| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/target_services.h" | 5 #include "sandbox/win/src/target_services.h" |
| 6 | 6 |
| 7 #include <process.h> | 7 #include <process.h> |
| 8 | 8 |
| 9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
| 10 #include "sandbox/win/src/crosscall_client.h" | 10 #include "sandbox/win/src/crosscall_client.h" |
| 11 #include "sandbox/win/src/handle_closer_agent.h" | 11 #include "sandbox/win/src/handle_closer_agent.h" |
| 12 #include "sandbox/win/src/handle_interception.h" | 12 #include "sandbox/win/src/handle_interception.h" |
| 13 #include "sandbox/win/src/ipc_tags.h" | 13 #include "sandbox/win/src/ipc_tags.h" |
| 14 #include "sandbox/win/src/process_mitigations.h" |
| 14 #include "sandbox/win/src/restricted_token_utils.h" | 15 #include "sandbox/win/src/restricted_token_utils.h" |
| 15 #include "sandbox/win/src/sandbox.h" | 16 #include "sandbox/win/src/sandbox.h" |
| 16 #include "sandbox/win/src/sandbox_types.h" | 17 #include "sandbox/win/src/sandbox_types.h" |
| 17 #include "sandbox/win/src/sharedmem_ipc_client.h" | 18 #include "sandbox/win/src/sharedmem_ipc_client.h" |
| 18 #include "sandbox/win/src/sandbox_nt_util.h" | 19 #include "sandbox/win/src/sandbox_nt_util.h" |
| 19 | 20 |
| 20 namespace { | 21 namespace { |
| 21 | 22 |
| 22 // Flushing a cached key is triggered by just opening the key and closing the | 23 // Flushing a cached key is triggered by just opening the key and closing the |
| 23 // resulting handle. RegDisablePredefinedCache() is the documented way to flush | 24 // resulting handle. RegDisablePredefinedCache() is the documented way to flush |
| (...skipping 30 matching lines...) Expand all Loading... |
| 54 | 55 |
| 55 return true; | 56 return true; |
| 56 } | 57 } |
| 57 | 58 |
| 58 } // namespace | 59 } // namespace |
| 59 | 60 |
| 60 namespace sandbox { | 61 namespace sandbox { |
| 61 | 62 |
| 62 SANDBOX_INTERCEPT IntegrityLevel g_shared_delayed_integrity_level = | 63 SANDBOX_INTERCEPT IntegrityLevel g_shared_delayed_integrity_level = |
| 63 INTEGRITY_LEVEL_LAST; | 64 INTEGRITY_LEVEL_LAST; |
| 65 SANDBOX_INTERCEPT MitigationFlags g_shared_delayed_mitigations = 0; |
| 64 | 66 |
| 65 TargetServicesBase::TargetServicesBase() { | 67 TargetServicesBase::TargetServicesBase() { |
| 66 } | 68 } |
| 67 | 69 |
| 68 ResultCode TargetServicesBase::Init() { | 70 ResultCode TargetServicesBase::Init() { |
| 69 process_state_.SetInitCalled(); | 71 process_state_.SetInitCalled(); |
| 70 return SBOX_ALL_OK; | 72 return SBOX_ALL_OK; |
| 71 } | 73 } |
| 72 | 74 |
| 73 // Failure here is a breach of security so the process is terminated. | 75 // Failure here is a breach of security so the process is terminated. |
| 74 void TargetServicesBase::LowerToken() { | 76 void TargetServicesBase::LowerToken() { |
| 75 if (ERROR_SUCCESS != | 77 if (ERROR_SUCCESS != |
| 76 SetProcessIntegrityLevel(g_shared_delayed_integrity_level)) | 78 SetProcessIntegrityLevel(g_shared_delayed_integrity_level)) |
| 77 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_INTEGRITY); | 79 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_INTEGRITY); |
| 78 process_state_.SetRevertedToSelf(); | 80 process_state_.SetRevertedToSelf(); |
| 79 // If the client code as called RegOpenKey, advapi32.dll has cached some | 81 // If the client code as called RegOpenKey, advapi32.dll has cached some |
| 80 // handles. The following code gets rid of them. | 82 // handles. The following code gets rid of them. |
| 81 if (!::RevertToSelf()) | 83 if (!::RevertToSelf()) |
| 82 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_DROPTOKEN); | 84 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_DROPTOKEN); |
| 83 if (!FlushCachedRegHandles()) | 85 if (!FlushCachedRegHandles()) |
| 84 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_FLUSHANDLES); | 86 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_FLUSHANDLES); |
| 85 if (ERROR_SUCCESS != ::RegDisablePredefinedCache()) | 87 if (ERROR_SUCCESS != ::RegDisablePredefinedCache()) |
| 86 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_CACHEDISABLE); | 88 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_CACHEDISABLE); |
| 87 if (!CloseOpenHandles()) | 89 if (!CloseOpenHandles()) |
| 88 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_CLOSEHANDLES); | 90 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_CLOSEHANDLES); |
| 91 // Enabling mitigations must happen last otherwise handle closing breaks |
| 92 if (g_shared_delayed_mitigations && |
| 93 !ApplyProcessMitigationsToCurrentProcess(g_shared_delayed_mitigations)) |
| 94 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_MITIGATION); |
| 89 } | 95 } |
| 90 | 96 |
| 91 ProcessState* TargetServicesBase::GetState() { | 97 ProcessState* TargetServicesBase::GetState() { |
| 92 return &process_state_; | 98 return &process_state_; |
| 93 } | 99 } |
| 94 | 100 |
| 95 TargetServicesBase* TargetServicesBase::GetInstance() { | 101 TargetServicesBase* TargetServicesBase::GetInstance() { |
| 96 static TargetServicesBase instance; | 102 static TargetServicesBase instance; |
| 97 return &instance; | 103 return &instance; |
| 98 } | 104 } |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 179 ResultCode TargetServicesBase::DuplicateHandle(HANDLE source_handle, | 185 ResultCode TargetServicesBase::DuplicateHandle(HANDLE source_handle, |
| 180 DWORD target_process_id, | 186 DWORD target_process_id, |
| 181 HANDLE* target_handle, | 187 HANDLE* target_handle, |
| 182 DWORD desired_access, | 188 DWORD desired_access, |
| 183 DWORD options) { | 189 DWORD options) { |
| 184 return sandbox::DuplicateHandleProxy(source_handle, target_process_id, | 190 return sandbox::DuplicateHandleProxy(source_handle, target_process_id, |
| 185 target_handle, desired_access, options); | 191 target_handle, desired_access, options); |
| 186 } | 192 } |
| 187 | 193 |
| 188 } // namespace sandbox | 194 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10690058:
Add sandbox support for Windows process mitigations (Closed)
Base URL: https://src.chromium.org/svn/trunk/src/