OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
| 5 #include <stdint.h> |
| 6 |
5 #include <string> | 7 #include <string> |
6 | 8 |
7 #include "sandbox/win/src/filesystem_policy.h" | 9 #include "sandbox/win/src/filesystem_policy.h" |
8 | 10 |
9 #include "base/logging.h" | 11 #include "base/logging.h" |
| 12 #include "base/macros.h" |
10 #include "base/win/scoped_handle.h" | 13 #include "base/win/scoped_handle.h" |
11 #include "base/win/windows_version.h" | 14 #include "base/win/windows_version.h" |
12 #include "sandbox/win/src/ipc_tags.h" | 15 #include "sandbox/win/src/ipc_tags.h" |
13 #include "sandbox/win/src/policy_engine_opcodes.h" | 16 #include "sandbox/win/src/policy_engine_opcodes.h" |
14 #include "sandbox/win/src/policy_params.h" | 17 #include "sandbox/win/src/policy_params.h" |
| 18 #include "sandbox/win/src/sandbox_types.h" |
15 #include "sandbox/win/src/sandbox_utils.h" | 19 #include "sandbox/win/src/sandbox_utils.h" |
16 #include "sandbox/win/src/sandbox_types.h" | |
17 #include "sandbox/win/src/win_utils.h" | 20 #include "sandbox/win/src/win_utils.h" |
18 | 21 |
19 namespace { | 22 namespace { |
20 | 23 |
21 NTSTATUS NtCreateFileInTarget(HANDLE* target_file_handle, | 24 NTSTATUS NtCreateFileInTarget(HANDLE* target_file_handle, |
22 ACCESS_MASK desired_access, | 25 ACCESS_MASK desired_access, |
23 OBJECT_ATTRIBUTES* obj_attributes, | 26 OBJECT_ATTRIBUTES* obj_attributes, |
24 IO_STATUS_BLOCK* io_status_block, | 27 IO_STATUS_BLOCK* io_status_block, |
25 ULONG file_attributes, | 28 ULONG file_attributes, |
26 ULONG share_access, | 29 ULONG share_access, |
(...skipping 205 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
232 return false; | 235 return false; |
233 | 236 |
234 if (!policy->AddRule(IPC_NTSETINFO_RENAME_TAG, &short_name)) | 237 if (!policy->AddRule(IPC_NTSETINFO_RENAME_TAG, &short_name)) |
235 return false; | 238 return false; |
236 | 239 |
237 return true; | 240 return true; |
238 } | 241 } |
239 | 242 |
240 bool FileSystemPolicy::CreateFileAction(EvalResult eval_result, | 243 bool FileSystemPolicy::CreateFileAction(EvalResult eval_result, |
241 const ClientInfo& client_info, | 244 const ClientInfo& client_info, |
242 const base::string16 &file, | 245 const base::string16& file, |
243 uint32 attributes, | 246 uint32_t attributes, |
244 uint32 desired_access, | 247 uint32_t desired_access, |
245 uint32 file_attributes, | 248 uint32_t file_attributes, |
246 uint32 share_access, | 249 uint32_t share_access, |
247 uint32 create_disposition, | 250 uint32_t create_disposition, |
248 uint32 create_options, | 251 uint32_t create_options, |
249 HANDLE *handle, | 252 HANDLE* handle, |
250 NTSTATUS* nt_status, | 253 NTSTATUS* nt_status, |
251 ULONG_PTR *io_information) { | 254 ULONG_PTR* io_information) { |
252 // The only action supported is ASK_BROKER which means create the requested | 255 // The only action supported is ASK_BROKER which means create the requested |
253 // file as specified. | 256 // file as specified. |
254 if (ASK_BROKER != eval_result) { | 257 if (ASK_BROKER != eval_result) { |
255 *nt_status = STATUS_ACCESS_DENIED; | 258 *nt_status = STATUS_ACCESS_DENIED; |
256 return false; | 259 return false; |
257 } | 260 } |
258 IO_STATUS_BLOCK io_block = {}; | 261 IO_STATUS_BLOCK io_block = {}; |
259 UNICODE_STRING uni_name = {}; | 262 UNICODE_STRING uni_name = {}; |
260 OBJECT_ATTRIBUTES obj_attributes = {}; | 263 OBJECT_ATTRIBUTES obj_attributes = {}; |
261 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); | 264 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); |
262 | 265 |
263 InitObjectAttribs(file, attributes, NULL, &obj_attributes, | 266 InitObjectAttribs(file, attributes, NULL, &obj_attributes, |
264 &uni_name, IsPipe(file) ? &security_qos : NULL); | 267 &uni_name, IsPipe(file) ? &security_qos : NULL); |
265 *nt_status = NtCreateFileInTarget(handle, desired_access, &obj_attributes, | 268 *nt_status = NtCreateFileInTarget(handle, desired_access, &obj_attributes, |
266 &io_block, file_attributes, share_access, | 269 &io_block, file_attributes, share_access, |
267 create_disposition, create_options, NULL, | 270 create_disposition, create_options, NULL, |
268 0, client_info.process); | 271 0, client_info.process); |
269 | 272 |
270 *io_information = io_block.Information; | 273 *io_information = io_block.Information; |
271 return true; | 274 return true; |
272 } | 275 } |
273 | 276 |
274 bool FileSystemPolicy::OpenFileAction(EvalResult eval_result, | 277 bool FileSystemPolicy::OpenFileAction(EvalResult eval_result, |
275 const ClientInfo& client_info, | 278 const ClientInfo& client_info, |
276 const base::string16 &file, | 279 const base::string16& file, |
277 uint32 attributes, | 280 uint32_t attributes, |
278 uint32 desired_access, | 281 uint32_t desired_access, |
279 uint32 share_access, | 282 uint32_t share_access, |
280 uint32 open_options, | 283 uint32_t open_options, |
281 HANDLE *handle, | 284 HANDLE* handle, |
282 NTSTATUS* nt_status, | 285 NTSTATUS* nt_status, |
283 ULONG_PTR *io_information) { | 286 ULONG_PTR* io_information) { |
284 // The only action supported is ASK_BROKER which means open the requested | 287 // The only action supported is ASK_BROKER which means open the requested |
285 // file as specified. | 288 // file as specified. |
286 if (ASK_BROKER != eval_result) { | 289 if (ASK_BROKER != eval_result) { |
287 *nt_status = STATUS_ACCESS_DENIED; | 290 *nt_status = STATUS_ACCESS_DENIED; |
288 return true; | 291 return true; |
289 } | 292 } |
290 // An NtOpen is equivalent to an NtCreate with FileAttributes = 0 and | 293 // An NtOpen is equivalent to an NtCreate with FileAttributes = 0 and |
291 // CreateDisposition = FILE_OPEN. | 294 // CreateDisposition = FILE_OPEN. |
292 IO_STATUS_BLOCK io_block = {}; | 295 IO_STATUS_BLOCK io_block = {}; |
293 UNICODE_STRING uni_name = {}; | 296 UNICODE_STRING uni_name = {}; |
294 OBJECT_ATTRIBUTES obj_attributes = {}; | 297 OBJECT_ATTRIBUTES obj_attributes = {}; |
295 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); | 298 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); |
296 | 299 |
297 InitObjectAttribs(file, attributes, NULL, &obj_attributes, | 300 InitObjectAttribs(file, attributes, NULL, &obj_attributes, |
298 &uni_name, IsPipe(file) ? &security_qos : NULL); | 301 &uni_name, IsPipe(file) ? &security_qos : NULL); |
299 *nt_status = NtCreateFileInTarget(handle, desired_access, &obj_attributes, | 302 *nt_status = NtCreateFileInTarget(handle, desired_access, &obj_attributes, |
300 &io_block, 0, share_access, FILE_OPEN, | 303 &io_block, 0, share_access, FILE_OPEN, |
301 open_options, NULL, 0, | 304 open_options, NULL, 0, |
302 client_info.process); | 305 client_info.process); |
303 | 306 |
304 *io_information = io_block.Information; | 307 *io_information = io_block.Information; |
305 return true; | 308 return true; |
306 } | 309 } |
307 | 310 |
308 bool FileSystemPolicy::QueryAttributesFileAction( | 311 bool FileSystemPolicy::QueryAttributesFileAction( |
309 EvalResult eval_result, | 312 EvalResult eval_result, |
310 const ClientInfo& client_info, | 313 const ClientInfo& client_info, |
311 const base::string16 &file, | 314 const base::string16& file, |
312 uint32 attributes, | 315 uint32_t attributes, |
313 FILE_BASIC_INFORMATION* file_info, | 316 FILE_BASIC_INFORMATION* file_info, |
314 NTSTATUS* nt_status) { | 317 NTSTATUS* nt_status) { |
315 // The only action supported is ASK_BROKER which means query the requested | 318 // The only action supported is ASK_BROKER which means query the requested |
316 // file as specified. | 319 // file as specified. |
317 if (ASK_BROKER != eval_result) { | 320 if (ASK_BROKER != eval_result) { |
318 *nt_status = STATUS_ACCESS_DENIED; | 321 *nt_status = STATUS_ACCESS_DENIED; |
319 return true; | 322 return true; |
320 } | 323 } |
321 | 324 |
322 NtQueryAttributesFileFunction NtQueryAttributesFile = NULL; | 325 NtQueryAttributesFileFunction NtQueryAttributesFile = NULL; |
323 ResolveNTFunctionPtr("NtQueryAttributesFile", &NtQueryAttributesFile); | 326 ResolveNTFunctionPtr("NtQueryAttributesFile", &NtQueryAttributesFile); |
324 | 327 |
325 UNICODE_STRING uni_name = {0}; | 328 UNICODE_STRING uni_name = {0}; |
326 OBJECT_ATTRIBUTES obj_attributes = {0}; | 329 OBJECT_ATTRIBUTES obj_attributes = {0}; |
327 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); | 330 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); |
328 | 331 |
329 InitObjectAttribs(file, attributes, NULL, &obj_attributes, | 332 InitObjectAttribs(file, attributes, NULL, &obj_attributes, |
330 &uni_name, IsPipe(file) ? &security_qos : NULL); | 333 &uni_name, IsPipe(file) ? &security_qos : NULL); |
331 *nt_status = NtQueryAttributesFile(&obj_attributes, file_info); | 334 *nt_status = NtQueryAttributesFile(&obj_attributes, file_info); |
332 | 335 |
333 return true; | 336 return true; |
334 } | 337 } |
335 | 338 |
336 bool FileSystemPolicy::QueryFullAttributesFileAction( | 339 bool FileSystemPolicy::QueryFullAttributesFileAction( |
337 EvalResult eval_result, | 340 EvalResult eval_result, |
338 const ClientInfo& client_info, | 341 const ClientInfo& client_info, |
339 const base::string16 &file, | 342 const base::string16& file, |
340 uint32 attributes, | 343 uint32_t attributes, |
341 FILE_NETWORK_OPEN_INFORMATION* file_info, | 344 FILE_NETWORK_OPEN_INFORMATION* file_info, |
342 NTSTATUS* nt_status) { | 345 NTSTATUS* nt_status) { |
343 // The only action supported is ASK_BROKER which means query the requested | 346 // The only action supported is ASK_BROKER which means query the requested |
344 // file as specified. | 347 // file as specified. |
345 if (ASK_BROKER != eval_result) { | 348 if (ASK_BROKER != eval_result) { |
346 *nt_status = STATUS_ACCESS_DENIED; | 349 *nt_status = STATUS_ACCESS_DENIED; |
347 return true; | 350 return true; |
348 } | 351 } |
349 | 352 |
350 NtQueryFullAttributesFileFunction NtQueryFullAttributesFile = NULL; | 353 NtQueryFullAttributesFileFunction NtQueryFullAttributesFile = NULL; |
351 ResolveNTFunctionPtr("NtQueryFullAttributesFile", &NtQueryFullAttributesFile); | 354 ResolveNTFunctionPtr("NtQueryFullAttributesFile", &NtQueryFullAttributesFile); |
352 | 355 |
353 UNICODE_STRING uni_name = {0}; | 356 UNICODE_STRING uni_name = {0}; |
354 OBJECT_ATTRIBUTES obj_attributes = {0}; | 357 OBJECT_ATTRIBUTES obj_attributes = {0}; |
355 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); | 358 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); |
356 | 359 |
357 InitObjectAttribs(file, attributes, NULL, &obj_attributes, | 360 InitObjectAttribs(file, attributes, NULL, &obj_attributes, |
358 &uni_name, IsPipe(file) ? &security_qos : NULL); | 361 &uni_name, IsPipe(file) ? &security_qos : NULL); |
359 *nt_status = NtQueryFullAttributesFile(&obj_attributes, file_info); | 362 *nt_status = NtQueryFullAttributesFile(&obj_attributes, file_info); |
360 | 363 |
361 return true; | 364 return true; |
362 } | 365 } |
363 | 366 |
364 bool FileSystemPolicy::SetInformationFileAction( | 367 bool FileSystemPolicy::SetInformationFileAction(EvalResult eval_result, |
365 EvalResult eval_result, const ClientInfo& client_info, | 368 const ClientInfo& client_info, |
366 HANDLE target_file_handle, void* file_info, uint32 length, | 369 HANDLE target_file_handle, |
367 uint32 info_class, IO_STATUS_BLOCK* io_block, | 370 void* file_info, |
368 NTSTATUS* nt_status) { | 371 uint32_t length, |
| 372 uint32_t info_class, |
| 373 IO_STATUS_BLOCK* io_block, |
| 374 NTSTATUS* nt_status) { |
369 // The only action supported is ASK_BROKER which means open the requested | 375 // The only action supported is ASK_BROKER which means open the requested |
370 // file as specified. | 376 // file as specified. |
371 if (ASK_BROKER != eval_result) { | 377 if (ASK_BROKER != eval_result) { |
372 *nt_status = STATUS_ACCESS_DENIED; | 378 *nt_status = STATUS_ACCESS_DENIED; |
373 return true; | 379 return true; |
374 } | 380 } |
375 | 381 |
376 NtSetInformationFileFunction NtSetInformationFile = NULL; | 382 NtSetInformationFileFunction NtSetInformationFile = NULL; |
377 ResolveNTFunctionPtr("NtSetInformationFile", &NtSetInformationFile); | 383 ResolveNTFunctionPtr("NtSetInformationFile", &NtSetInformationFile); |
378 | 384 |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
420 } else { | 426 } else { |
421 // Start of name matches NT prefix, replace with escaped format | 427 // Start of name matches NT prefix, replace with escaped format |
422 // Fixes bug: 334882 | 428 // Fixes bug: 334882 |
423 mod_name.replace(0, kNTPrefixLen, kNTPrefixEscaped); | 429 mod_name.replace(0, kNTPrefixLen, kNTPrefixEscaped); |
424 } | 430 } |
425 | 431 |
426 return mod_name; | 432 return mod_name; |
427 } | 433 } |
428 | 434 |
429 } // namespace sandbox | 435 } // namespace sandbox |
OLD | NEW |