Issue 1452393002: Block legacy hooking mechanisms on Win8+

Issue 1452393002: Block legacy hooking mechanisms on Win8+ (Closed)

Created:
5 years, 1 month ago by jschuh

Modified:
4 years, 10 months ago

Reviewers:
robertshield

CC:
chromium-reviews, darin-cc_chromium.org, jam, rickyz+watch_chromium.org, caitkp+watch_chromium.org

Base URL:
https://chromium.googlesource.com/chromium/src.git@master

Target Ref:
refs/pending/heads/master

Project:
chromium

Visibility:
Public.

More Reviews

Description

Block legacy hooking mechanisms on Win8+ This should reduce crashes in third-party hooks. Finch experiment included for A-B testing. BUG=557798

Patch Set 1 #

Total comments: 3

Created: 5 years, 1 month ago

Download [raw] [tar.bz2]

		Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+24 lines, -5 lines)			Patch
	M	chrome/browser/chrome_elf_init_win.cc	View		2 chunks	+17 lines, -0 lines	3 comments	Download
	M	content/common/sandbox_win.cc	View		1 chunk	+7 lines, -5 lines	0 comments	Download

Messages

Total messages: 6 (2 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

jschuh

PTAL. I'm setting this as the default, and providing a Finch toggle. And I'm not ...

5 years, 1 month ago (2015-11-18 16:32:40 UTC) #3

robertshield

https://codereview.chromium.org/1452393002/diff/1/chrome/browser/chrome_elf_init_win.cc File chrome/browser/chrome_elf_init_win.cc (right): https://codereview.chromium.org/1452393002/diff/1/chrome/browser/chrome_elf_init_win.cc#newcode91 chrome/browser/chrome_elf_init_win.cc:91: base::FieldTrialList::FindFullName("WindowsHookBlocking") != "Disabled") { Not sure it's useful to ...

5 years, 1 month ago (2015-11-18 17:51:03 UTC) #4

jschuh

5 years, 1 month ago (2015-11-18 18:21:15 UTC) #5

robertshield

5 years, 1 month ago (2015-11-18 19:50:29 UTC) #6

https://codereview.chromium.org/1452393002/diff/1/chrome/browser/chrome_elf_i...
File chrome/browser/chrome_elf_init_win.cc (right):

https://codereview.chromium.org/1452393002/diff/1/chrome/browser/chrome_elf_i...
chrome/browser/chrome_elf_init_win.cc:91:
base::FieldTrialList::FindFullName("WindowsHookBlocking") != "Disabled") {
On 2015/11/18 18:21:15, jschuh (very slow) wrote:
> On 2015/11/18 17:51:03, robertshield wrote:
> > Not sure it's useful to apply the policy here. This is the browser end of
elf
> > initialization which isn't terribly early in the process. AppInit_Dlls, etc.
> > will have already loaded by this point. 
> > 
> > What you probably want is to do this during elf dll initialization, here:
> >
>
https://code.google.com/p/chromium/codesearch#chromium/src/chrome_elf/chrome_...
> > 
> > There are some constraints: no using base/ and don't do anything that isn't
> safe
> > under the loader lock. 
> 
> Okay, that makes a lot more sense. Because I traced it through, and this
seemed
> very late to me as well.
> 
> Given the restrictions, it sounds like I won't be able to finch gate this, or
am
> I wrong?

You can, but there are hoops to jump through and involves cooperation from the
browser process. We do this for the blacklist by proxying through the registry
to communicate finch state to elf. This means on first run, elf does nothing,
when the browser starts up it reads some finch state, writes it to the registry,
on subsequent runs, elf finds this state in the registry and then does stuff. It
ain't pretty, but it works.

Example Elf side of things :
https://code.google.com/p/chromium/codesearch#chromium/src/chrome_elf/blackli...
Browser side of things:
https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/chr...

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages