OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "sandbox/win/src/process_thread_dispatcher.h" | 5 #include "sandbox/win/src/process_thread_dispatcher.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include "base/basictypes.h" |
8 #include <stdint.h> | |
9 | |
10 #include "base/logging.h" | 8 #include "base/logging.h" |
11 #include "sandbox/win/src/crosscall_client.h" | 9 #include "sandbox/win/src/crosscall_client.h" |
12 #include "sandbox/win/src/interception.h" | 10 #include "sandbox/win/src/interception.h" |
13 #include "sandbox/win/src/interceptors.h" | 11 #include "sandbox/win/src/interceptors.h" |
14 #include "sandbox/win/src/ipc_tags.h" | 12 #include "sandbox/win/src/ipc_tags.h" |
15 #include "sandbox/win/src/policy_broker.h" | 13 #include "sandbox/win/src/policy_broker.h" |
16 #include "sandbox/win/src/policy_params.h" | 14 #include "sandbox/win/src/policy_params.h" |
17 #include "sandbox/win/src/process_thread_interception.h" | 15 #include "sandbox/win/src/process_thread_interception.h" |
18 #include "sandbox/win/src/process_thread_policy.h" | 16 #include "sandbox/win/src/process_thread_policy.h" |
19 #include "sandbox/win/src/sandbox.h" | 17 #include "sandbox/win/src/sandbox.h" |
(...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
147 CREATE_PROCESSW_ID, 44) && | 145 CREATE_PROCESSW_ID, 44) && |
148 INTERCEPT_EAT(manager, L"kernel32.dll", CreateProcessA, | 146 INTERCEPT_EAT(manager, L"kernel32.dll", CreateProcessA, |
149 CREATE_PROCESSA_ID, 44); | 147 CREATE_PROCESSA_ID, 44); |
150 | 148 |
151 default: | 149 default: |
152 return false; | 150 return false; |
153 } | 151 } |
154 } | 152 } |
155 | 153 |
156 bool ThreadProcessDispatcher::NtOpenThread(IPCInfo* ipc, | 154 bool ThreadProcessDispatcher::NtOpenThread(IPCInfo* ipc, |
157 uint32_t desired_access, | 155 uint32 desired_access, |
158 uint32_t thread_id) { | 156 uint32 thread_id) { |
159 HANDLE handle; | 157 HANDLE handle; |
160 NTSTATUS ret = ProcessPolicy::OpenThreadAction(*ipc->client_info, | 158 NTSTATUS ret = ProcessPolicy::OpenThreadAction(*ipc->client_info, |
161 desired_access, thread_id, | 159 desired_access, thread_id, |
162 &handle); | 160 &handle); |
163 ipc->return_info.nt_status = ret; | 161 ipc->return_info.nt_status = ret; |
164 ipc->return_info.handle = handle; | 162 ipc->return_info.handle = handle; |
165 return true; | 163 return true; |
166 } | 164 } |
167 | 165 |
168 bool ThreadProcessDispatcher::NtOpenProcess(IPCInfo* ipc, | 166 bool ThreadProcessDispatcher::NtOpenProcess(IPCInfo* ipc, |
169 uint32_t desired_access, | 167 uint32 desired_access, |
170 uint32_t process_id) { | 168 uint32 process_id) { |
171 HANDLE handle; | 169 HANDLE handle; |
172 NTSTATUS ret = ProcessPolicy::OpenProcessAction(*ipc->client_info, | 170 NTSTATUS ret = ProcessPolicy::OpenProcessAction(*ipc->client_info, |
173 desired_access, process_id, | 171 desired_access, process_id, |
174 &handle); | 172 &handle); |
175 ipc->return_info.nt_status = ret; | 173 ipc->return_info.nt_status = ret; |
176 ipc->return_info.handle = handle; | 174 ipc->return_info.handle = handle; |
177 return true; | 175 return true; |
178 } | 176 } |
179 | 177 |
180 bool ThreadProcessDispatcher::NtOpenProcessToken(IPCInfo* ipc, | 178 bool ThreadProcessDispatcher::NtOpenProcessToken(IPCInfo* ipc, |
181 HANDLE process, | 179 HANDLE process, |
182 uint32_t desired_access) { | 180 uint32 desired_access) { |
183 HANDLE handle; | 181 HANDLE handle; |
184 NTSTATUS ret = ProcessPolicy::OpenProcessTokenAction(*ipc->client_info, | 182 NTSTATUS ret = ProcessPolicy::OpenProcessTokenAction(*ipc->client_info, |
185 process, desired_access, | 183 process, desired_access, |
186 &handle); | 184 &handle); |
187 ipc->return_info.nt_status = ret; | 185 ipc->return_info.nt_status = ret; |
188 ipc->return_info.handle = handle; | 186 ipc->return_info.handle = handle; |
189 return true; | 187 return true; |
190 } | 188 } |
191 | 189 |
192 bool ThreadProcessDispatcher::NtOpenProcessTokenEx(IPCInfo* ipc, | 190 bool ThreadProcessDispatcher::NtOpenProcessTokenEx(IPCInfo* ipc, |
193 HANDLE process, | 191 HANDLE process, |
194 uint32_t desired_access, | 192 uint32 desired_access, |
195 uint32_t attributes) { | 193 uint32 attributes) { |
196 HANDLE handle; | 194 HANDLE handle; |
197 NTSTATUS ret = ProcessPolicy::OpenProcessTokenExAction(*ipc->client_info, | 195 NTSTATUS ret = ProcessPolicy::OpenProcessTokenExAction(*ipc->client_info, |
198 process, | 196 process, |
199 desired_access, | 197 desired_access, |
200 attributes, &handle); | 198 attributes, &handle); |
201 ipc->return_info.nt_status = ret; | 199 ipc->return_info.nt_status = ret; |
202 ipc->return_info.handle = handle; | 200 ipc->return_info.handle = handle; |
203 return true; | 201 return true; |
204 } | 202 } |
205 | 203 |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
238 // If our logic was wrong, at least we wont allow create a random process. | 236 // If our logic was wrong, at least we wont allow create a random process. |
239 DWORD ret = ProcessPolicy::CreateProcessWAction(eval, *ipc->client_info, | 237 DWORD ret = ProcessPolicy::CreateProcessWAction(eval, *ipc->client_info, |
240 exe_name, *cmd_line, | 238 exe_name, *cmd_line, |
241 proc_info); | 239 proc_info); |
242 | 240 |
243 ipc->return_info.win32_result = ret; | 241 ipc->return_info.win32_result = ret; |
244 return true; | 242 return true; |
245 } | 243 } |
246 | 244 |
247 } // namespace sandbox | 245 } // namespace sandbox |
OLD | NEW |