| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/process_thread_dispatcher.h" | 5 #include "sandbox/win/src/process_thread_dispatcher.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 117 {IPC_NTOPENPROCESSTOKENEX_TAG, {VOIDPTR_TYPE, UINT32_TYPE, UINT32_TYPE}}, | 117 {IPC_NTOPENPROCESSTOKENEX_TAG, {VOIDPTR_TYPE, UINT32_TYPE, UINT32_TYPE}}, |
| 118 reinterpret_cast<CallbackGeneric>( | 118 reinterpret_cast<CallbackGeneric>( |
| 119 &ThreadProcessDispatcher::NtOpenProcessTokenEx)}; | 119 &ThreadProcessDispatcher::NtOpenProcessTokenEx)}; |
| 120 | 120 |
| 121 static const IPCCall create_params = { | 121 static const IPCCall create_params = { |
| 122 {IPC_CREATEPROCESSW_TAG, | 122 {IPC_CREATEPROCESSW_TAG, |
| 123 {WCHAR_TYPE, WCHAR_TYPE, WCHAR_TYPE, INOUTPTR_TYPE}}, | 123 {WCHAR_TYPE, WCHAR_TYPE, WCHAR_TYPE, INOUTPTR_TYPE}}, |
| 124 reinterpret_cast<CallbackGeneric>( | 124 reinterpret_cast<CallbackGeneric>( |
| 125 &ThreadProcessDispatcher::CreateProcessW)}; | 125 &ThreadProcessDispatcher::CreateProcessW)}; |
| 126 | 126 |
| 127 // NOTE(liamjm): 2nd param is size_t: Using VOIDPTR_TYPE as they are |
| 128 // the same size on windows. |
| 129 static_assert(sizeof(size_t) == sizeof(void*), |
| 130 "VOIDPTR_TYPE not same size as size_t"); |
| 131 static const IPCCall create_thread_params = { |
| 132 {IPC_CREATETHREAD_TAG, |
| 133 {VOIDPTR_TYPE, VOIDPTR_TYPE, VOIDPTR_TYPE, UINT32_TYPE}}, |
| 134 reinterpret_cast<CallbackGeneric>( |
| 135 &ThreadProcessDispatcher::CreateThread)}; |
| 136 |
| 127 ipc_calls_.push_back(open_thread); | 137 ipc_calls_.push_back(open_thread); |
| 128 ipc_calls_.push_back(open_process); | 138 ipc_calls_.push_back(open_process); |
| 129 ipc_calls_.push_back(process_token); | 139 ipc_calls_.push_back(process_token); |
| 130 ipc_calls_.push_back(process_tokenex); | 140 ipc_calls_.push_back(process_tokenex); |
| 131 ipc_calls_.push_back(create_params); | 141 ipc_calls_.push_back(create_params); |
| 142 ipc_calls_.push_back(create_thread_params); |
| 132 } | 143 } |
| 133 | 144 |
| 134 bool ThreadProcessDispatcher::SetupService(InterceptionManager* manager, | 145 bool ThreadProcessDispatcher::SetupService(InterceptionManager* manager, |
| 135 int service) { | 146 int service) { |
| 136 switch (service) { | 147 switch (service) { |
| 137 case IPC_NTOPENTHREAD_TAG: | 148 case IPC_NTOPENTHREAD_TAG: |
| 138 case IPC_NTOPENPROCESS_TAG: | 149 case IPC_NTOPENPROCESS_TAG: |
| 139 case IPC_NTOPENPROCESSTOKEN_TAG: | 150 case IPC_NTOPENPROCESSTOKEN_TAG: |
| 140 case IPC_NTOPENPROCESSTOKENEX_TAG: | 151 case IPC_NTOPENPROCESSTOKENEX_TAG: |
| 152 case IPC_CREATETHREAD_TAG: |
| 141 // There is no explicit policy for these services. | 153 // There is no explicit policy for these services. |
| 142 NOTREACHED(); | 154 NOTREACHED(); |
| 143 return false; | 155 return false; |
| 144 | 156 |
| 145 case IPC_CREATEPROCESSW_TAG: | 157 case IPC_CREATEPROCESSW_TAG: |
| 146 return INTERCEPT_EAT(manager, kKerneldllName, CreateProcessW, | 158 return INTERCEPT_EAT(manager, kKerneldllName, CreateProcessW, |
| 147 CREATE_PROCESSW_ID, 44) && | 159 CREATE_PROCESSW_ID, 44) && |
| 148 INTERCEPT_EAT(manager, L"kernel32.dll", CreateProcessA, | 160 INTERCEPT_EAT(manager, L"kernel32.dll", CreateProcessA, |
| 149 CREATE_PROCESSA_ID, 44); | 161 CREATE_PROCESSA_ID, 44); |
| 150 | 162 |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 237 // Here we force the app_name to be the one we used for the policy lookup. | 249 // Here we force the app_name to be the one we used for the policy lookup. |
| 238 // If our logic was wrong, at least we wont allow create a random process. | 250 // If our logic was wrong, at least we wont allow create a random process. |
| 239 DWORD ret = ProcessPolicy::CreateProcessWAction(eval, *ipc->client_info, | 251 DWORD ret = ProcessPolicy::CreateProcessWAction(eval, *ipc->client_info, |
| 240 exe_name, *cmd_line, | 252 exe_name, *cmd_line, |
| 241 proc_info); | 253 proc_info); |
| 242 | 254 |
| 243 ipc->return_info.win32_result = ret; | 255 ipc->return_info.win32_result = ret; |
| 244 return true; | 256 return true; |
| 245 } | 257 } |
| 246 | 258 |
| 259 bool ThreadProcessDispatcher::CreateThread(IPCInfo* ipc, |
| 260 SIZE_T stack_size, |
| 261 LPTHREAD_START_ROUTINE start_address, |
| 262 LPVOID parameter, |
| 263 DWORD creation_flags) { |
| 264 if (!start_address) { |
| 265 return false; |
| 266 } |
| 267 |
| 268 HANDLE handle; |
| 269 DWORD ret = ProcessPolicy::CreateThreadAction(*ipc->client_info, stack_size, |
| 270 start_address, parameter, |
| 271 creation_flags, NULL, &handle); |
| 272 |
| 273 ipc->return_info.nt_status = ret; |
| 274 ipc->return_info.handle = handle; |
| 275 return true; |
| 276 } |
| 277 |
| 247 } // namespace sandbox | 278 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1225183003:
CreateThread interception, to use CreateRemoteThread (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master