sandbox/win/src/process_thread_policy.cc - Issue 1225183003: CreateThread interception, to use CreateRemoteThread

Side by Side Diff: sandbox/win/src/process_thread_policy.cc

Issue 1225183003: CreateThread interception, to use CreateRemoteThread (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: fix missing variable from cleanup Created 5 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "sandbox/win/src/process_thread_policy.h"	5 #include "sandbox/win/src/process_thread_policy.h"

6	6

7 #include <string>	7 #include <string>

8	8

9 #include "base/memory/scoped_ptr.h"	9 #include "base/memory/scoped_ptr.h"

10 #include "sandbox/win/src/ipc_tags.h"	10 #include "sandbox/win/src/ipc_tags.h"

(...skipping 79 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
90 return false;	90 return false;

91 };	91 };

92 }	92 }

93	93

94 if (!process->AddStringMatch(IF, NameBased::NAME, name, CASE_INSENSITIVE)) {	94 if (!process->AddStringMatch(IF, NameBased::NAME, name, CASE_INSENSITIVE)) {

95 return false;	95 return false;

96 }	96 }

97 if (!policy->AddRule(IPC_CREATEPROCESSW_TAG, process.get())) {	97 if (!policy->AddRule(IPC_CREATEPROCESSW_TAG, process.get())) {

98 return false;	98 return false;

99 }	99 }

	100 if (!policy->AddRule(IPC_CREATETHREAD_TAG, process.get())) {

	101 return false;

	102 }

100 return true;	103 return true;

101 }	104 }

102	105

103 NTSTATUS ProcessPolicy::OpenThreadAction(const ClientInfo& client_info,	106 NTSTATUS ProcessPolicy::OpenThreadAction(const ClientInfo& client_info,

104 uint32 desired_access,	107 uint32 desired_access,

105 uint32 thread_id,	108 uint32 thread_id,

106 HANDLE* handle) {	109 HANDLE* handle) {

107 *handle = NULL;	110 *handle = NULL;

108	111

109 NtOpenThreadFunction NtOpenThread = NULL;	112 NtOpenThreadFunction NtOpenThread = NULL;

(...skipping 119 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
229 BOOL should_give_full_access = (GIVE_ALLACCESS == eval_result);	232 BOOL should_give_full_access = (GIVE_ALLACCESS == eval_result);

230 if (!CreateProcessExWHelper(client_info.process, should_give_full_access,	233 if (!CreateProcessExWHelper(client_info.process, should_give_full_access,

231 app_name.c_str(), cmd_line.get(), NULL, NULL,	234 app_name.c_str(), cmd_line.get(), NULL, NULL,

232 FALSE, 0, NULL, NULL, &startup_info,	235 FALSE, 0, NULL, NULL, &startup_info,

233 process_info)) {	236 process_info)) {

234 return ERROR_ACCESS_DENIED;	237 return ERROR_ACCESS_DENIED;

235 }	238 }

236 return ERROR_SUCCESS;	239 return ERROR_SUCCESS;

237 }	240 }

238	241

	242 DWORD ProcessPolicy::CreateThreadAction(EvalResult eval_result,

	243 const ClientInfo& client_info,

	244 const LPSECURITY_ATTRIBUTES thread_attributes,

	245 const SIZE_T stack_size,

	246 const LPTHREAD_START_ROUTINE start_address,

	247 const PVOID parameter,

	248 const DWORD creation_flags,

	249 LPDWORD thread_id,

	250 HANDLE *handle) {

	251

	252 // The only action supported is ASK_BROKER which means create the process.

	253 if (GIVE_ALLACCESS != eval_result && GIVE_READONLY != eval_result) {
	Will Harris 2015/09/04 02:41:01 eval_result will always be GIVE_ALLACCESS I wonde eval_result will always be GIVE_ALLACCESS I wonder if we even need to pass the eval through unless we plan to change this to allow policy based blocking for CreateThread liamjm (20p) 2015/09/04 21:30:39 As discussed, this is more of a stylistic thing - Show quoted text On 2015/09/04 02:41:01, Will Harris wrote: > eval_result will always be GIVE_ALLACCESS > > I wonder if we even need to pass the eval through unless we plan to change this > to allow policy based blocking for CreateThread As discussed, this is more of a stylistic thing - do we match the existing functions, or remove the redundant checks. Will discuss with jschuh@ when he's back.
	254 return ERROR_ACCESS_DENIED;

	255 }

	256 HANDLE local_handle = CreateRemoteThread(

	257 client_info.process,

	258 thread_attributes,

	259 stack_size,

	260 start_address,

	261 parameter,

	262 creation_flags,

	263 thread_id);

	264 if (!local_handle) {

	265 return ERROR_ACCESS_DENIED;

	266 }

	267 if (!::DuplicateHandle(::GetCurrentProcess(), local_handle,

	268 client_info.process, handle, 0, FALSE,

	269 DUPLICATE_CLOSE_SOURCE \| DUPLICATE_SAME_ACCESS)) {

	270 // TODO(liamjm): what do we do on error with original handle??
	Will Harris 2015/09/04 02:41:01 I don't know but we probably need a DCHECK here I don't know but we probably need a DCHECK here liamjm (20p) 2015/09/04 21:30:39 Added a DCHECK() Show quoted text On 2015/09/04 02:41:01, Will Harris wrote: > I don't know but we probably need a DCHECK here Added a DCHECK()
	271 return ERROR_ACCESS_DENIED;

	272 }

	273 return ERROR_SUCCESS;

	274 }

	275

239 } // namespace sandbox	276 } // namespace sandbox

OLD	NEW

« sandbox/win/src/process_thread_dispatcher.cc ('K') | « sandbox/win/src/process_thread_policy.h ('k') | sandbox/win/src/sandbox_policy_base.cc » ('j') | no next file with comments »