| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <stdint.h> |
| 6 |
| 5 #include <string> | 7 #include <string> |
| 6 | 8 |
| 7 #include "sandbox/win/src/registry_policy.h" | 9 #include "sandbox/win/src/registry_policy.h" |
| 8 | 10 |
| 9 #include "base/logging.h" | 11 #include "base/logging.h" |
| 10 #include "sandbox/win/src/ipc_tags.h" | 12 #include "sandbox/win/src/ipc_tags.h" |
| 11 #include "sandbox/win/src/policy_engine_opcodes.h" | 13 #include "sandbox/win/src/policy_engine_opcodes.h" |
| 12 #include "sandbox/win/src/policy_params.h" | 14 #include "sandbox/win/src/policy_params.h" |
| 15 #include "sandbox/win/src/sandbox_types.h" |
| 13 #include "sandbox/win/src/sandbox_utils.h" | 16 #include "sandbox/win/src/sandbox_utils.h" |
| 14 #include "sandbox/win/src/sandbox_types.h" | |
| 15 #include "sandbox/win/src/win_utils.h" | 17 #include "sandbox/win/src/win_utils.h" |
| 16 | 18 |
| 17 namespace { | 19 namespace { |
| 18 | 20 |
| 19 static const uint32 kAllowedRegFlags = | 21 static const uint32_t kAllowedRegFlags = |
| 20 KEY_QUERY_VALUE | KEY_ENUMERATE_SUB_KEYS | KEY_NOTIFY | KEY_READ | | 22 KEY_QUERY_VALUE | KEY_ENUMERATE_SUB_KEYS | KEY_NOTIFY | KEY_READ | |
| 21 GENERIC_READ | GENERIC_EXECUTE | READ_CONTROL; | 23 GENERIC_READ | GENERIC_EXECUTE | READ_CONTROL; |
| 22 | 24 |
| 23 // Opens the key referenced by |obj_attributes| with |access| and | 25 // Opens the key referenced by |obj_attributes| with |access| and |
| 24 // checks what permission was given. Remove the WRITE flags and update | 26 // checks what permission was given. Remove the WRITE flags and update |
| 25 // |access| with the new value. | 27 // |access| with the new value. |
| 26 NTSTATUS TranslateMaximumAllowed(OBJECT_ATTRIBUTES* obj_attributes, | 28 NTSTATUS TranslateMaximumAllowed(OBJECT_ATTRIBUTES* obj_attributes, |
| 27 DWORD* access) { | 29 DWORD* access) { |
| 28 NtOpenKeyFunction NtOpenKey = NULL; | 30 NtOpenKeyFunction NtOpenKey = NULL; |
| 29 ResolveNTFunctionPtr("NtOpenKey", &NtOpenKey); | 31 ResolveNTFunctionPtr("NtOpenKey", &NtOpenKey); |
| (...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 130 EvalResult result = ASK_BROKER; | 132 EvalResult result = ASK_BROKER; |
| 131 | 133 |
| 132 PolicyRule open(result); | 134 PolicyRule open(result); |
| 133 PolicyRule create(result); | 135 PolicyRule create(result); |
| 134 | 136 |
| 135 switch (semantics) { | 137 switch (semantics) { |
| 136 case TargetPolicy::REG_ALLOW_READONLY: { | 138 case TargetPolicy::REG_ALLOW_READONLY: { |
| 137 // We consider all flags that are not known to be readonly as potentially | 139 // We consider all flags that are not known to be readonly as potentially |
| 138 // used for write. Here we also support MAXIMUM_ALLOWED, but we are going | 140 // used for write. Here we also support MAXIMUM_ALLOWED, but we are going |
| 139 // to expand it to read-only before the call. | 141 // to expand it to read-only before the call. |
| 140 uint32 restricted_flags = ~(kAllowedRegFlags | MAXIMUM_ALLOWED); | 142 uint32_t restricted_flags = ~(kAllowedRegFlags | MAXIMUM_ALLOWED); |
| 141 open.AddNumberMatch(IF_NOT, OpenKey::ACCESS, restricted_flags, AND); | 143 open.AddNumberMatch(IF_NOT, OpenKey::ACCESS, restricted_flags, AND); |
| 142 create.AddNumberMatch(IF_NOT, OpenKey::ACCESS, restricted_flags, AND); | 144 create.AddNumberMatch(IF_NOT, OpenKey::ACCESS, restricted_flags, AND); |
| 143 break; | 145 break; |
| 144 } | 146 } |
| 145 case TargetPolicy::REG_ALLOW_ANY: { | 147 case TargetPolicy::REG_ALLOW_ANY: { |
| 146 break; | 148 break; |
| 147 } | 149 } |
| 148 default: { | 150 default: { |
| 149 NOTREACHED(); | 151 NOTREACHED(); |
| 150 return false; | 152 return false; |
| 151 } | 153 } |
| 152 } | 154 } |
| 153 | 155 |
| 154 if (!create.AddStringMatch(IF, OpenKey::NAME, name, CASE_INSENSITIVE) || | 156 if (!create.AddStringMatch(IF, OpenKey::NAME, name, CASE_INSENSITIVE) || |
| 155 !policy->AddRule(IPC_NTCREATEKEY_TAG, &create)) { | 157 !policy->AddRule(IPC_NTCREATEKEY_TAG, &create)) { |
| 156 return false; | 158 return false; |
| 157 } | 159 } |
| 158 | 160 |
| 159 if (!open.AddStringMatch(IF, OpenKey::NAME, name, CASE_INSENSITIVE) || | 161 if (!open.AddStringMatch(IF, OpenKey::NAME, name, CASE_INSENSITIVE) || |
| 160 !policy->AddRule(IPC_NTOPENKEY_TAG, &open)) { | 162 !policy->AddRule(IPC_NTOPENKEY_TAG, &open)) { |
| 161 return false; | 163 return false; |
| 162 } | 164 } |
| 163 | 165 |
| 164 return true; | 166 return true; |
| 165 } | 167 } |
| 166 | 168 |
| 167 bool RegistryPolicy::CreateKeyAction(EvalResult eval_result, | 169 bool RegistryPolicy::CreateKeyAction(EvalResult eval_result, |
| 168 const ClientInfo& client_info, | 170 const ClientInfo& client_info, |
| 169 const base::string16 &key, | 171 const base::string16& key, |
| 170 uint32 attributes, | 172 uint32_t attributes, |
| 171 HANDLE root_directory, | 173 HANDLE root_directory, |
| 172 uint32 desired_access, | 174 uint32_t desired_access, |
| 173 uint32 title_index, | 175 uint32_t title_index, |
| 174 uint32 create_options, | 176 uint32_t create_options, |
| 175 HANDLE* handle, | 177 HANDLE* handle, |
| 176 NTSTATUS* nt_status, | 178 NTSTATUS* nt_status, |
| 177 ULONG* disposition) { | 179 ULONG* disposition) { |
| 178 // The only action supported is ASK_BROKER which means create the requested | 180 // The only action supported is ASK_BROKER which means create the requested |
| 179 // file as specified. | 181 // file as specified. |
| 180 if (ASK_BROKER != eval_result) { | 182 if (ASK_BROKER != eval_result) { |
| 181 *nt_status = STATUS_ACCESS_DENIED; | 183 *nt_status = STATUS_ACCESS_DENIED; |
| 182 return false; | 184 return false; |
| 183 } | 185 } |
| 184 | 186 |
| 185 // We don't support creating link keys, volatile keys or backup/restore. | 187 // We don't support creating link keys, volatile keys or backup/restore. |
| 186 if (create_options) { | 188 if (create_options) { |
| 187 *nt_status = STATUS_ACCESS_DENIED; | 189 *nt_status = STATUS_ACCESS_DENIED; |
| 188 return false; | 190 return false; |
| 189 } | 191 } |
| 190 | 192 |
| 191 UNICODE_STRING uni_name = {0}; | 193 UNICODE_STRING uni_name = {0}; |
| 192 OBJECT_ATTRIBUTES obj_attributes = {0}; | 194 OBJECT_ATTRIBUTES obj_attributes = {0}; |
| 193 InitObjectAttribs(key, attributes, root_directory, &obj_attributes, | 195 InitObjectAttribs(key, attributes, root_directory, &obj_attributes, |
| 194 &uni_name, NULL); | 196 &uni_name, NULL); |
| 195 *nt_status = NtCreateKeyInTarget(handle, desired_access, &obj_attributes, | 197 *nt_status = NtCreateKeyInTarget(handle, desired_access, &obj_attributes, |
| 196 title_index, NULL, create_options, | 198 title_index, NULL, create_options, |
| 197 disposition, client_info.process); | 199 disposition, client_info.process); |
| 198 return true; | 200 return true; |
| 199 } | 201 } |
| 200 | 202 |
| 201 bool RegistryPolicy::OpenKeyAction(EvalResult eval_result, | 203 bool RegistryPolicy::OpenKeyAction(EvalResult eval_result, |
| 202 const ClientInfo& client_info, | 204 const ClientInfo& client_info, |
| 203 const base::string16 &key, | 205 const base::string16& key, |
| 204 uint32 attributes, | 206 uint32_t attributes, |
| 205 HANDLE root_directory, | 207 HANDLE root_directory, |
| 206 uint32 desired_access, | 208 uint32_t desired_access, |
| 207 HANDLE* handle, | 209 HANDLE* handle, |
| 208 NTSTATUS* nt_status) { | 210 NTSTATUS* nt_status) { |
| 209 // The only action supported is ASK_BROKER which means open the requested | 211 // The only action supported is ASK_BROKER which means open the requested |
| 210 // file as specified. | 212 // file as specified. |
| 211 if (ASK_BROKER != eval_result) { | 213 if (ASK_BROKER != eval_result) { |
| 212 *nt_status = STATUS_ACCESS_DENIED; | 214 *nt_status = STATUS_ACCESS_DENIED; |
| 213 return true; | 215 return true; |
| 214 } | 216 } |
| 215 | 217 |
| 216 UNICODE_STRING uni_name = {0}; | 218 UNICODE_STRING uni_name = {0}; |
| 217 OBJECT_ATTRIBUTES obj_attributes = {0}; | 219 OBJECT_ATTRIBUTES obj_attributes = {0}; |
| 218 InitObjectAttribs(key, attributes, root_directory, &obj_attributes, | 220 InitObjectAttribs(key, attributes, root_directory, &obj_attributes, |
| 219 &uni_name, NULL); | 221 &uni_name, NULL); |
| 220 *nt_status = NtOpenKeyInTarget(handle, desired_access, &obj_attributes, | 222 *nt_status = NtOpenKeyInTarget(handle, desired_access, &obj_attributes, |
| 221 client_info.process); | 223 client_info.process); |
| 222 return true; | 224 return true; |
| 223 } | 225 } |
| 224 | 226 |
| 225 } // namespace sandbox | 227 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1538283002:
Switch to standard integer types in sandbox/. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master