Changeset 93466 in vbox for trunk/src/VBox/Additions

Timestamp:

Jan 27, 2022 8:26:16 PM (3 years ago)

Author:

vboxsync

Message:

Additions: Guest Library: Add interface to query if DRM IPC server socket access should be restricted, bugref:10134.

Access to IPC socket is restricted if /VirtualBox/GuestAdd/DRMIpcRestricted
guest property is set and is READ-ONLY for guest. This change is for Linux
Additions only.

File:

• trunk/src/VBox/Additions/common/VBoxGuest/lib/VBoxGuestR3LibDrmClient.cpp (modified) (3 diffs)

trunk/src/VBox/Additions/common/VBoxGuest/lib/VBoxGuestR3LibDrmClient.cpp

@@ -36 +36 @@
 
 #if defined(RT_OS_LINUX)
+# include <VBox/HostServices/GuestPropertySvc.h>
 
 /** Defines the DRM client executable (image). */
@@ -46 +47 @@
 
 /**
- * Returns if the DRM resizing client is needed.
+ * Check if specified guest property exist.
+ *
+ * @returns \c true if the property exists and its flags do match, \c false otherwise.
+ * @param   pszPropName     Guest property name.
+ * @param   fPropFlags      Guest property flags mask to verify if property exist.
+ *                          If \p fPropFlags is 0, flags verification is omitted.
+ */
+static bool vbglR3DrmClientCheckProp(const char *pszPropName, uint32_t fPropFlags)
+{
+    bool fExist = false;
+#if defined(RT_OS_LINUX) && defined(VBOX_WITH_GUEST_PROPS)
+    uint32_t idClient;
+
+    int rc = VbglR3GuestPropConnect(&idClient);
+    if (RT_SUCCESS(rc))
+    {
+        char *pcszFlags = NULL;
+
+        rc = VbglR3GuestPropReadEx(idClient, pszPropName, NULL /* ppszValue */, &pcszFlags, NULL);
+        if (RT_SUCCESS(rc))
+        {
+            /* Check property flags match. */
+            if (fPropFlags)
+            {
+                uint32_t fFlags = 0;
+
+                rc = GuestPropValidateFlags(pcszFlags, &fFlags);
+                fExist = RT_SUCCESS(rc) && (fFlags & fPropFlags);
+            }
+            else
+                fExist = true;
+
+            RTStrFree(pcszFlags);
+        }
+
+        VbglR3GuestPropDisconnect(idClient);
+    }
+#endif /* RT_OS_LINUX */
+    return fExist;
+}
+
+/**
+ * Returns true if the DRM resizing client is needed.
  * This is achieved by querying existence of a guest property.
  *
@@ -53 +96 @@
 VBGLR3DECL(bool) VbglR3DrmClientIsNeeded(void)
 {
-#if defined(RT_OS_LINUX)
-    bool fStartClient = false;
-
-# ifdef VBOX_WITH_GUEST_PROPS
-    uint32_t idClient;
-    int rc = VbglR3GuestPropConnect(&idClient);
-    if (RT_SUCCESS(rc))
-    {
-        fStartClient = VbglR3GuestPropExist(idClient, VBOX_DRMCLIENT_GUEST_PROP_RESIZE /*pszPropName*/);
-        VbglR3GuestPropDisconnect(idClient);
-    }
-# endif
-    return fStartClient;
-
-#else /* !RT_OS_LINUX */
-    return false;
-#endif
+    return vbglR3DrmClientCheckProp(VBOX_DRMCLIENT_GUEST_PROP_RESIZE, 0);
 }
 
 /**
- * Returns if the DRM resizing client already is running.
+ * Returns true if the DRM IPC server socket access should be restricted.
+ *
+ * Restricted access means that only users from a certain group should
+ * be granted with read and write access permission to IPC socket. Check
+ * is done by examining \c VBGLR3DRMIPCPROPRESTRICT guest property. Property
+ * is only considered valid if is read-only for guest. I.e., the following
+ * property should be set on the host side:
+ *
+ *  VBoxManage guestproperty set <VM> /VirtualBox/GuestAdd/DRMIpcRestricted 1 --flags RDONLYGUEST
+ *
+ * @returns \c true if restricted socket access is required, \c false otherwise.
+ */
+VBGLR3DECL(bool) VbglR3DrmRestrictedIpcAccessIsNeeded(void)
+{
+    return vbglR3DrmClientCheckProp(VBGLR3DRMIPCPROPRESTRICT, GUEST_PROP_F_RDONLYGUEST);
+}
+
+/**
+ * Returns true if the DRM resizing client already is running.
  * This is achieved by querying existence of a guest property.
  *