Navigation

← Previous Changeset
Next Changeset →

Changeset 11889

Timestamp:

08/31/08 20:08:32 (3 months ago)

Author:

vboxsync

Message:

VMM/SUP: Added SUPR3HardenedVerifyFile and use it to verify files we load.

Files:

trunk/include/VBox/sup.h (modified) (1 diff)
trunk/src/VBox/HostDrivers/Support/SUPLib.cpp (modified) (1 diff)
trunk/src/VBox/VMM/PDMLdr.cpp (modified) (3 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/include/VBox/sup.h

r11794	r11889
566	566
567	567	/**
568		* Load a module into R0 HC.
	568	* Verifies the integrity of a file, and optionally opens it.
	569	*
	570	* The integrity check is for whether the file is suitable for loading into
	571	* the hypervisor or VM process. The integrity check may include verifying
	572	* the authenticode/elfsign/whatever signature of the file, which can take
	573	* a little while.
	574	*
	575	* @returns VBox status code. On failure it will have printed a LogRel message.
	576	*
	577	* @param pszFilename The file.
	578	* @param pszWhat For the LogRel on failure.
	579	* @param phFile Where to store the handle to the opened file. This is optional, pass NULL
	580	* if the file should not be opened.
	581	*/
	582	SUPR3DECL(int) SUPR3HardenedVerifyFile(const char pszFilename, const char pszWhat, PRTFILE phFile);
	583
	584	/**
	585	* Load a module into R0 HC.
	586	*
	587	* This will verify the file integrity in a similar manner as
	588	* SUPR3HardenedVerifyFile before loading it.
569	589	*
570	590	* @returns VBox status code.

trunk/src/VBox/HostDrivers/Support/SUPLib.cpp

r11794	r11889
1141	1141
1142	1142
	1143	SUPR3DECL(int) SUPR3HardenedVerifyFile(const char pszFilename, const char pszMsg, PRTFILE phFile)
	1144	{
	1145	/*
	1146	* Quick input validation.
	1147	*/
	1148	AssertPtr(pszFilename);
	1149	AssertPtr(pszMsg);
	1150	AssertReturn(!phFile, VERR_NOT_IMPLEMENTED); /** @todo Implement this. The deal is that we make sure the
	1151	file is the same we verified after opening it. */
	1152
	1153	/*
	1154	* Only do the actual check in hardened builds.
	1155	*/
	1156	#ifdef VBOX_WITH_HARDENING
	1157	int rc = supR3HardenedVerifyFile(pszFilename, false /* fFatal */);
	1158	if (RT_FAILURE(rc))
	1159	LogRel(("SUPR3HardenedVerifyFile: %s: Verification of \"%s\" failed, rc=%Rrc\n", pszMsg, rc));
	1160	return rc;
	1161	#else
	1162	return VINF_SUCCESS;
	1163	#endif
	1164	}
	1165
	1166
1143	1167	SUPR3DECL(int) SUPLoadModule(const char pszFilename, const char pszModule, void **ppvImageBase)
1144	1168	{
1145		/*
1146		* Load the module.
1147		* If it's VMMR0.r0 we need to install the IDTE.
1148		*/
1149		int rc = supLoadModule(pszFilename, pszModule, ppvImageBase);
	1169	int rc = VINF_SUCCESS;
	1170	#ifdef VBOX_WITH_HARDENING
	1171	/*
	1172	* Check that the module can be trusted.
	1173	*/
	1174	rc = supR3HardenedVerifyFile(pszFilename, false /* fFatal */);
	1175	#endif
	1176	if (RT_SUCCESS(rc))
	1177	{
	1178	/*
	1179	* Load the module.
	1180	* If it's VMMR0.r0 we need to install the IDTE.
	1181	*/
	1182	rc = supLoadModule(pszFilename, pszModule, ppvImageBase);
1150	1183	#ifdef VBOX_WITH_IDT_PATCHING
1151		if ( RT_SUCCESS(rc)
1152		&& !strcmp(pszModule, "VMMR0.r0"))
1153		{
1154		rc = supInstallIDTE();
1155		if (RT_FAILURE(rc))
1156		SUPFreeModule(*ppvImageBase);
1157		}
	1184	if ( RT_SUCCESS(rc)
	1185	&& !strcmp(pszModule, "VMMR0.r0"))
	1186	{
	1187	rc = supInstallIDTE();
	1188	if (RT_FAILURE(rc))
	1189	SUPFreeModule(*ppvImageBase);
	1190	}
1158	1191	#endif /* VBOX_WITH_IDT_PATCHING */
1159
	1192	}
	1193	else
	1194	LogRel(("SUPLoadModule: Verification of \"%s\" failed, rc=%Rrc\n", rc));
1160	1195	return rc;
1161	1196	}

trunk/src/VBox/VMM/PDMLdr.cpp

r9148	r11889
271	271	* Allocate the module list node and initialize it.
272	272	*/
273		PPDMMOD pModule = (PPDMMOD)RTMemAllocZ(sizeof(*pModule) + cchFilename);
	273	const char *pszSuff = RTLdrGetSuff();
	274	size_t cchSuff = strlen(pszSuff);
	275	PPDMMOD pModule = (PPDMMOD)RTMemAllocZ(sizeof(*pModule) + cchFilename + cchSuff);
274	276	if (!pModule)
275	277	return VERR_NO_MEMORY;
…	…
278	280	memcpy(pModule->szName, pszName, cchName); /* memory is zero'ed, no need to copy terminator :-) */
279	281	memcpy(pModule->szFilename, pszFilename, cchFilename);
	282	memcpy(&pModule->szFilename[cchFilename], pszSuff, cchSuff);
280	283
281	284	/*
282	285	* Load the loader item.
283	286	*/
284		int rc = RTLdrLoad(pszFilename, &pModule->hLdrMod);
	287	int rc = SUPR3HardenedVerifyFile(pModule->szFilename, "pdmR3LoadR3U", NULL);
	288	if (RT_SUCCESS(rc))
	289	rc = RTLdrLoad(pModule->szFilename, &pModule->hLdrMod);
285	290	if (VBOX_SUCCESS(rc))
286	291	{
…	…
448	453	* Open the loader item.
449	454	*/
450		int rc = RTLdrOpen(pszFilename, &pModule->hLdrMod);
	455	int rc = SUPR3HardenedVerifyFile(pszFilename, "PDMR3LoadGC", NULL);
	456	if (RT_SUCCESS(rc))
	457	rc = RTLdrOpen(pszFilename, &pModule->hLdrMod);
451	458	if (VBOX_SUCCESS(rc))
452	459	{

Navigation

Changeset 11889

Legend:

trunk/include/VBox/sup.h

trunk/src/VBox/HostDrivers/Support/SUPLib.cpp

trunk/src/VBox/VMM/PDMLdr.cpp

Download in other formats: