Changeset 11725

Timestamp:

08/28/08 00:21:47 (3 months ago)

Author:

vboxsync

Message:

#3076: Merged in the branch with the alternate driver authentication method. (34468:HEAD)

Files:

• trunk/Config.kmk (modified) (21 diffs)
• trunk/debian/LocalConfig.kmk (modified) (1 diff)
• trunk/debian/postinst (modified) (2 diffs)
• trunk/debian/rules (modified) (1 diff)
• trunk/include/VBox/sup.h (modified) (1 diff)
• trunk/include/iprt/err.h (modified) (1 diff)
• trunk/include/iprt/localipc.h (added)
• trunk/src/VBox/Debugger/Makefile.kmk (modified) (1 diff)
• trunk/src/VBox/Devices/Makefile.kmk (modified) (3 diffs)
• trunk/src/VBox/Devices/testcase/Makefile.kmk (modified) (1 diff)
• trunk/src/VBox/Frontends/VBoxBFE/Makefile.kmk (modified) (1 diff)
• trunk/src/VBox/Frontends/VBoxBFE/VBoxBFE.cpp (modified) (3 diffs)
• trunk/src/VBox/Frontends/VBoxBFE/VBoxBFEHardened.cpp (added)
• trunk/src/VBox/Frontends/VBoxHeadless/Makefile.kmk (modified) (3 diffs)
• trunk/src/VBox/Frontends/VBoxHeadless/VBoxHeadless.cpp (modified) (3 diffs)
• trunk/src/VBox/Frontends/VBoxHeadless/VBoxHeadlessHardened.cpp (added)
• trunk/src/VBox/Frontends/VBoxSDL/Makefile.kmk (modified) (2 diffs)
• trunk/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp (modified) (2 diffs)
• trunk/src/VBox/Frontends/VBoxSDL/VBoxSDLHardened.cpp (added)
• trunk/src/VBox/Frontends/VirtualBox/Makefile.kmk (modified) (5 diffs)
• trunk/src/VBox/Frontends/VirtualBox/src/hardenedmain.cpp (added)
• trunk/src/VBox/Frontends/VirtualBox/src/main.cpp (modified) (2 diffs)
• trunk/src/VBox/Frontends/VirtualBox4/Makefile.kmk (modified) (8 diffs)
• trunk/src/VBox/Frontends/VirtualBox4/src/hardenedmain.cpp (added)
• trunk/src/VBox/Frontends/VirtualBox4/src/main.cpp (modified) (2 diffs)
• trunk/src/VBox/HostDrivers/Support/Makefile.kmk (modified) (6 diffs)
• trunk/src/VBox/HostDrivers/Support/SUPLib.cpp (modified) (34 diffs)
• trunk/src/VBox/HostDrivers/Support/SUPLibInternal.h (modified) (3 diffs)
• trunk/src/VBox/HostDrivers/Support/SUPR3HardenedIPRT.cpp (added)
• trunk/src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp (added)
• trunk/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp (added)
• trunk/src/VBox/HostDrivers/Support/SUPSvc.cpp (added)
• trunk/src/VBox/HostDrivers/Support/SUPSvcGlobal.cpp (added)
• trunk/src/VBox/HostDrivers/Support/SUPSvcGrant.cpp (added)
• trunk/src/VBox/HostDrivers/Support/SUPSvcInternal.h (added)
• trunk/src/VBox/HostDrivers/Support/darwin/SUPDrv-darwin.cpp (modified) (2 diffs)
• trunk/src/VBox/HostDrivers/Support/darwin/SUPLib-darwin.cpp (modified) (17 diffs)
• trunk/src/VBox/HostDrivers/Support/freebsd/SUPDrv-freebsd.c (modified) (2 diffs)
• trunk/src/VBox/HostDrivers/Support/freebsd/SUPLib-freebsd.cpp (modified) (11 diffs)
• trunk/src/VBox/HostDrivers/Support/linux/Makefile (modified) (1 diff)
• trunk/src/VBox/HostDrivers/Support/linux/SUPDrv-linux.c (modified) (4 diffs)
• trunk/src/VBox/HostDrivers/Support/linux/SUPLib-linux.cpp (modified) (10 diffs)
• trunk/src/VBox/HostDrivers/Support/os2/SUPLib-os2.cpp (modified) (10 diffs)
• trunk/src/VBox/HostDrivers/Support/solaris/SUPDrv-solaris.c (modified) (5 diffs)
• trunk/src/VBox/HostDrivers/Support/solaris/SUPLib-solaris.cpp (modified) (8 diffs)
• trunk/src/VBox/HostDrivers/Support/solaris/mod.sh (modified) (2 diffs)
• trunk/src/VBox/HostDrivers/Support/win/SUPLib-win.cpp (modified) (19 diffs)
• trunk/src/VBox/HostDrivers/Support/win/SUPSvc-win.cpp (added)
• trunk/src/VBox/HostServices/GuestProperties/Makefile.kmk (modified) (1 diff)
• trunk/src/VBox/HostServices/SharedClipboard/Makefile.kmk (modified) (1 diff)
• trunk/src/VBox/HostServices/SharedFolders/Makefile.kmk (modified) (1 diff)
• trunk/src/VBox/HostServices/SharedFolders/testcase/Makefile.kmk (modified) (1 diff)
• trunk/src/VBox/Installer/linux/Makefile.kmk (modified) (6 diffs)
• trunk/src/VBox/Installer/linux/VBox.sh (modified) (2 diffs)
• trunk/src/VBox/Installer/solaris/Makefile.kmk (modified) (14 diffs)
• trunk/src/VBox/Installer/solaris/makepackage.sh (modified) (4 diffs)
• trunk/src/VBox/Installer/solaris/postinstall.sh (modified) (2 diffs)
• trunk/src/VBox/Installer/solaris/vboxdrv.sh (modified) (1 diff)
• trunk/src/VBox/Main/Makefile.kmk (modified) (7 diffs)
• trunk/src/VBox/Runtime/Makefile.kmk (modified) (3 diffs)
• trunk/src/VBox/Runtime/include/internal/magics.h (modified) (2 diffs)
• trunk/src/VBox/Runtime/r3/win/localipc-win.cpp (added)
• trunk/src/VBox/VMM/Makefile.kmk (modified) (1 diff)
• trunk/src/VBox/VMM/testcase/Makefile.kmk (modified) (2 diffs)
• trunk/src/libs/xpcom18a4/Makefile.kmk (modified) (5 diffs)
• trunk/src/recompiler/Makefile.kmk (modified) (4 diffs)

trunk/Config.kmk

@@ -327 +327 @@
-# Enable the new async completion manager
-VBOX_WITH_PDM_ASYNC_COMPLETION = 1
-# Enable use of the $ORIGIN rpath feature. This is the default on
-# Solaris, but not else where for various reasons (ld.so, dist builds).
-ifeq ($(KBUILD_TARGET),solaris)
- VBOX_WITH_ORIGIN = 1
-endif
-# Temporary switch for enabling / disabling the new USB code on Darwin.
-VBOX_WITH_NEW_USB_CODE_ON_DARWIN=1
@@ -354 +349 @@
-if1of ($(KBUILD_TARGET), solaris)
- VBOX_WITH_PYTHON = 1
+endif
+# Enables hardening.
+# Most developers will want to disable this in their LocalConfig.kmk.
+VBOX_WITH_HARDENING = 1
+# Where the application files are (going to be) installed.
+#VBOX_PATH_APP_PRIVATE       = /usr/lib/virtualbox
+ifdef VBOX_WITH_HARDENING
+ if1of ($(KBUILD_TARGET), solaris)
+  VBOX_PATH_APP_PRIVATE      = /opt/VirtualBox
+ else ifeq ($(KBUILD_TARGET),darwin)
+  VBOX_PATH_APP_PRIVATE      = /Applications/VirtualBox.app/Contents/MacOS
+ endif
+endif
+# Where the architecture specific application files are (going to be) installed.
+#VBOX_PATH_APP_PRIVATE_ARCH  = /usr/lib/virtualbox
+ifdef VBOX_WITH_HARDENING
+ if1of ($(KBUILD_TARGET), darwin solaris)
+  VBOX_PATH_APP_PRIVATE_ARCH = $(VBOX_PATH_APP_PRIVATE)
+ endif
+endif
+# Where the shared libraries are (going to be) installed.
+#VBOX_PATH_SHARED_LIBS       = /usr/lib
+ifdef VBOX_WITH_HARDENING
+ if1of ($(KBUILD_TARGET), darwin solaris)
+  VBOX_PATH_SHARED_LIBS      = $(VBOX_PATH_APP_PRIVATE)
+ endif
+endif
+# Where the documentation is (going to be) installed.
+#VBOX_PATH_APP_DOCS         = /usr/share/doc/virtualbox
+ifdef VBOX_WITH_HARDENING
+ if1of ($(KBUILD_TARGET), darwin solaris)
+  VBOX_PATH_APP_DOCS         = $(VBOX_PATH_APP_PRIVATE)
+ endif
+endif
+# The DT_RPATH/DT_RUNPATH to embed into the binaries (ELF).
+# (This one is used for all binaries, there is no need to adjust this
+# depending on the location of the object.)
+#VBOX_WITH_RUNPATH = /usr/lib/virtualbox
+ifdef VBOX_WITH_HARDENING
+ if1of ($(KBUILD_TARGET), solaris)
+  VBOX_WITH_RUNPATH = $(VBOX_PATH_APP_PRIVATE)
+ endif
+endif
+# Enable use of the $ORIGIN DT_RPATH/DT_RUNPATH feature (ELF).
+# Because of the setuid usage on all ELF platforms when hardening the build
+# things gets a bit complicated since the $ORIGIN+setuid policy differs.
+#VBOX_WITH_ORIGIN=1
+ifdef VBOX_WITH_HARDENING
+ if1of ($(KBUILD_TARGET), linux)
+  VBOX_WITH_ORIGIN = 1
+ endif
+else if1of ($(KBUILD_TARGET), solaris) ## @todo add all the ELF dudes here!
+ VBOX_WITH_ORIGIN = 1
+endif
+# Enable the system wide support service/daemon.
+# Work in progress, but required for hardening on Windows.
+#VBOX_WITH_SUPSVC = 1
+ifdef VBOX_WITH_HARDENING
+ if1of ($(KBUILD_TARGET), win)
+  VBOX_WITH_SUPSVC = 1
+ endif
-endif
-
@@ -412 +468 @@
- VBOX_WITH_PDM_ASYNC_COMPLETION=
- VBOX_WITH_KCHMVIEWER=
+ VBOX_WITH_HARDENING=
-endif
-
@@ -426 +483 @@
- VBOX_WITH_PDM_ASYNC_COMPLETION=
- VBOX_WITH_KCHMVIEWER=
+ VBOX_WITH_HARDENING=
-endif
-
@@ -499 +557 @@
- VBOX_WITH_AHCI=
- VBOX_WITH_PDM_ASYNC_COMPLETION=
+ if1of ($(KBUILD_TARGET), darwin)
+  # Disable hardening cause it'll cause unnecessary trouble.
+  VBOX_WITH_HARDENING=
+ endif
-endif
-
@@ -569 +631 @@
-ifndef VBOX_WITH_QT4GUI
- VBOX_WITH_KCHMVIEWER=
+endif
+
+#
+# Check for incompatible combinations.
+#
+ifdef VBOX_WITH_RUNPATH
+ ifdef VBOX_WITH_ORIGIN
+  $(error VBOX_WITH_RUNPATH and VBOX_WITH_ORIGIN are mutually exclusive (lazy bird))
+ endif
-endif
-
@@ -855 +926 @@
- DEFS += VBOX_WITH_64_BITS_GUESTS
-endif
+ifdef VBOX_WITH_HARDENING
+ DEFS += VBOX_WITH_HARDENING
+endif
+ifdef VBOX_PATH_APP_PRIVATE
+ DEFS += RTPATH_APP_PRIVATE=\"$(VBOX_PATH_APP_PRIVATE)\"
+endif
+ifdef VBOX_PATH_APP_PRIVATE_ARCH
+ DEFS += RTPATH_APP_PRIVATE_ARCH=\"$(VBOX_PATH_APP_PRIVATE_ARCH)\"
+endif
+ifdef VBOX_PATH_SHARED_LIBS
+ DEFS += RTPATH_SHARED_LIBS=\"$(VBOX_PATH_SHARED_LIBS)\"
+endif
+ifdef VBOX_PATH_APP_DOCS
+ DEFS += RTPATH_APP_DOCS=\"$(VBOX_PATH_APP_DOCS)\"
+endif
-## @todo eliminate these guys.
-ifdef VBOX_WITH_INTERNAL_NETWORKING
@@ -987 +1073 @@
- LIB_SETTINGS    = $(PATH_LIB)/VBoxSettings.lib
-endif
+VBOX_LIB_SUPHARDENED = $(PATH_LIB)/SUPR3HardenedStatic$(VBOX_SUFF_LIB)
-
-# The kprofile build automagically links with kProfile.
@@ -1131 +1218 @@
- VBOX_DARWIN_DEF_SDK_LDFLAGS   := -mmacosx-version-min=$(VBOX_DEF_MACOSX_VERSION_MIN) -Wl,-syslibroot,$(VBOX_PATH_MACOSX_SDK) $(VBOX_DARWIN_CLASSIC_LINKER)
-endif # target=darwin
+
+#
+# Macro switching between @executable_path and /Applications/VirtualBox.app
+# depending on whether the build is hardened or not (dylib install_name)
+#
+ifndef VBOX_DYLD_EXECUTABLE_PATH
+ ifdef VBOX_WITH_HARDENING
+  VBOX_DYLD_EXECUTABLE_PATH = $(VBOX_PATH_APP_PRIVATE_ARCH)
+ else
+  VBOX_DYLD_EXECUTABLE_PATH = @executable_path
+ endif
+endif
-
-#
@@ -2109 +2208 @@
-TEMPLATE_VBOXR3EXE_CXXFLAGS.kprofile   = $(TEMPLATE_VBOXR3EXE_CXXFLAGS.krelease)
- endif
-
+
+
+
-  TEMPLATE_VBOXR3EXE_LDFLAGS          += '$(VBOX_GCC_RPATH_OPT)$$(VBOX_ORIGIN)'
+  TEMPLATE_VBOXR3EXE_LDFLAGS.linux    += -Wl,-z,origin
- endif
-endif
@@ -2157 +2259 @@
-
-#
+# Template for building hardened Ring-3 executables.
+#
+TEMPLATE_VBOXR3HARDENEDEXE = Hardened VBox Ring-3 EXE
+TEMPLATE_VBOXR3HARDENEDEXE_EXTENDS = VBOXR3EXE
+TEMPLATE_VBOXR3HARDENEDEXE_LIBS = $(VBOX_LIB_SUPHARDENED) $(TEMPLATE_VBOXR3EXE_LIBS)
+TEMPLATE_VBOXR3HARDENEDEXE_LDFLAGS.darwin = $(TEMPLATE_VBOXR3EXE_LDFLAGS.darwin) -framework IOKit
+
+#
+# Template for building hardened Ring-3 libraries.
+#
+TEMPLATE_VBOXR3HARDENEDLIB = Hardened VBox Ring-3 LIB
+TEMPLATE_VBOXR3HARDENEDLIB_EXTENDS = VBOXR3HARDENEDEXE
+TEMPLATE_VBOXR3HARDENEDLIB_LIBS = $(NO_SUCH_VARIABLE)
+
+#
-# Ring-3 testcase.
-# This is the VBOXR3EXE template only with a different install dir.
@@ -2164 +2281 @@
-TEMPLATE_VBOXR3TSTEXE_INST    = $(INST_TESTCASE)
-TEMPLATE_VBOXR3TSTEXE_LIBS    = $(LIB_RUNTIME) $(TEMPLATE_VBOXR3EXE_LIBS)
-
-
+
+
+
+
-endif
-ifeq ($(KBUILD_TARGET),win)
@@ -2373 +2492 @@
-TEMPLATE_VBOXMAINEXE_CXXFLAGS           += $(VBOX_DARWIN_DEF_SDK_CXXFLAGS)
-TEMPLATE_VBOXMAINEXE_OBJCFLAGS          += $(VBOX_DARWIN_DEF_SDK_OBJCFLAGS)
-
+
+
-TEMPLATE_VBOXMAINEXE_LIBS                = $(LIB_RUNTIME)
- else if1of ($(KBUILD_TARGET), freebsd netbsd openbsd)
@@ -2386 +2506 @@
-TEMPLATE_VBOXMAINEXE_LIBS                =
- endif
-
+
+
+
-TEMPLATE_VBOXMAINEXE_LDFLAGS            += '$(VBOX_GCC_RPATH_OPT)$$(VBOX_ORIGIN)'
+TEMPLATE_VBOXMAINEXE_LDFLAGS.linux      += -Wl,-z,origin
- endif
-
@@ -2421 +2544 @@
-# This differs from VBOXMAINEXE only in PIC handling and similar DLL stuff.
-#
-
-TEMPLATE_VBOXMAINDLL  = VBox Main Component (shared library)
-TEMPLATE_VBOXMAINDLL_EXTENDS = VBOXMAINEXE
@@ -2432 +2554 @@
- endif
-endif
-
-
+
-        -current_version $(VBOX_VERSION_MAJOR).$(VBOX_VERSION_MINOR).$(VBOX_VERSION_BUILD)
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-#
@@ -2464 +2624 @@
- TEMPLATE_VBOXMAINCLIENTEXE_CXXFLAGS.linux = $(TEMPLATE_VBOXMAINEXE_CXXFLAGS.linux) \
-        -pthread
- ifeq ($(KBUILD_TARGET),darwin)
-  TEMPLATE_VBOXMAINCLIENTEXE_LDFLAGS = $(TEMPLATE_VBOXMAINEXE_LDFLAGS) -bind_at_load -framework Carbon
- endif
-endif
-
@@ -2484 +2641 @@
- endif
-endif
-
-
-
+
-
-
@@ -2572 +2727 @@
-  TEMPLATE_VBOXQTGUIEXE_CXXFLAGS += $(VBOX_DARWIN_DEF_SDK_CXXFLAGS)
-  TEMPLATE_VBOXQTGUIEXE_OBJCFLAGS += $(VBOX_DARWIN_DEF_SDK_OBJCFLAGS)
- += $(VBOX_DARWIN_DEF_SDK_LDFLAGS) -framework Carbon -framework QuickTime
+.darwin +=
-  TEMPLATE_VBOXQTGUIEXE_LIBS +=
-  TEMPLATE_VBOXQTGUIEXE_LIBPATH +=
@@ -2605 +2760 @@
-  endif
- endif
-
+
+
+
+
+
+
+
-  ifeq ($(KBUILD_TARGET),solaris)
-   TEMPLATE_VBOXQTGUIEXE_LDFLAGS += '$(VBOX_GCC_RPATH_OPT)$$(VBOX_ORIGIN):$$(VBOX_ORIGIN)/qtgcc/lib'
@@ -2644 +2805 @@
-TEMPLATE_VBOXQTGUI_LIBS = $(filter-out $(QTMAIN),$(TEMPLATE_VBOXQTGUIEXE_LIBS))
-ifeq ($(KBUILD_TARGET),darwin)
- = $(filter-out -framework Carbon -framework QuickTime -bind_at_load,$(TEMPLATE_VBOXQTGUIEXE_LDFLAGS
+.darwin = $(filter-out -bind_at_load,$(TEMPLATE_VBOXQTGUIEXE_LDFLAGS.darwin
-        -current_version $(VBOX_VERSION_MAJOR).$(VBOX_VERSION_MINOR).$(VBOX_VERSION_BUILD)
-endif

trunk/debian/LocalConfig.kmk

@@ -26 +26 @@
-KBUILD_MSG_STYLE        := brief
-
-
-
-
-
+
+
+
+
+
+
+

trunk/debian/postinst

@@ -39 +39 @@
-  udev_ver=`expr "$udev_out" : '[^0-9]*\([0-9]*\)'`
-  if [ "$udev_ver" = "" -o "$udev_ver" -lt 55 ]; then
-vboxusers", MODE="066
+root", MODE="060
-      > /etc/udev/rules.d/60-vboxdrv.rules
-  else
-vboxusers", MODE="066
+root", MODE="060
-      > /etc/udev/rules.d/60-vboxdrv.rules
-  fi
@@ -90 +90 @@
-fi
-
+# The starters need to be Suid root. They drop the privileges before starting
+# the real frontend.
+if ! dpkg-statoverride --list /usr/lib/virtualbox-ose/VirtualBox > /dev/nnull 2>&1; then
+  chmod 4711 /usr/lib/virtualbox-ose/VirtualBox
+fi
+if ! dpkg-statoverride --list /usr/lib/virtualbox-ose/VBoxHeadless > /dev/nnull 2>&1; then
+  chmod 4711 /usr/lib/virtualbox-ose/VBoxHeadless
+fi
+if ! dpkg-statoverride --list /usr/lib/virtualbox-ose/VBoxSDL > /dev/nnull 2>&1; then
+  chmod 4711 /usr/lib/virtualbox-ose/VBoxSDL
+fi
+
-#DEBHELPER#
-

trunk/debian/rules

@@ -167 +167 @@
-        mv $(archdir)/VBoxXPCOMIPCD $(prefix)/usr/lib/$(package)
-        mv $(archdir)/components $(prefix)/usr/lib/$(package)/components
-
-
+/$(package)
+/$(package)
-        mv $(archdir)/sdk  $(prefix)/usr/share/$(package)
-        $(if $(HEADLESS),,mv $(archdir)/nls $(prefix)/usr/share/$(package))

trunk/include/VBox/sup.h

@@ -312 +312 @@
-
-/**
+ * Secure main.
+ *
+ * This is used for the set-user-ID-on-execute binaries on unixy systems
+ * and when using the open-vboxdrv-via-root-service setup on Windows.
+ *
+ * This function will perform the integrity checks of the VirtualBox
+ * installation, open the support driver, open the root service (later),
+ * and load the DLL corresponding to \a pszProgName and execute its main
+ * function.
+ *
+ * @returns Return code appropriate for main().
+ *
+ * @param   pszProgName     The program name. This will be used to figure out which
+ *                          DLL/SO/DYLIB to load and execute.
+ * @param   fFlags          Flags.
+ * @param   argc            The argument count.
+ * @param   argv            The argument vector.
+ * @param   envp            The environment vector.
+ */
+DECLHIDDEN(int) SUPR3HardenedMain(const char *pszProgName, uint32_t fFlags, int argc, char **argv, char **envp);
+
+/** @name SUPR3SecureMain flags.
+ * @{ */
+/** Don't open the device. (Intended for VirtualBox without -startvm.) */
+#define SUPSECMAIN_FLAGS_DONT_OPEN_DEV      RT_BIT_32(0)
+/** @} */
+
+/**
- * Initializes the support library.
- * Each succesful call to SUPInit() must be countered by a

trunk/include/iprt/err.h

@@ -449 +449 @@
-/** The timer can't be stopped because i's already suspended. */
-#define VERR_TIMER_SUSPENDED                (-69)
-
+ (copy) or another thread (local ipc)
-#define VERR_CANCELLED                      (-70)
-/** Failed to initialize a memory object.

trunk/src/VBox/Debugger/Makefile.kmk

@@ -121 +121 @@
-        VBoxDbgStats.cpp
-
-@executable_path
+$(VBOX_DYLD_EXECUTABLE_PATH)
-
-VBoxDbg_LIBS = \

trunk/src/VBox/Devices/Makefile.kmk

@@ -102 +102 @@
-        $(L4_LIBDIR)/libl4sys.p.a
-endif
-@executable_path
+$(VBOX_DYLD_EXECUTABLE_PATH)
-ifdef VBOX_WITH_USB
- ifdef VBOX_WITH_NEW_USB_CODE_ON_DARWIN
@@ -190 +190 @@
-VBoxDD_LIBS.darwin     += \
-        $(LIB_REM)
-@executable_path
+$(VBOX_DYLD_EXECUTABLE_PATH)
-        -framework CoreAudio \
-        -framework IOKit \
@@ -230 +230 @@
-endif
-VBoxDD2_LIBS.darwin    += $(LIB_REM)
-@executable_path
+$(VBOX_DYLD_EXECUTABLE_PATH)
-VBoxDD2_LDFLAGS.linux   = -Wl,--no-undefined
-VBoxDD2_LDFLAGS.l4      = -Wl,--no-undefined

trunk/src/VBox/Devices/testcase/Makefile.kmk

@@ -115 +115 @@
-$(PATH_TARGET)/tstDeviceStructSizeGC.h: $$(INSTARGET_tstDeviceStructSizeGC)
-        $(call MSG_GENERATE,,$@)
--- $(INSTARGET_tstDeviceStructSizeGC)
+$(if $(eq $(KBUILD_TARGET),darwin),-E 'DYLD_LIBRARY_PATH=$(dir $^)') -- $^
-
-# 3. run it.
-$(PATH_TARGET)/tstDeviceStructSize.run: $$(INSTARGET_tstDeviceStructSize)
-        $(QUIET)$(RM) -f $@
-
+(if $(eq $(KBUILD_TARGET),darwin),$(REDIRECT) -E 'DYLD_LIBRARY_PATH=$(dir $^)' --) $
-        $(QUIET)$(APPEND) "$@" "done"
-

trunk/src/VBox/Frontends/VBoxBFE/Makefile.kmk

@@ -28 +28 @@
-include $(KBUILD_PATH)/subheader.kmk
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-#
-# VBoxBFE
-#
-
+
+
-#ifdef VBOX_WITH_SECURELABEL
-#VBoxBFE_DEFS += VBOX_SECURELABEL

trunk/src/VBox/Frontends/VBoxBFE/VBoxBFE.cpp

@@ -415 +415 @@
-
-/** entry point */
-int main(int argc, char **argv
+extern "C" DECLEXPORT(int) TrustedMain (int argc, char **argv, char **envp
-{
-#ifdef RT_OS_L4
-#ifndef L4API_l4v2onv4
-    /* clear Fiasco kernel trace buffer */
-    fiasco_tbuf_clear();
-#endif
-    /* set the environment.  Must be done before the runtime is
-       initialised.  Yes, it really must. */
-    for (int i = 0; i < argc; i++)
-        if (strcmp(argv[i], "-env") == 0)
-        {
-            if (++i >= argc)
-                return SyntaxError("missing argument to -env (format: var=value)!\n");
-            /* add it to the environment */
-            if (putenv(argv[i]) != 0)
-                return SyntaxError("Error setting environment string %s.\n", argv[i]);
-        }
-#endif /* RT_OS_L4 */
-
-    /*
-     * Before we do *anything*, we initialize the runtime.
-     */
-    int rc = RTR3Init();
-    if (VBOX_FAILURE(rc))
-        return FatalError("RTR3Init failed rc=%Vrc\n", rc);
-
-
-    bool fFullscreen = false;
-#ifdef VBOX_VRDP
@@ -455 +429 @@
-    uint32_t u32MaxVRAM;
-#endif
+    int rc = VINF_SUCCESS;
-
-    RTPrintf("VirtualBox Simple SDL GUI built %s %s\n", __DATE__, __TIME__);
@@ -1011 +986 @@
-
-
+#ifndef VBOX_WITH_HARDENING
+/**
+ * Main entry point.
+ */
+int main(int argc, char **argv)
+{
+# ifdef RT_OS_L4
+# ifndef L4API_l4v2onv4
+    /* clear Fiasco kernel trace buffer */
+    fiasco_tbuf_clear();
+# endif
+    /* set the environment.  Must be done before the runtime is
+       initialised.  Yes, it really must. */
+    for (int i = 0; i < argc; i++)
+        if (strcmp(argv[i], "-env") == 0)
+        {
+            if (++i >= argc)
+                return SyntaxError("missing argument to -env (format: var=value)!\n");
+            /* add it to the environment */
+            if (putenv(argv[i]) != 0)
+                return SyntaxError("Error setting environment string %s.\n", argv[i]);
+        }
+# endif /* RT_OS_L4 */
+
+    /*
+     * Before we do *anything*, we initialize the runtime.
+     */
+    int rc = RTR3Init();
+    if (VBOX_FAILURE(rc))
+        return FatalError("RTR3Init failed rc=%Vrc\n", rc);
+
+    return TrustedMain(argc, argv, NULL);
+}
+#endif /* !VBOX_WITH_HARDENING */
+
-
-/**

trunk/src/VBox/Frontends/VBoxHeadless/Makefile.kmk

@@ -28 +28 @@
-include $(KBUILD_PATH)/subheader.kmk
-
-PROGRAMS += VBoxHeadless
-include $(PATH_SUB_CURRENT)/testcase/Makefile.kmk
-ifdef VBOX_WITH_FFMPEG
@@ -34 +33 @@
-endif
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-VBoxHeadless_DEFS       = VBOX_FFMPEG
-VBoxHeadless_SOURCES    = VBoxHeadless.cpp
@@ -41 +62 @@
- VBoxHeadless_SOURCES  += Framebuffer.cpp
-endif
+ifdef VBOX_WITH_HARDENING
+ VBoxHeadless_LDFLAGS.darwin += -install_name $(VBOX_DYLD_EXECUTABLE_PATH)/VBoxHeadless.dylib
+endif
-
-include $(KBUILD_PATH)/subfooter.kmk

trunk/src/VBox/Frontends/VBoxHeadless/VBoxHeadless.cpp

@@ -406 +406 @@
- *  Entry point.
- */
-int main (int argc, char **argv
+extern "C" DECLEXPORT (int) TrustedMain (int argc, char **argv, char **envp
-{
-#ifdef VBOX_WITH_VRDP
@@ -430 +430 @@
-    /** @todo this should really be taken care of in Main. */
-    RTEnvUnset("DISPLAY");
-    // initialize VBox Runtime
-    RTR3Init(true, ~(size_t)0);
-
-    LogFlow (("VBoxHeadless STARTED.\n"));
@@ -938 +936 @@
-}
-
+
+#ifndef VBOX_WITH_HARDENING
+/**
+ * Main entry point.
+ */
+int main (int argc, char **argv, char **envp)
+{
+    // initialize VBox Runtime
+    RTR3Init (true, ~(size_t)0);
+    return TrustedMain (argc, argv, envp);
+}
+#endif /* !VBOX_WITH_HARDENING */
+

trunk/src/VBox/Frontends/VBoxSDL/Makefile.kmk

@@ -28 +28 @@
-include $(KBUILD_PATH)/subheader.kmk
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
@@ -34 +54 @@
-# VBoxSDL
-#
-
-
+
-VBoxSDL_SDKS       = LIBSDL
-VBoxSDL_SOURCES    = \

trunk/src/VBox/Frontends/VBoxSDL/VBoxSDL.cpp

@@ -946 +946 @@
-
-/** entry point */
-
+
+
-{
-    /*
-     * Before we do *anything*, we initialize the runtime.
-     */
-    int rcRT = RTR3Init(true, ~(size_t)0);
-    if (VBOX_FAILURE(rcRT))
-    {
-        RTPrintf("Error: RTR3Init failed rcRC=%d\n", rcRT);
-        return 1;
-    }
-
-#ifdef VBOXSDL_WITH_X11
-    /*
@@ -2926 +2917 @@
-    return FAILED (rc) ? 1 : 0;
-}
+
+
+#ifndef VBOX_WITH_HARDENING
+/**
+ * Main entry point
+ */
+int main(int argc, char **argv)
+{
+    /*
+     * Before we do *anything*, we initialize the runtime.
+     */
+    int rcRT = RTR3Init(true, ~(size_t)0);
+    if (VBOX_FAILURE(rcRT))
+    {
+        RTPrintf("Error: RTR3Init failed rcRC=%d\n", rcRT);
+        return 1;
+    }
+    return TrustedMain(argc, argv, NULL);
+}
+#endif /* !VBOX_WITH_HARDENING */
+
-
-/**

trunk/src/VBox/Frontends/VirtualBox/Makefile.kmk

@@ -34 +34 @@
-# The targets.
-#
-
+
+
+
+
+
+
-ifeq ($(filter-out freebsd linux openbsd netbsd solaris,$(KBUILD_TARGET)),) # X11
-
-
++
++
-endif
-DLLS.os2 += VBoxHlp
-ifndef USE_KBUILD_QT3_UNIT
-
++
-endif
-
@@ -104 +109 @@
-        $(call MSG_TOOL,tar/gzip,,$@)
-        $(QUIET)cd $(PATH_TARGET) && tar -chf - $(addprefix $(SOURCE_DIRECTORY)/,$(subst $(DIRECTORY_PREFIX),,$(VBoxKeyboard3_TARSOURCES))) | gzip - > $@
+
+
+#
+# Hardened VirtualBox4.
+#
+VirtualBox3Hardened_TEMPLATE = VBOXR3HARDENEDEXE
+VirtualBox3Hardened_SOURCES = src/hardenedmain.cpp
+VirtualBox3Hardened_NAME = VirtualBox3
+ifeq ($(KBUILD_TARGET),darwin) ## @todo use .darwin when ticket 36 has been fixed.
+ #VirtualBox3Hardened_INST.darwin = $(INST_BIN)VirtualBox3 $(INST_BIN)VirtualBoxVM3
+ VirtualBox3Hardened_INST = $(INST_BIN)VirtualBox3 $(INST_BIN)VirtualBoxVM3
+endif
-
-
@@ -163 +180 @@
-# VirtualBox - The GUI program.
-#
-= VBOXQTGUIEXE
+:= $(if $(VBOX_WITH_HARDENING),VBOXQTGUI,VBOXQTGUIEXE)
-VirtualBox_NAME     = VirtualBox3
+ifndef VBOX_WITH_HARDENING # For the launch trick we need different inode numbers.
+ ifeq ($(KBUILD_TARGET),darwin) ## @todo use .darwin when ticket 36 has been fixed.
+  #VirtualBox_INST.darwin = $(INST_BIN)VirtualBox3 $(INST_BIN)VirtualBoxVM3
+  VirtualBox_INST = $(INST_BIN)VirtualBox3 $(INST_BIN)VirtualBoxVM3
+ endif
+endif
-ifdef USE_KBUILD_QT3_UNIT
- USES += qt3
@@ -177 +200 @@
-endif
-
-
-
-
-
-
-
-
-
+
+
+
+
-
-# Import translation sources
@@ -405 +424 @@
-endif
-VirtualBox_LDFLAGS.os2    = -Zlinker /PM:PM -Zno-fork
-
+
+
+
-ifdef VBOX_WITH_ICHAT_THEATER
- VirtualBox_LDFLAGS.darwin += -framework Foundation -framework AppKit -framework InstantMessage -framework QuartzCore

trunk/src/VBox/Frontends/VirtualBox/src/main.cpp

@@ -114 +114 @@
-}
-
-int main (int argc, char **argv
+extern "C" DECLEXPORT(int) TrustedMain (int argc, char **argv, char **envp
-{
-    /* Initialize VBox Runtime. Initialize the Suplib+GC as well only if we
-     * are really about to start a VM. Don't do this if we are only starting
-     * the selector window. */
-    bool fInitGC = false;
-    for (int i = 0; i < argc; i++)
-    {
-        if (!::strcmp(argv[i], "-startvm" ))
-        {
-            fInitGC = true;
-            break;
-        }
-    }
-    RTR3Init (fInitGC, ~(size_t)0);
-
-    LogFlowFuncEnter();
-
@@ -281 +267 @@
-    return rc;