| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/broker_services.h" | 5 #include "sandbox/win/src/broker_services.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/memory/scoped_ptr.h" | 8 #include "base/memory/scoped_ptr.h" |
| 9 #include "base/threading/platform_thread.h" | 9 #include "base/threading/platform_thread.h" |
| 10 #include "base/win/scoped_handle.h" | 10 #include "base/win/scoped_handle.h" |
| 11 #include "base/win/scoped_process_information.h" | 11 #include "base/win/scoped_process_information.h" |
| 12 #include "base/win/startup_information.h" | 12 #include "base/win/startup_information.h" |
| 13 #include "base/win/windows_version.h" | 13 #include "base/win/windows_version.h" |
| 14 #include "sandbox/win/src/app_container.h" | 14 #include "sandbox/win/src/app_container.h" |
| 15 #include "sandbox/win/src/process_mitigations.h" |
| 15 #include "sandbox/win/src/sandbox_policy_base.h" | 16 #include "sandbox/win/src/sandbox_policy_base.h" |
| 16 #include "sandbox/win/src/sandbox.h" | 17 #include "sandbox/win/src/sandbox.h" |
| 17 #include "sandbox/win/src/target_process.h" | 18 #include "sandbox/win/src/target_process.h" |
| 18 #include "sandbox/win/src/win2k_threadpool.h" | 19 #include "sandbox/win/src/win2k_threadpool.h" |
| 19 #include "sandbox/win/src/win_utils.h" | 20 #include "sandbox/win/src/win_utils.h" |
| 20 | 21 |
| 21 namespace { | 22 namespace { |
| 22 | 23 |
| 23 // Utility function to associate a completion port to a job object. | 24 // Utility function to associate a completion port to a job object. |
| 24 bool AssociateCompletionPort(HANDLE job, HANDLE port, void* key) { | 25 bool AssociateCompletionPort(HANDLE job, HANDLE port, void* key) { |
| (...skipping 288 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 313 return result; | 314 return result; |
| 314 | 315 |
| 315 // Initialize the startup information from the policy. | 316 // Initialize the startup information from the policy. |
| 316 base::win::StartupInformation startup_info; | 317 base::win::StartupInformation startup_info; |
| 317 string16 desktop = policy_base->GetAlternateDesktop(); | 318 string16 desktop = policy_base->GetAlternateDesktop(); |
| 318 if (!desktop.empty()) { | 319 if (!desktop.empty()) { |
| 319 startup_info.startup_info()->lpDesktop = | 320 startup_info.startup_info()->lpDesktop = |
| 320 const_cast<wchar_t*>(desktop.c_str()); | 321 const_cast<wchar_t*>(desktop.c_str()); |
| 321 } | 322 } |
| 322 | 323 |
| 323 const AppContainerAttributes* app_container = policy_base->GetAppContainer(); | 324 if (base::win::GetVersion() >= base::win::VERSION_VISTA) { |
| 324 if (app_container) { | 325 int attribute_count = 0; |
| 325 startup_info.InitializeProcThreadAttributeList(1); | 326 const AppContainerAttributes* app_container = |
| 326 result = app_container->ShareForStartup(&startup_info); | 327 policy_base->GetAppContainer(); |
| 327 if (SBOX_ALL_OK != result) | 328 if (app_container) |
| 328 return result; | 329 ++attribute_count; |
| 330 |
| 331 DWORD64 mitigations; |
| 332 size_t mitigations_size; |
| 333 ConvertProcessMitigationsToPolicy(policy->GetProcessMitigations(), |
| 334 &mitigations, &mitigations_size); |
| 335 if (mitigations) |
| 336 ++attribute_count; |
| 337 |
| 338 if (!startup_info.InitializeProcThreadAttributeList(attribute_count)) |
| 339 return SBOX_ERROR_PROC_THREAD_ATTRIBUTES; |
| 340 |
| 341 if (app_container) { |
| 342 result = app_container->ShareForStartup(&startup_info); |
| 343 if (SBOX_ALL_OK != result) |
| 344 return result; |
| 345 } |
| 346 |
| 347 if (mitigations) { |
| 348 if (!startup_info.UpdateProcThreadAttribute( |
| 349 PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY, &mitigations, |
| 350 mitigations_size)) { |
| 351 return SBOX_ERROR_PROC_THREAD_ATTRIBUTES; |
| 352 } |
| 353 } |
| 329 } | 354 } |
| 330 | 355 |
| 331 // Construct the thread pool here in case it is expensive. | 356 // Construct the thread pool here in case it is expensive. |
| 332 // The thread pool is shared by all the targets | 357 // The thread pool is shared by all the targets |
| 333 if (NULL == thread_pool_) | 358 if (NULL == thread_pool_) |
| 334 thread_pool_ = new Win2kThreadPool(); | 359 thread_pool_ = new Win2kThreadPool(); |
| 335 | 360 |
| 336 // Create the TargetProces object and spawn the target suspended. Note that | 361 // Create the TargetProces object and spawn the target suspended. Note that |
| 337 // Brokerservices does not own the target object. It is owned by the Policy. | 362 // Brokerservices does not own the target object. It is owned by the Policy. |
| 338 base::win::ScopedProcessInformation process_info; | 363 base::win::ScopedProcessInformation process_info; |
| (...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 435 return SBOX_ERROR_UNSUPPORTED; | 460 return SBOX_ERROR_UNSUPPORTED; |
| 436 | 461 |
| 437 string16 name = LookupAppContainer(sid); | 462 string16 name = LookupAppContainer(sid); |
| 438 if (name.empty()) | 463 if (name.empty()) |
| 439 return SBOX_ERROR_INVALID_APP_CONTAINER; | 464 return SBOX_ERROR_INVALID_APP_CONTAINER; |
| 440 | 465 |
| 441 return DeleteAppContainer(sid); | 466 return DeleteAppContainer(sid); |
| 442 } | 467 } |
| 443 | 468 |
| 444 } // namespace sandbox | 469 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10690058:
Add sandbox support for Windows process mitigations (Closed)
Base URL: https://src.chromium.org/svn/trunk/src/