| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/sandbox_policy.h" | 5 #include "content/common/sandbox_policy.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/debug/debugger.h" | 10 #include "base/debug/debugger.h" |
| 11 #include "base/debug/trace_event.h" | 11 #include "base/debug/trace_event.h" |
| 12 #include "base/file_util.h" | 12 #include "base/file_util.h" |
| 13 #include "base/lazy_instance.h" | 13 #include "base/lazy_instance.h" |
| 14 #include "base/logging.h" | 14 #include "base/logging.h" |
| 15 #include "base/path_service.h" | 15 #include "base/path_service.h" |
| 16 #include "base/process_util.h" | 16 #include "base/process_util.h" |
| 17 #include "base/string_util.h" | 17 #include "base/string_util.h" |
| 18 #include "base/stringprintf.h" | 18 #include "base/stringprintf.h" |
| 19 #include "base/win/iat_patch_function.h" | 19 #include "base/win/iat_patch_function.h" |
| 20 #include "base/win/scoped_handle.h" | 20 #include "base/win/scoped_handle.h" |
| 21 #include "base/win/scoped_process_information.h" | 21 #include "base/win/scoped_process_information.h" |
| 22 #include "base/win/windows_version.h" | 22 #include "base/win/windows_version.h" |
| 23 #include "content/common/debug_flags.h" | 23 #include "content/common/debug_flags.h" |
| 24 #include "content/public/common/content_client.h" | 24 #include "content/public/common/content_client.h" |
| 25 #include "content/public/common/content_switches.h" | 25 #include "content/public/common/content_switches.h" |
| 26 #include "content/public/common/process_type.h" | 26 #include "content/public/common/process_type.h" |
| 27 #include "content/public/common/sandbox_init.h" | 27 #include "content/public/common/sandbox_init.h" |
| 28 #include "sandbox/win/src/process_mitigations.h" |
| 28 #include "sandbox/win/src/sandbox.h" | 29 #include "sandbox/win/src/sandbox.h" |
| 29 #include "sandbox/win/src/sandbox_nt_util.h" | 30 #include "sandbox/win/src/sandbox_nt_util.h" |
| 30 #include "sandbox/win/src/win_utils.h" | 31 #include "sandbox/win/src/win_utils.h" |
| 31 #include "ui/gl/gl_switches.h" | 32 #include "ui/gl/gl_switches.h" |
| 32 | 33 |
| 33 static sandbox::BrokerServices* g_broker_services = NULL; | 34 static sandbox::BrokerServices* g_broker_services = NULL; |
| 34 static sandbox::TargetServices* g_target_services = NULL; | 35 static sandbox::TargetServices* g_target_services = NULL; |
| 35 | 36 |
| 36 namespace { | 37 namespace { |
| 37 | 38 |
| 38 // The DLLs listed here are known (or under strong suspicion) of causing crashes | 39 // The DLLs listed here are known (or under strong suspicion) of causing crashes |
| 39 // when they are loaded in the renderer. Note: at runtime we generate short | 40 // when they are loaded in the renderer. Note: at runtime we generate short |
| 40 // versions of the dll name only if the dll has an extension. | 41 // versions of the dll name only if the dll has an extension. |
| 41 const wchar_t* const kTroublesomeDlls[] = { | 42 const wchar_t* const kTroublesomeDlls[] = { |
| 42 L"adialhk.dll", // Kaspersky Internet Security. | 43 L"adialhk.dll", // Kaspersky Internet Security. |
| 43 L"acpiz.dll", // Unknown. | 44 L"acpiz.dll", // Unknown. |
| 44 L"avgrsstx.dll", // AVG 8. | 45 L"avgrsstx.dll", // AVG 8. |
| 45 L"babylonchromepi.dll", // Babylon translator. | 46 L"babylonchromepi.dll", // Babylon translator. |
| 46 L"browsemngr.dll", // Uninstall blocker used by Babylon. | |
| 47 L"btkeyind.dll", // Widcomm Bluetooth. | 47 L"btkeyind.dll", // Widcomm Bluetooth. |
| 48 L"cmcsyshk.dll", // CMC Internet Security. | 48 L"cmcsyshk.dll", // CMC Internet Security. |
| 49 L"cmsetac.dll", // Unknown (suspected malware). | 49 L"cmsetac.dll", // Unknown (suspected malware). |
| 50 L"cooliris.dll", // CoolIris. | 50 L"cooliris.dll", // CoolIris. |
| 51 L"dockshellhook.dll", // Stardock Objectdock. | 51 L"dockshellhook.dll", // Stardock Objectdock. |
| 52 L"easyhook32.dll", // GDIPP and others. | 52 L"easyhook32.dll", // GDIPP and others. |
| 53 L"googledesktopnetwork3.dll", // Google Desktop Search v5. | 53 L"googledesktopnetwork3.dll", // Google Desktop Search v5. |
| 54 L"fwhook.dll", // PC Tools Firewall Plus. | 54 L"fwhook.dll", // PC Tools Firewall Plus. |
| 55 L"hookprocesscreation.dll", // Blumentals Program protector. | 55 L"hookprocesscreation.dll", // Blumentals Program protector. |
| 56 L"hookterminateapis.dll", // Blumentals and Cyberprinter. | 56 L"hookterminateapis.dll", // Blumentals and Cyberprinter. |
| (...skipping 663 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 720 #endif | 720 #endif |
| 721 | 721 |
| 722 if (!in_sandbox) { | 722 if (!in_sandbox) { |
| 723 policy->Release(); | 723 policy->Release(); |
| 724 base::ProcessHandle process = 0; | 724 base::ProcessHandle process = 0; |
| 725 base::LaunchProcess(*cmd_line, base::LaunchOptions(), &process); | 725 base::LaunchProcess(*cmd_line, base::LaunchOptions(), &process); |
| 726 g_broker_services->AddTargetPeer(process); | 726 g_broker_services->AddTargetPeer(process); |
| 727 return process; | 727 return process; |
| 728 } | 728 } |
| 729 | 729 |
| 730 // TODO(jschuh): Add all Win8 mitigations. crbug.com/147752 |
| 731 if (type != content::PROCESS_TYPE_NACL_LOADER) { |
| 732 if (policy->SetProcessMitigations(MITIGATION_DEP | |
| 733 MITIGATION_DEP_NO_ATL_THUNK | |
| 734 MITIGATION_SEHOP | |
| 735 MITIGATION_BOTTOM_UP_ASLR) |
| 736 != sandbox::SBOX_ALL_OK) { |
| 737 return 0; |
| 738 } |
| 739 } else { |
| 740 // TODO(jschuh): Make NaCl work with DEP and SEHOP. crbug.com/147752 |
| 741 if (policy->SetDelayedProcessMitigations(MITIGATION_DEP | |
| 742 MITIGATION_DEP_NO_ATL_THUNK) |
| 743 != sandbox::SBOX_ALL_OK) { |
| 744 return 0; |
| 745 } |
| 746 if (policy->SetProcessMitigations(MITIGATION_BOTTOM_UP_ASLR) |
| 747 != sandbox::SBOX_ALL_OK) { |
| 748 return 0; |
| 749 } |
| 750 } |
| 751 |
| 730 if (type == content::PROCESS_TYPE_PLUGIN) { | 752 if (type == content::PROCESS_TYPE_PLUGIN) { |
| 731 AddGenericDllEvictionPolicy(policy); | 753 AddGenericDllEvictionPolicy(policy); |
| 732 AddPluginDllEvictionPolicy(policy); | 754 AddPluginDllEvictionPolicy(policy); |
| 733 } else if (type == content::PROCESS_TYPE_GPU) { | 755 } else if (type == content::PROCESS_TYPE_GPU) { |
| 734 if (!AddPolicyForGPU(cmd_line, policy)) | 756 if (!AddPolicyForGPU(cmd_line, policy)) |
| 735 return 0; | 757 return 0; |
| 736 } else { | 758 } else { |
| 737 if (!AddPolicyForRenderer(policy)) | 759 if (!AddPolicyForRenderer(policy)) |
| 738 return 0; | 760 return 0; |
| 739 // TODO(jschuh): Need get these restrictions applied to NaCl and Pepper. | 761 // TODO(jschuh): Need get these restrictions applied to NaCl and Pepper. |
| (...skipping 126 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 866 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; | 888 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; |
| 867 } | 889 } |
| 868 | 890 |
| 869 base::ProcessHandle StartProcessWithAccess( | 891 base::ProcessHandle StartProcessWithAccess( |
| 870 CommandLine* cmd_line, | 892 CommandLine* cmd_line, |
| 871 const FilePath& exposed_dir) { | 893 const FilePath& exposed_dir) { |
| 872 return sandbox::StartProcessWithAccess(cmd_line, exposed_dir); | 894 return sandbox::StartProcessWithAccess(cmd_line, exposed_dir); |
| 873 } | 895 } |
| 874 | 896 |
| 875 } // namespace content | 897 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10690058:
Add sandbox support for Windows process mitigations (Closed)
Base URL: https://src.chromium.org/svn/trunk/src/