From ad75ac69416bbdb92964625dc7018b9d0a44debc Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 4 May 2024 03:47:11 +0200 Subject: Merging upstream version 7.0.18-dfsg. Signed-off-by: Daniel Baumann --- src/VBox/HostDrivers/Support/win/SUPHardenedVerifyProcess-win.cpp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src/VBox/HostDrivers/Support/win/SUPHardenedVerifyProcess-win.cpp') diff --git a/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyProcess-win.cpp b/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyProcess-win.cpp index ec6b6a0a..f7ef4408 100644 --- a/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyProcess-win.cpp +++ b/src/VBox/HostDrivers/Support/win/SUPHardenedVerifyProcess-win.cpp @@ -2147,7 +2147,7 @@ static int supHardNtLdrCacheNewEntry(PSUPHNTLDRCACHEENTRY pEntry, const char *ps * for this image. */ uint32_t fFlags = fDll - ? SUPHNTVI_F_TRUSTED_INSTALLER_OWNER | SUPHNTVI_F_ALLOW_CAT_FILE_VERIFICATION + ? SUPHNTVI_F_TRUSTED_INSTALLER_OR_SIMILAR_OWNER | SUPHNTVI_F_ALLOW_CAT_FILE_VERIFICATION : SUPHNTVI_F_REQUIRE_BUILD_CERT; if (f32bitResourceDll) fFlags |= SUPHNTVI_F_IGNORE_ARCHITECTURE; @@ -2394,10 +2394,12 @@ static int supHardNtVpCheckExe(PSUPHNTVPSTATE pThis) "NtQueryInformationProcess/ProcessImageInformation failed: %#x hProcess=%#x", rcNt, pThis->hProcess); } +#ifndef VBOX_WITHOUT_WINDOWS_KERNEL_CODE_SIGNING_CERT /* A kernel code signing cert is only via way to use /IntegrityCheck. */ if ( !(ImageInfo.DllCharacteristics & IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY)) return supHardNtVpSetInfo2(pThis, VERR_SUP_VP_EXE_MISSING_FORCE_INTEGRITY, "EXE DllCharacteristics=%#x, expected IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY to be set.", ImageInfo.DllCharacteristics); +#endif if (!(ImageInfo.DllCharacteristics & IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE)) return supHardNtVpSetInfo2(pThis, VERR_SUP_VP_EXE_MISSING_DYNAMIC_BASE, "EXE DllCharacteristics=%#x, expected IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE to be set.", -- cgit v1.2.3