OLD | NEW |
1 // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/win/src/filesystem_dispatcher.h" | 5 #include "sandbox/win/src/filesystem_dispatcher.h" |
6 | 6 |
7 #include <stdint.h> | |
8 | |
9 #include "sandbox/win/src/crosscall_client.h" | 7 #include "sandbox/win/src/crosscall_client.h" |
10 #include "sandbox/win/src/filesystem_interception.h" | 8 #include "sandbox/win/src/filesystem_interception.h" |
11 #include "sandbox/win/src/filesystem_policy.h" | 9 #include "sandbox/win/src/filesystem_policy.h" |
12 #include "sandbox/win/src/interception.h" | 10 #include "sandbox/win/src/interception.h" |
13 #include "sandbox/win/src/interceptors.h" | 11 #include "sandbox/win/src/interceptors.h" |
14 #include "sandbox/win/src/ipc_tags.h" | 12 #include "sandbox/win/src/ipc_tags.h" |
15 #include "sandbox/win/src/policy_broker.h" | 13 #include "sandbox/win/src/policy_broker.h" |
16 #include "sandbox/win/src/policy_params.h" | 14 #include "sandbox/win/src/policy_params.h" |
17 #include "sandbox/win/src/sandbox.h" | 15 #include "sandbox/win/src/sandbox.h" |
18 #include "sandbox/win/src/sandbox_nt_util.h" | 16 #include "sandbox/win/src/sandbox_nt_util.h" |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
81 case IPC_NTSETINFO_RENAME_TAG: | 79 case IPC_NTSETINFO_RENAME_TAG: |
82 return INTERCEPT_NT(manager, NtSetInformationFile, SET_INFO_FILE_ID, 24); | 80 return INTERCEPT_NT(manager, NtSetInformationFile, SET_INFO_FILE_ID, 24); |
83 | 81 |
84 default: | 82 default: |
85 return false; | 83 return false; |
86 } | 84 } |
87 } | 85 } |
88 | 86 |
89 bool FilesystemDispatcher::NtCreateFile(IPCInfo* ipc, | 87 bool FilesystemDispatcher::NtCreateFile(IPCInfo* ipc, |
90 base::string16* name, | 88 base::string16* name, |
91 uint32_t attributes, | 89 uint32 attributes, |
92 uint32_t desired_access, | 90 uint32 desired_access, |
93 uint32_t file_attributes, | 91 uint32 file_attributes, |
94 uint32_t share_access, | 92 uint32 share_access, |
95 uint32_t create_disposition, | 93 uint32 create_disposition, |
96 uint32_t create_options) { | 94 uint32 create_options) { |
97 if (!PreProcessName(name)) { | 95 if (!PreProcessName(name)) { |
98 // The path requested might contain a reparse point. | 96 // The path requested might contain a reparse point. |
99 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; | 97 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; |
100 return true; | 98 return true; |
101 } | 99 } |
102 | 100 |
103 const wchar_t* filename = name->c_str(); | 101 const wchar_t* filename = name->c_str(); |
104 | 102 |
105 uint32_t broker = TRUE; | 103 uint32 broker = TRUE; |
106 CountedParameterSet<OpenFile> params; | 104 CountedParameterSet<OpenFile> params; |
107 params[OpenFile::NAME] = ParamPickerMake(filename); | 105 params[OpenFile::NAME] = ParamPickerMake(filename); |
108 params[OpenFile::ACCESS] = ParamPickerMake(desired_access); | 106 params[OpenFile::ACCESS] = ParamPickerMake(desired_access); |
109 params[OpenFile::DISPOSITION] = ParamPickerMake(create_disposition); | 107 params[OpenFile::DISPOSITION] = ParamPickerMake(create_disposition); |
110 params[OpenFile::OPTIONS] = ParamPickerMake(create_options); | 108 params[OpenFile::OPTIONS] = ParamPickerMake(create_options); |
111 params[OpenFile::BROKER] = ParamPickerMake(broker); | 109 params[OpenFile::BROKER] = ParamPickerMake(broker); |
112 | 110 |
113 // To evaluate the policy we need to call back to the policy object. We | 111 // To evaluate the policy we need to call back to the policy object. We |
114 // are just middlemen in the operation since is the FileSystemPolicy which | 112 // are just middlemen in the operation since is the FileSystemPolicy which |
115 // knows what to do. | 113 // knows what to do. |
(...skipping 13 matching lines...) Expand all Loading... |
129 } | 127 } |
130 // Return operation status on the IPC. | 128 // Return operation status on the IPC. |
131 ipc->return_info.extended[0].ulong_ptr = io_information; | 129 ipc->return_info.extended[0].ulong_ptr = io_information; |
132 ipc->return_info.nt_status = nt_status; | 130 ipc->return_info.nt_status = nt_status; |
133 ipc->return_info.handle = handle; | 131 ipc->return_info.handle = handle; |
134 return true; | 132 return true; |
135 } | 133 } |
136 | 134 |
137 bool FilesystemDispatcher::NtOpenFile(IPCInfo* ipc, | 135 bool FilesystemDispatcher::NtOpenFile(IPCInfo* ipc, |
138 base::string16* name, | 136 base::string16* name, |
139 uint32_t attributes, | 137 uint32 attributes, |
140 uint32_t desired_access, | 138 uint32 desired_access, |
141 uint32_t share_access, | 139 uint32 share_access, |
142 uint32_t open_options) { | 140 uint32 open_options) { |
143 if (!PreProcessName(name)) { | 141 if (!PreProcessName(name)) { |
144 // The path requested might contain a reparse point. | 142 // The path requested might contain a reparse point. |
145 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; | 143 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; |
146 return true; | 144 return true; |
147 } | 145 } |
148 | 146 |
149 const wchar_t* filename = name->c_str(); | 147 const wchar_t* filename = name->c_str(); |
150 | 148 |
151 uint32_t broker = TRUE; | 149 uint32 broker = TRUE; |
152 uint32_t create_disposition = FILE_OPEN; | 150 uint32 create_disposition = FILE_OPEN; |
153 CountedParameterSet<OpenFile> params; | 151 CountedParameterSet<OpenFile> params; |
154 params[OpenFile::NAME] = ParamPickerMake(filename); | 152 params[OpenFile::NAME] = ParamPickerMake(filename); |
155 params[OpenFile::ACCESS] = ParamPickerMake(desired_access); | 153 params[OpenFile::ACCESS] = ParamPickerMake(desired_access); |
156 params[OpenFile::DISPOSITION] = ParamPickerMake(create_disposition); | 154 params[OpenFile::DISPOSITION] = ParamPickerMake(create_disposition); |
157 params[OpenFile::OPTIONS] = ParamPickerMake(open_options); | 155 params[OpenFile::OPTIONS] = ParamPickerMake(open_options); |
158 params[OpenFile::BROKER] = ParamPickerMake(broker); | 156 params[OpenFile::BROKER] = ParamPickerMake(broker); |
159 | 157 |
160 // To evaluate the policy we need to call back to the policy object. We | 158 // To evaluate the policy we need to call back to the policy object. We |
161 // are just middlemen in the operation since is the FileSystemPolicy which | 159 // are just middlemen in the operation since is the FileSystemPolicy which |
162 // knows what to do. | 160 // knows what to do. |
(...skipping 11 matching lines...) Expand all Loading... |
174 } | 172 } |
175 // Return operation status on the IPC. | 173 // Return operation status on the IPC. |
176 ipc->return_info.extended[0].ulong_ptr = io_information; | 174 ipc->return_info.extended[0].ulong_ptr = io_information; |
177 ipc->return_info.nt_status = nt_status; | 175 ipc->return_info.nt_status = nt_status; |
178 ipc->return_info.handle = handle; | 176 ipc->return_info.handle = handle; |
179 return true; | 177 return true; |
180 } | 178 } |
181 | 179 |
182 bool FilesystemDispatcher::NtQueryAttributesFile(IPCInfo* ipc, | 180 bool FilesystemDispatcher::NtQueryAttributesFile(IPCInfo* ipc, |
183 base::string16* name, | 181 base::string16* name, |
184 uint32_t attributes, | 182 uint32 attributes, |
185 CountedBuffer* info) { | 183 CountedBuffer* info) { |
186 if (sizeof(FILE_BASIC_INFORMATION) != info->Size()) | 184 if (sizeof(FILE_BASIC_INFORMATION) != info->Size()) |
187 return false; | 185 return false; |
188 | 186 |
189 if (!PreProcessName(name)) { | 187 if (!PreProcessName(name)) { |
190 // The path requested might contain a reparse point. | 188 // The path requested might contain a reparse point. |
191 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; | 189 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; |
192 return true; | 190 return true; |
193 } | 191 } |
194 | 192 |
195 uint32_t broker = TRUE; | 193 uint32 broker = TRUE; |
196 const wchar_t* filename = name->c_str(); | 194 const wchar_t* filename = name->c_str(); |
197 CountedParameterSet<FileName> params; | 195 CountedParameterSet<FileName> params; |
198 params[FileName::NAME] = ParamPickerMake(filename); | 196 params[FileName::NAME] = ParamPickerMake(filename); |
199 params[FileName::BROKER] = ParamPickerMake(broker); | 197 params[FileName::BROKER] = ParamPickerMake(broker); |
200 | 198 |
201 // To evaluate the policy we need to call back to the policy object. We | 199 // To evaluate the policy we need to call back to the policy object. We |
202 // are just middlemen in the operation since is the FileSystemPolicy which | 200 // are just middlemen in the operation since is the FileSystemPolicy which |
203 // knows what to do. | 201 // knows what to do. |
204 EvalResult result = policy_base_->EvalPolicy(IPC_NTQUERYATTRIBUTESFILE_TAG, | 202 EvalResult result = policy_base_->EvalPolicy(IPC_NTQUERYATTRIBUTESFILE_TAG, |
205 params.GetBase()); | 203 params.GetBase()); |
206 | 204 |
207 FILE_BASIC_INFORMATION* information = | 205 FILE_BASIC_INFORMATION* information = |
208 reinterpret_cast<FILE_BASIC_INFORMATION*>(info->Buffer()); | 206 reinterpret_cast<FILE_BASIC_INFORMATION*>(info->Buffer()); |
209 NTSTATUS nt_status; | 207 NTSTATUS nt_status; |
210 if (!FileSystemPolicy::QueryAttributesFileAction(result, *ipc->client_info, | 208 if (!FileSystemPolicy::QueryAttributesFileAction(result, *ipc->client_info, |
211 *name, attributes, | 209 *name, attributes, |
212 information, &nt_status)) { | 210 information, &nt_status)) { |
213 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; | 211 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; |
214 return true; | 212 return true; |
215 } | 213 } |
216 | 214 |
217 // Return operation status on the IPC. | 215 // Return operation status on the IPC. |
218 ipc->return_info.nt_status = nt_status; | 216 ipc->return_info.nt_status = nt_status; |
219 return true; | 217 return true; |
220 } | 218 } |
221 | 219 |
222 bool FilesystemDispatcher::NtQueryFullAttributesFile(IPCInfo* ipc, | 220 bool FilesystemDispatcher::NtQueryFullAttributesFile(IPCInfo* ipc, |
223 base::string16* name, | 221 base::string16* name, |
224 uint32_t attributes, | 222 uint32 attributes, |
225 CountedBuffer* info) { | 223 CountedBuffer* info) { |
226 if (sizeof(FILE_NETWORK_OPEN_INFORMATION) != info->Size()) | 224 if (sizeof(FILE_NETWORK_OPEN_INFORMATION) != info->Size()) |
227 return false; | 225 return false; |
228 | 226 |
229 if (!PreProcessName(name)) { | 227 if (!PreProcessName(name)) { |
230 // The path requested might contain a reparse point. | 228 // The path requested might contain a reparse point. |
231 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; | 229 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; |
232 return true; | 230 return true; |
233 } | 231 } |
234 | 232 |
235 uint32_t broker = TRUE; | 233 uint32 broker = TRUE; |
236 const wchar_t* filename = name->c_str(); | 234 const wchar_t* filename = name->c_str(); |
237 CountedParameterSet<FileName> params; | 235 CountedParameterSet<FileName> params; |
238 params[FileName::NAME] = ParamPickerMake(filename); | 236 params[FileName::NAME] = ParamPickerMake(filename); |
239 params[FileName::BROKER] = ParamPickerMake(broker); | 237 params[FileName::BROKER] = ParamPickerMake(broker); |
240 | 238 |
241 // To evaluate the policy we need to call back to the policy object. We | 239 // To evaluate the policy we need to call back to the policy object. We |
242 // are just middlemen in the operation since is the FileSystemPolicy which | 240 // are just middlemen in the operation since is the FileSystemPolicy which |
243 // knows what to do. | 241 // knows what to do. |
244 EvalResult result = policy_base_->EvalPolicy( | 242 EvalResult result = policy_base_->EvalPolicy( |
245 IPC_NTQUERYFULLATTRIBUTESFILE_TAG, params.GetBase()); | 243 IPC_NTQUERYFULLATTRIBUTESFILE_TAG, params.GetBase()); |
(...skipping 12 matching lines...) Expand all Loading... |
258 | 256 |
259 // Return operation status on the IPC. | 257 // Return operation status on the IPC. |
260 ipc->return_info.nt_status = nt_status; | 258 ipc->return_info.nt_status = nt_status; |
261 return true; | 259 return true; |
262 } | 260 } |
263 | 261 |
264 bool FilesystemDispatcher::NtSetInformationFile(IPCInfo* ipc, | 262 bool FilesystemDispatcher::NtSetInformationFile(IPCInfo* ipc, |
265 HANDLE handle, | 263 HANDLE handle, |
266 CountedBuffer* status, | 264 CountedBuffer* status, |
267 CountedBuffer* info, | 265 CountedBuffer* info, |
268 uint32_t length, | 266 uint32 length, |
269 uint32_t info_class) { | 267 uint32 info_class) { |
270 if (sizeof(IO_STATUS_BLOCK) != status->Size()) | 268 if (sizeof(IO_STATUS_BLOCK) != status->Size()) |
271 return false; | 269 return false; |
272 if (length != info->Size()) | 270 if (length != info->Size()) |
273 return false; | 271 return false; |
274 | 272 |
275 FILE_RENAME_INFORMATION* rename_info = | 273 FILE_RENAME_INFORMATION* rename_info = |
276 reinterpret_cast<FILE_RENAME_INFORMATION*>(info->Buffer()); | 274 reinterpret_cast<FILE_RENAME_INFORMATION*>(info->Buffer()); |
277 | 275 |
278 if (!IsSupportedRenameCall(rename_info, length, info_class)) | 276 if (!IsSupportedRenameCall(rename_info, length, info_class)) |
279 return false; | 277 return false; |
280 | 278 |
281 base::string16 name; | 279 base::string16 name; |
282 name.assign(rename_info->FileName, rename_info->FileNameLength / | 280 name.assign(rename_info->FileName, rename_info->FileNameLength / |
283 sizeof(rename_info->FileName[0])); | 281 sizeof(rename_info->FileName[0])); |
284 if (!PreProcessName(&name)) { | 282 if (!PreProcessName(&name)) { |
285 // The path requested might contain a reparse point. | 283 // The path requested might contain a reparse point. |
286 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; | 284 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; |
287 return true; | 285 return true; |
288 } | 286 } |
289 | 287 |
290 uint32_t broker = TRUE; | 288 uint32 broker = TRUE; |
291 const wchar_t* filename = name.c_str(); | 289 const wchar_t* filename = name.c_str(); |
292 CountedParameterSet<FileName> params; | 290 CountedParameterSet<FileName> params; |
293 params[FileName::NAME] = ParamPickerMake(filename); | 291 params[FileName::NAME] = ParamPickerMake(filename); |
294 params[FileName::BROKER] = ParamPickerMake(broker); | 292 params[FileName::BROKER] = ParamPickerMake(broker); |
295 | 293 |
296 // To evaluate the policy we need to call back to the policy object. We | 294 // To evaluate the policy we need to call back to the policy object. We |
297 // are just middlemen in the operation since is the FileSystemPolicy which | 295 // are just middlemen in the operation since is the FileSystemPolicy which |
298 // knows what to do. | 296 // knows what to do. |
299 EvalResult result = policy_base_->EvalPolicy(IPC_NTSETINFO_RENAME_TAG, | 297 EvalResult result = policy_base_->EvalPolicy(IPC_NTSETINFO_RENAME_TAG, |
300 params.GetBase()); | 298 params.GetBase()); |
301 | 299 |
302 IO_STATUS_BLOCK* io_status = | 300 IO_STATUS_BLOCK* io_status = |
303 reinterpret_cast<IO_STATUS_BLOCK*>(status->Buffer()); | 301 reinterpret_cast<IO_STATUS_BLOCK*>(status->Buffer()); |
304 NTSTATUS nt_status; | 302 NTSTATUS nt_status; |
305 if (!FileSystemPolicy::SetInformationFileAction(result, *ipc->client_info, | 303 if (!FileSystemPolicy::SetInformationFileAction(result, *ipc->client_info, |
306 handle, rename_info, length, | 304 handle, rename_info, length, |
307 info_class, io_status, | 305 info_class, io_status, |
308 &nt_status)) { | 306 &nt_status)) { |
309 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; | 307 ipc->return_info.nt_status = STATUS_ACCESS_DENIED; |
310 return true; | 308 return true; |
311 } | 309 } |
312 | 310 |
313 // Return operation status on the IPC. | 311 // Return operation status on the IPC. |
314 ipc->return_info.nt_status = nt_status; | 312 ipc->return_info.nt_status = nt_status; |
315 return true; | 313 return true; |
316 } | 314 } |
317 | 315 |
318 } // namespace sandbox | 316 } // namespace sandbox |
OLD | NEW |