OLD | NEW |
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <stdint.h> | |
6 | |
7 #include <string> | 5 #include <string> |
8 | 6 |
9 #include "sandbox/win/src/registry_policy.h" | 7 #include "sandbox/win/src/registry_policy.h" |
10 | 8 |
11 #include "base/logging.h" | 9 #include "base/logging.h" |
12 #include "sandbox/win/src/ipc_tags.h" | 10 #include "sandbox/win/src/ipc_tags.h" |
13 #include "sandbox/win/src/policy_engine_opcodes.h" | 11 #include "sandbox/win/src/policy_engine_opcodes.h" |
14 #include "sandbox/win/src/policy_params.h" | 12 #include "sandbox/win/src/policy_params.h" |
| 13 #include "sandbox/win/src/sandbox_utils.h" |
15 #include "sandbox/win/src/sandbox_types.h" | 14 #include "sandbox/win/src/sandbox_types.h" |
16 #include "sandbox/win/src/sandbox_utils.h" | |
17 #include "sandbox/win/src/win_utils.h" | 15 #include "sandbox/win/src/win_utils.h" |
18 | 16 |
19 namespace { | 17 namespace { |
20 | 18 |
21 static const uint32_t kAllowedRegFlags = | 19 static const uint32 kAllowedRegFlags = |
22 KEY_QUERY_VALUE | KEY_ENUMERATE_SUB_KEYS | KEY_NOTIFY | KEY_READ | | 20 KEY_QUERY_VALUE | KEY_ENUMERATE_SUB_KEYS | KEY_NOTIFY | KEY_READ | |
23 GENERIC_READ | GENERIC_EXECUTE | READ_CONTROL; | 21 GENERIC_READ | GENERIC_EXECUTE | READ_CONTROL; |
24 | 22 |
25 // Opens the key referenced by |obj_attributes| with |access| and | 23 // Opens the key referenced by |obj_attributes| with |access| and |
26 // checks what permission was given. Remove the WRITE flags and update | 24 // checks what permission was given. Remove the WRITE flags and update |
27 // |access| with the new value. | 25 // |access| with the new value. |
28 NTSTATUS TranslateMaximumAllowed(OBJECT_ATTRIBUTES* obj_attributes, | 26 NTSTATUS TranslateMaximumAllowed(OBJECT_ATTRIBUTES* obj_attributes, |
29 DWORD* access) { | 27 DWORD* access) { |
30 NtOpenKeyFunction NtOpenKey = NULL; | 28 NtOpenKeyFunction NtOpenKey = NULL; |
31 ResolveNTFunctionPtr("NtOpenKey", &NtOpenKey); | 29 ResolveNTFunctionPtr("NtOpenKey", &NtOpenKey); |
(...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
132 EvalResult result = ASK_BROKER; | 130 EvalResult result = ASK_BROKER; |
133 | 131 |
134 PolicyRule open(result); | 132 PolicyRule open(result); |
135 PolicyRule create(result); | 133 PolicyRule create(result); |
136 | 134 |
137 switch (semantics) { | 135 switch (semantics) { |
138 case TargetPolicy::REG_ALLOW_READONLY: { | 136 case TargetPolicy::REG_ALLOW_READONLY: { |
139 // We consider all flags that are not known to be readonly as potentially | 137 // We consider all flags that are not known to be readonly as potentially |
140 // used for write. Here we also support MAXIMUM_ALLOWED, but we are going | 138 // used for write. Here we also support MAXIMUM_ALLOWED, but we are going |
141 // to expand it to read-only before the call. | 139 // to expand it to read-only before the call. |
142 uint32_t restricted_flags = ~(kAllowedRegFlags | MAXIMUM_ALLOWED); | 140 uint32 restricted_flags = ~(kAllowedRegFlags | MAXIMUM_ALLOWED); |
143 open.AddNumberMatch(IF_NOT, OpenKey::ACCESS, restricted_flags, AND); | 141 open.AddNumberMatch(IF_NOT, OpenKey::ACCESS, restricted_flags, AND); |
144 create.AddNumberMatch(IF_NOT, OpenKey::ACCESS, restricted_flags, AND); | 142 create.AddNumberMatch(IF_NOT, OpenKey::ACCESS, restricted_flags, AND); |
145 break; | 143 break; |
146 } | 144 } |
147 case TargetPolicy::REG_ALLOW_ANY: { | 145 case TargetPolicy::REG_ALLOW_ANY: { |
148 break; | 146 break; |
149 } | 147 } |
150 default: { | 148 default: { |
151 NOTREACHED(); | 149 NOTREACHED(); |
152 return false; | 150 return false; |
153 } | 151 } |
154 } | 152 } |
155 | 153 |
156 if (!create.AddStringMatch(IF, OpenKey::NAME, name, CASE_INSENSITIVE) || | 154 if (!create.AddStringMatch(IF, OpenKey::NAME, name, CASE_INSENSITIVE) || |
157 !policy->AddRule(IPC_NTCREATEKEY_TAG, &create)) { | 155 !policy->AddRule(IPC_NTCREATEKEY_TAG, &create)) { |
158 return false; | 156 return false; |
159 } | 157 } |
160 | 158 |
161 if (!open.AddStringMatch(IF, OpenKey::NAME, name, CASE_INSENSITIVE) || | 159 if (!open.AddStringMatch(IF, OpenKey::NAME, name, CASE_INSENSITIVE) || |
162 !policy->AddRule(IPC_NTOPENKEY_TAG, &open)) { | 160 !policy->AddRule(IPC_NTOPENKEY_TAG, &open)) { |
163 return false; | 161 return false; |
164 } | 162 } |
165 | 163 |
166 return true; | 164 return true; |
167 } | 165 } |
168 | 166 |
169 bool RegistryPolicy::CreateKeyAction(EvalResult eval_result, | 167 bool RegistryPolicy::CreateKeyAction(EvalResult eval_result, |
170 const ClientInfo& client_info, | 168 const ClientInfo& client_info, |
171 const base::string16& key, | 169 const base::string16 &key, |
172 uint32_t attributes, | 170 uint32 attributes, |
173 HANDLE root_directory, | 171 HANDLE root_directory, |
174 uint32_t desired_access, | 172 uint32 desired_access, |
175 uint32_t title_index, | 173 uint32 title_index, |
176 uint32_t create_options, | 174 uint32 create_options, |
177 HANDLE* handle, | 175 HANDLE* handle, |
178 NTSTATUS* nt_status, | 176 NTSTATUS* nt_status, |
179 ULONG* disposition) { | 177 ULONG* disposition) { |
180 // The only action supported is ASK_BROKER which means create the requested | 178 // The only action supported is ASK_BROKER which means create the requested |
181 // file as specified. | 179 // file as specified. |
182 if (ASK_BROKER != eval_result) { | 180 if (ASK_BROKER != eval_result) { |
183 *nt_status = STATUS_ACCESS_DENIED; | 181 *nt_status = STATUS_ACCESS_DENIED; |
184 return false; | 182 return false; |
185 } | 183 } |
186 | 184 |
187 // We don't support creating link keys, volatile keys or backup/restore. | 185 // We don't support creating link keys, volatile keys or backup/restore. |
188 if (create_options) { | 186 if (create_options) { |
189 *nt_status = STATUS_ACCESS_DENIED; | 187 *nt_status = STATUS_ACCESS_DENIED; |
190 return false; | 188 return false; |
191 } | 189 } |
192 | 190 |
193 UNICODE_STRING uni_name = {0}; | 191 UNICODE_STRING uni_name = {0}; |
194 OBJECT_ATTRIBUTES obj_attributes = {0}; | 192 OBJECT_ATTRIBUTES obj_attributes = {0}; |
195 InitObjectAttribs(key, attributes, root_directory, &obj_attributes, | 193 InitObjectAttribs(key, attributes, root_directory, &obj_attributes, |
196 &uni_name, NULL); | 194 &uni_name, NULL); |
197 *nt_status = NtCreateKeyInTarget(handle, desired_access, &obj_attributes, | 195 *nt_status = NtCreateKeyInTarget(handle, desired_access, &obj_attributes, |
198 title_index, NULL, create_options, | 196 title_index, NULL, create_options, |
199 disposition, client_info.process); | 197 disposition, client_info.process); |
200 return true; | 198 return true; |
201 } | 199 } |
202 | 200 |
203 bool RegistryPolicy::OpenKeyAction(EvalResult eval_result, | 201 bool RegistryPolicy::OpenKeyAction(EvalResult eval_result, |
204 const ClientInfo& client_info, | 202 const ClientInfo& client_info, |
205 const base::string16& key, | 203 const base::string16 &key, |
206 uint32_t attributes, | 204 uint32 attributes, |
207 HANDLE root_directory, | 205 HANDLE root_directory, |
208 uint32_t desired_access, | 206 uint32 desired_access, |
209 HANDLE* handle, | 207 HANDLE* handle, |
210 NTSTATUS* nt_status) { | 208 NTSTATUS* nt_status) { |
211 // The only action supported is ASK_BROKER which means open the requested | 209 // The only action supported is ASK_BROKER which means open the requested |
212 // file as specified. | 210 // file as specified. |
213 if (ASK_BROKER != eval_result) { | 211 if (ASK_BROKER != eval_result) { |
214 *nt_status = STATUS_ACCESS_DENIED; | 212 *nt_status = STATUS_ACCESS_DENIED; |
215 return true; | 213 return true; |
216 } | 214 } |
217 | 215 |
218 UNICODE_STRING uni_name = {0}; | 216 UNICODE_STRING uni_name = {0}; |
219 OBJECT_ATTRIBUTES obj_attributes = {0}; | 217 OBJECT_ATTRIBUTES obj_attributes = {0}; |
220 InitObjectAttribs(key, attributes, root_directory, &obj_attributes, | 218 InitObjectAttribs(key, attributes, root_directory, &obj_attributes, |
221 &uni_name, NULL); | 219 &uni_name, NULL); |
222 *nt_status = NtOpenKeyInTarget(handle, desired_access, &obj_attributes, | 220 *nt_status = NtOpenKeyInTarget(handle, desired_access, &obj_attributes, |
223 client_info.process); | 221 client_info.process); |
224 return true; | 222 return true; |
225 } | 223 } |
226 | 224 |
227 } // namespace sandbox | 225 } // namespace sandbox |
OLD | NEW |