OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <memory> | 5 #include <memory> |
6 #include <string> | 6 #include <string> |
7 | 7 |
8 #include "base/memory/scoped_ptr.h" | 8 #include "base/memory/scoped_ptr.h" |
9 #include "base/strings/string16.h" | 9 #include "base/strings/string16.h" |
10 #include "base/strings/sys_string_conversions.h" | 10 #include "base/strings/sys_string_conversions.h" |
11 #include "base/win/scoped_handle.h" | 11 #include "base/win/scoped_handle.h" |
12 #include "base/win/scoped_process_information.h" | 12 #include "base/win/scoped_process_information.h" |
13 #include "base/win/windows_version.h" | 13 #include "base/win/windows_version.h" |
| 14 #include "sandbox/win/src/process_thread_interception.h" |
14 #include "sandbox/win/src/sandbox.h" | 15 #include "sandbox/win/src/sandbox.h" |
15 #include "sandbox/win/src/sandbox_factory.h" | 16 #include "sandbox/win/src/sandbox_factory.h" |
16 #include "sandbox/win/src/sandbox_policy.h" | 17 #include "sandbox/win/src/sandbox_policy.h" |
17 #include "sandbox/win/tests/common/controller.h" | 18 #include "sandbox/win/tests/common/controller.h" |
18 #include "testing/gtest/include/gtest/gtest.h" | 19 #include "testing/gtest/include/gtest/gtest.h" |
19 | 20 |
20 namespace { | 21 namespace { |
21 | 22 |
22 // Creates a process with the |exe| and |command| parameter using the | 23 // Creates a process with the |exe| and |command| parameter using the |
23 // unicode and ascii version of the api. | 24 // unicode and ascii version of the api. |
(...skipping 238 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
262 return SBOX_TEST_DENIED; | 263 return SBOX_TEST_DENIED; |
263 } | 264 } |
264 } else { | 265 } else { |
265 ::CloseHandle(token); | 266 ::CloseHandle(token); |
266 return SBOX_TEST_SUCCEEDED; | 267 return SBOX_TEST_SUCCEEDED; |
267 } | 268 } |
268 | 269 |
269 return SBOX_TEST_FAILED; | 270 return SBOX_TEST_FAILED; |
270 } | 271 } |
271 | 272 |
| 273 // Generate a event name, used to test thread creation. |
| 274 std::wstring GenerateEventName(DWORD pid) { |
| 275 wchar_t buff[30] = {0}; |
| 276 int res = swprintf_s(buff, sizeof(buff) / sizeof(buff[0]), |
| 277 L"ProcessPolicyTest_%08x", pid); |
| 278 if (-1 != res) { |
| 279 return std::wstring(buff); |
| 280 } |
| 281 return std::wstring(); |
| 282 } |
| 283 |
| 284 // This is the function that is called when testing thread creation. |
| 285 // It is expected to set an event that the caller is waiting on. |
| 286 DWORD TestThreadFunc(LPVOID lpdwThreadParam) { |
| 287 std::wstring event_name = |
| 288 GenerateEventName(reinterpret_cast<DWORD>(lpdwThreadParam)); |
| 289 if (!event_name.length()) { |
| 290 return 1; |
| 291 } |
| 292 HANDLE event = ::OpenEvent(EVENT_ALL_ACCESS | EVENT_MODIFY_STATE, FALSE, |
| 293 event_name.c_str()); |
| 294 if (!event) { |
| 295 return 1; |
| 296 } |
| 297 if (!SetEvent(event)) { |
| 298 return 1; |
| 299 } |
| 300 return 0; |
| 301 } |
| 302 |
| 303 SBOX_TESTS_COMMAND int Process_CreateThread(int argc, wchar_t** argv) { |
| 304 DWORD pid = ::GetCurrentProcessId(); |
| 305 std::wstring event_name = GenerateEventName(pid); |
| 306 if (!event_name.length()) { |
| 307 return SBOX_TEST_FIRST_ERROR; |
| 308 } |
| 309 HANDLE event = ::CreateEvent(NULL, TRUE, FALSE, event_name.c_str()); |
| 310 if (!event) { |
| 311 return SBOX_TEST_SECOND_ERROR; |
| 312 } |
| 313 |
| 314 DWORD thread_id = 0; |
| 315 HANDLE thread = NULL; |
| 316 thread = ::CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)&TestThreadFunc, |
| 317 (LPVOID)pid, 0, &thread_id); |
| 318 |
| 319 if (!thread) { |
| 320 return SBOX_TEST_THIRD_ERROR; |
| 321 } |
| 322 if (!thread_id) { |
| 323 return SBOX_TEST_FOURTH_ERROR; |
| 324 } |
| 325 if (WaitForSingleObject(thread, INFINITE) != WAIT_OBJECT_0) { |
| 326 return SBOX_TEST_FIFTH_ERROR; |
| 327 } |
| 328 DWORD exit_code = 0; |
| 329 if (!GetExitCodeThread(thread, &exit_code)) { |
| 330 return SBOX_TEST_SIXTH_ERROR; |
| 331 } |
| 332 if (exit_code) { |
| 333 return SBOX_TEST_SEVENTH_ERROR; |
| 334 } |
| 335 if (WaitForSingleObject(event, INFINITE) != WAIT_OBJECT_0) { |
| 336 return SBOX_TEST_FAILED; |
| 337 } |
| 338 return SBOX_TEST_SUCCEEDED; |
| 339 } |
| 340 |
272 TEST(ProcessPolicyTest, TestAllAccess) { | 341 TEST(ProcessPolicyTest, TestAllAccess) { |
273 // Check if the "all access" rule fails to be added when the token is too | 342 // Check if the "all access" rule fails to be added when the token is too |
274 // powerful. | 343 // powerful. |
275 TestRunner runner; | 344 TestRunner runner; |
276 | 345 |
277 // Check the failing case. | 346 // Check the failing case. |
278 runner.GetPolicy()->SetTokenLevel(USER_INTERACTIVE, USER_LOCKDOWN); | 347 runner.GetPolicy()->SetTokenLevel(USER_INTERACTIVE, USER_LOCKDOWN); |
279 EXPECT_EQ(SBOX_ERROR_UNSUPPORTED, | 348 EXPECT_EQ(SBOX_ERROR_UNSUPPORTED, |
280 runner.GetPolicy()->AddRule(TargetPolicy::SUBSYS_PROCESS, | 349 runner.GetPolicy()->AddRule(TargetPolicy::SUBSYS_PROCESS, |
281 TargetPolicy::PROCESS_ALL_EXEC, | 350 TargetPolicy::PROCESS_ALL_EXEC, |
(...skipping 108 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
390 | 459 |
391 EXPECT_EQ(SBOX_TEST_SUCCEEDED, | 460 EXPECT_EQ(SBOX_TEST_SUCCEEDED, |
392 runner.RunTest(L"Process_GetChildProcessToken findstr.exe")); | 461 runner.RunTest(L"Process_GetChildProcessToken findstr.exe")); |
393 } | 462 } |
394 | 463 |
395 TEST(ProcessPolicyTest, TestCreateProcessA) { | 464 TEST(ProcessPolicyTest, TestCreateProcessA) { |
396 TestRunner runner; | 465 TestRunner runner; |
397 sandbox::TargetPolicy* policy = runner.GetPolicy(); | 466 sandbox::TargetPolicy* policy = runner.GetPolicy(); |
398 policy->SetJobLevel(JOB_NONE, 0); | 467 policy->SetJobLevel(JOB_NONE, 0); |
399 policy->SetTokenLevel(USER_UNPROTECTED, USER_UNPROTECTED); | 468 policy->SetTokenLevel(USER_UNPROTECTED, USER_UNPROTECTED); |
400 | |
401 base::string16 exe_path = MakePathToSys(L"calc.exe", false); | 469 base::string16 exe_path = MakePathToSys(L"calc.exe", false); |
402 ASSERT_TRUE(!exe_path.empty()); | 470 ASSERT_TRUE(!exe_path.empty()); |
403 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, | 471 EXPECT_TRUE(runner.AddRule(TargetPolicy::SUBSYS_PROCESS, |
404 TargetPolicy::PROCESS_ALL_EXEC, exe_path.c_str())); | 472 TargetPolicy::PROCESS_ALL_EXEC, exe_path.c_str())); |
405 EXPECT_EQ(SBOX_TEST_SUCCEEDED, | 473 EXPECT_EQ(SBOX_TEST_SUCCEEDED, |
406 runner.RunTest(L"Process_CreateProcessA calc.exe")); | 474 runner.RunTest(L"Process_CreateProcessA calc.exe")); |
407 } | 475 } |
408 | 476 |
409 } // namespace sandbox | 477 // This tests that the CreateThread works with CSRSS not locked down. |
| 478 // In other words, that the interception passes through OK. |
| 479 TEST(ProcessPolicyTest, TestCreateThreadWithCsrss) { |
| 480 TestRunner runner(JOB_NONE, USER_INTERACTIVE, USER_INTERACTIVE); |
| 481 runner.SetDisableCsrss(false); |
| 482 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"Process_CreateThread")); |
| 483 } |
| 484 |
| 485 // This tests that the CreateThread works with CSRSS locked down. |
| 486 // In other words, that the interception correctly works. |
| 487 TEST(ProcessPolicyTest, TestCreateThreadWithoutCsrss) { |
| 488 TestRunner runner(JOB_NONE, USER_INTERACTIVE, USER_INTERACTIVE); |
| 489 EXPECT_EQ(SBOX_TEST_SUCCEEDED, runner.RunTest(L"Process_CreateThread")); |
| 490 } |
| 491 |
| 492 // This tests that our CreateThread interceptors works when called directly. |
| 493 TEST(ProcessPolicyTest, TestCreateThreadOutsideSandbox) { |
| 494 DWORD pid = ::GetCurrentProcessId(); |
| 495 std::wstring event_name = GenerateEventName(pid); |
| 496 ASSERT_STRNE(NULL, event_name.c_str()); |
| 497 HANDLE event = ::CreateEvent(NULL, TRUE, FALSE, event_name.c_str()); |
| 498 EXPECT_NE(static_cast<HANDLE>(NULL), event); |
| 499 |
| 500 DWORD thread_id = 0; |
| 501 HANDLE thread = NULL; |
| 502 thread = TargetCreateThread(::CreateThread, NULL, 0, |
| 503 (LPTHREAD_START_ROUTINE)&TestThreadFunc, |
| 504 (LPVOID)pid, 0, &thread_id); |
| 505 EXPECT_NE(static_cast<HANDLE>(NULL), thread); |
| 506 EXPECT_EQ(WAIT_OBJECT_0, WaitForSingleObject(thread, INFINITE)); |
| 507 EXPECT_EQ(WAIT_OBJECT_0, WaitForSingleObject(event, INFINITE)); |
| 508 } |
| 509 |
| 510 } // namespace sandbox |
OLD | NEW |