Changeset 52030 in vbox for trunk/src/VBox
- Timestamp:
- Jul 15, 2014 7:28:25 AM (11 years ago)
- Location:
- trunk/src/VBox/HostDrivers/Support
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/HostDrivers/Support/Makefile.kmk
r51999 r52030 137 137 # The Ring-3 Support Library (this is linked into the IPRT dll, VBoxRT). 138 138 # 139 SUPR3_TEMPLATE = VBOXR3 NP139 SUPR3_TEMPLATE = VBOXR3 140 140 SUPR3_DEFS = \ 141 141 IN_SUP_R3 IN_RT_R3 \ 142 142 $(if $(VBOX_WITH_SUPSVC),VBOX_WITH_SUPSVC) \ 143 143 $(if $(VBOX_WITH_MAIN),VBOX_WITH_MAIN,) \ 144 $(if $(VBOX_WITH_RAW_MODE),VBOX_WITH_RAW_MODE,) 144 $(if $(VBOX_WITH_RAW_MODE),VBOX_WITH_RAW_MODE,) \ 145 VBOX_PERMIT_MORE 145 146 SUPR3_INCS := $(PATH_SUB_CURRENT) 146 147 SUPR3_SOURCES = \ … … 183 184 $(if $(VBOX_WITH_RAW_MODE),VBOX_WITH_RAW_MODE,) \ 184 185 $(if $(VBOX_WITHOUT_DEBUGGER_CHECKS),VBOX_WITHOUT_DEBUGGER_CHECKS,) \ 185 $(if $(VBOX_PERMIT_VISUAL_STUDIO_PROFILING),VBOX_PERMIT_VISUAL_STUDIO_PROFILING,) 186 $(if $(VBOX_PERMIT_VISUAL_STUDIO_PROFILING),VBOX_PERMIT_VISUAL_STUDIO_PROFILING,) \ 187 VBOX_PERMIT_MORE 186 188 ifdef VBOX_WITH_VISTA_NO_SP 187 189 SUPR3HardenedStatic_DEFS.win += VBOX_WITH_VISTA_NO_SP … … 535 537 VBoxDrv_DEFS += VBOX_PERMIT_VISUAL_STUDIO_PROFILING 536 538 endif 539 VBoxDrv_DEFS += VBOX_PERMIT_MORE 537 540 #VBoxDrv_DEFS.debug += DEBUG_DARWIN_GIP 538 541 VBoxDrv_DEFS.darwin := VBOX_WITH_HOST_VMX -
trunk/src/VBox/HostDrivers/Support/win/SUPHardenedVerify-win.h
r51770 r52030 39 39 DECLHIDDEN(int) supHardenedWinVerifyProcess(HANDLE hProcess, HANDLE hThread, PRTERRINFO pErrInfo); 40 40 41 DECLHIDDEN(bool) supHardViIsAppPatchDir(PCRTUTF16 pwszPath, uint32_t cwcName); 41 42 DECLHIDDEN(int) supHardenedWinVerifyImageByHandle(HANDLE hFile, PCRTUTF16 pwszName, uint32_t fFlags, bool *pfCacheable, PRTERRINFO pErrInfo); 42 43 DECLHIDDEN(int) supHardenedWinVerifyImageByHandleNoName(HANDLE hFile, uint32_t fFlags, PRTERRINFO pErrInfo); … … 52 53 /** Whether to allow image verification by catalog file. */ 53 54 # define SUPHNTVI_F_ALLOW_CAT_FILE_VERIFICATION RT_BIT(3) 55 /** Resource image, could be any bitness. */ 56 # define SUPHNTVI_F_RESOURCE_IMAGE RT_BIT(30) 54 57 /** Raw-mode context image, always 32-bit. */ 55 58 # define SUPHNTVI_F_RC_IMAGE RT_BIT(31) -
trunk/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyImage-win.cpp
r51977 r52030 511 511 512 512 513 #ifdef VBOX_PERMIT_MORE 514 /** 515 * Checks if the path goes into %windir%\apppatch\. 516 * 517 * @returns true if apppatch, false if not. 518 * @param pwszPath The path to examine. 519 */ 520 DECLHIDDEN(bool) supHardViIsAppPatchDir(PCRTUTF16 pwszPath, uint32_t cwcName) 521 { 522 uint32_t cwcWinDir = (g_System32NtPath.UniStr.Length - sizeof(L"System32")) / sizeof(WCHAR); 523 524 if (cwcName <= cwcWinDir + sizeof("AppPatch")) 525 return false; 526 527 if (memcmp(pwszPath, g_System32NtPath.UniStr.Buffer, cwcWinDir * sizeof(WCHAR))) 528 return false; 529 530 if (!supHardViUtf16PathStartsWith(&pwszPath[cwcWinDir], "\\AppPatch\\")) 531 return false; 532 533 return g_uNtVerCombined >= SUP_NT_VER_VISTA; 534 } 535 #else 536 # error should not get here.. 537 #endif 538 539 540 513 541 /** 514 542 * Checks if the unsigned DLL is fine or not. … … 571 599 if (supHardViUtf16PathIsEqual(pwsz, "apphelp.dll")) 572 600 return uNtVer < SUP_MAKE_NT_VER_SIMPLE(6, 4) ? VINF_LDRVI_NOT_SIGNED : rc; 573 if (supHardViUtf16PathIsEqual(pwsz, "sfc.dll")) 574 return uNtVer < SUP_MAKE_NT_VER_SIMPLE(6, 4) ? VINF_LDRVI_NOT_SIGNED : rc; 601 #ifdef VBOX_PERMIT_MORE 602 if (uNtVer >= SUP_NT_VER_W70) /* hard limit: user32.dll is unwanted prior to w7. */ 603 { 604 if (supHardViUtf16PathIsEqual(pwsz, "sfc.dll")) 605 return uNtVer < SUP_MAKE_NT_VER_SIMPLE(6, 4) ? VINF_LDRVI_NOT_SIGNED : rc; 606 if (supHardViUtf16PathIsEqual(pwsz, "sfc_os.dll")) 607 return uNtVer < SUP_MAKE_NT_VER_SIMPLE(6, 4) ? VINF_LDRVI_NOT_SIGNED : rc; 608 if (supHardViUtf16PathIsEqual(pwsz, "user32.dll")) 609 return uNtVer < SUP_NT_VER_W81 ? VINF_LDRVI_NOT_SIGNED : rc; 610 } 611 #endif 575 612 576 613 #ifndef IN_RING0 … … 653 690 return rc; 654 691 } 692 #endif 693 694 #ifdef VBOX_PERMIT_MORE 695 /* 696 * AppPatch whitelist. 697 */ 698 if (supHardViIsAppPatchDir(pwszName, cwcName)) 699 { 700 cwcOther = g_System32NtPath.UniStr.Length / sizeof(WCHAR); /* ASSUMES System32 is called System32. */ 701 pwsz = pwszName + cwcOther + 1; 702 703 if (supHardViUtf16PathIsEqual(pwsz, "acres.dll")) 704 return VINF_LDRVI_NOT_SIGNED; 705 706 # ifdef RT_ARCH_AMD64 707 if (supHardViUtf16PathIsEqual(pwsz, "AppPatch64\\AcGenral.dll")) 708 return VINF_LDRVI_NOT_SIGNED; 709 # elif defined(RT_ARCH_X86) 710 if (supHardViUtf16PathIsEqual(pwsz, "AcGenral.dll")) 711 return VINF_LDRVI_NOT_SIGNED; 712 # endif 713 714 return rc; 715 } 716 #else 717 # error should not be here... 655 718 #endif 656 719 … … 855 918 */ 856 919 RTLDRMOD hLdrMod; 857 rc = RTLdrOpenWithReader(&pNtViRdr->Core, RTLDR_O_FOR_VALIDATION, 858 fFlags & SUPHNTVI_F_RC_IMAGE ? RTLDRARCH_X86_32 : RTLDRARCH_HOST, 859 &hLdrMod, pErrInfo); 920 RTLDRARCH enmArch = fFlags & SUPHNTVI_F_RC_IMAGE ? RTLDRARCH_X86_32 : RTLDRARCH_HOST; 921 if (fFlags & SUPHNTVI_F_RESOURCE_IMAGE) 922 enmArch = RTLDRARCH_WHATEVER; 923 rc = RTLdrOpenWithReader(&pNtViRdr->Core, RTLDR_O_FOR_VALIDATION, enmArch, &hLdrMod, pErrInfo); 860 924 if (RT_SUCCESS(rc)) 861 925 { -
trunk/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyProcess-win.cpp
r51999 r52030 106 106 * content. The hack means that we only check if the 1st section is mapped. */ 107 107 bool fApiSetSchemaOnlySection1; 108 /** This may be a 32-bit resource DLL. */ 109 bool f32bitResourceDll; 108 110 } SUPHNTVPIMAGE; 109 111 /** Pointer to image info from the virtual address space scan. */ … … 123 125 * more so we can get the image name of the first unwanted DLL. */ 124 126 SUPHNTVPIMAGE aImages[1 + 6 + 1 127 #ifdef VBOX_PERMIT_MORE 128 + 5 129 #endif 125 130 #ifdef VBOX_PERMIT_VISUAL_STUDIO_PROFILING 126 131 + 16 … … 154 159 "apphelp.dll", 155 160 "apisetschema.dll", 161 #ifdef VBOX_PERMIT_MORE 162 # define VBOX_PERMIT_MORE_FIRST_IDX 5 156 163 "sfc.dll", 164 "sfc_os.dll", 165 "user32.dll", 166 "acres.dll", 167 "acgenral.dll", 168 #endif 157 169 #ifdef VBOX_PERMIT_VISUAL_STUDIO_PROFILING 158 170 "psapi.dll", … … 409 421 "%s: Unexpected e_lfanew value: %#x", pImage->pszName, offNtHdrs); 410 422 } 411 PIMAGE_NT_HEADERS pNtHdrs = (PIMAGE_NT_HEADERS)&pThis->abFile[offNtHdrs]; 423 PIMAGE_NT_HEADERS pNtHdrs = (PIMAGE_NT_HEADERS)&pThis->abFile[offNtHdrs]; 424 PIMAGE_NT_HEADERS32 pNtHdrs32 = (PIMAGE_NT_HEADERS32)pNtHdrs; 412 425 if (pNtHdrs->Signature != IMAGE_NT_SIGNATURE) 413 426 return supHardNtVpSetInfo2(pThis, VERR_SUP_VP_BAD_IMAGE_SIGNATURE, … … 418 431 */ 419 432 #ifdef RT_ARCH_AMD64 420 if (pNtHdrs->FileHeader.Machine != IMAGE_FILE_MACHINE_AMD64 )433 if (pNtHdrs->FileHeader.Machine != IMAGE_FILE_MACHINE_AMD64 && !pImage->f32bitResourceDll) 421 434 #else 422 435 if (pNtHdrs->FileHeader.Machine != IMAGE_FILE_MACHINE_I386) … … 424 437 return supHardNtVpSetInfo2(pThis, VERR_SUP_VP_UNEXPECTED_IMAGE_MACHINE, 425 438 "%s: Unexpected machine: %#x", pImage->pszName, pNtHdrs->FileHeader.Machine); 426 427 if (pNtHdrs->FileHeader.SizeOfOptionalHeader != sizeof(pNtHdrs->OptionalHeader)) 439 bool const fIs32Bit = pNtHdrs->FileHeader.Machine == IMAGE_FILE_MACHINE_I386; 440 441 if (pNtHdrs->FileHeader.SizeOfOptionalHeader != (fIs32Bit ? sizeof(IMAGE_OPTIONAL_HEADER32) : sizeof(IMAGE_OPTIONAL_HEADER64))) 428 442 return supHardNtVpSetInfo2(pThis, VERR_SUP_VP_BAD_OPTIONAL_HEADER, 429 443 "%s: Unexpected optional header size: %#x", 430 444 pImage->pszName, pNtHdrs->FileHeader.SizeOfOptionalHeader); 431 445 432 if (pNtHdrs->OptionalHeader.Magic != RT_CONCAT3(IMAGE_NT_OPTIONAL_HDR,ARCH_BITS,_MAGIC))446 if (pNtHdrs->OptionalHeader.Magic != (fIs32Bit ? IMAGE_NT_OPTIONAL_HDR32_MAGIC : IMAGE_NT_OPTIONAL_HDR64_MAGIC)) 433 447 return supHardNtVpSetInfo2(pThis, VERR_SUP_VP_BAD_OPTIONAL_HEADER, 434 448 "%s: Unexpected optional header magic: %#x", pImage->pszName, pNtHdrs->OptionalHeader.Magic); 435 if (pNtHdrs->OptionalHeader.NumberOfRvaAndSizes != IMAGE_NUMBEROF_DIRECTORY_ENTRIES) 449 450 uint32_t cDirs = (fIs32Bit ? pNtHdrs32->OptionalHeader.NumberOfRvaAndSizes : pNtHdrs->OptionalHeader.NumberOfRvaAndSizes); 451 if (cDirs != IMAGE_NUMBEROF_DIRECTORY_ENTRIES) 436 452 return supHardNtVpSetInfo2(pThis, VERR_SUP_VP_BAD_OPTIONAL_HEADER, 437 "%s: Unexpected data dirs: %#x", pImage->pszName, pNtHdrs->OptionalHeader.NumberOfRvaAndSizes);453 "%s: Unexpected data dirs: %#x", pImage->pszName, cDirs); 438 454 439 455 /* … … 444 460 return supHardNtVpSetInfo2(pThis, VERR_SUP_VP_TOO_MANY_SECTIONS, 445 461 "%s: Too many section headers: %#x", pImage->pszName, cSections); 446 suplibHardenedMemCopy(pThis->aSecHdrs, pNtHdrs + 1, cSections * sizeof(IMAGE_SECTION_HEADER)); 447 448 uintptr_t const uImageBase = pNtHdrs->OptionalHeader.ImageBase; 462 suplibHardenedMemCopy(pThis->aSecHdrs, (fIs32Bit ? (void *)(pNtHdrs32 + 1) : (void *)(pNtHdrs + 1)), 463 cSections * sizeof(IMAGE_SECTION_HEADER)); 464 465 uintptr_t const uImageBase = fIs32Bit ? pNtHdrs32->OptionalHeader.ImageBase : pNtHdrs->OptionalHeader.ImageBase; 449 466 if (uImageBase & PAGE_OFFSET_MASK) 450 467 return supHardNtVpSetInfo2(pThis, VERR_SUP_VP_BAD_IMAGE_BASE, 451 468 "%s: Invalid image base: %p", pImage->pszName, uImageBase); 452 469 453 uint32_t const cbImage = pNtHdrs->OptionalHeader.SizeOfImage;470 uint32_t const cbImage = fIs32Bit ? pNtHdrs32->OptionalHeader.SizeOfImage : pNtHdrs->OptionalHeader.SizeOfImage; 454 471 if (RT_ALIGN_32(pImage->cbImage, PAGE_SIZE) != RT_ALIGN_32(cbImage, PAGE_SIZE) && !pImage->fApiSetSchemaOnlySection1) 455 472 return supHardNtVpSetInfo2(pThis, VERR_SUP_VP_BAD_IMAGE_SIZE, … … 457 474 pImage->pszName, cbImage, pImage->cbImage); 458 475 459 uint32_t const cbSectAlign = pNtHdrs->OptionalHeader.SectionAlignment;476 uint32_t const cbSectAlign = fIs32Bit ? pNtHdrs32->OptionalHeader.SectionAlignment : pNtHdrs->OptionalHeader.SectionAlignment; 460 477 if ( !RT_IS_POWER_OF_TWO(cbSectAlign) 461 478 || cbSectAlign < PAGE_SIZE … … 464 481 "%s: Unexpected SectionAlignment value: %#x", pImage->pszName, cbSectAlign); 465 482 466 uint32_t const cbFileAlign = pNtHdrs->OptionalHeader.FileAlignment;483 uint32_t const cbFileAlign = fIs32Bit ? pNtHdrs32->OptionalHeader.FileAlignment : pNtHdrs->OptionalHeader.FileAlignment; 467 484 if (!RT_IS_POWER_OF_TWO(cbFileAlign) || cbFileAlign < 512 || cbFileAlign > PAGE_SIZE || cbFileAlign > cbSectAlign) 468 485 return supHardNtVpSetInfo2(pThis, VERR_SUP_VP_BAD_FILE_ALIGNMENT_VALUE, … … 470 487 pImage->pszName, cbFileAlign, cbSectAlign); 471 488 472 uint32_t const cbHeaders = pNtHdrs->OptionalHeader.SizeOfHeaders; 473 uint32_t const cbMinHdrs = offNtHdrs + sizeof(*pNtHdrs) + sizeof(IMAGE_SECTION_HEADER) * cSections; 489 uint32_t const cbHeaders = fIs32Bit ? pNtHdrs32->OptionalHeader.SizeOfHeaders : pNtHdrs->OptionalHeader.SizeOfHeaders; 490 uint32_t const cbMinHdrs = offNtHdrs + (fIs32Bit ? sizeof(*pNtHdrs32) : sizeof(*pNtHdrs) ) 491 + sizeof(IMAGE_SECTION_HEADER) * cSections; 474 492 if (cbHeaders < cbMinHdrs) 475 493 return supHardNtVpSetInfo2(pThis, VERR_SUP_VP_BAD_SIZE_OF_HEADERS, … … 494 512 "%s: Error reading image header from memory: %#x", pImage->pszName, rcNt); 495 513 if (uImageBase != pImage->uImageBase) 496 pNtHdrs->OptionalHeader.ImageBase = pImage->uImageBase; 514 { 515 if (fIs32Bit) 516 pNtHdrs32->OptionalHeader.ImageBase = (uint32_t)pImage->uImageBase; 517 else 518 pNtHdrs->OptionalHeader.ImageBase = pImage->uImageBase; 519 } 497 520 498 521 rc = supHardNtVpFileMemCompare(pThis, pThis->abFile, pThis->abMemory, cbHeaders, pImage, 0 /*uRva*/); … … 508 531 */ 509 532 pImage->fImageCharecteristics = pNtHdrs->FileHeader.Characteristics; 510 pImage->fDllCharecteristics = pNtHdrs->OptionalHeader.DllCharacteristics;533 pImage->fDllCharecteristics = fIs32Bit ? pNtHdrs32->OptionalHeader.DllCharacteristics : pNtHdrs->OptionalHeader.DllCharacteristics; 511 534 512 535 /* … … 641 664 * disk content. 642 665 */ 643 int rc = supHardenedWinVerifyImageByHandle(hFile, pImage->Name.UniStr.Buffer, 644 pImage->fDll ? 0 : SUPHNTVI_F_REQUIRE_BUILD_CERT, 645 NULL /*pfCacheable*/, pThis->pErrInfo); 666 uint32_t fFlags = pImage->fDll ? 0 : SUPHNTVI_F_REQUIRE_BUILD_CERT; 667 if (pImage->f32bitResourceDll) 668 fFlags |= SUPHNTVI_F_RESOURCE_IMAGE; 669 int rc = supHardenedWinVerifyImageByHandle(hFile, pImage->Name.UniStr.Buffer, fFlags, NULL /*pfCacheable*/, pThis->pErrInfo); 646 670 if (RT_SUCCESS(rc)) 647 671 rc = supHardNtVpVerifyImageCompareMemory(pThis, pImage, hProcess, hFile, pThis->pErrInfo); … … 831 855 #ifndef VBOX_PERMIT_VISUAL_STUDIO_PROFILING 832 856 /* The directory name must match the one we've got for System32. */ 833 if ( cwcDirName * sizeof(WCHAR) != g_System32NtPath.UniStr.Length 834 || suplibHardenedMemComp(pImage->Name.UniStr.Buffer, 835 g_System32NtPath.UniStr.Buffer, 836 cwcDirName * sizeof(WCHAR))) 857 if ( ( cwcDirName * sizeof(WCHAR) != g_System32NtPath.UniStr.Length 858 || suplibHardenedMemComp(pImage->Name.UniStr.Buffer, 859 g_System32NtPath.UniStr.Buffer, 860 cwcDirName * sizeof(WCHAR)) ) 861 # ifdef VBOX_PERMIT_MORE 862 && ( pImage->pszName[0] != 'a' 863 || pImage->pszName[1] != 'c' 864 || !supHardViIsAppPatchDir(pImage->Name.UniStr.Buffer, pImage->Name.UniStr.Length / sizeof(WCHAR)) ) 865 # endif 866 ) 837 867 return supHardNtVpSetInfo2(pThis, VERR_SUP_VP_NON_SYSTEM32_DLL, 838 868 "Expected %ls to be loaded from %ls.", 839 869 pImage->Name.UniStr.Buffer, g_System32NtPath.UniStr.Buffer); 840 #endif 870 # ifdef VBOX_PERMIT_MORE 871 if (g_uNtVerCombined < SUP_NT_VER_W70 && i >= VBOX_PERMIT_MORE_FIRST_IDX) 872 pImage->pszName = NULL; /* hard limit: user32.dll is unwanted prior to w7. */ 873 # endif 874 875 #endif /* VBOX_PERMIT_VISUAL_STUDIO_PROFILING */ 841 876 break; 842 877 } … … 1232 1267 else if (suplibHardenedStrCmp(pThis->aImages[i].pszName, "apisetschema.dll") == 0) 1233 1268 iApiSetSchema = i; 1269 #ifdef VBOX_PERMIT_MORE 1270 else if (suplibHardenedStrCmp(pThis->aImages[i].pszName, "acres.dll") == 0) 1271 pThis->aImages[i].f32bitResourceDll = true; 1272 #endif 1234 1273 if (iNtDll == UINT32_MAX) 1235 1274 return supHardNtVpSetInfo2(pThis, VERR_SUP_VP_NO_NTDLL_MAPPING, -
trunk/src/VBox/HostDrivers/Support/win/SUPR3HardenedMain-win.cpp
r51999 r52030 624 624 g_offSupLibHardenedExeNtName * sizeof(WCHAR)) == 0) 625 625 fFlags |= SUPHNTVI_F_REQUIRE_KERNEL_CODE_SIGNING | SUPHNTVI_F_REQUIRE_SIGNATURE_ENFORCEMENT; 626 #ifdef VBOX_PERMIT_MORE 627 else if (supHardViIsAppPatchDir(uBuf.UniStr.Buffer, uBuf.UniStr.Length / sizeof(WCHAR))) 628 fFlags |= SUPHNTVI_F_ALLOW_CAT_FILE_VERIFICATION; 629 #endif 626 630 #ifdef VBOX_PERMIT_VISUAL_STUDIO_PROFILING 627 631 /* Hack to allow profiling our code with Visual Studio. */
Note:
See TracChangeset
for help on using the changeset viewer.