Changeset 95067 in vbox

Timestamp:

May 23, 2022 9:37:30 PM (3 years ago)

Author:

vboxsync

Message:

SUPHardDarwin: Corrected macOS 11+ detection. bugref:9836

File:

• trunk/src/VBox/HostDrivers/Support/darwin/SUPR3HardenedMain-darwin.cpp (modified) (7 diffs)

trunk/src/VBox/HostDrivers/Support/darwin/SUPR3HardenedMain-darwin.cpp

@@ -72 +72 @@
 
 /** @sa dyld_dynamic_interpose(). */
-typedef const mach_header * FNDYLDDYNAMICINTERPOSE(const struct mach_header* mh, PCDYLDINTERPOSE paSym, size_t cSyms);
+typedef const mach_header *FNDYLDDYNAMICINTERPOSE(const struct mach_header *mh, PCDYLDINTERPOSE paSym, size_t cSyms);
+/** Pointer to dyld_dynamic_interpose. */
 typedef FNDYLDDYNAMICINTERPOSE *PFNDYLDDYNAMICINTERPOSE;
 
 /** @sa dlopen(). */
 typedef void *FNDLOPEN(const char *path, int mode);
+/** Pointer to dlopen. */
 typedef FNDLOPEN *PFNDLOPEN;
 
@@ -83 +85 @@
 *   Internal Functions                                                                                                           *
 *********************************************************************************************************************************/
-
-extern "C" void _dyld_register_func_for_add_image(void (*func)(const struct mach_header* mh, intptr_t vmaddr_slide));
-
-static void * supR3HardenedDarwinDlopenInterpose(const char *path, int mode);
+extern "C" void _dyld_register_func_for_add_image(void (*func)(const struct mach_header *mh, intptr_t vmaddr_slide));
+
+static void *supR3HardenedDarwinDlopenInterpose(const char *path, int mode);
 static int supR3HardenedDarwinIssetugidInterpose(void);
 
@@ -93 +94 @@
 *   Global Variables                                                                                                             *
 *********************************************************************************************************************************/
-/** Flag whether macOS 11.x (BigSur) was detected. */
-static bool                    g_fMacOs11 = false;
+/** Flag whether macOS 11.x (BigSur) or later was detected.
+ * See comments in supR3HardenedDarwinDlopenInterpose for details. */
+static bool                    g_fMacOs11Plus = false;
 /** Resolved dyld_dynamic_interpose() value. */
 static PFNDYLDDYNAMICINTERPOSE g_pfnDyldDynamicInterpose = NULL;
@@ -114 +116 @@
  * @sa dlopen() man page.
  */
-static void * supR3HardenedDarwinDlopenInterpose(const char *path, int mode)
+static void *supR3HardenedDarwinDlopenInterpose(const char *path, int mode)
 {
     /*
@@ -137 +139 @@
          * when we run on BigSur. Other paths are still subject to verification.
          */
-        if (   !g_fMacOs11
+        if (   !g_fMacOs11Plus
             || strncmp(path, RT_STR_TUPLE("/System/Library")))
             rc = supR3HardenedVerifyFileFollowSymlinks(path, RTHCUINTPTR_MAX, true /* fMaybe3rdParty */,
@@ -187 +189 @@
  * @param   vmaddr_slide    The slide value for ASLR.
  */
-static DECLCALLBACK(void) supR3HardenedDarwinAddImage(const struct mach_header* mh, intptr_t vmaddr_slide)
+static DECLCALLBACK(void) supR3HardenedDarwinAddImage(const struct mach_header *mh, intptr_t vmaddr_slide)
 {
     RT_NOREF(vmaddr_slide);
 
-    g_pfnDyldDynamicInterpose((const struct mach_header*)mh, &g_aInterposers[0], RT_ELEMENTS(g_aInterposers));
+    g_pfnDyldDynamicInterpose(mh, &g_aInterposers[0], RT_ELEMENTS(g_aInterposers));
 }
 
@@ -212 +214 @@
     int rc = sysctlbyname("kern.osproductversion", &szVers[0], &cbVers, NULL, 0);
     if (   !rc
-        && !memcmp(&szVers[0], RT_STR_TUPLE("10.16")))
-        g_fMacOs11 = true;
+        && memcmp(&szVers[0], RT_STR_TUPLE("10.16")) >= 0)
+        g_fMacOs11Plus = true;
 
     /* Saved to call real dlopen() later on, as we will interpose dlopen() from the main binary in the next step as well. */