diff options
Diffstat (limited to '')
| -rw-r--r-- | src/VBox/Main/Certificates/microsoft_corporation_kek_2k_ca_2023.crt | bin | 0 -> 1462 bytes | |||
| -rw-r--r-- | src/VBox/Main/Certificates/microsoft_uefi_ca_2023.crt | bin | 0 -> 1448 bytes | |||
| -rw-r--r-- | src/VBox/Main/Certificates/windows_uefi_ca_2023.crt | bin | 0 -> 1454 bytes | |||
| -rw-r--r-- | src/VBox/Main/Makefile.kmk | 16 | ||||
| -rw-r--r-- | src/VBox/Main/include/GuestSessionImplTasks.h | 2 | ||||
| -rw-r--r-- | src/VBox/Main/include/TrustAnchorsAndCerts.h | 17 | ||||
| -rw-r--r-- | src/VBox/Main/include/netif.h | 7 | ||||
| -rw-r--r-- | src/VBox/Main/src-client/ConsoleImpl.cpp | 17 | ||||
| -rw-r--r-- | src/VBox/Main/src-client/ConsoleImpl2.cpp | 114 | ||||
| -rw-r--r-- | src/VBox/Main/src-client/GuestSessionImplTasks.cpp | 190 | ||||
| -rw-r--r-- | src/VBox/Main/src-client/RecordingStream.cpp | 10 | ||||
| -rw-r--r-- | src/VBox/Main/src-server/UefiVariableStoreImpl.cpp | 19 | ||||
| -rw-r--r-- | src/VBox/Main/src-server/linux/NetIf-linux.cpp | 21 |
13 files changed, 257 insertions, 156 deletions
diff --git a/src/VBox/Main/Certificates/microsoft_corporation_kek_2k_ca_2023.crt b/src/VBox/Main/Certificates/microsoft_corporation_kek_2k_ca_2023.crt Binary files differnew file mode 100644 index 00000000..e6ffb4f9 --- /dev/null +++ b/src/VBox/Main/Certificates/microsoft_corporation_kek_2k_ca_2023.crt diff --git a/src/VBox/Main/Certificates/microsoft_uefi_ca_2023.crt b/src/VBox/Main/Certificates/microsoft_uefi_ca_2023.crt Binary files differnew file mode 100644 index 00000000..39a91b31 --- /dev/null +++ b/src/VBox/Main/Certificates/microsoft_uefi_ca_2023.crt diff --git a/src/VBox/Main/Certificates/windows_uefi_ca_2023.crt b/src/VBox/Main/Certificates/windows_uefi_ca_2023.crt Binary files differnew file mode 100644 index 00000000..4c5430b2 --- /dev/null +++ b/src/VBox/Main/Certificates/windows_uefi_ca_2023.crt diff --git a/src/VBox/Main/Makefile.kmk b/src/VBox/Main/Makefile.kmk index 5711816d..00bab609 100644 --- a/src/VBox/Main/Makefile.kmk +++ b/src/VBox/Main/Makefile.kmk @@ -440,19 +440,23 @@ if !defined(VBOX_ONLY_SDK) && !defined(VBOX_ONLY_EXTPACKS) # Note this goes on f # # Trust anchors and certificates -> .cpp + # Source for the Microsoft Certificates: https://github.com/microsoft/secureboot_objects # VBOX_SVC_CERTS_FILE = $(VBoxSVC_0_OUTDIR)/TrustAnchorsAndCerts.cpp VBOX_SVC_CERTS := \ UefiMicrosoftKek=MicCorKEKCA2011_2011-06-24.crt \ - UefiMicrosoftCa=MicCorUEFCA2011_2011-06-27.crt \ - UefiMicrosoftProPca=MicWinProPCA2011_2011-10-19.crt \ + UefiMicrosoftKek2023=microsoft_corporation_kek_2k_ca_2023.crt \ + UefiMicrosoft3rdCa=MicCorUEFCA2011_2011-06-27.crt \ + UefiMicrosoft3rdCa2023=microsoft_uefi_ca_2023.crt \ + UefiMicrosoftWinCa=MicWinProPCA2011_2011-10-19.crt \ + UefiMicrosoftWinCa2023=windows_uefi_ca_2023.crt \ UefiOracleDefPk=OrclUefiDefPk2021_2021-09-29.crt - VBOX_SVC_CERT_NAMES := $(foreach cert,$(VBOX_SVC_CERTS),$(firstword $(subst =,$(SPACE) ,$(cert)))) + VBOX_SVC_CERT_NAMES := $(foreach cert,$(VBOX_SVC_CERTS),$(firstword $(subst =,$(SP),$(cert)))) VBOX_SVC_PATH_CERTIFICATES := $(PATH_SUB_CURRENT)/Certificates $$(VBOX_SVC_CERTS_FILE): $(MAKEFILE_CURRENT) \ - $(foreach cert,$(VBOX_SVC_CERTS),$(VBOX_SVC_PATH_CERTIFICATES)/$(lastword $(subst =,$(SPACE) ,$(cert)))) \ + $(foreach cert,$(VBOX_SVC_CERTS),$(VBOX_SVC_PATH_CERTIFICATES)/$(lastword $(subst =,$(SP),$(cert)))) \ $(VBOX_BIN2C) \ | $$(dir $$@) $(QUIET)$(RM) -f -- $@ @@ -461,8 +465,8 @@ if !defined(VBOX_ONLY_SDK) && !defined(VBOX_ONLY_EXTPACKS) # Note this goes on f '#include "TrustAnchorsAndCerts.h"' \ '' $(foreach cert,$(VBOX_SVC_CERTS), $(NLTAB)$(VBOX_BIN2C) -ascii --append \ - "$(firstword $(subst =,$(SP) ,$(cert)))" \ - "$(VBOX_SVC_PATH_CERTIFICATES)/$(lastword $(subst =,$(SP) ,$(cert)))" \ + "$(firstword $(subst =,$(SP),$(cert)))" \ + "$(VBOX_SVC_PATH_CERTIFICATES)/$(lastword $(subst =,$(SP),$(cert)))" \ "$@") OTHER_CLEAN += $(VBOX_SVC_CERTS_FILE) diff --git a/src/VBox/Main/include/GuestSessionImplTasks.h b/src/VBox/Main/include/GuestSessionImplTasks.h index d32cd8b3..463ad443 100644 --- a/src/VBox/Main/include/GuestSessionImplTasks.h +++ b/src/VBox/Main/include/GuestSessionImplTasks.h @@ -419,6 +419,8 @@ protected: int addProcessArguments(ProcessArguments &aArgumentsDest, const ProcessArguments &aArgumentsSource); int copyFileToGuest(GuestSession *pSession, RTVFS hVfsIso, Utf8Str const &strFileSource, const Utf8Str &strFileDest, bool fOptional); int runFileOnGuest(GuestSession *pSession, GuestProcessStartupInfo &procInfo, bool fSilent = false); + HRESULT setUpdateErrorMsg(HRESULT hrc, const Utf8Str &strMsg); + HRESULT setUpdateErrorMsg(HRESULT hrc, const Utf8Str &strMsg, const GuestErrorInfo &guestErrorInfo); int checkGuestAdditionsStatus(GuestSession *pSession, eOSType osType); int waitForGuestSession(ComObjPtr<Guest> pGuest, eOSType osType); diff --git a/src/VBox/Main/include/TrustAnchorsAndCerts.h b/src/VBox/Main/include/TrustAnchorsAndCerts.h index b828c179..9b9e4cf9 100644 --- a/src/VBox/Main/include/TrustAnchorsAndCerts.h +++ b/src/VBox/Main/include/TrustAnchorsAndCerts.h @@ -38,11 +38,20 @@ RT_C_DECLS_BEGIN extern const unsigned char g_abUefiMicrosoftKek[]; extern const unsigned g_cbUefiMicrosoftKek; -extern const unsigned char g_abUefiMicrosoftCa[]; -extern const unsigned g_cbUefiMicrosoftCa; +extern const unsigned char g_abUefiMicrosoftKek2023[]; +extern const unsigned g_cbUefiMicrosoftKek2023; -extern const unsigned char g_abUefiMicrosoftProPca[]; -extern const unsigned g_cbUefiMicrosoftProPca; +extern const unsigned char g_abUefiMicrosoft3rdCa[]; +extern const unsigned g_cbUefiMicrosoft3rdCa; + +extern const unsigned char g_abUefiMicrosoft3rdCa2023[]; +extern const unsigned g_cbUefiMicrosoft3rdCa2023; + +extern const unsigned char g_abUefiMicrosoftWinCa[]; +extern const unsigned g_cbUefiMicrosoftWinCa; + +extern const unsigned char g_abUefiMicrosoftWinCa2023[]; +extern const unsigned g_cbUefiMicrosoftWinCa2023; extern const unsigned char g_abUefiOracleDefPk[]; extern const unsigned g_cbUefiOracleDefPk; diff --git a/src/VBox/Main/include/netif.h b/src/VBox/Main/include/netif.h index 3d344914..cf6a2853 100644 --- a/src/VBox/Main/include/netif.h +++ b/src/VBox/Main/include/netif.h @@ -43,6 +43,13 @@ # include <stdio.h> #endif /* !RT_OS_WINDOWS */ +#ifdef RT_OS_LINUX +# include <linux/version.h> +# if LINUX_VERSION_CODE >= KERNEL_VERSION(3,10,0) /* proc_ns introduced */ +# define VBOXNETFLT_LINUX_NAMESPACE_SUPPORT +# endif +#endif + #define VBOXNET_IPV4ADDR_DEFAULT 0x0138A8C0 /* 192.168.56.1 */ #define VBOXNET_IPV4MASK_DEFAULT "255.255.255.0" diff --git a/src/VBox/Main/src-client/ConsoleImpl.cpp b/src/VBox/Main/src-client/ConsoleImpl.cpp index 6d94eb1f..c28eda2a 100644 --- a/src/VBox/Main/src-client/ConsoleImpl.cpp +++ b/src/VBox/Main/src-client/ConsoleImpl.cpp @@ -7500,8 +7500,11 @@ int Console::i_recordingStart(util::AutoWriteLock *pAutoLock /* = NULL */) /** * Stops recording. Does nothing if recording is not active. + * + * Note: This does *not* disable recording for a VM, in other words, + * it does not change the VM's recording (enabled) setting. */ -int Console::i_recordingStop(util::AutoWriteLock *pAutoLock /* = NULL */) +int Console::i_recordingStop(util::AutoWriteLock *) { if (!mRecording.mCtx.IsStarted()) return VINF_SUCCESS; @@ -7514,18 +7517,6 @@ int Console::i_recordingStop(util::AutoWriteLock *pAutoLock /* = NULL */) const size_t cStreams = mRecording.mCtx.GetStreamCount(); for (unsigned uScreen = 0; uScreen < cStreams; ++uScreen) mDisplay->i_recordingScreenChanged(uScreen); - - if (pAutoLock) - pAutoLock->release(); - - ComPtr<IRecordingSettings> pRecordSettings; - HRESULT hrc = mMachine->COMGETTER(RecordingSettings)(pRecordSettings.asOutParam()); - ComAssertComRC(hrc); - hrc = pRecordSettings->COMSETTER(Enabled)(FALSE); - ComAssertComRC(hrc); - - if (pAutoLock) - pAutoLock->acquire(); } LogFlowFuncLeaveRC(vrc); diff --git a/src/VBox/Main/src-client/ConsoleImpl2.cpp b/src/VBox/Main/src-client/ConsoleImpl2.cpp index 3576c493..cf57754d 100644 --- a/src/VBox/Main/src-client/ConsoleImpl2.cpp +++ b/src/VBox/Main/src-client/ConsoleImpl2.cpp @@ -145,6 +145,9 @@ # include "ExtPackManagerImpl.h" #endif +/** The TPM PPI MMIO base default (compatible with qemu). */ +#define TPM_PPI_MMIO_BASE_DEFAULT UINT64_C(0xfed45000) + /********************************************************************************************************************************* * Internal Functions * @@ -1928,6 +1931,58 @@ int Console::i_configConstructorInner(PUVM pUVM, PVM pVM, PCVMMR3VTABLE pVMM, Au N_("Invalid graphics controller type '%d'"), enmGraphicsController); } +#if defined(VBOX_WITH_TPM) + /* + * Configure the Trusted Platform Module. + */ + ComObjPtr<ITrustedPlatformModule> ptrTpm; + TpmType_T enmTpmType = TpmType_None; + + hrc = pMachine->COMGETTER(TrustedPlatformModule)(ptrTpm.asOutParam()); H(); + hrc = ptrTpm->COMGETTER(Type)(&enmTpmType); H(); + if (enmTpmType != TpmType_None) + { + InsertConfigNode(pDevices, "tpm", &pDev); + InsertConfigNode(pDev, "0", &pInst); + InsertConfigInteger(pInst, "Trusted", 1); /* boolean */ + InsertConfigNode(pInst, "Config", &pCfg); + InsertConfigNode(pInst, "LUN#0", &pLunL0); + + switch (enmTpmType) + { + case TpmType_v1_2: + case TpmType_v2_0: + InsertConfigString(pLunL0, "Driver", "TpmEmuTpms"); + InsertConfigNode(pLunL0, "Config", &pCfg); + InsertConfigInteger(pCfg, "TpmVersion", enmTpmType == TpmType_v1_2 ? 1 : 2); + InsertConfigNode(pLunL0, "AttachedDriver", &pLunL1); + InsertConfigString(pLunL1, "Driver", "NvramStore"); + break; + case TpmType_Host: +#if defined(RT_OS_LINUX) || defined(RT_OS_WINDOWS) + InsertConfigString(pLunL0, "Driver", "TpmHost"); + InsertConfigNode(pLunL0, "Config", &pCfg); +#endif + break; + case TpmType_Swtpm: + hrc = ptrTpm->COMGETTER(Location)(bstr.asOutParam()); H(); + InsertConfigString(pLunL0, "Driver", "TpmEmu"); + InsertConfigNode(pLunL0, "Config", &pCfg); + InsertConfigString(pCfg, "Location", bstr); + break; + default: + AssertFailedBreak(); + } + + /* Add the device for the physical presence interface. */ + InsertConfigNode( pDevices, "tpm-ppi", &pDev); + InsertConfigNode( pDev, "0", &pInst); + InsertConfigInteger(pInst, "Trusted", 1); /* boolean */ + InsertConfigNode( pInst, "Config", &pCfg); + InsertConfigInteger(pCfg, "MmioBase", TPM_PPI_MMIO_BASE_DEFAULT); + } +#endif + /* * Firmware. */ @@ -2116,6 +2171,9 @@ int Console::i_configConstructorInner(PUVM pUVM, PVM pVM, PCVMMR3VTABLE pVMM, Au InsertConfigInteger(pCfg, "DmiExposeMemoryTable", 1); } + if (enmTpmType != TpmType_None) + InsertConfigInteger(pCfg, "TpmPpiBase", TPM_PPI_MMIO_BASE_DEFAULT); + /* Attach the NVRAM storage driver. */ InsertConfigNode(pInst, "LUN#0", &pLunL0); InsertConfigString(pLunL0, "Driver", "NvramStore"); @@ -3540,51 +3598,6 @@ int Console::i_configConstructorInner(PUVM pUVM, PVM pVM, PCVMMR3VTABLE pVMM, Au } #endif /* VBOX_WITH_DRAG_AND_DROP */ -#if defined(VBOX_WITH_TPM) - /* - * Configure the Trusted Platform Module. - */ - ComObjPtr<ITrustedPlatformModule> ptrTpm; - TpmType_T enmTpmType = TpmType_None; - - hrc = pMachine->COMGETTER(TrustedPlatformModule)(ptrTpm.asOutParam()); H(); - hrc = ptrTpm->COMGETTER(Type)(&enmTpmType); H(); - if (enmTpmType != TpmType_None) - { - InsertConfigNode(pDevices, "tpm", &pDev); - InsertConfigNode(pDev, "0", &pInst); - InsertConfigInteger(pInst, "Trusted", 1); /* boolean */ - InsertConfigNode(pInst, "Config", &pCfg); - InsertConfigNode(pInst, "LUN#0", &pLunL0); - - switch (enmTpmType) - { - case TpmType_v1_2: - case TpmType_v2_0: - InsertConfigString(pLunL0, "Driver", "TpmEmuTpms"); - InsertConfigNode(pLunL0, "Config", &pCfg); - InsertConfigInteger(pCfg, "TpmVersion", enmTpmType == TpmType_v1_2 ? 1 : 2); - InsertConfigNode(pLunL0, "AttachedDriver", &pLunL1); - InsertConfigString(pLunL1, "Driver", "NvramStore"); - break; - case TpmType_Host: -#if defined(RT_OS_LINUX) || defined(RT_OS_WINDOWS) - InsertConfigString(pLunL0, "Driver", "TpmHost"); - InsertConfigNode(pLunL0, "Config", &pCfg); -#endif - break; - case TpmType_Swtpm: - hrc = ptrTpm->COMGETTER(Location)(bstr.asOutParam()); H(); - InsertConfigString(pLunL0, "Driver", "TpmEmu"); - InsertConfigNode(pLunL0, "Config", &pCfg); - InsertConfigString(pCfg, "Location", bstr); - break; - default: - AssertFailedBreak(); - } - } -#endif - /* * ACPI */ @@ -6203,6 +6216,17 @@ int Console::i_configNetwork(const char *pszDevice, close(iSock); } } +# ifdef VBOXNETFLT_LINUX_NAMESPACE_SUPPORT + RTUUID IfaceUuid; + Bstr IfId; + hrc = hostInterface->COMGETTER(Id)(IfId.asOutParam()); H(); + vrc = RTUuidFromUtf16(&IfaceUuid, IfId.raw()); + AssertRCReturn(vrc, vrc); + char szTrunkNameWithNamespace[INTNET_MAX_TRUNK_NAME]; + RTStrPrintf(szTrunkNameWithNamespace, sizeof(szTrunkNameWithNamespace), "%u/%s", + IfaceUuid.au32[0], pszTrunk); + pszTrunk = szTrunkNameWithNamespace; +# endif # else # error "PORTME (VBOX_WITH_NETFLT)" diff --git a/src/VBox/Main/src-client/GuestSessionImplTasks.cpp b/src/VBox/Main/src-client/GuestSessionImplTasks.cpp index 9a74e050..b8666f20 100644 --- a/src/VBox/Main/src-client/GuestSessionImplTasks.cpp +++ b/src/VBox/Main/src-client/GuestSessionImplTasks.cpp @@ -2571,7 +2571,7 @@ int GuestSessionTaskUpdateAdditions::copyFileToGuest(GuestSession *pSession, RTV vrc = RTVfsFileQuerySize(hVfsFile, &cbSrcSize); if (RT_SUCCESS(vrc)) { - LogRel(("Copying Guest Additions installer file \"%s\" to \"%s\" on guest ...\n", + LogRel(("Guest Additions Update: Copying installer file \"%s\" to \"%s\" on guest ...\n", strFileSrc.c_str(), strFileDst.c_str())); GuestFileOpenInfo dstOpenInfo; @@ -2588,13 +2588,14 @@ int GuestSessionTaskUpdateAdditions::copyFileToGuest(GuestSession *pSession, RTV switch (vrc) { case VERR_GSTCTL_GUEST_ERROR: - setProgressErrorMsg(VBOX_E_IPRT_ERROR, GuestFile::i_guestErrorToString(vrcGuest, strFileDst.c_str())); + setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR, + GuestFile::i_guestErrorToString(vrcGuest, strFileDst.c_str())); break; default: - setProgressErrorMsg(VBOX_E_IPRT_ERROR, - Utf8StrFmt(tr("Guest file \"%s\" could not be opened: %Rrc"), - strFileDst.c_str(), vrc)); + setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR, + Utf8StrFmt(tr("Guest file \"%s\" could not be opened: %Rrc"), + strFileDst.c_str(), vrc)); break; } } @@ -2617,6 +2618,34 @@ int GuestSessionTaskUpdateAdditions::copyFileToGuest(GuestSession *pSession, RTV } /** + * Sets an update error message to the current progress object + logs to release log. + * + * @returns Returns \a hrc for convenience. + * @param hrc Progress operation result to set. + * @param strMsg Message to set. + */ +HRESULT GuestSessionTaskUpdateAdditions::setUpdateErrorMsg(HRESULT hrc, const Utf8Str &strMsg) +{ + Utf8Str const strLog = "Guest Additions Update failed: " + strMsg; + LogRel(("%s\n", strLog.c_str())); + return GuestSessionTask::setProgressErrorMsg(hrc, strLog); +} + +/** + * Sets an update error message to the current progress object + logs to release log. + * + * @returns Returns \a hrc for convenience. + * @param hrc Progress operation result to set. + * @param strMsg Message to set. + * @param guestErrorInfo Guest error info to use. + */ +HRESULT GuestSessionTaskUpdateAdditions::setUpdateErrorMsg(HRESULT hrc, const Utf8Str &strMsg, const GuestErrorInfo &guestErrorInfo) +{ + Utf8Str const strLog = strMsg + Utf8Str(": ") + GuestBase::getErrorAsString(guestErrorInfo); + return GuestSessionTaskUpdateAdditions::setProgressErrorMsg(hrc, strLog); +} + +/** * Helper function to run (start) a file on the guest. * * @returns VBox status code. @@ -2628,7 +2657,7 @@ int GuestSessionTaskUpdateAdditions::runFileOnGuest(GuestSession *pSession, Gues { AssertPtrReturn(pSession, VERR_INVALID_POINTER); - LogRel(("Running %s ...\n", procInfo.mName.c_str())); + LogRel(("Guest Additions Update: Running \"%s\" ...\n", procInfo.mName.c_str())); GuestProcessTool procTool; int vrcGuest = VERR_IPE_UNINITIALIZED_STATUS; @@ -2647,26 +2676,26 @@ int GuestSessionTaskUpdateAdditions::runFileOnGuest(GuestSession *pSession, Gues switch (vrc) { case VERR_GSTCTL_PROCESS_EXIT_CODE: - setProgressErrorMsg(VBOX_E_IPRT_ERROR, - Utf8StrFmt(tr("Running update file \"%s\" on guest failed: %Rrc"), - procInfo.mExecutable.c_str(), procTool.getRc())); + setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR, + Utf8StrFmt(tr("Running update file \"%s\" on guest failed: %Rrc"), + procInfo.mExecutable.c_str(), procTool.getRc())); break; case VERR_GSTCTL_GUEST_ERROR: - setProgressErrorMsg(VBOX_E_IPRT_ERROR, tr("Running update file on guest failed"), - GuestErrorInfo(GuestErrorInfo::Type_Process, vrcGuest, procInfo.mExecutable.c_str())); + setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR, tr("Running update file on guest failed"), + GuestErrorInfo(GuestErrorInfo::Type_Process, vrcGuest, procInfo.mExecutable.c_str())); break; case VERR_INVALID_STATE: /** @todo Special guest control vrc needed! */ - setProgressErrorMsg(VBOX_E_IPRT_ERROR, - Utf8StrFmt(tr("Update file \"%s\" reported invalid running state"), - procInfo.mExecutable.c_str())); + setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR, + Utf8StrFmt(tr("Update file \"%s\" reported invalid running state"), + procInfo.mExecutable.c_str())); break; default: - setProgressErrorMsg(VBOX_E_IPRT_ERROR, - Utf8StrFmt(tr("Error while running update file \"%s\" on guest: %Rrc"), - procInfo.mExecutable.c_str(), vrc)); + setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR, + Utf8StrFmt(tr("Error while running update file \"%s\" on guest: %Rrc"), + procInfo.mExecutable.c_str(), vrc)); break; } } @@ -2708,16 +2737,14 @@ int GuestSessionTaskUpdateAdditions::checkGuestAdditionsStatus(GuestSession *pSe vrc = runFileOnGuest(pSession, procInfo, true /* fSilent */); if (RT_FAILURE(vrc)) - hrc = setProgressErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR, - Utf8StrFmt(tr("Automatic update of Guest Additions has failed: " - "files were installed, but user services were not reloaded automatically. " - "Please consider rebooting the guest"))); + hrc = setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR, + Utf8StrFmt(tr("Files were installed, but user services were not reloaded automatically. " + "Please consider rebooting the guest"))); } else - hrc = setProgressErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR, - Utf8StrFmt(tr("Automatic update of Guest Additions has failed: " - "files were installed, but kernel modules were not reloaded automatically. " - "Please consider rebooting the guest"))); + hrc = setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR, + Utf8StrFmt(tr("Files were installed, but kernel modules were not reloaded automatically. " + "Please consider rebooting the guest"))); } return vrc; @@ -2768,9 +2795,9 @@ int GuestSessionTaskUpdateAdditions::waitForGuestSession(ComObjPtr<Guest> pGuest /* Make sure Guest Additions were reloaded on the guest side. */ vrc = checkGuestAdditionsStatus(pSession, osType); if (RT_SUCCESS(vrc)) - LogRel(("Guest Additions were successfully reloaded after installation\n")); + LogRel(("Guest Additions Update: Guest Additions were successfully reloaded after installation\n")); else - LogRel(("Guest Additions were failed to reload after installation, please consider rebooting the guest\n")); + LogRel(("Guest Additions Update: Guest Additions were failed to reload after installation, please consider rebooting the guest\n")); vrc = pSession->Close(); vrcRet = VINF_SUCCESS; @@ -2805,7 +2832,7 @@ int GuestSessionTaskUpdateAdditions::Run(void) HRESULT hrc = S_OK; - LogRel(("Automatic update of Guest Additions started, using \"%s\"\n", mSource.c_str())); + LogRel(("Guest Additions Update: Automatic update started, using \"%s\"\n", mSource.c_str())); ComObjPtr<Guest> pGuest(mSession->i_getParent()); #if 0 @@ -2829,8 +2856,8 @@ int GuestSessionTaskUpdateAdditions::Run(void) if (FAILED(hrc)) vrc = VERR_TIMEOUT; if (vrc == VERR_TIMEOUT) - hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED, - Utf8StrFmt(tr("Guest Additions were not ready within time, giving up"))); + hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED, + Utf8StrFmt(tr("Guest Additions were not ready within time, giving up"))); #else /* * For use with the GUI we don't want to wait, just return so that the manual .ISO mounting @@ -2842,11 +2869,11 @@ int GuestSessionTaskUpdateAdditions::Run(void) && addsRunLevel != AdditionsRunLevelType_Desktop)) { if (addsRunLevel == AdditionsRunLevelType_System) - hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED, - Utf8StrFmt(tr("Guest Additions are installed but not fully loaded yet, aborting automatic update"))); + hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED, + Utf8StrFmt(tr("Guest Additions are installed but not fully loaded yet, aborting automatic update"))); else - hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED, - Utf8StrFmt(tr("Guest Additions not installed or ready, aborting automatic update"))); + hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED, + Utf8StrFmt(tr("Guest Additions not installed or ready, aborting automatic update"))); vrc = VERR_NOT_SUPPORTED; } #endif @@ -2862,9 +2889,9 @@ int GuestSessionTaskUpdateAdditions::Run(void) if ( RT_SUCCESS(vrc) && RTStrVersionCompare(strAddsVer.c_str(), "4.1") < 0) { - hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED, - Utf8StrFmt(tr("Guest has too old Guest Additions (%s) installed for automatic updating, please update manually"), - strAddsVer.c_str())); + hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED, + Utf8StrFmt(tr("Guest has too old Guest Additions (%s) installed for automatic updating, please update manually"), + strAddsVer.c_str())); vrc = VERR_NOT_SUPPORTED; } } @@ -2891,8 +2918,8 @@ int GuestSessionTaskUpdateAdditions::Run(void) vrc = getGuestProperty(pGuest, "/VirtualBox/GuestInfo/OS/Release", strOSVer); if (RT_FAILURE(vrc)) { - hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED, - Utf8StrFmt(tr("Unable to detected guest OS version, please update manually"))); + hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED, + Utf8StrFmt(tr("Unable to detected guest OS version, please update manually"))); vrc = VERR_NOT_SUPPORTED; } @@ -2911,17 +2938,17 @@ int GuestSessionTaskUpdateAdditions::Run(void) * (and the user has to deal with it in the guest). */ if (!(mFlags & AdditionsUpdateFlag_WaitForUpdateStartOnly)) { - hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED, - Utf8StrFmt(tr("Windows 2000 and XP are not supported for automatic updating due to WHQL interaction, please update manually"))); + hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED, + Utf8StrFmt(tr("Windows 2000 and XP are not supported for automatic updating due to WHQL interaction, please update manually"))); vrc = VERR_NOT_SUPPORTED; } } } else { - hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED, - Utf8StrFmt(tr("%s (%s) not supported for automatic updating, please update manually"), - strOSType.c_str(), strOSVer.c_str())); + hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED, + Utf8StrFmt(tr("%s (%s) not supported for automatic updating, please update manually"), + strOSType.c_str(), strOSVer.c_str())); vrc = VERR_NOT_SUPPORTED; } } @@ -2937,9 +2964,9 @@ int GuestSessionTaskUpdateAdditions::Run(void) && osType != eOSType_Linux)) /** @todo Support Solaris. */ { - hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED, - Utf8StrFmt(tr("Detected guest OS (%s) does not support automatic Guest Additions updating, please update manually"), - strOSType.c_str())); + hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED, + Utf8StrFmt(tr("Detected guest OS (%s) does not support automatic Guest Additions updating, please update manually"), + strOSType.c_str())); vrc = VERR_NOT_SUPPORTED; } } @@ -2954,9 +2981,9 @@ int GuestSessionTaskUpdateAdditions::Run(void) vrc = RTVfsFileOpenNormal(mSource.c_str(), RTFILE_O_OPEN | RTFILE_O_READ | RTFILE_O_DENY_WRITE, &hVfsFileIso); if (RT_FAILURE(vrc)) { - hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR, - Utf8StrFmt(tr("Unable to open Guest Additions .ISO file \"%s\": %Rrc"), - mSource.c_str(), vrc)); + hrc = setUpdateErrorMsg(VBOX_E_IPRT_ERROR, + Utf8StrFmt(tr("Unable to open Guest Additions .ISO file \"%s\": %Rrc"), + mSource.c_str(), vrc)); } else { @@ -2964,8 +2991,8 @@ int GuestSessionTaskUpdateAdditions::Run(void) vrc = RTFsIso9660VolOpen(hVfsFileIso, 0 /*fFlags*/, &hVfsIso, NULL); if (RT_FAILURE(vrc)) { - hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR, - Utf8StrFmt(tr("Unable to open file as ISO 9660 file system volume: %Rrc"), vrc)); + hrc = setUpdateErrorMsg(VBOX_E_IPRT_ERROR, + Utf8StrFmt(tr("Unable to open file as ISO 9660 file system volume: %Rrc"), vrc)); } else { @@ -2990,21 +3017,21 @@ int GuestSessionTaskUpdateAdditions::Run(void) else strUpdateDir.append("/"); - LogRel(("Guest Additions update directory is: %s\n", strUpdateDir.c_str())); + LogRel(("Guest Additions Update: Update directory is '%s'\n", strUpdateDir.c_str())); } else { switch (vrc) { case VERR_GSTCTL_GUEST_ERROR: - hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR, tr("Creating update directory on guest failed"), - GuestErrorInfo(GuestErrorInfo::Type_Directory, vrcGuest, strUpdateDir.c_str())); + hrc = setUpdateErrorMsg(VBOX_E_IPRT_ERROR, tr("Creating update directory on guest failed"), + GuestErrorInfo(GuestErrorInfo::Type_Directory, vrcGuest, strUpdateDir.c_str())); break; default: - hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR, - Utf8StrFmt(tr("Creating update directory \"%s\" on guest failed: %Rrc"), - strUpdateDir.c_str(), vrc)); + hrc = setUpdateErrorMsg(VBOX_E_IPRT_ERROR, + Utf8StrFmt(tr("Creating update directory \"%s\" on guest failed: %Rrc"), + strUpdateDir.c_str(), vrc)); break; } } @@ -3028,10 +3055,10 @@ int GuestSessionTaskUpdateAdditions::Run(void) if (RTStrVersionCompare(strOSVer.c_str(), "5.0") >= 0) { fInstallCert = true; - LogRel(("Certificates for auto updating WHQL drivers will be installed\n")); + LogRel(("Guest Additions Update: Certificates for auto updating WHQL drivers will be installed\n")); } else - LogRel(("Skipping installation of certificates for WHQL drivers\n")); + LogRel(("Guest Additions Update: Skipping installation of certificates for WHQL drivers\n")); if (fInstallCert) { @@ -3176,7 +3203,7 @@ int GuestSessionTaskUpdateAdditions::Run(void) uint8_t uOffset = 20; /* Start at 20%. */ uint8_t uStep = 40 / (uint8_t)mFiles.size(); Assert(mFiles.size() <= 10); - LogRel(("Copying over Guest Additions update files to the guest ...\n")); + LogRel(("Guest Additions Update: Copying over update files to the guest ...\n")); std::vector<ISOFile>::const_iterator itFiles = mFiles.begin(); while (itFiles != mFiles.end()) @@ -3189,9 +3216,9 @@ int GuestSessionTaskUpdateAdditions::Run(void) vrc = copyFileToGuest(pSession, hVfsIso, itFiles->strSource, itFiles->strDest, fOptional); if (RT_FAILURE(vrc)) { - hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR, - Utf8StrFmt(tr("Error while copying file \"%s\" to \"%s\" on the guest: %Rrc"), - itFiles->strSource.c_str(), itFiles->strDest.c_str(), vrc)); + hrc = setUpdateErrorMsg(VBOX_E_IPRT_ERROR, + Utf8StrFmt(tr("Error while copying file \"%s\" to \"%s\" on the guest: %Rrc"), + itFiles->strSource.c_str(), itFiles->strDest.c_str(), vrc)); break; } } @@ -3215,7 +3242,7 @@ int GuestSessionTaskUpdateAdditions::Run(void) uint8_t uOffset = 60; /* Start at 60%. */ uint8_t uStep = 35 / (uint8_t)mFiles.size(); Assert(mFiles.size() <= 10); - LogRel(("Executing Guest Additions update files ...\n")); + LogRel(("Guest Additions Update: Executing update files ...\n")); std::vector<ISOFile>::iterator itFiles = mFiles.begin(); while (itFiles != mFiles.end()) @@ -3247,27 +3274,26 @@ int GuestSessionTaskUpdateAdditions::Run(void) { if (pSession->i_isTerminated()) { - LogRel(("Old guest session has terminated, waiting updated guest services to start\n")); + LogRel(("Guest Additions Update: Old guest session has terminated, waiting updated guest services to start\n")); /* Wait for VBoxService to restart. */ vrc = waitForGuestSession(pSession->i_getParent(), osType); if (RT_FAILURE(vrc)) - hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR, - Utf8StrFmt(tr("Automatic update of Guest Additions has failed: " - "guest services were not restarted, please reinstall Guest Additions manually"))); + hrc = setUpdateErrorMsg(VBOX_E_IPRT_ERROR, + Utf8StrFmt(tr("Guest services were not restarted, please reinstall Guest Additions manually"))); } else { vrc = VERR_TRY_AGAIN; - hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR, - Utf8StrFmt(tr("Old guest session is still active, guest services were not restarted " - "after installation, please reinstall Guest Additions manually"))); + hrc = setUpdateErrorMsg(VBOX_E_IPRT_ERROR, + Utf8StrFmt(tr("Old guest session is still active, guest services were not restarted " + "after installation, please reinstall Guest Additions manually"))); } } if (RT_SUCCESS(vrc)) { - LogRel(("Automatic update of Guest Additions succeeded\n")); + LogRel(("Guest Additions Update: Automatic update succeeded\n")); hrc = setProgressSuccess(); } } @@ -3281,17 +3307,17 @@ int GuestSessionTaskUpdateAdditions::Run(void) { if (vrc == VERR_CANCELLED) { - LogRel(("Automatic update of Guest Additions was canceled\n")); + LogRel(("Guest Additions Update: Automatic update was canceled\n")); - hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR, - Utf8StrFmt(tr("Installation was canceled"))); + hrc = setUpdateErrorMsg(E_ABORT, + Utf8StrFmt(tr("Operation was canceled"))); } else if (vrc == VERR_TIMEOUT) { - LogRel(("Automatic update of Guest Additions has timed out\n")); + LogRel(("Guest Additions Update: Automatic update has timed out\n")); - hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR, - Utf8StrFmt(tr("Installation has timed out"))); + hrc = setUpdateErrorMsg(E_FAIL, + Utf8StrFmt(tr("Operation has timed out"))); } else { @@ -3313,11 +3339,11 @@ int GuestSessionTaskUpdateAdditions::Run(void) } } - LogRel(("Automatic update of Guest Additions failed: %s (%Rhrc)\n", - strError.c_str(), hrc)); + LogRel(("Guest Additions Update: Automatic update failed: %s (vrc=%Rrc, hrc=%Rhrc)\n", + strError.c_str(), vrc, hrc)); } - LogRel(("Please install Guest Additions manually\n")); + LogRel(("Guest Additions Update: An error has occurred (see above). Please install Guest Additions manually\n")); } /** @todo Clean up copied / left over installation files. */ diff --git a/src/VBox/Main/src-client/RecordingStream.cpp b/src/VBox/Main/src-client/RecordingStream.cpp index dad3e5c5..63ddb86f 100644 --- a/src/VBox/Main/src-client/RecordingStream.cpp +++ b/src/VBox/Main/src-client/RecordingStream.cpp @@ -418,9 +418,9 @@ int RecordingStream::SendAudioFrame(const void *pvData, size_t cbData, uint64_t /** * Sends a raw (e.g. not yet encoded) video frame to the recording stream. * - * @returns VBox status code. Will return VINF_RECORDING_LIMIT_REACHED if the stream's recording - * limit has been reached or VINF_RECORDING_THROTTLED if the frame is too early for the current - * FPS setting. + * @returns VBox status code. + * @retval VINF_RECORDING_LIMIT_REACHED if the stream's recording limit has been reached. + * @retval VINF_RECORDING_THROTTLED if the frame is too early for the current FPS setting. * @param x Upper left (X) coordinate where the video frame starts. * @param y Upper left (Y) coordinate where the video frame starts. * @param uPixelFormat Pixel format of the video frame. @@ -435,7 +435,9 @@ int RecordingStream::SendVideoFrame(uint32_t x, uint32_t y, uint32_t uPixelForma uint32_t uSrcWidth, uint32_t uSrcHeight, uint8_t *puSrcData, uint64_t msTimestamp) { AssertPtrReturn(m_pCtx, VERR_WRONG_ORDER); - AssertReturn(NeedsUpdate(msTimestamp), VINF_RECORDING_THROTTLED); /* We ASSUME that the caller checked that first. */ + + if (RT_UNLIKELY(!NeedsUpdate(msTimestamp))) + return VINF_RECORDING_THROTTLED; lock(); diff --git a/src/VBox/Main/src-server/UefiVariableStoreImpl.cpp b/src/VBox/Main/src-server/UefiVariableStoreImpl.cpp index 2515599f..43ec2695 100644 --- a/src/VBox/Main/src-server/UefiVariableStoreImpl.cpp +++ b/src/VBox/Main/src-server/UefiVariableStoreImpl.cpp @@ -543,11 +543,26 @@ HRESULT UefiVariableStore::enrollDefaultMsSignatures(void) GuidMs, SignatureType_X509); if (SUCCEEDED(hrc)) { - hrc = i_uefiVarStoreAddSignatureToDb(&EfiGuidSecurityDb, "db", g_abUefiMicrosoftCa, g_cbUefiMicrosoftCa, + hrc = i_uefiVarStoreAddSignatureToDb(&EfiGuidGlobalVar, "KEK", g_abUefiMicrosoftKek2023, g_cbUefiMicrosoftKek2023, GuidMs, SignatureType_X509); if (SUCCEEDED(hrc)) - hrc = i_uefiVarStoreAddSignatureToDb(&EfiGuidSecurityDb, "db", g_abUefiMicrosoftProPca, g_cbUefiMicrosoftProPca, + { + hrc = i_uefiVarStoreAddSignatureToDb(&EfiGuidSecurityDb, "db", g_abUefiMicrosoft3rdCa, g_cbUefiMicrosoft3rdCa, GuidMs, SignatureType_X509); + if (SUCCEEDED(hrc)) + { + hrc = i_uefiVarStoreAddSignatureToDb(&EfiGuidSecurityDb, "db", g_abUefiMicrosoft3rdCa2023, g_cbUefiMicrosoft3rdCa2023, + GuidMs, SignatureType_X509); + if (SUCCEEDED(hrc)) + { + hrc = i_uefiVarStoreAddSignatureToDb(&EfiGuidSecurityDb, "db", g_abUefiMicrosoftWinCa, g_cbUefiMicrosoftWinCa, + GuidMs, SignatureType_X509); + if (SUCCEEDED(hrc)) + hrc = i_uefiVarStoreAddSignatureToDb(&EfiGuidSecurityDb, "db", g_abUefiMicrosoftWinCa2023, g_cbUefiMicrosoftWinCa2023, + GuidMs, SignatureType_X509); + } + } + } } i_releaseUefiVariableStore(); diff --git a/src/VBox/Main/src-server/linux/NetIf-linux.cpp b/src/VBox/Main/src-server/linux/NetIf-linux.cpp index f4a99eeb..83ab3b3b 100644 --- a/src/VBox/Main/src-server/linux/NetIf-linux.cpp +++ b/src/VBox/Main/src-server/linux/NetIf-linux.cpp @@ -43,6 +43,7 @@ #include <stdio.h> #include <unistd.h> #include <iprt/asm.h> +#include <errno.h> #include "HostNetworkInterfaceImpl.h" #include "netif.h" @@ -154,7 +155,27 @@ static int getInterfaceInfo(int iSocket, const char *pszName, PNETIFINFO pInfo) /* Generate UUID from name and MAC address. */ RTUUID uuid; RTUuidClear(&uuid); +#ifdef VBOXNETFLT_LINUX_NAMESPACE_SUPPORT + uuid.au32[0] = 0; /* Use 0 as the indicator of missing namespace info. */ + /* + * Namespace links use the following naming convention: "net:[1234567890]". + * The maximum value of inode number is 4294967295, which gives up precisely + * 16 characters without terminating zero. + */ + char szBuf[24]; + ssize_t len = readlink("/proc/self/ns/net", szBuf, sizeof(szBuf) - 1); + if (len == -1) + Log(("NetIfList: Failed to get namespace for VBoxSVC, error %d\n", errno)); + else if (!RTStrStartsWith(szBuf, "net:[")) + Log(("NetIfList: Failed to get network namespace inode from %s\n", szBuf)); + else + uuid.au32[0] = RTStrToUInt32(szBuf + 5); + Log(("NetIfList: VBoxSVC namespace inode %u\n", uuid.au32[0])); + /* Hashing the name is probably an overkill as MAC addresses should ensure uniqueness */ + uuid.au32[1] = RTStrHash1(pszName); +#else /* !VBOXNETFLT_LINUX_NAMESPACE_SUPPORT */ memcpy(&uuid, Req.ifr_name, RT_MIN(sizeof(Req.ifr_name), sizeof(uuid))); +#endif /* !VBOXNETFLT_LINUX_NAMESPACE_SUPPORT */ uuid.Gen.u8ClockSeqHiAndReserved = (uint8_t)((uuid.Gen.u8ClockSeqHiAndReserved & 0x3f) | 0x80); uuid.Gen.u16TimeHiAndVersion = (uint16_t)((uuid.Gen.u16TimeHiAndVersion & 0x0fff) | 0x4000); memcpy(uuid.Gen.au8Node, &Req.ifr_hwaddr.sa_data, sizeof(uuid.Gen.au8Node)); |