virtualbox: Rebase hardened.patch on top of 5.1.22
The merge of the version bump in 6fb9f892 didn't take care of our patch for the hardening mode and thus enabling VirtualBox without also force-disabling hardening mode will result in a build error. While the patch is largely identical with the old version, I've removed one particular change around the following code: if (pFsObjState->Stat.st_mode & S_IWOTH) return supR3HardenedSetError3(VERR_SUPLIB_WORLD_WRITABLE, pErrInfo, "World writable: '", pszPath, "'"); In the old version of the patch we have checked whether the path is within the Nix store and suppressed the error return if that's the case. The reason why I did that in the first place was because we had a bunch of symlinks which were writable. In VirtualBox 5.1.22 the code specifically checks whether the file is a symlink, so we can safely drop our change. Tested via all of the "virtualbox" NixOS VM subtests and they now all succeed. Signed-off-by:aszlig <aszlig@redmoonstudios.org>
parent
fa6fd34f
Please register or sign in to comment