VirtualBox

Changeset 52954 in vbox


Ignore:
Timestamp:
Oct 6, 2014 1:44:22 PM (10 years ago)
Author:
vboxsync
Message:

Tighten the checks on the stub process a little bit (part 1).

Location:
trunk/src/VBox/HostDrivers/Support/win
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/HostDrivers/Support/win/SUPHardenedVerify-win.h

    r52947 r52954  
    5656DECLHIDDEN(int)     supHardenedWinVerifyProcess(HANDLE hProcess, HANDLE hThread, SUPHARDNTVPKIND enmKind,
    5757                                                uint32_t *pcFixes, PRTERRINFO pErrInfo);
     58DECLHIDDEN(int)     supHardNtVpThread(HANDLE hProcess, HANDLE hThread, PRTERRINFO pErrInfo);
     59DECLHIDDEN(int)     supHardNtVpDebugger(HANDLE hProcess, PRTERRINFO pErrInfo);
     60
    5861
    5962DECLHIDDEN(bool)    supHardViUtf16PathIsEqualEx(PCRTUTF16 pawcLeft, size_t cwcLeft, const char *pszRight);

  • trunk/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyProcess-win.cpp

    r52947 r52954  
    10331033 * @param   pErrInfo            Pointer to error info structure. Optional.
    10341034 */
    1035 static int supHardNtVpThread(HANDLE hProcess, HANDLE hThread, PRTERRINFO pErrInfo)
     1035DECLHIDDEN(int) supHardNtVpThread(HANDLE hProcess, HANDLE hThread, PRTERRINFO pErrInfo)
    10361036{
    10371037    /*
     
    10561056
    10571057
    1058 #ifndef VBOX_WITHOUT_DEBUGGER_CHECKS
    10591058/**
    10601059 * Verifies that there isn't a debugger attached to the process.
     
    10641063 * @param   pErrInfo            Pointer to error info structure. Optional.
    10651064 */
    1066 static int supHardNtVpDebugger(HANDLE hProcess, PRTERRINFO pErrInfo)
    1067 {
     1065DECLHIDDEN(int) supHardNtVpDebugger(HANDLE hProcess, PRTERRINFO pErrInfo)
     1066{
     1067#ifndef VBOX_WITHOUT_DEBUGGER_CHECKS
    10681068    /*
    10691069     * Use the ProcessDebugPort request to check there is no debugger
     
    10811081        return supHardNtVpSetInfo1(pErrInfo, VERR_SUP_VP_DEBUGGED,
    10821082                                   "Debugger attached (%#zx)", uPtr);
     1083#endif /* !VBOX_WITHOUT_DEBUGGER_CHECKS */
    10831084    return VINF_SUCCESS;
    10841085}
    1085 #endif /* !VBOX_WITHOUT_DEBUGGER_CHECKS */
    10861086
    10871087
     
    21402140    if (enmKind != SUPHARDNTVPKIND_CHILD_PURIFICATION)
    21412141       rc = supHardNtVpThread(hProcess, hThread, pErrInfo);
    2142 #ifndef VBOX_WITHOUT_DEBUGGER_CHECKS
    21432142    if (RT_SUCCESS(rc))
    21442143        rc = supHardNtVpDebugger(hProcess, pErrInfo);
    2145 #endif
    21462144    if (RT_SUCCESS(rc))
    21472145    {

  • trunk/src/VBox/HostDrivers/Support/win/SUPR3HardenedMain-win.cpp

    r52953 r52954  
    23682368
    23692369/**
     2370 * Checks if the calling thread is the only one in the process.
     2371 *
     2372 * @returns true if we're positive we're alone, false if not.
     2373 */
     2374static bool supR3HardenedWinAmIAlone(void)
     2375{
     2376    ULONG    fAmIAlone = 0;
     2377    ULONG    cbIgn     = 0;
     2378    NTSTATUS rcNt = NtQueryInformationThread(NtCurrentThread(), ThreadAmILastThread, &fAmIAlone, sizeof(fAmIAlone), &cbIgn);
     2379    Assert(NT_SUCCESS(rcNt));
     2380    return NT_SUCCESS(rcNt) && fAmIAlone != 0;
     2381}
     2382
     2383
     2384/**
    23702385 * Simplify NtProtectVirtualMemory interface.
    23712386 *
     
    24282443             */
    24292444
    2430 #if 0 /* For testing purposes. */
    24312445            if (fAmIAlone == ~(ULONG)0)
    2432             {
    2433                 ULONG cbIgn = 0;
    2434                 NTSTATUS rcNt = NtQueryInformationThread(NtCurrentThread(), ThreadAmILastThread,
    2435                                                          &fAmIAlone, sizeof(fAmIAlone), &cbIgn);
    2436                 fAmIAlone = NT_SUCCESS(rcNt) && fAmIAlone != 0;
    2437             }
    2438 #else
    2439             fAmIAlone = 0;
    2440 #endif
     2446                fAmIAlone = supR3HardenedWinAmIAlone();
    24412447            if (fAmIAlone)
    24422448                memcpy(pbApi, s_aPatches[i].pabPatch, s_aPatches[i].cbPatch);
     
    46264632    if (iWhich == 2)
    46274633        supR3HardenedWinOpenStubDevice();
     4634
     4635    /*
     4636     * Make sure we're alone in the stub process before creating the VM process
     4637     * and that there isn't any debuggers attached.
     4638     */
     4639    if (iWhich == 2)
     4640    {
     4641        int rc = supHardNtVpDebugger(NtCurrentProcess(), RTErrInfoInitStatic(&g_ErrInfoStatic));
     4642        if (RT_SUCCESS(rc))
     4643            rc = supHardNtVpThread(NtCurrentProcess(), NtCurrentThread(), RTErrInfoInitStatic(&g_ErrInfoStatic));
     4644        if (RT_FAILURE(rc))
     4645            supR3HardenedFatalMsg("supR3HardenedWinReSpawn", kSupInitOp_Integrity, rc, "%s", g_ErrInfoStatic.szMsg);
     4646    }
     4647
    46284648
    46294649    /*
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette