commit 63fb845fcf6ea02db7933f503948a01fb2f6c2a4 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

virtualbox: Rebase hardened.patch on top of 5.1.22

The merge of the version bump in
6fb9f892382b4b091fc9edcae00e2eb4c0729bda didn't take care of our patch
for the hardening mode and thus enabling VirtualBox without also
force-disabling hardening mode will result in a build error.

While the patch is largely identical with the old version, I've removed
one particular change around the following code:

if (pFsObjState->Stat.st_mode & S_IWOTH)
return supR3HardenedSetError3(VERR_SUPLIB_WORLD_WRITABLE, pErrInfo,
"World writable: '", pszPath, "'");

In the old version of the patch we have checked whether the path is
within the Nix store and suppressed the error return if that's the case.

The reason why I did that in the first place was because we had a bunch
of symlinks which were writable.

In VirtualBox 5.1.22 the code specifically checks whether the file is a
symlink, so we can safely drop our change.

Tested via all of the "virtualbox" NixOS VM subtests and they now all
succeed.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>

aszlig 8 years ago 63fb845f fa6fd34f

+19 -31

1 changed file

expand all

unified split

pkgs

applications

virtualization

virtualbox

hardened.patch

+19 -31

pkgs/applications/virtualization/virtualbox/hardened.patch

··· 1 diff --git a/include/iprt/mangling.h b/include/iprt/mangling.h 2 - index 70c596a..78972ed 100644 3 --- a/include/iprt/mangling.h 4 +++ b/include/iprt/mangling.h 5 - @@ -1068,6 +1068,7 @@ 6 # define RTPathStripSuffix RT_MANGLER(RTPathStripSuffix) 7 # define RTPathStripFilename RT_MANGLER(RTPathStripFilename) 8 # define RTPathStripTrailingSlash RT_MANGLER(RTPathStripTrailingSlash) ··· 10 # define RTPathTemp RT_MANGLER(RTPathTemp) 11 # define RTPathTraverseList RT_MANGLER(RTPathTraverseList) 12 # define RTPathUnlink RT_MANGLER(RTPathUnlink) 13 - @@ -1105,6 +1106,7 @@ 14 # define RTProcGetAffinityMask RT_MANGLER(RTProcGetAffinityMask) 15 # define RTProcGetExecutablePath RT_MANGLER(RTProcGetExecutablePath) 16 # define RTProcGetPriority RT_MANGLER(RTProcGetPriority) ··· 19 # define RTProcQueryParent RT_MANGLER(RTProcQueryParent) 20 # define RTProcQueryUsername RT_MANGLER(RTProcQueryUsername) 21 diff --git a/include/iprt/path.h b/include/iprt/path.h 22 - index 7e42754..b4de4c8 100644 23 --- a/include/iprt/path.h 24 +++ b/include/iprt/path.h 25 - @@ -1049,6 +1049,15 @@ RTDECL(int) RTPathCalcRelative(char *pszPathDst, size_t cbPathDst, 26 RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath); 27 28 /** ··· 39 * 40 * @returns iprt status code. 41 diff --git a/include/iprt/process.h b/include/iprt/process.h 42 - index 2760306..0ce6c92 100644 43 --- a/include/iprt/process.h 44 +++ b/include/iprt/process.h 45 - @@ -313,6 +313,16 @@ RTR3DECL(const char *) RTProcShortName(void); 46 RTR3DECL(char *) RTProcGetExecutablePath(char *pszExecPath, size_t cbExecPath); 47 48 /** ··· 60 * 61 * The way this work is that it will spawn a detached / backgrounded / 62 diff --git a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp 63 - index c39d2f7..896b352 100644 64 --- a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp 65 +++ b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp 66 - @@ -1415,18 +1415,19 @@ static int supR3HardenedVerifyFsObject(PCSUPR3HARDENEDFSOBJSTATE pFsObjState, bo 67 - NOREF(fRelaxed); 68 #else 69 NOREF(fRelaxed); 70 - bool fBad = true; ··· 75 return supR3HardenedSetError3(VERR_SUPLIB_WRITE_NON_SYS_GROUP, pErrInfo, 76 "An unknown (and thus untrusted) group has write access to '", pszPath, 77 "' and we therefore cannot trust the directory content or that of any subdirectory"); 78 - } 79 - 80 - /* 81 - - * World must not have write access. There is no relaxing this rule. 82 - + * World must not have write access. 83 - + * There is no relaxing this rule, except when it comes to the Nix store. 84 - */ 85 - - if (pFsObjState->Stat.st_mode & S_IWOTH) 86 - + if (pFsObjState->Stat.st_mode & S_IWOTH && suplibHardenedStrCmp(pszPath, "/nix/store")) 87 - return supR3HardenedSetError3(VERR_SUPLIB_WORLD_WRITABLE, pErrInfo, 88 - "World writable: '", pszPath, "'"); 89 - 90 diff --git a/src/VBox/Main/src-server/MachineImpl.cpp b/src/VBox/Main/src-server/MachineImpl.cpp 91 - index 95dc9a7..39170bc 100644 92 --- a/src/VBox/Main/src-server/MachineImpl.cpp 93 +++ b/src/VBox/Main/src-server/MachineImpl.cpp 94 - @@ -7326,7 +7326,7 @@ HRESULT Machine::i_launchVMProcess(IInternalSessionControl *aControl, 95 96 /* get the path to the executable */ 97 char szPath[RTPATH_MAX]; ··· 101 szPath[cchBufLeft++] = RTPATH_DELIMITER; 102 szPath[cchBufLeft] = 0; 103 diff --git a/src/VBox/Main/src-server/NetworkServiceRunner.cpp b/src/VBox/Main/src-server/NetworkServiceRunner.cpp 104 - index e9e1ba62..4d1c1e1 100644 105 --- a/src/VBox/Main/src-server/NetworkServiceRunner.cpp 106 +++ b/src/VBox/Main/src-server/NetworkServiceRunner.cpp 107 - @@ -79,7 +79,7 @@ int NetworkServiceRunner::start() 108 109 /* get the path to the executable */ 110 char exePathBuf[RTPATH_MAX]; ··· 114 char *substrBs = strrchr(exePathBuf, '\\'); 115 char *suffix = substrSl ? substrSl : substrBs; 116 diff --git a/src/VBox/Main/src-server/generic/NetIf-generic.cpp b/src/VBox/Main/src-server/generic/NetIf-generic.cpp 117 - index 8559d2a..2177f27 100644 118 --- a/src/VBox/Main/src-server/generic/NetIf-generic.cpp 119 +++ b/src/VBox/Main/src-server/generic/NetIf-generic.cpp 120 @@ -47,7 +47,7 @@ static int NetIfAdpCtl(const char * pcszIfName, const char *pszAddr, const char ··· 126 if (RT_FAILURE(rc)) 127 { 128 LogRel(("NetIfAdpCtl: failed to get program path, rc=%Rrc.\n", rc)); 129 - @@ -90,7 +90,7 @@ static int NetIfAdpCtl(HostNetworkInterface * pIf, const char *pszAddr, const ch 130 int NetIfAdpCtlOut(const char * pcszName, const char * pcszCmd, char *pszBuffer, size_t cBufSize) 131 { 132 char szAdpCtl[RTPATH_MAX]; ··· 135 if (RT_FAILURE(rc)) 136 { 137 LogRel(("NetIfAdpCtlOut: Failed to get program path, rc=%Rrc\n", rc)); 138 - @@ -202,7 +202,7 @@ int NetIfCreateHostOnlyNetworkInterface(VirtualBox *pVirtualBox, 139 progress.queryInterfaceTo(aProgress); 140 141 char szAdpCtl[RTPATH_MAX]; ··· 145 { 146 progress->i_notifyComplete(E_FAIL, 147 diff --git a/src/VBox/Runtime/r3/path.cpp b/src/VBox/Runtime/r3/path.cpp 148 - index be2ad8f..7ddf105 100644 149 --- a/src/VBox/Runtime/r3/path.cpp 150 +++ b/src/VBox/Runtime/r3/path.cpp 151 @@ -81,6 +81,12 @@ RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath) ··· 162 { 163 #if !defined(RT_OS_WINDOWS) && defined(RTPATH_APP_PRIVATE) 164 diff --git a/src/VBox/Runtime/r3/process.cpp b/src/VBox/Runtime/r3/process.cpp 165 - index 7bde6af..2656cae 100644 166 --- a/src/VBox/Runtime/r3/process.cpp 167 +++ b/src/VBox/Runtime/r3/process.cpp 168 @@ -111,6 +111,26 @@ RTR3DECL(char *) RTProcGetExecutablePath(char *pszExecPath, size_t cbExecPath)

··· 1 diff --git a/include/iprt/mangling.h b/include/iprt/mangling.h 2 + index c1daa8f..8618371 100644 3 --- a/include/iprt/mangling.h 4 +++ b/include/iprt/mangling.h 5 + @@ -1440,6 +1440,7 @@ 6 # define RTPathStripSuffix RT_MANGLER(RTPathStripSuffix) 7 # define RTPathStripFilename RT_MANGLER(RTPathStripFilename) 8 # define RTPathStripTrailingSlash RT_MANGLER(RTPathStripTrailingSlash) ··· 10 # define RTPathTemp RT_MANGLER(RTPathTemp) 11 # define RTPathTraverseList RT_MANGLER(RTPathTraverseList) 12 # define RTPathUnlink RT_MANGLER(RTPathUnlink) 13 + @@ -1478,6 +1479,7 @@ 14 # define RTProcGetAffinityMask RT_MANGLER(RTProcGetAffinityMask) 15 # define RTProcGetExecutablePath RT_MANGLER(RTProcGetExecutablePath) 16 # define RTProcGetPriority RT_MANGLER(RTProcGetPriority) ··· 19 # define RTProcQueryParent RT_MANGLER(RTProcQueryParent) 20 # define RTProcQueryUsername RT_MANGLER(RTProcQueryUsername) 21 diff --git a/include/iprt/path.h b/include/iprt/path.h 22 + index 8bd42bc..2c23d3e 100644 23 --- a/include/iprt/path.h 24 +++ b/include/iprt/path.h 25 + @@ -1064,6 +1064,15 @@ RTDECL(int) RTPathCalcRelative(char *pszPathDst, size_t cbPathDst, 26 RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath); 27 28 /** ··· 39 * 40 * @returns iprt status code. 41 diff --git a/include/iprt/process.h b/include/iprt/process.h 42 + index 043653e..1070280 100644 43 --- a/include/iprt/process.h 44 +++ b/include/iprt/process.h 45 + @@ -327,6 +327,16 @@ RTR3DECL(const char *) RTProcShortName(void); 46 RTR3DECL(char *) RTProcGetExecutablePath(char *pszExecPath, size_t cbExecPath); 47 48 /** ··· 60 * 61 * The way this work is that it will spawn a detached / backgrounded / 62 diff --git a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp 63 + index ce0f288..6193108 100644 64 --- a/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp 65 +++ b/src/VBox/HostDrivers/Support/SUPR3HardenedVerify.cpp 66 + @@ -1489,9 +1489,9 @@ static int supR3HardenedVerifyFsObject(PCSUPR3HARDENEDFSOBJSTATE pFsObjState, bo 67 + bool fBad = !fRelaxed || pFsObjState->Stat.st_gid != 2 /*bin*/ || suplibHardenedStrCmp(pszPath, "/usr/lib/iconv"); 68 #else 69 NOREF(fRelaxed); 70 - bool fBad = true; ··· 75 return supR3HardenedSetError3(VERR_SUPLIB_WRITE_NON_SYS_GROUP, pErrInfo, 76 "An unknown (and thus untrusted) group has write access to '", pszPath, 77 "' and we therefore cannot trust the directory content or that of any subdirectory"); 78 diff --git a/src/VBox/Main/src-server/MachineImpl.cpp b/src/VBox/Main/src-server/MachineImpl.cpp 79 + index 320c569..9bfe41f 100644 80 --- a/src/VBox/Main/src-server/MachineImpl.cpp 81 +++ b/src/VBox/Main/src-server/MachineImpl.cpp 82 + @@ -7543,7 +7543,7 @@ HRESULT Machine::i_launchVMProcess(IInternalSessionControl *aControl, 83 84 /* get the path to the executable */ 85 char szPath[RTPATH_MAX]; ··· 89 szPath[cchBufLeft++] = RTPATH_DELIMITER; 90 szPath[cchBufLeft] = 0; 91 diff --git a/src/VBox/Main/src-server/NetworkServiceRunner.cpp b/src/VBox/Main/src-server/NetworkServiceRunner.cpp 92 + index 1e38d99..5e43dda 100644 93 --- a/src/VBox/Main/src-server/NetworkServiceRunner.cpp 94 +++ b/src/VBox/Main/src-server/NetworkServiceRunner.cpp 95 + @@ -85,7 +85,7 @@ int NetworkServiceRunner::start(bool aKillProcOnStop) 96 97 /* get the path to the executable */ 98 char exePathBuf[RTPATH_MAX]; ··· 102 char *substrBs = strrchr(exePathBuf, '\\'); 103 char *suffix = substrSl ? substrSl : substrBs; 104 diff --git a/src/VBox/Main/src-server/generic/NetIf-generic.cpp b/src/VBox/Main/src-server/generic/NetIf-generic.cpp 105 + index 98dc91a..43a819f 100644 106 --- a/src/VBox/Main/src-server/generic/NetIf-generic.cpp 107 +++ b/src/VBox/Main/src-server/generic/NetIf-generic.cpp 108 @@ -47,7 +47,7 @@ static int NetIfAdpCtl(const char * pcszIfName, const char *pszAddr, const char ··· 114 if (RT_FAILURE(rc)) 115 { 116 LogRel(("NetIfAdpCtl: failed to get program path, rc=%Rrc.\n", rc)); 117 + @@ -89,7 +89,7 @@ static int NetIfAdpCtl(HostNetworkInterface * pIf, const char *pszAddr, const ch 118 int NetIfAdpCtlOut(const char * pcszName, const char * pcszCmd, char *pszBuffer, size_t cBufSize) 119 { 120 char szAdpCtl[RTPATH_MAX]; ··· 123 if (RT_FAILURE(rc)) 124 { 125 LogRel(("NetIfAdpCtlOut: Failed to get program path, rc=%Rrc\n", rc)); 126 + @@ -201,7 +201,7 @@ int NetIfCreateHostOnlyNetworkInterface(VirtualBox *pVirtualBox, 127 progress.queryInterfaceTo(aProgress); 128 129 char szAdpCtl[RTPATH_MAX]; ··· 133 { 134 progress->i_notifyComplete(E_FAIL, 135 diff --git a/src/VBox/Runtime/r3/path.cpp b/src/VBox/Runtime/r3/path.cpp 136 + index 944848e..744a261 100644 137 --- a/src/VBox/Runtime/r3/path.cpp 138 +++ b/src/VBox/Runtime/r3/path.cpp 139 @@ -81,6 +81,12 @@ RTDECL(int) RTPathExecDir(char *pszPath, size_t cchPath) ··· 150 { 151 #if !defined(RT_OS_WINDOWS) && defined(RTPATH_APP_PRIVATE) 152 diff --git a/src/VBox/Runtime/r3/process.cpp b/src/VBox/Runtime/r3/process.cpp 153 + index 2aab645..9795f21 100644 154 --- a/src/VBox/Runtime/r3/process.cpp 155 +++ b/src/VBox/Runtime/r3/process.cpp 156 @@ -111,6 +111,26 @@ RTR3DECL(char *) RTProcGetExecutablePath(char *pszExecPath, size_t cbExecPath)