OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/ppapi_plugin_process_host.h" | 5 #include "content/browser/ppapi_plugin_process_host.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/base_switches.h" | 9 #include "base/base_switches.h" |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
11 #include "base/files/file_path.h" | 11 #include "base/files/file_path.h" |
12 #include "base/metrics/field_trial.h" | 12 #include "base/metrics/field_trial.h" |
13 #include "base/strings/utf_string_conversions.h" | 13 #include "base/strings/utf_string_conversions.h" |
14 #include "content/browser/browser_child_process_host_impl.h" | 14 #include "content/browser/browser_child_process_host_impl.h" |
15 #include "content/browser/plugin_service_impl.h" | 15 #include "content/browser/plugin_service_impl.h" |
16 #include "content/browser/renderer_host/render_message_filter.h" | 16 #include "content/browser/renderer_host/render_message_filter.h" |
17 #include "content/common/child_process_host_impl.h" | 17 #include "content/common/child_process_host_impl.h" |
18 #include "content/common/child_process_messages.h" | 18 #include "content/common/child_process_messages.h" |
| 19 #include "content/common/content_switches_internal.h" |
19 #include "content/public/browser/content_browser_client.h" | 20 #include "content/public/browser/content_browser_client.h" |
20 #include "content/public/common/content_constants.h" | 21 #include "content/public/common/content_constants.h" |
21 #include "content/public/common/content_switches.h" | 22 #include "content/public/common/content_switches.h" |
22 #include "content/public/common/pepper_plugin_info.h" | 23 #include "content/public/common/pepper_plugin_info.h" |
23 #include "content/public/common/process_type.h" | 24 #include "content/public/common/process_type.h" |
24 #include "content/public/common/sandbox_type.h" | 25 #include "content/public/common/sandbox_type.h" |
25 #include "content/public/common/sandboxed_process_launcher_delegate.h" | 26 #include "content/public/common/sandboxed_process_launcher_delegate.h" |
26 #include "ipc/ipc_switches.h" | 27 #include "ipc/ipc_switches.h" |
27 #include "net/base/network_change_notifier.h" | 28 #include "net/base/network_change_notifier.h" |
28 #include "ppapi/proxy/ppapi_messages.h" | 29 #include "ppapi/proxy/ppapi_messages.h" |
29 #include "ui/base/ui_base_switches.h" | 30 #include "ui/base/ui_base_switches.h" |
30 | 31 |
31 #if defined(OS_WIN) | 32 #if defined(OS_WIN) |
32 #include "content/common/sandbox_win.h" | 33 #include "content/common/sandbox_win.h" |
| 34 #include "sandbox/win/src/process_mitigations.h" |
33 #include "sandbox/win/src/sandbox_policy.h" | 35 #include "sandbox/win/src/sandbox_policy.h" |
34 #endif | 36 #endif |
35 | 37 |
36 namespace content { | 38 namespace content { |
37 | 39 |
38 // NOTE: changes to this class need to be reviewed by the security team. | 40 // NOTE: changes to this class need to be reviewed by the security team. |
39 class PpapiPluginSandboxedProcessLauncherDelegate | 41 class PpapiPluginSandboxedProcessLauncherDelegate |
40 : public content::SandboxedProcessLauncherDelegate { | 42 : public content::SandboxedProcessLauncherDelegate { |
41 public: | 43 public: |
42 PpapiPluginSandboxedProcessLauncherDelegate(bool is_broker, | 44 PpapiPluginSandboxedProcessLauncherDelegate(bool is_broker, |
43 const PepperPluginInfo& info, | 45 const PepperPluginInfo& info, |
44 ChildProcessHost* host) | 46 ChildProcessHost* host) |
45 : | 47 : info_(info), |
46 #if defined(OS_POSIX) | 48 #if defined(OS_POSIX) |
47 info_(info), | |
48 ipc_fd_(host->TakeClientFileDescriptor()), | 49 ipc_fd_(host->TakeClientFileDescriptor()), |
49 #endif // OS_POSIX | 50 #endif // OS_POSIX |
50 is_broker_(is_broker) {} | 51 is_broker_(is_broker) {} |
51 | 52 |
52 ~PpapiPluginSandboxedProcessLauncherDelegate() override {} | 53 ~PpapiPluginSandboxedProcessLauncherDelegate() override {} |
53 | 54 |
54 #if defined(OS_WIN) | 55 #if defined(OS_WIN) |
55 bool ShouldSandbox() override { | 56 bool ShouldSandbox() override { |
56 return !is_broker_; | 57 return !is_broker_; |
57 } | 58 } |
58 | 59 |
59 void PreSpawnTarget(sandbox::TargetPolicy* policy, bool* success) override { | 60 void PreSpawnTarget(sandbox::TargetPolicy* policy, bool* success) override { |
60 if (is_broker_) | 61 if (is_broker_) |
61 return; | 62 return; |
62 // The Pepper process as locked-down as a renderer execpt that it can | 63 *success = false; |
63 // create the server side of chrome pipes. | 64 // The Pepper process is as locked-down as a renderer except that it can |
| 65 // create the server side of Chrome pipes. |
64 sandbox::ResultCode result; | 66 sandbox::ResultCode result; |
65 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_NAMED_PIPES, | 67 result = policy->AddRule(sandbox::TargetPolicy::SUBSYS_NAMED_PIPES, |
66 sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY, | 68 sandbox::TargetPolicy::NAMEDPIPES_ALLOW_ANY, |
67 L"\\\\.\\pipe\\chrome.*"); | 69 L"\\\\.\\pipe\\chrome.*"); |
68 *success = (result == sandbox::SBOX_ALL_OK); | 70 if (result != sandbox::SBOX_ALL_OK) |
69 | 71 return; |
| 72 #if !defined(NACL_WIN64) |
| 73 for (const auto& mime_type : info_.mime_types) { |
| 74 if (IsWin32kLockdownEnabledForMimeType(mime_type.mime_type)) { |
| 75 if (!AddWin32kLockdownPolicy(policy)) |
| 76 return; |
| 77 break; |
| 78 } |
| 79 } |
| 80 #endif |
70 const base::string16& sid = | 81 const base::string16& sid = |
71 GetContentClient()->browser()->GetAppContainerSidForSandboxType( | 82 GetContentClient()->browser()->GetAppContainerSidForSandboxType( |
72 GetSandboxType()); | 83 GetSandboxType()); |
73 if (!sid.empty()) | 84 if (!sid.empty()) |
74 AddAppContainerPolicy(policy, sid.c_str()); | 85 AddAppContainerPolicy(policy, sid.c_str()); |
| 86 |
| 87 *success = true; |
75 } | 88 } |
76 | 89 |
77 #elif defined(OS_POSIX) | 90 #elif defined(OS_POSIX) |
78 bool ShouldUseZygote() override { | 91 bool ShouldUseZygote() override { |
79 const base::CommandLine& browser_command_line = | 92 const base::CommandLine& browser_command_line = |
80 *base::CommandLine::ForCurrentProcess(); | 93 *base::CommandLine::ForCurrentProcess(); |
81 base::CommandLine::StringType plugin_launcher = browser_command_line | 94 base::CommandLine::StringType plugin_launcher = browser_command_line |
82 .GetSwitchValueNative(switches::kPpapiPluginLauncher); | 95 .GetSwitchValueNative(switches::kPpapiPluginLauncher); |
83 return !is_broker_ && plugin_launcher.empty(); | 96 return !is_broker_ && plugin_launcher.empty(); |
84 } | 97 } |
85 base::ScopedFD TakeIpcFd() override { return ipc_fd_.Pass(); } | 98 base::ScopedFD TakeIpcFd() override { return ipc_fd_.Pass(); } |
86 #endif // OS_WIN | 99 #endif // OS_WIN |
87 | 100 |
88 SandboxType GetSandboxType() override { | 101 SandboxType GetSandboxType() override { |
89 return SANDBOX_TYPE_PPAPI; | 102 return SANDBOX_TYPE_PPAPI; |
90 } | 103 } |
91 | 104 |
92 private: | 105 private: |
| 106 const PepperPluginInfo& info_; |
93 #if defined(OS_POSIX) | 107 #if defined(OS_POSIX) |
94 const PepperPluginInfo& info_; | |
95 base::ScopedFD ipc_fd_; | 108 base::ScopedFD ipc_fd_; |
96 #endif // OS_POSIX | 109 #endif // OS_POSIX |
97 bool is_broker_; | 110 bool is_broker_; |
98 | 111 |
99 DISALLOW_COPY_AND_ASSIGN(PpapiPluginSandboxedProcessLauncherDelegate); | 112 DISALLOW_COPY_AND_ASSIGN(PpapiPluginSandboxedProcessLauncherDelegate); |
100 }; | 113 }; |
101 | 114 |
102 class PpapiPluginProcessHost::PluginNetworkObserver | 115 class PpapiPluginProcessHost::PluginNetworkObserver |
103 : public net::NetworkChangeNotifier::IPAddressObserver, | 116 : public net::NetworkChangeNotifier::IPAddressObserver, |
104 public net::NetworkChangeNotifier::ConnectionTypeObserver { | 117 public net::NetworkChangeNotifier::ConnectionTypeObserver { |
(...skipping 385 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
490 // sent_requests_ queue should be the one that the plugin just created. | 503 // sent_requests_ queue should be the one that the plugin just created. |
491 Client* client = sent_requests_.front(); | 504 Client* client = sent_requests_.front(); |
492 sent_requests_.pop(); | 505 sent_requests_.pop(); |
493 | 506 |
494 const ChildProcessData& data = process_->GetData(); | 507 const ChildProcessData& data = process_->GetData(); |
495 client->OnPpapiChannelOpened(channel_handle, base::GetProcId(data.handle), | 508 client->OnPpapiChannelOpened(channel_handle, base::GetProcId(data.handle), |
496 data.id); | 509 data.id); |
497 } | 510 } |
498 | 511 |
499 } // namespace content | 512 } // namespace content |
OLD | NEW |