summaryrefslogtreecommitdiffstats
path: root/src/VBox/Main
diff options
context:
space:
mode:
Diffstat (limited to 'src/VBox/Main')
-rw-r--r--src/VBox/Main/Certificates/microsoft_corporation_kek_2k_ca_2023.crtbin0 -> 1462 bytes
-rw-r--r--src/VBox/Main/Certificates/microsoft_uefi_ca_2023.crtbin0 -> 1448 bytes
-rw-r--r--src/VBox/Main/Certificates/windows_uefi_ca_2023.crtbin0 -> 1454 bytes
-rw-r--r--src/VBox/Main/Makefile.kmk16
-rw-r--r--src/VBox/Main/include/GuestSessionImplTasks.h2
-rw-r--r--src/VBox/Main/include/TrustAnchorsAndCerts.h17
-rw-r--r--src/VBox/Main/include/netif.h7
-rw-r--r--src/VBox/Main/src-client/ConsoleImpl.cpp17
-rw-r--r--src/VBox/Main/src-client/ConsoleImpl2.cpp114
-rw-r--r--src/VBox/Main/src-client/GuestSessionImplTasks.cpp190
-rw-r--r--src/VBox/Main/src-client/RecordingStream.cpp10
-rw-r--r--src/VBox/Main/src-server/UefiVariableStoreImpl.cpp19
-rw-r--r--src/VBox/Main/src-server/linux/NetIf-linux.cpp21
13 files changed, 257 insertions, 156 deletions
diff --git a/src/VBox/Main/Certificates/microsoft_corporation_kek_2k_ca_2023.crt b/src/VBox/Main/Certificates/microsoft_corporation_kek_2k_ca_2023.crt
new file mode 100644
index 00000000..e6ffb4f9
--- /dev/null
+++ b/src/VBox/Main/Certificates/microsoft_corporation_kek_2k_ca_2023.crt
Binary files differ
diff --git a/src/VBox/Main/Certificates/microsoft_uefi_ca_2023.crt b/src/VBox/Main/Certificates/microsoft_uefi_ca_2023.crt
new file mode 100644
index 00000000..39a91b31
--- /dev/null
+++ b/src/VBox/Main/Certificates/microsoft_uefi_ca_2023.crt
Binary files differ
diff --git a/src/VBox/Main/Certificates/windows_uefi_ca_2023.crt b/src/VBox/Main/Certificates/windows_uefi_ca_2023.crt
new file mode 100644
index 00000000..4c5430b2
--- /dev/null
+++ b/src/VBox/Main/Certificates/windows_uefi_ca_2023.crt
Binary files differ
diff --git a/src/VBox/Main/Makefile.kmk b/src/VBox/Main/Makefile.kmk
index 5711816d..00bab609 100644
--- a/src/VBox/Main/Makefile.kmk
+++ b/src/VBox/Main/Makefile.kmk
@@ -440,19 +440,23 @@ if !defined(VBOX_ONLY_SDK) && !defined(VBOX_ONLY_EXTPACKS) # Note this goes on f
#
# Trust anchors and certificates -> .cpp
+ # Source for the Microsoft Certificates: https://github.com/microsoft/secureboot_objects
#
VBOX_SVC_CERTS_FILE = $(VBoxSVC_0_OUTDIR)/TrustAnchorsAndCerts.cpp
VBOX_SVC_CERTS := \
UefiMicrosoftKek=MicCorKEKCA2011_2011-06-24.crt \
- UefiMicrosoftCa=MicCorUEFCA2011_2011-06-27.crt \
- UefiMicrosoftProPca=MicWinProPCA2011_2011-10-19.crt \
+ UefiMicrosoftKek2023=microsoft_corporation_kek_2k_ca_2023.crt \
+ UefiMicrosoft3rdCa=MicCorUEFCA2011_2011-06-27.crt \
+ UefiMicrosoft3rdCa2023=microsoft_uefi_ca_2023.crt \
+ UefiMicrosoftWinCa=MicWinProPCA2011_2011-10-19.crt \
+ UefiMicrosoftWinCa2023=windows_uefi_ca_2023.crt \
UefiOracleDefPk=OrclUefiDefPk2021_2021-09-29.crt
- VBOX_SVC_CERT_NAMES := $(foreach cert,$(VBOX_SVC_CERTS),$(firstword $(subst =,$(SPACE) ,$(cert))))
+ VBOX_SVC_CERT_NAMES := $(foreach cert,$(VBOX_SVC_CERTS),$(firstword $(subst =,$(SP),$(cert))))
VBOX_SVC_PATH_CERTIFICATES := $(PATH_SUB_CURRENT)/Certificates
$$(VBOX_SVC_CERTS_FILE): $(MAKEFILE_CURRENT) \
- $(foreach cert,$(VBOX_SVC_CERTS),$(VBOX_SVC_PATH_CERTIFICATES)/$(lastword $(subst =,$(SPACE) ,$(cert)))) \
+ $(foreach cert,$(VBOX_SVC_CERTS),$(VBOX_SVC_PATH_CERTIFICATES)/$(lastword $(subst =,$(SP),$(cert)))) \
$(VBOX_BIN2C) \
| $$(dir $$@)
$(QUIET)$(RM) -f -- $@
@@ -461,8 +465,8 @@ if !defined(VBOX_ONLY_SDK) && !defined(VBOX_ONLY_EXTPACKS) # Note this goes on f
'#include "TrustAnchorsAndCerts.h"' \
''
$(foreach cert,$(VBOX_SVC_CERTS), $(NLTAB)$(VBOX_BIN2C) -ascii --append \
- "$(firstword $(subst =,$(SP) ,$(cert)))" \
- "$(VBOX_SVC_PATH_CERTIFICATES)/$(lastword $(subst =,$(SP) ,$(cert)))" \
+ "$(firstword $(subst =,$(SP),$(cert)))" \
+ "$(VBOX_SVC_PATH_CERTIFICATES)/$(lastword $(subst =,$(SP),$(cert)))" \
"$@")
OTHER_CLEAN += $(VBOX_SVC_CERTS_FILE)
diff --git a/src/VBox/Main/include/GuestSessionImplTasks.h b/src/VBox/Main/include/GuestSessionImplTasks.h
index d32cd8b3..463ad443 100644
--- a/src/VBox/Main/include/GuestSessionImplTasks.h
+++ b/src/VBox/Main/include/GuestSessionImplTasks.h
@@ -419,6 +419,8 @@ protected:
int addProcessArguments(ProcessArguments &aArgumentsDest, const ProcessArguments &aArgumentsSource);
int copyFileToGuest(GuestSession *pSession, RTVFS hVfsIso, Utf8Str const &strFileSource, const Utf8Str &strFileDest, bool fOptional);
int runFileOnGuest(GuestSession *pSession, GuestProcessStartupInfo &procInfo, bool fSilent = false);
+ HRESULT setUpdateErrorMsg(HRESULT hrc, const Utf8Str &strMsg);
+ HRESULT setUpdateErrorMsg(HRESULT hrc, const Utf8Str &strMsg, const GuestErrorInfo &guestErrorInfo);
int checkGuestAdditionsStatus(GuestSession *pSession, eOSType osType);
int waitForGuestSession(ComObjPtr<Guest> pGuest, eOSType osType);
diff --git a/src/VBox/Main/include/TrustAnchorsAndCerts.h b/src/VBox/Main/include/TrustAnchorsAndCerts.h
index b828c179..9b9e4cf9 100644
--- a/src/VBox/Main/include/TrustAnchorsAndCerts.h
+++ b/src/VBox/Main/include/TrustAnchorsAndCerts.h
@@ -38,11 +38,20 @@ RT_C_DECLS_BEGIN
extern const unsigned char g_abUefiMicrosoftKek[];
extern const unsigned g_cbUefiMicrosoftKek;
-extern const unsigned char g_abUefiMicrosoftCa[];
-extern const unsigned g_cbUefiMicrosoftCa;
+extern const unsigned char g_abUefiMicrosoftKek2023[];
+extern const unsigned g_cbUefiMicrosoftKek2023;
-extern const unsigned char g_abUefiMicrosoftProPca[];
-extern const unsigned g_cbUefiMicrosoftProPca;
+extern const unsigned char g_abUefiMicrosoft3rdCa[];
+extern const unsigned g_cbUefiMicrosoft3rdCa;
+
+extern const unsigned char g_abUefiMicrosoft3rdCa2023[];
+extern const unsigned g_cbUefiMicrosoft3rdCa2023;
+
+extern const unsigned char g_abUefiMicrosoftWinCa[];
+extern const unsigned g_cbUefiMicrosoftWinCa;
+
+extern const unsigned char g_abUefiMicrosoftWinCa2023[];
+extern const unsigned g_cbUefiMicrosoftWinCa2023;
extern const unsigned char g_abUefiOracleDefPk[];
extern const unsigned g_cbUefiOracleDefPk;
diff --git a/src/VBox/Main/include/netif.h b/src/VBox/Main/include/netif.h
index 3d344914..cf6a2853 100644
--- a/src/VBox/Main/include/netif.h
+++ b/src/VBox/Main/include/netif.h
@@ -43,6 +43,13 @@
# include <stdio.h>
#endif /* !RT_OS_WINDOWS */
+#ifdef RT_OS_LINUX
+# include <linux/version.h>
+# if LINUX_VERSION_CODE >= KERNEL_VERSION(3,10,0) /* proc_ns introduced */
+# define VBOXNETFLT_LINUX_NAMESPACE_SUPPORT
+# endif
+#endif
+
#define VBOXNET_IPV4ADDR_DEFAULT 0x0138A8C0 /* 192.168.56.1 */
#define VBOXNET_IPV4MASK_DEFAULT "255.255.255.0"
diff --git a/src/VBox/Main/src-client/ConsoleImpl.cpp b/src/VBox/Main/src-client/ConsoleImpl.cpp
index 6d94eb1f..c28eda2a 100644
--- a/src/VBox/Main/src-client/ConsoleImpl.cpp
+++ b/src/VBox/Main/src-client/ConsoleImpl.cpp
@@ -7500,8 +7500,11 @@ int Console::i_recordingStart(util::AutoWriteLock *pAutoLock /* = NULL */)
/**
* Stops recording. Does nothing if recording is not active.
+ *
+ * Note: This does *not* disable recording for a VM, in other words,
+ * it does not change the VM's recording (enabled) setting.
*/
-int Console::i_recordingStop(util::AutoWriteLock *pAutoLock /* = NULL */)
+int Console::i_recordingStop(util::AutoWriteLock *)
{
if (!mRecording.mCtx.IsStarted())
return VINF_SUCCESS;
@@ -7514,18 +7517,6 @@ int Console::i_recordingStop(util::AutoWriteLock *pAutoLock /* = NULL */)
const size_t cStreams = mRecording.mCtx.GetStreamCount();
for (unsigned uScreen = 0; uScreen < cStreams; ++uScreen)
mDisplay->i_recordingScreenChanged(uScreen);
-
- if (pAutoLock)
- pAutoLock->release();
-
- ComPtr<IRecordingSettings> pRecordSettings;
- HRESULT hrc = mMachine->COMGETTER(RecordingSettings)(pRecordSettings.asOutParam());
- ComAssertComRC(hrc);
- hrc = pRecordSettings->COMSETTER(Enabled)(FALSE);
- ComAssertComRC(hrc);
-
- if (pAutoLock)
- pAutoLock->acquire();
}
LogFlowFuncLeaveRC(vrc);
diff --git a/src/VBox/Main/src-client/ConsoleImpl2.cpp b/src/VBox/Main/src-client/ConsoleImpl2.cpp
index 3576c493..cf57754d 100644
--- a/src/VBox/Main/src-client/ConsoleImpl2.cpp
+++ b/src/VBox/Main/src-client/ConsoleImpl2.cpp
@@ -145,6 +145,9 @@
# include "ExtPackManagerImpl.h"
#endif
+/** The TPM PPI MMIO base default (compatible with qemu). */
+#define TPM_PPI_MMIO_BASE_DEFAULT UINT64_C(0xfed45000)
+
/*********************************************************************************************************************************
* Internal Functions *
@@ -1928,6 +1931,58 @@ int Console::i_configConstructorInner(PUVM pUVM, PVM pVM, PCVMMR3VTABLE pVMM, Au
N_("Invalid graphics controller type '%d'"), enmGraphicsController);
}
+#if defined(VBOX_WITH_TPM)
+ /*
+ * Configure the Trusted Platform Module.
+ */
+ ComObjPtr<ITrustedPlatformModule> ptrTpm;
+ TpmType_T enmTpmType = TpmType_None;
+
+ hrc = pMachine->COMGETTER(TrustedPlatformModule)(ptrTpm.asOutParam()); H();
+ hrc = ptrTpm->COMGETTER(Type)(&enmTpmType); H();
+ if (enmTpmType != TpmType_None)
+ {
+ InsertConfigNode(pDevices, "tpm", &pDev);
+ InsertConfigNode(pDev, "0", &pInst);
+ InsertConfigInteger(pInst, "Trusted", 1); /* boolean */
+ InsertConfigNode(pInst, "Config", &pCfg);
+ InsertConfigNode(pInst, "LUN#0", &pLunL0);
+
+ switch (enmTpmType)
+ {
+ case TpmType_v1_2:
+ case TpmType_v2_0:
+ InsertConfigString(pLunL0, "Driver", "TpmEmuTpms");
+ InsertConfigNode(pLunL0, "Config", &pCfg);
+ InsertConfigInteger(pCfg, "TpmVersion", enmTpmType == TpmType_v1_2 ? 1 : 2);
+ InsertConfigNode(pLunL0, "AttachedDriver", &pLunL1);
+ InsertConfigString(pLunL1, "Driver", "NvramStore");
+ break;
+ case TpmType_Host:
+#if defined(RT_OS_LINUX) || defined(RT_OS_WINDOWS)
+ InsertConfigString(pLunL0, "Driver", "TpmHost");
+ InsertConfigNode(pLunL0, "Config", &pCfg);
+#endif
+ break;
+ case TpmType_Swtpm:
+ hrc = ptrTpm->COMGETTER(Location)(bstr.asOutParam()); H();
+ InsertConfigString(pLunL0, "Driver", "TpmEmu");
+ InsertConfigNode(pLunL0, "Config", &pCfg);
+ InsertConfigString(pCfg, "Location", bstr);
+ break;
+ default:
+ AssertFailedBreak();
+ }
+
+ /* Add the device for the physical presence interface. */
+ InsertConfigNode( pDevices, "tpm-ppi", &pDev);
+ InsertConfigNode( pDev, "0", &pInst);
+ InsertConfigInteger(pInst, "Trusted", 1); /* boolean */
+ InsertConfigNode( pInst, "Config", &pCfg);
+ InsertConfigInteger(pCfg, "MmioBase", TPM_PPI_MMIO_BASE_DEFAULT);
+ }
+#endif
+
/*
* Firmware.
*/
@@ -2116,6 +2171,9 @@ int Console::i_configConstructorInner(PUVM pUVM, PVM pVM, PCVMMR3VTABLE pVMM, Au
InsertConfigInteger(pCfg, "DmiExposeMemoryTable", 1);
}
+ if (enmTpmType != TpmType_None)
+ InsertConfigInteger(pCfg, "TpmPpiBase", TPM_PPI_MMIO_BASE_DEFAULT);
+
/* Attach the NVRAM storage driver. */
InsertConfigNode(pInst, "LUN#0", &pLunL0);
InsertConfigString(pLunL0, "Driver", "NvramStore");
@@ -3540,51 +3598,6 @@ int Console::i_configConstructorInner(PUVM pUVM, PVM pVM, PCVMMR3VTABLE pVMM, Au
}
#endif /* VBOX_WITH_DRAG_AND_DROP */
-#if defined(VBOX_WITH_TPM)
- /*
- * Configure the Trusted Platform Module.
- */
- ComObjPtr<ITrustedPlatformModule> ptrTpm;
- TpmType_T enmTpmType = TpmType_None;
-
- hrc = pMachine->COMGETTER(TrustedPlatformModule)(ptrTpm.asOutParam()); H();
- hrc = ptrTpm->COMGETTER(Type)(&enmTpmType); H();
- if (enmTpmType != TpmType_None)
- {
- InsertConfigNode(pDevices, "tpm", &pDev);
- InsertConfigNode(pDev, "0", &pInst);
- InsertConfigInteger(pInst, "Trusted", 1); /* boolean */
- InsertConfigNode(pInst, "Config", &pCfg);
- InsertConfigNode(pInst, "LUN#0", &pLunL0);
-
- switch (enmTpmType)
- {
- case TpmType_v1_2:
- case TpmType_v2_0:
- InsertConfigString(pLunL0, "Driver", "TpmEmuTpms");
- InsertConfigNode(pLunL0, "Config", &pCfg);
- InsertConfigInteger(pCfg, "TpmVersion", enmTpmType == TpmType_v1_2 ? 1 : 2);
- InsertConfigNode(pLunL0, "AttachedDriver", &pLunL1);
- InsertConfigString(pLunL1, "Driver", "NvramStore");
- break;
- case TpmType_Host:
-#if defined(RT_OS_LINUX) || defined(RT_OS_WINDOWS)
- InsertConfigString(pLunL0, "Driver", "TpmHost");
- InsertConfigNode(pLunL0, "Config", &pCfg);
-#endif
- break;
- case TpmType_Swtpm:
- hrc = ptrTpm->COMGETTER(Location)(bstr.asOutParam()); H();
- InsertConfigString(pLunL0, "Driver", "TpmEmu");
- InsertConfigNode(pLunL0, "Config", &pCfg);
- InsertConfigString(pCfg, "Location", bstr);
- break;
- default:
- AssertFailedBreak();
- }
- }
-#endif
-
/*
* ACPI
*/
@@ -6203,6 +6216,17 @@ int Console::i_configNetwork(const char *pszDevice,
close(iSock);
}
}
+# ifdef VBOXNETFLT_LINUX_NAMESPACE_SUPPORT
+ RTUUID IfaceUuid;
+ Bstr IfId;
+ hrc = hostInterface->COMGETTER(Id)(IfId.asOutParam()); H();
+ vrc = RTUuidFromUtf16(&IfaceUuid, IfId.raw());
+ AssertRCReturn(vrc, vrc);
+ char szTrunkNameWithNamespace[INTNET_MAX_TRUNK_NAME];
+ RTStrPrintf(szTrunkNameWithNamespace, sizeof(szTrunkNameWithNamespace), "%u/%s",
+ IfaceUuid.au32[0], pszTrunk);
+ pszTrunk = szTrunkNameWithNamespace;
+# endif
# else
# error "PORTME (VBOX_WITH_NETFLT)"
diff --git a/src/VBox/Main/src-client/GuestSessionImplTasks.cpp b/src/VBox/Main/src-client/GuestSessionImplTasks.cpp
index 9a74e050..b8666f20 100644
--- a/src/VBox/Main/src-client/GuestSessionImplTasks.cpp
+++ b/src/VBox/Main/src-client/GuestSessionImplTasks.cpp
@@ -2571,7 +2571,7 @@ int GuestSessionTaskUpdateAdditions::copyFileToGuest(GuestSession *pSession, RTV
vrc = RTVfsFileQuerySize(hVfsFile, &cbSrcSize);
if (RT_SUCCESS(vrc))
{
- LogRel(("Copying Guest Additions installer file \"%s\" to \"%s\" on guest ...\n",
+ LogRel(("Guest Additions Update: Copying installer file \"%s\" to \"%s\" on guest ...\n",
strFileSrc.c_str(), strFileDst.c_str()));
GuestFileOpenInfo dstOpenInfo;
@@ -2588,13 +2588,14 @@ int GuestSessionTaskUpdateAdditions::copyFileToGuest(GuestSession *pSession, RTV
switch (vrc)
{
case VERR_GSTCTL_GUEST_ERROR:
- setProgressErrorMsg(VBOX_E_IPRT_ERROR, GuestFile::i_guestErrorToString(vrcGuest, strFileDst.c_str()));
+ setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR,
+ GuestFile::i_guestErrorToString(vrcGuest, strFileDst.c_str()));
break;
default:
- setProgressErrorMsg(VBOX_E_IPRT_ERROR,
- Utf8StrFmt(tr("Guest file \"%s\" could not be opened: %Rrc"),
- strFileDst.c_str(), vrc));
+ setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR,
+ Utf8StrFmt(tr("Guest file \"%s\" could not be opened: %Rrc"),
+ strFileDst.c_str(), vrc));
break;
}
}
@@ -2617,6 +2618,34 @@ int GuestSessionTaskUpdateAdditions::copyFileToGuest(GuestSession *pSession, RTV
}
/**
+ * Sets an update error message to the current progress object + logs to release log.
+ *
+ * @returns Returns \a hrc for convenience.
+ * @param hrc Progress operation result to set.
+ * @param strMsg Message to set.
+ */
+HRESULT GuestSessionTaskUpdateAdditions::setUpdateErrorMsg(HRESULT hrc, const Utf8Str &strMsg)
+{
+ Utf8Str const strLog = "Guest Additions Update failed: " + strMsg;
+ LogRel(("%s\n", strLog.c_str()));
+ return GuestSessionTask::setProgressErrorMsg(hrc, strLog);
+}
+
+/**
+ * Sets an update error message to the current progress object + logs to release log.
+ *
+ * @returns Returns \a hrc for convenience.
+ * @param hrc Progress operation result to set.
+ * @param strMsg Message to set.
+ * @param guestErrorInfo Guest error info to use.
+ */
+HRESULT GuestSessionTaskUpdateAdditions::setUpdateErrorMsg(HRESULT hrc, const Utf8Str &strMsg, const GuestErrorInfo &guestErrorInfo)
+{
+ Utf8Str const strLog = strMsg + Utf8Str(": ") + GuestBase::getErrorAsString(guestErrorInfo);
+ return GuestSessionTaskUpdateAdditions::setProgressErrorMsg(hrc, strLog);
+}
+
+/**
* Helper function to run (start) a file on the guest.
*
* @returns VBox status code.
@@ -2628,7 +2657,7 @@ int GuestSessionTaskUpdateAdditions::runFileOnGuest(GuestSession *pSession, Gues
{
AssertPtrReturn(pSession, VERR_INVALID_POINTER);
- LogRel(("Running %s ...\n", procInfo.mName.c_str()));
+ LogRel(("Guest Additions Update: Running \"%s\" ...\n", procInfo.mName.c_str()));
GuestProcessTool procTool;
int vrcGuest = VERR_IPE_UNINITIALIZED_STATUS;
@@ -2647,26 +2676,26 @@ int GuestSessionTaskUpdateAdditions::runFileOnGuest(GuestSession *pSession, Gues
switch (vrc)
{
case VERR_GSTCTL_PROCESS_EXIT_CODE:
- setProgressErrorMsg(VBOX_E_IPRT_ERROR,
- Utf8StrFmt(tr("Running update file \"%s\" on guest failed: %Rrc"),
- procInfo.mExecutable.c_str(), procTool.getRc()));
+ setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR,
+ Utf8StrFmt(tr("Running update file \"%s\" on guest failed: %Rrc"),
+ procInfo.mExecutable.c_str(), procTool.getRc()));
break;
case VERR_GSTCTL_GUEST_ERROR:
- setProgressErrorMsg(VBOX_E_IPRT_ERROR, tr("Running update file on guest failed"),
- GuestErrorInfo(GuestErrorInfo::Type_Process, vrcGuest, procInfo.mExecutable.c_str()));
+ setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR, tr("Running update file on guest failed"),
+ GuestErrorInfo(GuestErrorInfo::Type_Process, vrcGuest, procInfo.mExecutable.c_str()));
break;
case VERR_INVALID_STATE: /** @todo Special guest control vrc needed! */
- setProgressErrorMsg(VBOX_E_IPRT_ERROR,
- Utf8StrFmt(tr("Update file \"%s\" reported invalid running state"),
- procInfo.mExecutable.c_str()));
+ setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR,
+ Utf8StrFmt(tr("Update file \"%s\" reported invalid running state"),
+ procInfo.mExecutable.c_str()));
break;
default:
- setProgressErrorMsg(VBOX_E_IPRT_ERROR,
- Utf8StrFmt(tr("Error while running update file \"%s\" on guest: %Rrc"),
- procInfo.mExecutable.c_str(), vrc));
+ setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR,
+ Utf8StrFmt(tr("Error while running update file \"%s\" on guest: %Rrc"),
+ procInfo.mExecutable.c_str(), vrc));
break;
}
}
@@ -2708,16 +2737,14 @@ int GuestSessionTaskUpdateAdditions::checkGuestAdditionsStatus(GuestSession *pSe
vrc = runFileOnGuest(pSession, procInfo, true /* fSilent */);
if (RT_FAILURE(vrc))
- hrc = setProgressErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR,
- Utf8StrFmt(tr("Automatic update of Guest Additions has failed: "
- "files were installed, but user services were not reloaded automatically. "
- "Please consider rebooting the guest")));
+ hrc = setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR,
+ Utf8StrFmt(tr("Files were installed, but user services were not reloaded automatically. "
+ "Please consider rebooting the guest")));
}
else
- hrc = setProgressErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR,
- Utf8StrFmt(tr("Automatic update of Guest Additions has failed: "
- "files were installed, but kernel modules were not reloaded automatically. "
- "Please consider rebooting the guest")));
+ hrc = setUpdateErrorMsg(VBOX_E_GSTCTL_GUEST_ERROR,
+ Utf8StrFmt(tr("Files were installed, but kernel modules were not reloaded automatically. "
+ "Please consider rebooting the guest")));
}
return vrc;
@@ -2768,9 +2795,9 @@ int GuestSessionTaskUpdateAdditions::waitForGuestSession(ComObjPtr<Guest> pGuest
/* Make sure Guest Additions were reloaded on the guest side. */
vrc = checkGuestAdditionsStatus(pSession, osType);
if (RT_SUCCESS(vrc))
- LogRel(("Guest Additions were successfully reloaded after installation\n"));
+ LogRel(("Guest Additions Update: Guest Additions were successfully reloaded after installation\n"));
else
- LogRel(("Guest Additions were failed to reload after installation, please consider rebooting the guest\n"));
+ LogRel(("Guest Additions Update: Guest Additions were failed to reload after installation, please consider rebooting the guest\n"));
vrc = pSession->Close();
vrcRet = VINF_SUCCESS;
@@ -2805,7 +2832,7 @@ int GuestSessionTaskUpdateAdditions::Run(void)
HRESULT hrc = S_OK;
- LogRel(("Automatic update of Guest Additions started, using \"%s\"\n", mSource.c_str()));
+ LogRel(("Guest Additions Update: Automatic update started, using \"%s\"\n", mSource.c_str()));
ComObjPtr<Guest> pGuest(mSession->i_getParent());
#if 0
@@ -2829,8 +2856,8 @@ int GuestSessionTaskUpdateAdditions::Run(void)
if (FAILED(hrc)) vrc = VERR_TIMEOUT;
if (vrc == VERR_TIMEOUT)
- hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED,
- Utf8StrFmt(tr("Guest Additions were not ready within time, giving up")));
+ hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED,
+ Utf8StrFmt(tr("Guest Additions were not ready within time, giving up")));
#else
/*
* For use with the GUI we don't want to wait, just return so that the manual .ISO mounting
@@ -2842,11 +2869,11 @@ int GuestSessionTaskUpdateAdditions::Run(void)
&& addsRunLevel != AdditionsRunLevelType_Desktop))
{
if (addsRunLevel == AdditionsRunLevelType_System)
- hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED,
- Utf8StrFmt(tr("Guest Additions are installed but not fully loaded yet, aborting automatic update")));
+ hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED,
+ Utf8StrFmt(tr("Guest Additions are installed but not fully loaded yet, aborting automatic update")));
else
- hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED,
- Utf8StrFmt(tr("Guest Additions not installed or ready, aborting automatic update")));
+ hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED,
+ Utf8StrFmt(tr("Guest Additions not installed or ready, aborting automatic update")));
vrc = VERR_NOT_SUPPORTED;
}
#endif
@@ -2862,9 +2889,9 @@ int GuestSessionTaskUpdateAdditions::Run(void)
if ( RT_SUCCESS(vrc)
&& RTStrVersionCompare(strAddsVer.c_str(), "4.1") < 0)
{
- hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED,
- Utf8StrFmt(tr("Guest has too old Guest Additions (%s) installed for automatic updating, please update manually"),
- strAddsVer.c_str()));
+ hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED,
+ Utf8StrFmt(tr("Guest has too old Guest Additions (%s) installed for automatic updating, please update manually"),
+ strAddsVer.c_str()));
vrc = VERR_NOT_SUPPORTED;
}
}
@@ -2891,8 +2918,8 @@ int GuestSessionTaskUpdateAdditions::Run(void)
vrc = getGuestProperty(pGuest, "/VirtualBox/GuestInfo/OS/Release", strOSVer);
if (RT_FAILURE(vrc))
{
- hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED,
- Utf8StrFmt(tr("Unable to detected guest OS version, please update manually")));
+ hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED,
+ Utf8StrFmt(tr("Unable to detected guest OS version, please update manually")));
vrc = VERR_NOT_SUPPORTED;
}
@@ -2911,17 +2938,17 @@ int GuestSessionTaskUpdateAdditions::Run(void)
* (and the user has to deal with it in the guest). */
if (!(mFlags & AdditionsUpdateFlag_WaitForUpdateStartOnly))
{
- hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED,
- Utf8StrFmt(tr("Windows 2000 and XP are not supported for automatic updating due to WHQL interaction, please update manually")));
+ hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED,
+ Utf8StrFmt(tr("Windows 2000 and XP are not supported for automatic updating due to WHQL interaction, please update manually")));
vrc = VERR_NOT_SUPPORTED;
}
}
}
else
{
- hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED,
- Utf8StrFmt(tr("%s (%s) not supported for automatic updating, please update manually"),
- strOSType.c_str(), strOSVer.c_str()));
+ hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED,
+ Utf8StrFmt(tr("%s (%s) not supported for automatic updating, please update manually"),
+ strOSType.c_str(), strOSVer.c_str()));
vrc = VERR_NOT_SUPPORTED;
}
}
@@ -2937,9 +2964,9 @@ int GuestSessionTaskUpdateAdditions::Run(void)
&& osType != eOSType_Linux))
/** @todo Support Solaris. */
{
- hrc = setProgressErrorMsg(VBOX_E_NOT_SUPPORTED,
- Utf8StrFmt(tr("Detected guest OS (%s) does not support automatic Guest Additions updating, please update manually"),
- strOSType.c_str()));
+ hrc = setUpdateErrorMsg(VBOX_E_NOT_SUPPORTED,
+ Utf8StrFmt(tr("Detected guest OS (%s) does not support automatic Guest Additions updating, please update manually"),
+ strOSType.c_str()));
vrc = VERR_NOT_SUPPORTED;
}
}
@@ -2954,9 +2981,9 @@ int GuestSessionTaskUpdateAdditions::Run(void)
vrc = RTVfsFileOpenNormal(mSource.c_str(), RTFILE_O_OPEN | RTFILE_O_READ | RTFILE_O_DENY_WRITE, &hVfsFileIso);
if (RT_FAILURE(vrc))
{
- hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR,
- Utf8StrFmt(tr("Unable to open Guest Additions .ISO file \"%s\": %Rrc"),
- mSource.c_str(), vrc));
+ hrc = setUpdateErrorMsg(VBOX_E_IPRT_ERROR,
+ Utf8StrFmt(tr("Unable to open Guest Additions .ISO file \"%s\": %Rrc"),
+ mSource.c_str(), vrc));
}
else
{
@@ -2964,8 +2991,8 @@ int GuestSessionTaskUpdateAdditions::Run(void)
vrc = RTFsIso9660VolOpen(hVfsFileIso, 0 /*fFlags*/, &hVfsIso, NULL);
if (RT_FAILURE(vrc))
{
- hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR,
- Utf8StrFmt(tr("Unable to open file as ISO 9660 file system volume: %Rrc"), vrc));
+ hrc = setUpdateErrorMsg(VBOX_E_IPRT_ERROR,
+ Utf8StrFmt(tr("Unable to open file as ISO 9660 file system volume: %Rrc"), vrc));
}
else
{
@@ -2990,21 +3017,21 @@ int GuestSessionTaskUpdateAdditions::Run(void)
else
strUpdateDir.append("/");
- LogRel(("Guest Additions update directory is: %s\n", strUpdateDir.c_str()));
+ LogRel(("Guest Additions Update: Update directory is '%s'\n", strUpdateDir.c_str()));
}
else
{
switch (vrc)
{
case VERR_GSTCTL_GUEST_ERROR:
- hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR, tr("Creating update directory on guest failed"),
- GuestErrorInfo(GuestErrorInfo::Type_Directory, vrcGuest, strUpdateDir.c_str()));
+ hrc = setUpdateErrorMsg(VBOX_E_IPRT_ERROR, tr("Creating update directory on guest failed"),
+ GuestErrorInfo(GuestErrorInfo::Type_Directory, vrcGuest, strUpdateDir.c_str()));
break;
default:
- hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR,
- Utf8StrFmt(tr("Creating update directory \"%s\" on guest failed: %Rrc"),
- strUpdateDir.c_str(), vrc));
+ hrc = setUpdateErrorMsg(VBOX_E_IPRT_ERROR,
+ Utf8StrFmt(tr("Creating update directory \"%s\" on guest failed: %Rrc"),
+ strUpdateDir.c_str(), vrc));
break;
}
}
@@ -3028,10 +3055,10 @@ int GuestSessionTaskUpdateAdditions::Run(void)
if (RTStrVersionCompare(strOSVer.c_str(), "5.0") >= 0)
{
fInstallCert = true;
- LogRel(("Certificates for auto updating WHQL drivers will be installed\n"));
+ LogRel(("Guest Additions Update: Certificates for auto updating WHQL drivers will be installed\n"));
}
else
- LogRel(("Skipping installation of certificates for WHQL drivers\n"));
+ LogRel(("Guest Additions Update: Skipping installation of certificates for WHQL drivers\n"));
if (fInstallCert)
{
@@ -3176,7 +3203,7 @@ int GuestSessionTaskUpdateAdditions::Run(void)
uint8_t uOffset = 20; /* Start at 20%. */
uint8_t uStep = 40 / (uint8_t)mFiles.size(); Assert(mFiles.size() <= 10);
- LogRel(("Copying over Guest Additions update files to the guest ...\n"));
+ LogRel(("Guest Additions Update: Copying over update files to the guest ...\n"));
std::vector<ISOFile>::const_iterator itFiles = mFiles.begin();
while (itFiles != mFiles.end())
@@ -3189,9 +3216,9 @@ int GuestSessionTaskUpdateAdditions::Run(void)
vrc = copyFileToGuest(pSession, hVfsIso, itFiles->strSource, itFiles->strDest, fOptional);
if (RT_FAILURE(vrc))
{
- hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR,
- Utf8StrFmt(tr("Error while copying file \"%s\" to \"%s\" on the guest: %Rrc"),
- itFiles->strSource.c_str(), itFiles->strDest.c_str(), vrc));
+ hrc = setUpdateErrorMsg(VBOX_E_IPRT_ERROR,
+ Utf8StrFmt(tr("Error while copying file \"%s\" to \"%s\" on the guest: %Rrc"),
+ itFiles->strSource.c_str(), itFiles->strDest.c_str(), vrc));
break;
}
}
@@ -3215,7 +3242,7 @@ int GuestSessionTaskUpdateAdditions::Run(void)
uint8_t uOffset = 60; /* Start at 60%. */
uint8_t uStep = 35 / (uint8_t)mFiles.size(); Assert(mFiles.size() <= 10);
- LogRel(("Executing Guest Additions update files ...\n"));
+ LogRel(("Guest Additions Update: Executing update files ...\n"));
std::vector<ISOFile>::iterator itFiles = mFiles.begin();
while (itFiles != mFiles.end())
@@ -3247,27 +3274,26 @@ int GuestSessionTaskUpdateAdditions::Run(void)
{
if (pSession->i_isTerminated())
{
- LogRel(("Old guest session has terminated, waiting updated guest services to start\n"));
+ LogRel(("Guest Additions Update: Old guest session has terminated, waiting updated guest services to start\n"));
/* Wait for VBoxService to restart. */
vrc = waitForGuestSession(pSession->i_getParent(), osType);
if (RT_FAILURE(vrc))
- hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR,
- Utf8StrFmt(tr("Automatic update of Guest Additions has failed: "
- "guest services were not restarted, please reinstall Guest Additions manually")));
+ hrc = setUpdateErrorMsg(VBOX_E_IPRT_ERROR,
+ Utf8StrFmt(tr("Guest services were not restarted, please reinstall Guest Additions manually")));
}
else
{
vrc = VERR_TRY_AGAIN;
- hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR,
- Utf8StrFmt(tr("Old guest session is still active, guest services were not restarted "
- "after installation, please reinstall Guest Additions manually")));
+ hrc = setUpdateErrorMsg(VBOX_E_IPRT_ERROR,
+ Utf8StrFmt(tr("Old guest session is still active, guest services were not restarted "
+ "after installation, please reinstall Guest Additions manually")));
}
}
if (RT_SUCCESS(vrc))
{
- LogRel(("Automatic update of Guest Additions succeeded\n"));
+ LogRel(("Guest Additions Update: Automatic update succeeded\n"));
hrc = setProgressSuccess();
}
}
@@ -3281,17 +3307,17 @@ int GuestSessionTaskUpdateAdditions::Run(void)
{
if (vrc == VERR_CANCELLED)
{
- LogRel(("Automatic update of Guest Additions was canceled\n"));
+ LogRel(("Guest Additions Update: Automatic update was canceled\n"));
- hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR,
- Utf8StrFmt(tr("Installation was canceled")));
+ hrc = setUpdateErrorMsg(E_ABORT,
+ Utf8StrFmt(tr("Operation was canceled")));
}
else if (vrc == VERR_TIMEOUT)
{
- LogRel(("Automatic update of Guest Additions has timed out\n"));
+ LogRel(("Guest Additions Update: Automatic update has timed out\n"));
- hrc = setProgressErrorMsg(VBOX_E_IPRT_ERROR,
- Utf8StrFmt(tr("Installation has timed out")));
+ hrc = setUpdateErrorMsg(E_FAIL,
+ Utf8StrFmt(tr("Operation has timed out")));
}
else
{
@@ -3313,11 +3339,11 @@ int GuestSessionTaskUpdateAdditions::Run(void)
}
}
- LogRel(("Automatic update of Guest Additions failed: %s (%Rhrc)\n",
- strError.c_str(), hrc));
+ LogRel(("Guest Additions Update: Automatic update failed: %s (vrc=%Rrc, hrc=%Rhrc)\n",
+ strError.c_str(), vrc, hrc));
}
- LogRel(("Please install Guest Additions manually\n"));
+ LogRel(("Guest Additions Update: An error has occurred (see above). Please install Guest Additions manually\n"));
}
/** @todo Clean up copied / left over installation files. */
diff --git a/src/VBox/Main/src-client/RecordingStream.cpp b/src/VBox/Main/src-client/RecordingStream.cpp
index dad3e5c5..63ddb86f 100644
--- a/src/VBox/Main/src-client/RecordingStream.cpp
+++ b/src/VBox/Main/src-client/RecordingStream.cpp
@@ -418,9 +418,9 @@ int RecordingStream::SendAudioFrame(const void *pvData, size_t cbData, uint64_t
/**
* Sends a raw (e.g. not yet encoded) video frame to the recording stream.
*
- * @returns VBox status code. Will return VINF_RECORDING_LIMIT_REACHED if the stream's recording
- * limit has been reached or VINF_RECORDING_THROTTLED if the frame is too early for the current
- * FPS setting.
+ * @returns VBox status code.
+ * @retval VINF_RECORDING_LIMIT_REACHED if the stream's recording limit has been reached.
+ * @retval VINF_RECORDING_THROTTLED if the frame is too early for the current FPS setting.
* @param x Upper left (X) coordinate where the video frame starts.
* @param y Upper left (Y) coordinate where the video frame starts.
* @param uPixelFormat Pixel format of the video frame.
@@ -435,7 +435,9 @@ int RecordingStream::SendVideoFrame(uint32_t x, uint32_t y, uint32_t uPixelForma
uint32_t uSrcWidth, uint32_t uSrcHeight, uint8_t *puSrcData, uint64_t msTimestamp)
{
AssertPtrReturn(m_pCtx, VERR_WRONG_ORDER);
- AssertReturn(NeedsUpdate(msTimestamp), VINF_RECORDING_THROTTLED); /* We ASSUME that the caller checked that first. */
+
+ if (RT_UNLIKELY(!NeedsUpdate(msTimestamp)))
+ return VINF_RECORDING_THROTTLED;
lock();
diff --git a/src/VBox/Main/src-server/UefiVariableStoreImpl.cpp b/src/VBox/Main/src-server/UefiVariableStoreImpl.cpp
index 2515599f..43ec2695 100644
--- a/src/VBox/Main/src-server/UefiVariableStoreImpl.cpp
+++ b/src/VBox/Main/src-server/UefiVariableStoreImpl.cpp
@@ -543,11 +543,26 @@ HRESULT UefiVariableStore::enrollDefaultMsSignatures(void)
GuidMs, SignatureType_X509);
if (SUCCEEDED(hrc))
{
- hrc = i_uefiVarStoreAddSignatureToDb(&EfiGuidSecurityDb, "db", g_abUefiMicrosoftCa, g_cbUefiMicrosoftCa,
+ hrc = i_uefiVarStoreAddSignatureToDb(&EfiGuidGlobalVar, "KEK", g_abUefiMicrosoftKek2023, g_cbUefiMicrosoftKek2023,
GuidMs, SignatureType_X509);
if (SUCCEEDED(hrc))
- hrc = i_uefiVarStoreAddSignatureToDb(&EfiGuidSecurityDb, "db", g_abUefiMicrosoftProPca, g_cbUefiMicrosoftProPca,
+ {
+ hrc = i_uefiVarStoreAddSignatureToDb(&EfiGuidSecurityDb, "db", g_abUefiMicrosoft3rdCa, g_cbUefiMicrosoft3rdCa,
GuidMs, SignatureType_X509);
+ if (SUCCEEDED(hrc))
+ {
+ hrc = i_uefiVarStoreAddSignatureToDb(&EfiGuidSecurityDb, "db", g_abUefiMicrosoft3rdCa2023, g_cbUefiMicrosoft3rdCa2023,
+ GuidMs, SignatureType_X509);
+ if (SUCCEEDED(hrc))
+ {
+ hrc = i_uefiVarStoreAddSignatureToDb(&EfiGuidSecurityDb, "db", g_abUefiMicrosoftWinCa, g_cbUefiMicrosoftWinCa,
+ GuidMs, SignatureType_X509);
+ if (SUCCEEDED(hrc))
+ hrc = i_uefiVarStoreAddSignatureToDb(&EfiGuidSecurityDb, "db", g_abUefiMicrosoftWinCa2023, g_cbUefiMicrosoftWinCa2023,
+ GuidMs, SignatureType_X509);
+ }
+ }
+ }
}
i_releaseUefiVariableStore();
diff --git a/src/VBox/Main/src-server/linux/NetIf-linux.cpp b/src/VBox/Main/src-server/linux/NetIf-linux.cpp
index f4a99eeb..83ab3b3b 100644
--- a/src/VBox/Main/src-server/linux/NetIf-linux.cpp
+++ b/src/VBox/Main/src-server/linux/NetIf-linux.cpp
@@ -43,6 +43,7 @@
#include <stdio.h>
#include <unistd.h>
#include <iprt/asm.h>
+#include <errno.h>
#include "HostNetworkInterfaceImpl.h"
#include "netif.h"
@@ -154,7 +155,27 @@ static int getInterfaceInfo(int iSocket, const char *pszName, PNETIFINFO pInfo)
/* Generate UUID from name and MAC address. */
RTUUID uuid;
RTUuidClear(&uuid);
+#ifdef VBOXNETFLT_LINUX_NAMESPACE_SUPPORT
+ uuid.au32[0] = 0; /* Use 0 as the indicator of missing namespace info. */
+ /*
+ * Namespace links use the following naming convention: "net:[1234567890]".
+ * The maximum value of inode number is 4294967295, which gives up precisely
+ * 16 characters without terminating zero.
+ */
+ char szBuf[24];
+ ssize_t len = readlink("/proc/self/ns/net", szBuf, sizeof(szBuf) - 1);
+ if (len == -1)
+ Log(("NetIfList: Failed to get namespace for VBoxSVC, error %d\n", errno));
+ else if (!RTStrStartsWith(szBuf, "net:["))
+ Log(("NetIfList: Failed to get network namespace inode from %s\n", szBuf));
+ else
+ uuid.au32[0] = RTStrToUInt32(szBuf + 5);
+ Log(("NetIfList: VBoxSVC namespace inode %u\n", uuid.au32[0]));
+ /* Hashing the name is probably an overkill as MAC addresses should ensure uniqueness */
+ uuid.au32[1] = RTStrHash1(pszName);
+#else /* !VBOXNETFLT_LINUX_NAMESPACE_SUPPORT */
memcpy(&uuid, Req.ifr_name, RT_MIN(sizeof(Req.ifr_name), sizeof(uuid)));
+#endif /* !VBOXNETFLT_LINUX_NAMESPACE_SUPPORT */
uuid.Gen.u8ClockSeqHiAndReserved = (uint8_t)((uuid.Gen.u8ClockSeqHiAndReserved & 0x3f) | 0x80);
uuid.Gen.u16TimeHiAndVersion = (uint16_t)((uuid.Gen.u16TimeHiAndVersion & 0x0fff) | 0x4000);
memcpy(uuid.Gen.au8Node, &Req.ifr_hwaddr.sa_data, sizeof(uuid.Gen.au8Node));