VirtualBox

Changeset 66573 in vbox for trunk/src/VBox/HostDrivers


Ignore:
Timestamp:
Apr 14, 2017 1:24:58 PM (8 years ago)
Author:
vboxsync
Message:

supR3HardenedFatalMsgV: close driver, postpone fork. bugref:8838

Location:
trunk/src/VBox/HostDrivers/Support
Files:
7 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp

    r66548 r66573  
    16581658    {
    16591659#ifdef SUP_HARDENED_SUID
     1660        /* Drop any root privileges we might be holding, this won't return
     1661           if it fails but end up calling supR3HardenedFatal[V]. */
     1662        supR3HardenedMainDropPrivileges();
     1663#endif
     1664        /* Close the driver, if we succeeded opening it.  Both because
     1665           TrustedError may be untrustworthy and because the driver deosn't
     1666           like us if we fork().  @bugref{8838} */
     1667        suplibOsTerm(&g_SupPreInitData.Data);
     1668
    16601669        /*
    1661          * Drop any root privileges we might be holding, this won't return
    1662          * if it fails but end up calling supR3HardenedFatal[V].
     1670         * Now try resolve and call the TrustedError entry point if we can find it.
     1671         * Note! Loader involved, so we must guard against loader hooks calling us.
    16631672         */
    1664         supR3HardenedMainDropPrivileges();
    1665 #endif
    1666 
    1667         /*
    1668          * Now try resolve and call the TrustedError entry point if we can
    1669          * find it.  We'll fork before we attempt this because that way the
    1670          * session management in main will see us exiting immediately (if
    1671          * it's involved with us).
    1672          */
     1673        static volatile bool s_fRecursive = false;
     1674        if (!s_fRecursive)
     1675        {
     1676            s_fRecursive = true;
     1677
     1678            PFNSUPTRUSTEDERROR pfnTrustedError = supR3HardenedMainGetTrustedError(g_pszSupLibHardenedProgName);
     1679            if (pfnTrustedError)
     1680            {
     1681                /* We'll fork before we make the call because that way the session management
     1682                   in main will see us exiting immediately (if it's involved with us) and possibly
     1683                   get an error back to the API / user. */
    16731684#if !defined(RT_OS_WINDOWS) && !defined(RT_OS_OS2)
    1674         int pid = fork();
    1675         if (pid <= 0)
    1676 #endif
    1677         {
    1678             static volatile bool s_fRecursive = false; /* Loader hooks may cause recursion. */
    1679             if (!s_fRecursive)
    1680             {
    1681                 s_fRecursive = true;
    1682 
    1683                 PFNSUPTRUSTEDERROR pfnTrustedError = supR3HardenedMainGetTrustedError(g_pszSupLibHardenedProgName);
    1684                 if (pfnTrustedError)
     1685                int pid = fork();
     1686                if (pid <= 0)
     1687#endif
     1688                {
    16851689                    pfnTrustedError(pszWhere, enmWhat, rc, pszMsgFmt, va);
    1686 
    1687                 s_fRecursive = false;
     1690                }
    16881691            }
     1692
     1693            s_fRecursive = false;
    16891694        }
    16901695    }

  • trunk/src/VBox/HostDrivers/Support/darwin/SUPLib-darwin.cpp

    r66526 r66573  
    221221
    222222
    223 #ifndef IN_SUP_HARDENED_R3
    224 
    225223int suplibOsTerm(PSUPLIBDATA pThis)
    226224{
     
    254252
    255253
     254#ifndef IN_SUP_HARDENED_R3
     255
    256256int suplibOsInstall(void)
    257257{

  • trunk/src/VBox/HostDrivers/Support/freebsd/SUPLib-freebsd.cpp

    r62490 r66573  
    120120
    121121
    122 #ifndef IN_SUP_HARDENED_R3
    123 
    124122int suplibOsTerm(PSUPLIBDATA pThis)
    125123{
     
    136134}
    137135
     136
     137#ifndef IN_SUP_HARDENED_R3
    138138
    139139int suplibOsInstall(void)

  • trunk/src/VBox/HostDrivers/Support/linux/SUPLib-linux.cpp

    r66526 r66573  
    146146
    147147
    148 #ifndef IN_SUP_HARDENED_R3
    149 
    150148int suplibOsTerm(PSUPLIBDATA pThis)
    151149{
     
    163161}
    164162
     163
     164#ifndef IN_SUP_HARDENED_R3
    165165
    166166int suplibOsInstall(void)

  • trunk/src/VBox/HostDrivers/Support/os2/SUPLib-os2.cpp

    r62490 r66573  
    105105
    106106
    107 #ifndef IN_SUP_HARDENED_R3
    108 
    109107int suplibOsTerm(PSUPLIBDATA pThis)
    110108{
     
    122120}
    123121
     122
     123#ifndef IN_SUP_HARDENED_R3
    124124
    125125int suplibOsInstall(void)

  • trunk/src/VBox/HostDrivers/Support/solaris/SUPLib-solaris.cpp

    r66526 r66573  
    154154
    155155
    156 #ifndef IN_SUP_HARDENED_R3
    157 
    158156int suplibOsTerm(PSUPLIBDATA pThis)
    159157{
     
    183181}
    184182
     183
     184#ifndef IN_SUP_HARDENED_R3
    185185
    186186int suplibOsInstall(void)

  • trunk/src/VBox/HostDrivers/Support/win/SUPLib-win.cpp

    r62679 r66573  
    636636    return rc;
    637637}
     638#endif /* !IN_SUP_HARDENED_R3 */
    638639
    639640
     
    653654}
    654655
     656
     657#ifndef IN_SUP_HARDENED_R3
    655658
    656659int suplibOsIOCtl(PSUPLIBDATA pThis, uintptr_t uFunction, void *pvReq, size_t cbReq)
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette