OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/common/sandbox_win.h" | 5 #include "content/common/sandbox_win.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/base_switches.h" | 9 #include "base/base_switches.h" |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 551 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
562 if (base::win::GetVersion() == base::win::VERSION_WIN8 || | 562 if (base::win::GetVersion() == base::win::VERSION_WIN8 || |
563 base::win::GetVersion() == base::win::VERSION_WIN8_1) { | 563 base::win::GetVersion() == base::win::VERSION_WIN8_1) { |
564 const base::CommandLine& command_line = | 564 const base::CommandLine& command_line = |
565 *base::CommandLine::ForCurrentProcess(); | 565 *base::CommandLine::ForCurrentProcess(); |
566 if (command_line.HasSwitch(switches::kEnableAppContainer)) { | 566 if (command_line.HasSwitch(switches::kEnableAppContainer)) { |
567 policy->SetLowBox(sid); | 567 policy->SetLowBox(sid); |
568 } | 568 } |
569 } | 569 } |
570 } | 570 } |
571 | 571 |
| 572 bool AddWin32kLockdownPolicy(sandbox::TargetPolicy* policy) { |
| 573 #if !defined(NACL_WIN64) |
| 574 if (!IsWin32kRendererLockdownEnabled()) |
| 575 return true; |
| 576 |
| 577 // Enable win32k lockdown if not already. |
| 578 sandbox::MitigationFlags flags = policy->GetProcessMitigations(); |
| 579 if ((flags & sandbox::MITIGATION_WIN32K_DISABLE) == |
| 580 sandbox::MITIGATION_WIN32K_DISABLE) |
| 581 return true; |
| 582 |
| 583 sandbox::ResultCode result = |
| 584 policy->AddRule(sandbox::TargetPolicy::SUBSYS_WIN32K_LOCKDOWN, |
| 585 sandbox::TargetPolicy::FAKE_USER_GDI_INIT, nullptr); |
| 586 if (result != sandbox::SBOX_ALL_OK) |
| 587 return false; |
| 588 |
| 589 flags |= sandbox::MITIGATION_WIN32K_DISABLE; |
| 590 result = policy->SetProcessMitigations(flags); |
| 591 if (result != sandbox::SBOX_ALL_OK) |
| 592 return false; |
| 593 #endif |
| 594 return true; |
| 595 } |
| 596 |
572 bool InitBrokerServices(sandbox::BrokerServices* broker_services) { | 597 bool InitBrokerServices(sandbox::BrokerServices* broker_services) { |
573 // TODO(abarth): DCHECK(CalledOnValidThread()); | 598 // TODO(abarth): DCHECK(CalledOnValidThread()); |
574 // See <http://b/1287166>. | 599 // See <http://b/1287166>. |
575 DCHECK(broker_services); | 600 DCHECK(broker_services); |
576 DCHECK(!g_broker_services); | 601 DCHECK(!g_broker_services); |
577 sandbox::ResultCode result = broker_services->Init(); | 602 sandbox::ResultCode result = broker_services->Init(); |
578 g_broker_services = broker_services; | 603 g_broker_services = broker_services; |
579 | 604 |
580 // In non-official builds warn about dangerous uses of DuplicateHandle. | 605 // In non-official builds warn about dangerous uses of DuplicateHandle. |
581 #ifndef OFFICIAL_BUILD | 606 #ifndef OFFICIAL_BUILD |
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
649 } | 674 } |
650 | 675 |
651 sandbox::TargetPolicy* policy = g_broker_services->CreatePolicy(); | 676 sandbox::TargetPolicy* policy = g_broker_services->CreatePolicy(); |
652 | 677 |
653 sandbox::MitigationFlags mitigations = sandbox::MITIGATION_HEAP_TERMINATE | | 678 sandbox::MitigationFlags mitigations = sandbox::MITIGATION_HEAP_TERMINATE | |
654 sandbox::MITIGATION_BOTTOM_UP_ASLR | | 679 sandbox::MITIGATION_BOTTOM_UP_ASLR | |
655 sandbox::MITIGATION_DEP | | 680 sandbox::MITIGATION_DEP | |
656 sandbox::MITIGATION_DEP_NO_ATL_THUNK | | 681 sandbox::MITIGATION_DEP_NO_ATL_THUNK | |
657 sandbox::MITIGATION_SEHOP; | 682 sandbox::MITIGATION_SEHOP; |
658 | 683 |
| 684 if (policy->SetProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK) |
| 685 return base::Process(); |
| 686 |
659 #if !defined(NACL_WIN64) | 687 #if !defined(NACL_WIN64) |
660 if (type_str == switches::kRendererProcess && | 688 if (type_str == switches::kRendererProcess && |
661 IsWin32kRendererLockdownEnabled()) { | 689 IsWin32kRendererLockdownEnabled()) { |
662 if (policy->AddRule(sandbox::TargetPolicy::SUBSYS_WIN32K_LOCKDOWN, | 690 if (!AddWin32kLockdownPolicy(policy)) |
663 sandbox::TargetPolicy::FAKE_USER_GDI_INIT, | |
664 NULL) != sandbox::SBOX_ALL_OK) { | |
665 return base::Process(); | 691 return base::Process(); |
666 } | |
667 mitigations |= sandbox::MITIGATION_WIN32K_DISABLE; | |
668 } | 692 } |
669 #endif | 693 #endif |
670 | 694 |
671 if (policy->SetProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK) | |
672 return base::Process(); | |
673 | |
674 mitigations = sandbox::MITIGATION_STRICT_HANDLE_CHECKS | | 695 mitigations = sandbox::MITIGATION_STRICT_HANDLE_CHECKS | |
675 sandbox::MITIGATION_DLL_SEARCH_ORDER; | 696 sandbox::MITIGATION_DLL_SEARCH_ORDER; |
676 | 697 |
677 if (policy->SetDelayedProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK) | 698 if (policy->SetDelayedProcessMitigations(mitigations) != sandbox::SBOX_ALL_OK) |
678 return base::Process(); | 699 return base::Process(); |
679 | 700 |
680 SetJobLevel(*cmd_line, sandbox::JOB_LOCKDOWN, 0, policy); | 701 SetJobLevel(*cmd_line, sandbox::JOB_LOCKDOWN, 0, policy); |
681 | 702 |
682 bool disable_default_policy = false; | 703 bool disable_default_policy = false; |
683 base::FilePath exposed_dir; | 704 base::FilePath exposed_dir; |
(...skipping 143 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
827 } | 848 } |
828 | 849 |
829 return false; | 850 return false; |
830 } | 851 } |
831 | 852 |
832 bool BrokerAddTargetPeer(HANDLE peer_process) { | 853 bool BrokerAddTargetPeer(HANDLE peer_process) { |
833 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; | 854 return g_broker_services->AddTargetPeer(peer_process) == sandbox::SBOX_ALL_OK; |
834 } | 855 } |
835 | 856 |
836 } // namespace content | 857 } // namespace content |
OLD | NEW |