OLD | NEW |
---|---|
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/win/src/process_thread_dispatcher.h" | 5 #include "sandbox/win/src/process_thread_dispatcher.h" |
6 | 6 |
7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
8 #include "base/logging.h" | 8 #include "base/logging.h" |
9 #include "sandbox/win/src/crosscall_client.h" | 9 #include "sandbox/win/src/crosscall_client.h" |
10 #include "sandbox/win/src/interception.h" | 10 #include "sandbox/win/src/interception.h" |
(...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
115 {IPC_NTOPENPROCESSTOKENEX_TAG, {VOIDPTR_TYPE, UINT32_TYPE, UINT32_TYPE}}, | 115 {IPC_NTOPENPROCESSTOKENEX_TAG, {VOIDPTR_TYPE, UINT32_TYPE, UINT32_TYPE}}, |
116 reinterpret_cast<CallbackGeneric>( | 116 reinterpret_cast<CallbackGeneric>( |
117 &ThreadProcessDispatcher::NtOpenProcessTokenEx)}; | 117 &ThreadProcessDispatcher::NtOpenProcessTokenEx)}; |
118 | 118 |
119 static const IPCCall create_params = { | 119 static const IPCCall create_params = { |
120 {IPC_CREATEPROCESSW_TAG, | 120 {IPC_CREATEPROCESSW_TAG, |
121 {WCHAR_TYPE, WCHAR_TYPE, WCHAR_TYPE, INOUTPTR_TYPE}}, | 121 {WCHAR_TYPE, WCHAR_TYPE, WCHAR_TYPE, INOUTPTR_TYPE}}, |
122 reinterpret_cast<CallbackGeneric>( | 122 reinterpret_cast<CallbackGeneric>( |
123 &ThreadProcessDispatcher::CreateProcessW)}; | 123 &ThreadProcessDispatcher::CreateProcessW)}; |
124 | 124 |
125 static const IPCCall create_thread_params = { | |
126 {IPC_CREATETHREAD_TAG, | |
127 // NOTE(liamjm): 2nd param in size_t: Using VOIDPTR_TYPE as a hack. | |
Will Harris
2015/12/03 06:41:50
I think this is fine, we only need to support Wind
liamjm (20p)
2015/12/03 21:53:29
Done.
| |
128 {VOIDPTR_TYPE, VOIDPTR_TYPE, VOIDPTR_TYPE, VOIDPTR_TYPE, UINT32_TYPE}}, | |
129 reinterpret_cast<CallbackGeneric>( | |
130 &ThreadProcessDispatcher::CreateThread)}; | |
131 | |
125 ipc_calls_.push_back(open_thread); | 132 ipc_calls_.push_back(open_thread); |
126 ipc_calls_.push_back(open_process); | 133 ipc_calls_.push_back(open_process); |
127 ipc_calls_.push_back(process_token); | 134 ipc_calls_.push_back(process_token); |
128 ipc_calls_.push_back(process_tokenex); | 135 ipc_calls_.push_back(process_tokenex); |
129 ipc_calls_.push_back(create_params); | 136 ipc_calls_.push_back(create_params); |
137 ipc_calls_.push_back(create_thread_params); | |
130 } | 138 } |
131 | 139 |
132 bool ThreadProcessDispatcher::SetupService(InterceptionManager* manager, | 140 bool ThreadProcessDispatcher::SetupService(InterceptionManager* manager, |
133 int service) { | 141 int service) { |
134 switch (service) { | 142 switch (service) { |
135 case IPC_NTOPENTHREAD_TAG: | 143 case IPC_NTOPENTHREAD_TAG: |
136 case IPC_NTOPENPROCESS_TAG: | 144 case IPC_NTOPENPROCESS_TAG: |
137 case IPC_NTOPENPROCESSTOKEN_TAG: | 145 case IPC_NTOPENPROCESSTOKEN_TAG: |
138 case IPC_NTOPENPROCESSTOKENEX_TAG: | 146 case IPC_NTOPENPROCESSTOKENEX_TAG: |
139 // There is no explicit policy for these services. | 147 // There is no explicit policy for these services. |
140 NOTREACHED(); | 148 NOTREACHED(); |
141 return false; | 149 return false; |
142 | 150 |
143 case IPC_CREATEPROCESSW_TAG: | 151 case IPC_CREATEPROCESSW_TAG: |
144 return INTERCEPT_EAT(manager, kKerneldllName, CreateProcessW, | 152 return INTERCEPT_EAT(manager, kKerneldllName, CreateProcessW, |
145 CREATE_PROCESSW_ID, 44) && | 153 CREATE_PROCESSW_ID, 44) && |
146 INTERCEPT_EAT(manager, L"kernel32.dll", CreateProcessA, | 154 INTERCEPT_EAT(manager, L"kernel32.dll", CreateProcessA, |
147 CREATE_PROCESSA_ID, 44); | 155 CREATE_PROCESSA_ID, 44); |
148 | 156 |
157 case IPC_CREATETHREAD_TAG: | |
158 return INTERCEPT_EAT(manager, kKerneldllName, CreateThread, | |
159 CREATE_THREAD_ID, 28); | |
160 | |
149 default: | 161 default: |
150 return false; | 162 return false; |
151 } | 163 } |
152 } | 164 } |
153 | 165 |
154 bool ThreadProcessDispatcher::NtOpenThread(IPCInfo* ipc, | 166 bool ThreadProcessDispatcher::NtOpenThread(IPCInfo* ipc, |
155 uint32 desired_access, | 167 uint32 desired_access, |
156 uint32 thread_id) { | 168 uint32 thread_id) { |
157 HANDLE handle; | 169 HANDLE handle; |
158 NTSTATUS ret = ProcessPolicy::OpenThreadAction(*ipc->client_info, | 170 NTSTATUS ret = ProcessPolicy::OpenThreadAction(*ipc->client_info, |
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
235 // Here we force the app_name to be the one we used for the policy lookup. | 247 // Here we force the app_name to be the one we used for the policy lookup. |
236 // If our logic was wrong, at least we wont allow create a random process. | 248 // If our logic was wrong, at least we wont allow create a random process. |
237 DWORD ret = ProcessPolicy::CreateProcessWAction(eval, *ipc->client_info, | 249 DWORD ret = ProcessPolicy::CreateProcessWAction(eval, *ipc->client_info, |
238 exe_name, *cmd_line, | 250 exe_name, *cmd_line, |
239 proc_info); | 251 proc_info); |
240 | 252 |
241 ipc->return_info.win32_result = ret; | 253 ipc->return_info.win32_result = ret; |
242 return true; | 254 return true; |
243 } | 255 } |
244 | 256 |
257 bool ThreadProcessDispatcher::CreateThread( | |
258 IPCInfo* ipc, | |
259 LPSECURITY_ATTRIBUTES thread_attributes, | |
260 SIZE_T stack_size, | |
Will Harris
2015/12/03 06:41:51
surprised something (maybe clang?) doesn't complai
liamjm (20p)
2015/12/03 21:53:29
Acknowledged.
| |
261 LPTHREAD_START_ROUTINE start_address, | |
262 PVOID parameter, | |
263 DWORD creation_flags) { | |
264 if (!start_address) { | |
265 return false; | |
266 } | |
267 | |
268 HANDLE handle; | |
269 DWORD ret = ProcessPolicy::CreateThreadAction( | |
270 GIVE_ALLACCESS, *ipc->client_info, thread_attributes, stack_size, | |
271 start_address, parameter, creation_flags, NULL, &handle); | |
272 | |
273 ipc->return_info.nt_status = ret; | |
274 ipc->return_info.handle = handle; | |
275 return true; | |
276 } | |
277 | |
245 } // namespace sandbox | 278 } // namespace sandbox |
OLD | NEW |