszPluginPath, &hPlugin);
+            rc = SUPR3HardenedLdrLoad(pszPluginPath, &hPlugin);
             if (RT_SUCCESS(rc))
             {
@@ -1015 +1016 @@
             }
 
-            rc = RTLdrLoad(pszPluginPath, &hPlugin);
+            rc = SUPR3HardenedLdrLoad(pszPluginPath, &hPlugin);
             if (RT_SUCCESS(rc))
             {

trunk/src/VBox/Frontends/VBoxHeadless/VBoxHeadless.cpp

@@ -51 +51 @@
 #include <iprt/param.h>
 #include <iprt/process.h>
+#include <VBox/sup.h>
 #endif
 
@@ -690 +691 @@
 
             Log2(("VBoxHeadless: loading VBoxFFmpegFB shared library\n"));
-            rrc = RTLdrLoad("VBoxFFmpegFB", &hLdrFFmpegFB);
+            rrc = SUPR3HardenedLdrLoad("VBoxFFmpegFB", &hLdrFFmpegFB);
 
             if (RT_SUCCESS(rrc))

trunk/src/VBox/HostDrivers/Support/SUPLib.cpp

@@ -47 +47 @@
  */
 
-
 /*******************************************************************************
 *   Header Files                                                               *
@@ -68 +67 @@
 #include <iprt/thread.h>
 #include <iprt/process.h>
+#include <iprt/path.h>
 #include <iprt/string.h>
 #include <iprt/env.h>
@@ -738 +738 @@
     {
         RTHCPHYS    Phys = (uintptr_t)pvStart + PAGE_SIZE * 1024;
-        unsigned    iPage = cPages;
+        size_t      iPage = cPages;
         while (iPage-- > 0)
             paPages[iPage].Phys = Phys + (iPage << PAGE_SHIFT);
@@ -758 +758 @@
         pReq->Hdr.rc = VERR_INTERNAL_ERROR;
         pReq->u.In.pvR3 = pvStart;
-        pReq->u.In.cPages = cPages; AssertRelease(pReq->u.In.cPages == cPages);
+        pReq->u.In.cPages = (uint32_t)cPages; AssertRelease(pReq->u.In.cPages == cPages);
         rc = suplibOsIOCtl(&g_supLibData, SUP_IOCTL_PAGE_LOCK, pReq, SUP_IOCTL_PAGE_LOCK_SIZE(cPages));
         if (RT_SUCCESS(rc))
@@ -876 +876 @@
         pReq->Hdr.fFlags = SUPREQHDR_FLAGS_MAGIC | SUPREQHDR_FLAGS_EXTRA_OUT;
         pReq->Hdr.rc = VERR_INTERNAL_ERROR;
-        pReq->u.In.cPages = cPages; AssertRelease(pReq->u.In.cPages == cPages);
+        pReq->u.In.cPages = (uint32_t)cPages; AssertRelease(pReq->u.In.cPages == cPages);
         rc = suplibOsIOCtl(&g_supLibData, SUP_IOCTL_PAGE_ALLOC, pReq, SUP_IOCTL_PAGE_ALLOC_SIZE(cPages));
         if (RT_SUCCESS(rc))
@@ -991 +991 @@
     Req.Hdr.fFlags = SUPREQHDR_FLAGS_DEFAULT;
     Req.Hdr.rc = VERR_INTERNAL_ERROR;
-    Req.u.In.cPages = cPages;
+    Req.u.In.cPages = (uint32_t)cPages;
     int rc = suplibOsIOCtl(&g_supLibData, SUP_IOCTL_CONT_ALLOC, &Req, SUP_IOCTL_CONT_ALLOC_SIZE);
     if (    RT_SUCCESS(rc)
@@ -1060 +1060 @@
         /* fake physical addresses. */
         RTHCPHYS    Phys = (uintptr_t)*ppvPages + PAGE_SIZE * 1024;
-        unsigned    iPage = cPages;
+        size_t      iPage = cPages;
         while (iPage-- > 0)
             paPages[iPage].Phys = Phys + (iPage << PAGE_SHIFT);
@@ -1079 +1079 @@
         pReq->Hdr.fFlags = SUPREQHDR_FLAGS_MAGIC | SUPREQHDR_FLAGS_EXTRA_OUT;
         pReq->Hdr.rc = VERR_INTERNAL_ERROR;
-        pReq->u.In.cPages = cPages; AssertRelease(pReq->u.In.cPages == cPages);
+        pReq->u.In.cPages = (uint32_t)cPages; AssertRelease(pReq->u.In.cPages == cPages);
         rc = suplibOsIOCtl(&g_supLibData, SUP_IOCTL_LOW_ALLOC, pReq, SUP_IOCTL_LOW_ALLOC_SIZE(cPages));
         if (RT_SUCCESS(rc))
@@ -1148 +1148 @@
     AssertPtr(pszFilename);
     AssertPtr(pszMsg);
-    AssertReturn(!phFile, VERR_NOT_IMPLEMENTED); /** @todo Implement this. The deal is that we make sure the 
+    AssertReturn(!phFile, VERR_NOT_IMPLEMENTED); /** @todo Implement this. The deal is that we make sure the
                                                      file is the same we verified after opening it. */
 
@@ -1192 +1192 @@
     }
     else
-        LogRel(("SUPLoadModule: Verification of \"%s\" failed, rc=%Rrc\n", rc)); 
+        LogRel(("SUPLoadModule: Verification of \"%s\" failed, rc=%Rrc\n", rc));
     return rc;
 }
@@ -1890 +1890 @@
 }
 
+
+/**
+ * Worker for SUPR3HardenedLdrLoad and SUPR3HardenedLdrLoadAppPriv.
+ *
+ * @returns iprt status code.
+ * @param   pszFilename     The full file name.
+ * @param   phLdrMod        Where to store the handle to the loaded module.
+ */
+static int supR3HardenedLdrLoadIt(const char *pszFilename, PRTLDRMOD phLdrMod)
+{
+#ifdef VBOX_WITH_HARDENING
+    /*
+     * Verify the image file.
+     */
+    rc = supR3HardenedVerifyFile(pszFilename, false /* fFatal */);
+    if (RT_FAILURE(rc))
+    {
+        LogRel(("supR3HardenedLdrLoadIt: Verification of \"%s\" failed, rc=%Rrc\n", rc));
+        return rc;
+    }
+#endif
+
+    /*
+     * Try load it.
+     */
+    return RTLdrLoad(pszFilename, phLdrMod);
+}
+
+
+SUPR3DECL(int) SUPR3HardenedLdrLoad(const char *pszFilename, PRTLDRMOD phLdrMod)
+{
+    /*
+     * Validate input.
+     */
+    AssertPtrReturn(pszFilename, VERR_INVALID_PARAMETER);
+    AssertPtrReturn(phLdrMod, VERR_INVALID_PARAMETER);
+    *phLdrMod = NIL_RTLDRMOD;
+    AssertReturn(RTPathHavePath(pszFilename), VERR_INVALID_PARAMETER);
+
+    /*
+     * Add the default extension if it's missing.
+     */
+    if (!RTPathHaveExt(pszFilename))
+    {
+        const char *pszSuff = RTLdrGetSuff();
+        size_t      cchSuff = strlen(pszSuff);
+        size_t      cchFilename = strlen(pszFilename);
+        char       *psz = (char *)alloca(cchFilename + cchSuff + 1);
+        AssertReturn(psz, VERR_NO_TMP_MEMORY);
+        memcpy(psz, pszFilename, cchFilename);
+        memcpy(psz + cchFilename, pszSuff, cchSuff + 1);
+        pszFilename = psz;
+    }
+
+    /*
+     * Pass it on to the common library loader.
+     */
+    return supR3HardenedLdrLoadIt(pszFilename, phLdrMod);
+}
+
+
+SUPR3DECL(int) SUPR3HardenedLdrLoadAppPriv(const char *pszFilename, PRTLDRMOD phLdrMod)
+{
+    LogFlow(("SUPR3HardenedLdrLoadAppPriv: pszFilename=%p:{%s} phLdrMod=%p\n", pszFilename, pszFilename, phLdrMod));
+
+    /*
+     * Validate input.
+     */
+    AssertPtrReturn(phLdrMod, VERR_INVALID_PARAMETER);
+    *phLdrMod = NIL_RTLDRMOD;
+    AssertPtrReturn(pszFilename, VERR_INVALID_PARAMETER);
+    AssertMsgReturn(!RTPathHavePath(pszFilename), ("%s\n", pszFilename), VERR_INVALID_PARAMETER);
+
+    /*
+     * Check the filename.
+     */
+    size_t cchFilename = strlen(pszFilename);
+    AssertMsgReturn(cchFilename < (RTPATH_MAX / 4) * 3, ("%zu\n", cchFilename), VERR_INVALID_PARAMETER);
+
+    const char *pszExt = "";
+    size_t cchExt = 0;
+    if (!RTPathHaveExt(pszFilename))
+    {
+        pszExt = RTLdrGetSuff();
+        cchExt = strlen(pszExt);
+    }
+
+    /*
+     * Construct the private arch path and check if the file exists.
+     */
+    char szPath[RTPATH_MAX];
+    int rc = RTPathAppPrivateArch(szPath, sizeof(szPath) - 1 - cchExt - cchFilename);
+    AssertRCReturn(rc, rc);
+
+    char *psz = strchr(szPath, '\0');
+    *psz++ = RTPATH_SLASH;
+    memcpy(psz, pszFilename, cchFilename);
+    psz += cchFilename;
+    memcpy(psz, pszExt, cchExt + 1);
+
+    if (!RTPathExists(szPath))
+    {
+        LogRel(("SUPR3HardenedLdrLoadAppPriv: \"%s\" not found\n", szPath));
+        return VERR_FILE_NOT_FOUND;
+    }
+
+    /*
+     * Pass it on to SUPR3HardenedLdrLoad.
+     */
+    rc = SUPR3HardenedLdrLoad(szPath, phLdrMod);
+
+    LogFlow(("SUPR3HardenedLdrLoadAppPriv: returns %Rrc\n", rc));
+    return rc;
+}
+

trunk/src/VBox/Main/ConsoleVRDPServer.cpp

@@ -1949 +1949 @@
     if (!mVRDPLibrary)
     {
-        rc = RTLdrLoadAppSharedLib ("VBoxVRDP", &mVRDPLibrary);
+        rc = SUPR3HardenedLdrLoadAppPriv ("VBoxVRDP", &mVRDPLibrary);
 
         if (VBOX_SUCCESS(rc))

trunk/src/VBox/Main/hgcm/HGCM.cpp

@@ -131 +131 @@
         static DECLCALLBACK(void) svcHlpCallComplete (VBOXHGCMCALLHANDLE callHandle, int32_t rc);
         static DECLCALLBACK(void) svcHlpDisconnectClient (void *pvInstance, uint32_t u32ClientId);
-        
+
     public:
 
@@ -253 +253 @@
     }
 
-    int rc = RTLdrLoadAppSharedLib (m_pszSvcLibrary, &m_hLdrMod);
+    int rc = SUPR3HardenedLdrLoadAppPriv (m_pszSvcLibrary, &m_hLdrMod);
 
     if (VBOX_SUCCESS(rc))
@@ -716 +716 @@
 {
      HGCMService *pService = static_cast <HGCMService *> (pvInstance);
-     
+
      if (pService)
      {

trunk/src/VBox/Runtime/common/ldr/ldrNative.cpp

@@ -137 +137 @@
 
 /**
- * Loads a dynamic load library (/shared object) image file using native
- * OS facilities.
- *
- * If the path is specified in the filename, only this path is used.
- * If only the image file name is specified, then try to load it from:
- *   - RTPathAppPrivateArch
- *   - RTPathSharedLibs (legacy)
+ * Loads a dynamic load library (/shared object) image file residing in the
+ * RTPathAppPrivateArch() directory.
+ *
+ * Suffix is not required.
  *
  * @returns iprt status code.
- * @param   pszFilename Image filename.
+ * @param   pszFilename Image filename. No path.
  * @param   phLdrMod    Where to store the handle to the loaded module.
  */
-RTDECL(int) RTLdrLoadAppSharedLib(const char *pszFilename, PRTLDRMOD phLdrMod)
-{
-    LogFlow(("RTLdrLoadAppSharedLib: pszFilename=%p:{%s} phLdrMod=%p\n", pszFilename, pszFilename, phLdrMod));
+RTDECL(int) RTLdrLoadAppPriv(const char *pszFilename, PRTLDRMOD phLdrMod)
+{
+    LogFlow(("RTLdrLoadAppPriv: pszFilename=%p:{%s} phLdrMod=%p\n", pszFilename, pszFilename, phLdrMod));
 
     /*
      * Validate input.
      */
-    AssertMsgReturn(VALID_PTR(pszFilename), ("pszFilename=%p\n", pszFilename), VERR_INVALID_PARAMETER);
-    AssertMsgReturn(VALID_PTR(phLdrMod), ("phLdrMod=%p\n", phLdrMod), VERR_INVALID_PARAMETER);
-
-    /*
-     * If a path is specified, just load the file.
-     */
-    if (RTPathHavePath(pszFilename))
-        return RTLdrLoad(pszFilename, phLdrMod);
-
-    /*
-     * By default nothing is found.
-     */
-    int rc = VERR_FILE_NOT_FOUND;
+    AssertPtrReturn(phLdrMod, VERR_INVALID_PARAMETER);
     *phLdrMod = NIL_RTLDRMOD;
-
-    /*
-     * Try default locations.
-     */
-    int i;
-    for (i = 0;; i++)
+    AssertPtrReturn(pszFilename, VERR_INVALID_PARAMETER);
+    AssertMsgReturn(!RTPathHavePath(pszFilename), ("%s\n", pszFilename), VERR_INVALID_PARAMETER);
+
+    /*
+     * Check the filename.
+     */
+    size_t cchFilename = strlen(pszFilename);
+    AssertMsgReturn(cchFilename > (RTPATH_MAX / 4) * 3, ("%zu\n", cchFilename), VERR_INVALID_PARAMETER);
+
+    const char *pszExt = "";
+    size_t cchExt = 0;
+    if (!RTPathHaveExt(pszFilename))
     {
-        /*
-         * Get the appropriate base path.
-         */
-        char szBase[RTPATH_MAX];
-        if (i == 0)
-            rc = RTPathAppPrivateArch(szBase, sizeof (szBase));
-        else if (i == 1)
-            rc = RTPathSharedLibs(szBase, sizeof (szBase));
-        else
-            break;
-
-        if (RT_SUCCESS(rc))
-        {
-            /*
-             * Got the base path. Construct szPath = pszBase + pszFilename
-             */
-            char szPath[RTPATH_MAX];
-            rc = RTPathAbsEx(szBase, pszFilename, szPath, sizeof (szPath));
-            if (RT_SUCCESS(rc))
-            {
-                /*
-                 * Finally try to load the image file.
-                 */
-                rc = RTLdrLoad(szPath, phLdrMod);
-                if (RT_SUCCESS(rc))
-                {
-                    /*
-                     * Successfully loaded the image file.
-                     */
-                    LogFlow(("Library loaded: [%s]\n", szPath));
-                    break;
-                }
-            }
-        }
+        pszExt = RTLdrGetSuff();
+        cchExt = strlen(pszExt);
     }
-    LogFlow(("RTLdrLoadAppSharedLib: returns %Rrc\n", rc));
+
+    /*
+     * Construct the private arch path and check if the file exists.
+     */
+    char szPath[RTPATH_MAX];
+    int rc = RTPathAppPrivateArch(szPath, sizeof(szPath) - 1 - cchExt - cchFilename);
+    AssertRCReturn(rc, rc);
+
+    char *psz = strchr(szPath, '\0');
+    *psz++ = RTPATH_SLASH;
+    memcpy(psz, pszFilename, cchFilename);
+    psz += cchFilename;
+    memcpy(psz, pszExt, cchExt + 1);
+
+    if (!RTPathExists(szPath))
+    {
+        LogRel(("RTLdrLoadAppPriv: \"%s\" not found\n", szPath));
+        return VERR_FILE_NOT_FOUND;
+    }
+
+    /*
+     * Pass it on to RTLdrLoad.
+     */
+    rc = RTLdrLoad(szPath, phLdrMod);
+
+    LogFlow(("RTLdrLoadAppPriv: returns %Rrc\n", rc));
     return rc;
 }