As I mentioned before in
https://forums.virtualbox.org/viewtopic ... 4&start=15 and
https://forums.virtualbox.org/viewtopic.php?f=6&t=79820 the true cause for which Intel HD 3000 and older iGPUs are unable to provide Direct3D on guest is because Intel OpenGL ICD ig4icd64.dll instantly exits if the Host OS is Windows 10 and is detected as such by the application which loads it. In our case it's obviously Virtualbox.
So I decided to workaround.
The obvious choice for Windows Embedded PosReady 2009 which is XP based is Swiftshader 3.0, but I don't like the watermark being in the way. So I was down to 2 options:
-llvmpipe 32-bit +
wineD3D 1.7.52 both on guest. For a weird reason only
this llvmpipe build works, albeit is a bit slow (certificate error ahead, most likely an unmaintained website);
-digitally signed llvmpipe 64-bit
installed as an ICD replacement for the ancient OpenGL software renderer built into Windows on host + Guest Additions with Direct3D support and 3D acceleration enabled in VM settings as usual.
The last option should be slightly faster than the previous one due 2 reasons:
-it is a 64 bit DLL;
-it is the latest version at the moment of writing this.
Confirmed: CPU usage on host is at 69-75% when SopCast is running in fullscreen with minimum audio stutter (Intel Core i3-2375M 1.5 Ghz). Even further performance boost is hopped with Mesa 17. I/O APIC causes significant performance penalty, it definitely must be avoided.
The challenge was to get acceptance from hardened security.
I found this certificate authority called
Ascertia that provides free 30 days code signing certificates. I got one and signed the 64-bit llvmpipe DLL. One potential issue that made me feel uneasy right away is the fact the certificate has the aging SHA1 signature. I used this command to sign it in Visual Studio Developer Command Prompt:
- Code: Select all Expand viewCollapse view
signtool sign /a /t http://timestamp.digicert.com opengl32sw.dll
But it didn't work. Although Windows says the signature is OK, Virtualbox only shows a cryptic error in hardened security log. Something about an empty string that mustn't be empty. The only thing I can understand is that opengl32sw has been rejected. VM works just fine but no Direct3D.
Update: figured out the real cause. There are no special requirements for signature hash and digest algorithms yet, instead it appears you are not allowed to leave any certificate fields empty. These are in order along with their meaning:
-CN=Full Name;
OU=Organizational unit
O=Organization;
L=Locality
S=State
E=e-mail;
C=country.
Based on these findings I'll write a tutorial for those interested in exempting 1 file at a time from hardened security block. I did not bypassed any security put in place so this cannot be considered a vulnerability in Virtualbox. Only works for user-mode drivers (DLLs)