OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/win/src/process_thread_dispatcher.h" | 5 #include "sandbox/win/src/process_thread_dispatcher.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
(...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
117 {IPC_NTOPENPROCESSTOKENEX_TAG, {VOIDPTR_TYPE, UINT32_TYPE, UINT32_TYPE}}, | 117 {IPC_NTOPENPROCESSTOKENEX_TAG, {VOIDPTR_TYPE, UINT32_TYPE, UINT32_TYPE}}, |
118 reinterpret_cast<CallbackGeneric>( | 118 reinterpret_cast<CallbackGeneric>( |
119 &ThreadProcessDispatcher::NtOpenProcessTokenEx)}; | 119 &ThreadProcessDispatcher::NtOpenProcessTokenEx)}; |
120 | 120 |
121 static const IPCCall create_params = { | 121 static const IPCCall create_params = { |
122 {IPC_CREATEPROCESSW_TAG, | 122 {IPC_CREATEPROCESSW_TAG, |
123 {WCHAR_TYPE, WCHAR_TYPE, WCHAR_TYPE, INOUTPTR_TYPE}}, | 123 {WCHAR_TYPE, WCHAR_TYPE, WCHAR_TYPE, INOUTPTR_TYPE}}, |
124 reinterpret_cast<CallbackGeneric>( | 124 reinterpret_cast<CallbackGeneric>( |
125 &ThreadProcessDispatcher::CreateProcessW)}; | 125 &ThreadProcessDispatcher::CreateProcessW)}; |
126 | 126 |
| 127 // NOTE(liamjm): 2nd param is size_t: Using VOIDPTR_TYPE as they are |
| 128 // the same size on windows. |
| 129 static_assert(sizeof(size_t) == sizeof(void*), |
| 130 "VOIDPTR_TYPE not same size as size_t"); |
| 131 static const IPCCall create_thread_params = { |
| 132 {IPC_CREATETHREAD_TAG, |
| 133 {VOIDPTR_TYPE, VOIDPTR_TYPE, VOIDPTR_TYPE, UINT32_TYPE}}, |
| 134 reinterpret_cast<CallbackGeneric>( |
| 135 &ThreadProcessDispatcher::CreateThread)}; |
| 136 |
127 ipc_calls_.push_back(open_thread); | 137 ipc_calls_.push_back(open_thread); |
128 ipc_calls_.push_back(open_process); | 138 ipc_calls_.push_back(open_process); |
129 ipc_calls_.push_back(process_token); | 139 ipc_calls_.push_back(process_token); |
130 ipc_calls_.push_back(process_tokenex); | 140 ipc_calls_.push_back(process_tokenex); |
131 ipc_calls_.push_back(create_params); | 141 ipc_calls_.push_back(create_params); |
| 142 ipc_calls_.push_back(create_thread_params); |
132 } | 143 } |
133 | 144 |
134 bool ThreadProcessDispatcher::SetupService(InterceptionManager* manager, | 145 bool ThreadProcessDispatcher::SetupService(InterceptionManager* manager, |
135 int service) { | 146 int service) { |
136 switch (service) { | 147 switch (service) { |
137 case IPC_NTOPENTHREAD_TAG: | 148 case IPC_NTOPENTHREAD_TAG: |
138 case IPC_NTOPENPROCESS_TAG: | 149 case IPC_NTOPENPROCESS_TAG: |
139 case IPC_NTOPENPROCESSTOKEN_TAG: | 150 case IPC_NTOPENPROCESSTOKEN_TAG: |
140 case IPC_NTOPENPROCESSTOKENEX_TAG: | 151 case IPC_NTOPENPROCESSTOKENEX_TAG: |
141 // There is no explicit policy for these services. | 152 // There is no explicit policy for these services. |
142 NOTREACHED(); | 153 NOTREACHED(); |
143 return false; | 154 return false; |
144 | 155 |
145 case IPC_CREATEPROCESSW_TAG: | 156 case IPC_CREATEPROCESSW_TAG: |
146 return INTERCEPT_EAT(manager, kKerneldllName, CreateProcessW, | 157 return INTERCEPT_EAT(manager, kKerneldllName, CreateProcessW, |
147 CREATE_PROCESSW_ID, 44) && | 158 CREATE_PROCESSW_ID, 44) && |
148 INTERCEPT_EAT(manager, L"kernel32.dll", CreateProcessA, | 159 INTERCEPT_EAT(manager, L"kernel32.dll", CreateProcessA, |
149 CREATE_PROCESSA_ID, 44); | 160 CREATE_PROCESSA_ID, 44); |
150 | 161 |
| 162 case IPC_CREATETHREAD_TAG: |
| 163 return INTERCEPT_EAT(manager, kKerneldllName, CreateThread, |
| 164 CREATE_THREAD_ID, 28); |
| 165 |
151 default: | 166 default: |
152 return false; | 167 return false; |
153 } | 168 } |
154 } | 169 } |
155 | 170 |
156 bool ThreadProcessDispatcher::NtOpenThread(IPCInfo* ipc, | 171 bool ThreadProcessDispatcher::NtOpenThread(IPCInfo* ipc, |
157 uint32_t desired_access, | 172 uint32_t desired_access, |
158 uint32_t thread_id) { | 173 uint32_t thread_id) { |
159 HANDLE handle; | 174 HANDLE handle; |
160 NTSTATUS ret = ProcessPolicy::OpenThreadAction(*ipc->client_info, | 175 NTSTATUS ret = ProcessPolicy::OpenThreadAction(*ipc->client_info, |
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
237 // Here we force the app_name to be the one we used for the policy lookup. | 252 // Here we force the app_name to be the one we used for the policy lookup. |
238 // If our logic was wrong, at least we wont allow create a random process. | 253 // If our logic was wrong, at least we wont allow create a random process. |
239 DWORD ret = ProcessPolicy::CreateProcessWAction(eval, *ipc->client_info, | 254 DWORD ret = ProcessPolicy::CreateProcessWAction(eval, *ipc->client_info, |
240 exe_name, *cmd_line, | 255 exe_name, *cmd_line, |
241 proc_info); | 256 proc_info); |
242 | 257 |
243 ipc->return_info.win32_result = ret; | 258 ipc->return_info.win32_result = ret; |
244 return true; | 259 return true; |
245 } | 260 } |
246 | 261 |
| 262 bool ThreadProcessDispatcher::CreateThread(IPCInfo* ipc, |
| 263 SIZE_T stack_size, |
| 264 LPTHREAD_START_ROUTINE start_address, |
| 265 LPVOID parameter, |
| 266 DWORD creation_flags) { |
| 267 if (!start_address) { |
| 268 return false; |
| 269 } |
| 270 |
| 271 HANDLE handle; |
| 272 DWORD ret = ProcessPolicy::CreateThreadAction( |
| 273 GIVE_ALLACCESS, *ipc->client_info, stack_size, start_address, parameter, |
| 274 creation_flags, NULL, &handle); |
| 275 |
| 276 ipc->return_info.nt_status = ret; |
| 277 ipc->return_info.handle = handle; |
| 278 return true; |
| 279 } |
| 280 |
247 } // namespace sandbox | 281 } // namespace sandbox |
OLD | NEW |