| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/target_services.h" | 5 #include "sandbox/win/src/target_services.h" |
| 6 | 6 |
| 7 #include <new> | 7 #include <new> |
| 8 | 8 |
| 9 #include <process.h> | 9 #include <process.h> |
| 10 | 10 |
| (...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 52 if (sandbox::HandleCloserAgent::NeedsHandlesClosed()) { | 52 if (sandbox::HandleCloserAgent::NeedsHandlesClosed()) { |
| 53 sandbox::HandleCloserAgent handle_closer; | 53 sandbox::HandleCloserAgent handle_closer; |
| 54 handle_closer.InitializeHandlesToClose(is_csrss_connected); | 54 handle_closer.InitializeHandlesToClose(is_csrss_connected); |
| 55 if (!handle_closer.CloseHandles()) | 55 if (!handle_closer.CloseHandles()) |
| 56 return false; | 56 return false; |
| 57 } | 57 } |
| 58 | 58 |
| 59 return true; | 59 return true; |
| 60 } | 60 } |
| 61 | 61 |
| 62 // GetUserDefaultLocaleName is not available on WIN XP. So we'll |
| 63 // load it on-the-fly. |
| 64 const wchar_t kKernel32DllName[] = L"kernel32.dll"; |
| 65 typedef decltype(GetUserDefaultLocaleName)* GetUserDefaultLocaleNameFunction; |
| 66 |
| 67 // Warm up language subsystems before the sandbox is turned on. |
| 68 // Tested on Win8.1 x64: |
| 69 // This needs to happen after RevertToSelf() is called, because (at least) in |
| 70 // the case of GetUserDefaultLCID() it checks the TEB to see if the process is |
| 71 // impersonating (TEB!IsImpersonating). If it is, the cached locale information |
| 72 // is not used, nor is it set. Therefore, calls after RevertToSelf() will not |
| 73 // have warmed-up values to use. |
| 74 bool WarmupWindowsLocales() { |
| 75 // NOTE(liamjm): When last checked (Win 8.1 x64) it wasn't necessary to |
| 76 // warmup all of these functions, but let's not assume that. |
| 77 ::GetUserDefaultLangID(); |
| 78 ::GetUserDefaultLCID(); |
| 79 if (base::win::GetVersion() >= base::win::VERSION_VISTA) { |
| 80 static GetUserDefaultLocaleNameFunction GetUserDefaultLocaleName_func = |
| 81 NULL; |
| 82 if (!GetUserDefaultLocaleName_func) { |
| 83 HMODULE kernel32_dll = ::GetModuleHandle(kKernel32DllName); |
| 84 if (!kernel32_dll) { |
| 85 return false; |
| 86 } |
| 87 GetUserDefaultLocaleName_func = |
| 88 reinterpret_cast<GetUserDefaultLocaleNameFunction>( |
| 89 GetProcAddress(kernel32_dll, "GetUserDefaultLocaleName")); |
| 90 if (!GetUserDefaultLocaleName_func) { |
| 91 return false; |
| 92 } |
| 93 } |
| 94 wchar_t localeName[LOCALE_NAME_MAX_LENGTH] = {0}; |
| 95 return (0 != GetUserDefaultLocaleName_func( |
| 96 localeName, LOCALE_NAME_MAX_LENGTH * sizeof(wchar_t))); |
| 97 } |
| 98 return true; |
| 99 } |
| 62 | 100 |
| 63 // Used as storage for g_target_services, because other allocation facilities | 101 // Used as storage for g_target_services, because other allocation facilities |
| 64 // are not available early. We can't use a regular function static because on | 102 // are not available early. We can't use a regular function static because on |
| 65 // VS2015, because the CRT tries to acquire a lock to guard initialization, but | 103 // VS2015, because the CRT tries to acquire a lock to guard initialization, but |
| 66 // this code runs before the CRT is initialized. | 104 // this code runs before the CRT is initialized. |
| 67 char g_target_services_memory[sizeof(sandbox::TargetServicesBase)]; | 105 char g_target_services_memory[sizeof(sandbox::TargetServicesBase)]; |
| 68 sandbox::TargetServicesBase* g_target_services = nullptr; | 106 sandbox::TargetServicesBase* g_target_services = nullptr; |
| 69 | 107 |
| 70 } // namespace | 108 } // namespace |
| 71 | 109 |
| (...skipping 18 matching lines...) Expand all Loading... |
| 90 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_INTEGRITY); | 128 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_INTEGRITY); |
| 91 process_state_.SetRevertedToSelf(); | 129 process_state_.SetRevertedToSelf(); |
| 92 // If the client code as called RegOpenKey, advapi32.dll has cached some | 130 // If the client code as called RegOpenKey, advapi32.dll has cached some |
| 93 // handles. The following code gets rid of them. | 131 // handles. The following code gets rid of them. |
| 94 if (!::RevertToSelf()) | 132 if (!::RevertToSelf()) |
| 95 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_DROPTOKEN); | 133 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_DROPTOKEN); |
| 96 if (!FlushCachedRegHandles()) | 134 if (!FlushCachedRegHandles()) |
| 97 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_FLUSHANDLES); | 135 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_FLUSHANDLES); |
| 98 if (ERROR_SUCCESS != ::RegDisablePredefinedCache()) | 136 if (ERROR_SUCCESS != ::RegDisablePredefinedCache()) |
| 99 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_CACHEDISABLE); | 137 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_CACHEDISABLE); |
| 138 if (!WarmupWindowsLocales()) |
| 139 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_WARMUP); |
| 100 bool is_csrss_connected = true; | 140 bool is_csrss_connected = true; |
| 101 if (!CloseOpenHandles(&is_csrss_connected)) | 141 if (!CloseOpenHandles(&is_csrss_connected)) |
| 102 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_CLOSEHANDLES); | 142 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_CLOSEHANDLES); |
| 103 process_state_.SetCsrssConnected(is_csrss_connected); | 143 process_state_.SetCsrssConnected(is_csrss_connected); |
| 104 // Enabling mitigations must happen last otherwise handle closing breaks | 144 // Enabling mitigations must happen last otherwise handle closing breaks |
| 105 if (g_shared_delayed_mitigations && | 145 if (g_shared_delayed_mitigations && |
| 106 !ApplyProcessMitigationsToCurrentProcess(g_shared_delayed_mitigations)) | 146 !ApplyProcessMitigationsToCurrentProcess(g_shared_delayed_mitigations)) |
| 107 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_MITIGATION); | 147 ::TerminateProcess(::GetCurrentProcess(), SBOX_FATAL_MITIGATION); |
| 108 } | 148 } |
| 109 | 149 |
| (...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 212 ResultCode TargetServicesBase::DuplicateHandle(HANDLE source_handle, | 252 ResultCode TargetServicesBase::DuplicateHandle(HANDLE source_handle, |
| 213 DWORD target_process_id, | 253 DWORD target_process_id, |
| 214 HANDLE* target_handle, | 254 HANDLE* target_handle, |
| 215 DWORD desired_access, | 255 DWORD desired_access, |
| 216 DWORD options) { | 256 DWORD options) { |
| 217 return sandbox::DuplicateHandleProxy(source_handle, target_process_id, | 257 return sandbox::DuplicateHandleProxy(source_handle, target_process_id, |
| 218 target_handle, desired_access, options); | 258 target_handle, desired_access, options); |
| 219 } | 259 } |
| 220 | 260 |
| 221 } // namespace sandbox | 261 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1419483002:
Windows sbox: Warmup locales before sandbox lockdown (and tests) (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master