| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "sandbox/win/src/filesystem_dispatcher.h" | 5 #include "sandbox/win/src/filesystem_dispatcher.h" |
| 6 | 6 |
| 7 #include <stdint.h> | |
| 8 | |
| 9 #include "sandbox/win/src/crosscall_client.h" | 7 #include "sandbox/win/src/crosscall_client.h" |
| 10 #include "sandbox/win/src/filesystem_interception.h" | 8 #include "sandbox/win/src/filesystem_interception.h" |
| 11 #include "sandbox/win/src/filesystem_policy.h" | 9 #include "sandbox/win/src/filesystem_policy.h" |
| 12 #include "sandbox/win/src/interception.h" | 10 #include "sandbox/win/src/interception.h" |
| 13 #include "sandbox/win/src/interceptors.h" | 11 #include "sandbox/win/src/interceptors.h" |
| 14 #include "sandbox/win/src/ipc_tags.h" | 12 #include "sandbox/win/src/ipc_tags.h" |
| 15 #include "sandbox/win/src/policy_broker.h" | 13 #include "sandbox/win/src/policy_broker.h" |
| 16 #include "sandbox/win/src/policy_params.h" | 14 #include "sandbox/win/src/policy_params.h" |
| 17 #include "sandbox/win/src/sandbox.h" | 15 #include "sandbox/win/src/sandbox.h" |
| 18 #include "sandbox/win/src/sandbox_nt_util.h" | 16 #include "sandbox/win/src/sandbox_nt_util.h" |
| (...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 81 case IPC_NTSETINFO_RENAME_TAG: | 79 case IPC_NTSETINFO_RENAME_TAG: |
| 82 return INTERCEPT_NT(manager, NtSetInformationFile, SET_INFO_FILE_ID, 24); | 80 return INTERCEPT_NT(manager, NtSetInformationFile, SET_INFO_FILE_ID, 24); |
| 83 | 81 |
| 84 default: | 82 default: |
| 85 return false; | 83 return false; |
| 86 } | 84 } |
| 87 } | 85 } |
| 88 | 86 |
| 89 bool FilesystemDispatcher::NtCreateFile(IPCInfo* ipc, | 87 bool FilesystemDispatcher::NtCreateFile(IPCInfo* ipc, |
| 90 base::string16* name, | 88 base::string16* name, |
| 91 uint32_t attributes, | 89 uint32 attributes, |
| 92 uint32_t desired_access, | 90 uint32 desired_access, |
| 93 uint32_t file_attributes, | 91 uint32 file_attributes, |
| 94 uint32_t share_access, | 92 uint32 share_access, |
| 95 uint32_t create_disposition, | 93 uint32 create_disposition, |
| 96 uint32_t create_options) { | 94 uint32 create_options) { |
| 97 if (!PreProcessName(name)) { | 95 if (!PreProcessName(name)) { |
| 98 // The path requested might contain a reparse point. | 96 // The path requested might contain a reparse point. |
| 99 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; | 97 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; |
| 100 return true; | 98 return true; |
| 101 } | 99 } |
| 102 | 100 |
| 103 const wchar_t* filename = name->c_str(); | 101 const wchar_t* filename = name->c_str(); |
| 104 | 102 |
| 105 uint32_t broker = TRUE; | 103 uint32 broker = TRUE; |
| 106 CountedParameterSet<OpenFile> params; | 104 CountedParameterSet<OpenFile> params; |
| 107 params[OpenFile::NAME] = ParamPickerMake(filename); | 105 params[OpenFile::NAME] = ParamPickerMake(filename); |
| 108 params[OpenFile::ACCESS] = ParamPickerMake(desired_access); | 106 params[OpenFile::ACCESS] = ParamPickerMake(desired_access); |
| 109 params[OpenFile::DISPOSITION] = ParamPickerMake(create_disposition); | 107 params[OpenFile::DISPOSITION] = ParamPickerMake(create_disposition); |
| 110 params[OpenFile::OPTIONS] = ParamPickerMake(create_options); | 108 params[OpenFile::OPTIONS] = ParamPickerMake(create_options); |
| 111 params[OpenFile::BROKER] = ParamPickerMake(broker); | 109 params[OpenFile::BROKER] = ParamPickerMake(broker); |
| 112 | 110 |
| 113 // To evaluate the policy we need to call back to the policy object. We | 111 // To evaluate the policy we need to call back to the policy object. We |
| 114 // are just middlemen in the operation since is the FileSystemPolicy which | 112 // are just middlemen in the operation since is the FileSystemPolicy which |
| 115 // knows what to do. | 113 // knows what to do. |
| (...skipping 13 matching lines...) Expand all Loading... |
| 129 } | 127 } |
| 130 // Return operation status on the IPC. | 128 // Return operation status on the IPC. |
| 131 ipc->return_info.extended[0].ulong_ptr = io_information; | 129 ipc->return_info.extended[0].ulong_ptr = io_information; |
| 132 ipc->return_info.nt_status = nt_status; | 130 ipc->return_info.nt_status = nt_status; |
| 133 ipc->return_info.handle = handle; | 131 ipc->return_info.handle = handle; |
| 134 return true; | 132 return true; |
| 135 } | 133 } |
| 136 | 134 |
| 137 bool FilesystemDispatcher::NtOpenFile(IPCInfo* ipc, | 135 bool FilesystemDispatcher::NtOpenFile(IPCInfo* ipc, |
| 138 base::string16* name, | 136 base::string16* name, |
| 139 uint32_t attributes, | 137 uint32 attributes, |
| 140 uint32_t desired_access, | 138 uint32 desired_access, |
| 141 uint32_t share_access, | 139 uint32 share_access, |
| 142 uint32_t open_options) { | 140 uint32 open_options) { |
| 143 if (!PreProcessName(name)) { | 141 if (!PreProcessName(name)) { |
| 144 // The path requested might contain a reparse point. | 142 // The path requested might contain a reparse point. |
| 145 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; | 143 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; |
| 146 return true; | 144 return true; |
| 147 } | 145 } |
| 148 | 146 |
| 149 const wchar_t* filename = name->c_str(); | 147 const wchar_t* filename = name->c_str(); |
| 150 | 148 |
| 151 uint32_t broker = TRUE; | 149 uint32 broker = TRUE; |
| 152 uint32_t create_disposition = FILE_OPEN; | 150 uint32 create_disposition = FILE_OPEN; |
| 153 CountedParameterSet<OpenFile> params; | 151 CountedParameterSet<OpenFile> params; |
| 154 params[OpenFile::NAME] = ParamPickerMake(filename); | 152 params[OpenFile::NAME] = ParamPickerMake(filename); |
| 155 params[OpenFile::ACCESS] = ParamPickerMake(desired_access); | 153 params[OpenFile::ACCESS] = ParamPickerMake(desired_access); |
| 156 params[OpenFile::DISPOSITION] = ParamPickerMake(create_disposition); | 154 params[OpenFile::DISPOSITION] = ParamPickerMake(create_disposition); |
| 157 params[OpenFile::OPTIONS] = ParamPickerMake(open_options); | 155 params[OpenFile::OPTIONS] = ParamPickerMake(open_options); |
| 158 params[OpenFile::BROKER] = ParamPickerMake(broker); | 156 params[OpenFile::BROKER] = ParamPickerMake(broker); |
| 159 | 157 |
| 160 // To evaluate the policy we need to call back to the policy object. We | 158 // To evaluate the policy we need to call back to the policy object. We |
| 161 // are just middlemen in the operation since is the FileSystemPolicy which | 159 // are just middlemen in the operation since is the FileSystemPolicy which |
| 162 // knows what to do. | 160 // knows what to do. |
| (...skipping 11 matching lines...) Expand all Loading... |
| 174 } | 172 } |
| 175 // Return operation status on the IPC. | 173 // Return operation status on the IPC. |
| 176 ipc->return_info.extended[0].ulong_ptr = io_information; | 174 ipc->return_info.extended[0].ulong_ptr = io_information; |
| 177 ipc->return_info.nt_status = nt_status; | 175 ipc->return_info.nt_status = nt_status; |
| 178 ipc->return_info.handle = handle; | 176 ipc->return_info.handle = handle; |
| 179 return true; | 177 return true; |
| 180 } | 178 } |
| 181 | 179 |
| 182 bool FilesystemDispatcher::NtQueryAttributesFile(IPCInfo* ipc, | 180 bool FilesystemDispatcher::NtQueryAttributesFile(IPCInfo* ipc, |
| 183 base::string16* name, | 181 base::string16* name, |
| 184 uint32_t attributes, | 182 uint32 attributes, |
| 185 CountedBuffer* info) { | 183 CountedBuffer* info) { |
| 186 if (sizeof(FILE_BASIC_INFORMATION) != info->Size()) | 184 if (sizeof(FILE_BASIC_INFORMATION) != info->Size()) |
| 187 return false; | 185 return false; |
| 188 | 186 |
| 189 if (!PreProcessName(name)) { | 187 if (!PreProcessName(name)) { |
| 190 // The path requested might contain a reparse point. | 188 // The path requested might contain a reparse point. |
| 191 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; | 189 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; |
| 192 return true; | 190 return true; |
| 193 } | 191 } |
| 194 | 192 |
| 195 uint32_t broker = TRUE; | 193 uint32 broker = TRUE; |
| 196 const wchar_t* filename = name->c_str(); | 194 const wchar_t* filename = name->c_str(); |
| 197 CountedParameterSet<FileName> params; | 195 CountedParameterSet<FileName> params; |
| 198 params[FileName::NAME] = ParamPickerMake(filename); | 196 params[FileName::NAME] = ParamPickerMake(filename); |
| 199 params[FileName::BROKER] = ParamPickerMake(broker); | 197 params[FileName::BROKER] = ParamPickerMake(broker); |
| 200 | 198 |
| 201 // To evaluate the policy we need to call back to the policy object. We | 199 // To evaluate the policy we need to call back to the policy object. We |
| 202 // are just middlemen in the operation since is the FileSystemPolicy which | 200 // are just middlemen in the operation since is the FileSystemPolicy which |
| 203 // knows what to do. | 201 // knows what to do. |
| 204 EvalResult result = policy_base_->EvalPolicy(IPC_NTQUERYATTRIBUTESFILE_TAG, | 202 EvalResult result = policy_base_->EvalPolicy(IPC_NTQUERYATTRIBUTESFILE_TAG, |
| 205 params.GetBase()); | 203 params.GetBase()); |
| 206 | 204 |
| 207 FILE_BASIC_INFORMATION* information = | 205 FILE_BASIC_INFORMATION* information = |
| 208 reinterpret_cast<FILE_BASIC_INFORMATION*>(info->Buffer()); | 206 reinterpret_cast<FILE_BASIC_INFORMATION*>(info->Buffer()); |
| 209 NTSTATUS nt_status; | 207 NTSTATUS nt_status; |
| 210 if (!FileSystemPolicy::QueryAttributesFileAction(result, *ipc->client_info, | 208 if (!FileSystemPolicy::QueryAttributesFileAction(result, *ipc->client_info, |
| 211 *name, attributes, | 209 *name, attributes, |
| 212 information, &nt_status)) { | 210 information, &nt_status)) { |
| 213 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; | 211 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; |
| 214 return true; | 212 return true; |
| 215 } | 213 } |
| 216 | 214 |
| 217 // Return operation status on the IPC. | 215 // Return operation status on the IPC. |
| 218 ipc->return_info.nt_status = nt_status; | 216 ipc->return_info.nt_status = nt_status; |
| 219 return true; | 217 return true; |
| 220 } | 218 } |
| 221 | 219 |
| 222 bool FilesystemDispatcher::NtQueryFullAttributesFile(IPCInfo* ipc, | 220 bool FilesystemDispatcher::NtQueryFullAttributesFile(IPCInfo* ipc, |
| 223 base::string16* name, | 221 base::string16* name, |
| 224 uint32_t attributes, | 222 uint32 attributes, |
| 225 CountedBuffer* info) { | 223 CountedBuffer* info) { |
| 226 if (sizeof(FILE_NETWORK_OPEN_INFORMATION) != info->Size()) | 224 if (sizeof(FILE_NETWORK_OPEN_INFORMATION) != info->Size()) |
| 227 return false; | 225 return false; |
| 228 | 226 |
| 229 if (!PreProcessName(name)) { | 227 if (!PreProcessName(name)) { |
| 230 // The path requested might contain a reparse point. | 228 // The path requested might contain a reparse point. |
| 231 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; | 229 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; |
| 232 return true; | 230 return true; |
| 233 } | 231 } |
| 234 | 232 |
| 235 uint32_t broker = TRUE; | 233 uint32 broker = TRUE; |
| 236 const wchar_t* filename = name->c_str(); | 234 const wchar_t* filename = name->c_str(); |
| 237 CountedParameterSet<FileName> params; | 235 CountedParameterSet<FileName> params; |
| 238 params[FileName::NAME] = ParamPickerMake(filename); | 236 params[FileName::NAME] = ParamPickerMake(filename); |
| 239 params[FileName::BROKER] = ParamPickerMake(broker); | 237 params[FileName::BROKER] = ParamPickerMake(broker); |
| 240 | 238 |
| 241 // To evaluate the policy we need to call back to the policy object. We | 239 // To evaluate the policy we need to call back to the policy object. We |
| 242 // are just middlemen in the operation since is the FileSystemPolicy which | 240 // are just middlemen in the operation since is the FileSystemPolicy which |
| 243 // knows what to do. | 241 // knows what to do. |
| 244 EvalResult result = policy_base_->EvalPolicy( | 242 EvalResult result = policy_base_->EvalPolicy( |
| 245 IPC_NTQUERYFULLATTRIBUTESFILE_TAG, params.GetBase()); | 243 IPC_NTQUERYFULLATTRIBUTESFILE_TAG, params.GetBase()); |
| (...skipping 12 matching lines...) Expand all Loading... |
| 258 | 256 |
| 259 // Return operation status on the IPC. | 257 // Return operation status on the IPC. |
| 260 ipc->return_info.nt_status = nt_status; | 258 ipc->return_info.nt_status = nt_status; |
| 261 return true; | 259 return true; |
| 262 } | 260 } |
| 263 | 261 |
| 264 bool FilesystemDispatcher::NtSetInformationFile(IPCInfo* ipc, | 262 bool FilesystemDispatcher::NtSetInformationFile(IPCInfo* ipc, |
| 265 HANDLE handle, | 263 HANDLE handle, |
| 266 CountedBuffer* status, | 264 CountedBuffer* status, |
| 267 CountedBuffer* info, | 265 CountedBuffer* info, |
| 268 uint32_t length, | 266 uint32 length, |
| 269 uint32_t info_class) { | 267 uint32 info_class) { |
| 270 if (sizeof(IO_STATUS_BLOCK) != status->Size()) | 268 if (sizeof(IO_STATUS_BLOCK) != status->Size()) |
| 271 return false; | 269 return false; |
| 272 if (length != info->Size()) | 270 if (length != info->Size()) |
| 273 return false; | 271 return false; |
| 274 | 272 |
| 275 FILE_RENAME_INFORMATION* rename_info = | 273 FILE_RENAME_INFORMATION* rename_info = |
| 276 reinterpret_cast<FILE_RENAME_INFORMATION*>(info->Buffer()); | 274 reinterpret_cast<FILE_RENAME_INFORMATION*>(info->Buffer()); |
| 277 | 275 |
| 278 if (!IsSupportedRenameCall(rename_info, length, info_class)) | 276 if (!IsSupportedRenameCall(rename_info, length, info_class)) |
| 279 return false; | 277 return false; |
| 280 | 278 |
| 281 base::string16 name; | 279 base::string16 name; |
| 282 name.assign(rename_info->FileName, rename_info->FileNameLength / | 280 name.assign(rename_info->FileName, rename_info->FileNameLength / |
| 283 sizeof(rename_info->FileName[0])); | 281 sizeof(rename_info->FileName[0])); |
| 284 if (!PreProcessName(&name)) { | 282 if (!PreProcessName(&name)) { |
| 285 // The path requested might contain a reparse point. | 283 // The path requested might contain a reparse point. |
| 286 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; | 284 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; |
| 287 return true; | 285 return true; |
| 288 } | 286 } |
| 289 | 287 |
| 290 uint32_t broker = TRUE; | 288 uint32 broker = TRUE; |
| 291 const wchar_t* filename = name.c_str(); | 289 const wchar_t* filename = name.c_str(); |
| 292 CountedParameterSet<FileName> params; | 290 CountedParameterSet<FileName> params; |
| 293 params[FileName::NAME] = ParamPickerMake(filename); | 291 params[FileName::NAME] = ParamPickerMake(filename); |
| 294 params[FileName::BROKER] = ParamPickerMake(broker); | 292 params[FileName::BROKER] = ParamPickerMake(broker); |
| 295 | 293 |
| 296 // To evaluate the policy we need to call back to the policy object. We | 294 // To evaluate the policy we need to call back to the policy object. We |
| 297 // are just middlemen in the operation since is the FileSystemPolicy which | 295 // are just middlemen in the operation since is the FileSystemPolicy which |
| 298 // knows what to do. | 296 // knows what to do. |
| 299 EvalResult result = policy_base_->EvalPolicy(IPC_NTSETINFO_RENAME_TAG, | 297 EvalResult result = policy_base_->EvalPolicy(IPC_NTSETINFO_RENAME_TAG, |
| 300 params.GetBase()); | 298 params.GetBase()); |
| 301 | 299 |
| 302 IO_STATUS_BLOCK* io_status = | 300 IO_STATUS_BLOCK* io_status = |
| 303 reinterpret_cast<IO_STATUS_BLOCK*>(status->Buffer()); | 301 reinterpret_cast<IO_STATUS_BLOCK*>(status->Buffer()); |
| 304 NTSTATUS nt_status; | 302 NTSTATUS nt_status; |
| 305 if (!FileSystemPolicy::SetInformationFileAction(result, *ipc->client_info, | 303 if (!FileSystemPolicy::SetInformationFileAction(result, *ipc->client_info, |
| 306 handle, rename_info, length, | 304 handle, rename_info, length, |
| 307 info_class, io_status, | 305 info_class, io_status, |
| 308 &nt_status)) { | 306 &nt_status)) { |
| 309 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; | 307 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; |
| 310 return true; | 308 return true; |
| 311 } | 309 } |
| 312 | 310 |
| 313 // Return operation status on the IPC. | 311 // Return operation status on the IPC. |
| 314 ipc->return_info.nt_status = nt_status; | 312 ipc->return_info.nt_status = nt_status; |
| 315 return true; | 313 return true; |
| 316 } | 314 } |
| 317 | 315 |
| 318 } // namespace sandbox | 316 } // namespace sandbox |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1539423002:
Revert of Switch to standard integer types in sandbox/. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master