OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/win/src/process_thread_dispatcher.h" | 5 #include "sandbox/win/src/process_thread_dispatcher.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include "base/logging.h" | 10 #include "base/logging.h" |
(...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
117 {IPC_NTOPENPROCESSTOKENEX_TAG, {VOIDPTR_TYPE, UINT32_TYPE, UINT32_TYPE}}, | 117 {IPC_NTOPENPROCESSTOKENEX_TAG, {VOIDPTR_TYPE, UINT32_TYPE, UINT32_TYPE}}, |
118 reinterpret_cast<CallbackGeneric>( | 118 reinterpret_cast<CallbackGeneric>( |
119 &ThreadProcessDispatcher::NtOpenProcessTokenEx)}; | 119 &ThreadProcessDispatcher::NtOpenProcessTokenEx)}; |
120 | 120 |
121 static const IPCCall create_params = { | 121 static const IPCCall create_params = { |
122 {IPC_CREATEPROCESSW_TAG, | 122 {IPC_CREATEPROCESSW_TAG, |
123 {WCHAR_TYPE, WCHAR_TYPE, WCHAR_TYPE, INOUTPTR_TYPE}}, | 123 {WCHAR_TYPE, WCHAR_TYPE, WCHAR_TYPE, INOUTPTR_TYPE}}, |
124 reinterpret_cast<CallbackGeneric>( | 124 reinterpret_cast<CallbackGeneric>( |
125 &ThreadProcessDispatcher::CreateProcessW)}; | 125 &ThreadProcessDispatcher::CreateProcessW)}; |
126 | 126 |
| 127 // NOTE(liamjm): 2nd param is size_t: Using VOIDPTR_TYPE as they are |
| 128 // the same size on windows. |
| 129 static_assert(sizeof(size_t) == sizeof(void*), |
| 130 "VOIDPTR_TYPE not same size as size_t"); |
| 131 static const IPCCall create_thread_params = { |
| 132 {IPC_CREATETHREAD_TAG, |
| 133 {VOIDPTR_TYPE, VOIDPTR_TYPE, VOIDPTR_TYPE, UINT32_TYPE}}, |
| 134 reinterpret_cast<CallbackGeneric>( |
| 135 &ThreadProcessDispatcher::CreateThread)}; |
| 136 |
127 ipc_calls_.push_back(open_thread); | 137 ipc_calls_.push_back(open_thread); |
128 ipc_calls_.push_back(open_process); | 138 ipc_calls_.push_back(open_process); |
129 ipc_calls_.push_back(process_token); | 139 ipc_calls_.push_back(process_token); |
130 ipc_calls_.push_back(process_tokenex); | 140 ipc_calls_.push_back(process_tokenex); |
131 ipc_calls_.push_back(create_params); | 141 ipc_calls_.push_back(create_params); |
| 142 ipc_calls_.push_back(create_thread_params); |
132 } | 143 } |
133 | 144 |
134 bool ThreadProcessDispatcher::SetupService(InterceptionManager* manager, | 145 bool ThreadProcessDispatcher::SetupService(InterceptionManager* manager, |
135 int service) { | 146 int service) { |
136 switch (service) { | 147 switch (service) { |
137 case IPC_NTOPENTHREAD_TAG: | 148 case IPC_NTOPENTHREAD_TAG: |
138 case IPC_NTOPENPROCESS_TAG: | 149 case IPC_NTOPENPROCESS_TAG: |
139 case IPC_NTOPENPROCESSTOKEN_TAG: | 150 case IPC_NTOPENPROCESSTOKEN_TAG: |
140 case IPC_NTOPENPROCESSTOKENEX_TAG: | 151 case IPC_NTOPENPROCESSTOKENEX_TAG: |
| 152 case IPC_CREATETHREAD_TAG: |
141 // There is no explicit policy for these services. | 153 // There is no explicit policy for these services. |
142 NOTREACHED(); | 154 NOTREACHED(); |
143 return false; | 155 return false; |
144 | 156 |
145 case IPC_CREATEPROCESSW_TAG: | 157 case IPC_CREATEPROCESSW_TAG: |
146 return INTERCEPT_EAT(manager, kKerneldllName, CreateProcessW, | 158 return INTERCEPT_EAT(manager, kKerneldllName, CreateProcessW, |
147 CREATE_PROCESSW_ID, 44) && | 159 CREATE_PROCESSW_ID, 44) && |
148 INTERCEPT_EAT(manager, L"kernel32.dll", CreateProcessA, | 160 INTERCEPT_EAT(manager, L"kernel32.dll", CreateProcessA, |
149 CREATE_PROCESSA_ID, 44); | 161 CREATE_PROCESSA_ID, 44); |
150 | 162 |
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
237 // Here we force the app_name to be the one we used for the policy lookup. | 249 // Here we force the app_name to be the one we used for the policy lookup. |
238 // If our logic was wrong, at least we wont allow create a random process. | 250 // If our logic was wrong, at least we wont allow create a random process. |
239 DWORD ret = ProcessPolicy::CreateProcessWAction(eval, *ipc->client_info, | 251 DWORD ret = ProcessPolicy::CreateProcessWAction(eval, *ipc->client_info, |
240 exe_name, *cmd_line, | 252 exe_name, *cmd_line, |
241 proc_info); | 253 proc_info); |
242 | 254 |
243 ipc->return_info.win32_result = ret; | 255 ipc->return_info.win32_result = ret; |
244 return true; | 256 return true; |
245 } | 257 } |
246 | 258 |
| 259 bool ThreadProcessDispatcher::CreateThread(IPCInfo* ipc, |
| 260 SIZE_T stack_size, |
| 261 LPTHREAD_START_ROUTINE start_address, |
| 262 LPVOID parameter, |
| 263 DWORD creation_flags) { |
| 264 if (!start_address) { |
| 265 return false; |
| 266 } |
| 267 |
| 268 HANDLE handle; |
| 269 DWORD ret = ProcessPolicy::CreateThreadAction(*ipc->client_info, stack_size, |
| 270 start_address, parameter, |
| 271 creation_flags, NULL, &handle); |
| 272 |
| 273 ipc->return_info.nt_status = ret; |
| 274 ipc->return_info.handle = handle; |
| 275 return true; |
| 276 } |
| 277 |
247 } // namespace sandbox | 278 } // namespace sandbox |
OLD | NEW |