VirtualBox

source: vbox/trunk/src/VBox/HostDrivers/Support/darwin/SUPR3HardenedEntitlementsVM.plist@ 100838

Last change on this file since 100838 was 97188, checked in by vboxsync, 3 years ago

Support/SUPR3HardenedEntitlementsVM.plist,VMM/NEMR3Native-darwin: Remove the Catalina workaround, as it turns out setting the com.apple.security.cs.allow-unsigned-executable-memory and com.apple.security.cs.disable-executable-page-protection entitlements are enough to make it work, bugref:9044
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 2.0 KB
Line 
1<?xml version="1.0" encoding="UTF-8"?>
2<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
3<plist version="1.0">
4<dict>
5 <!-- <key>com.apple.security.cs.allow-jit</key> <true/> -->
6 <!--
7 The following two entitlements are required for using AppleHV on Catalina.
8 The first entitlement allows us to have unsigned executable memory in the guests
9 address space like the BIOS code (and essentially all the guests address space which
10 is mapped as RWX).
11 The second entitlement is required in order to map guest memory as RWX into the
12 guests address space.
13 These entitlements are not required starting with BigSur+ where Apple has clearly
14 changed something in their entitlement scheme without properly documenting it.
15 -->
16 <key>com.apple.security.cs.allow-unsigned-executable-memory</key> <true/>
17 <key>com.apple.security.cs.disable-executable-page-protection</key> <true/>
18 <!-- For audio input -->
19 <key>com.apple.security.device.audio-input</key> <true/>
20 <!-- For emulated webcam -->
21 <key>com.apple.security.device.camera</key> <true/>
22 <!-- For HID input monitoring -->
23 <key>com.apple.security.device.usb</key> <true/>
24 <!-- For vmnet based bridging and host-only networking -->
25 <key>com.apple.vm.networking</key> <true/>
26 <!-- For USB capturing -->
27 <key>com.apple.vm.device-access</key> <true/>
28 <!--
29 The following are required for using AppleHV (need the second one for running Catalina)
30 but are actually stored in the provisioning profile because these are special entitlements.
31 -->
32 <!--<key>com.apple.security.hypervisor</key> <true/>-->
33 <!--<key>com.apple.vm.hypervisor</key> <true/>-->
34</dict>
35</plist>
Note: See TracBrowser for help on using the repository browser.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette