Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(214)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: sandbox/win/src/target_services.cc

Issue 10690058: Add sandbox support for Windows process mitigations (Closed) Base URL: https://src.chromium.org/svn/trunk/src/
Patch Set: Created 8 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« sandbox/win/src/sandbox_policy_base.cc ('K') | « sandbox/win/src/target_process.cc ('k') | sandbox/win/tests/common/controller.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "sandbox/win/src/target_services.h" 5 #include "sandbox/win/src/target_services.h"
6 6
7 #include <process.h> 7 #include <process.h>
8 8
9 #include "base/basictypes.h" 9 #include "base/basictypes.h"
10 #include "sandbox/win/src/crosscall_client.h" 10 #include "sandbox/win/src/crosscall_client.h"
11 #include "sandbox/win/src/handle_closer_agent.h" 11 #include "sandbox/win/src/handle_closer_agent.h"
12 #include "sandbox/win/src/handle_interception.h" 12 #include "sandbox/win/src/handle_interception.h"
13 #include "sandbox/win/src/ipc_tags.h" 13 #include "sandbox/win/src/ipc_tags.h"
14 #include "sandbox/win/src/process_mitigations.h"
14 #include "sandbox/win/src/restricted_token_utils.h" 15 #include "sandbox/win/src/restricted_token_utils.h"
15 #include "sandbox/win/src/sandbox.h" 16 #include "sandbox/win/src/sandbox.h"
16 #include "sandbox/win/src/sandbox_types.h" 17 #include "sandbox/win/src/sandbox_types.h"
17 #include "sandbox/win/src/sharedmem_ipc_client.h" 18 #include "sandbox/win/src/sharedmem_ipc_client.h"
18 #include "sandbox/win/src/sandbox_nt_util.h" 19 #include "sandbox/win/src/sandbox_nt_util.h"
19 20
20 namespace { 21 namespace {
21 22
22 // Flushing a cached key is triggered by just opening the key and closing the 23 // Flushing a cached key is triggered by just opening the key and closing the
23 // resulting handle. RegDisablePredefinedCache() is the documented way to flush 24 // resulting handle. RegDisablePredefinedCache() is the documented way to flush
(...skipping 30 matching lines...) Expand all
54 55
55 return true; 56 return true;
56 } 57 }
57 58
58 } // namespace 59 } // namespace
59 60
60 namespace sandbox { 61 namespace sandbox {
61 62
62 SANDBOX_INTERCEPT IntegrityLevel g_shared_delayed_integrity_level = 63 SANDBOX_INTERCEPT IntegrityLevel g_shared_delayed_integrity_level =
63 INTEGRITY_LEVEL_LAST; 64 INTEGRITY_LEVEL_LAST;
64 65
rvargas (doing something else) 2012/09/08 02:23:32 remove
jschuh 2012/09/10 23:58:48 Done.
66 SANDBOX_INTERCEPT uint64 g_shared_delayed_mitigations = 0;
67
65 TargetServicesBase::TargetServicesBase() { 68 TargetServicesBase::TargetServicesBase() {
66 } 69 }
67 70
68 ResultCode TargetServicesBase::Init() { 71 ResultCode TargetServicesBase::Init() {
69 process_state_.SetInitCalled(); 72 process_state_.SetInitCalled();
70 return SBOX_ALL_OK; 73 return SBOX_ALL_OK;
71 } 74 }
72 75
73 // Failure here is a breach of security so the process is terminated. 76 // Failure here is a breach of security so the process is terminated.
74 void TargetServicesBase::LowerToken() { 77 void TargetServicesBase::LowerToken() {
75 if (ERROR_SUCCESS != 78 if (ERROR_SUCCESS !=
76 SetProcessIntegrityLevel(g_shared_delayed_integrity_level)) 79 SetProcessIntegrityLevel(g_shared_delayed_integrity_level))
77 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_INTEGRITY); 80 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_INTEGRITY);
78 process_state_.SetRevertedToSelf(); 81 process_state_.SetRevertedToSelf();
79 // If the client code as called RegOpenKey, advapi32.dll has cached some 82 // If the client code as called RegOpenKey, advapi32.dll has cached some
80 // handles. The following code gets rid of them. 83 // handles. The following code gets rid of them.
81 if (!::RevertToSelf()) 84 if (!::RevertToSelf())
82 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_DROPTOKEN); 85 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_DROPTOKEN);
83 if (!FlushCachedRegHandles()) 86 if (!FlushCachedRegHandles())
84 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_FLUSHANDLES); 87 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_FLUSHANDLES);
85 if (ERROR_SUCCESS != ::RegDisablePredefinedCache()) 88 if (ERROR_SUCCESS != ::RegDisablePredefinedCache())
86 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_CACHEDISABLE); 89 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_CACHEDISABLE);
87 if (!CloseOpenHandles()) 90 if (!CloseOpenHandles())
88 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_CLOSEHANDLES); 91 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_CLOSEHANDLES);
92 // Enabling mitigations must happen last otherwise handle closing breaks
93 if (g_shared_delayed_mitigations &&
94 !SetProcessMitigationsForCurrentProcess(g_shared_delayed_mitigations))
95 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_MITIGATION);
89 } 96 }
90 97
91 ProcessState* TargetServicesBase::GetState() { 98 ProcessState* TargetServicesBase::GetState() {
92 return &process_state_; 99 return &process_state_;
93 } 100 }
94 101
95 TargetServicesBase* TargetServicesBase::GetInstance() { 102 TargetServicesBase* TargetServicesBase::GetInstance() {
96 static TargetServicesBase instance; 103 static TargetServicesBase instance;
97 return &instance; 104 return &instance;
98 } 105 }
(...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after
179 ResultCode TargetServicesBase::DuplicateHandle(HANDLE source_handle, 186 ResultCode TargetServicesBase::DuplicateHandle(HANDLE source_handle,
180 DWORD target_process_id, 187 DWORD target_process_id,
181 HANDLE* target_handle, 188 HANDLE* target_handle,
182 DWORD desired_access, 189 DWORD desired_access,
183 DWORD options) { 190 DWORD options) {
184 return sandbox::DuplicateHandleProxy(source_handle, target_process_id, 191 return sandbox::DuplicateHandleProxy(source_handle, target_process_id,
185 target_handle, desired_access, options); 192 target_handle, desired_access, options);
186 } 193 }
187 194
188 } // namespace sandbox 195 } // namespace sandbox
OLDNEW
« sandbox/win/src/sandbox_policy_base.cc ('K') | « sandbox/win/src/target_process.cc ('k') | sandbox/win/tests/common/controller.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698