OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <stdint.h> | |
6 | |
7 #include <string> | 5 #include <string> |
8 | 6 |
9 #include "sandbox/win/src/filesystem_policy.h" | 7 #include "sandbox/win/src/filesystem_policy.h" |
10 | 8 |
11 #include "base/logging.h" | 9 #include "base/logging.h" |
12 #include "base/win/scoped_handle.h" | 10 #include "base/win/scoped_handle.h" |
13 #include "base/win/windows_version.h" | 11 #include "base/win/windows_version.h" |
14 #include "sandbox/win/src/ipc_tags.h" | 12 #include "sandbox/win/src/ipc_tags.h" |
15 #include "sandbox/win/src/policy_engine_opcodes.h" | 13 #include "sandbox/win/src/policy_engine_opcodes.h" |
16 #include "sandbox/win/src/policy_params.h" | 14 #include "sandbox/win/src/policy_params.h" |
| 15 #include "sandbox/win/src/sandbox_utils.h" |
17 #include "sandbox/win/src/sandbox_types.h" | 16 #include "sandbox/win/src/sandbox_types.h" |
18 #include "sandbox/win/src/sandbox_utils.h" | |
19 #include "sandbox/win/src/win_utils.h" | 17 #include "sandbox/win/src/win_utils.h" |
20 | 18 |
21 namespace { | 19 namespace { |
22 | 20 |
23 NTSTATUS NtCreateFileInTarget(HANDLE* target_file_handle, | 21 NTSTATUS NtCreateFileInTarget(HANDLE* target_file_handle, |
24 ACCESS_MASK desired_access, | 22 ACCESS_MASK desired_access, |
25 OBJECT_ATTRIBUTES* obj_attributes, | 23 OBJECT_ATTRIBUTES* obj_attributes, |
26 IO_STATUS_BLOCK* io_status_block, | 24 IO_STATUS_BLOCK* io_status_block, |
27 ULONG file_attributes, | 25 ULONG file_attributes, |
28 ULONG share_access, | 26 ULONG share_access, |
(...skipping 205 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
234 return false; | 232 return false; |
235 | 233 |
236 if (!policy->AddRule(IPC_NTSETINFO_RENAME_TAG, &short_name)) | 234 if (!policy->AddRule(IPC_NTSETINFO_RENAME_TAG, &short_name)) |
237 return false; | 235 return false; |
238 | 236 |
239 return true; | 237 return true; |
240 } | 238 } |
241 | 239 |
242 bool FileSystemPolicy::CreateFileAction(EvalResult eval_result, | 240 bool FileSystemPolicy::CreateFileAction(EvalResult eval_result, |
243 const ClientInfo& client_info, | 241 const ClientInfo& client_info, |
244 const base::string16& file, | 242 const base::string16 &file, |
245 uint32_t attributes, | 243 uint32 attributes, |
246 uint32_t desired_access, | 244 uint32 desired_access, |
247 uint32_t file_attributes, | 245 uint32 file_attributes, |
248 uint32_t share_access, | 246 uint32 share_access, |
249 uint32_t create_disposition, | 247 uint32 create_disposition, |
250 uint32_t create_options, | 248 uint32 create_options, |
251 HANDLE* handle, | 249 HANDLE *handle, |
252 NTSTATUS* nt_status, | 250 NTSTATUS* nt_status, |
253 ULONG_PTR* io_information) { | 251 ULONG_PTR *io_information) { |
254 // The only action supported is ASK_BROKER which means create the requested | 252 // The only action supported is ASK_BROKER which means create the requested |
255 // file as specified. | 253 // file as specified. |
256 if (ASK_BROKER != eval_result) { | 254 if (ASK_BROKER != eval_result) { |
257 *nt_status = STATUS_ACCESS_DENIED; | 255 *nt_status = STATUS_ACCESS_DENIED; |
258 return false; | 256 return false; |
259 } | 257 } |
260 IO_STATUS_BLOCK io_block = {}; | 258 IO_STATUS_BLOCK io_block = {}; |
261 UNICODE_STRING uni_name = {}; | 259 UNICODE_STRING uni_name = {}; |
262 OBJECT_ATTRIBUTES obj_attributes = {}; | 260 OBJECT_ATTRIBUTES obj_attributes = {}; |
263 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); | 261 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); |
264 | 262 |
265 InitObjectAttribs(file, attributes, NULL, &obj_attributes, | 263 InitObjectAttribs(file, attributes, NULL, &obj_attributes, |
266 &uni_name, IsPipe(file) ? &security_qos : NULL); | 264 &uni_name, IsPipe(file) ? &security_qos : NULL); |
267 *nt_status = NtCreateFileInTarget(handle, desired_access, &obj_attributes, | 265 *nt_status = NtCreateFileInTarget(handle, desired_access, &obj_attributes, |
268 &io_block, file_attributes, share_access, | 266 &io_block, file_attributes, share_access, |
269 create_disposition, create_options, NULL, | 267 create_disposition, create_options, NULL, |
270 0, client_info.process); | 268 0, client_info.process); |
271 | 269 |
272 *io_information = io_block.Information; | 270 *io_information = io_block.Information; |
273 return true; | 271 return true; |
274 } | 272 } |
275 | 273 |
276 bool FileSystemPolicy::OpenFileAction(EvalResult eval_result, | 274 bool FileSystemPolicy::OpenFileAction(EvalResult eval_result, |
277 const ClientInfo& client_info, | 275 const ClientInfo& client_info, |
278 const base::string16& file, | 276 const base::string16 &file, |
279 uint32_t attributes, | 277 uint32 attributes, |
280 uint32_t desired_access, | 278 uint32 desired_access, |
281 uint32_t share_access, | 279 uint32 share_access, |
282 uint32_t open_options, | 280 uint32 open_options, |
283 HANDLE* handle, | 281 HANDLE *handle, |
284 NTSTATUS* nt_status, | 282 NTSTATUS* nt_status, |
285 ULONG_PTR* io_information) { | 283 ULONG_PTR *io_information) { |
286 // The only action supported is ASK_BROKER which means open the requested | 284 // The only action supported is ASK_BROKER which means open the requested |
287 // file as specified. | 285 // file as specified. |
288 if (ASK_BROKER != eval_result) { | 286 if (ASK_BROKER != eval_result) { |
289 *nt_status = STATUS_ACCESS_DENIED; | 287 *nt_status = STATUS_ACCESS_DENIED; |
290 return true; | 288 return true; |
291 } | 289 } |
292 // An NtOpen is equivalent to an NtCreate with FileAttributes = 0 and | 290 // An NtOpen is equivalent to an NtCreate with FileAttributes = 0 and |
293 // CreateDisposition = FILE_OPEN. | 291 // CreateDisposition = FILE_OPEN. |
294 IO_STATUS_BLOCK io_block = {}; | 292 IO_STATUS_BLOCK io_block = {}; |
295 UNICODE_STRING uni_name = {}; | 293 UNICODE_STRING uni_name = {}; |
296 OBJECT_ATTRIBUTES obj_attributes = {}; | 294 OBJECT_ATTRIBUTES obj_attributes = {}; |
297 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); | 295 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); |
298 | 296 |
299 InitObjectAttribs(file, attributes, NULL, &obj_attributes, | 297 InitObjectAttribs(file, attributes, NULL, &obj_attributes, |
300 &uni_name, IsPipe(file) ? &security_qos : NULL); | 298 &uni_name, IsPipe(file) ? &security_qos : NULL); |
301 *nt_status = NtCreateFileInTarget(handle, desired_access, &obj_attributes, | 299 *nt_status = NtCreateFileInTarget(handle, desired_access, &obj_attributes, |
302 &io_block, 0, share_access, FILE_OPEN, | 300 &io_block, 0, share_access, FILE_OPEN, |
303 open_options, NULL, 0, | 301 open_options, NULL, 0, |
304 client_info.process); | 302 client_info.process); |
305 | 303 |
306 *io_information = io_block.Information; | 304 *io_information = io_block.Information; |
307 return true; | 305 return true; |
308 } | 306 } |
309 | 307 |
310 bool FileSystemPolicy::QueryAttributesFileAction( | 308 bool FileSystemPolicy::QueryAttributesFileAction( |
311 EvalResult eval_result, | 309 EvalResult eval_result, |
312 const ClientInfo& client_info, | 310 const ClientInfo& client_info, |
313 const base::string16& file, | 311 const base::string16 &file, |
314 uint32_t attributes, | 312 uint32 attributes, |
315 FILE_BASIC_INFORMATION* file_info, | 313 FILE_BASIC_INFORMATION* file_info, |
316 NTSTATUS* nt_status) { | 314 NTSTATUS* nt_status) { |
317 // The only action supported is ASK_BROKER which means query the requested | 315 // The only action supported is ASK_BROKER which means query the requested |
318 // file as specified. | 316 // file as specified. |
319 if (ASK_BROKER != eval_result) { | 317 if (ASK_BROKER != eval_result) { |
320 *nt_status = STATUS_ACCESS_DENIED; | 318 *nt_status = STATUS_ACCESS_DENIED; |
321 return true; | 319 return true; |
322 } | 320 } |
323 | 321 |
324 NtQueryAttributesFileFunction NtQueryAttributesFile = NULL; | 322 NtQueryAttributesFileFunction NtQueryAttributesFile = NULL; |
325 ResolveNTFunctionPtr("NtQueryAttributesFile", &NtQueryAttributesFile); | 323 ResolveNTFunctionPtr("NtQueryAttributesFile", &NtQueryAttributesFile); |
326 | 324 |
327 UNICODE_STRING uni_name = {0}; | 325 UNICODE_STRING uni_name = {0}; |
328 OBJECT_ATTRIBUTES obj_attributes = {0}; | 326 OBJECT_ATTRIBUTES obj_attributes = {0}; |
329 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); | 327 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); |
330 | 328 |
331 InitObjectAttribs(file, attributes, NULL, &obj_attributes, | 329 InitObjectAttribs(file, attributes, NULL, &obj_attributes, |
332 &uni_name, IsPipe(file) ? &security_qos : NULL); | 330 &uni_name, IsPipe(file) ? &security_qos : NULL); |
333 *nt_status = NtQueryAttributesFile(&obj_attributes, file_info); | 331 *nt_status = NtQueryAttributesFile(&obj_attributes, file_info); |
334 | 332 |
335 return true; | 333 return true; |
336 } | 334 } |
337 | 335 |
338 bool FileSystemPolicy::QueryFullAttributesFileAction( | 336 bool FileSystemPolicy::QueryFullAttributesFileAction( |
339 EvalResult eval_result, | 337 EvalResult eval_result, |
340 const ClientInfo& client_info, | 338 const ClientInfo& client_info, |
341 const base::string16& file, | 339 const base::string16 &file, |
342 uint32_t attributes, | 340 uint32 attributes, |
343 FILE_NETWORK_OPEN_INFORMATION* file_info, | 341 FILE_NETWORK_OPEN_INFORMATION* file_info, |
344 NTSTATUS* nt_status) { | 342 NTSTATUS* nt_status) { |
345 // The only action supported is ASK_BROKER which means query the requested | 343 // The only action supported is ASK_BROKER which means query the requested |
346 // file as specified. | 344 // file as specified. |
347 if (ASK_BROKER != eval_result) { | 345 if (ASK_BROKER != eval_result) { |
348 *nt_status = STATUS_ACCESS_DENIED; | 346 *nt_status = STATUS_ACCESS_DENIED; |
349 return true; | 347 return true; |
350 } | 348 } |
351 | 349 |
352 NtQueryFullAttributesFileFunction NtQueryFullAttributesFile = NULL; | 350 NtQueryFullAttributesFileFunction NtQueryFullAttributesFile = NULL; |
353 ResolveNTFunctionPtr("NtQueryFullAttributesFile", &NtQueryFullAttributesFile); | 351 ResolveNTFunctionPtr("NtQueryFullAttributesFile", &NtQueryFullAttributesFile); |
354 | 352 |
355 UNICODE_STRING uni_name = {0}; | 353 UNICODE_STRING uni_name = {0}; |
356 OBJECT_ATTRIBUTES obj_attributes = {0}; | 354 OBJECT_ATTRIBUTES obj_attributes = {0}; |
357 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); | 355 SECURITY_QUALITY_OF_SERVICE security_qos = GetAnonymousQOS(); |
358 | 356 |
359 InitObjectAttribs(file, attributes, NULL, &obj_attributes, | 357 InitObjectAttribs(file, attributes, NULL, &obj_attributes, |
360 &uni_name, IsPipe(file) ? &security_qos : NULL); | 358 &uni_name, IsPipe(file) ? &security_qos : NULL); |
361 *nt_status = NtQueryFullAttributesFile(&obj_attributes, file_info); | 359 *nt_status = NtQueryFullAttributesFile(&obj_attributes, file_info); |
362 | 360 |
363 return true; | 361 return true; |
364 } | 362 } |
365 | 363 |
366 bool FileSystemPolicy::SetInformationFileAction(EvalResult eval_result, | 364 bool FileSystemPolicy::SetInformationFileAction( |
367 const ClientInfo& client_info, | 365 EvalResult eval_result, const ClientInfo& client_info, |
368 HANDLE target_file_handle, | 366 HANDLE target_file_handle, void* file_info, uint32 length, |
369 void* file_info, | 367 uint32 info_class, IO_STATUS_BLOCK* io_block, |
370 uint32_t length, | 368 NTSTATUS* nt_status) { |
371 uint32_t info_class, | |
372 IO_STATUS_BLOCK* io_block, | |
373 NTSTATUS* nt_status) { | |
374 // The only action supported is ASK_BROKER which means open the requested | 369 // The only action supported is ASK_BROKER which means open the requested |
375 // file as specified. | 370 // file as specified. |
376 if (ASK_BROKER != eval_result) { | 371 if (ASK_BROKER != eval_result) { |
377 *nt_status = STATUS_ACCESS_DENIED; | 372 *nt_status = STATUS_ACCESS_DENIED; |
378 return true; | 373 return true; |
379 } | 374 } |
380 | 375 |
381 NtSetInformationFileFunction NtSetInformationFile = NULL; | 376 NtSetInformationFileFunction NtSetInformationFile = NULL; |
382 ResolveNTFunctionPtr("NtSetInformationFile", &NtSetInformationFile); | 377 ResolveNTFunctionPtr("NtSetInformationFile", &NtSetInformationFile); |
383 | 378 |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
425 } else { | 420 } else { |
426 // Start of name matches NT prefix, replace with escaped format | 421 // Start of name matches NT prefix, replace with escaped format |
427 // Fixes bug: 334882 | 422 // Fixes bug: 334882 |
428 mod_name.replace(0, kNTPrefixLen, kNTPrefixEscaped); | 423 mod_name.replace(0, kNTPrefixLen, kNTPrefixEscaped); |
429 } | 424 } |
430 | 425 |
431 return mod_name; | 426 return mod_name; |
432 } | 427 } |
433 | 428 |
434 } // namespace sandbox | 429 } // namespace sandbox |
OLD | NEW |